Windows 2003 Work Handbook

zhaozj2021-02-16  97

First, configure Internet Access to DNS in Windows Server 2003

SUMMARY This step-by-step guide explains how to configure Internet access for the Domain Name System (DNS) in Windows Server 2003 products. DNS is the core name resolution tool used on the Internet. DNS is responsible for resolution between host name and Internet address. How to start running Windows Server 2003 independent servers from running Windows Server 2003 to become a network's DNS server. The first step is assigned a static Internet protocol (IP) address for the server. The DNS server should not use dynamically assigned IP address because the dynamic changes of the address will make the client to lose contact with the DNS server.

Step 1: Configure TCP / IP Click Start, point to Control Panel, point to Network Connections, and then click Locally. Click Properties. Click Internet Protocol (TCP / IP). , Then click Properties. Click General tab. Click the following IP address and type the IP address, subnet mask, and default gateway address in the appropriate box. Click Advanced, then click the DNS tab. Click additional main and connect specific DNS suffixes. Click to select the parent suffix checkbox for the attached primary DNS suffix. Click to select Address check box to register this connection in DNS. Note that the DNS server running Windows Server 2003 must specify its DNS server as it itself. If the server needs to resolve the name of its Internet Service Provider (ISP), you must configure a forwarder. How to configure the repeater section later in this article will discuss the forwarder. Click OK three times. Note: If you receive a warning from the DNS Cache Resolver service, click OK to close the warning. The cache restriction is trying to contact the DNS server, but you have not completed the configuration of the server.

Step 2: Install the Microsoft DNS server Click Start, point to Control Panel, and then click Add or Remove Programs. Click Add or Remove the Windows Components. In the component list, click Network Services (but do not select or clear the check box), then click Details. Click to select the Domain Name System (DNS) check box, and then click OK. Click Next. After getting prompt, insert the Windows Server 2003 CD-ROM into your computer's CD-ROM or DVD-ROM drive. When the installation is complete, click Finish on the Windows Component Wizard page. Click Close Close Add or Remove Programs Window.

Step 3: Configure the DNS server to configure DNS using the DNS management unit in the Microsoft Management Console (MMC), follow these step xx: Click Start, point to Programs, point to Administrative Tools, and then click DNS. Right-click the forward search area and click New Area. When the New Area Wizard starts, click Next. Then you will be prompted to select the area type. Regional types include: Main Areas: Creating a copy of the area that can be updated directly on this server. This area information is stored in a .dns text file. Auxiliary area: Standard auxiliary zone copy all information from its main DNS server. The primary DNS server can be an Active Directory area configured for zone, primary zone or auxiliary area. Note that you cannot modify regional data on the auxiliary DNS server. All data is copied from the primary DNS server. Stub area: The stub area contains only the resource records required to identify the authoritative DNS server of the region. These resource records include Name Server (NS), Start Authorizec (SOA), and possible GLUE host (a) records. There is also an option for storage area in Active Directory. This option is only available when the DNS server is a domain controller. The new forward search area must be a regional or Active Directory area so that it can accept dynamic updates. Click Main, then click Next. The new area contains the locator records based on Active Directory domain. The area name must be the same as the name of the Active Directory, or the logical DNS container of the name. For example, if the name of the Active Directory domain is "support.microsoft.com", the valid area name can only be "support.microsoft.com". Accept the default name of the new area file. Click Next. Note: Experienced DNS administrators may want to create a reverse search area, so I suggest this branch of their drilling wizards. DNS servers can parse two basic requests: positive search requests and reverse search requests. Positive search is more common. Positive search parsing the host name into an IP address with "A" or host resource record. Reverse Search is parsed to a host name with PTR or pointer resource records. If you have configured the reverse DNS area, you can automatically create associated reverse records when you create the original positive record. 2. How to remove the root DNS area Run the Windows Server 2003 DNS server follows a specific step in its name resolution process. The DNS server first queries its cache and then checks its area record, then send the request to the forwarder, and finally use the root server to try parsing. By default, the Microsoft DNS server is connected to the Internet to use root prompts to further process DNS requests. When using the DCPROMO tool to upgrade the server to a domain controller, the domain controller requires DNS. If you install DNS during the lifting process, you will create a root zone. This root area indicates that it is an root Internet server. Therefore, your DNS server does not use a forwarder or root prompt during the name resolution. Click Start, point to Administrative Tools, and then click DNS. Expand ServerName, where ServerName is the name of the server, click Properties, and then expand the forward search area. Right click on "." Area and click Remove.

3, how to configure the forwarding of Windows Server 2003 to make full use of DNS repeater. This feature forwards DNS requests to an external server. If the DNS server cannot find a resource record in its area, you can send a request to another DNS server to further try to resolve. A common situation is a forwarder configured to your ISP's DNS server. Click Start, point to Administrative Tools, and then click DNS. Right-click on ServerName, where ServerName is the name of the server and then click the Forwarder tab. Click a DNS domain in the DNS domain list. Alternatively, click New, Type the name of the DNS domain you want to forward the query in the DNS field, and then click OK. In the transponder IP address box of the selected domain, type the IP address of the first DNS server you want to forward. , Then click Add. Repeat step 4, add the DNS server you want to forward. Click OK .4, how to configure the root prompts Windows can use the root prompt. The root prompt resource record can be stored in the Active Directory or text file (% systemroot% / system32 / dns / cache.dns). Windows uses standard Internet server. In addition, when the server running Windows Server 2003 queries the root server, it will update itself with the latest root server list. Click Start, point to Administrative Tools, and then click DNS. Right-click ServerName, where ServerName is the name of the server, then click Properties. Click the Root Tips tab. The root server of the DNS server is listed in the Name Server list.

5. How to configure the DNS Agent and Network Address Translation (NAT) device after the firewall can limit access to ports. DNS uses UDP port A and TCP ports 53. The DNS Service Management Console also uses RCP. RCP uses port 135. These problems may happen when you configure DNS and firewalls.

Second, configure the remote domain for Internet Information Services SMTP Message Relay Server in Windows Server 2003

SUMMARY This article describes how to configure remote domains for the Internet Information Services (IIS) "Simple Mail Transfer Protocol" (SMTP) mail relay server.

IIS in Windows Server 2003 includes a fully fully equipped SMTP virtual server, you can use this server to transfer emails on your internal network. The SMTP virtual server can also be used to accept emails from the Internet. Although SMTP services do not provide easy access to mail retrieval mechanisms, it is important for accepting emails from Internet and relating to SMTP / POP3 servers from Internet. For the domain to which the computer belongs, as well as other domains, you can configure the SMTP virtual server to accept emails.

Independent servers with running SMTP services are a good security measures because of the isolation layer between enterprise mail servers and inbound connections from the Internet. The stand-alone computer based on Windows Server 2003 will isolate the server from the Active Directory security boundary of the internal network. You can configure a stand-alone SMTP virtual server to use your company mail server as your smart host. You can then configure a separate SMTP virtual server to relay only messages sent by the remote domain. In this way, all other emails will be rejected, not successful.

1. How to configure a stand-alone IIS SMTP server to relay the "Internet Information Service Manager" or open the Internet Information Services (IIS) management unit. Expand the server name, where the server name is the name of the server, then expands "Default SMTP Virtual Server". Right-click on the domain, point to New, and then click Domain. Click Remote, and then click Next. Type the name of the new remote domain in the Name box. You can specify a single domain or use an asterisk (*) as a wildcard (asterisk must be at the beginning of the name, and you want to separate the asterisk with the other part of the name) to specify multiple domains. For example, if you need a remote domain to receive other domains .com and all its subdomains, you can use the name *. Other domain .com. Click Finish. In the right pane, right-click the new remote domain just created, then click Properties. Click General tab. Under "Select appropriate settings for remote domain", click the "Allow Inbound Mail" check box, select it, so that the SMTP server can be used as a mail relay. Under Routing Domain, click "Forward all messages to smart host" and type the IP address of the company's mail server of the internal network or fully qualify the domain name (FQDN). If you use an IP address, you must use parentheses "[]" to enclose the IP address. For example, [nnn.nnn.nnn.nnn]. Click OK. Stop and start the SMTP virtual server. To do this, right-click the Default SMTP Virtual Server, and then start.

2. After the troubleshooting is configured, all messages sent to the remote domain name will be relayed to your configured smart host. Unable to pass messages are stored in the INETPUB / MAILROOT / BADMAIL folder, configure local domain for Microsoft SMTP services in Windows Server 2003

SUMMARY This step guide shows how to configure local domains for SMTP services in Windows Server 2003. This article describes how to change the name of the default domain, configure the alias domain, and specify the DROP folder. The SMTP service domain is used to organize messages to be passed. The SMTP virtual server has at least one domain: the default local domain. The local domain is a domain name system (DNS) domain that serves the local SMTP server. The message to the SMTP server contains the local domain name or transferred to the DROP folder locally, or returns to the sender together with the unpaid (NDR) report.

1. How to rename the default domain default domain is used to give a statement from a message that does not contain domain. The SMTP virtual server must have a default domain. This default domain cannot be deleted. By default, the name specified in the Computer Name tab of the Control Panel System Tool is used as the default domain name. You can also specify a unique name as the default domain name for the SMTP service.

2. To rename the default domain, follow these step xx: Start the Microsoft Internet Information Service (IIS) manager or open the IIS management unit. Expand server_name, where server_name is the name of the server and then expands the desired SMTP virtual service (for example, the default SMTP virtual server). Click the domain. In the right pane, right click on the default domain and click Renaming. Type the name you want to use and press Enter. Exit the IIS manager or turn off the IIS management unit.

3. How to configure the alias domain name domain is the alias of the default domain. You can use the same settings as the default domain to set the alias domain. The message of the album domain received by the SMTP service is placed in the DROP folder specified by the default domain. To configure a different domain, follow these step xx: Start the IIS manager or open the IIS management unit. Expand server_name, where server_name is the name of the server and then expands the desired SMTP virtual service (for example, the default SMTP virtual server). Right-click on the domain, point to New, and then click Domain. "New SMTP Domain Wizard" started. Click Alias, and then click Next. In the Name box, keys into the name of the name, and then click Finish. Exit the IIS manager or turn off the IIS management unit. 4. How to specify a DROP folder For the default domain, you must specify a folder that places all incoming messages. The SMTP service puts the message of the other name domain in the DROP folder used by the default domain. By default, the DROP folder is located in the Inetpub / Mailroot folder. You can specify any folder as a DROP folder, as long as the folder is a local folder on a computer that is installed in the SMTP service, and is not specified as a Pickup folder. To change the location of the DROP folder, follow these step xx: Start the IIS manager or open the IIS management unit. Expand server_name, where server_name is the name of the server and then expands the desired SMTP virtual service (for example, the default SMTP virtual server). Click the domain. In the right pane, right-click the default domain and click Properties. Click Browse, find and click the folder you want to use as a DROP folder, and then click OK. Click OK. Fourth, configure the packet filter support for the PPTP VPN client in Windows Server 2003

Summary This article describes how to configure packet filtering for PPTP VPN clients. Windows Server 2003 "Routing and Remote Access" service supports virtual private network (VPN). The VPN client can create a "Route and Remote Access" service that is based on Windows Server 2003-based "Route and Remote Access" service VPN, "Point Tunnel Protocol" (PPTP), "IP Security" (IPSec). Server security tunnel. In this way, the client becomes a remote node on a private network. Multi-Hosting "Routing and Remote Access" service VPN servers with external interfaces that are directly connected Internet interfaces can use packet filtering to protect internal networks from external attacks. The best way to configure the data package filter in the secure environment is to use the minimum privilege principles: discard all all packets other than the clearly allowed packets.

How to configure PPTP filters to allow communication PPTP for PPTP VPN clients to be a commonly used VPN protocol because it is safe and easy to set. You can easily deploy PPTP in a pure Microsoft environment and a hybrid environment. You can configure Windows Server 2003-based "Routing" service VPN servers to discard non-PPTP packets by using the Packet Filter.

How to configure a PPTP input filter to allow an inbound communication from a PPTP VPN client to start, point to program, pointing to Administrative Tools, and then click Routing and Remote Access. In the left pane of the Routing and Remote Access console, expand the server, then expand the IP route. Click General, right-click the external interface, and then click Properties. Click General tab, click Inbound Filter, and then click New. Click the Target Network check box, select it, and then in the IP Address box, type the IP address of the external interface. In the Subnet Mask box, type 255.255.255.255. In the protocol box, click TCP. In the Target Port box, type 1723 and click OK. Click "Discard all packages to meet the except below". Click New. Click the Target Network check box to select it. In the IP Address box, type the IP address of the external interface. In the Subnet Mask box, type 255.255.255.255. In the protocol box, click Other. In the Protocol box, type 47, and then click OK. How to configure a PPTP output filter to allow an outbound communication to the PPTP VPN client to start, point to the program, point to Administrative Tool, and then click Route and Remote Access. In the left pane of the Routing and Remote Access console, expand your server and expand the IP route. Click General, right-click the external interface, and then click Properties. Click the General tab, click Outbound Filter, and then click New. Click the Source Network check box to select it. In the IP Address box, type the IP address of the external interface. In the Subnet Mask box, type 255.255.255.255. In the protocol box, click TCP. In the source port box, type 1723, and then click OK. Click "Discard all packages to meet the except for the following" option. Click the "Source Network" checkbox, select it. In "IP address" In the box, type the IP address of the external interface. In the Protocol box, click Other. In the Protocol Number box, type 47, and then click OK.

Note: After completing these changes, only PPTP communications can enter and externally interface to the "Routing and Remote Access" service VPN server. These filter support communicates with the PPTP VPN client that invokes the entry station to the Route and Remote Access service VPN server. 5. Configuring network security for SNMP services in Windows Server 2003

SUMMARY This step-by-step guide describes how to configure network security for "Simple Network Management Protocol" (SNMP) service in Windows Server 2003. The SNMP service plays a role in the agent, which collects information that can be reported to the SNMP management station or console. You can use SNMP services to collect data and manage computers based on Windows Server 2003, Microsoft Windows XP, and Microsoft Windows 2000 throughout the company network. Typically, the method of protecting communication between SNMP proxy and SNMP management stations is to specify a shared community name to these proxy and management stations. When the SNMP management station sends an query to the SNMP service, the request side's community name is compared to the community name of the agent. If you match, it indicates that the SNMP management station has passed authentication. If you do not match, it indicates that the SNMP agent thinks that the request is "failed access" attempt and may send a SNMP trap message. The SNMP message is sent in clear manner. These plain text messages are easily intercept and decode the "Microsoft Network Monitor". Unauthorized people can capture the community name to get important information about network resources. IP Security Protocol (IPSec) can be used to protect SNMP communication. You can create an IPSec policy that protects communication on TCP and UDP ports 161 and 162 to protect SNMP transactions.

