Scribd Logo
Upload

Welcome to Scribd!

  • 70 290tiengviet

    Uploaded by

    vetxanh
    67 views540 pages

    Original Title

    70-290TIENGVIET

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    TXT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    67 views540 pages

    70 290tiengviet

    Uploaded by

    vetxanh

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 540

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 MC LC _Toc124924201 PHN 1 QUN L V DUY TR H IU HNH ................... 6

    CHNG 1: GII THIU H IU HNH WINDOWS SERVER 2003 CA MICROSOFT....................................................................... ............................................. 7 H H IU HNH WINDOWS SERVER 2003...................................................... 8 CI T WINDOWS SERVER 2003........................................................... ............. 15 CU HNH WINDOWS SERVER 2003 ....................................................... ............. 32 TO MY CH QUN TR MIN................................................................... ........ 35 CC KHI NIM C BN V ACTIVE DIRECTORY.......................................... 46 TNG KT ........................................................................... ....................................... 54 BI TP THC HNH....................................................................... ....................... 54 CC CU HI N TP........................................................................ ..................... 55 CC KCH BN TNH HUNG .................................................................. ............. 57 CHNG 2: QUN TR H IU HNH MICROSOFT WINDOWS SERVER 2003............................................................................ ....................................................... 58 S DNG MICROSOFT MANAGEMENT CONSOLE (MMC) ............................. 60 QUN TR MY CH BNG REMOTE DESKTOP FOR ADMINISTRATION (MN HNH QUN TR T XA)................................................................. ............. 73 S DNG REMOTE ASSISTANCE .......................................................... ............... 82 TNG KT ........................................................................... ....................................... 88 BI TP THC HNH....................................................................... ....................... 89 CC CU HI N TP........................................................................ ..................... 90 CC KCH BN TNH HUNG .................................................................. ............. 91

    CHNG 3: GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003............................................................................ ....................................................... 92 CC K NNG GIM ST MY CH ................................................................ . 93 S DNG EVENT VIEWER ............................................................... ...................... 95 S DNG TASK MANAGER ............................................................... .................. 105 S DNG PERFORMANCE CONSOLE (BNG IU KHIN HIU NNG).. 112 TNG KT ........................................................................... ..................................... 137 BI TP THC HNH....................................................................... ..................... 138 CC CU HI N TP........................................................................ ................... 139 CC KCH BN TNH HUNG .................................................................. ........... 140 CHNG 4: SAO LU V PHC HI D LIU ................................................. 142 HIU BIT V SAO LU....................................................................

    .................... 143 S DNG WINDOWS SERVER 2003 BACKUP.................................................. . 175 TNG KT ........................................................................... ..................................... 182 BI TP THC HNH....................................................................... ..................... 183 CC CU HI N TP........................................................................ ................... 184 KCH BN TNH HUNG..................................................................... .................. 185

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003

    CHNG 5: DUY TR H IU HNH ............................................................... .. 187 CC BN CP NHT CA H IU HNH WINDOWS.................................. 188 S DNG MICROSOFT BASELINE SECURITY ANALYZER........................... 194 S DNG WINDOWS UPDATE ............................................................. ............... 196 TRIN KHAI CC BN CP NHT TRONG H THNG MNG .................... 200 S DNG MICROSOFT SOFTWARE UPDATE SERVICES - SUS (DCH V CP NHT PHN MM CA MICROSOFT)....................................................... 20 8 QUN L CC BN QUYN PHN MM.......................................................... 222 TNG KT ........................................................................... ..................................... 232 BI TP THC HNH....................................................................... ..................... 233 CC CU HI N TP........................................................................ ................... 235 CC KCH BN TNH HUNG .................................................................. ........... 237 PHN 2 QUN L V DUY TR H IU HNH ............... 240

    CHNG 6: LM VIC VI TI KHON NGI DNG ................................ 241 TM HIU TI KHON NGI DNG (USER ACCOUNT) .............................. 242 NHM LM VIC (Workgroup)............................................................. ................. 242 MIN (Domain) .................................................................... ..................................... 243 LP K HOCH TI KHON NGI DNG ..................................................... 244 T TN CHO TI KHON .................................................................... .............. 244 LA CHN MT KHU....................................................................... .................. 245 THIT K M HNH PHN CP ACTIVE DIRECTORY .................................. 247 LM VIC VI TI KHON NGI DNG CC B ....................................... 247 TI KHON NGI DNG CC B ................................................................. . 249 QUN L TI KHON NGI DNG CC B ................................................ 250 LM VIC VI TI KHON NGI DNG MIN............................................ 251 TO TI KHON NGI DNG MIN............................................................... 53 QUN L TI KHON NGI DNG MIN ..................................................... 256 QUN L NG THI NHIU NGI DNG................................................... 269 DI CHUYN CC I TNG NGI DNG................................................... 270

    KHI TO NG THI NHIU NGI DNG ................................................. 271 NHP I TNG NGI DNG S DNG CSV DIRECTORY EXCHANGE ................................................................................ .................................................... 273 TO I TNG NGI DNG BNG DSADD.EXE..................................... 276 QUN L KHI LC NGI DNG ................................................................ 9 NI DUNG KHI LC NGI DNG .............................................................. 80 S DNG KHI LC NGI DNG BT BUC ........................................... 284 GIM ST V KHC PHC S C VIC XC THC NGI DNG .......... 285 S DNG CHNH SCH KHO TI KHON ..................................................... 286 DCH V ACTIVE DIRECTORY MY KHCH .................................................. 28 7 KIM NH XC THC ....................................................................... .................. 289 TNG KT ........................................................................... ..................................... 291 BI TP THC HNH....................................................................... ..................... 293 CC CU HI N TP........................................................................ ................... 295 CC KCH BN TNH HUNG .................................................................. ........... 296 CHNG 7: LM VIC VI NHM ................................................................ ...... 298 HIU V NHM.......................................................................... ............................. 299 QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 S DNG NHM CC B ...................................................................... ............... 305 S DNG NHM ACTIVE DIRECTORY ........................................................ ..... 306 CC NHM MC NH CA WINDOWS SERVER 2003.................................. 314 TO V QUN L CC I TNG NHM .................................................... 328 QUN L NHM T NG........................................................................ .......... 338 TNG KT ........................................................................... ..................................... 343 BI TP THC HNH....................................................................... ..................... 344 CC CU HI N TP........................................................................ ................... 346 CC KCH BN TNH HUNG .................................................................. ........... 348

    CHNG 8: LM VIC VI TI KHON MY TNH ...................................... 349 TM HIU I TNG MY TNH (COMPUTER OBJECT) ............................. 350 B SUNG THM MY TNH VO MIN ............................................................ 353 TO I TNG MY TNH ...................................................................... ........ 354 QUN L CC I TNG MY TNH............................................................. 3 KHC PHC S C TI KHON MY TNH .................................................... 375 TNG KT ........................................................................... ..................................... 378

    BI TP THC HNH....................................................................... ..................... 380 CC CU HI N TP........................................................................ ................... 381 CC KCH BN TNH HUNG .................................................................. ........... 383 PHN 3 QUN L V DUY TR CC NGUN TI NGUYN CHIA S 385 CHNG 9: CHIA S CC TI NGUYN H THNG FILE ........................... 386 TM HIU V CC CP PHP.................................................................... ........... 387 CC TH MC CHIA S..................................................................... ................... 392 QUN L CC TH MC CHIA S................................................................. .... 403 S DNG CC CP PHP NTFS ................................................................ .......... 411 QUN TR IIS........................................................................ ................................... 426 TNG KT ........................................................................... ..................................... 439 BI TP THC HNH....................................................................... ..................... 441 CC CU HI N TP........................................................................ ................... 443 CC KCH BN TNH HUNG .................................................................. ........... 445

    CHNG 10: LM VIC VI MY IN ............................................................. ..... 448 TM HIU V M HNH IN N TRONG WINDOWS SERVER 2003 ................ 449 TRIN KHAI MY IN CHIA S ............................................................ ................. 451 CU HNH CC C TNH MY IN.................................................................. .. 461 GIM ST CC MY IN..................................................................... ................... 467 X L S C MY IN ....................................................................... .................... 472 TNG KT ........................................................................... ..................................... 475 BI TP THC HNH....................................................................... ..................... 476 CC CU HI N TP........................................................................ ................... 478 CC KCH BN TNH HUNG .................................................................. ........... 481 PHN 4 QUN L V DUY TR PHN CNG................... 484

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 CHNG 11: QUN L CC TRNH IU KHIN THIT B......................... 485 TNG QUAN V TRNH IU KHIN THIT B ............................................... 486 TO CHIN LC DUY TR TRNH IU KHIN ............................................ 494

    S DNG TRNH HNG DN ADD HARDWARE.......................................... 498 S DNG DEVICE MANAGER ............................................................. ................ 502 S DNG CONTROL PANEL .............................................................. .................. 512 X L S C CC THIT B V TRNH IU KHIN.................................... 514 TNG KT ........................................................................... ..................................... 519 BI TP THC HNH....................................................................... ..................... 521 CC CU HI N TP........................................................................ ................... 524 CC KCH BN TNH HUNG .................................................................. ........... 526

    CHNG 12: QUN L LU TR D LIU TRN A................................... 528 TNG QUAN V LU TR D LIU TRN A TRONG WINDOWS SERVER 2003............................................................................ ................................................ 529 S DNG CNG C QUN TR A (DISK MANAGEMENT) ........................ 535 QUN TR LU TR D LIU TRN A.......................................................... 5 TNG KT ........................................................................... ..................................... 562 BI TP THC HNH....................................................................... ..................... 563 CU HI N TP ......................................................................... ........................... 566 CC KCH BN TNH HUNG .................................................................. ........... 570 THUT NG .......................................................................... ........ 573

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003

    PHN 1 QUN L V DUY TR H IU HNH

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 GII THIU H IU HNH WINDOWS SERVER 2003 CHNG 1: GII THIU H IU HNH WINDOWS SERVER 2003 CA MICROSOFT Mc ch ca kha hc ny l hng dn bn cch qun tr v duy tr mt m i trng mng da trn nn Microsoft Windows Server 2003 v chun b cho m n thi 70-290 trong h thng chng ch ca Microsoft. Kha ny gi nh rng bn c mt ch t t kinh nghim vi cc sn phm Microsoft Windows nhng li kh mi vi h sn phm Windows Server 2003. Do , mc tiu ca chng ny l gii thiu vi bn cc phin bn khc nhau ca h iu hnh Windows Server 2003 bn c th nhn bit cc im khc nhau c bn gia ch ng v la chn sn phm ph hp, p ng c nhu cu ca h thng ca bn. Chng 1 s hng dn bn qua cc bc ci t Windows Server 2003 trn mt my tnh v cu hnh n thnh mt Active Directory Domain Controller (My ch qun tr min s dng Active Directory). Ging vin c th kh ng yu cu bn ci t h iu hnh trn my tnh ca bn ti lp hc, nhng nu bn mun lm vic vi h iu hnh Windows Server 2003 ti nh hoc ni no khc ngoi lp hc, bn phi lm quen vi qu trnh ci t v cc bc cu hnh h thng ny. Sau khi kt th c chng ny, bn c kh nng: Nhn bit cc khc nhau c bn gia cc phin bn ca h iu hnh Windows Server 2003 Ci t Windows Server 2003 To mt my ch qun tr min (domain controller) Nhn bit cc thnh phn logic v cc khi nim v Active Directory

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 7 GII THIU H IU HNH WINDOWS SERVER 2003 H H IU HNH WINDOWS SERVER 2003 Windows Server 2003 l sn phm mi nht trong cc h

    iu hnh

    Windows Server v c ci tin rt nhiu bo mt tt hn, tin cy cao hn v d trnh by tng quan v h sn phm Windows im ging v khc nhau gia 4 phin bn: Enterprise Edition v Datacenter Edition

    so vi cc phin bn trc : dng qun tr. Phn sau y s Server 2003, tp trung vo cc Web Edition, Standard Edition,

    Cc phin bn ca h Windows Server 2003 Windows Server 2003 l mt phin bn cp nht cho nn tng v cc c ng ngh gii thiu trong Windows 2000. Nu bn nghin cu Windows Server 2003 trn c s c kinh nghim v Windows 2000, bn s thy vic chuyn i tng i d dng. Nu bn ch c kinh nghim vi Windows NT 4, qu trnh hc ca bn c th s kh khn hn mt ch t. Mc d giao din c bn ca Windows Server 2003 kh ging vi Windows 2000 nhng h iu hnh ny c rt nhiu ci tin v tnh nng mi nhm b sung kh nng bo mt, tin cy v tng cng nhiu c ng c qun tr. Khi bn cn nhc n vic nng cp hay chuyn i sang h iu hnh Windows Server 2003, bn s phi ch ra cc tnh nng v s ci tin ng k trong Active Directory, cc c ng c mi h tr cho cc i tng chnh sch nhm (GPO - Group Policy Object), s tng cng kh nng bo mt cho h thng, s ci tin ca Terminal Services hay hng lot cc tnh nng tin tin ca h iu hnh mi ny. THNG TIN THM: Cc tnh nng mi trong Windows Server 2003: tham kho thm y cc tnh nng mi v kh nng hon ho ca Windows Server 2003, bn c th truy nhp vo Web site ca Microsoft theo a ch: http://www.microsoft.com/windowsserver2003 Cc phin bn khc nhau ca Windows Server 2003 c thit k h tr cc nn tng thit b phn cng v vai tr my ch khc nhau. Bn cnh 4 phin bn c bn ca Windows Server 2003 - Web, Standard (Tiu chun), Enterprise (Doanh nghip) v Datacenter (Trung tm d liu) h iu hnh ny cn c thm cc phin bn h tr phn cng 64 bit v cc h thng nh ng. Phn tip theo s trnh by chi tit hn v cc phin bn ny.

