The Best Damn Windows Server 2003 Book Period

The Best Damn Windows Server 2003 Book Period

1st Edition - June 18, 2004

Write a review

  • Authors: Debra Littlejohn Shinder, Thomas W Shinder
  • eBook ISBN: 9780080476070

Purchase options

Purchase options
DRM-free (PDF)
Sales tax will be calculated at check-out

Institutional Subscription

Free Global Shipping
No minimum order


In keeping with past trends, full migration to this latest Microsoft Server Operating System will begin in earnest 12 months after its release, in mid-to-late 2004. This book will hit the market just as large enterprises begin the process of moving from Windows 2000 Server to Windows Server 2003. The title says everything you need to know about this book. No other book on the market combines this breadth and depth of coverage with the kind of product expertise and quality standard expected from Syngress. Every aspect of Planning, Installing, Configuring and Troubleshooting a Windows Server 2003 network is distilled and documented, with plenty of examples and illustrations. An unlike its competition, this is a book that was written from the ground up for Windows Server 2003.

Key Features

* Everything a System Administrator will ever need to know about running a Windows Server 2003 network.

* This is the book that meets the needs of today's Windows Server 2003 professional.

* Every aspect of Planning, Installing, Configuring and Troubleshooting a Windows Server 2003 network is distilled and documented, with plenty of examples and illustrations.


Systems engineers Technical support engineers Systems analysts Network analysts Technical consultants

Table of Contents

  • Foreword

    Chapter 1 Overview of Windows Server 2003


    Windows XP/Server 2003

    What’s New in Windows Server 2003?

    New Features

    The Windows Server 2003 Family

    Why Four Different Editions?

    Members of the Family

    Licensing Issues

    Product Activation

    Installation and Upgrade Issues

    Common Installation Issues

    Common Upgrade Issues

    Windows Server 2003 Planning Tools and Documentation

    Overview of Network Infrastructure Planning

    Planning Strategies

    Using Planning Tools

    Reviewing Legal and Regulatory Considerations

    Calculating TCO

    Developing a Windows Server 2003 Test Network Environment

    Planning the Test Network

    Documenting the Planning and Network Design Process

    Creating the Planning and Design Document

    Chapter 2 Using Server Management Tools


    Recognizing Types of Management Tools

    Administrative Tools Menu

    Custom MMC Snap-Ins

    Command-Line Utilities


    Windows Resource Kit

    The Run As command

    Managing Your Server Remotely

    Remote Assistance

    Using Web Interface for Remote Administration

    Remote Desktop for Administration

    Administration Tools Pack (adminpak.msi)

    Windows Management Instrumentation (WMI)

    Using Computer Management to Manage a Remote Computer

    Which Tool To Use?

    Using Emergency Management Services

    Managing Printers and Print Queues

    Using the Graphical Interface

    Using New Command-Line Tools

    The Printer Spooler Service

    The Internet Printing Protocol

    Using the Graphical Interface

    Using New Command-Line Utilities

    Using Wizards to Configure and Manage Your Server

    Using the Configure Your Server Wizard and Manage Your Server

    Chapter 3 Planning Server Roles and Server Security


    Understanding Server Roles

    Domain Controllers (Authentication Servers)