Creating a Filter List To create an IPSec policy that protects the SNMP message, first create a list of filters. The method is: Click Start, point to Administrative Tools, and then click Local Security Policy. Expand security settings, right-click on the IP Security Policy on the local computer, and then click Manage IP Filter List and Filter XX. Click the Manage IP Filter List tab, and then click Add. In the IP Filter List dialog box, type SNMP messages (161/162) (in the Name box), then type TCP and UDP port 161 filters (in the explanation box). Click the Use Add Wizard check box, clear it, and then click Add. In the Source Address box (on the Address tab of the IP Filter Properties dialog box, click any IP address. In the Target Address box, click My IP Address. Click Mirror. Match the Packets with Exactly Converse Source and Destination Address check box, select it. Click the Protocol tab. In the Select Protocol Type box, click UDP. In the Set IP Protocol Port box, click "From this port" and type 161 in the box. Click "to this port" and type 161 in the box. Click OK. In the IP Filter List dialog box, click Add. In the Source Address box (on the Address tab of the IP Filter Properties dialog box, click any IP address. In the Target Address box, click My IP Address. Click Mirror. Match the Packets with Exactly Converse Source and Destination Address check box, select it. Click the Protocol tab. In the Select Protocol Type box, click TCP. In the Set IP Protocol box, click "From this port", then type 161 in the box. Click "to this port" and type 161 in the box. Click OK. In the IP Filter List dialog box, click Add. In the Source Address box (on the Address tab of the IP Filter Properties dialog box, click any IP address. In the Target Address box, click My IP Address. Click Mirror. Match a packet with just opposite source and target addresses check box, select it. Click the Protocol tab. In the Select Protocol Type box, click UDP. In the Set IP Protocol box, single That "from this port", then type 162 in the box. Click "to this port", then type 162 in the box. Click OK. In the IP Filter List dialog box, click Add. In "Source Address" In the address tab of the displayed IP Filter Properties dialog box, click any IP address. In the Destination Address box, click My IP Address. Click Mirror. Match a packet with just opposite source and target addresses check box, select it. Click the Protocol tab. In the Select Protocol Type box, click TCP. In the Set IP Protocol box, click "From this port" and type 162 in the box. Click "to this port" and type 162 in the box. Click OK. In the IP Filter List dialog box, click OK, and then click OK in the Manage IP Filter List and Filter XX for dialog.

Creating an IPsec Policy To create an IPSec policy to enforce IPSec for SNMP communication, follow these step xx: Right-click the IP Security Policy on the left pane, then click Create IP Security Policy. IP Security Policy Wizard starts. Click Next. Type Secure SNMP in the Name box on the IP Security Policy Name page. In the explanation box, type Force IPsec for SNMP Communications, and then click Next. Click the "Activate Default Response Rule" check box, clear it, and then click Next. On the IP Security Policy Wizard page, confirm the Edit Properties checkbox has been selected, and then click Finish. In the Safe SNMP Properties dialog box, click the Use Add Wizard check box, clear it, and then click Add. Click the IP Filter List tab and click SNMP message (161/162). Click the Filter XX as tab, and then click Requirements. Click the Authentication Method tab. The default authentication method is Kerberos. If you need another authentication method, click Add. In the New Authentication Method Properties dialog box, select the authentication method you want to use from the list below, then click OK: Active Directory Default (Kerberos V5 Protocol) Use this string (pre-shared key) in new rules In the Properties dialog box, click Apply, and then click OK. In the SNMP Properties dialog box, confirm that the SNMP message (161/162) checkbox has been selected, and then click OK. In the right pane of the Local Security Settings console, right-click the secure SNMP rule, and then click Specify. Complete this procedure on all Windows-based computers running SNMP services. This IPSec policy must also be configured on the SNMP management station. 6. Configuring the DNS Record Summary in Windows Server 2003 This article describes how to configure the Domain Name System (DNS) server so that it carries the Web site that can be accessed (ie, from Internet access). How to get an IP address To host the Web site accessible from an external access, you must get a public IP address from your Internet Service Provider (ISP). And specify this IP address to the external interface of the firewall or router connected to the DNS server

How to register a domain name to register a parent or secondary DNS domain name for your organization through the Internet Domain Registry Registry (called a registration authority). For a list of globally recognized registration agencies, please visit the following Internet Corporation for Assigned Names and Numbers (ICANN) website: Internet corporation for assigned names and numbers http://www.icann.org

The registration process of each registration body may vary, but you can also register the domain name in the following steps: Search, confirm that the name to register is available. Provide contact information and payment information (including email addresses) for this account. Type the "Full Qualification Domain Name (FQDN) of the master from the DNS server.

Note: These are the common IP addresses provided by ISP. Pay annual charges or prepare for payment annual fees.

How to configure web server installation and configure Microsoft Internet Information Services (IIS) (if not installed).

How to create a DNS item for the web server, create an alias or CNAME record configured with the DNS server configured. This ensures that the external host can connect your web server using the "WWW" host name. The creation method is: Open the DNS management unit. The method is: Click Start, point to Administrative Tools, and then click DNS. Under DNS, expand the "host name" (where the host name is the host name of the DNS server). Expand the forward search area. Under the forward search area, right-click the desired area (for example, the domain name .com.), And then click New Alias ​​(CNAME). In the Alias ​​box, type WWW. In the "Full Qualified Name" box "Target Host, type the fully qualified host name of the DNS server to install the IIS. For example, type DNS. Domain .com, and then click OK. 7. Using the Terminal Server Authorization in Windows Server 2003 Activation License Server Overview You must activate the license server first, then it can issue licenses to the Terminal Services client. When the license server is activated, Microsoft provides a digital certificate for verifying server ownership and identity for this server. By using this certificate, the license server can conduct business with Microsoft and receive client licenses for your terminal server. When the Terminal Services client tries to log in to the terminal server for the first time, the terminal server will contact the license server and request a license for the client.

To activate the license server using the Terminal Server Authorization, you can automatically activate the web browser phone note: The steps introduced in this article assume that the server is installed with "Terminal Server Authorization". To perform these procedures, you must also be a member of the local "Administrators" group.

Automatically activate license server Click Start, point to Administrative Tools, and then click Terminal Server Authorization. In the console tree, expand "all servers". Right-click the license server you want to activate, and then click Activate the server. The Terminal Server License Server Activation Wizard will start. Click Next. On the Connection Method page, click Auto Connections (Recommendation) "in the Activation Method box, then click Next. On the Company Information page, type your name, company, and country information, then click Next. Specify any other information you need, such as email and company address, and then click Next.

Note: The information on this page is optional. This activates your license server. On the "Complete Terminal Server Activation Wizard" page, do one of the following XX: To install the client license key package for the license server, click Next. Install the client license according to the instructions in the Terminal Server Client Authorization Wizard. If you want to install the client license key package later, click the "Now Start Terminal Server Client Authorization Wizard" check box, clear it, and then click Finish. Turn off the Terminal Server Authorization window.

Click Start by Activate License Server by using a web browser, point to Administrative Tools, and then click Terminal Server Authorization. In the console tree, expand "all servers". Right-click the license server you want to activate, and then click Activate the server. "Terminal Server License Server STAD" will start. Click Next. On the Connection Method page, click Web Browser in the "Activation Method" box, then click Next. On the License Server Activation page, click the hyperlink to the "Terminal Server Activation and Authorization" Web site. Under Select Options, click "Activate License Server" and click Next. Type your product ID (Display on the License Server Activation "page of the Terminal Server License Server Activation Wizard), Name, Company, and Country or Regional Information, then click Next. You will receive your license server ID. On the License Server Activation page, type your license server ID you received in step 8 and click Next. This activates your license server. On the "Complete Terminal Server Activation Wizard" page, do one of the following XX: To install the client license key package for the license server, click Next. Install the client license according to the instructions in the Terminal Server Client Authorization Wizard. To install the client license key package later, click the "Now Start Terminal Server Client Authorization Wizard" check box, clear it, and then click Finish. Turn off the Terminal Server Authorization window. Click Start by Click Start by Phone Activation License Server, point to Administrative Tools, and then click Terminal Server Authorization. In the console tree, expand "all servers". Right-click the license server you want to activate, and then click Activate the server. The Terminal Server License Server Activation Wizard will start. Click Next. On the Connection Method page, click Phone in the "Method" box, then click Next. On the Country or Regional Selection page, click on your country or region, then click Next to display the appropriate phone number to call. Use the phone number displayed on the License Server Activation page to call Microsoft and provide "Product ID" displayed on your screen for Microsoft Customer Support Represents. You also need to provide name, organizational name, and authorization plan type to use. The client service representative will then process your request to activate the license server and create a unique ID for your license server. Type the license server ID provided by the customer service representative and click Next. This activates your license server. On the "Complete Terminal Server Activation Wizard" page, do one of the following XX: To install the client license key package for the license server, click Next. Install the client license according to the instructions in the Terminal Server Client Authorization Wizard. To install the client license key package later, click the "Now Start Terminal Server Client Authorization Wizard" check box, clear it, and then click Finish. Turn off the Terminal Server Authorization window.

After the troubleshooting license server is activated, it will become a regischer of the Terminal Services client license. In the waiting completion excitation "server, the deadline is up to 120 days. You can change the" Authorized Wizard "property, for example, using the connection method and company information set by" Terminal Server Authorization "during the activation process. To achieve this, please Follow these steps xx: Click Start, point to Administrative Tools, and then click the Terminal Server Authorization. In the console tree, expand "All Servers". Right-click the license server you want to modify, and then click Properties. "Terminal Server License Server Activation Wizard will start. In installation method, required information, and options in the optional information tab, then click OK. Turn off the Terminal Server Authorization window. Eight, in Windows Server Monitor Refresh Frequency How to change the monitor in 2003 How to change the new frequency for your monitor Click Start, point to Control Panel, and then click Display. You can also right click on the desktop, then click the Properties. Click the Settings tab, then single Click the Monitor tab. In the Refresh Frequency box, click the screen refresh frequency you want to use. Click OK, then click OK. Note: Although your monitor may support higher settings, But the default refresh frequency setting is determined by the hardware. For more information on the settings supported by your monitor, check the manufacturer documentation included in the monitor. If you use a higher refresh frequency, you can reduce the frequency of flashing. But If the refresh frequency you specify is too high for the monitor, the screen may become unused, and your hardware may be damaged. Changing the refresh frequency affects all users logged in to the computer.

How to change the monitor when displaying blurred (unclear) If the computer displays blur, or you cannot view the screen content, it may be because the display setting configuration of the monitor refresh frequency is incorrect. To diagnose and resolve this issue, start the computer by launching the option using Enabling VGA mode, and then change the refresh frequency to use the correct settings. When you start your computer in VGA mode, you will use the lowest screen resolution, color depth, and refresh frequencies to load the currently installed in your computer. To boot your computer in VGA mode, use one of the following: Use the Enable VGA Mode to restart your computer. When you see "Please select the XX Make System" message to start, press the F8 key. In the Windows Advanced Options menu, use the arrow keys to select Enable VGA mode and press Enter. If you want to use a double boot or multi-boot computer, select Microsoft Windows Server 2003 and press Enter. Log in to the computer, then follow the steps described in the section "How to change the Frequency" section in front of this article to perform XX work. Use the / basevideo switch in the boot.ini file You can also enforce your computer to start in the VGA mode by configuring the boot.ini file. To achieve this, edit the boot.ini to include / basevideo switches. This setting corresponds to the enabled VGA mode startup item. After starting your computer and logs in, according to the step xx described in the section "How to change the Frequency" section above, to change the frequency of the monitor. Nine, change the IP address of the network adapter in Windows Server 2003

Summary This article describes how to change the IP address that has been assigned to the network adapter. If your network has the "Dynamic Host Configuration Protocol" (DHCP) server, the IP address is automatically assigned, otherwise you can specify an IP address. How to change the IP address assigned to the network adapter Using the administrator account to log in to your computer. Click Start, point to Control Panel, point to Network Connections, and then click the local connection you want to modify. In the Connection Status dialog box, click Properties. Right-click on the local connection you want, and then click Properties. The Local Network Connection Properties dialog box appears. In "This connection uses the following item" box, click Internet Protocol (TCP / IP), and then click Properties. The Internet Protocol (TCP / IP) Properties dialog appears on the screen. Continue to perform the steps in one of the following two sections (selected according to your environment). How to automatically get an IP address follows the steps to configure a computer to get an IP address from the DHCP server. Note that you must have a DHCP server. Click Auto Get IP Address. If you don't want to specify the IP address of the Domain Name System (DNS) server, click Auto Get DNS Server Address. Click OK. In the Local Connection Properties dialog, click Close. In the Local Connection Status dialog, click Close. Click Start, then click Run. In the open box, type CMD, then click OK. At the command prompt, type ipconfig / release, then press ENTER. Type ipconfig / renew and press Enter. The DHCP server will assign an IP address to the network adapter and you will see a message like this: Windows .NET IP Configuration

Ethernet Adapter Local Area Connection:

......... Feet.............................. 192.168.0.1............

Type EXIT, press ENTER to exit command prompts.

How to specify an IP address to assign an IP address to the network adapter, follow these step xx: If you want to assign an IP address to the network adapter, click "Use the IP Address below". In the IP Address box, type the IP address that you want to assign to this network adapter. This IP address must be unique in the available address range of your network. Please contact your network administrator to get a list of valid IP addresses for your network. In the Subnet Mask box, type the subnet mask of your network. In the Default Gates box, type the IP address of your network to another network or Internet in the network. In the Preferred DNS Server box, type the IP address of the computer that resolves the host name as the IP address. In the Alternate DNS Server box, type the IP address of the DNS computer you want to use when the preferred DNS server is not available. Click OK. In the local connection properties dialog box, click Close. In the Local Connection Status dialog, click Close.

Troubleshooting IP address has conflicts: If you try to assign an IP address that has been occupied, you will see the following error message:

The Static IP Address That Was Just Configured IS Already in The Network.please Reconfigure A Different IP Address. Your computer cannot connect to other computers on the network: if an incorrect subnet mask address is assigned to the network adapter, Then, the computer is actually in another network, so you can't connect to other computers on the network. Your computer cannot connect to other computers using the host name: If an incorrect DNS server IP address is assigned, or if you do not use the DNS server, you cannot connect to these computers using the host names of other computers. This way you will not be able to browse the Internet. You can use the IP address of other computers to them. To work around this issue in the local network, you can add LPT ports in Windows Server 2003 in Windows Server 2003.

