Barry Shilmover

Founder/CIO (CGO)

Sonic Mobility Inc.

70-215: Windows 2000 Server

Agenda

What to Expect Microsoft’s new testing innovations The Exam:

Installing Windows 2000 Working with Resources Hardware Devices and Drivers System Performance, Reliability, and Availability Windows 2000 and Storage Networking Security

Sidebar – KB Articles

“Q” number are mentioned throughout this presentation

All are found on the Microsoft TechNet site They are the letter “Q” followed by a six digit

code. For example, Q123456 The URL for the above example would be:

http://support.microsoft.com/support/kb/articles/Q123/4/56.ASP

What to Expect…

Some exam detail 120 Minutes 62 Questions Passing Score: 660

Preparation Guide: http://www.microsoft.com/trainingandservices/exa

ms/examasearch.asp?PageID=70-215

Testing Innovations

Multiple choice Select-and-place exam questions Case study-based exam questions Simulations Computer adaptive testing

Multiple Choice

Um… yah…

Select-and-Place Exam Questions

Also known as Drag-and-Drop questions… A Scenario is given and you must drag the

answers to the right locations on the diagram

Case Study-Based Exam Questions

A case study is introduced at the beginning and a number of questions are asked based on the information provided

This is NOT a memory test… The case study is always available

Simulations

As the name states… a simulation Some tips:

Read the question… only give them what they want If information is not provided about a setting, assume

the default settings Close all windows within the simulation Check your spelling

Not currently on the exam

Computer Adaptive Testing

You start with an easy to moderate question If you answer it correctly, you will get a more difficult

question If you answer it incorrectly, you will get a less difficult

question

This process is repeated until the testing engine has determined your ability

Main difference between CAT and Traditional is that you cannot navigate questions in a CAT exam

Not used in this exam.

The Exam…

Installing Windows 2000

Attended Installation Unattended installation Upgrading from Windows NT 4.0 Service Packs and hotfixes When an installation fails

Windows 2000 – BI

Before Installation Check the Windows 2000 Hardware

Compatibility List (HCL) http://www.microsoft.com/hcl/default.asp

Or run WINNT32.exe /checkupgradeonly

Attended Installation

The four setup stages:1. Setup Program (text)

2. Setup Wizard (graphical)

3. Windows Networking Installation

4. Setup Completion Types of installation:

From the CD-ROM From the Network

From the CD

Boot from the CD Or make boot floppies

MAKEBOOT (16-bit) or MAKEBT32 (32-bit) Generate 4 startup disks TechNet article Q197063

From the Network

Copy i386 directory to a server Share the i386 directory Create a boot floppy for the server (so that it

can connect to the network) Map a drive to the network share Run the setup

Unattended Installation

All questions are answered ahead of time These are stored in an answer file Answer files are created via:

A text editor Or the Setup Manager Wizard (SMW)

Unattended Installs and User Interaction

The five levels:1. Provide Defaults

User simply accepts the default or makes changes2. Fully Automated

No user interaction3. Hide Pages

Only pages for which information was not provided is shown4. Read Only

As #3, but shows all information in read-only5. GUI Attended

Second stage of setup is automated. Rest is manual

The Setup Manager Wizard

A GUI-based answer file creation utility Found in the Windows 2000 Resource Kit

Deployment Tools section

The Setup Manager Wizard

DEMOSetupmgr.exe

SysPrep

Tool used for “ghosting” of systems Reverses the unique settings of a system

(such as the name and SID) Is found in the DEPLOY.CAB file on the

Windows 2000 Professional CD-ROM (in the \support\tools folder)

Upgrading from Windows NT 4.0

Upgrade path:

Operating System Upgrade Path

Windows 3.1

Windows 95/98

Windows Me

Windows NT Workstation 3.51/4.0

Windows NT Server 3.51/4.0

Windows NT Server 4.0 Terminal Server

Windows NT Server 4.0 Enterprise Edition

Windows NT 3.51 with Citrix

Service Packs and Hotfixes

Windows 2000 now supports slipstreaming Service Packs Service Pack is added directly to the distribution

share UPDATE.EXE /slip

All installation performed from the distribution share will now have the Service Pack applied

When an Installation Fails…

Never happens… right?