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 8 GII THIU H IU HNH WINDOWS SERVER 2003 Cc yu cu h thng Bn phin bn h iu hnh khc nhau trong vic h tr cc phn cng. Bng 1.1 lit k cc yu cu h thng i vi tng phin bn, ng thi km theo phn cng m Microsoft khuyn ngh s dng. Bng 1-1: Cc yu cu h thng ca Windows Server 2003

    Edition Standard Edition Enterprise Web Edition Datacenter Edition Tc CPU ti thiu Tc CPU nn d ng 133 MHz 133 MHz 133 MHz 550 MHz 550 MHz 733 MHz RAM ti thiu RAM nn d ng 128 MB 256 MB 512 MB 1 GB RAM ti a S b vi x l SMP 2 GB 4 GB 32 GB 64 GB (Symmetric MultiProcessing) 2 4 8 32

    128 MB 256 MB

    400 MHz 733 MHz

    128 MB 256 MB

    Khong trng a ti thiu Phin bn Web (Web Edition)

    1.5 GB

    1.5 GB

    1.5 GB

    1.5 GB tng tnh cnh tranh ca Windows Server 2003 so vi cc my ch Web khc, Microsoft cho ra mt phin bn c bit ca Windows Server 2003, c thit k chuyn dng cho chc nng ca mt my ch Web. Phin bn Web l mt phn ca h iu hnh chun cho php ngi qun tr c th trin khai cc Web site, cc ng dng Web v cc dch v Web m kh ng tn nhiu chi ph v c ng sc qun tr. H iu hnh ny h tr ti a 2GB b nh RAM v 2 b vi x l ch bng mt na so vi kh nng h tr ca bn Standard Edition. Phin bn Web kh ng c nhiu tnh nng nh cc phin bn Windows Server 2003 khc, tuy nhin n vn tch hp mt s thnh phn c th kh ng cn thit cho mt Web Server in hnh, l: Mt my ch chy phin bn Web c th l thnh vin ca mt min s dng Active Directory nhng n kh ng th tr thnh mt my ch qun tr min QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 9 GII THIU H IU HNH WINDOWS SERVER 2003 M hnh Client Access License - CAL (giy php truy nhp t my trm) chun kh ng c p dng cho cc my ch chy h iu hnh Web Edition. H iu hnh ny h tr mt s lng kh ng gii hn cc kt ni Web, nhng n li gii hn ti a 10 kt ni Server Message Block (SMB) ng thi. iu ny c ngha l kh ng th c nhiu hn 10 ngi d ng mng ni b c th truy nhp cc ti nguyn file v my in ti mt thi im bt k Cc tnh nng Tng la Bo v Kt ni Internet (Internet Connection Firewall -ICF) v Chia s Kt ni Internet (Internet Connection Sharing - ICS) s kh ng c trong phin bn Web, iu ny s kh ng cho php my ch thc hin chc nng ca mt cng kt ni Internet. Mt my ch chy h iu hnh Web Edition kh ng th thc hin chc nng ca mt my ch DHCP, my ch fax, my ch Microsoft SQL hay mt My ch Dch v Du cui mc d chc nng Remote Desktop (Truy nhp ton mn hnh t xa) dnh cho qun tr vn c h tr. Phin bn Web s kh ng cho php chy cc ng dng kh ng phi dch v Web Tuy nhin, phin bn Web li bao gm y cc thnh phn chun m mt my ch Web cn, bao gm Microsoft Internet Information Services (IIS) 6, Network Load Balancing (NLB), v Microsoft ASP.NET. Do vy, hin nhin l phin bn Web kh ng phi l mt nn tng thch hp cho cc my ch mng th ng thng. N cho php cc c quan hay t chc trin khai cc my ch Web chuyn dng, kh ng h tr cc thnh phn khc m my ch web ny kh ng cn thit s dng trong vai tr ca n. LU : Mua phin bn Web. Bn Web Edition kh ng c bn th ng qua cc knh phn phi l, sn phm ny ch c cung cp cho cc khch hng ca Microsoft chp nhn k kt cc vn bn tha thun bn quyn ring cho doanh nghip (Enterprise and Select

    licensing agreements), cc nh cung cp dch v k kt vn bn tha thun bn quyn ring cho nh cung cp dch v (service provider licensing agreement - SPLA) th ng qua cc Nh Sn xut Thit b gc ca Microsoft (Microsoft original equipment manufacturers - OEMs) hoc cc i tc Xy dng H thng (System Builder partners)

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 10 GII THIU H IU HNH WINDOWS SERVER 2003 Phin bn Tiu chun (Standard Edition) Phin bn Standard s dng cho nn tng my ch a chc nng trong c th cung cp cc dch v th mc (Directory), file, in n, ng dng, multimedia v dch v Internet cho cc doanh nghip c va v nh. Sau y l mt vi trong rt nhiu tnh nng c trong phin bn ny ca h iu hnh : Directory services (Dch v Th mc): Phin bn Standard c kh nng h tr y i vi Active Directory cho php cc my ch c th ng vai tr l my ch thnh vin hoc cc my ch qun tr min. Ngi qun tr mng c th s dng cc c ng c km theo h iu hnh trin khai v qun tr cc i tng Active Directory, cc chnh sch nhm (GP Group Policy) v cc dch v khc da trn nn Active Directory. Dch v Internet: Phin bn Standard bao gm IIS 6.0 cung cp cc dch v Web v FTP cng nh cc thnh phn khc s dng trong qu trnh trin khai my ch Web nh dch v Cn bng Ti (NLB Network Load Balancing). Chc nng NLB cho php nhiu my ch Web c th c ng duy tr (host) mt Web site n, chia s cc yu cu kt ni ca client trong ti a 32 my ch ng thi cung cp kh nng chng li cho h thng. Cc dch v c s h tng: Phin bn Standard bao gm cc dch v Microsoft DHCP Server, Domain Name System (DNS) Server, v Windows Internet Name Service (WINS) Server, cung cp cc dch v c bn cho mng ni b v cc my khch trn Internet. nh tuyn TCP/IP (TCP/IP Routing): Mt my ch chy phin bn Standard c th thc thi nh mt router vi rt nhiu cu hnh bao gm nh tuyn LAN v WAN, nh tuyn truy nhp Internet v nh tuyn truy nhp t xa. thc hin cc chc nng ny, dch v nh tuyn v Truy nhp T xa (Routing and Remote Access Service RRAS) c h tr cho cc tnh nng Chuyn i a ch Mng (Network Address Translation NAT), Dch v Xc thc Internet (Internet Authentication Service IAS), cc giao thc nh tuyn nh Giao thc Th ng tin nh tuyn (Routing Information Protocol RIP) v U tin ng Ngn nht (Open Shortest Path First OSPF). Dch v File v In n: Ngi d ng trong mng c th truy nhp cc a, th mc v my in chia s trn mt my ch chy phin bn Standard ca h iu hnh . Mi my khch (client) khi mun truy nhp n cc ti nguyn chia s trn my ch s phi c mt Giy QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 11 GII THIU H IU HNH WINDOWS SERVER 2003 php Truy nhp (Client Access License - CAL). Phin bn Standard th ng thng c bn thnh mt gi gm 5, 10 Giy php Truy nhp

    (CAL) hoc nhiu hn, v khi mun thm nhiu ngi d ng truy nhp, bn s phi mua b sung cc Giy php Truy nhp (CAL) ny. My ch Terminal (u cui): Mt my ch chy Phin bn Standard c th thc hin chc nng mt My ch Dch v Du cui, cho php cc my tnh v cc thit b khc c th truy nhp mn hnh Windows v cc ng dng ang chy trn my ch ny. My ch Dch v Du cui bn cht l mt k thut iu khin t xa cho php cc my khch (client) truy nhp n mt phin lm vic Windows trn my ch. Mi ng dng c thc thi trn my ch v ch bn phm, mn hnh v cc th ng tin hin th c truyn qua mng. Cc my khch ca My ch Dch v Du cui c yu cu Giy php Truy nhp khc so vi Giy php Truy nhp chun CAL mc d Phin bn Standard cung cp sn mt Giy php Truy nhp cho 2 ngi d ng s dng dch v Remote Desktop for Administration (Dch v truy nhp ton mn hnh t xa dnh cho cc tc v qun tr), mt c ng c qun tr t xa da trn dch v Terminal Cc dch v bo mt: Phin bn Standard cn c rt nhiu cc tnh nng bo mt m mt ngi qun tr c th trin khai nu cn, bao gm kh nng M ha H thng File (EFS) bo v cc file trn cc cng my ch bng cch lu tr ch ng trong mt nh dng c m ha, tnh nng bo mt IP (IP Security - IPsec) m rng, - s dng ch k s m ha d liu trc khi truyn i trn mng, tnh nng tng la ICF qui nh cc lut i vi cc lung d liu i t Internet vo trong mng v tnh nng s dng Public Key Infrastructure (PKI) cung cp kh nng bo mt da trn m ha bng kha c ng khai v cc chng nhn s ha. Phin bn Doanh nghip (Enterprise Edition) Phin bn Enterprise c thit k hat ng trn cc my ch cu hnh mnh ca cc t chc doanh nghip c va v ln. Phin bn ny khc phin bn Standard ch yu mc h tr phn cng. v d: Bn Enterprise h tr ti a 8 b vi x l so vi 4 b ca bn Standard v ti a 32GB b nh RAM so vi kh nng ca bn Standard ch l 4GB. Phin bn Enterprise cn b sung thm mt s tnh nng quan trng m kh ng c trong bn Standard, bao gm cc thnh phn sau: Microsoft Metadirectory Services - MMS (Dch v Siu Th mc Microsoft): Metadirectory bn cht l th mc ca cc th mc mt QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 12 GII THIU H IU HNH WINDOWS SERVER 2003 phng tin tch hp nhiu ngun th ng tin vo mt th mc n, thng nht. MMS cho php ch ng ta c th kt hp cc th ng tin trong Active Directory vi cc dch v th mc khc, to ra mt cch nhn tng th tt c cc th ng tin v mt ti nguyn no . Phin bn Enterprise ch cung cp h tr cho MMS m kh ng phi l phn mm MMS thc s, phn mm ny bn phi ly t Microsoft Consulting Service (Dch v t vn Microsoft - MCS) hoc th ng qua mt tha thun vi i tc MMS. Server Clustering (Chui My ch): Chui my ch l mt nhm cc my ch nhng li ng vai tr nh mt my ch n cung cp kh nng sn sng cao cho mt nhm cc ng dng. Tnh sn sng trong trng hp ny c ngha l cc chu trnh hot ng ca ng dng c phn b u trong cc my ch trong chui, gim ti trn mi my ch v cung cp kh nng chu li nu bt k my ch no b s c. Cc my ch trong chui, c gi l cc n t, u c kh nng truy nhp n mt ngun d liu chung, th ng thng l mt mng lu tr ln (Storage Area Network - SAN), cho php cc n t lu n c duy tr c ng mt ngun th ng tin d liu c s. Phin

    bn Enterprise h tr my ch cluster c ti a 8 n t B nh RAM Cm nng (Hot Add Memory): Phin bn Enterprise bao gm phn mm h tr mt c tnh ca phn cng gi l B nh Cm nng, cho php ngi qun tr mng c th thm hoc thay th b nh RAM trong my ch m kh ng cn tt my hoc khi ng li. s dng tnh nng ny, my tnh phi c phn cng h tr tng ng. Qun tr Ti nguyn H thng ca Windows (Windows System Resource Manager - WSRM): Tnh nng ny cho php ngi qun tr mng c th phn b ti nguyn h thng cho cc ng dng hoc chu trnh da trn nhu cu ca cc ngi d ng, ng thi duy tr cc bn bo co v ti nguyn do cc ng dng hay chu trnh trong h thng s dng. iu ny cho php cc t chc doanh nghip c th thit lp gii hn s dng ti nguyn cho mt ng dng xc nh hoc tnh chi ph cho khch hng da trn cc ti nguyn h s dng. Phin bn Trung tm D liu (Datacenter Edition) Phin bn Datacenterc thit k cho cc my ch ng dng cao cp, lu lng truy nhp ln, yu cu s dng rt nhiu ti nguyn h thng. Phin bn ny cng gn ging Phin bn Enterprise khi so snh cc tnh nng, tuy nhin n h tr tt hn cho vic m rng phn cng, c th h tr ti a QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 13 GII THIU H IU HNH WINDOWS SERVER 2003 64GB b nh v 32 b vi x l. Phin bn ny kh ng tch hp mt s tnh nng c trong bn Enterprise, v d nh tnh nng ICS v ICF bi v cc my ch cao cp chy bn Datacenter th ng thng kh ng c gn cc vai tr cn s dng n cc chc nng ny. LU : Mua phin bn Datacenter. Vic mua cc phin bn Datacenter, cng ging nh i vi phin bn Web, kh ng c thc hin th ng qua cc knh phn phi l. Bn c th mua cc h iu hnh ny th ng qua mt OEM nh l sn phm km theo trong mt b phn cng my ch cao cp. Cc phin bn 64-Bit C hai Phin bn Enterprise v Datacenter u c cc phin bn ring h tr cc my tnh trang b b vi x l Intel Itanium. Itanium l mt b vi x l h tr vic nh a ch 64-bit (trong khi cc b vi x l Intel x86 tiu chun ch h tr 32-bit), cho php m rng kh ng gian b nh o v v ng b nh phn trang ng thi ci tin hiu nng x l du phy ng. N c thit k c bit cho cc tc v yu cu nng sut b x l cc ln, v d nh cc ng dng c s d liu khng l, cc phn tch khoa hc v cc my ch Web c lng truy nhp rt ln. Cc yu cu h thng cho cc phin bn Itanium chy cc phin bn Enterprise v Datacenter ca h iu hnh Windows 2003 Server v c bn rt khc so vi cc yu cu ca cc phin bn ny i vi cc phn cng x86 (c tng kt trong Bng 1-2). ng thi, mt s tnh nng trong cc phin bn dnh cho h thng x86 s kh ng c trong Itanium, v d cc chip Itanium s kh ng h tr cc ng dng Windows 16-bit, cc ng dng ch thc, cc ng dng POSIX (Portable Operating System Interface for UNIX) hoc cc dch v in n cho cc my trm Apple Macintosh. Bng 1-2: Cc yu cu h thng c bit cho bn Windows Server 2003 trn Itanium: Enterprise Edition Datacenter Edition Tc ti thiu ca CPU RAM ti a

    Khong trng a ti thiu 733 MHz 64 GB 2 GB 733 MHz 512 GB 2 GB

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 14 GII THIU H IU HNH WINDOWS SERVER 2003 CI T WINDOWS SERVER 2003 Trc khi bn c th hc cch qun tr v duy tr mt h thng Windows Server 2003, bn phi c kh nng ci t h iu hnh ny v cu hnh n thc hin cc tc v theo yu cu. Mc d kha ny kh ng gii thiu v cc ch nng cao nh thit k Active Directory, tuy nhin s cp n vic qun tr cc i tng Active Directory v d nh cc ngi d ng, my tnh v cc nhm. Trc khi bn c th thc hnh mt s cc bi tp thc hnh trong cun sch ny v trong cun Lab Manual, bn phi c mt my tnh ci t h iu hnh Windows Server 2003 v c cu hnh thnh mt my ch qun tr min s dng Active Directory Cc giai on ci t: Nu bn c kinh nghim ci t Windows Server 2000, bn s thy qu trnh ci t Windows Server 2003 rt thn thin. N c chia thnh 2 giai on ring bit: Ch text: Giai on khi to qu trnh ci t bt u khi my tnh khi ng t a CD cha b ci Windows Server 2003 v chy chng trnh Winnt.exe. Kh ng ging nh Windows 2000 v cc phin bn trc , Windows Server 2003 kh ng h tr vic bt u ci t t a mm. Chng trnh Winnt.exe np cc file ca h iu hnh Windows Server 2003 t a CD. y l phin bn hn ch, thc thi trong ch vn bn ca h iu hnh bi v cc file cn thit cho Giao din ha ngi d ng (Graphical User Interface - GUI) cha c ci t. Chng trnh ny s nh dng phn v ng m s s dng lm a h thng, To cu tr c th mc gc ca h thng v chp cc file ca h iu hnh t cc th mc tm vo ng v tr. Tip theo chng trnh ci t bt u xy dng registry, to cc kha cha cc th ng tin c bn v h iu hnh, cng nh cc th ng tin v phn cng c pht hin trong qu trnh ci t. Sau my tnh khi ng li. Ch ha: Khi h thng khi ng li ln hai, n s dng cc file khi ng v cc file ca h iu hnh, hin nm c nh trn a h thng. Giao din Windows thn thin xut hin ln u tin, s dng trnh iu khin hin th VGA vi phn gii thp. Sau khi h thng khi ng xong, qu trnh ha bt u bng chu trnh pht hin phn cng. Khi cc phn cng mi c pht hin, v trnh iu khin c ci t, chng trnh bt

    u thu thp

    th ng tin t ngi d ng m n cn hon thnh qu trnh ci t, ng thi n s ci t rt nhiu thnh phn kh ng thit yu khc ca h thng. Nu QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 15 GII THIU H IU HNH WINDOWS SERVER 2003 nh card mng c pht hin, chng trnh ci t s ci cc thnh phn mng cn thit v kt buc ch ng vi trnh iu khin thit b mng. Cui c ng, chng trnh xy dng Thc n Khi ng (Start Menu), thit lp cc tham s bo mt h thng, xa cc file tm to ra trong qu trnh ci t v lu cu hnh h thng li trc khi khi ng li ln cui c ng. Cc thao tc ci t: Phn ny s trnh by cc bc chi tit ca qu trnh ci t Windows Server 2003 vi gi nh rng bn s dng mt my tnh tha mn cc yu cu h thng ca Windows Server 2003, ng thi bn ci t h iu hnh t mt a CD nguyn gc v cc a cng ca h thng l hon ton trng. LU : Cc thay i trong qu trnh ci t. Cc thao tc ci t y gi nh rng bn s dng mt my tnh c cu hnh phn cng c bn. S c mt ca cc thit b phn cng nht nh no khc trong my tnh c th gy ra cc thay i trong qu trnh ci t (v d nh cc bc cu hnh b sung) kh ng c cp y. Ci t Windows Server 2003: ci t Windows Server 2003, s dng cc thao tc sau y: 1. a a CD c b ci Windows Server 2003 vo trong CD-ROM v khi ng li my. Nu bn nhn c th ng bo press a key to boot from CD.. (nhn phm bt k khi ng t CD). nhn mt phm bt k 2. Sau khi my tnh khi ng, mt chui cc th ng bo hin ra ni rng trnh ci t ang xem xt cc cu hnh phn cng ca my tnh. Sau mn hnh Windows Setup xut hin 3. Nu my tnh ca bn cn c cc trnh iu khin thit b lu tr c bit kh ng c trong b ci ca Windows Server 2003, nhn F6 khi c nhc v cung cp cc trnh iu khin thit b ph hp.