SUMMARY This article explains how to add additional LPT ports in a computer based on Microsoft Windows Server 2003.

By default, there are 3 LPT available ports in Windows Server 2003, which are LPT1, LPT2, and LPT3. You can add additional LPT port until LPT9. After adding an additional LPT port, the port is displayed in the Add Printer Wizard as the available printer port.

How to add additional LPT ports Click Start, and then click Run. WARNING: "Registry Editor" can cause serious problems, these issues may need to reinstall the XX as system. Microsoft does not guarantee the problem that the "Registry Editor" uses improper use. Use Registry Editor at your own risk.

Type Regedit in the Open box, then click OK. Find and click the following registry key: HKEY_LOCAL_MACHINE / SOFTWARE / Microsoft / Windows NT / CURRENTVERSION / PORTS Current LPT port is displayed in the right pane. On the Edit menu, point to New, then click the string value. Type a new value name. To do this, type LPT #, where # is the serial number of the LPT port to add, then press Enter. For example, type LPT4. On the File menu, click Exit Exit The Registry Editor. Click Start, then click Run. Type CMD in the Open box, then click OK. Stop then restart the spool service. To do this, type the following command at the command prompt, press Enter after each line: NET Stop Spooler Net Start Spooler

Type an exit exit command prompt.

XI, configure DNS in the new working group environment in Windows Server 2003

SUMMARY This step-by-step guide is facing a new working group without a Domain Name System (DNS) server. With DNS servers, users can use friendly names with resources. "Friendly" name is a simple English name representing network resources. You can use the DNS name to publish and naming all networked resources in the workgroup.

Installing the DNS service Before configuring, you must install DNS service on the server. By default, DNS is not installed during the installation of Windows Server 2003. You can install DNS after or after the installation process. How to install the DNS service on an existing server Click Start, point to Control Panel, and then click Change or Remove Programs. Click Add / Remove Windows Components. In the list of components, click Network (but do not select or clear the check box), then click Details. Click the Domain Name System (DNS) check box, select it, and then click OK. Click Next. When prompted, insert the Windows Server 2003 CD-ROM into the computer's CD-ROM drive or DVD-ROM drive. When the installation is complete, in the Finish Windows Component Wizard page, click Finish. Click Close to close the Add or Remove Programs window. How to install the DNS service during the installation process To install DNS during the initial installation of Windows Server 2003, please prompt you to install and configure Windows components, follow this article "How to Install DNS Service on Existing Servers" in this article Step 3 and 4 perform XX work. Configuring the DNS server to run correctly, the DNS server requires a positive search area so that its local domain is a host recorded by the locator. The forward search area contains the information necessary to analyze the names in the DNS domain. You may also need to configure the reverse search area so that the user can determine its name according to the IP address of the local resource. In addition, in order to simplify the management of DNS services as much as possible, you should configure these regions to accept dynamic updates.

After installing the DNS service, use the Configure DNS Server Wizard to configure DNS services.

How to configure DNS services Click Start, point to Administrative Tools, and then click DNS. Right-click the server name, where the server name is the name of the server, and then click Configure the DNS server.

"Configuring DNS Server Wizard" will start. Click the DNS list, read the DNS list, and then click Next. Based on the role of the DNS server, click Next, click Next: Create a forward search area (recommended for small networks). Use this option for a small network that uses Active Directory or use Internet Service Provider (ISP) to resolve DNS name queries. By using this option, you can: create a DNS area for the DNS domain used by the Active Directory domain used by your network. Create a second area for the DNS area carried by the DNS server in your ISP. Create a forward and reverse search area (recommended for large networks). Use this option if you want to add a DNS server to a large network that has a DNS structure. By using this option, you can: Create a forward and reverse area to resolve queries in the DNS domain of your DNS namespace. Specifies that the DNS server is used as a transponder, and the name query that this DNS server cannot answer will be sent here. Specify a replication range for the area you want to create (if this DNS is running on the Active Directory domain controller). Specifies that the DNS server is used as a transponder, and the name query that this DNS server cannot answer will be sent here. Configure dynamic updates to the area you want to create. Only the root prompt is configured (only the advanced user is recommended for this XX). Use this option if you want to create a pure forward DNS server, or you want to add a root prompt to the DNS server that is currently configured with the area and the repeater. Follow the instructions on the balance of the wizard to configure your DNS server. How to configure a forward search area to allow dynamic updates to configure a new forward search area, configure these areas to allow dynamic updates (if you are not used)

Click Start, point to Administrative Tools, and then click DNS. Expand the server name, where the server name is the name of the server and then expands the forward search area. Right-click the forward search area created for your domain and click Properties. Click General tab, click Yes, and then click OK.

12. Assign a login script to the local user profile in Windows Server 2003

SUMMARY This article describes how to assign a login script in the configuration files for the local user account in Windows Server 2003. This login script runs when you log in to your computer locally. This login script does not run when the user logs in to the domain.

Note: You must log in as a member of the administrator or administrator group to complete this step. If your computer is connected, the network policy settings may also make you unable to complete this process.

How to assign the login script to the User Profile Click Start, point to Administrative Tool, and then click Computer Management. In the console tree, expand Local Users and Groups, and then click Users. In the right pane, right-click the desired user account and click Properties. Click the Profile tab. In the Login Script box, type the file name of the login script (if needed, type the relative path).

Note: If the login script is stored in the subfolder of the default login script path, add the relative path of the folder before the file name. For example, if the startup.bat login script is stored in // Computer Name / NetLogon / Folder Name £? Please type folder name /startup.bat. Click Apply, and then click OK. Note: The login script stored on the local computer is only available to users who log in to the local computer. The local login script must be stored in a folder using the "NetLogon" shared name, or must be stored in the subfolder of the NetLogon folder. The default location of the local login script is the SystemRoot / System32 / RESTEMROOTS / SCRIPTS folder. This folder is not created in the new installed Windows. Therefore, you must create and share the SystemRoot / System32 / REPL / IMPORTS / Scripts folder by using the "Netlogon" shared name. If you don't want to create a "NetLogon" shared by default, place the login script in any folder that the user can access during the login process and share this folder. Thirteen, configure the NAT server in Windows Server 2003

SUMMARY This article describes how to configure the Network Address Translation (NAT) server by using Windows Server 2003. Windows Server 2003 "Routing and Remote Access" services include NAT routing protocols. If you install NAT routing protocols on a server running "Routing and Remote Access", the internal network client using a dedicated Internet Protocol (IP) address can access the Internet via the external interface of the NAT server.

How to configure routing and remote access NAT Server When the internal network client sends a request to connect to the Internet, the NAT protocol driver intercepts the request and forwards it to the target Internet server. All requests look like an external IP address from the NAT server. This hides your internal IP address configuration.

Configuring "Routing and Remote Access" NAT Server: In the Administrative Tools menu, click Routing and Remote Access. In "Routing and Remote Access" MMC, expand your server name (where the server name is the name you want to configure the server, then expand the IP route in the left pane. Right-click General, and then click New Routing Protocol. Single Tap NAT / Basic Firewall check box, select it, and then click OK. Right-click the NAT / Basic Firewall in the left pane, and then click the New Interface. Click the interface indicating the internal network interface, then click OK In the Network Address Conversion Properties, click the "Private Interface Connect to Private Network", then click OK. Right-click the NAT / Basic Firewall in the left pane, and then click New Interface. Click to represent the external network Interface of the interface, then click OK. In the Network Address Translation property, click the "Public Interface Connect to the Internet". Click "Enabling the NAT" check box on this interface, select it, and then click OK The NAT server can automatically assign an IP address for the internal network client. If you do not have the DHCP server that has been assigned address information on the home network, you may need to use this feature.

How to configure routing and remote access NAT servers to assign IP addresses and execute proxy DNS Query NAT servers can also perform a domain name system (DNS) query on behalf of the NAT client. "Routing and Remote Access" NAT server parsed the Internet hostname included in the client request and then forwarding the IP address to the client.

To configure the Routing and Remote Access NAT server to assign an IP address and represent the internal network client execution proxy DNS query, follow these step xx: Right-click the NAT / Basic Firewall in the left pane, and then click Properties. Click Address Assignment tab, and then click the "Automatically Assign IP Address" check box to use the DHCP. In the IP address box, type the network ID. In the mask box, type the subnet mask. Click the Name Resolution tab, and then click Use the Domain Name System (DNS) to check boxes. If you are connected to the Internet using the request dial interface, click "Connect to the Public Network" check box when the name needs to be parsed, will be selected. In the request dial-up interface box, click the interface you want to dial. Click Apply, and then click OK. Note: After completing these basic configuration steps, the internal network client can access the server on the Internet.

How to configure Windows Server 2003-based computers to use the NAT server to start, point to the Control Panel, point to Network Connections, and then click Locally. Click Properties. Click Internet Protocol (TCP / IP). Click Properties. In the Default Gateway box, type the internal IP address of the NAT server.

Note: If your computer receives its IP address from the Dynamic Host Configuration Protocol (DHCP) server, click Advanced, click the IP Settings tab, click Add, Type the internal IP address of the NAT server, click Add, click OK, then proceed to step 6. Click OK, click OK, and then click Close.

Fourteen, configure the printer and print server settings in Windows Server 2003

Summary This article describes how to configure printers and print server settings in Windows Server 2003. It also describes how to perform some of the more common management tasks, for example, how to configure a separate page and print notifications.

Configuring printer settings is performed in the printer properties of the printer, configuring print server settings are made in the print server properties. You must log in as a member of the administrator or administrator group to perform these steps.

How to configure printer settings Please note that for different printers, options you can configure may vary. This section describes how to configure general settings available in most printers. Click Start, and then click Print and Fax. Right-click the printer you want to configure and click Properties. You can configure the options you want using any of the following methods (how appropriate): Configuring Separation: Click the Advanced tab, and then click Separator. To add a separate page, type the path to the file you want to use as a file from the Separation page, and then click OK. Or, click Browse, find the file you want to use, click Open, and then click OK. To delete a separator, delete an entry in the Sneakers box, then click OK. Configure the print processor: Click the Advanced tab, and then click the Print Processor. In the Default Data Type box, click the type of data you want to use, and then click OK. Add printer drivers for Windows other versions: Click the Shared Tab, and then click Other Drivers. Click the check box next to the driver you want to add, select it, and then click OK. Modify User Access Permissions: Click the Security tab, then do one of the following XX: To change the privileges of existing users or groups, click Group or User Name list, click the group you want to modify its permissions or user. To configure permissions for new users or groups, click Add. In the Select User or Group dialog box, type the name of the user or group you want to set permissions, and then click OK. In the user or group's permission list, click the Allow check box next to the permissions you want to Allow, select it, or click the rejection check box next to the permissions you want to reject, and select it. Or, to delete a user or group from the Group or User Name list, click Remove. Click OK. How to Configure Printer Server Settings This section describes some of the common print server settings you can configure. Click Start, and then click Print and Fax. On the File menu, click Server Properties. You can configure the options you want using any of the following methods (as needed): Configure the port settings of the printer: Click the Port tab. To configure port, click the port you want to configure in the Port of this Server, and then click Configure Port. Type the number of seconds in the transfer retry box (if the printer is lost to reach this second, you will get notifications), then click OK. To add a new port, click Add Port, and then click the Port Type you want to add in the "Available Port Type" box, then click the new port. Type the name you want to specify to the new port in the Enter Port Name box, and then click OK. To delete a port, click the port you want to delete in the "Port of this server" box, click Remove Port, and then click Yes, confirm the deletion. Add, delete, or reinstall the current printer driver: Click the Driver tab. In the Installation Printer Driver box, click the driver you want to modify, then click Add, Remove, or Reinstall (as needed). Add, delete, or reinstall the printer driver according to the description displayed on the screen. Turn the printer notification in or off:

Click the Advanced tab, and then click the "Remote Document Print Complete Notification" check box to select or clear it.

Click the Advanced tab. Click the check box next to the records you want to record the check box next to the Backup Options (or multiple options), select or clear it. Click OK.

Fifteen, use the Sysprep Tool to Clear the page file before the image is created in the Windows Server 2003 Series products

SUMMARY This article describes how to use the Microsoft Sysprep tool to automatically complete the deletion of page files (to reduce the overall size of the reproduction image) before creating a Windows Server 2003 image. Note: Microsoft recommends that you do not use sysprep on the domain controller.

WARNING: "Registry Editor" can cause serious problems, these issues may need to reinstall the XX as system. Microsoft does not guarantee the problem that the "Registry Editor" uses improper use. Use Registry Editor at your own risk.

To use sysprep to complete the deletion of page files before creating a Windows Server 2003 image, use one of the following methods.

Method 1 Start the Registry Editor (regedit.exe). Find pagingfiles values ​​in the following registry key: hkey_local_machine / system / currentcontrolset / control / session manager / memory management

Double-click the PagingFiles value, then type the following: c: /pagefile.sys 0 0

Click OK. Exit Registry Editor". Run sysprep. The registry settings in Method 1 will force Windows to delete page files when you turn Windows. You can then use your favorite way to create a mounting partition image and deploy it to the target computer. During the first guidance of the target system, the page file settings above it will match the size to the memory module of the new system after deployment.

Method 2 Create a registry (.reg) file called Zeropage.Reg using any of the following procedures: Start the Registry Editor (regedit.exe). Find pagingfiles values ​​in the following registry key: hkey_local_machine / system / currentcontrolset / control / session manager / memory management

Double-click the PagingFiles value, then type the following: c: /pagefile.sys 0 0

Click OK. On the File menu, click Export, and then export this item to a file named Zeropage.REG. Exit Registry Editor". - or -

Copy the following text into a .reg file named Zeropage.reg: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE / SYSTEM / CurrentControlSet / Control / Session Manager / Memory Management] "PagingFiles" = hex (7): 43,00,3a 00, 5C, 00, 70, 100, 61, 67, 100, 65, 100, 66, 69, 100, 6C, / 00, 65, 0, 2E, 00, 73, 100, 79, 00, 73, 200, 20, 30, 200, 20, 30, 100, 100, 100,000

Copy the following text and any other sysprep command line parameters to a batch file named sysprep.cmd: regedit / s A: /ZEROPAGE.REG A: / SYSPREP -NOREBOOT -PNP

The new computer memory matching on the standard computer.