When an Installation Fails

Run the setup program in debug mode: WINNT32.EXE /debug[level]

Level 1 = regular errors Level 2 = warnings Level 3 = all messages

Check the HCL Check Network (including DNS!)

Working with Resources

Network Services Printers Files, Folders, and Shares

Distributed File System (DFS) Security

Web Sites

Network Services

FrontPage 2000 Server Extensions FTP Server NNTP Server SMTP Server Telnet Server Web Server WINS/DNS/DHCP DHCP-Relay

Printers

Has not changed much from Windows NT Supported Clients:

Windows Macintosh

Using File and Print Services for Macintosh Novell

Using Client Service for NetWare/NWLink IPX/SPX/NetBIOS Compatible Transport Protocol

Unix Using Services for Unix 2.0

Printers – Continued…

Print Pooling The ability to group two or more identical printer together.

They appear as one logical printer to the clients Print Priority

The ability to set different logical printers, each with different priorities (from 1, lowest and default, to 99)

Remember to set security. (Everyone: Full Control) Internet Printing

New Feature! Allows for accessing the printers via a web browser http://servername/printers

Printer – Continued…

Windows 2000 automatically downloads and installs drivers for Windows 2000, Windows NT3.51/4.0, and Windows 95/98/Me

Most common way to fixed a stalled printer spooler? Kick it!

Be aware of how to set permissions, printer and print server properties

Files, Folders, and Shares

Windows 2000 now supports FAT32 natively Use FAT and FAT32 for dual boot with other

operating systems

Files, Folders, and Shares, cont. New version of NTFS

Known as NTFSv5 or Windows 2000 NTFS Now supports:

Disk Compression Encryption Disk Quotas Reparse Points Volume Mount Points SID Searching

If NTFSv4 is installed on the system, it will automatically be upgraded to NTFSv5 Therefore, Windows NT systems need SP4 or higher

Files, Folders, and Shares, cont.

NTFS partitions can now be Defragmented Command-line program for modifying NTFS

permissions: cacls.exe

Copying/Moving files is the same as with Windows NT Copying within a partition – permissions are inherited Moving within a partition – permissions are retained Moving between partitions – permissions are inherited

Distributed File System

A Definition:

Distributed file system (Dfs) allows administrators to make network-wide resources appear as though they exist in a single location on the network

An Example

Without DFS:

Domain

Server1

Documents

Corp

Server2

Users

Server3

Home

With DFS:

Domain

Corp

Documents

Home

Users

Distributed File System - Standalone

Setup: Administrative Tools | Distributed File System Select Create a standalone DFS root

Limitations: No fault-tolerance Only single-level hierarchy is available

Distributed File System – Domain-based

Setup: Administrative Tools | Distributed File System Select Create a domain DFS root

Features: All configuration is stored in and replicated by

Active Directory Fault-tolerant through replicas No limit on hierarchy levels (sort of)

Web Sites

Virtual Servers: The ability to host a number of web sites on the

same physical box Three setup methods:

IP Address Host Header Port number

Web Sites – Continued…

Virtual Directory A directory that appears under the root directory

of the web site A virtual Directory can be:

A directory on the local machine A shared folder on a network server Another web site (ie http://www.somedomain.com)

Tip: Refrain from using spaces in the name of the virtual directory. Older browsers can’t interpret the spaces

Web Sites - Security

Authentication Methods for web sites Allow anonymous Basic authentication Integrated Windows Authentication Digest authentication SSL Client Certificate

Windows 2000 finally supports Plug and Pray

Hardware Devices and Drivers

Hardware Devices and Drivers

Windows 2000 finally supports Plug and Play All Hardware information is now behind My

Computer Add/Remove Hardware control panel to

launch the Hardware Wizard System Information snap-in displays read-

only information about installed hardware Device Manager configures hardware

Driver Signing

A new feature in Windows 2000 that allows you to ensure that the drivers you are installing have been tested and passed the Windows Hardware Quality Lab (WHQL) test