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 16 GII THIU H IU HNH WINDOWS SERVER 2003

    4. H thng s nhc bn nhn F2 nu bn mun thc hin thao tc Kh i phc H thng T ng (Automated System Recovery - ASR). Kh ng nhn F2 l c ny v qu trnh ci t tip tc

    LU : Th tc Kh i phc h thng t ng (Automated System Recovery ASR): L mt tnh nng mi trong Windows Server 2003 thay th tnh nng a Sa cha Khn cp (Emergency Repair Disk) QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 17 GII THIU H IU HNH WINDOWS SERVER 2003 c trong cc phin bn trc ca Windows. Mun tm thm th ng tin v ASR, xem Chng 4 ca cun sch ny.

    Mt thanh trng thi pha di mn hnh ch ra trnh ci t ang np cc file. iu ny l cn thit khi ng phin bn ti gin ca h iu hnh. Vo l c ny, phn cng ca h thng cha c nhn dng chnh xc, do sau khi np lp nhn ca h iu hnh, trnh ci t s np mt danh sch cc trnh iu khin thit b h tr cho mt lng ln cc thit b lu tr, bn phm, con tr chut v thit b video, tt c to ra mt cu hnh vo/ra chun cho php qu trnh ci t c th tip tc c.

    LU : nh v cc Trnh iu khin Thit b Lu tr. Nu mt trnh iu khin ca mt thit b lu tr no kh ng nm trong Windows Server 2003, bn phi chun b n, khi ng li qu trnh ci t v nhn F6 cung cp ch ng cho chng trnh ci t. 5. mt mn bit Welcome Nu bn ang ci t phin bn th nghim ca Windows Server 2003, hnh nhc nh ci t (Setup Notification) s thng bo cho bn iu . c th ng bo ny v nhn Enter tip tc. Mn hnh To Setup (Cho mng bn n vi trnh ci t) s xut hin.

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 18 GII THIU H IU HNH WINDOWS SERVER 2003

    6. c th ng bo Welcome To Setup v nhn Enter tip tc, Mn hnh License Agreement (Tha thun Bn quyn) xut hin.

    7. c tha thun v bn quyn v nhn F8 chp nhn. Mt mn hnh xut hin lit k mt danh sch cc phn v ng trn cc cng trong my tnh c ng vi cc v ng kh ng gian a trng. T mn hnh ny, bn c th to v xa cc phn v ng trn cc a cng nu cn. Nu bn tr vo la QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 19 GII THIU H IU HNH WINDOWS SERVER 2003 chn Unpartitioned Space (Kh ng gian a cha phn v ng), bn c th to mt phn v ng trn ton b kh ng gian a . Nu bn mun to mt

    phn v ng s dng mt phn ca kh ng gian a cng cha phn v ng , bn nhn phm C v nhp vo kch thc ca phn v ng m bn mun to. hon thnh bi tp thc hnh trong cun sch ny, xut nn s dng mt phn v ng ti thiu 3GB. Bn cnh , bn phi dnh ra t nht 1GB kh ng gian cha phn v ng trn a cng chun b cho cc bi tp thc hnh v vic to cc phn v ng mi trong Windows 2003 sau ny.

    8. La chn mt kh ng gian a cha phn v ng c dung lng ti thiu 4GB v nhn C, ng thi nhp vo kch thc phn v ng nh to l 3072. Sau nhn Enter 9. Mt mn hnh xut hin, nhc bn la chn h thng file s dng khi nh dng phn v ng la chn. La chn Format The Partition Using The NTFS File System (nh dng phn v ng s dung h thng file NTFS) v nhn Enter.

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 20 GII THIU H IU HNH WINDOWS SERVER 2003

    Trnh ci t s nh dng phn v ng s dng NTFS, kim tra cc li vt l ca a cng m c th gy ra s c khi ci t v bt u chp cc file t a CD vo trong a cng. Qu trnh ny c th chim ca bn vi ph t.

    10.Trnh ci t s khi to cu hnh ca Windows v sau hin th ln mn hnh mt thanh trng thi mu th hin s m gim dn trong 15 QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 21 GII THIU H IU HNH WINDOWS SERVER 2003 giy trc khi my tnh khi ng li v chuyn sang ch ha ca qu

    trnh ci t.

    Trnh ci t Windows s np v hin th mt giao din ha cho php theo di cc tin trnh ci t khung bn tri. Khi cc tin trnh Collecting Information (Thu thp th ng tin), Dynamic Update (Cp nht ng) v Preparing Installation (Chun b ci t) u c la chn, th hin rng cc bc ny hon thnh. Tin trnh Collecting Information (Thu thp th ng tin) c hon thnh trc khi giao din ha ny xut hin v tin trnh Dynamic Update (Cp nht ng) kh ng c thc hin khi ch ng ta ci t t a CD.

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 22 GII THIU H IU HNH WINDOWS SERVER 2003

    Tin trnh Preparing Installation (Chun b ci t) c thc hin khi m trnh ci t chp xong cc file vo a cng. Bc ci t Windows bt u vi qu trnh pht hin cc phn cng, qu trnh ny c th din ra trong vi ph t. Kh ng ging nh chu trnh pht hin phn cng khi ch vn bn, trong n nhn bit phn cng bng vic np cc trnh iu khin v s dng th ri pht hin li, qu trnh ny nhn bit chnh xc cc thnh phn trong my tnh, ghi th ng tin v ch ng vo registry, ng thi cu hnh sao cho h iu hnh np cc trnh iu khin chun cho phn cng . Sau c ng, Windows Setup Wizard (Trnh Hng dn Ci t Windows) s c np v trang Regional And Language Options (T y chn v ng v ng n ng) xut hin. 11. Chnh sa cc thit lp mc nh v v ng v ng n ng nu cn thit, bng cch nhn chut vo phm Customize hoc Details. Sau nhn Next. Trang Personalize Your Software (T y bin phn mm ca bn) xut hin.

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 23 GII THIU H IU HNH WINDOWS SERVER 2003

    12. Trong hp thoi Name, nhp vo tn ca bn v trong hp thoi Organization, nhp vo tn ca c quan ri nhn Next. Trang Your Product Key (Kha sn phm ca bn) xut hin.

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 24

    GII THIU H IU HNH WINDOWS SERVER 2003

    13. Nhp vo cc hp thoi Product Key cc th ng s kha ca sn phm i km trong a CD Windows Server 2003 v nhn Next. Trang Licensing Modes - (Cc ch giy php) xut hin

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 25 GII THIU H IU HNH WINDOWS SERVER 2003

    14.Gi nguyn gi tr mc nh l 5 trong mc Per Server Number Of Concurrent Connections (S lng cc kt ni ng thi trn 1 my ch) v nhn Next. Trang Computer Name And Administrator Password (Tn my tnh v mt khu qun tr) xut hin. LU : Bn quyn Windows Server 2003. Nu bn s dng phin bn th nghim ca Windows Server 2003, gi tr mc nh 5 kt ni ng thi ti my ch l hon thnh kha hc ny. Tuy nhin, nu bn s dng mt bn Windows Server 2003 c bn quyn, bn nn nhp vo mt s lng hp l cc kt ni ng thi da trn Giy php (license) m bn c.

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 26 GII THIU H IU HNH WINDOWS SERVER 2003

    15.Trong hp thoi Computer Name, nhp vo Serverxx trong xx l s th t duy nht m ging vin cung cp cho bn. CNH BO: Trnh tnh trng tr ng tn. Nu my tnh ca bn kt ni vo mng LAN, kim tra vi qun tr mng trc khi nhp vo tn cho my tnh ca bn 16.Trong hp thoi Administrator Password v Confirm Password, nhp mt khu cho ti khon Administrator v sau nhn Next. Trang Date And Time Settings (Thit lp ngy gi) xut hin. QUAN TRNG: Xc nh mt khu. i vi phng thc ci t th c ng, Windows Server 2003 s kh ng cho php bn chuyn ti bc tip theo cho n khi bn nhp vo mt khu cho ti khon Administrator tha mn cc yu cu phc hp. Theo mc nh, Windows Server 2003 yu cu mt mt khu phc hp phi c di ti thiu 7 k t, ng thi cha ti thiu 3 trong 4 thnh phn sau: k t hoa, k t thng, ch s v k t c bit. Bn c php s dng mt khu trng, tuy nhin vic s dng mt khu trng l kh ng c khuyn khch

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 27

    GII THIU H IU HNH WINDOWS SERVER 2003

    17.Nhp vo thi gian v ngy thng chnh xc ng thi la chn m i gi chun cho khu vc ca bn. Sau nhn Next, mn hnh Network Settings (Thit lp mng) xut hin

    18.

    a chn mc nh Typical Settings v sau nhn Next. Trang Workgroup Or Computer Domain (Gia nhp min hoc nhm) xut hin. QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 28 GII THIU H IU HNH WINDOWS SERVER 2003 LU : Cc thit lp mng in hnh. La chn Typical Settings trong trang Network Settings s cho php trnh ci t thc hin ci t cc thnh phn sau: Client for Microsoft Networks, Network Load Balancing, File and Printer Sharing for Microsoft Networks v Internet Protocol (TCP/IP) (mc d module Network Load Balancing b v hiu ha) ng thi cu hnh TCP/IP cho php nhn a ch IP t mt my ch DHCP. Nu bn kt ni vi mt h thng mng kh ng c my ch DHCP, bn phi xc nh a ch IP v cc thit lp cu hnh TCP/IP khc th ng qua ngi qun tr mng, ng thi la chn Custom Settings v nhp cc tham s ny vo cho my tnh ca bn c kh nng kt ni vi cc my khc trong mng LAN.

    19.Gi nguyn la chn mc nh No v tn nhm mc nh l WORKGROUP v nhn Next. Trnh ci t s ci v thit lp cc thnh phn cn li ca h iu hnh bng cch chp cc file, ci t thc n Start, ng k cc thnh phn, lu cc thit lp v xa cc file tm. Sau qu trnh ci t kt th c, my tnh t kh ng v mn hnh Welcome To Windows (Cho mng bn n vi Windows) xut hin. QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 29 GII THIU H IU HNH WINDOWS SERVER 2003

    Trong m i trng kinh doanh, v d nh mt mng doanh nghip ln, qu

    trnh ci t h iu hnh thng s c thc hin khc so vi cc thao tc trn. Ngi qun tr mng ca mt c ng ty ln vi rt nhiu my tnh thng kh ng c thi gian thc hin qu trnh ci t th c ng v ko di nh trn i vi tng my tnh. H c th s dng rt nhiu phng n thc hin theo phng thc dy chuyn hoc t ng ha qu trnh ci t Windows Server 2003, bao gm cc phng php sau y: File tr li: Mt file tr li l mt script (kch bn) cha cc gi tr thit lp ca tt c cc t y chn hin th cho ngi d ng trong qu trnh ci t Windows nh trn. Vi mt file tr li c cu hnh tt, ta c th bt u qu trnh ci t h thng v n chy m kh ng cn phi tc ng g bi cc tham s tr li cho cc cu hi trong qu trnh ci t c trong file tr li. iu hn ch ln nht ca phng php trin khai ci t h iu hnh s dng file tr li l mi my tnh cn mt file tr li ring. Mt s gi tr thit lp trong qu trnh ci t phi l duy nht, v d nh tn my tnh hoc a ch IP.

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 30

    GII THIU H IU HNH WINDOWS SERVER 2003 Nhn nh a. Khi bn trin khai ci t mt s lng ln cc my tnh ging nhau, bn c th b qua cc qu trnh ci t ny bng cch s dng nh a. Mt nh a l mt bn sao bit-to-bit ca a cng trong my tnh m c ci t h iu hnh. Vic chuyn nh a ny sang mt my tnh khc c cu hnh phn cng tng t cho php h iu hnh c th chy trn my tnh m kh ng phi ci t li. Windows Server 2003 c cung cp km theo mt c ng c gi l Remote Installation Services (Dch v ci t t xa) cho php ngi qun tr mng c th s dng trin khai cc nh a n cc my tnh qua ng truyn mng. Kch hat (Activate) Windows Server: Mt s phin bn ca Windows Server 2003, bao gm c bn th nghim cung cp km theo trong cun sch ny, yu cu bn phi kch hat (activate) h iu hnh sau khi ci t. T y thuc vo phin bn m bn ang s dng, bn c th c 14 hoc 30 ngy kch hat Windows Server 2003. Kch hat l mt qu trnh rt n gin, ch thc hin 1 ln bng cch nhn Start, chn All Programs v nhn vo Activate Windows. Trang mn hnh Lets Activate Windows (Hy kch hot Windows) trong Trnh Hng dn Kch hot Windows Activate Windows Wizard xut hin (nh trong Hnh 1-1)

    Hnh 1-1: Trang Lets Activate Windows trong Trnh Hng dn Kch h t Windows QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 31 GII THIU H IU HNH WINDOWS SERVER 2003 LU : Volume Licensing (Giy php khi). Nu bn c c bn quyn Windows Server 2003 th ng qua mt chng trnh Microsoft volume licensing no , bn s kh ng phi kch hot bn quyn ny. kch hot Windows qua Internet, bn phi kt ni my tnh vi Internet trc khi bn c th bt u qu trnh kch hot. iu ny c ngha l my tnh c trang b mt modem v cu hnh kt ni n mt nh cung cp dch v (ISP) hoc cu hnh vi mt vi tham s TCP/IP (bao gm a ch IP, Mt n mng con (Subnet Mask), my ch DNS v cng ra (gateway) mc nh) ri kt ni n mng LAN m c ng ra Internet. Nu my tnh kh ng th truy nhp Internet, bn phi kch hot Windows bng in thoi CU HNH WINDOWS SERVER 2003 Sau khi ci t v kch hot Windows, bn c th cu hnh my ch bng cch s dng trang Manage Your Server (Cu hnh My ch Ca bn), nh trong Hnh 1-2. Trang ny c np sau khi bn ng nhp, hoc bn c th np n bt k l c no bng cch la chn Manage Your Server trong thc n Start. Trang ny cho php bn ci t mt s dch v, c ng c c bit v cu hnh da vo vai tr m my ch ny thc hin.