XVI, add components and programs to your computer in Windows Server 2003 series products

Summary This article describes how to add a program and a Windows component to a Windows Server 2003-based computer.

The Add or Remove Programs tool helps you manage programs on your computer. With this tool, you can add new programs or changes to delete existing programs. You can also use the Add or Remove Programs tool to add your Windows Server 2003 components that are not installed during initial installation. How to install the Windows component to log in to your computer as a member of the Administrator or "Administrator" group. Click Start, point to Control Panel, and then click Add or Remove Programs. Click Add / Remove Windows Components. The Windows Components page of the Windows Component Wizard appears on the screen, the following components are listed in the component list (Windows components displayed in this list may vary depending on the version of Windows Server 2003): attachments and Tool Certificate Service Fax Services Index Services Internet Explorer Internet Information Services (IIS) Administration and Monitoring Tool Message Queue Network Services Other Network Files and Print Services POP3 Services Remote Installation Services Remote Storage Terminal Server Terminal Server Authorized UDDI Services Update Root Category Certificate Windows Media service

To add a component, click the appropriate check box to select it. To delete a component, click the appropriate check box to clear it.

Remarks: The box with a shading indicates that only part of the component can be installed. To view the contents of the component, click the component, and then click Details. Click the check box next to the subcaps you want to add, select it, and then click OK.

Note: If the details button (gray) cannot be used, the component does not have a subcomponent associated with it. Click Next. In accordance with the description of the remaining pages of the Windows Component Wizard, XX works. Click Close to close the Add or Remove Programs dialog. Note: You need to configure before using some Windows components. If one or more such components are installed, but do not configure them, when you click Add / Remove Windows Components, a list of components that must be configured will be displayed. To configure components, click Configure and follow the instructions on the screen XX. To add a new component, click Components, follow the instructions in the Windows Component Wizard to perform XX.

The installation example of the DHCP service logs in to the computer as a member of the "Administrator" or "Administrator" group. Click Start, point to Control Panel, and then click Add or Remove Programs. Click Add / Remove Windows Components. In the list of components, click Network (but do not select or clear the check box), then click Details. Click the "Dynamic Host Configuration Protocol (DHCP)" check box, select it (if not selected), then click OK. Click Next. When prompted, insert the Windows Server 2003 CD-ROM into your computer's CD-ROM or DVD-ROM drive.

The installer copies the DHCP server and tool files to your computer. When the installation is complete, click Finish the completion of the Windows Component Wizard page. Click Close to close the Add or Remove Programs dialog.

How to install the program To install the program, follow the steps below XX (if your situation). Log in from the CD-ROM or floppy disk installer as a member of the "Administrator" or "Administrator" group. Click Start, point to Control Panel, and then click Add or Remove Programs. Click Add new program. Click CD or floppy disk. Insert the floppy disk into the computer's floppy drive, or insert the CD-ROM into the computer's CD-ROM or DVD-ROM drive, and then click Next. Follow the instructions displayed on the screen for XX to install the program. Click Close to close the Add or Remove Programs dialog. Note: When using the Add / Remove Programs tool, you can only install the program written for the Windows XX as a system. Log in from the network installer as a member of the "Administrator" or "Administrator" group. Mode installation; program file has been deleted or corrupted; or you try to use the program functionality that is not installed during installation. If the program is installed from a CD-ROM, or you are no longer connected to the network, the Windows installer may prompt you to insert the CD-ROM or DVD-ROM drive. When the Windows installer is complete, the programs or feature attempt to use will be started.

17. Application Registry and File System ACL on a computer upgraded from Windows NT 4.0 to Windows Server 2003

SUMMARY This step-by-step guide describes how to apply Registry "Access Control List" (ACLS) and file system ACLs on a computer upgraded from Windows NT 4.0 to Windows Server 2003.

When upgrading Windows NT 4.0-based computers to Windows Server 2003, "Windows Installer" does not change the registry and file system

ACL. Windows Server 2003 allows for higher level security, and it is dealing with the registry and file system permissions. It is different from Windows NT 4.0. Microsoft recommends that you apply Windows 2003 ACL to your computer upgraded from Windows NT 4.0.

To apply registry and file system ACL, you can use the Security Configuration and Analysis management unit. Note that you must be a member of the "Administrators" group to perform this process.

How to apply the default system security settings on a computer upgraded from Windows NT 4.0 to Windows Server 2003 to log in as "Administrator" or "Administrators" group member. Click Start, click Run, type the MMC in the Open box, and then click OK. On the File menu, click Add / Delete Administration Unit. Click Add, Secure Configuration, and Analyze, Add, click Close, and then click OK. In the console tree, right-click Security Configuration and Analysis, and then click Open Database. Specify the name of the database (for example, UpGDBase) and location, and then click Open. In the Import Template dialog box appearing on the screen, click Set Security.inf, and then click Open. Right-click Secure Configuration and Analysis, and then click Analyze your computer now. In the Executation Analysis dialog box appearing on the screen, accept the default log file path displayed in the Error Log File Path box, or specify the required location, and then click OK.

This template security setting is compared to existing computer settings.

Note: At this point, you will not make any changes to your computer. The results of this process indicate what the security settings in the template are different from the actual system settings. When analyzing, expand the various components in the console tree, such as account policies, local policies, event logs, restricted groups, and system services. For each component expanded in step 10, view its security property item in the right pane of the policy column, and pay attention to the following: items with green selection indicates the current computer settings and databases Safety settings are the same. Items with red "X" indicates that the current computer settings are different from security settings in the database. This security attribute is not defined in the template if the green selection tag or red "X" is not displayed, and it is not analyzed. If you want to add or modify the database settings, right-click the security properties you want to add or modified, and then click Properties. Click "Define this Policy in the Database" check box, select (if not yet selected), make the desired changes to the policy settings, and then click OK.

Remarks: The Database Settings Column will display the security settings contained in the template, and the computer settings column displays the current settings of your computer. To configure your computer to use security settings in a database, right-click Secure Configuration and Analysis, and then click Configure your computer. In the Configuration System dialog box appearing on the screen, accept the default path and log file name, or type the required path and file name, then click OK.

The secure database configuration is applied to your computer.

Note: If there is a conflict between the database items and the existing security configuration on your computer unless you eliminate the difference between the two before configuring your computer, the existing project will be rewritten.

Eighth, apply local strategy to all users other than administrators in Windows Server 2003 in WINDOWS SERVER 2003 in Working Group

SUMMARY This article describes how to apply local policies to all users other than administrators on a WINDOWS Server 2003-based computer.

When using Windows Server 2003-based computers in Working Group Settings (rather than domain), you may need to implement local policies on this computer, which can be applied to all users of the computer, but are not applicable to administrators. With this exception, administrators can retain unlimited access to the computer and control, and can also limit users who can log in to the computer.

Applying local policies to all users other than administrators to implement local policies to all users other than administrators, perform the following steps: Log in to your computer as an administrator. Open local security policies. To achieve this, do one of the following XX:

Click Start, and then click Run, type gpedit.msc, and press Enter.

- or - click Start, click Run, type MMC, press Enter, add Group Policy Object Editor, and configure it for local security policies. If the delete run command is one of the strategies you need, Microsoft recommends that you edit the policy via "Microsoft Management Console" (MMC) and save the results as an icon. This way, you don't need to use the run command to reopen the policy. Expand the user configuration object and expand the management template object. Enable any policies you need (for example, "hidden 'online neighbor'" on your desktop "or hide the Internet Explorer icon on your desktop").

Note: Be sure to select the correct policy, otherwise you may limit the ability of the administrator to log in to your computer (and the steps required to configure your computer). Microsoft recommends that you record any changes made (this information is also used in step 10). Turn off the "GPEDIT.MSC Group Policy" management unit, or if you use MMC, save the console as an icon so you can access it later, then log out of your computer. Log in to your computer as an administrator. You can verify the previous policy changes in this login session, because the local policy is applied to all users, including administrators. Log in from your computer, then log in to your computer as all other users of this computer (you want them to apply these policies). These strategies are implemented for all of these users and administrators

of.

Note: These policies cannot be implemented for any user account that is not logged in to the computer in this step. Log in to your computer as an administrator. Click Start, point to Control Panel, and then click Folder Selection. Click View tab, click Show Hide Files or Folders, and then click OK to view the Group Policy Hide folder. Or, open the Windows Explorer, click Tool, and then click Folder option to view these settings. Copy the registry.pol file in the% SystemRoot% / System32 / GroupPolicy / User folder to the backup location (for example, copy to another hard drive, floppy disk or folder). Use the "GPEDIT.MSC Group Policy" management unit or your MMC icon to open the local policy again, then enable the actual features disabled in the original policy created by the computer.

Note: When you perform this XX, the Policy Editor creates a new registry.pol file. Turn off the policy editor and copy the backup registry.pol file created in step 10 to the% SystemRoot% / System32 / GroupPolicy / User folder.

When the system prompts replace the existing file, click Yes. Log out from your computer and log in as an administrator.

Since you are logged in to your computer as an administrator, you can verify that there is no change in the original changes. Log in from your computer and log in as other users.

Since you are logged in as a user (not administrator), you can verify that the original changes are implemented. Log in to the computer as an administrator to confirm that the local policy does not affect the computer as a local administrator.

Restore the original local policy To undo the process described in this article section describes the process described in all users other than the administrator ", perform the following steps: Log in to your computer as an administrator. Click Start, point to Control Panel, and then click Folder Selection. Click View tab, click Show Hide Files and Folders, and then click OK to view the Group Policy Hide folder. Or, open "Windows Explorer", click Tool, and then click the folder option. Move, rename or delete the registry.pol file from the% SystemRoot% / System32 / GroupPolicy / User folder.

After you log out or restart your computer from your computer, the Windows File Protection system creates another default registry.pol file. Open the local policy. To achieve this, click Start, click Run, and type GPEDIT.MSC. Or, click Start, click Run, type MMC, and then load local security policies. Then, all items set to disable or enable are set to unconfigured to undo any policy changes to the Windows Server2003 registry registry specified by the registry.pol file. Log out from the computer as an administrator and then log in to the computer as an administrator. Log in from the computer, then log in to the computer as all users of the local computer, which can also be revoked for their account to change the 19th, how to reset the Internet Protocol (TCP / IP) "in Windows Server 2003

Summary If you display this connection in the Local Connection property Using the Internet Protocol (TCP / IP) item in the list of items, you will find that the uninstall button is not available (disabled). This is because the Transmission Control Protocol / Internet Protocol (TCP / IP) stack is the core component of Microsoft Windows Server 2003 and cannot be deleted.

In some cases, you may need to reinstall the TCP / IP to restore the TCP / IP stack to the original state. You can reset the TCP / IP stack using the NetShell utility to restore the status of the initially installed XX as a system. MORE INFORMATION NETSHELL Utilities (NETSH) is a command line script writing tool that you can use to configure and monitor Windows Server 2003 networking. This tool provides an interactive network housing interface.

You can use the RESET command in the Internet Protocol (IP) context of this utility to override the following with TCP / IP-related registry key: system / currentcontrolset / services / tcpip / parameters / system / currentcontrolset / services / DHCP / parameters / The results of running this command are the same as deleting and reinstalling the TCP / IP protocol. Command Syntax Netsh INT IP RESET [LOG_FILE_NAME]

To reset the TCP / IP stack using the netsh command, you must specify the name of the log file of the log file. If any of the commands described in the "command example" section of this article, the TCP / IP stack in the current computer will be reset, and the XX active activity will be recorded to the resetlog.txt file specified in the command line. In the first example, the log file is created in the current folder; in the second example, the full path to the resetLog.txt log file is specified.

Note: If the name of the file is the same as the name of the existing log file in the destination folder, the information of the new log file is attached to the end of the existing file. Command Example The following example illustrates how to reset the TCP / IP protocol stack using the netsh command. Example 1 Click Start, and then click Run. Type CMD in the Open box, then click OK. Type the following command after the command prompt, then press ENTER: Netsh IP ResetLog.txt

Note: In the above command, "int" is an abbreviated form of the interface command. Type EXIT, then press ENTER. Example 2 Click Start, and then click Run. Type CMD in the Open box, then click OK. Type the following command after the command prompt, then press Enter: Netsh IP Reset C: /Restlog.txt

Type EXIT, then press ENTER. To see the help of the command, type space and type it? Other help on the available commands in the NetSH command sub context will be displayed. For example, to view the Netsh command described in the previous section, type the following command after the command prompt: Type Netsh?, Then press Enter. Type Netsh Int? And press Enter. Type NetSh INT IP?, Then press Enter. Type NetSh INT IP RESET? And press ENTER. Netsh IP Reset log file examples The following article is an example of a log file, which is generated by Netsh after running the IP reset command. The actual log file will vary depending on the computer that issues a command. Typically, if there is no original configuration of the TCP / IP registry key, no XX work is recorded in the file. RESET System / CurrentControlSet / Services / DHCP / Parameters / Options / 15 / RegLocationOLD REG_MULTI_SZ =

System / currentcontrolset / services / tcpip / parameters / interfaces /? / Dhcpdomain