    File and Print Servers

    DHCP, DNS, and WINS Servers

    Web Servers

    Database Servers

    Mail Servers

    Certificate Authorities

    Application Servers and Terminal Servers

    Planning a Server Security Strategy

    Choosing the Operating System

    Identifying Minimum Security Requirements for Your Organization

    Identifying Configurations to Satisfy Security Requirements

    Planning Baseline Security

    Customizing Server Security

    Securing Servers According to Server Roles

    Chapter 4 Security Templates and Software Updates


    Security Templates

    Types of Security Templates

    Network Security Settings

    Analyzing Baseline Security

    Applying Security Templates

    Software Updates

    Install and Configure Software Update Infrastructure

    Install and Configure Automatic Client Update Settings

    Supporting Legacy Clients

    Testing Software Updates

    Chapter 5 Managing Physical and Logical Disks


    Working with Microsoft Disk Technologies

    Using Disk Management Tools

    Using the Disk Management MMC

    Using the Command-Line Utilities

    Managing Physical and Logical Disks

    Managing Basic Disks

    Managing Dynamic Disks

    Optimizing Disk Performance

    Defragmenting Volumes and Partitions

    Configuring and Monitoring Disk Quotas

    Implementing RAID Solutions

    Understanding and Using Remote Storage

    What is Remote Storage?

    Storage Levels

    Relationship of Remote Storage and Removable Storage

    Setting Up Remote Storage

    Troubleshooting Disks and Volumes

    Troubleshooting Basic Disks

    Troubleshooting Dynamic Volumes

    Troubleshooting Fragmentation Problems

    Troubleshooting Disk Quotas

    Troubleshooting Remote Storage

    Troubleshooting RAID

    Chapter 6 Implementing Windows Cluster Services and Network Load Balancing


    Making Server Clustering Part of Your High-Availability Plan

    Terminology and Concepts

    Cluster Models

    Server Cluster Deployment Options

    Server Cluster Administration

    Recovering from Cluster Node Failure

    Server Clustering Best Practices

    Making Network Load Balancing Part of Your High-Availability Plan

    Terminology and Concepts

    Relationship of NLB to Clustering

    Managing NLB Clusters

    Monitoring NLB

    NLB Best Practices

    Chapter 7 Planning, Implementing, and Maintaining a High-Availability Strategy


    Understanding Performance Bottlenecks

    Identifying System Bottlenecks

    Using the System Monitor Tool to Monitor Servers

    Using Event Viewer to Monitor Servers

    Using Service Logs to Monitor Servers

    Planning a Backup and Recovery Strategy

    Understanding Windows Backup

    Using Backup Tools

    Selecting Backup Media

    Scheduling Backups

    Restoring from Backup

    Planning System Recovery with ASR

    What Is ASR?

    How ASR Works

    Alternatives to ASR

    Using the ASR Wizard

    Performing an ASR Restore

    Planning for Fault Tolerance

    Network Fault-Tolerance Solutions

    Internet Fault-Tolerance Solutions

    Disk Fault-Tolerance Solutions

    Server Fault-Tolerance Solutions

    Chapter 8 Monitoring and Troubleshooting Network Activity


    Using Network Monitor

    Installing Network Monitor

    Basic Configuration

    Network Monitor Default Settings

    Configuring Monitoring Filters

    Configuring Display Filters

    Interpreting a Trace

    Monitoring and Troubleshooting Internet Connectivity

    NAT Logging

    Name Resolution

    IP Addressing

    Monitoring IPSec Connections

    IPSec Monitor Console

    Network Monitor




    Event Viewer

    Chapter 9 Active Directory Infrastructure Overview


    Introducing Directory Services

    Terminology and Concepts

    Understanding How Active Directory Works

    Directory Structure Overview



    Domain Trees


    Organizational Units

    Active Directory Components

    Logical vs. Physical Components

    Using Active Directory Administrative Tools

    Graphical Administrative Tools/MMCs

    Command-Line Tools

    Implementing Active Directory Security and Access Control

    Access Control in Active Directory

    Active Directory Authentication

    Standards and Protocols

    What’s New in Windows Server 2003 Active Directory?