    Hnh 1-2: Trang Manage Your Server Khi bn nhn vo lin kt Add Or Remove A Role (Thm hoc bt vai tr), trnh hng dn cu hnh my ch (Configure Your Server Wizard) QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 32 GII THIU H IU HNH WINDOWS SERVER 2003 hin ra. Sau khi qut tm kim th ng tin v cc kt ni mng, trnh hng dn ny cho php bn c th la chn mt trong nhng vai tr sau: My ch File: Cung cp kh nng truy nhp n file v th mc mt cch tp trung cho tng ngi d ng, phng ban v ton b t chc. La chn vai tr ny cho php bn qun l kh ng gian a cng bng cch kch hat v cu hnh disk quota (Hn ngch a cng) v nng cao hiu qu tm kim h thng file bng cch s dng Indexing Services (Dch v ch mc) My ch in n: Cung cp kh nng truy nhp n cc thit b in n mt cch tp trung v c qun l. My ch in n s s dng mt my in chung v trnh iu khin thit b in phc v cho ngi d ng trn cc my trm. La chn vai tr ny s khi ng Add Printer Wizard (Trnh hng dn ci t my in), cho php bn c th ci t cc my in v cc trnh iu khin thit b in tng ng ca Windows. La chn vai tr my ch in n s ng thi ci t IIS 6, cu hnh Internet Printing Protocol (Giao thc in n qua Internet IPP) v ci t cc c ng c qun tr my in trn nn Web My ch ng dng (IIS, ASP.NET): Cung cp cc thnh phn c bn c th h tr cc ng dng Web. Vic la chn thc hin vai tr ny s ci t v cu hnh IIS 6 c ng vi Microsoft ASP.NET v COM+ ln my ch. My ch th in t (POP3, SMTP): Ci t cc giao thc Post Office Protocol version 3 - (POP3) v Simple Mail Transfer Protocol - (SMTP) cho php my ch c th thc hin chc nng ca mt my ch qun l th in t vo v ra cho cc ngi d ng trn mng. My ch Terminal: Cung cp cho cc my khch kh nng truy nhp n cc ng dng v ti nguyn trn my ch nh l cc ng dng v ti nguyn ny c ci t trn chnh cc my trm. Ngi d ng kt ni n my ch ny bng cch s dng cc chng trnh Terminal Services client (My khch Chy dch v u cui truy nhp t xa) hoc Remote Desktop client (My khch Truy nhp ton mn hnh t xa) My ch VPN/Truy nhp t xa: Cung cp cc dch v truy nhp t xa v nh tuyn a giao thc cho cc kt ni quay s, LAN v WAN. Kt ni Virtual private network (Mng ring o - VPN) cho php ngi d ng v cc chi nhnh xa c th kt ni n mt cch bo mt QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 33

    GII THIU H IU HNH WINDOWS SERVER 2003 m kh ng tn nhiu chi ph, s dng Internet nh l phng thc truyn th ng. My ch qun tr min - My ch qun tr min s dng Active Directory cung cp dch v th mc cho cc my khch trong mng. La chn ny s khi ng Active Directory Installation Wizard (Trnh hng dn ci t Active Directory) v cho php bn cu hnh my ch thc hin chc nng ca mt my ch qun tr min cho mt min mi hoc min sn c v nu nh cha c my ch DNS no trong mng, trnh ci t ny s ci t dch v Microsoft DNS Server My ch DNS: Cung cp kh nng phn gii tn bng cch phn gii t tn my sang a ch IP (phn gii xu i forward lookups) v t a ch IP sang tn my ch (phn gii ngc - reverse lookups). Vic la chn vi tr ny s ci t dch v Microsoft DNS Server v sau khi ng Configure A DNS Server Wizard (Trnh hng dn cu hnh my ch DNS) My ch DHCP: Cung cp dch v cp a ch IP t ng cho cc my trm (Cc my trm ny phi cu hnh s dng IP ng). Vic la chn vai tr ny s ci t dch v DHCP Server v khi ng trnh hng dn New Scope Wizard (Trnh Hng dn to Phm vi DHCP mi) cho php bn c th nh ngha mt hoc nhiu di a ch IP trong mng My ch Streaming Media. Vic la chn vai tr ny s ci t dch v Windows Media Services WMS, cho php my ch c th cung cp cc d liu ni dung phim nh a phng tin (stream multimedia content) qua kt ni mng ni b hoc Internet. Ni dung ny c th c lu tr v cung cp cho ngi d ng theo yu cu hoc truyn theo thi gian thc. My ch WINS: Cung cp kh nng phn gii tn my tnh bng cch phn gii cc tn NetBIOS sang a ch IP. Kh ng cn thit phi ci t dch v WINS tr khi bn mun h tr cc h iu hnh trc y nh Windows 95 v Windows NT, cc h iu hnh ny da trn cch s dng tn my kiu NetBIOS. Cc h iu hnh mi nh Windows Server 2003, Windows 2000 v Windows XP kh ng yu cu dch v WINS mc d cc cc ng dng kiu c trn cc h iu hnh ny c th yu cu vic phn gii tn NetBIOS. Vic la chn vai tr ny s ci t dch v WINS.

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 34 GII THIU H IU HNH WINDOWS SERVER 2003 TO MY CH QUN TR MIN hon thnh bi tp thc hnh trong sch ny v trong cun Lab Manual, bn phi c mt my tnh ci t Windows Server 2003 v c cu hnh nh mt my ch qun tr min. Ci t Active Directory: cu hnh my Serverxx ca bn thc hin chc nng ca mt my ch qun tr min, s dng cc thao tc sau y: LU : Cc la chn khi ci t Active Directory. Khi trnh hng dn ci t Active Directory chy, cc li nhc hin ra c th khc nhau t y vo vic n pht hin trong h thng mng c my ch qun tr min no hay kh ng. Nu bn kt ni my tnh n mt mng c mt min khc, cc bc c th thay i v bn c th phi iu

    chnh li cc la chn hoc ngt kt ni ra khi mng trc khi lm bi tp thc hnh ny. 1. ng nhp vo my tnh Windows Server 2003 bng ti khon Administrator 2. Nu trang Manage Your Server (Qun tr my ch ca bn) kh ng m, bn c th m n t thc n nhm chng trnh Administrative Tools 3. Nhn vo lin kt Add Or Remove A Role (Thm hoc bt vai tr). Trnh hng dn cu hnh my ch (Configure Your Server Wizard) c np v trang Preliminary Steps (Cc bc khi u) xut hin.

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 35 GII THIU H IU HNH WINDOWS SERVER 2003

    4. Xc nhn rng cc bc lit k trong trang ny c hon thnh v sau nhn Next. Sau mt khong thi gian ch khi trnh ny qut v kim tra trn mng, trang Server Role (Vai tr my ch) xut hin.

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 36 GII THIU H IU HNH WINDOWS SERVER 2003

    5. my ch 6. Wizard

    La chn Domain Controller (Active Directory) t danh sch cc vai tr v nhn Next. Trang Summary Of Selections hin ra. Nhn Next. Trnh hng dn ci t Active Directory Installation c np.

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 37 GII THIU H IU HNH WINDOWS SERVER 2003 7. Nhn Next b qua trang Welcome. Trang System Compatibility (Tnh tng thch h thng) xut hin

    Next. Trang

    Domain

    Controller Type (Kiu my ch qun tr min) hin ra.

    8.

    c cc th ng tin trong trang ny v nhn

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 38 GII THIU H IU HNH WINDOWS SERVER 2003 9. Gi nguyn gi tr mc nh Domain Controller For A New Domain (My ch qun tr min cho mt min mi) c la chn v nhn Next. Trang Create New Domain (To min mi) xut hin

    10.Gi nguyn gi tr mc nh Domain In A New Forest (Min trong mt rng mi) c la chn v nhn Next. Trang New Domain Name (Tn min mi) xut hin.

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 39 GII THIU H IU HNH WINDOWS SERVER 2003

    11.Trong hp thoi Full DNS Name For New Domain (Tn DNS y ca min mi), nhp vo : ACNAxx.com, trong xx l s m ging vin cp cho bn, sau nhn Next. Trang NetBIOS Domain Name (Tn min NetBIOS) xut hin.

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 40 GII THIU H IU HNH WINDOWS SERVER 2003 12.Xc nhn rng tn xut hin trong hp thoi Domain NetBIOS Name l ACNAXX v nhn Next. Trang Database And Log Folders (Th mc cha CSDL v nht k) xut hin.

    13.Nhn Next chp nhn v tr mc nh ca cc th mc cha log v CSDL. Trang Shared System Volume (Th mc h thng c chia s) xut hin.

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 41 GII THIU H IU HNH WINDOWS SERVER 2003 14.Nhn Next chp nhn v tr mc nh ca th mc h thng chia s. Trang DNS Registration Diagnostics (Chn on ng k DNS) xut hin

    Ti thi im ny, trnh hng dn s th kt ni n cc c ch nh trong phn cu hnh TCP/IP, xc nh liu DNS c cha cc bn ghi cn thit cho qu trnh ci t Active Directory hay kh ng. 15.La chn Install And Configure The DNS Server On This (Ci t v cu hnh my ch DNS trn my tnh ny) v sau Trang Permissions (Cp php) xut hin

    my ch DNS cc my ch Min s dng Computer nhn Next.

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 42 GII THIU H IU HNH WINDOWS SERVER 2003

    16.Nhn Next chp nhn la chn mc nh v quyn cp php v sau nhn Next. Trang Directory Services Restore Mode Administrator Password (Mt khu ti khon qun tr trong ch kh i phc dch v th mc) xut hin

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 43 GII THIU H IU HNH WINDOWS SERVER 2003 17.Nhp mt khu tng ng vo cc hp thoi Restore Mode Password v Confirm Password v sau nhn Next. Trang Summary (Tng kt) xut hin

    18.Xem li ton b cc th ng s m bn chn v nhn Next. Trnh ci t s bt u ci t cc dch v Active Directory v DNS Server. 19.Khi qu trnh cu hnh hon thnh xong, trang Completing The Active Directory Installation Wizard (Hon thnh qu trnh ci t Active Directory) xut hin. Nhn Finish. 20.Mt hp thoi th ng bo ca trnh ci t Active Directory Installation Wizard xut hin, nhc bn khi ng li my tnh. Nhn Restart Now 21.Sau khi my tnh khi ng li, bn ng nhp bng ti khon Administrator. Trnh hng dn Configure Your Server Wizard li xut hin, hin th trang This Server Is Now A Domain Controller (My ch ny by gi l mt my ch qun tr min).

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 44

    22.Nhn Finish GII THIU H IU HNH WINDOWS SERVER 2003

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 45 GII THIU H IU HNH WINDOWS SERVER 2003 CC KHI NIM C BN V ACTIVE DIRECTORY Mc d dch v th mc Active Directory kh ng phi l ch chnh trong kha hc ny, tuy nhin mt s khi nim c bn v Active Directory l lu n lu n cn thit cho mi cn b qun tr mng Window Server 2003. Cc chng sau y s kh ng bn bc v cc ch nng cao nh thit k Active Directory hay qun tr schema, nhng bn s s dng cc c ng c qun tr Active Directory cung cp trong Windows Server 2003 v s hc cch thao tc vi cc c tnh ca cc i tng trong Active Directory, v d nh ngi d ng, nhm v my tnh.

    LU : Active Directory. hc thm v cc ch nng cao trong Active Directory, bn c th tham d kha hc cho k thi 70294: Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure (Lp k hoch, trin khai v duy tr mt h thng Microsoft Windows Server 2003 Active Directory) Dch v th mc (Directory Service) l g ? th ng mng ni b u tin xut hin trong nhng nm u 1990 c t H chc thnh mt nhm cc my tnh v c gi l workgroup (Nhm lm vic). Mt workgroup my tnh cho php ngi d ng c th phi hp tt hn trong c ng mt d n khi cn chia s cc ti nguyn nh cc vn bn v my in. V v gi tr ca vic s dng cc h thng mng d liu ngy cng c khng nh trong th gii kinh doanh, cc h thng mng cng tr nn ln dn. Ngy nay mt h thng mng ca cc t chc doanh nghip thng c hng ngn n t mng. Khi cc h thng mng ngy cng ln dn, s lng ti nguyn chia s cng nhiu hn, v do ngy cng kh khn trong vic nh v v tm kim cc ti nguyn. Khi bn lm vic cho mt c ng ty vi 12 nhn vin, bn kh ng kh khn g trong vic nh s in thoi bn ca mi ngi, tuy nhin khi c ng ty bn c n 1200 nhn vin, vic nh ht cc s ny l iu kh ng tng. tm ra mt s ca ngi bn mun lin lc, phn ln cc c ng ty ln u s dng mt danh b bao gm tn v s lin lc ca mi ngi trong t chc, ngi ta gi l directory (Th mc). Mt dch v th mc l mt ngun ti nguyn s ha, mc d c th thc hin cc chc nng kh ng

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 46 GII THIU H IU HNH WINDOWS SERVER 2003 ging nhau nhng u cha mt danh sch cc ti nguyn c th s dng trong mt h thng mng d liu. Mt dch v th mc c th cha cc th ng tin v cc my tnh trong mng, cc ngi d ng mng v c cc thit b phn cng, phn mm v d nh cc my in v ng dng. Bng cch lu tr th ng tin trong mt th mc trung tm, cc ti nguyn ny c th c s dng i vi tt c mi ngi ti mi thi im. Min v my ch qun tr min: H thng mng Windows h tr 02 m hnh dch v th mc: workgroup v domain, trong M hnh Min c ng dng trong cc t chc trin khai Windows Server 2003. M hnh dch v th mc workgroup l mt CSDL phng bao gm tn cc my tnh v c thit k cho cc mng nh. y l hnh thc dch v th mc s khai c gii thiu trong h iu hnh Windows NT 3.1 nhng nm 1990. M hnh Min l mt kin tr c th mc c phn cp ca cc ti nguyn Active Directory v c s dng bi tt c cc h thng l thnh vin ca min. Cc h thng ny c th s dng cc ti khon ngi d ng, nhm v my tnh trong th mc bo mt cc ti nguyn ca ch ng. Active Directory do ng vai tr nh mt trung tm lu tr nhn thc, cung cp mt danh sch tin cy ch ra Ai l ai trong min. Bn thn Active Directory cn hn l mt CSDL, n cha mt danh sch cc thnh phn h tr, bao gm c cc transaction logs (nht k giao dch) v d liu h thng - cn gi l Sysvol ni y cha cc th ng tin v cc kch bn ng nhp v chnh sch nhm. N l mt dch v h tr v s dng cc CSDL ny, bao gm giao thc Lightweight Directory Access

