Microsoft Windows NT Server 4.0 Exam 70-067 Study Outline

enginestagΔίκτυα και Επικοινωνίες

26 Οκτ 2013 (πριν από 4 χρόνια και 18 μέρες)

121 εμφανίσεις

C
ontent created and copy
right



1998
-
1999, by David L. Woodall
, all Rights Reserved

Microsoft Windows NT Server 4.0

Exam 70
-
067 Study Outline

Disk Drive Configurations:

RAID Level 0
-

Striping

2
-
32 Drives

Striping over multiple disks improves performance (Disk I/O) on reads and writes

No parity, CANNOT include Boot Partition

If any drive
fails, all access to Stripe Set is lost

To Recover from Failure: Replace Drive, Restore from Tape Backup

RAID Level 1
-

Mirroring and Duplexing

2 Disks, 1 or 2 Controllers

Reads are faster, Writes are typically slower

ONLY Fault Tolerant configuration that

CAN include Boot Partition

If one Drive fails, other continues to function without interruption


To Recover from Failure on Primary (Boot) Drive:

1.

Boot from NT Boot disk

2.

In Disk Administrator, Break the Mirror and Delete the failed partition

3.

Copy Boot.ini
from floppy disk to system partition

4.

Replace Failed Drive

5.

In Disk Administrator, Using the free space on the new drive, establish a new mirror set


To Recover from Failure on Secondary Drive:

1.

In Disk Administrator, Break the Mirror and Delete the failed pa
rtition

2.

Replace Failed Drive

3.

In Disk Administrator, Using the free space on the new drive, establish a new mirror set


RAID Level 5
-

Striping with Parity

3
-
32 Drives, MORE data capacity than Raid 1

Reads are MUCH faster, Writes are typically slower

CANNOT

include Boot Partition


To Recover from Failure of any Single Disk :

1.

Replace failed drive

2.

Use Disk Administrator to Regenerate the Stripe set using the free space on the new drive

Protocols

NT uses 3 Primary Protocols:

1.

TCP/IP

Routable
, Relatively High Ove
rhead

Slower than NWLink and NetBeui

Requires the most configuration

Configuration Parameters for TCP/IP

1. IP Address

2.

Subnet Mask
-

indicates which portion of IP address is used for Network address, and which is used to
identify the unique host

3.

Defaul
t Gateway
-

for routing outside the current Subnet

C
ontent created and copy
right



1998
-
1999, by David L. Woodall
, all Rights Reserved

4.

NWLink

Routable
, Slightly lower overhead than TCP/IP but does not offer all the features of TCP/IP (DHCP, WINS)

Faster than TCP/IP, but slower than NetBeui

Requires Frame Type configuration (802.2 in NW3.1
2 and higher, 802.3 in 3.11 and lower, SNAP in Mac)


Configuration Parameters for NWLink:

1.

Internal Network Number
-

Identifies a unique address that is used by NetWare. Use if ;

A.

You are running FPNW

B.

You are using an NT Server as an IPX Router

2. Frame T
ype


5.

NetBeui

Not Routable
, Lowest Overhead

Fastest and Efficient, Implements the NetBios Frame Transport Protocol

Requires NO CONFIGURATION

NT Server Roles

PDC
-

Primary Domain Controller

ONE per Domain, contains the only READ/WRITE copy of the SAM databas
e

Can become a BDC on promotion of a BDC, but requires re
-
installation to become a Member Server

CANNOT switch Domains without re
-
installation

BDC
-

Backup Domain Controller

None Required, but recommend one and one additional for each additional 2000 users
. Placement of the
BCD's

is a strategic decision that directly affects WAN traffic through Authentication and SAM Replication.

Can become a PDC, but requires re
-
installation to become a Member Server

CANNOT switch Domains without re
-
installation, because it

shares the SID of the PDC

Member Server

None Required, does not contain the SAM database

CANNOT become a PDC or BDC without re
-
installation

CAN switch Domains

Configuring NT Core Services

Directory Replicator

Used to maintain EXACT directory structures on

multiple computers

1.

WILL ONLY REPLICATE DIRECTORIES AND FILES IN
%SystemRoot%
\
Winnt
\
system32
\
REPL
\
EXPORT…WILL NOT REPLICATE OPEN FILES

2.

The Export Computer MUST BE an NT Server

3.

The Import Computer can be an NT Server or Workstation

4.

Both Computers must be ru
nning the Directory Replicator Service

5.

A USER ACCOUNT MUST BE CREATED IN THE NT DOMAIN TO ALLOW THE
DIRECTORY REPLICATOR SERVICE TO RUN. THE USER ACCOUNT MUST BE A
MEMBER OF THE REPLICATOR AND BACKUP OPERATORS GROUP

6.

Directory Replication is configured thro
ugh Server Manager on BOTH machines

NT Backup

Can be used to backup shared drives that the computer is connected to

Can be automated with the use of AT Commands from DOS Command Prompt

C
ontent created and copy
right



1998
-
1999, by David L. Woodall
, all Rights Reserved

NT Server Service

Accessed through Control Panel>Network>Services>Serve
r Service>Properties

Can Be Optimized For:

1.