    New Features Available Only with Windows Server 2003 Domain/Forest Functionality

    Chapter 10 Working with User, Group, and Computer Accounts


    Understanding Active Directory Security Principal Accounts

    Security Principals and Security Identifiers

    Naming Conventions and Limitations

    Working with Active Directory User Accounts

    Built-In Domain User Accounts


    Creating User Accounts

    Managing User Accounts

    Working with Active Directory Group Accounts

    Group Types

    Group Scopes in Active Directory

    Built-In Group Accounts

    Creating Group Accounts

    Managing Group Accounts

    Working with Active Directory Computer Accounts

    Creating Computer Accounts

    Managing Computer Accounts

    Managing Multiple Accounts

    Implementing User Principal Name Suffixes

    Moving Account Objects in Active Directory

    Troubleshooting Problems with Accounts

    Chapter 11 Creating User and Group Strategies


    Creating a Password Policy for Domain Users

    Creating an Extensive Defense Model

    Defining a Password Policy

    Creating User Authentication Strategies

    Need for Authentication

    Single Sign-On

    Authentication Types


    Secure Sockets Layer/Transport Layer Security

    NT LAN Manager

    Digest Authentication

    Passport Authentication

    Educating Users

    Smart Card Authentication

    Planning a Security Group Strategy

    Security Group Best Practices

    Chapter 12 Working with Forests and Domains


    Understanding Forest and Domain Functionality

    The Role of the Forest

    Domain Trees

    Forest and Domain Functional Levels

    Raising the Functional Level of a Domain and Forest

    Creating the Forest and Domain Structure

    Deciding When to Create a New DC

    Installing Domain Controllers

    Establishing Trust Relationships

    Restructuring the Forest and Renaming Domains

    Implementing DNS in the Active Directory Network Environment

    DNS and Active Directory Namespaces

    DNS Zones and Active Directory Integration

    Configuring DNS Servers for Use with Active Directory

    Securing Your DNS Deployment

    Chapter 13 Working with Trusts and Organizational Units


    Working with Active Directory Trusts

    Types of Trust Relationships

    Creating,Verifying, and Removing Trusts

    Securing Trusts Using SID Filtering

    Understanding the Role of Container Objects

    Creating and Managing Organizational Units

    Planning an OU Structure and Strategy for Your Organization

    Delegation Requirements

    Security Group Hierarchy

    Chapter 14 Working with Active Directory Sites


    Understanding the Role of Sites



    Distribution of Services Information

    Relationship of Sites to Other Active Directory Components

    Relationship of Sites and Domains

    The Relationship of Sites and Subnets

    Creating Sites and Site Links

    Site Planning

    Site Replication

    Planning, Creating, and Managing the Replication Topology

    Configuring Replication between Sites

    Troubleshooting Replication Failure

    Chapter 15 Working with Domain Controllers


    Planning and Deploying Domain Controllers

    Understanding Server Roles

    Function of Domain Controllers

    Determining the Number of Domain Controllers

    Using the Active Directory Installation Wizard

    Creating Additional Domain Controllers

    Upgrading Domain Controllers to Windows Server 2003

    Placing Domain Controllers within Sites

    Backing Up Domain Controllers

    Restoring Domain Controllers

    Managing Operations Masters

    Chapter 16 Working with Global Catalog Servers and Schema


    Working with the Global Catalog and GC Servers

    Functions of the GC

    Customizing the GC Using the Schema MMC Snap-In

    Creating and Managing GC Servers

    Understanding GC Replication

    Placing GC Servers within Sites

    Troubleshooting GC Issues

    Working with the Active Directory Schema

    Understanding Schema Components

    Working with the Schema MMC Snap-In

    Modifying and Extending the Schema

    Deactivating Schema Classes and Attributes

    Troubleshooting Schema Issues

    Chapter 17 Working with Group Policy in an Active Directory Environment


    Understanding Group Policy

    Terminology and Concepts

    Group Policy Integration in Active Directory