    Protocol (LDAP Giao thc truy nhp th mc hng nh), giao thc bo mt Kerberos, cc chu trnh ng b d liu v dch v ng b file (File Replication Service - FRS). Cui c ng, Active Directory l mt b su tp cc c ng c m ngi qun tr mng c th s dng qun l dch v th mc. C s d liu ca Active Directory v cc dch v ca n c ci t trn mt hay nhiu my ch qun tr min. Mt my ch qun tr min l mt my ch c thng cp bng cch chy trnh ci t Active Directory (Active Directory Installation Wizard) nh m t trong phn trc thuc chng Khi to my ch qun tr min. Khi my ch c thng cp thnh mt my ch qun tr min, n cha mt bn (hay mt bn sao) ca CSDL Active Directory. QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 47 GII THIU H IU HNH WINDOWS SERVER 2003 Bi v Active Directory l mt ti nguyn c s v rt quan trng ca h thng, n phi lu n sn sng vi mi ngi d ng trong mi thi im. V l do ny, min Active Directory th ng thng c t nht 2 my ch qun tr min nu mt my ch b s c, my ch cn li vn c th phc v ngi d ng. Cc my ch qun tr min lu n lu n ng b d liu vi nhau nn mi my ch ny u cha cc th ng tin hin ti ca min h thng. Khi mt ngi qun tr mng thay i mt bn ghi trong CSDL ca Active Directory trn bt k mt my ch qun tr min no, s thay i ny c ng b vi tt c cc my ch qun tr min trong min . iu ny c gi l ng b a ch (multiple-master) bi v ch ng ta c th thay i trn bt k mt my ch qun tr min no. LU : ng b n ch (Single-Master). M hnh min da trn nn Windows NT s dng mt k thut dc gi l ng b n ch (single-master) trong mi thay i i vi cc bn ghi ca min phi c thc hin trn mt my ch qun tr min chnh (primary domain controller - PDC) v cc th ng tin ny sau c ng b vi mt hay nhiu my ch qun tr min d phng (Backup Domain Controller - BDC). Vic ng b a ch (Multiple-master) l tt hn cho mt h thng mng ln bi v ngi qun tr c th cp nhn cc th ng tin cho CSDL Active Directory trn bt k mt my ch qun tr min no, kh ng nht thit phi trn my ch PDC. Domain, Tree v Forest (Min, Cy v Rng) Mt min l mt n v qun tr c bn ca dch v th mc trong Windows Server 2003. Hn na mt h thng mng ln c th c nhiu hn mt min trong Active Directory ca n. M hnh nhiu Min s to ra mt cu tr c logic c gi l cc cy (Tree) nu nh ch ng chung nhau mt kh ng gian tn min DNS. v d: ACNA.com, us.ACNA.com v europe.ACNA.com c ng chung mt kh ng gian tn min DNS v c coi l mt cy (tree) nh ch ra trn Hnh 1-3. Min ACNA.com l min cha trong hai min cn li c gi l min con v do ACNA.com cng c gi l min gc (root domain)

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 48 GII THIU H IU HNH WINDOWS SERVER 2003

    Hnh 1-3: Cy s dng Active Directory Nu cc min trong mt Active Directory kh ng chia s mt min gc chung, h thng s c nhiu cy. Mt Active Directory cha nhiu cy s c gi l mt rng (forest) nh ch ra trn Hnh 1-4. Rng l mt kin tr c ln nht trong Active Directory. Khi bn thng cp my ch qun tr min u tin trong mt h thng mng Windows Server 2003, bn ng thi to ra mt rng, mt cy trong rng v mt min trong cy . Mt rng c th cha rt nhiu min trong nhiu cy, hoc c th ch c mt min.

    Hnh 1-4: Rng s dng Active Directory QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 49 GII THIU H IU HNH WINDOWS SERVER 2003 Khi qu trnh ci t Active Directory c nhiu hn mt min, mt thnh phn ca Active Directory gi l Global Catalog cho php cc my trm trong mt min c th tm kim th ng tin trong mt min khc. Global catalog bn cht l mt tp hp bao gm cc th ng tin d liu ca tt c cc min kt hp li. Khi bn tm kim mt ngi d ng trong mt min khc, global catalog c th kh ng cha tt c cc th ng tin v ngi d ng , tuy nhin n d liu tr li cho bit bn c th tm kim cc th ng tin chi tit hn u. Cc i tng v thuc tnh: Mi CSDL u c to nn bi cc bn ghi v trong Active Directory, cc bn ghi ny c gi l cc i tng. Mt i tng l mt phn t th hin mt ti nguyn mng xc nh. Mt Active Directory c th cha cc i tng th hin cc ti nguyn vt l, v d nh cc my tnh v my in, hoc cc ti nguyn nhn s, v d nh cc ngi d ng v nhm, hoc cc ti nguyn phn mm, v d nh ng dng v v ng DNS, hoc cc ti nguyn qun tr, v d nh cc OU v site. Sau khi thng cp mt my tnh thnh my ch qun tr min, ngi qun tr c th to cc i tng trong min . Cc i tng Active Directory c s dng th ng dng nht l: Domain (Min): L mt i tng gc c cha cc i tng khc trong min Organizational Unit (n v t chc): L mt i tng cha (container object) c s dng to ra cc nhm logic bao gm cc i tng nh my tnh, ngi d ng v nhm. Ngi d ng: Th hin mt ngi d ng mng v thc hin chc nng l d liu nhn dng v xc thc. My tnh: Th hin mt my tnh trong mng v cung cp ti khon my tnh cn thit cho h thng ng nhp vo Min Nhm: Mt i tng cha th hin mt nhm logic cc ngi d ng, my tnh hoc cc nhm khc, c lp trongcu tr c ca Active Directory. Cc nhm c th cha cc i tng t cc OU v cc Min. Th mc chia s: Cung cp cc truy nhp mng da trn Active Directory n mt th mc chia s trong mt my tnh Windows. My in: Cung cp cc truy nhp mng da trn Active Directory n mt my in trong mt my tnh Windows QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 50 GII THIU H IU HNH WINDOWS SERVER 2003 Mi i tng Active Directory c cha mt tp hp cc thuc tnh, chnh l cc th ng tin v i tng . Mt i tng ngi d ng, s c cc thuc

    tnh m t tn ti khon ngi d ng , mt khu, a ch, s in thoi v cc th ng tin nhn dng khc. Mt i tng nhm s c mt thuc tnh cho bit d h an sch cc ngi d ng l thnh vin ca nhm . Ngi qun tr mng c th s dng Active Directory cha bt k th ng tin no v cc ngi d ng trong t chc v cc ti nguyn khc. Bn cnh cc thuc tnh thun t y th ng tin, cc i tng cn c cc thuc tnh thc hin cc chc nng qun tr, v d nh mt Danh sch Kim sot Truy nhp (Access Control List - ACL) ch nh ai c cc Cp php truy nhp n i tng . Cc phn t trong Active Directory ch ra kiu i tng no m ngi qun tr c th to ra v thuc tnh no mi i tng c th c, c gi l schema (lc ). Theo mc nh, Active Directory schema cha mt b danh sch cc kiu i tng v cc thuc tnh, nhng i khi ch ng ta cn thm vo Active Directory cc kiu i tng khc hoc cc thuc tnh khc cho cc kiu i tng sn c. iu ny l hon ton c th bi v Active Directory schema l c th m rng. Ngi qun tr c th m rng schema th c ng bng cch s dng snap-in Active Directory Schema hoc cc ng dng c th t ng m rng schema to cc kiu i tng mi hoc cc thuc tnh mi cn thit. v d khi bn ci t Microsoft Exchange, ng dng ny s chnh sa schema thm vo cc thuc tnh mi cho mi i tng ngi d ng trong CSDL ca Active Directory. Cc containers v leaves (i tng Cha v i tng L) Active Directory c kh nng cha hng triu i tng v do phi c mt phng thc t chc cc i tng thnh cc n v nh hn trong min. t chc qun l cc i tng nh vy, Active Directory s dng kin tr c phn cp. Mt min c gi l mt i tng cha bi v cc i tng khc c th c to ra v phn cp trong min. OU l mt dng khc ca i tng cha m ngi qun tr c th to ra cc i tng phn cp trong ni b min. Mt i tng kh ng th cha cc i tng khc, v d nh mt ngi d ng hoc my tnh, c gi l leaf object (i tng l) Mt trong cc tc v kh khn v phc tp trong vic qun tr Active Directory l to ra mt kin tr c phn cp cc OU sao cho hiu qu nht. Ngi qun tr c th s dng rt nhiu cch thit k cu tr c phn cp OU, v d nh thit k theo v tr a l, theo phng ban hoc kt hp c hai. Hnh 1-5 l mt v d cho thy cu tr c phn cp ca Active Directory trong lp OU u tin th hin cc thnh ph ca mt t chc c rt nhiu chi QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 51 GII THIU H IU HNH WINDOWS SERVER 2003 nhnh, v lp th hai th hin cc phng ban trong mi chi nhnh. Bng cch to ra cu tr c phn cp Active Directory mt cch logic, ngi d ng v ngi qun tr mng c th d dng xc nh v tm kim cc i tng khi cn.

    Hnh 1-5: Mt cu tr c phn cp OU trong Active Directory Nhm cng l mt i tng cha, nhng n kh ng phi l thnh phn ca cu tr c phn cp bi v cc thnh vin ca nhm c th nm bt k u trong min. thc hin ng chc nng t chc, cc i tng cha ng thi phi ng vai tr quan trng trong vic qun tr cc i tng. Trong mt h thng file, cc Cp php c p dng trn cc i tng c truyn t trn xung di trong cu tr c phn cp. v d nu bn gn cho mt i tng OU c Cp php truy nhp mt th mc chia s no , th cc i tng nm trong OU s c tha hng cc Cp php truy nhp ny. y l mt trong nhng tnh nng c bn trong cu tr c phn cp m ngi qun tr c th p dng mt cch hiu qu. Thay v gn cc quyn v cp php cho tng ngi d ng, ngi qun tr c th gn cc quyn v cp php ny cho cc i tng cha v cc i tng ngi d ng trong n s c tha hng cc Quyn v Cp php cn thit. Cc chnh sch nhm: Do cch thc tha hng cc thit lp t i tng mc cha truyn xung mc con, ngi qun tr c th s dng cc OU gom cc i tng cn cu hnh tng t nhau. Cc thit lp cu hnh m bn p dng n tng my QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 52 GII THIU H IU HNH WINDOWS SERVER 2003 tnh chy Windows cng c th qun tr mt cch tp trung nh s dng mt tnh nng ca Active Directory gi l chnh sch nhm (Group Policy GP). Cc chnh sch nhm cho php bn xc nh cc thit lp bo mt, trin khai phn mm, cu hnh h iu hnh v cch thc hat ng ca cc ng dng trn mt my tnh m kh ng cn thit phi thc hin trc tip trn my tnh . Bn c th thit lp cc t y chn cu hnh trn mt i tng c bit ca Active Directory gi l i tng Chnh sch Nhm (Group Policy Object - GPO) sau kt ni cc GPO ny vo cc i tng trong Active Directory cha cc my tnh hoc ngi d ng m bn mun cu hnh. GPO l mt tp hp ca rt nhiu cc thit lp cu hnh, t cc quyn ng nhp ca ngi d ng n cc phn mm c cho php hat ng trong h thng. Bn c th gn cc GPO ny vi mi i tng cha trong Active Directory nh Min, site hoc OU v cc my tnh v ngi d ng trong cc i tng cha s nhn c cc thit lp cu hnh trong GPO. Trong hu ht cc trng hp, ngi qun tr mng thit k cu tr c phn cp sao cho c th p dng cc GPO mt cch hiu qu nht. Bng cch t cc my tnh c cc vai tr xc nh vo trong c ng mt OU, bn c th gn mt GPO c cc thit lp c bit da trn vai tr ca cc my tnh vo OU ny v nh vy bn cu hnh mt l c c nhiu my tnh.

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 53 GII THIU H IU HNH WINDOWS SERVER 2003 TNG KT Windows Server 2003 c 4 phin bn chnhWeb Edition, Standard Edition, Enterprise Edition v Datacenter Editionchng khc nhau trong cch h tr phn cng v cc tnh nng m ch ng cung cp. Phin bn Enterprise v Datacenter c cc phin bn ring c th s dng vi cc nn phn cng 64 bit cng nh 32 bit. Windows Server 2003 bn thng mi hay bn d ng th u yu cu c kha sn phm v bn phi kch hat sn phm trong vng 14 hoc 30 ngy sau khi ci t. Trang Manage Your Server v Trnh Hng dn Cu hnh My ch (Configure Your Server Wizard) cho php bn c th cu hnh my tnh chy Windows Server 2003 thc hin cc chc nng khc nhau. Active Directory l dch v th mc da trn min, cha cc i tng m bn thn cc i tng ny li c mt tp cc thuc tnh ca ch ng. Cu tr c phn cp ca Active Directory c to bi rng, cy, min v OU. Quyn, Cp php v cc Chnh sch Nhm s c truyn xung theo cu tr c phn cp . ci t Active Directory, bn thng cp mt hay nhiu my tnh chy Windows Server 2003 thnh my ch qun tr min bng cch s dng trnh ci t Active Directory Installation Wizard. Mt my ch qun tr min s cha mt bn ca CSDL Active Directory v n s chu trch nhim cung cp th ng tin Active Directory p ng cc

    yu cu ca ngi d ng. BI TP THC HNH Bi tp thc hnh 1-1: La chn h iu hnh i vi mi phin bn h iu hnh ca Windows Server 2003 trong ct bn tri, hy ch ra cc m t tng ng trong ct bn phi. 1. 2. 3. 4. Web Edition Standard Edition Enterprise Edition Datacenter Edition

    a. H tr 512 GB b nh b. H tr chui my ch c 8 n t c. Kh ng chy c cc ng dng 16 bit d. H tr chui my ch 32 n t, c cn bng ti (NBL) QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 54 GII THIU H IU HNH WINDOWS SERVER 2003 5. Datacenter Edition (64bit) e. H tr my tnh c 4 CPU

    Bi tp thc hnh 1-2: ng nhp vo Windows Khi bn hon thnh vic ci t h iu hnh Windows Server 2003, my tnh khi ng li v hin tr hp thoi Welcome To Windows ng nhp vo my tnh ln u tin, bn thc hin cc thao tc sau: 1. Trong mn hnh Welcome To Windows, bn nhn ng thi 3 phm CTRL+ALT+DELETE. Hp thoi Log On To Windows (ng nhp vo Windows) xut hin. 2. Trong hp thoi Password, nhp vo mt khu m bn thit lp cho ti khon Administrator trong qu trnh ci t h iu hnh. Mn hnh nn Windows xut hin. Bi tp thc hnh 1-3: Xem cc i tng Active Directory Khi bn to ra mt Min Active Directory, theo mc nh h iu hnh s to ra mt s i tng cha v i tng l (container v leaf objects). xem th ng tin v cc i tng ny, s dng cc thao tc sau: 1. ng nhp vo my ch qun tr Min bng ti khon Administrator 2. Nhn Start, tr n Administrative Tools v nhn vo Active Directory Users And Computers (Qun tr my tnh v ngi d ng trong Active Directory). Ca s Active Directory Users And Computers xut hin. 3. M rng biu tng min ACNAxx.com trong bn tri v la chn OU Users bn trong domain . Cc i tng ngi d ng v nhm trong OU Users xut hin trong bn phi.