System / CurrentControlset / Services / Tcpip / Parameters / DHCPDOMAIN

added SYSTEM / CurrentControlSet / Services / Netbt / Parameters / Interfaces / Tcpip_ {2DDD011E-B1B6-4886-87AC-B4E72693D10C} / NetbiosOptions added SYSTEM / CurrentControlSet / Services / Netbt / Parameters / Interfaces / Tcpip_ {BAA9D128-54BB-43F6-8922- 313D537BE03E} / NetbiosOptions reset SYSTEM / CurrentControlSet / Services / Netbt / Parameters / Interfaces / Tcpip_ {BD2859BA-B26A-4E2B-A3FE-3D246F90A81A} / NameServerList old REG_MULTI_SZ = 10.1.1.2

deleted SYSTEM / CurrentControlSet / Services / Netbt / Parameters / EnableLmhosts added SYSTEM / CurrentControlSet / Services / Tcpip / Parameters / Interfaces / {2DDD011E-B1B6-4886-87AC-B4E72693D10C} / AddressType added SYSTEM / CurrentControlSet / Services / Tcpip / Parameters / Interfaces / {2DDD011E-B1B6-4886-87AC-B4E72693D10C} / DefaultGatewayMetric added SYSTEM / CurrentControlSet / Services / Tcpip / Parameters / Interfaces / {2DDD011E-B1B6-4886-87AC-B4E72693D10C} / DisableDynamicUpdate deleted SYSTEM / CurrentControlSet / Services / Tcpip / Parameters / Interfaces / {2DDD011E-B1B6-4886-87AC-B4E72693D10C} / DontAddDefaultGateway reset SYSTEM / CurrentControlSet / Services / Tcpip / Parameters / Interfaces / {2DDD011E-B1B6-4886-87AC-B4E72693D10C} / EnableDhcp old REG_DWORD = 0added SYSTEM / CurrentControlSet / Services / Tcpip / Parameters / Interfaces / {2DDD011E-B1B6-4886-87AC-B4E72693D10C} / NameServer added SYSTEM / CurrentControlSet / Services / Tcpip / Parameters / Interfaces / {2DDD011E-B1B6-4886-87AC-B4E72693D10C} / RawIpAllowedProtocols added SYSTEM / CurrentControlset / Services / Tcpip / Parameters / Interfaces / {2DDD011E-B1B6-4886-87AC-B4E72693D10C} / TcpAllowedPorts added SYSTEM / CurrentControlSet / Services / Tcpip / Parameters / Interfaces / {2DDD011E-B1B6-4886-87AC-B4E72693D10C} / UdpAllowedPorts added SYSTEM / CurrentControlSet / Services / Tcpip / Parameters / Interfaces / {5B3675C3-6EB9-4936-B991-04DA31024C4E} / DisableDynamicUpdate reset SYSTEM / CurrentControlSet / Services / Tcpip / Parameters / Interfaces / {5B3675C3-6EB9-4936-B991-04DA31024C4E} / EnableDhcp old REG_DWORD = 0

RESET System / CurrentControlset / Services / TCPIP / Parameters / Interfaces / {5B3675C3-6EB9-4936-B991-04DA31024C4E} / ipaddress old reg_multi_sz = 12.12.12.12

Deleded System / CurrentControlSet / Services / TCPIP / Parameters / Interfaces / {5B3675C3-6EB9-4936-B991-04DA31024C4E}

/ IpAutoconfigurationAddress deleted SYSTEM / CurrentControlSet / Services / Tcpip / Parameters / Interfaces / {5B3675C3-6EB9-4936-B991-04DA31024C4E} / IpAutoconfigurationMask deleted SYSTEM / CurrentControlSet / Services / Tcpip / Parameters / Interfaces / {5B3675C3-6EB9-4936-B991- 04DA31024C4E} / IpAutoconfigurationSeed reset SYSTEM / CurrentControlSet / Services / Tcpip / Parameters / Interfaces / {5B3675C3-6EB9-4936-B991-04DA31024C4E} / RawIpAllowedProtocols old REG_MULTI_SZ = 0reset SYSTEM / CurrentControlSet / Services / Tcpip / Parameters / Interfaces / {5B3675C3-6EB9 -4936-b991-04da31024c4e} / subnetmask ild reg_multi_sz = 255.255.255.0

Reset system / currentcontrolset / services / tcpip / parameters / interfaces / {5b3675c3-6eb9-4936-b991-04da31024c4e} / tcpallowedports Old reg_multi_sz = 0

RESET SYSTEM / CURRENTCONTROLSET / SERVICES / TCPIP / Parameters / Interfaces / {5B3675C3-6EB9-4936-B991-04DA31024C4E} / udpallowedports Old Reg_Multi_SZ = 0

added SYSTEM / CurrentControlSet / Services / Tcpip / Parameters / Interfaces / {BAA9D128-54BB-43F6-8922-313D537BE03E} / AddressType added SYSTEM / CurrentControlSet / Services / Tcpip / Parameters / Interfaces / {BAA9D128-54BB-43F6-8922-313D537BE03E} / DefaultGatewayMetric added SYSTEM / CurrentControlSet / Services / Tcpip / Parameters / Interfaces / {BAA9D128-54BB-43F6-8922-313D537BE03E} / DisableDynamicUpdate deleted SYSTEM / CurrentControlSet / Services / Tcpip / Parameters / Interfaces / {BAA9D128-54BB-43F6-8922- 313D537BE03E} / DontAddDefaultGateway reset SYSTEM / CurrentControlSet / Services / Tcpip / Parameters / Interfaces / {BAA9D128-54BB-43F6-8922-313D537BE03E} / EnableDhcp old REG_DWORD = 0

added SYSTEM / CurrentControlSet / Services / Tcpip / Parameters / Interfaces / {BAA9D128-54BB-43F6-8922-313D537BE03E} / NameServer added SYSTEM / CurrentControlSet / Services / Tcpip / Parameters / Interfaces / {BAA9D128-54BB-43F6-8922-313D537BE03E} / RawIpAllowedProtocols added SYSTEM / CurrentControlSet / Services / Tcpip / Parameters / Interfaces / {BAA9D128-54BB-43F6-8922-313D537BE03E} / TcpAllowedPorts added SYSTEM / CurrentControlSet / Services / Tcpip / Parameters / Interfaces / {BAA9D128-54BB-43F6-8922- 313D537BE03E} / UdpAllowedPorts reset SYSTEM / CurrentControlSet / Services / Tcpip / Parameters / Interfaces / {BD2859BA-B26A-4E2B-A3FE-3D246F90A81A} / DefaultGateway old REG_MULTI_SZ = 10.1.1.2reset SYSTEM / CurrentControlSet / Services / Tcpip / Parameters / Interfaces / { BD2859BA-B26A-4E2B-A3FE-3D246F90A81A} / defaultgatewayMetric Old reg_multi_sz = 0

added SYSTEM / CurrentControlSet / Services / Tcpip / Parameters / Interfaces / {BD2859BA-B26A-4E2B-A3FE-3D246F90A81A} / DisableDynamicUpdate reset SYSTEM / CurrentControlSet / Services / Tcpip / Parameters / Interfaces / {BD2859BA-B26A-4E2B-A3FE-3D246F90A81A} / Enabledhcp old reg_dword = 0

RESET System / CurrentControlSet / Services / TCPIP / parameters / Interfaces / {BD2859BA-B26A-4E2B-A3FE-3D246F90A81A} / ipaddress old reg_multi_sz = 10.1.1.1

Deleded System / CurrentControlSet / Services / TCPIP / Parameters / Interfaces / {BD2859BA-B26A-4E2B-A3FE-3D246F90A81A}

/ IpAutoconfigurationAddress deleted SYSTEM / CurrentControlSet / Services / Tcpip / Parameters / Interfaces / {BD2859BA-B26A-4E2B-A3FE-3D246F90A81A} / IpAutoconfigurationMask deleted SYSTEM / CurrentControlSet / Services / Tcpip / Parameters / Interfaces / {BD2859BA-B26A-4E2B-A3FE- 3D246F90A81A} / IpAutoconfigurationSeed reset SYSTEM / CurrentControlSet / Services / Tcpip / Parameters / Interfaces / {BD2859BA-B26A-4E2B-A3FE-3D246F90A81A} / NameServer old REG_SZ = 10.1.1.2,10.1.1.3reset SYSTEM / CurrentControlSet / Services / Tcpip / Parameters / Interfaces / {BD2859BA-B26A-4E2B-A3FE-3D246F90A81A} / RawipAllowedProtocols Old Reg_Multi_SZ = 0

RESET SYSTEM / CURRENTCONTROLSET / SERVICES / TCPIP / Parameters / Interfaces / {BD2859BA-B26A-4E2B-A3FE-3D246F90A81A} / SubnetMask Old REG_MULTI_SZ = 255.255.255.0

RESET System / CurrentControlset / Services / TCPIP / Parameters / Interfaces / {BD2859BA-B26A-4E2B-A3FE-3D246F90A81A} / tcpallowedports Old Reg_Multi_SZ = 0

RESET System / CurrentControlset / Services / TCPIP / Parameters / Interfaces / {BD2859BA-B26A-4E2B-A3FE-3D246F90A81A} / udpallowedports Old Reg_Multi_SZ = 0

deleted SYSTEM / CurrentControlSet / Services / Tcpip / Parameters / DontAddDefaultGatewayDefau lt deleted SYSTEM / CurrentControlSet / Services / Tcpip / Parameters / EnableIcmpRedirect deleted SYSTEM / CurrentControlSet / Services / Tcpip / Parameters / EnableSecurityFiltersdeleted SYSTEM / CurrentControlSet / Services / Tcpip

/ Parameters / searchlist deleted system / currentcontrolset / services / tcpip / parameters / usedomainNameDevolution

Twenty, how to add custom user settings in Windows Server 2003 when running Sysprep

SUMMARY This article describes how to add custom user settings when running the Sysprep.exe.

When running sysprep.exe, some user settings cannot be captured in the .reg file and apply when the installer is complete, and cannot write scripts for these settings and apply them to all new users. To resolve this issue, copy the custom user settings to the "Default User" profile before running Sysprep.exe.

To perform the steps described in this section, your system must meet the following conditions: Windows Server 2003 is fully installed to your computer and can run normally. The computer is not part of a certain domain. All user programs have been pre-installed and can be run normally. Remarks: If the client's desktop settings are stored in the user's configuration file, you can use the procedures described in this section to define any of these settings. For example, you can use this procedure to configure the Auto Hidden Tasklet option and "Show Small Icon" options in the 'Start' menu. You cannot use this procedure to customize the settings stored outside the user profile. Use the following procedure to deploy custom power option settings for all new users.

Creating a test user using administrator privileges Log in to your computer as local administrator. Click Start, right-click My Computer, and then click Manage.

Note: If Active Directory is installed, the Local User and Group tool in the Computer Management console is disabled. If you want to perform this procedure from a domain controller computer with Active Directory, you must create a new user account through the "Active Directory User and Computer". Click Local Users and Groups, right-click the user, and then click New User. Type Testuser in the "User Name" box, type your password, click the "User Log in" check box, clear it, and then click Create. Turn off the New User dialog box. In the Local User and Group, click Group, double-click Administrator, and then click Add. Type Testuser and click OK. Click OK to close the Administrator Properties dialog. Turn off the Computer Management console.

To test the user to create a custom settings to log in to the computer as Testuser. Click Start, point to Control Panel, and then click Power Options. Set the settings for monitoring, hard drives, standby, and sleep, etc. to be used as the default settings of all users. Note: You can make additional customization as needed. These specific settings are just an example

Copy the profile folder of the test user to the default user profile file folder pin TestUser account and log in again as an administrator. Right-click Start, and then click Resource Manager to launch "Windows Explorer". On the Tools menu, click the Folder option, and then click the View tab. In the Advanced Settings box, click the Show Hide Files and Folders check boxes, select it. Exit "Windows Explorer". Right-click on my computer and click Properties. Click the Advanced tab, and then in the User Profile section, click Settings. Click the Testuser account and click Copy to. Type C: / Documents and Settings / Default User in the Path box, or click Browse to find the "default user folder". Click Change in the Allowed Use section. Type EVERYONE and click OK. Click OK in Copy to the dialog, then click Yes, confirm this XX. Click OK to close the User Profile dialog. Right-click on my computer and click Manage. Click Local User and Group, click the user, click the Testuser account, and then delete it. Turn off the Computer Management console. Be prepared to start the sysprep process after you are ready.

Twenty-one, how to disable the NetBt agent for incoming connections

SUMMARY By default, the NetBIOS agent is enabled on the incoming Remote Access Service (RAS) or Virtual Dedicated Network (VPN) connection on Windows XP and Windows Server 2003 systems. This setting allows the RAS client to parse the NetBIOS name in its connected local area network (LAN). On a computer configured as a RAS or VPN server, if you run the IPConfig / all command from the command housing, the WINS Proxy Enabled value is set to YES. In some cases, you may need to disable this setting. MORE INFORMATION After enabling incoming connection settings, the enableProxy value is set to 2. Remarks: EnableProxy value is in the following registry location: hkey_local_machine / system / currentcontrolset / service / net / parameters / enablep roxy

To disable the NetBIOS agent on the RAS or VPN server, follow the steps below XX.

WARNING: "Registry Editor" can cause serious problems, these issues may need to reinstall the XX Process Registry Editor "requires you to bother.

Start the Registry Editor (Regedit.exe). Find and click on the registry key: hkey_local_machine / system / currentcontrolset / services / remoteAccess / parameters / ip / enablenebtbcastfwd

Change the enablenebtbcastfwd value to 0. Exit Registry Editor". Restart your computer.

Twenty-two, configure the computer that runs Windows Server 2003 as a web server

Summary This step-by-step guide describes how to settle in the Windows Server 2003 environment? NBSP; WWW server.

Installing Internet Information Services Microsoft Internet Information Services (IIS) is a web service integrated with Windows Server 2003.

To install IIS, add an optional component or delete an optional component, follow these step xx: Click Start, point to Control Panel, and then click Add or Remove Programs.

"Add or Remove Programs" tools will start. Click Add / Remove Windows Components.

Displays "Windows Component Wizard". In the WINDOWS component list, click the web application server. Click Details, then click Internet Information Services (IIS). Click Details to view the IIS Optional Component List. Select the optional components you want to install. By default, the following components are selected: public file FrontPage 2002 Server Extensions Internet Information Services Management Unit Internet Information Services Manager NNTP Service SMTP Service World Wide Web Services

Click World Wide Web Services, then click Details to view the list of IIS options (such as Active Server Pages Components, "Remote Management (HTML) tools"). Select the options you want to install. By default, the following components are selected: World Wide Web Services

Click OK until returns "Windows Component Wizard". Click Next and complete the Windows Component Wizard.

Configuring anonymous authentication To configure anonymous authentication, follow these step xx: Click Start, point to Administrative Tools, and then click Internet Information Services (IIS). Expand "* Server Name" (where the server name is the name of the server), right-click the Web site, and then click Properties. In the Web Site Properties dialog box, click the Directory Security tab. Under "Authentication and Access Control", click Edit. Click the Enable Anonym Access check box to select it. Note: The user account in the User Name box is only used to do anonymous access via a Windows Guest account.

By default, the server creates and uses the account IUSR_CompUtername. The anonymous user account password is only used in Windows; anonymous users do not log in with the username and password. Under "Verified Identity Access", click the Integrated Windows Authentication check box to select it. Click OK twice.

Basic Web Site Configuration Click Start, point to Administrative Tools, and then click Internet Information Services (IIS). Expand "* Server Name" (where the server name is the name of the server), then expand the Web site. Right-click the default Web site and click Properties. Click the Web Site tab. If you have assigned multiple IP addresses for your computer, click the IP address you want to specify to this Web site in the IP address box. Click the Performance tab. Use the Web Site Properties-Performance dialog to set properties that affect memory, bandwidth usage, and web connections.