    Group Policy Propagation and Replication

    Planning a Group Policy Strategy

    Using RSoP Planning Mode

    Strategy for Configuring the User Environment

    Strategy for Configuring the Computer Environment

    Implementing Group Policy

    The Group Policy Object Editor MMC

    Creating, Configuring, and Managing GPOs

    Configuring Application of Group Policy

    Delegating Administrative Control

    Verifying Group Policy

    Performing Group Policy Administrative Tasks

    Automatically Enrolling User and Computer Certificates

    Redirecting Folders

    Configuring User and Computer Security Settings

    Using Software Restriction Policies

    Applying Group Policy Best Practices

    Troubleshooting Group Policy

    Using RSoP

    Using gpresult.exe

    Chapter 18 Deploying Software via Group Policy


    Understanding Group Policy Software Installation Terminology and Concepts

    Group Policy Software Installation Concepts

    Group Policy Software Installation Components

    Using Group Policy Software Installation to Deploy Applications

    Preparing for Group Policy Software Installation

    Using .zap Setup Files

    Working with the GPO Editor

    Opening or Creating a GPO for Software Deployment

    Assigning and Publishing Applications

    Configuring Software Installation Properties

    Upgrading Applications

    Removing Managed Applications

    Managing Application Properties

    Categorizing Applications

    Adding and Removing Modifications for Application Packages

    Troubleshooting Software Deployment

    Verbose Logging

    Software Installation Diagnostics Tool

    Chapter 19 Ensuring Active Directory Availability


    Understanding Active Directory Availability Issues

    The Active Directory Database

    Data Modification to the Active Directory Database

    The Tombstone and Garbage Collection Processes

    System State Data

    Fault Tolerance and Performance

    Performing Active Directory Maintenance Tasks

    Defragmenting the Database

    Moving the Database or Log Files

    Monitoring the Database

    Backing Up and Restoring Active Directory

    Backing Up Active Directory

    Restoring Active Directory

    Troubleshooting Active Directory Availability

    Setting Logging Levels for Additional Detail

    Using Ntdsutil Command Options

    Changing the Directory Services Restore Mode Password

    Chapter 20 Planning, Implementing, and Maintaining a Name Resolution Strategy


    Planning for Host Name Resolution

    Designing a DNS Namespace

    Planning DNS Server Deployment

    Planning for Zone Replication

    Planning for Forwarding

    DNS/DHCP Interaction

    Windows Server 2003 DNS Interoperability

    DNS Security Issues

    Monitoring DNS Servers

    Planning for NetBIOS Name Resolution

    Understanding NETBIOS Naming

    Planning WINS Server Deployment

    Planning for WINS Replication

    WINS Issues

    Troubleshooting Name Resolution Issues

    Troubleshooting Host Name Resolution

    Troubleshooting NetBIOS Name Resolution

    Chapter 21 Planning, Implementing, and Maintaining the TCP/IP Infrastructure


    Understanding Windows 2003 Server Network Protocols

    What’s New in TCP/IP for Windows Server 2003

    Planning an IP Addressing Strategy

    Analyzing Addressing Requirements

    Creating a Subnetting Scheme

    Troubleshooting IP Addressing

    Transitioning to IPv6

    Planning the Network Topology

    Analyzing Hardware Requirements

    Planning the Placement of Physical Resources

    Planning Network Traffic Management

    Monitoring Network Traffic and Network Devices

    Determining Bandwidth Requirements

    Optimizing Network Performance

    Chapter 22 Planning, Implementing, and Maintaining a Routing Strategy


    Understanding IP Routing Basics

    Evaluating Routing Options

    Windows Server 2003 As a Router

    Security Considerations for Routing

    Analyzing Requirements for Routing Component

    Simplifying Network Topology to Provide Fewer Attack Points

    Router-to-Router VPNs

    Packet Filtering and Firewalls

    Logging Level

    Troubleshooting IP Routing

    Identifying Troubleshooting Tools

    Common Routing Problems

    Chapter 23 Planning, Implementing, and Maintaining Internet Protocol Security


    Understanding IP Security (IPSec)