    CC CU HI N TP 1) Bn ang c k hoch trin khai cc my tnh chy Windows Server 2003 cho mt phng ban gm 250 ngi. My ch s cha cc th mc gc v cc th mc chia s cho phng ban ny, ng thi n s cha mt s my in cc ti liu ca phng ban ny c th gi n in n. Phin bn no ca Windows Server 2003 s cung cp gii php hiu qu nht cho phng ban ny. Gii thch v cu tr li ca bn. 2) Phin bn no sau y ca Windows Server 2003 yu cu kch hot sn phm: QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 55 GII THIU H IU HNH WINDOWS SERVER 2003

    a) Phin bn bn l Standard b) Phin bn th nghim Enterprise c) Phin bn Enterprise, Giy php m (Open License) d) Phin bn Standard, Giy php theo dung lng (Volume License) 3) Ch ra s khc bit c bn gia cy Active Directory v rng Active Directory? 4) Kiu i tng Active Directory no sau y kh ng phi l i t cha? a) Ngi d ng b) Nhm c) My tnh d) Organizational unit 5) Mnh no sau y l ng khi ni v qu trnh ci t trong Windows Server 2003 ? (La chn tt c cc mnh c th) a) Trnh ci t c th c np bng cch khi ng t a CD. b) Trnh ci t c th c np bng cch khi ng t cc a mm c) Trnh ci t yu cu mt khu ca ti khon Administrator kh ng phi l trng p ng cc yu cu v tnh phc hp. d) Trnh ci t yu cu bn phi kch hot bn quyn sn phm trc khi ci t h iu hnh

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003

    56 GII THIU H IU HNH WINDOWS SERVER 2003 CC KCH BN TNH HUNG Kch bn 1-1: Cc tnh nng ca Windows Server 2003, phin bn Web Bn l ngi qun tr mng v c giao nhim v trin khai cc my ch Windows Server 2003 cho Web-site thng mi mi ca c ng ty. Web-site ny do mt nh t vn thu ngoi thit k. Site ny yu cu 4 my ch Web, cu hnh thnh mt chui my ch 4 trm (Clusters) hot ng theo ch Load-balancing (cn bng ti) ng thi phi c 1 my ch CSDL n chy trn nn SQL Server. K hoch trin khai ca cn b t vn yu cu s dng Windows Server 2003 Web Edition trn c 5 my ch. Trong cc mnh sau y, mnh no l ng khi ni v xut trin khai ny? 1. Phin bn Web l h iu hnh ph hp vi 5 my ch ny 2. Phin bn Web l h iu hnh ph hp vi my ch CSDL nhng kh ng ph hp vi cc my ch Web bi v n kh ng h tr chui my ch ch cn bng ti (NLB) 3. Phin bn Web l h iu hnh ph hp vi cc my ch Web nhng kh ng ph hp vi my ch CSDL v n kh ng th chy SQL Server 4. Phin bn WebEdition kh ng phi l h iu hnh ph hp vi c my ch Web v my ch CSDL Kch bn 1-2: La chn phin bn Windows Server 2003 Bn ang c k hoch trin khai cc my tnh Windows Server 2003 cho mt min Active Directory mi trong mt Tng c ng ty ln bao gm rt nhiu Active Directory tch bit c cc c ng ty con duy tr. Tng c ng ty quyt nh s dng Exchange Server 2003 xy dng h thng truyn tin thng nht cho ton b cc chi nhnh v d nh s dng Microsoft Metadirectory Services (MMS Dch v Siu th mc Microsoft) ng b cc thuc tnh ca cc i tng trn ton h thng. Phin bn Windows Server 2003 no s cung cp phng n hiu qu nht cho vic trin khai ny. Gii thch cu tr li.

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 57 QUN TR H IU HNH MICROSOFT WINDOWS SERVER 2003

    CHNG 2: QUN TR H IU HNH MICROSOFT WINDOWS SERVER 2003 C ng vic hng ngy ca ngi qun tr h thng Windows Server 2003 phn ln bao gm cc nhim v cu hnh cc i tng Active Directory,

    chnh sa cc phn mm v cc dch v thit lp trn my tnh, ci t cc phn cng v phn mm mi, s dng cc c ng c m h iu hnh cung cp thc hin rt nhiu nhim v khc. Khi h thng m rng thm nhiu my tnh, cc nhim v phi lm cng tng dn theo. Microsoft Management Console (MMC Bng iu khin Qun tr Microsoft) l c ng c qun tr ch yu ca h thng Windows Server 2003. MMC cho php ngi qun tr c th tch hp cc c ng c th ng dng vo trong mt giao din n v s dng ch ng qun tr cc my tnh Windows mi ni trong mng. Hiu bit v cc tnh nng ca MMC l iu rt quan trng gi p cho vic qun tr h thng mt cch hiu qu hn. Khi cc yu cu iu khin my tnh xa tr nn phc tp hn ngoi kh nng ca cc tc v c thc hin bi MMC, ch ng ta c th s dng hai c ng c quan trng khc qun tr t xa: Remote Desktop for Administration (Mn hnh Qun tr T xa) v Remote Assistance (Tr gi p T xa). Remote Desktop for Administration l mt ng dng theo kiu my ch/my khch trong mn hnh iu khin ca my ch xa c hin th trn mn hnh ca my trm ti ch, cho php bn c th iu khin chc nng ca chut v bn phm nh l bn ng nhp ti ch vo my tnh xa . Remote Assistance c chc nng tng t tuy nhin n c thit k cho php mt ngi s dng Windows Server 2003 hay Windows XP c th yu cu s tr gi p t ngi d ng khc trong mng. Khi mt ngi d ng a ra mt yu cu h tr, mt chuyn gia no trong mng c th thit lp mt kt ni t xa n mn hnh ca ngi d ng . Sau khi kt th c chng ny, bn c th: S dng cc bng iu khin MMC cu hnh sn. To mt bng iu khin MMC mi. Qun tr c my tnh ti ch v xa bng bng iu khin MMC QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -58--QUN TR H IU HNH MICROSOFT WINDOWS SERVER 2003 X l cc s c ca Dch v u cui Cu hnh my ch cho php s dng Remote Desktop for Administration Cho php my tnh c kh nng chp nhn cc yu cu Remote Assistance S dng mt trong cc phng php yu cu v thit lp mt phin lm vic Remote Assistance.

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -59--QUN TR H IU HNH MICROSOFT WINDOWS SERVER 2003 S DNG MICROSOFT MANAGEMENT CONSOLE (MMC) MMC l mt ng dng lp v (shell application) m Windows Server 2003 s dng cung cp cc truy cp n phn ln cc c ng c qun tr mng v h thng. MMC cung cp mt giao din chun th ng dng cho mt hoc nhiu cc module ng dng (c gi l cc snap-in) c s dng cu hnh m i trng h thng. Cc snap-in ny c trao cc nhim v khc nhau v cng c th kt hp, sp xp theo th t, hoc nhm li vi nhau trong mt lp v MMC t y theo s thch ca ngi qun tr. Mt MMC vi mt hoc nhiu snap-in ci t s c gi l mt Console (Bng iu khin). Phn ln cc c ng c qun tr ch yu trong Windows Server 2003 l cc bng iu khin MMC vi mt danh sch cc snap-in c ci t ph hp cho mt ng dng no . Ngoi tr mt s trng hp, cn li hu ht mi shortcut (lin kt tt) trong nhm chng trnh Administrative Tools (Cc c ng c qun tr) trn mt my tnh Windows Server 2003 u c lin kt n cc bng iu khin MMC cu hnh sn. V d, khi bn thng cp mt my tnh Windows Server 2003 thnh mt my ch qun tr domain, trnh hng dn ci t Active Directory Installation Wizard s to ra cc shortcut n ba c ng c qun tr ch yu cho Active Directory: Active Directory Domains and Trusts (Min v Quan h tin cy trong Active Directory ) Active Directory Sites and Services (Dch v v V tr trong Active Directory) Active Directory Users and Computers (Ngi d ng v Nhm trong

    Active Directory) Mi shortcut s m ra mt Bng iu khin MMC cha mt snap-in n nh trn Hnh 2-1. V d snap-in Active Directory Users and Computers c thit k sn cho vic qun tr cc i tng ngi d ng, nhm v my tnh trong min. l cc snap-in nm trong lp v MMC, ch kh ng phi l bn thn cc MMC cung cp cc c ng c qun tr m bn ang s dng.

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -60--QUN TR H IU HNH MICROSOFT WINDOWS SERVER 2003

    Hnh 2-1: Bng iu khin Active Directory Users and Computers Ba bng iu khin Active Directory lit k trn u cha cc snap-in n l, nhng mt bng iu khin MMC kh ng ch gii hn s dng mt snapin ti mt thi im. Khi bn m bng iu khin Computer Management (Qun tr My tnh) trong nhm chng trnh Administrative Tools trn bt c mt my tnh Windows Server 2003 no, bn c th thy mt bng iu khin cha rt nhiu snap-in, tt c kt hp trong mt giao din n, thun tin nh trong Hnh 2-2

    Hnh 2-2: Bng iu khin Computer Management QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -61--QUN TR H IU HNH MICROSOFT WINDOWS SERVER 2003 LU : Tnh tng thch ca MMC. Bng iu khin MMC c th chy trn cc h iu hnh Windows Server 2003, Windows XP, Windows 2000, Windows NT 4 v Windows 98. S dng giao din MMC MMC s dng kiu thit k 2 , ging nh Windows Explorer (Trnh duyt Windows). bn tri, c gi l scope pane (khung phm vi), cha mt dan s h ch phn cp cc snap-in ci t trong bng iu khin ny v cc tiu m bng iu khin ny cung cp. Cu tr c phn c c gi l console tree (Cy iu khin). Bn c th m rng v thu nh cc phn t thuc khung phm vi hin th nhiu hoc t cc th ng tin, ging nh khi bn m rng v thu nh cc th mc bn trong Windows Explorer. La chn mt phn t trong khung phm vi s hin th ni dung ca n trong bn phi ca bng iu khin, c gi l details pane (Khung chi tit). Cc thnh phn m bn nhn thy trong khung chi tit s hon ton ph thuc vo chc nng ca cc snap-in m bn ang s dng. S dng cc Thc n trong MMC Pha trn hai ni trn, MMC c mt thc n v thanh c ng c chun ca Windows. Cc lnh trn cc thc n v cc c ng c trn thanh c ng c s thay i t y theo snap-in no bn ang la chn trong khung phm vi. V d khi bn m bng iu khin Computer Management v ln lt nhn vo mi snap-in trong khung phm vi, bn s thy ni dung ca thanh c ng c thay i theo cc snap-in ny, ng thi thay i c mt s ni dung ca thc n . Thc n chnh cho cc chc nng theo ng cnh trong mt bng iu khin MMC l thc n Action (Hnh ng). Khi bn la chn mt phn t ca snap-in trong c scope pane hay details pane, thc n Action s thay i cc lnh p dng vi phn t . Phn ln cc thc n Action cha mt th c n con All tasks (tt c cc tc v) cho php bn la chn cc tc v c th thc hin trn phn t m bn ang chn. (Nh ch ra trn hnh 23). Th ng thng ta c th thy mt thc n con New (mi) di thc n Action cho php bn c th to cc phn t con trong phn t bn ang chn. Trong hu ht cc trng hp, cc lnh trong thc n Action i vi

    mt phn t la chn cng s xut hin trong thc n ng cnh, s hin ra khi bn nhn chut phi vo phn t .

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -62--QUN TR H IU HNH MICROSOFT WINDOWS SERVER 2003

    Hnh 2-3: Thc n Action trong mt bng iu khin MMC Mc d thc n Action thay i thng xuyn, cc thc n khc trong MMC c th cha cc thnh phn ng cnh xc nh, in hnh l thc n View, cha cc lnh iu khin cch thc snap-in hin th th ng tin. V d mt s snap-in trong MMC theo mc nh ch hin th mt phn cc th ng tin c th, tuy nhin khi dng lnh Advanced Features (Cc tnh nng tin tin) xut hin trn thc n View, vic la chn lnh ny s cho php bng iu khin hin th y cc th ng tin (Nh th hin trong Hnh 2-4)

    Hnh 2-4: Bng iu khin Active Directory Users and Computers hin tr khi chn Advanced Features

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -63--QUN TR H IU HNH MICROSOFT WINDOWS SERVER 2003 S dng nhiu ca s Windows. Nu bn quan st cn thn trong phn pha trn bn phi ca mt trong cc bng iu khin MMC nh ngha sn, bn c th thy hai t hp phm thao tc Windows bi v cc snap-in ci t trong bng iu khin ny thc ra nm trong mt ca s ring v trong trng thi cc i (maximize) theo mc nh. Khi bn nhn vo phm Restore Down (thu nh - phm gia trong 3 phm) cc snap-in ny s thu v trng thi ca s ni nh trong Hnh 2-5.

    Hnh 2-5: Mt bng iu khin MMC vi ca s ni Bn c th to thm cc ca s trong bng iu khin ny bng cch la chn New Window t thc n Window. iu ny cho php bn to ra 2 cch xem khc nhau i vi mt snap-in n hoc c ng mt l c c th lm vic vi hai snap-in khc nhau trong mt bng iu khin (Nh hin th trong Hnh 2-6). Bn c th la chn mt phn t trong khung phm vi v la chn lnh New Window From Here (Ca s mi t y) t thc n Action to ra mt ca s mi trong phn t va la chn s c nm mc gc ca bng iu khin.

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -64--QUN TR H IU HNH MICROSOFT WINDOWS SERVER 2003

    Hnh 2-6: Mt bng iu khin Windows vi 2 ca s m LU : M nhiu ca s Windows. Kh ng phi tt c cc bng iu khin MMC u cho php bn c th m ra nhiu ca s. Bn c th cu hnh mt bng iu khin hot ng ch User mode (ch Ngi d ng) ngn nga vic to ra cc ca s mi. c thm th ng tin v iu ny, xem thm mc Cc la chn thit lp Bng iu khin trong phn sau ca chng ny. To cc bng iu khin MMC t y chn. Windows Server 2003 c mt tp hp rt nhiu cc MMC Snap-in, kh ng phi tt c u c th truy cp ngay th ng qua cc shortcut mc nh trong thc n Start (Bt u). Mt s c ng c rt mnh c trang b c ng vi h iu hnh bt bn phi t tm kim ch ng. Cc Developer (Lp trnh vin pht trin) ca cc hng phn mm khc cng c th to ra cc MMC snapin ca ring h v thm vo trong cc sn phm ca h. iu ny dn n mt trong nhng kh nng tt nht ca MMC, l kh nng to ra cc bng iu khin t y chn cha bt k cc snap-in no m bn mun s dng. Bn c th kt hp mt hoc nhiu snap-in hoc mt phn ca cc snap-in vo trong mt bng iu khin n to nn mt giao din n trong bn c th thc hin mi tc v qun tr h thng. Bng cch to ra cc MMC t y chn, bn kh ng phi chuyn gia cc chng trnh hoc cc bng iu QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -65---

    QUN TR H IU HNH MICROSOFT WINDOWS SERVER 2003 khin khc nhau. Cc bng iu khin t y chn c th cha mi snap-in ca Windows Server 2003, cho d ch ng c a vo hay kh ng trong cc bng iu khin cu hnh sn, hay cc snap-in ca cc phn mm khc m bn c. File thc thi ca MMC l mmc.exe. Khi bn chy file ny t hp thoi Run hoc t du nhc dng lnh, mt bng iu khin trng c to ra nh th hin trong hnh 2-7. y l mt bng iu khin kh ng c snap-in no c v khi cc thc n v thanh c ng c s c cc chc nng mc nh ca MMC. Phn t duy nht trong ca s bng iu khin l console root object (i tng gc ca bng iu khin) nm trong khung phm vi, n l mt khung cha, th hin mc trn c ng ca cu tr c phn cp trong bng iu khin. Trc khi bn c th thc hin bt k mt tc v qun tr no bng bng iu khin ny, bn phi thm mt hoc nhiu cc snap-in vo trong .