By configuring a network bandwidth on a particular site, you can better control the traffic of the site. For example, by limiting bandwidth on a low priority Web site, you can relax restrictions on access to his site. Similarly, when you specify the number of connections to a Web site, you can release resources for other sites. Setting is dedicated to the site, should be adjusted according to network traffic and use change. Click Restriction Use Band Width to this Web Site check box, select IIS to adjust the network bandwidth to the selected maximum bandwidth, in kilobytes per second (Kb / s). Click the Web Service Connection check box, select it, select a specific number or unlimited number of Web service connections. Limit connections allow computer resources to be used in other processes.

Note: Each client browsing the web site is usually used to use approximately three connections. Click the Main Directory tab. If you want to use the web content stored on the local computer, click "Directory on this computer" and then type the path you want in the local path box. For example, the default path is c: / inetpub / wwwroot.

Note: To increase security, do not create a web content folder in the root directory. If you want to use the web content stored on another computer, click "Sharing Location on another computer" and type the desired location in the displayed network directory box. If you want to use the Web content stored in another web address, click "Redirection to URL" and then type the desired location in the "Redirection to" box. Under "Customers," click the appropriate check box to select it.

SUMMARY This step-by-step guide describes how to configure Windows Server 2003-based servers to inform you when your computer resources are not enough. The program in Windows Server 2003 defines the performance data it collected from objects, counters, and instances. Performance objects are any resources, programs, or services that can be measured. You can use the System Monitor and Performance Logs and alert to select performance objects, counters, and instances to collect and display system components or installed software performance data.

You can set alert on the counter so that the message, startup program or startup log can be sent when the value of the counter exceeds or below the specified setting. How to add a counter to the system monitor Click Start, point to Administrative Tool, and then click Performance. If you select an object on a remote computer, there may be a short delay when the System Monitor refreshes the list to reflect the existing object in your computer. Right-click the Details pane of System Monitor, and then click Add Counter. To monitor any computer that is running the monitoring console, click Use the Local Computer Counter. Or, if you want to monitor a particular computer, no matter where the monitoring console is

OK, click "From Computer Select Counters" and specify the computer name. Under Performance Object, click Objects you want to monitor. The processor object is selected by default. Click all counters, or click Select the counter from the list, and then click a list item. Click Add.

How to define a counter and alert threshold Click Start, point to Administrative Tools, and then click Performance. Double-click "Performance Logs and Alert" and then click the alert. Right-click the alert, click New Alert Settings, type a name for the alert, and then click OK. Click General tab to type a descriptive comment for this alert, and then click Add. Perform the following steps for each counter or counter group to be added to the log: To monitor the counter from a computer running the Performance Log and Alert service, click Use the Local Computer Counter.

Alternatively, you have to monitor the counter from a specific computer, regardless of where the service is running, click Computer Select Counters, and specify the name of the computer you want to monitor. Below "Performance Objects", select the object you want to monitor. Then select one or more counters to be monitored. To monitor all instances of the selected counter, click All instances. Note that binary logs may contain instances that are not available when log starts but then becomes available. Alternatively, to monitor a particular instance of the selected counter, click "From List Select Instance" and click one or more instances to be monitored. Click Add, then click Close. In the departure alert, if the value is in the box, click less than or greater than. In the limit as the box, specify the value of the triggered alert. In the Data Sampling Interval box, specify the value and the unit of measurement of the update interval. Click the XX Tab to determine the XX work that triggers the alarm. To log alert in the Event Viewer log, click the "Enter the Application Event Log" check box to select it. To send alert messages to your computer, click Send Network Information to the check box, select it, and type the name of the computer that you want to receive the alarm information. Click the Start Performance Data Log check box to select it to start the log file. If you want to start the program when you reach alert condition, click Execute this Program. You can type the path of the program or click Browse to manually select the program you want to use. Click the Planning tab and configure the appropriate settings to manually start or stop logging at the scheduled time.

How to choose the data to be monitored to monitor the following components in order: Memory Processor Disk Network The following list shows the minimum counter recommended for server monitoring. Note that when you check a specific resource, you should include other counters of the relevant performance object. Component: Disk is being monitored Performance: Usage to monitor counter: Physical disk / disk reads / sec (disk read / second) Physical disk / disk write / sec (disk write / second) logical disk /% Free Space (Available Space) You must carefully explain the% DISK TIME counter. Since the counter _Total instance may not reflect the usage on the multi-disk computer, it is important to use the% IDLE TIME counter. Note that these counters cannot display a value of more than 100%. Component: Disk is being monitored Performance: Bottleneck to monitor counter: Physical disk / avg.disk Queue Length (Disk Queue Average Length) Component: Memory is being monitored Performance: Usage To monitor counter: Memory / Available Bytes / Cache Bytes (Cache Bytes) Components: Memory is being monitored Performance: Bottlenecks or Vulnerabilities To monitor counters: memory / pages / sec (pages / sec) memory / Page Reads / sec (Page Read / Second) Memory / Transition Faults / Sec (Transport Error / Second) Memory / Pool Paged Bytes Memory / Pool Nonpaged Bytes (Unpisaged Memory Pool bytes) The following components Although not a dedicated memory object counter, they are useful for memory analysis:

Page File /% Usage Object (All Instances) Cache / Data Map Hits (Data Mapping Hand)% Server / Pool Paged Bytes Server / Pool NonPaged Bytes (Unpippised Memory Pool bytes) Components: Network is being monitored Performance: Throughput to monitor the counter: Protocol Transfer Counter (depending on the network protocol); for TCP / IP, including: Network interface / bytes Total / SEC (total byte number / Second) Network interface / packets / sec (package / second) server / BYTES TOTAL / SEC (total byte / second) or server / BYTES TRANSMITTED / SEC (send byte / second) server / Bytes Received / Sec (Received bytes / second) You may need to monitor networks and server throughputs of other objects as "Monitoring Network Activity" section

Component: Processor is being monitored Performance: Usage To monitor counter: Processor /% Processor Time: Component: Processor is being monitored Performance: Bottleneck to monitor counter: System / Processor Queue Length (All instances) Processor / Interrupts / SEC (Interrupt / Second) System / Context Switches / Sec (Context Switch / Switch / Seconds) Twenty-three, clear failures, let Windows 2003 is more kind

For the needs of the server, Windows 2003 is handled for hardware such as sound cards, graphics cards, and personal users will often encounter some "faults" when using.

1. When playing movies, many friends have such a "encounter": their computer configuration is quite good. When the Windows 2003 is installed, the graphics card can be automatically identified and installed, but the screen is very rough when playing movies, install the latest version of the graphics card The quality of the picture after driving is still the same. In fact, this is because Windows 2003 default display options are not optimized according to the needs of individual users.

The solution is simple: right-click on the desktop, enter "Display Properties → Settings → Advanced → Troubleshoot", drag the "hardware acceleration" cursor to "complete", click "OK" to exit. Then enter the "Start → All Programs → Accessories → System Tools → System Information", select "Tool → DirectX Diagnostic Tool" (Since the program collects system information, you need to wait a little, the flash screen can be displayed), select "Show" option Card, enable "DirectDraw Acceleration" and "Direct3D Acceleration" items in turn, click "Exit".

2. The sound card does not work or play the game. The sound is seriously lag in Windows 2003. Most sound cards can continue to use their drivers in Windows 2000 / XP, while the old sound card (such as Emperor S90, etc.) is only Manually installed. After installing the sound card, users often encounter two problems.

1) After the sound card does not work driver installation, you can use the sound card normally in the Windows 2003 standard version, and in the enterprise version, the system still cannot speak. The solution is: Go to "Control Panel → Sound and Audio Control Device", check the "Audio Services" option, and click "OK" to restart the computer.

2) When playing the game, the sound is seriously lagging solution is to enter the "DirectX Diagnostic Tool", select the "Sound" tab, drag the cursor to the right in the "Acceleration Level" to "completely accelerate", click "exit" .

3. I always remind the presence of security hazards "I always feel that the latest version is the safest. I didn't expect to browse the web in Windows 2003. Every visit, IE will remind the existence of security hazards. Ask if you continue to access, too inconvenient." I often have friends to complain like this.

This problem is that the IE default security level in Windows2003 is "high", so although security is improved, it gives us a lot of trouble to us. It is recommended to adjust the security level to "The method is: Start IE, select" Tools → Internet Option ", set the security level to" in "in the Security tab.

4. When running large software, the system response slower server and workstation requires the requirements of system resources. If we usually run software such as Photoshop, 3DSMAX, the system resource should be reassigned, modified to a state similar to Windows XP.

The setting step is: Go to "Control Panel → System" Select the Advanced tab, click the "Set" button in the Performance bar, select the Advanced tab, in "Processor Plan" and "Memory Use" two columns Select "program" in the middle, and finally "OK" and restart your computer. After the above settings, do you think Windows 2003 is more kind?

Twenty-four, Windows 2003 practical skills

First, skip the disk overhaul waiting time once the computer is due to accident, such as sudden power outages or crash, then the computer will take the next time, the system will spend 10 seconds, to run the disk scanner, check if the disk is Error appears. If you are a cherished person, you will definitely wait for it. Then come with me, skip this check waiting time: 1. In the Start menu, execute the "Program" / "Attachment" / "Command Prompt" command, switch the interface to the DOS command line; 2, directly enter the "ChkNTFS / T: 0" command, after clicking the Enter key, the system will automatically change the waiting time of the disk to 0; 3. After the abnormal situation is encountered next, restart the computer, the system When you call the disk scanner, you don't have to wait.

Second, cancel the security check of the website newly installed the Windows Server 2003 operating system, open the browser to query online information, discover that IE always "not tireless" to prompt us, do you need to add the current website to your trust? To go in the site; if you don't trust, you can't open the specified web page; if you trust, you must click the Add button to add the web page to the list of trust sites. However, every visit, you have to pass this step, obviously too cumbersome. In fact, we can let IE cancel the security check of website security by the following method: 1. Execute the "Start" / "Settings" / "Control Panel" command, in the open control panel window, double-click to add and Delete Programs Icon, switch the interface to the "Add and Remove Windows Components" page; 2. Use the "Internet Explorer Enhanced Security Configuration" option to continue click Next button, you can remove this option from the system. a;

3. Click the "Finish" button to exit the component to delete the prompt window. In the future, when I get online, IE will not automatically check the security of the website, so you can have a lot of trouble.

Third, automatic access to the Windows Server 2003 system When you turn it on, you need to press and hold the Ctrl Alt Delete composite button at the same time, enter the login password, to enter the system; if you need frequent login system, everyone It may not be able to stand this step. At this point, you may wish to follow the steps below to automate the login operation: 1. In the Run dialog box, enter the registry edit command regedit to open the registry edit window; VersionWinLogon key value; 3, in the sub-window corresponding to the right, right-click the blank place, from the pop-up shortcut menu, sequentially execute the "New" / "String" command to create a key name of a string type And set the key name to "AutoAdminLogon" and set the value of the key name to "1"; 4, find the "defaultdom inname" key name, and double click on the mouse, in the subsequent window, enter the domain name you want to log in For example, DEPARTMENT; 5, double-click the "defaultUsername" key name, in the subsequent window, enter the username where you want to log in to this domain, such as "Test"; 6, in the sub-window on the right side of Winlogon, right-click Hit the blank, from the shortcut menu that pops up, execute the "New" / "String" command to create a key name for a string type and set the key name to "defaultword" and the value of the key name. Set to the user's password, such as the login password of the user TEST is "123456"; 7. When the setting is completed, when we restart the computer, we will find that you don't need to log in, you can automatically enter the Windows Server 2003 system. If you want to cancel the automatic login function in the future, you can set the "AutoAdminLogon" key value to "0". IV. Tips for canceling shutdown When turning off the Windows Server 2003 operating system, the system will pop up a prompt window, requiring everyone to choose the reason option to turn off the computer; although this method can enhance the system's security, ensure that users can manage more effectively and Maintain computer; however, every time you shut down or restart the system, you must choose the shutdown reason, it is not necessary. So, in order to close the computer quickly, you can cancel the shutdown reason: 1. Turn on the Control Panel window, double-click the "Power Options" icon, and enter the "Advanced" tab in the "Advanced" tab in the power option window. Page; 2, at the "Power Button" setting item of this page, set "Shut down" when pressing the computer power button, click the "OK" button to exit the setting box; 3, when you need to shut down , You can press the power button directly to close the computer directly. Of course, we can also enable sleep function keys to achieve fast shutdown and boot; 4. If you do not enable sleep mode in your system, you can open the power option, go to the sleep tab, and will be " Enable Horm option is selected.

5. Calling the Windows XP style interface After installing the Windows Server 2003 system, we will find the display style of the system desktop as "Windows Classic Style". After reading this style, I will feel a bit boring, I don't want to change the desktop display style? If you try to call other style interfaces by displaying the appearance of the property, find that this "road" is unless; when calling the group policy, it is found that only the current style can be selected. So do we have a way to call other style styles, such as Windows XP style? According to the method below, we can easily implement call destinations: When you carefully check the parameters of this option, it is found that the service is forbidden in the default, so we can't call other style styles; 3. To this end, we must start the service; double-click the service option with the mouse, Then open the regular tab, set the startup type that should be served to "Auto", then click the "Apply" button; 4, "At this time," Start "button in the Service Status settings is automatically activated. Click the "Start" button to start the theme service in the system; 5, return to the system desktop, right-click the blank place, execute the Properties command from the shortcut menu, open the appearance tab, At the "Window and Buttons", select the Windows XP style or other display style. 6, here, the toolbar menu, window and other patterns in the system will be displayed in the specified style. 6. Adjusting the playback mode of Windows Media Player If we use Windows Media Player to play music, we also open a number of work windows so that we will often need to switch back in the working window and WMP playback interface, which will greatly affect Work efficiency. Now, you can adjust the WMP playback mode, so that the operator does not need to open the WMP's main interface to control music playback, so that you do not affect other work windows: 1. Right-click the blank in the system task bar. At the open shortcut menu, execute the "Windows Media Player" command below the "Toolbar"; 2. Since then, the play button in the Windows Media Player interface will automatically narrow and display it in the system taskbar, use here Buttons, we can perform music playback, pause, last or next order; 3. Through this adjustment, we also use it in the program window and WMP playback interface again.