    How IPSec Works

    IPSec Modes

    IPSec Protocols

    IPSec Components

    IPSec and IPv6

    Deploying IPSec

    Determining Organizational Needs

    Security Levels

    Managing IPSec

    Using the IP Security Policy Management MMC Snap-in

    Using the netsh Command-line Utility

    Default IPSec Policies

    Custom Policies

    Assigning and Applying Policies in Group Policy

    Active Directory Based IPSec Policies

    IPSec Monitoring

    Troubleshooting IPSec

    Addressing IPSec Security Considerations

    Strong Encryption Algorithm (3DES)

    Firewall Packet Filtering

    Diffie-Hellman Groups

    Pre-shared Keys

    Soft Associations

    Security and RSoP

    Chapter 24 Planning, Implementing, and Maintaining a Public Key Infrastructure


    Planning a Windows Server 2003 Certificate-Based PKI

    Understanding Public Key Infrastructure

    Understanding Digital Certificates

    Understanding Certification Authorities

    Implementing Certification Authorities

    Analyzing Certificate Needs within the Organization

    Determining Appropriate CA Type(s)

    Planning Enrollment and Distribution of Certificates

    Certificate Templates

    Certificate Requests

    Auto-Enrollment Deployment

    Role-Based Administration

    Implementing Smart Card Authentication in the PKI

    How Smart Card Authentication Works

    Deploying Smart Card Logon

    Using Smart Cards To Log On to Windows

    Using Smart Cards for Remote Access VPNs

    Using Smart Cards To Log On to a Terminal Server

    Chapter 25 Planning, Implementing, Maintaining Routing and Remote Access


    Planning the Remote Access Strategy

    Analyzing Organizational Needs

    Analyzing User Needs

    Selecting Remote Access Types To Allow

    Addressing Dial-In Access Design Considerations

    Allocating IP Addresses

    Determining Incoming Port Needs

    Selecting an Administrative Model

    Configuring the Windows 2003 Dial-up RRAS Server

    Configuring RRAS Packet Filters

    Addressing VPN Design Considerations

    Selecting VPN Protocols

    Installing Machine Certificates

    Configuring Firewall Filters

    PPP Multilink and Bandwidth Allocation Protocol (BAP)

    PPP Multilink Protocol

    BAP Protocols

    Addressing Wireless Remote Access Design Considerations

    The 802.11 Wireless Standards

    Using IAS for Wireless Connections

    Configuring Remote Access Policies for Wireless Connections

    Multiple Wireless Access Points

    Placing CA on VLAN for New Wireless Clients

    Configuring WAPs as RADIUS Clients

    Planning Remote Access Security

    Domain Functional Level

    Selecting Authentication Methods

    Selecting the Data Encryption Level

    Using Callback Security

    Managed Connections

    Mandating Operating System/File System

    Using Smart Cards for Remote Access

    Configuring Wireless Security Protocols

    RRAS NAT Services

    ICMP Router Discovery

    Creating Remote Access Policies

    Policies and Profiles

    Authorizing Remote Access

    Restricting Remote Access

    Controlling Remote Connections

    Troubleshooting Remote Access Client Connections

    Troubleshooting Remote Access Server Connections

    Configuring Internet Authentication Services

    Chapter 26 Managing Web Servers with IIS 6.0


    Installing and Configuring IIS 6.0

    Pre-Installation Checklist

    Installation Methods

    Installation Best Practices

    What’s New in IIS 6.0?

    New Security Features

    New Reliability Features

    Other New Features

    Managing IIS 6.0

    Performing Common Management Tasks

    Managing IIS Security

    Troubleshooting IIS 6.0

    Troubleshooting Content Errors

    Troubleshooting Connection Errors

    Troubleshooting Other Errors

    Using New IIS Command-Line Utilities







    Chapter 27 Managing and Troubleshooting Terminal Services


    Understanding Windows Terminal Services

    Terminal Services Components

    Using Terminal Services Components for Remote Administration

    Using Remote Assistance

    Installing and Configuring the Terminal Server Role

    Using Terminal Services Client Tools

    Installing and Using the Remote Desktop Connection (RDC) Utility

    Installing and Using the Remote Desktops MMC Snap-In

    Installing and Using the Remote Desktop Web Connection Utility

    Using Terminal Services Administrative Tools

    Using the Terminal Services Configuration Tool

    User Account Extensions

    Using Group Policies to Control Terminal Services Users

    Using the Terminal Services Command-Line Tools

    Troubleshooting Terminal Services

    Not Automatically Logged On

    “This Initial Program Cannot Be Started”