    Hnh 2-7: Mt bng iu khin MMC trng Thm cc snap-in C hai loi snap-in nh sau: n l (StandAlone ): Mt snap-in n l l mt c ng c n m bn c th ci t trc tip vo trong mt MMC trng. Cc snap-in n l QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -66--QUN TR H IU HNH MICROSOFT WINDOWS SERVER 2003 xut hin trong lp u tin, nm trc tip di gc ca bng iu khin trong khung phm vi. M rng (Extension): Cc snap-in m rng cung cp thm tnh nng cho cc snap-in n l. Bn kh ng th thm mt snap-in m rng vo

    mt bng iu khin m trc cha thm snap-in n l tng ng. Cc snap-in m rng c th xut hin di cc snap-in n l tng ng trong khung phm vi ca bng iu khin. Mt s snap-in s cung cp cho ta c chc nng ca mt snap-in n l v m rng. V d snap-in Event Viewer (Xem s kin) c s dng hin th ni dung ca cc nht k s kin trong my tnh. Trong bng iu khin Computer Management, snap-in Event Viewer xut hin nh l mt snap-in m rng, nm di i tng System Tools trong khung phm vi, tuy nhin bn c th thm snap-in Event Viewer vo mt bng iu khin no nh l mt snap-in n l v khi n s nm ngay di gc ca bng iu khin. thm cc snap-in vo mt bng iu khin t y chn, bn la chn Add/Remove Snap-in (thm/bt Snap-in) t thc n File hin th hp thoi Add/Remove Snap-in (nh th hin trong Hinh 2-8). Theo mc nh, th Standalone trong hp thoi ny c la chn, bn nhn Add (thm) hin th mt danh sch cc snap-in n l c sn trong my tnh.

    Hnh 2-8: Hp thoi Add/Remove Snap-in QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -67--QUN TR H IU HNH MICROSOFT WINDOWS SERVER 2003 Bn c th la chn v thm vo bng iu khin bao nhiu snap-in n l t y thch. Sau khi bn thm cc snap-in n l vo, bn c th tr vo snapin n l , la chn th Extensions hin th mt danh sch cc snap-in m rng gn km vi snap-in n l m bn chn (Th hin trong hnh 29). Sau khi b i du chn trong Add All Extensions, bn c th la chn tng snap-in m rng m bn mun thm vo bng iu khin ny. S dng danh sch x xu ng trong mc Snap-in Added To, bn c th ch nh snap-in m rng c thm ny s nm ngay di gc ca bng iu khin hay di cc phn t khc trong cy.

    Hn

    h 2-9: Th Extension trong hp thoi Add/Remove Snap-in To cc Taskpad (Bng Tc v) Khi bn nhp xong cc snap-in vo trong bng iu khin t y chn ca mnh, bn c th to thm cc taskpad t y chn. Taskpad l mt v ng nm trong khung chi tit, dnh cho mt s snap-in nht nh, cha cc lin kt

    n cc chc nng thng xuyn c snap-in ny s dng (Th hin trong hnh 2-10). to ra mt taskpad, bn chn mt snap-in trong khung phm vi v la chn New Taskpad View t thc n Action. Trnh hng dn New Taskpad View Wizard s hng dn bn cc thao tc xc nh v tr v cch thc xut hin ca taskpad. Sau khi to ra taskpad, bn c th chy trnh hng dn New Task Wizard to ra cc kt ni trong taskpad ny. QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -68--QUN TR H IU HNH MICROSOFT WINDOWS SERVER 2003

    Hnh 2-10: Mt bng iu khin MMC vi taskpad Cc t y chn thit lp bng iu khin. Khi bn thm cc snap-in bn mun vo trong cc bng iu khin MMC, bn c th thit lp cc la chn ch nh ngi d ng khc c th thay i ci g trong cu hnh ca bng iu khin ny. Chn Options t thc n File hin th hp thoi Options, trong bn c th ch nh tn hin th trn thanh tiu ca bng iu khin, v la chn ch cho bng iu khin. Theo mc nh, mi bng iu khin mi bn to ra u c cu hnh s dng ch Author mode (Ch tc gi) cho php ton quyn truy cp n n mi chc nng ca bng iu khin. Cc ch m bn c th la chn nh sau:

    Author Mode: Cung cp ton quyn truy cp bng iu khin, bao gm kh nng thm hoc bt cc snap-in, to thm ca s, to cc taskpad view v cc tc v, xem ton b th ng tin trong cy bng iu khin, thay i cc la chn v lu cu hnh ca bng iu khin. User Mode: Full Access (Ch ngi d ng - Ton quyn truy cp): Cho php ngi d ng c quyn duyt qua cc snap-in v cc ca s truy cp n mi thnh phn ca cy bng iu khin. Cm ngi d ng thm/bt cc snap-in hoc thay i cc thuc tnh ca bng iu khin. User Mode: Limited Access, Multiple Windows (Ch ngi d ng Hn ch truy cp, nhiu ca s): Cho php ngid ng to ca s mi v xem nhiu ca s trong bng iu khin nhng kh ng cho php ng bt cc ca s sn c. QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -69--QUN TR H IU HNH MICROSOFT WINDOWS SERVER 2003 User Mode: Limited Access, Single Window: (Ch ngi d ng Hn ch truy cp, mt ca s): Kh ng cho php ngi d ng m thm ca s mi v ch cho php xem mt ca s trong bng iu khin Cc ch trong bng iu khin cho php bn to ra cc bng iu khin cho nhng ngi d ng c kh nng hn ch v nhng ngi d ng kh ng c php thay i bng iu khin. Cc thit lp ch trong bng iu khin chnh l l do ti sao bn kh ng th thm cc snap-in vo trong cc bng iu khin c cu hnh sn do Windows Server 2003 cung cp. Lu cc bng iu khin MMC. Khi bn cu hnh xong mt bng iu khin t y chn ng nh bn mong mun, bn phi lu n li thnh mt file sau bn c th tip tc s dng. File bng iu khin MMC c phn m rng .msc v s c gn vi ng dng mmc.exe, do khi m mt file bng iu khin, h thng s np ch ng trnh mmc.exe v m file . Theo mc nh, cc bng iu khin c lu trong th mc Administrative Tools trong User profile (Khi lc ngi d ng) v do n s xut hin nh mt shortcut trong nhm chng trnh Administrative Tools ca thc n Start . LU : shortcut Bng iu khin. Shortcut cho bng iu khin t y chn ca bn ch xut hin trong nhm chng trnh All Programs/Administrative Tools, kh ng phi trong nhm Administrative Tools ca bn thn thc n Start Kt ni n cc my tnh xa Cc bng iu khin MMC xut hin trong thc n Start ca mt my tnh chy Windows Server 2003 u c cu hnh qun l cc ti nguyn trong ni b my tnh . Tuy nhin, vi hu ht cc snap-in c cung cp trong Windows Server 2003, bn cng c th qun l cc my tnh khc qua mng. y l mt trong nhng tnh nng hu ch nht ca MMC bi v n cho php cc nh qun tr mng c th qun tr cc my tnh bt k u trong mng t mn hnh my trm ca mnh. LU : Mc ch ca k thi. Mc ch ca k thi 70-290 l hc vin c kh nng qun tr my ch t xa v qun tr my ch bng cch s dng cc c ng c h tr sn c Bn c th truy cp vo mt my tnh xa s dng mt MMC snap-in bng hai cch:

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -70--QUN TR H IU HNH MICROSOFT WINDOWS SERVER 2003 Hng cc snap-in c sn vo my tnh khc

    kt ni v qun tr h thng khc s dng MMC snap-in, bn phi np bng iu khin bng mt ti khon c quyn qun tr trn my tnh xa. Cp php cn thit chnh xc t y thuc vo chc nng m snap-in thc hin. Nu ti khon s dng kh ng c quyn trn my tnh xa, bn s c kh nng np snap-in nhng kh ng th c th ng tin hoc chnh sa cc thit lp cu hnh trn my tnh . LU : S dung Run as. Nu bn bit ti khon bn ang s dng kh ng c cc cp php cn thit qun l my tnh xa, bn c th s dng tnh nng Run as - cn gi l ng nhp th cp chy bng iu khin vi ti khon khc c cc quyn thch hp vi cc tc v m bn mun thc hin. nh hng cho snap-in. Mt snap-in s c hng n mt h thng xc nh bng cch s dng lnh Connect To Another Computer trong thc n Action. La chn lnh ny s m ra mt hp thoi Select Computer (Nh th hin trn Hnh 2-11), trong bn c th nhp vo tn ca my tnh bn mun qun tr v nhn OK, cc phn t ca snap-in trong khung phm vi s thay i th hin tn ca my tnh m bn va la chn.

    Hnh 2-11: Hp thoi Select Computer Kh ng phi tt c cc snap-in u c kh nng kt ni n cc my tnh xa bi v mt s snap-in kh ng cn iu ny. V d bng iu khin qun tr Active Directory s t ng tm n my ch qun tr min trong mng v QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -71--QUN TR H IU HNH MICROSOFT WINDOWS SERVER 2003 truy cp vo CSDL Active Directory ti , do kh ng cn phi nhp vo

    To mt bng thng khc.

    iu khin t y chn vi cc snap-in tr n cc h

    tn my tnh. To mt bng iu khin kt ni t xa. Kt ni n mt my tnh xa bng cch nh hng mt bng iu khin sn c l cch rt tin dng thc hin cc tc v qun tr, nhng n li b gii hn bi thc t l bn c th ch c truy cp n mt my tnh trong mt thi im. Bn c th m mt bng iu khin v nh hng mi khi bn mun truy cp n h thng xa. Mt phng php c nh hn l to ra mt bng iu khin t y chn vi cc snap-in c nh hng sn n cc h thng khc. Khi bn thm mt snap-in vo mt bng iu khin t y chn bng cch chn n trong danh sch cc snap-in v nhn n t Add, bn c th thy mt hp thoi trong bn c th la chn snap-in ny s qun l my tnh no, nh th hin trong Hnh 2-12. iu ny s lm tng kh nng ca qun tr ca cc MMC, bn kh ng ch to ra cc bng iu khin vi rt nhiu c ng c trong m bn cn c th s dng cc c ng c vi nhiu my tnh trong h thng. V d, bn c th to ra mt bng iu khin n cha rt nhiu snap-in Computer Management trong mi snap-in tr n mt my tnh khc nhau. iu ny cho php bn c th qun tr cc my tnh nd ws Server 2003, Windows XP v Windows 2000 trn ton mng t Wi o mt bng iu khin n duy nht.

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -72--QUN TR H IU HNH MICROSOFT WINDOWS SERVER 2003 Hnh 2-12: Hp thoi Computer Management QUN TR MY CH BNG REMOTE DESKTOP FOR ADMINISTRATION (MN HNH QUN TR T XA) Trong Windows 2000, Terminal Services (Dch v u cui) l mt thnh phn phi ci t ring, cn vi Windows Server 2003 n c ci t mc nh bi h iu hnh coi dch v ny nh l mt thnh phn c tchh hp

    sn ca ch ng. Bng cch mua v cu hnh giy php hp l, bn c th cu hnh mt my tnh chy Windows Server 2003 phc v cc my khch Terminal Services, cung cp kh nng truy cp mn hnh Windows v cc ng dng trn my ch ny. Tuy nhin, Terminal Services kh ng ch c chc nng h tr cc my khch Terminal Services. Bn c th s dng Terminal Services truy cp n cc my tnh xa thc hin cc tc v qun tr m kh ng cn kh nng chia s ng dng. Windows Server 2003 gi l tnh nng Remote Desktop for Administration (Mn hnh Qun tr T xa). H iu hnh cho php ti a 02 kt ni Remote Desktop for Administration ng thi m kh ng yu cu bt k giy php no v s dng rt t ti nguyn h thng. LU : Mc ch ca k thi. Mc ch ca k thi 70-290 l hc vin c kh nng qun tr my ch bng cch s dng Terminal Services theo ch qun tr t xa S dng bng iu khin MMC, bn c th kt ni n mt my tnh xa v thc hin rt nhiu tc v qun tr, tuy nhin mt qun tr mng i khi cn truy cp mt cch ton phn n my tnh . Terminal Services trong Windows Server 2003 cho php mt phn mm my khch c tn Remote Desktop Connection (Kt ni Mn hnh T xa) chy trn mt my tnh khc kt ni n my ch v truy cp n mi thnh phn trong my ch ny. Ca s mn hnh ca my khch hin th mn hnh ca my ch, cho php ngi d ng c th truy cp n mi c ng c v iu khin tiu chun trn my ch v thm ch cn c th chy cc ng dng trn my ch ny. (Th hin trong Hnh 2-13)

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -73--QUN TR H IU HNH MICROSOFT WINDOWS SERVER 2003

    Hnh 1-13: Mt phin lm vic Remote Desktop Kch hot v Cu hnh My ch Remote Desktop Bi v mi thnh phn cn thit thc hin kt ni Remote Desktop for Administration u c ci t mc nh trong h iu hnh Windows Server 2003, do vic kch hot ng dng pha my ch l c ng vic n gin. Trong th Remote ca hp thoi System Properties Cc thuc tnh H thng - (Truy cp n hp thoi ny bng cch chn biu tng System trong bng iu khin Control Panel), la chn Allow Users To Connect Remotely To This Computer (Cho php ngi d ng kt ni t xa n my tnh ny) (Nh hin th trong hnh 2-14). Theo mc nh, thnh vin ca nhm Administrators cc b ca my tnh c quyn truy cp t xa n my tnh ny. cho php ngi d ng khc c th truy cp n my tnh bng Remote Desktop, bn phi chn mc Select Remote Users v thm ti khon ca ngi d ng ny vo danh sch cho php.

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -74--QUN TR H IU HNH MICROSOFT WINDOWS SERVER 2003

    Hnh 1-14: Th Remote trong hp thoi System Properties Vic chn la chn ny l tt c cc vic bn phi lm kch hot my ch Remote Desktop trong Windows Server 2003. Tuy nhin, bn cng c th cu hnh cc thuc tnh ca my ch Remote Desktop bng cch s dng snap-in Terminal Services Configuration trong MMC (Nh th hin trong Hnh 2-15). LU : Terminal Services v My ch qun tr min (DC). Theo mc nh, my ch qun tr min c cu hnh chp nhn cc kt ni Terminal Services ch t cc thnh vin trong nhm Administrators. Thm ch nhng ngi d ng m bn t tay thm vo nhm Remote Desktop Users cng kh ng th truy cp c. loi b hn ch ny, bn phi thay i gi tr hiu lc ca kha Allow Log On Through Terminal Services (Cho php ng nhp t Terminal Services) trong chnh sch nhm, m theo mc nh danh sch lit k trong kha ny ch c nhm Administrators. lm iu ny, bn c th chnh sa chnh sch ni b (Local computer policy) ca my ch qun tr min hoc nh ngha cc thit lp tng t trong i tng chnh sch nhm (GPO) m gn vi cc i tng Active Directory cha cc my ch ny, V d nh Default Domain Controller Policy GPO. (Chnh sch Mc nh cho My ch Qun tr Min) QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -75--QUN TR H IU HNH MICROSOFT WINDOWS SERVER 2003

    Hnh 2-15: Snap-in Terminal Services Configuration cu hnh cc thuc tnh ca my ch Remote Desktop, ta thm snap-in c tn Terminal Services Configuration vo bng iu khin MMC. Nhn vo th mc Connnections trong khung phm vi, la chn kt ni RDP-Tcp lit k trong khung chi tit v t thc n Action, la chn Properties. Hp thoi RDP-Tcp Properties xut hin. S dng cc th trong hp thoi ny, bn c th cu hnh rt nhiu thuc tnh ca my ch nh sau: General (Tng quan): Thit lp mc m ha v k thut xc thc cho kt ni n my ch.