Minimize Memory Used

-

If Server is used mainly as a workstation, and fewer than 10 connections

2.

Balance

-

If Server is used as a workstation AND a Server, supports 10
-
64 connections

3.

Maximize Throughput for File Sh
aring

-

If Server is a Domain Controller or File and Print Server

4.

Maximize for Network Applications

-

If Server is used as an APP Server

Other NT Services

Accessed through Control Panel>Services, or through Server Manager

ARC (Advanced RISC Computing) Nami
ng Convention

multi or scsi(0)disk(0)rdisk(0)partition(0) where:

1.

Multi(x)
-

used always EXCEPT when SCSI has BIOS DISABLED. (beginning at 0)

2.

Disk(x)
-

with Multi, will always be 0. With SCSI will be SCSI bus number (beginning at 0)

3.

Rdisk(x)
-

with SCSI wil
l always be 0. With Multi, will be the ordinal number of the disk Partition(x)

4.

Partition(x)
-

Ordinal number of the partition (beginning at 1)

Configuring Various Clients

NT Workstation

To add an NT Workstation to the Domain:

1.

Create a Computer Account thr
ough Server Manager

2.

At the Workstation, Control Panel>Network>Identification Tab, Specify the Domain the Workstation
should belong to

Win95

1.

Control Panel>Network>Configuration Tab, Add the CLIENT for Microsoft Networks

2.

Highlite the Client , Select Properti
es, Check LOGON to Windows NT Domain, and specify the Domain to
logon to

MS
-
DOS

By Default, do not have networking software. TO support them you can use the NETWORK CLIENT
ADMINISTRATOR to create an installation disk set for the NETWORK CLIENT v3.0 for MS
-
DOS and
WINDOWS CLIENTS

NT User Rights

Regular User Rights

User Right

Default Membership



Access This Computer from the Network

Everyone, Admins

Add Workstations to the Domain

Account Ops, Admins

Backup Files and Directories

Server Ops, Backup Ops, A
dmins

Change the System Time

Server Ops, Admins

Force Shutdown from a Remote System

Server Ops, Admins

Load and Unload Device Drivers

Admins

Log On Locally

Server, Backup, Account, Print Ops, Admins

Manage Auditing and Security Log

Admins

Restore Fil
es and Directories

Server Ops, Backup Ops, Admins

Shut Down the System

Server, Backup, Account, Print Ops, Admins

Take Ownership of Files or Other Objects

Admins

C
ontent created and copy
right



1998
-
1999, by David L. Woodall
, all Rights Reserved

Profiles and System Policies

Local User Profiles

When User Logs On for first time, a profil
e is created on the LOCAL computer in
\
WINNT
\
PROFILES
\
%Username%

Roaming User Profiles

1.

Create a network share in a folder on the Domain Controller that contains the User Profile

2.

In the User Environment Profile dialog box (in User Manager), specify the UNC
path to the directory that
contains the roaming profile

Mandatory User Profiles

Rename NTUSER.DAT, TO NTUSER.MAN. If the PDC is down, the User will not be able to Log On.

System Policies

Named Config.pol

Used to configure the User's environment. Configured

through SYSTEM POLICY EDITOR, which actually
edits The Registry.

Can be Applied to Users, Groups, or Computers.

Should Reside in
\
WINNT
\
SYSTEM32
\
REPL
\
IMPORT, which is the NETLOGON share.

Remote Administration

Win95

A win95 computer with NT Administrative

Tools installed can access:

1.

User Manager for Domains

2.

Server Manager

3.

Event Viewer

NT Workstation

An NT Workstation with Administrative Tools installed can access:

1.

User Manager for Domains

2.

Server Manager

3.

Event Viewer

4.

DHCP Manager

5.

WINS Manager

6.

System Policy
Editor

7.

Services for Macintosh Editor

8.

Remote Access Administrator

9.

Remoteboot Manager

Server Manager

Allows:

1.

Manage a Computer's Properties Remotely

2.

Mange Shares on a Remote Computer

3.

Manage Services on a Remote Computer

Allows you to see:

1.

Services Running

2.

Us
ers Attached to the Computer

3.

Resources Being Accessed

4.

Configuration of Directory Replication

C
ontent created and copy
right



1998
-
1999, by David L. Woodall
, all Rights Reserved

Connectivity

Gateway Services for NetWare

1.

Only Installed on NT Servers

2.

Allows clients attached to the NT Server to access NetWare file and print resources

3.

Only use
s one NetWare user connection

4.

Slower than CSNW, All users have same permissions

5.

Requires Creation of the NetWare Group NTGATEWAY, and addition of Gateway User account to
that Group

Client Services for NetWare

1.

Installed only on NT Workstations

2.

Requires a Us
er Account and license on the NW Server

File and Print Services for NetWare

1.

Installed on NT Servers

2.