Q224404 for more information

Some Utilities… Driver Verifier Manager

A command-line tool for troubleshooting driver problems verifier.exe (Q224404)

Windows Report Tool A tool for taking a “snapshot” of the system hardware/software winrep.exe (Q188104)

System File Checker A utility for verifying protected files and their version number sfc.exe (Q222471)

Windows Signature Verification A tool for checking the signatures of signed drivers sigverif.exe (Q185828)

System Performance, Reliability, and Availability

As with Windows NT, performance objects are important for the exam

Unlike Windows NT, physical disk counters are now enabled by default To enable logical disk and volumes you need to

run the diskperf –yv command The Performance Monitor (in Windows NT) is

now called the Performance Console

Alerts and Logs

Three types of logs: Trace

Monitors information based on events. All information is recorded

Counter These logs record information about specified objects

and counters Alert

Similar to a trace log except that information is not logged, it simply reacts to an event

Processes Processes are viewed through the Windows Task

Manager Accessible through Ctrl+Alt+Delete and Task Manager Shortcut: Ctrl+Shift+Esc

Each process has a priority assigned to it between 0 (lowest) and 31 (highest). Most common priorities: Low – 4 Normal – 8 High – 13 Realtime – 24

Priorities can be changed through the Task Manager (not recommended)

Disk Performance

Both mirrored and spanned volumes will degrade system performance.

Striped disks offer the greatest performance. Microsoft has finally admitted that NTFS

partitions get fragmented. Defragment regularly.

Spread the pagefile across multiple hard drives, but take them off the system and boot disks (see Q197379).

System State and User Data

System State Data: Contains the Registry, System startup files, and COM+

class registrations. May contain:

Active Directory services and the Sysvol directory (on an AD Domain Controller)

Resource Registry Checkpoints and Quorum Resource recover log (on a Windows 2000 Cluster)

Certificate Services database (on a Certificate Server) Improve performance on an Active Directory domain

controller by moving the system state data off the system/boot volume.

System State and User Data Recovery

Emergency Repair Disk No more RDISK.exe. ERDs are now created

through the backup program. No longer a “repair” disk. Is now a boot disk for

accessing repair tools stored on the CD (Q216337).

The ERD contains the following files: autoexec.nt, config.nt, and setup.log.

Emergency Repair Disk

Safe Mode

Safe mode is actually several modes: Enable Boot Logging Enable VGA Mode Last Known Good Configuration Recovery Console Directory Services Restore Mode Debugging Mode Boot Normally

Enter safe mode by pressing F8 during startup.

Recovery Console Gives you the ability to boot Windows 2000 to

a “DOS prompt”. Similar to ERDCommander 2000 from

Sysinternals.com. Limited functionality:

You can copy from removable media to the hard drive, but not the other way.

Windows Backup

A “watered down” version of Veritas Software’s BackupExec.

A major improvement to that monstrosity backup program in Windows NT. Better interface Can backup and restore to removable media,

hard drive, or share.

Windows 2000 and Storage

Windows 2000 has two disk types: Basic Disks Dynamic Disks

Basic Disks

Similar to Windows NT Contains Primary Partitions, Extended

Partitions, and Logical Drives Used for dual-boot systems with non-

Windows 2000 systems

Dynamic Disks

New to Windows 2000 Contains volumes Can be resized without a system reboot Can be converted back to Basic Disks

(assuming no volumes exist) Can be exported/imported

Basic and Dynamic Disks compared

Partition Extended Partition Logical drive Mirror Set Volume Set Stripe Set Stripe Set with Parity

Volume Volume Simple Volume Mirrored Volume Spanned Volume Stripped Volume RAID-5 Volume

Storage - New Features

Data Compression Any file or folder on an NTFS folder can be

compressed/uncompressed. Can be performed through My Computer or

Windows Explorer

Storage - New Features

Disk Quotas Quotas can only be set on the volume, not on

individual folders (Q183322). Disabled by default. Tips:

While you cannot assign quotas to groups, you can choose multiple users.

Do not choose the “Deny disk space to users exceeding quota limit” option on the disk storing Windows 2000.