7. When adding a new user to the specified group, when adding new users in the Windows Server 2003 system, it is found that the system control panel window does not have our very familiar "user" icon, then we should start to set up, in order to specify the system What about adding new users? Oh, Windows Server 2003 seems to be different! After several exploration, the author found that the method of adding new users to the specified group, the specific steps are as follows: 1. Right-click My Computer icon on the desktop, and execute the "Management" command from the open shortcut menu. A computer management window; 2, expand the "Local User and Group" folder in this window, then select the User option under this folder, in this point in the sub-window on the right, we can see the current system All users already exist, in which the user labeled the red fork number indicates that it has been created but does not enable; 3. Right-click the blank place of the right side window, and execute the "Add New User" command from the right-click menu. In the subsequent window, enter the relevant information of the user you need to add, and finally click the "Create" button to end the new user's adding work; 4. If you want the user to add to the specified group, you can choose Group "Option, then from the sub-window on the right, select the group name you need to join, and right-click on the mouse, perform the" Add to Group "command in the shortcut menu; 5, in the subsequent interface, click" Add "Add "The command, you can add the user created in front." 8. Cancel the IE Enhanced Security Configuration dialog box when you use the IE browser comseound with Windows Server 2003, a security prompt dialog is displayed every time, this is because Microsoft puts the default security level of IE to "High". . Drag the Safety Tarbo is set to "in" In "Internet Options" dialog box, you can cancel the security prompt dialog box.

Nine, Enable the Windows XP Desktop Theme In the "Run" dialog box of the Start menu, enter the Services.msc command to enter the Service Configure the operation window. Double-click the "Themes" service in the right window and select the General tab in the pop-up window, select Auto "in the" Start Type "drop-down menu, then click Apply and" Start "button to turn on the Windows XP desktop Theme function. Finally, you can choose the corresponding desktop topic in the Display properties window.

X. Disable boot CTRL ALT DEL and implement automatic landing 1: Open registry (run -> "regedit"), open: hkey_local_machin | Software | Microsoft | Windows NT | CurrentVersion | WinLogon segment, press in this paragraph Newly built two string segments, automoadminLogon = "1", defaultpassword = "Password set for superuser administrator". Note that you must set a password for the Administrator, otherwise you cannot achieve self-start. Then, restart Windows to automatically log in. 2: Administrative Tools -> Local Security Settings -> Local Policy -> Security Options -> Interactive Logon: Do Not Require Ctrl Alt DEL, enabled. 3 (Automatically login): Use the Windows XP's Tweak UI to implement the server 2003 automatic login. After downloading Tweakui.exe, select Logon -> Autology -> on the left side of the panel to select Log on Automatic At System Startup Enter your username and domain name (if not written), click below set Password, enter The user name is password, then click OK. 4: The login system does not need to press the "Ctrl Alt Del" key to enter the Administrative Tools → Local Security Policy in the Start menu to enter the Local Security Settings action window. Select "Local Policy → Security Options" in the left window, double-click "Interactive Login in the right window: Do not press Ctrl Alt Del" and select "Enabled" in the pop-up window. 11. Enable hardware and DirectX Acceleration 1: Hardware Acceleration: Desktop Click Right click - Properties -> Settings - Advanced - Troubleshoot. Pull the hardware accelerated scroll bar to "Full" (FULL), it is best to click "OK" to save exit. The black screen that may appear in this period is completely normal. 2: DirectX Acceleration: Open "Start" -> "Run", type "DXDiag" and enter "DirectX Diagnostics" (DIRECTX Tool ", click" (Display) page, click Directd Direct3D and AGP Texture Accelerates three buttons Enable acceleration. Pull the strip of the "Hardware Sound Acceleration Level" (full acceleration).

12. Enable sound card: After the system is installed, the sound card is disabled, so it is necessary to set it after the control panel -> sound -> enabled, then set it in the taskbar display. If you are using the Windows Server 2003 standard version, please from the second step XX because the standard version has allowed sound services. 1: Open "Start" -> "Run", type "services.msc", find "Windows Audio" in the window, and double-click it, then pull the drop-down menu of startup mode (startup type) Select "Automatic" and click "Apply" -> "Start) ->" OK "(OK) 2, open" Start "->" Run ", Type "DXDiag" and enter "DirectX Diagnostic Tool", in the "Sound" page, pull the "Hardware Sound Acceleration Level" scroll to "complete acceleration" ( Full acceleration). Thirteen, how to enable ASP support: Windows Server 2003 default installation, does not install IIS 6, need to be installed. After installing IIS 6, you also need to open support for ASP separately. The method is: Control Panel -> Management Tools -> Web Service Extensions -> Active Server Pages -> Allow.

XIV, how to enable XP desktop topic: 1: Open "Start" -> "Run", type "Services.msc", select themes "theme" (the default is forbidden), then change to "Auto", press "Apply", select "On". 2, then click "Desktop" attribute, in the "Topic", "Windows XP" 3, my computer ---- Properties ---- Advanced ---- Performance ----- on the desktop icon Label use shadow

Fifteen, the shutdown reason for the shutdown when shutdown is prohibited: shutdown event tracker is also a setting of Windows Server 2003 from other workstation systems, which is a necessary choice for the server, but for the workstation system Nothing, we can also prohibit it. Open "Start ->" Run "GPEDIT.MSC", select "Computer Configuration" -> "Administrative Templates ->" "in the left section of the window appears. System "(SYSTEM), double-click" Shutdown Event Tracker "in the changing dialog box to select" Disabled ", click" OK "to save, so you will see similar to Windows 26 shutdown window, how to use the USB hard drive, U disk, add some partitioned hard disk my computer (click Right button) ---- Management ---- Disk Management ----- on the corresponding hard disk Execute the import and assign a disk operation.

Eighteen, display all components in the control panel: replace "hide" in the SYSOC.INF file in the WindowsInf directory.

10. Disabling Internet Explorer Enhanced Security and prohibiting security interrogation boxes in the IE tool options Customize the security level of IE. The scroll bar is pulled on the Security tab to set the Internet area to "Medium" or "medium low". Custom settings Select the "prompt" to select "Disable" or "Enable".

Twenty, Windows Server 2003 3790 Recognition RTM = Release To Manufacture (Public Distribution Bulk Production) is the version of the hardware manufacturer! It is sent to the pressure plate, not taken to sell. OEM = Original Equipment Manufacture can only be installed new, and RTM is almost, but it is different. RTL = Retail (retail) official retail version, you can upgrade or brand new installation. VLK = Volume License is a large number of authorized version, also known as the enterprise version.

Twenty-one, the activation of the Windows Server 2003 3790 version is now before the official version of the model is not coming out, now

The popular activation method has the following: 1: reset5.02, running in safe mode, activation, adjusting time is no problem in 2008, everything is normal. Can be upgraded. Disadvantages: The activation program is completely shielded, and it is manifested to run MSOOBE / A without any display, and there is a reset5 in the service. When the machine will automatically run this service, C: /Windows/system32/srvany.exe, this program should be reset5 Add Enter the system. 2: Russia crack, remember in the XP era, just replace setupreg.hiv before installing, then the phone can achieve the perfect activation of the perfect activation, can be activated in 2003, now displayed, if you adjust Time will now be activated and even can't be used. Estimated the key to the second issue or in that setupReg.hiv file. 3: Some people in the forum have posted a file of WinXPactiVation.exe, and the claim can be activated. In fact, this is still activated, temporarily shields the activation program, is not able to modify the time. 4: Pseudo VLK made with replacement method, there is no problem with installation, just can't be upgraded. VLK is an eight file replacing the English version. But SN has been sealed by Microsoft. So can't be upgraded. Conclusion: I recommend you to activate RESET5.02! Reset5.02 download address: http://www.51key.org/3344520.asp?id=1052&url=1 22. Disable configuration server wizard prohibits the appearance of "Configuring your Server" wizard: Control Panel -> Administrative Tools -> Manage your server (Manage Your Server) running it, then check the page when you log in in the lower left corner of the window (Don't Display This Page At Logon.

Twenty-three, disable Internet Explorer Enhanced Security and Prohibition of Security Inquiry Blocks The security level of the setup IE is customized in the IE tool option. The scroll bar is pulled on the Security tab to set the Internet area to "Medium" or "medium low". Custom settings Select the "prompt" to select "Disable" or "Enable".

Twenty-four, disable shutdown event tracking start -> Run -> gpedit.msc -> computer configuration -> administrative templates -> system -> display shutdown Event Tracker ->

Set to disable. If it is a Chinese version, then: Start -> Run -> gpedit.msc-> Computer Configuration -> Management Template -> System -> Display Shuttle Event Tracking -> Disabled.

Twenty-five, Enable Desktop Topics and Hidden File 1: Open "Start" -> "Run", type "Services.msc", select Themes "Theme" (default is forbidden), then change to "Auto", press "Apply", select "On". Then, "Desktop" property, select "WindowsXP" 2: Windows Server 2003 display all folders by default, if you can hide by the following method: Open any folder, choose Tools -> " Folder option "->" View ", select" Do not display hidden files and folders ", click" OK ". Twenty-six, allowing built-in IMAPI CD-Burning services and supports Windows Imaging Device Services 1: Enables Windows Built-in IMAPI CD-Burning Services: Open "Start" -> "Run", type "Services. MSC ", find" IMAPI CD-Burning COM Service "in the window, and double-click it, then select Automatic (Automatic) and click" Apply ". "Start) ->" OK "(OK) 2: If you have an image device such as a digital camera and a scanner, you should open the Windows Image Acquisition service. Open "Start" -> "Run", type "Services.msc", find "Windows Image Acquisition (WIA)" and double-click on the window, then start mode (startup type) The drop-down menu selects "Automatic" and click "Apply" -> "Start" -> "OK"

Twenty-seven, Advanced Settings 1: Disable Error Report Right-click "My Computer" - Advance - Advanced - Click the "Error Reporting" button, the window appears "Disable Error Reporting" and check "but notify me when serious errors" (But, Notify Me When critical Errors Occur.) 2: Adjusting some friends of virtual memory often often shut down and Dance slowly feel that the hand is no problem, the solution is to disable virtual memory so your logout and shutdown time may speed up. Right-click My Computer - Properties - Advanced - Performance - Setting - Advanced, click on "Virtual Memory" ) Part "Change" and then select "No Page File" in the window. Restart the system.

Twenty eight, speed up start and run speed 1: Modify the registry, reduce pre-read, reduce progress bar waiting time: Start → Run → regedit launch registry editor, hkey_local_machine / system / currentcontrolset / control / sessionManagerMemory Management / PrefetchParameters, There is a key value name EnablePrefetcher, and its value is 3, and it is changed to "1" or "5". 2: Find hkey_local_machine / system / currentControlset / Control, set WaitTokillServentimeout to: 1000 or smaller. (Original Setting: 20000) Find the HKEY_CURRENT_USER / Control Panel / Desktop button, change the waittokillapptimeout of the right window to 1000, (Original setting: 20000) is only waiting for 1 second. Change the HungappTimeout value to: 200 (original setting: 5000), waiting for the program to wait for 0.5 seconds. 3: Let the system automatically turn off the program that stops responding. Open the Registry HKEY_CURRENT_USER / Control Panel / Desktop button, set the autoeeendtasks value to 1. (Original setting: 0) 4: Disable System Services QoS Start Menu → Run → Type Gpedit.msc, appear "Group Policy" window, expand "Management Templates" → "Network", expand "QoS Packet Scheduler", Right click on the right edge and click Restriction Reserved Bandwidth. There is "Setting" in the "Settings" in the properties, "Restriction Reserved Bandwidth", select "Disabled", is determined. When the above modifications are completed and applied, if the "QoS Packet Scheduler" can be seen in the General Properties tab in the network connection property dialog box. Description Modification is successful, otherwise the modification fails. 5: Change the speed of the window: find the hkey_current_user \Control Panel \ DESKTOP \WindowMetrics sub-key branch, find the minanimate key value in the window, the type of REG_SZ, by default is 1, indicating that the window is opened Displayed animation, change it to 0, prohibit animation display, and then select the "Logout" command from the start menu to activate the modifications you just made. 6: Disable Windows XP compression function: Click "Run" under "Start", enter "Regsvr32 / U Zipfldr.dll" in the "Run" input box, and then press Enter key.

7: Set personality start messages or warning information: Personalized Windows XP boot: Open the Registry Editor, find hkey_local_machine \currentversion@winlogon sub-branch, double-click LegalNoticeCaption July, Open "Edit Character String "dialog box, enter the information title you want in the text box under" Numerical Data ", such as" buddy, hello! ", Then click" OK "and restart. If you want to change the warning message, you can double-click the LegalNoticeText health name. In the "Edit String" window that appears, enter the warning message you want to display, click OK, restart. Twenty-five, several new line orders for Win2003 Server

Windows2003's cmd.exe adds more than 60 new line commands than the CMD of the previous WINDIWS system, which is powerful, convenient to make the system more convenient to the system under the command line. Let's take a more detailed usage of several line orders that I personally think that I am contemplated is, please refer to the help of the system.

1. CLIP imports the output of the line command to save the selection and copy command to output these two steps. Such as: DIR | Clip can import DIR into the system clipboard and paste results with Ctrl V in a text editor such as Notepad. CLIP

2. Bootcfg query, configuration, modification of the Boot.ini file parameters on the local and remote machines, no fine. 3. InUse replaces system files that are locked. Restart is effective. Usage: InUse replacement files Alternate file [/ y], such as: batch.cmd@echo offinuse test.dll c: /windows/system32/test.dll / yinuse test2.dll c: /windows/system32/test2.dll / yinuse Test3.dll C: /Windows/system32/test3.dll / yshutdown / l / r / y Replace this machine file with remote file: InUse //srvmain/windows/test.dll C: /Windows/test.dll

4. SystemInfo Displays system information of the machine, such as: operating system and its configuration, product ID, hardware attribute, etc. Usage: systeminfo [/ s computer] [/ p password]] [/ p password]] [/ p password]] [/ fo {Table | List | CSV}] [/ NH] below is the result of this machine's systemInfo: host name: * ** OS Name: Microsoft (R) Windows (R) Server 2003, Standard EditionOS Version: 5.2.3790 Build 3790OS Manufacturer: Microsoft CorporationOS Configuration: Member ServerOS Build Type: Uniprocessor FreeRegistered Owner: xxxRegistered Organization: yyProduct ID: 69712-640- 0592892-45260Original Install Date: 2003-8-17, 0: 02: 07System Up Time: 1 Days, 11 Hours, 58 Minutes, 15 SecondsSystem Manufacturer: VIA Technologies, Inc.System Model: VT82C692BXSystem Type: X86-based PCProcessor (s ): 1 Processor (s) Installed [01]: x86 Family 6 Model 7 Stepping 3 GenuineIntel ~ 501 MhzBIOS Version: SOYO - 42302e31Windows Directory:. c: / wINDOWSSystem Directory: c: / WINDOWS / system32Boot Device: / Device / HarddiskVolume1System Locale : Zh-cn; Chinese (China) Input local: en-us; united State (United States) Time Zone: (GMT 08: 00) Beijing, Chongqing, Hong Kong, Urumqitotal Physical Memory: 639 Mbavaila Ble Physical Memory: 327 MBPage File: Max Size: 2,205 MbPage File: Available: 1,608 Mbpage File: in Use: 597 Mbpage File Location (s): c: /pagefile.sysdomain: dd.cc.bb.cnlogon Server: // Server-DDHOTFIX (s): 3 HotFix (S) Installed. [01]: File 1 [02]: Q147222 [03]: KB823980 - UpdateNetwork Card (s): 1 NIC (S) Installed.