Allows NT Server to emulate an NW Server so that NW users can access NT file and print resources

Migration Tool for NetWare

Items that can be Migrated:

1.

User

Accounts

2.

Group Accounts

3.

Specified Files and Directories

4.

NetWare permissions on files and directories (MUST be migrating to an NTFS partition)


Items that CANNOT be Migrated:

1.

User Passwords

2.

Login Scripts

3.

Print Queues and Print Servers

4.

User Account Manager
and Workgroup Manager specification

Prerequisites to Using the Migration Tool for NetWare

1.

You must be logged in with Administrative rights on BOTH machines

2.

You must be migrating to an NT Domain Controller if you are migrating User and Group Information

3.

NW
Link must be installed

4.

The NT Server must have GSNW installed

The Mapping File

Used to specify how Users, Groups, and Passwords will be used on the NT Server. It is the most intensive
migration option, but provides the best continuity of password security
during the migration.

Duplicate Group and Password Options

1.

Log Error

2.

Ignore

3.

Overwrite with New Info

4.

Add Prefix


C
ontent created and copy
right



1998
-
1999, by David L. Woodall
, all Rights Reserved



RAS

Supports:

1.

PSTN
-

through analog modems

2.

ISDN
-

through ISDN adapters

3.

X.25
-

Packet Switching Network Protocol

4.

PPTP
-

via the Internet

5.

RS232 Se
rial Null Modem Cables

RAS Protocols

WAN Protocols

1. SLIP

a.

No Error Checking

b.

No Security

c.

No Flow Control or Data Compression

d.

YOU CANNOT "SLIP" INTO NT

2. PPP

a.

Supports Encrypted LogOn

b.

Supports NetBeui, IPX, and TCP/IP

c.

Optimized for Low
-
Bandwidth Connection
s

LAN Protocols

1.

NetBeui

2.

IPX

3.

TCP/IP

RAS Encryption

Accessed Through Control Panel>Network>Services>Remote Access Service>Properties

1.

Allow any Authentication including Clear Text (MS
-
CHAP, SPAP, PAP)

2.

Require Encrypted Authentication (MS
-
CHAP, SPAP)

3.

Require M
icrosoft Encrypted Authentication (MS
-
CHAP)

C
ontent created and copy
right



1998
-
1999, by David L. Woodall
, all Rights Reserved



Monitoring and Optimization

Processor

Counters to Monitor

Counter

Description

Acceptable Value

Likely Cause/Solution





%Processor Time

Percentage of time that
the processor is busy
performing useful tasks

Und
er 80%

Add Additional Processor
or Upgrade Existing
Processor

Interrupts Per Second

The number of device
interrupts the processor is
handling each second

Under 3500 on a
Pentium or RISC
computer

Poorly Written Program
or Device Driver, or
Failing Hardware

System Processor
Queue Length

The number of
outstanding requests the
processor has in the
queue

Under 4

Add Additional Processor
or Upgrade Existing
Processor, or move
Applications to another
Server


Memory

The MOST LIKELY CAUSE OF POOR PERFORMANCE!

Co
unters to Monitor

Object

Counter

Acceptable Value

Description





Cache

Data Map Hits%

N/A?

Specifies the percentage of
requests that can be
processed through Physical
RAM as opposed to having
to access the data from disk

Memory

Pages/Sec

0
-
20

Specifies

the number of
Pages that were written or
read from Disk because the
pages were not available
through RAM or Cache
memory

Memory

Available Bytes

4MB OR 20% of Physical
Memory, whichever is
Greater

Shows how much RAM is
available for caching.

C
ontent created and copy
right



1998
-
1999, by David L. Woodall
, all Rights Reserved



Disk

Counter
s to Monitor

Object

Counter

Acceptable Value

Description





Logical Disk or Physical
Disk

Average Disk Queue
Length

0
-
2

The average number of
outstanding requests that
the disk is waiting to
process

Logical Disk or Physical
Disk

%Disk Time

Under 50%

Th
e percentage of time
that the disk is busy
processing read or write
requests

Troubleshooting RAS

1.

Ensure that the RAS SERVICE is Running

2.

Make sure the User has RAS permissions

3.

Verify that the Client is Using PPP

4.

Make sure the Client and Server are using a common Protocol

5.

Ensure that the Client and Server have a commo
n Encryption Environment

Troubleshooting TCP/IP

Utilities

1.

PING

2.

IPCONFIG
-

and the /all switch for verbosity, /renew and /r
e
lease
for dropping and renewing DHCP
configuration

3.

ARP
-

U
sed to view the local ARP table of mappings between IP addresses and local
MAC addresses

4.

NETSTAT
-

U
sed to show
TCP/IP statistics and any current connections

5.

ROUTE, IPXROUTE

-

Used to verify that all of the local routing tables are properly defined

6.

TRACERT
-

Used to trace the route of a packet across the network

To determine if t
he problem is protocol or hardware related, try installing NetBeui. If
you are able to browse local resources, then you know that the hardware is ok.