Disk Failures

Know the ARC paths in BOOT.INI (Q119467 and Q113977). multi() scsi() disk() rdisk() parition()*

*lowest value=1

Networking

Virtual Private Networks Network Protocols Network Services Remote Access Terminal Services

Virtual Private Networks Remote Access Service (RAS) in Windows NT is now Routing and

Remote Access (RRAS). Two supported protocols: Point to Point Tunneling Protocol (PPTP) and

Layer Two Tunneling Protocol (L2TP).

Feature PPTP L2TP

Header compression

Tunnel Authentication

Built-in Encryption

Transmit over UDP, ATM, X.25, and Frame Relay.

TCP/IP

Most used protocol today. DHCP is used to dynamically assign TCP/IP

addresses DNS is used to resolve TCP/IP addresses and

names (and the reverse). WINS is used to resolve NetBIOS names to TCP/IP

addresses. Subnet mask is used to distinguish between the

network and host IDs of the TCP/IP address. Default gateway is used to identify the host which

communicates outside the network

TCP/IP - Continued...

Windows 2000 will automatically assign an address (169.254.x.y and 255.255.0.0)

Troubleshooting: ipconfig (Q223413) netstat nbtstat tracert route ping

Remote Access

RRAS supports multilink (Q223171, Q233151, Q244071).

Like RAS, it supports callback (called Callback Security.

Terminal Services

Terminal Services includes: TS Client Creator TS Configuration TS Licensing TS Manager

Uses Remote Desktop Protocol (RDP) and RDP-TCP (RDP over TCP/IP).

TS - Continued...

It is recommended that you install applications through the Add/Remove Program control panel.

If installing manually, put TS into install mode: change user /install

To turn off: change user /execute

Clients include Windows 3.11, Windows 95/98/Me, Windows NT, Windows 2000, Internet Explorer. Install TSAC for access through Internet Explorer.

Security

Encrypted File System Policies Auditing Local Accounts Account Policy The Security Configuration Tool Set

Encrypted Files System (EFS)

Any file on an NTFSv5 volume can be encrypted. The process is transparent to the user. A Recovery Agent is used to recover encrypted file

with a lost key. Default encryption is 56-bit. North Americans can

upgrade to 128-bit. The efsinfo.exe utility (Resource Kit) can give you

info on encrypted files (Q243026). Does graphically or using the Cipher.exe command.

Policies

Similar to System Policy Editor in Windows NT.

Group Policy MMC snap-in (gpedit.msc). Settings can be stored in AD. Settings can be exported/imported using .INF files

Auditing

Disabled by default. Enabled via Start | Administrative Tools |

Local Security Policy.

Local Accounts/Account Policy

Local Accounts Usernames cannot be longer than 20 characters. They cannot contain: “ / \ [ ] : ; | = , + * ? < > Passwords can be up to 128 characters in length

(Microsoft recommends 8). Account Policy

Password policy (default): Enforce password history = 0 days Maximum password age = 42 days Minimum password age = 0 days

Account Policy - Continued...

Minimum password length = 0 characters Passwords must meet complexity requirements =

disabled Store password using reversible encryption for all

users in the domain = disabled Account Lockout Policy (default)

Account lockout duration = not defined Account lockout threshold = 0 invalid login

attempts/disabled Reset account lockout after = not defined

The Security Configuration Tool Set

The Security Configuration and Analysis snap-in is normally used to troubleshoot security.

Security database (mysecuresv.mdb) is compared to the template.

Command-line based version: secedit.exe.

Additional Resources Exam Preparation Guide

http://www.microsoft.com/trainingandservices/exams/examasearch.asp?PageID=70-215

Windows 2000 Server and Professional Resource Kits Course 2151: Microsoft Windows 2000 Network and Operating

System Essentials http://www.microsoft.com/trainingandservices/syllabi/syllasearch.asp?PageID=2151Afinal&coursenumber=2151

Course 2152: Implementing Microsoft Windows 2000 Professional and Server http://www.microsoft.com/trainingandservices/syllabi/syllasearch.asp?PageID=2152Bfinal&coursenumber=2152

Questions?

Barry.Shilmover@SonicMobility.com