    Clipboard Problems

    License Problems


Product details

  • No. of pages: 1000
  • Language: English
  • Copyright: © Syngress 2004
  • Published: June 18, 2004
  • Imprint: Syngress
  • eBook ISBN: 9780080476070

About the Authors

Debra Littlejohn Shinder

Debra Littlejohn Shinder is a technology consultant, trainer and writer who has authored a number of books on computer operating systems, networking, and client and server security over the last fourteen years. These include Scene of the Cybercrime: Computer Forensics Handbook, published by Syngress, and Computer Networking Essentials, published by Cisco Press. She is co-author, with her husband, Dr. Thomas Shinder, of the best-selling Configuring ISA Server 2000, Configuring ISA Server 2004, and ISA Server and Beyond.

Deb has been a tech editor, developmental editor and contributor on over 20 additional books on networking and security subjects, as well as study guides for Microsoft's MCSE exams, CompTIA's Security+ exam and TruSecure’s ICSA certification. She formerly edited the Element K Inside Windows Server Security journal. She authored a weekly column for TechRepublic’s Windows blog, called Microsoft Insights and a monthly column on Cybercrime, and is a regular contributor to their Security blog, Smart Phones blog and other TR blogs. She is the lead author on and, and her articles have appeared in print magazines such as Windows IT Pro (formerly Windows & .NET) Magazine. She has authored training material, corporate whitepapers, marketing material, webinars and product documentation for Microsoft Corporation, Intel, Hewlett-Packard, DigitalThink, GFI Software, Sunbelt Software, CNET and other technology companies.

Deb specializes in security issues, cybercrime/computer forensics and Microsoft server products; she has been awarded Microsoft’s Most Valuable Professional (MVP) status in Enterprise Security for eight years in a row. A former police officer and police academy instructor, she has taught many courses at Eastfield College in Mesquite, TX and sits on the board of the Criminal Justice Training Center there. She is a fourth generation Texan and lives and works in the Dallas-Fort Worth area.

Affiliations and Expertise

MCSE, Technology consultant, trainer, and writer

Thomas W Shinder

Dr. Tom Shinder is a 17 year veteran of the IT industry. Prior to entering IT, Dr. Tom graduated from the University of Illinois College of Medicine with a Doctor of Medicine and was a practicing neurologist with special interests in epilepsy and multiple sclerosis. Dr. Tom began his career in IT as a consultant, and has worked with many large companies, including Fina Oil, Microsoft, IBM, HP, Dell and many others. He started his writing career toward the end of the 1990s and has published over 30 books on Windows, Windows Networking, Windows Security and ISA Server/TMG, UAG and Microsoft DirectAccess. For over a decade, ISA Server and TMG were Tom’s passions, and he ran the popular web site, in addition to writing 8 books on ISA/TMG. Tom joined Microsoft in December of 2009 as a member of the UAG DirectAccess team and started the popular “Edge Man” blog that covered UAG DirectAccess. He is currently a Principal Knowledge Engineer in the Server and Cloud Division Information Experience Group Solution’s Team and his primary focus now is private cloud – with special interests in private cloud infrastructure and security.

Affiliations and Expertise

Member of Microsoft’s ISA Server Beta Team and Microsoft MVP for ISA Server, Dallas, TX, U.S.A.

Ratings and Reviews

Write a review

There are currently no reviews for "The Best Damn Windows Server 2003 Book Period"