5. Taskkill ends tasks and processes. Many tasks and processes in the task manager in the graphical interface cannot be completed, which can be done. Often use of TaskList. Usage: Taskkill [/ s computer] [/ p PassWord]] {/ ​​FI filtername [{/ pid processid | / μm imagename}] | / pid processid | / μMAGENAME} [/ f] [ / T] The nearest shock wave virus is * it kills, it is useful! ! ! Previous Taskkill called Kill, but the system did not own it, it was in the resource kit. 6. Tasklist displays the running process usage: tasklist [.exe] [/ s computer] [/ u domain / user] [/ p password]] [{/ m module | / svc | / v}] [/ fo {TABLE | List | CSV}] [/ NH] [/ FI filtername] [/ FI filtername2] [...]] 7. Where displays the location of the file or directory (in the path declared by the current position of the WHERE DERE and the system PATH environment variable, you can use the same harmonic * ,?). A prawn here also wrote a batch file with the same name before this Win2003, I used it, great. Can sued Microsoft! Haha! ! Usage: WHERE [/ R DIR] [/ q] [/ f] [/ t] pattern ... such as: WHERE "Program Files" WHERE / R C: / TEST WHERE / R / / COMPUTER1 / C / E NOTEPAD. *8. WhoAmi query domain name, computer name, user name, group name, login Identifier, and current user permissions. Such as: whoami / all sixteen, 10 advantages of Windows Server 2003:

1. Easy to deploy, manage, and use

 Due to the familiar Windows interface, Windows Server 2003 is very easy to use. A streamlined new wizard simplifies the installation and routine server management tasks of a particular server role, making it easy to manage even if there is no full-time administrator. In addition, administrators have a variety of new features and improvements that make it easier to deploy Active Directory. Large Active Directory copies can be deployed from backup media, and by using the Active Directory Migration Tool (ADMT) (which fully supports scripting language), it is simpler. New features (such as the function of the redefield and redefine architecture) make maintenance Active Directory simpler and give administrators better flexibility to handle organizational changes. In addition, the cross forest trust enables administrators to connect the Active Directory catalog forest, which can provide autonomy and no sacrificial integration. Finally, improved deployment tools (such as remote installation services) help administrators quickly create a system image and deploy the server. 2. Safety infrastructure

 To maintain the company's competitiveness, efficient, safe computer networking is more important than ever before. Windows Server 2003 allows units to extend these advantages to partners, customers and suppliers through deployment of key features (such as the intersection of the MICROSoft Active Directory® services and the Microsoft .Net Passport integration) . The scope of the identification management in Active Directory spans the entire network, helping you ensure the safety of the entire company. Encryption sensitive data is very simple, and software restriction strategies can be used to prevent damage caused by viruses and other malicious code. Windows Server 2003 is the best choice for deploying a public key structure (PKI), and its automatic registration and automatic order make it easy to deploy smart cards and certificates in the enterprise. 3. Enterprise-level reliability, availability, scalability and performance                                              The reliability is enhanced . In order to achieve higher availability, Microsoft Cluster Services currently supports up to eight nodes of clusters and nodes separate from location. Better scalability is provided to support a variety of systems from single processors to 32 systems. In short, Windows Server 2003 is faster: its file system performance is 140% better than the previous operating system, and Active Directory, XML Web services, terminal services and network performance have also increased significantly. 4. Enhance and adopt the latest technology, reduce TCO

 WINDOWS Server 2003 provides many technological innovations to help unit reduce the total cost of ownership (TCO). For example, the Windows Explorer enables administrators to set the resource usage of the server application (processor and memory) and manage them through Group Policy settings. Additional storage of networks helps you merge file services. Other improvements include support for non-only memory access (NUMA), Intel Hyper - Threading Technology, and Multi-path input / output (I / O), and all of this will facilitate "adding" server performance. 5. Easy to create dynamic intranet and Internet Web site

 IIS 6.0 is the web server included in Windows Server 2003, which provides enhanced security and reliable structures (this structure provides isolation of the application and greatly improving performance). The result is: Get higher overall reliability and run time. Moreover, Microsoft Windows Media Services makes generations of stream media solutions with dynamic content programming and faster, more reliable. 5. Easy to create dynamic intranet and Internet Web site

 IIS 6.0 is the web server included in Windows Server 2003, which provides enhanced security and reliable structures (this structure provides isolation of the application and greatly improving performance). The result is: Get higher overall reliability and run time. Moreover, Microsoft Windows Media Services makes stream media solutions that generate dynamic content programming and faster, more reliable, and speed up the development speed with Integrated Application Server.

  Microsoft .NET framework is deeply integrated in the Windows Server 2003 operating system. Microsoft ASP.NET helps you generate high-performance web applications. Because of the .NET-Connected technology, developers will be able to free from writing monotonous intricate code and can work with the programming language and tools they have already mastered. Windows Server 2003 offers many features that increase the productivity of developers and application value. Existing applications can be easily re-packaged into XML Web services. UNIX applications can be easily integrated or migrated. Also, developers can quickly generate web applications and services related to mobile Web form controls and other tools via ASP.NET. 7. Easy to find, share, and reuse XML Web services  WINDOWS Server 2003 includes a service that is universal description, discovery and integration (Enterprise, And Integration, UDDi). This dynamic elastic infrastructure based on standard XML Web Services allows organizations to run their UDDI directory, which is used to easily search for Web Service and other programming resources internally or external networks. Developers can easily discover and reuse Web Service within the organization. IT managers can classify and manage programming resources in the network. Enterprise UDDI services also help companies build more intelligent, more reliable applications. 8. Stable management tools

 New Group Policy Management Console (GPMC) is expected to be used as an external component, which enables administrators to better deploy and manage those automatic adjustment critical configurations (such as user desktops, settings, security, and roaming profiles) Strategy. Administrators can use a new set of command line tools to make management feature scriptization and automation, and most administrative tasks can be done from the command line if needed. Support for Microsoft Software Update Services (SUS) helps administrators automate the latest system update. And the volume image replication service will improve the backup, restore, and system area network (SAN) management tasks. 9. Reduce support costs and enhance user functionality

 Due to the new image copy function, users can retrieve the previous version of the file without getting the price of the prices that support professionals. The Enhancement of Distributed File System (DFS) and File Copy Service (FRS) provides users with a consistent way to access their files regardless of your body. For remote users who require high level security, the Remote Access Connection Manager can be configured to give the user to the virtual private network (VPN) access, without having to understand the technical connection configuration information. 10. Expert knowledge using the Global Partner and Certified Professionals Network

 The unit will receive a wide range of solutions and specialized technologies worldwide, including 750,000 partners and 450,000 Microsoft Certified Experts (MCPs).

Twenty-seven, 10 reasons to upgrade to Windows2003:

In addition to providing the fastest, most reliable and safest Windows Server we committed, Windows Server 2003 also integrates a powerful application environment to develop new XML web services and significant business solutions. These major new features and improvements are provided for corporate users upgraded from Microsoft Windows NT? Server 4.0. 1. Active Directory   Microsoft Active Directory? Service simplifies the management of complex network directories and enables users to easily find resources even on the most complex network. This enterprise directory service is scalable, completely created with Internet standard technology, and is fully integrated with Windows Server 2003 Standard Edition, Windows Server 2003 Enterprise Edition, and Windows Server 2003 DataTacenter.

Windows Server 2003 provides Active Directory, providing many simple and easy-to-use improvements, including cross-forest trust, renamed fields, and enable properties and classes in the architecture to be able to change its definition. 2. Group Policy: Group Policy Management Console

Administrators can use Group Policy Definitions and allow users to perform operations to be performed. Compared to local strategies, they can use group policies to set up policies to give a given site, domain or organizational units in Active Directory. Policy-based management simplifies tasks such as system update operations, application installations, user profiles, and desktop system locks.

Group Policy Management Console (GPMC) is expected to be used as an external program component of Windows Server 2003, providing a new framework for the management group policy. With GPMC, the Group Policy will be simple, which will enable more units to better use Active Directory and use their powerful management. 3. Server performance

In internal testing, Windows Server 2003 shows higher performance than previous Windows Server operating system versions. For example, files and web server performance is three times that of Windows NT Server 4.0. Due to the unique network and computer settings of each enterprise user, the performance they receive may be different, and Microsoft believes that Windows Server 2003 improvements will help you provide a faster service for your network solutions. 4. Volume image copy recovery

As part of the volume shadow call, this feature enables administrators to configure instant locations for critical data volumes without interrupting the service. These copies can then be used to restore, archive, or recovery. Users can retrieve the archive versions of their documents, which are not visible to these versions saved on the server. Better recovery of the document improves efficiency. 5. Internet Information SERVICES 6.0 and Microsoft .NET Framework

Internet Information Services (IIS) 6.0 is a full-featured web server that enables web applications and XML Web services. IIS 6.0 is fully recreated using the new fault-tolerant process model, which greatly enhances the reliability of Web sites and applications.

  now, IIS can divide a single web application or multiple sites into a separate process (called application pool), which communicates with the operating system kernel. This feature increases the capacity of throughput and application to effectively reduce hardware requirements when providing more activity spaces on the server. These stand-alone application pools will block an application or site to destroy the XML Web service on the server.

IIS also provides status monitoring to discover, restore, and prevent web applications failures. On Windows Server 2003, Microsoft ASP.NET uses new IIS process models locally. These advanced applications status and detection functions can also be used in existing applications running in Internet Information Server 4.0 and IIS 5.0, most applications do not require any modifications.

The NET framework provides programming models for generating, deploying, and running web-based applications and XML web services on this highly stable platform. It provides efficient, basic multilingual environment (this environment is used to integrate existing investments and new generation applications and services), and provide the flexibility to solve the difficulties encountered by applications within the deployment and operational Internet. Sex. Existing applications can be easily reorganized into XML Web services, and performing Unix applications, even migrating to solutions than overhead. 6. Terminal Services

Terminal Server enables administrators to transfer Windows-based applications or Windows desktops themselves to any computing device, including those that cannot run Windows. When the user runs the application on the terminal server, the application will execute on the server and only the keyboard, mouse, and display information are transmitted in the network. Users only see their own sessions, these sessions are transparent management of the server operating system and remain independent with any other client session. The remote desktop for management is built on remote management mode of Windows 2000 terminal service. In addition to two virtual sessions available from Windows 2000 Terminal Services remote management mode, the administrator can also remotely connect to the actual console of the server.

Terminal Server can improve the software deployment capabilities of enterprises, and use traditional application distribution techniques to implement these features. 7. Cluster (8 nodes support)

This service is only available for Windows Server 2003 Enterprise Edition and Windows Server 2003 Data Center, which provides high availability and scalability for decentralized key applications such as databases, messages, and files, and print services. Keep uniform communications by enabling multi-server (node). If a node in the cluster is not available due to errors or repairs, another node will immediately start providing services, which is called failover. Users who are accessing to the service will continue their activities without notice that the service is now provided by another server (node).

Windows Server 2003 Enterprise Edition and Windows Server 2003 Data Center Edition supports up to 8 nodes of server cluster configuration 8. Integrate PKI support use Kerberos 5 version

Certificate service and certificate management tools, corporate users can deploy their own public key system (PKI, public key infrastructure). With PKI, administrators can implement standard-based technologies, such as smart card login feature, customer authentication (by security socket layer and transport layer security), secure email, digital signature And secure connection.

Use certificate services, administrators can set up and manage certificate authorities for issuing and revoking X.509 V3 certificates. This means that enterprise users do not necessarily depend on commercial customer authentication services, although business customer authentication can be integrated into the public key structure of enterprise users.

Kerberos 5 is a mature, industrial standard network authentication protocol. With the support of the Kerberos 5 version, the fast single login process allows users to access corporate resources and other environments that support this protocol. Support for the Kerberos 5 version includes other benefits, such as mutual authentication (client and server must provide authentication) and approved verification (user credentials are tracked from one end). 9. Command line management

The command line structure of the Windows Server 2003 series has been significantly enhanced, enabling the administrator to perform the vast majority of management tasks without using the graphical user interface. Most importantly perform the functions of most tasks by using the information store enabled using the Windows Management Specification (WMI). This WMI command line (WMIC) feature provides a simple command line interface, interacts with existing shells and utility commands, and can be easily extended by scripts or other-oriented applications.

In short, the more powerful command line function in the Windows Server 2003 series is combined with existing scripts, which can be balanced with other functional systems that typically have higher cost operating systems. Get used to administrators from the command line management UNIX or Linux system can continue to manage from the command lines in the Windows Server 2003 series. 10. Intelligent file service: Encrypted file system, distributed file system and file copy service

Encrypted File System (EFS) Enables users to encrypt and decrypt files to protect them from invaders, these intruders get physical access to their sensitive, stored data unauthorized physical access (for example, through stealing portable machine Or external disk drive). The encryption process is transparent: the user handles encrypted files and folders just like they handle any other files and folders. If the EFS user encrypts the file or folder, the system will automatically decrypt this file or folder when this user accesss this file or folder.

The Distributed File System (DFS) simplifies the task of managing sharing disk resources on the network. Administrators can assign logical names for shared disks on the network without requiring the user to know the physical name of the server that is assigned to each server that needs to be accessed.

Document Replication Service (FRS) is a significant improvement in the directory replication function in Windows NT Server 4.0. For example, FRS provides a multi-host file replication of a specified directory tree between specified servers. In addition, DFS automatically synchronizes the content between specified copies using FRS, and Active Directory uses the content of system volume information between the FRS automatic synchronization domain controller.

转载请注明原文地址:https://www.9cbs.com/read-15358.html

New Post(0)