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -76--QUN TR H IU HNH MICROSOFT WINDOWS SERVER 2003 Logon setting (Thit lp ng nhp): Cho php bn xc nh cc th ng s ng nhp c s dng trong cc kt ni n my ch thay cho cc th ng s ng nhp do my khch cung cp.

    Sessions (Phin lm vic): Cha cc thit lp c quyn u tin hn cc thit lp ca my khch, ch ra khi no kt th c mt phin kt ni, gii hn thi gian kt ni v thi gian ngh cho php ca phin, ng thi ch ra c cho php kt ni li hay kh ng. Environment (M i trng): Ph nhn cc thit lp ca my khch v cu hnh trong User profile (Khi lc ngi d ng) chy mt chng trnh no khi kt ni n my ch. Remote Control (iu khin t xa): Ch ra kh nng iu khin t xa ca phin lm vic Remote Desktop Connection c thc hin c hay kh ng v nu c th liu ngi d ng c bt buc phi gn cc quyn khi khi to mt phin lm vic t xa hay kh ng. Cc thit lp ph thm c th hn ch phin lm vic t xa ch cho php xem hoc cho php ton quyn tng tc vi h thng. Client Settng (Cc thit lp vi my khch): Ph nhn cc thit lp trn my khch v cn chnh su mu sc v vic nh x cc ti nguyn. Network Adapter (card mng): Xc nh card mng no trn my ch c th tip nhn cc kt ni Remote Desktop for Administration Permissions (Cp php): Xc nh cc quyn c cp ca cc kt ni Remote Desktop. Ci t v Cu hnh Remote Desktop Connection (Kt ni ti M n hnh T xa) Mt my tnh khi to kt ni n my ch Remote Desktop, n phi chy mt chng trnh c tn Remote Desktop Connection. Chng trnh my khch ny c ci t theo mc nh trong h iu hnh Windows Server 200 v 3 Windows XP, tuy nhin n cn c th chy trn bt k phin bn Win o d ws 32 bit no. Windows Server 2003 c cc file ci t ca Remote Desktop Connection trong a CD ci t ng thi n cn c chp vo trong th mc Systemroot\System32\Clients\Tsclient\Win32. Bn c th ci t phn mm my khch ny trn bt k mt my tnh no t c hai b ci ny bng cch s dng cc thao tc sau: QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -77--QUN TR H IU HNH MICROSOFT WINDOWS SERVER 2003

    T a CD: Cho a CD ci t Windows Server 2003 vo trong . Khi mn hnh Welcome to Microsoft Windows Server 2003 xut hin, nhn vo lin kt Perform Additional Tasks (thc hin cc tc v khc) v chn Set Up Remote Desktop Connection (Ci t Kt ni Mn hnh T xa. Lm theo cc ch th hin th trn mn hnh ca Trnh Hng dn Ci t Kt ni Mn hnh T xa (Remote Desktop Connection InstallShield Wizard) T trn mng: To mt th mc chia s t th mc Systemroot\System32\Clients\Tsclient\Win32. Kt ni n th mc chia s ny t my tnh khch v chy file Setup.exe. Lm theo cc ch th hin th trn mn hnh ca trnh hng dn Remote Desktop Connection InstallShield Wizard HNG DN NHANH Cp nht My khch: Bn nn nng cp cc my tnh chy cc phin bn trc ca dch v Terminal my khch bng phin bn mi nht ca Remote Destop Connection nhn c cc tnh nng u vit ca n nh: Giao din ngi d ng c sa li, M ha 128 bit, v La chn Cng Thay th, Khi chng trnh c ci t, bn c th kt ni n my ch bng cch chy chng trnh th ng qua shortcut Remote Desktop Connection trong thc n Start v cu hnh my khch th ng qua hp thoi Remote Des o kt p Connection. Cc th trong hp thoi ny cho php bn cu hnh cc tham s my khch nh sau: LU : Xem cc la chn my khch: Nhn chut vo n t Options (cc la chn) hin th ton b hp thoi Remote Desktop Connection General (Tng quan): Cho php bn xc nh my khch ny kt ni n my ch no, cc th ng s m my khch s dng ng nhp v liu c lu cc thit lp cu hnh cho kt ni ny hay kh ng.

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -78--QUN TR H IU HNH MICROSOFT WINDOWS SERVER 2003

    Display (Hin th): Cho php bn xc nh kch thc ca ca s Remote Desktop, su mu v liu cc thanh kt ni c xut hin hay kh ng trong ch ton mn hnh.

    Local Resource (Ti nguyn ni b): Cho php bn cu hnh liu c truyn cc tn hiu m thanh trn my ch n my khch hay kh ng, cch thc kt hp phm ca Windows th hin trn my xa nh th no v liu a cng, my in v kt ni bng cng serial c gn vo phin lm vic t xa ny kh ng. V d la chn Disk Drives s cho php cc a cng trn my khch s xut hin trong phin kt ni Remote Desktop nh l cc a cng cc b ca my ch

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -79--QUN TR H IU HNH MICROSOFT WINDOWS SERVER 2003

    Programs (Chng trnh): Cho php bn xc nh tn v th mc khi u cho mt ng dng s c np ngay khi kt ni t xa c thit lp.

    Experience (Kinh nghim): Cho php bn xc nh tc n i gia my khch v my ch v v hiu ha mt s thuc tnh ca mn hnh hin th tng bng th ng kt ni v tng kh nng giao tip gia my khch v my ch.

    ca kt

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -80--QUN TR H IU HNH MICROSOFT WINDOWS SERVER 2003

    LU : Remote Desktop v Terminal Services.Remote Desktop for Administration v Terminal Services s dng chung rt nhiu thnh phn. Vi mt giy php thch hp, ngi d ng mng c th s dng c ng my khch truy cp mt my ch terminal chy mt ng dng chia s no hoc s dng Remote Desktop for Administration. Khc phc cc s c ca Terminal Services Khi bn s dng Remote Desktop for Administration, bn to ra mt kt ni gia chng trnh my khch v mt my ch. Remote Desktop for Administration s dng c ng kiu kt ni ging nh Terminal Services s dng chy cc ng dng chia s, v do cc nguyn nhn ca cc s c kt ni cng s ging nhau. Trong trng hp mt kt ni b t hoc phin lm vic kh ng th s dng v l do no , nguyn nhn c th xc nh theo cc phn on sau: LU : Mc ch ca k thi. Mc ch ca k thi 70-290 l hc vin phi c kh nng X l cc S c ca Terminal Services, Chn on v Gii quyt cc vn lin quan n Bo mt Terminal Services v Chn on v Gii quyt cc vn lin quan n cc Truy cp ca My khch n My ch Terminal Services Kt ni mng hng: Vi bt k ng dng no da trn kt ni my ch/my khch, cc s c thng do trc trc ng kt ni mng, v d nh cc thit lp cu hnh ca TCP/IP kh ng ng, trc trc trong vn phn gii tn DNS, vn nh tuyn hoc phn cng mng hat ng kh ng tt. Bn c th kim tra cc kt ni mng bng cch xem cc ng dng mng khc c hot ng tt hay kh ng, th kt ni s dng IP thay v d ng tn DNS v xem cc ngi d ng khc c b hin tng tng t hay kh ng. Kim tra cc thit lp TCP/IP trn cc my ch v my khch xem c chnh xc cha, kim tra my ch DNS c hot ng tt kh ng v cc phn cng mng c trc trc g kh ng. Cc thit lp cng: Terminal Services s dng cng TCP v UDP 3389 cho tt c cc kt ni gia my ch v my khch theo mc nh. Nu hoc my ch hay my khch c cu hnh s dng cc cng khc nhau hoc nu v mt l do no cng ny b chn li (V d nh Tng la), kt ni gia my ch v my khch s kh ng thc hin c. QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -81--QUN TR H IU HNH MICROSOFT WINDOWS SERVER 2003 Cc th ng s cp php (Credential): ngi d ng phi thuc nhm Administrators hoc Remote Desktop Users c th kt ni n cc my ch bng Remote Desktop for Administration. Hn na, bn c th chn cc kt ni t mt ngi d ng xc nh bng cch kch hat quyn ngi d ng Deny Logon Through Terminal Services (T chi Truy cp th ng qua Dch v Du cui) trong chnh sch bo mt ni b hoc s dung chnh sch nhm (GP). S lng cc kt ni: Nu phin lm vic ngi d ng b ngt khi ngi d ng cha log off, my ch c th coi kt ni vn m v

    iu ny c th dn ti vic t n gii hn kt ni mc d c kh ng qu hai ngi ang kt ni ti thi im . Remote Desktop for Administration cho php ti a hai kt ni ti c ng mt thi im. S DNG REMOTE ASSISTANCE Remote Desktop c thit k cung cp cc truy cp qun tr t xa n y nh, tuy nhin cc ngi d ng cui i khi cng c th tn dng kh m t nng ny. Rt nhiu ngi d ng, nht l nhng ngi kh ng c kh nng k thut tt, hay c cc vn d v cu hnh v c cch t cc cu hi m cc chuyn gia h tr (thm ch l bn b, ngi thn) kh c th gii quyt hoc tr li th ng qua in thoi. Remote Assistance l mt bin th khc ca Terminal Services cho php ngi d ng c th yu cu s gi p t mt ngi d ng khc xa v nhn s gi p ny thng qua cc hng dn hoc lm mu ngay trn mn hnh ca h m kh ng cn phi n tn ni. Remote Assistance cho php ngi gi p (hoc chuyn gia theo cch m cc ng dng vn cp n) c th h tr, gii quyt s c v thm ch o to ngi d ng khi h cn, vi chi ph thp v thi gian tr rt nh. LU : Mc dch ca k thi. Mc ch ca k thi 70-290 l hc vin c th Qun tr My ch T xa S dng Remote Assistance Kch hot Remote Assistance Trc khi bn c th nhn c cc tr gi p t xa, bn phi kch hot chc nng ny bng mt trong cc cch sau: S dng Control Panel: M System Properties trong Control Panel v la chn th Remote. nh du chn Turn On Remote Assistance And Allow Invitations To Be Sent From This Computer (Bt chc nng h tr t xa v cho php cc ngh c th gi i t my tnh ny). Nhn vo phm Advance, bn c th cu hnh cho php chuyn gia nm ton quyn iu khin my tnh hoc ch cho php QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -82--QUN TR H IU HNH MICROSOFT WINDOWS SERVER 2003 xem cc hot ng trn my tnh, ng thi xc nh thi gian c hiu lc ca li ngh gi p t xa. S dng Chnh sch nhm: S dng bng iu khin Group Policy Object Editor (gpedit.msc) m mt GPO ca mt min hoc mt OU cha cc my khch. Duyt n mc Computer Configuration\Administrative Templates\System\Remote Assistance v kch hot chnh sch Solicited Remote Assistance (Thu h t cc h tr t xa). Chnh sch ny s cho php bn c th xc nh mc iu khin ca chuyn gia trn my khch, khong thi gian hiu lc ca li ngh gi p v phng php gi th ngh. Chnh sch Offer Remote Assistance ( xut H tr T xa) cho php bn xc nh tn ngi d ng hoc nhm c gi l chuyn gia v liu cc chuyn gia ny c th thc hin cc tc v trn my khch hay ch quan st theo di my khch m th i. To li ngh

    nhn c cc tr gi p t xa, mt my khch phi a ra li ngh v gi n n mt chuyn gia no . My khch c th gi li ngh ny s dng mt trong cc phng php sau y.

    Microsoft Windows Messenger (Dch v Truyn th ng ip ca Windows): s dng dch v Windows Messenger cho kt ni Remote Assistance, bn phi c tn ti khon Windows Messenger ca chuyn gia trong danh sch lin lc v gi yu cu trc tip t Windows Messenger trn my khch. Remote Assistance ch c php yu cu trc tip khi chuyn gia ang trc tuyn trn mng (online) Th in t: gi mt li ngh bng th in t, c hai my tnh u phi l cc my trm tng thch v c kh nng truyn/nhn th in t bng giao thc MAPI (Messaging Application Programming Interface Giao din Lp trnh ng dng Truyn th ng ip) File: Khi bn lu li ngh vo mt file, bn c th s dng bt k phng thc no gi file n chuyn gia,c th bng th in t (kh ng cn thit phi s dng giao thc MAPI), bng mt giao dch FTP (File Tranfer Protocol Giao thc Truyn File trn Internet) hay s dng a mm. to ra mt ngh, bn la chn Help And Support (Tr gi p v h tr) t thc n Start m mn hnh Help And Support Center (Trung QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -83--QUN TR H IU HNH MICROSOFT WINDOWS SERVER 2003 tm tr gi p v h tr) v nhn vo lin kt Remote Assistance hin th mn hnh nh Hnh 2-16:

    Hnh 2-16: Mn hnh Remote Assistance Khi bn nhn vo lin kt Invite Someone To Help You ( ngh ai gi p bn), bn s thy mt giao din nh Hnh 2-17. Sau bn lm theo cc hng dn la chn phng thc lin lc

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -84--QUN TR H IU HNH MICROSOFT WINDOWS SERVER 2003

    Hnh 1-17: Trang Remote Assistance trong Help And Support Center HNG DN NHANH S dng mt khu. Khi ngi d ng to ra mt li ngh, h c th ch nh mt khu m chuyn gia s phi s dng kt ni n my tnh ca h. Bn nn yu cu ngi d ng lu n lu n s dng mt khu trong cc kt ni Remote Assistance v hng dn h cch cung cp mt khu ny cho cc chuyn gia s dng mt phng thc truyn th ng khc vi phng thc h s dng khi gi li ngh ny i. Chuyn gia khi nhn c li ngh c th tham gia vo vic tr gi p bng cch chy ng dng Remote Assistance, ng dng ny cho php chuyn gia kt ni n my tnh xa nh hnh 2-18. S dng giao din ny, ngi d ng v chuyn gia c th ni chuyn hoc nhn tin cho nhau v theo mc nh, chuyn gia c th nhn thy mi th, mi c ch ca ngi d ng ang thc hin trn my tnh ca h. Nu my trm xa c cu hnh cho php iu khin t xa, chuyn gia c th nhn vo n t Take Control v thc hin cc thao tc iu khin my tnh ny.

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -85--QUN TR H IU HNH MICROSOFT WINDOWS SERVER 2003

    Hn

    h 1-18: Giao din Remote Assistance ca chuyn gia Bo mt Remote Assistance Bi v mt chuyn gia khi s dng kh nng iu khin t xa mt my khch s c th thc hin tt c cc tc v trn my tnh nh mt ngi d ng ti nn tnh nng ny c th gy ra vn v bo mt. Khi mt ngi d ng cha c xc thc c th nm quyn iu khin mt my tnh bng Remote Assistance th hon ton c th gy nn cc ph hoi kh ng gii hn. Tuy nhin, Remote Assistance c thit k gim thiu cc nguy c ny bng cch s dng mt s tnh nng sau:

    Invitations ( ngh): Kh ng ai c th kt ni n mt my tnh khc bng Remote Assistance tr khi ngi nhn c li ngh t my khch. My khch c th cu hnh khong thi gian hiu lc ca li mi tnh bng ph t, gi, hoc ngy hn ch kh ng cho cc chuyn gia c mi kt ni n my tnh ca mnh sau . Interactive connectivity (Cc kt ni tng tc): Khi mt chuyn gia chp nhn li mi t mt my khch v kt ni n my tnh , mt ngi d ng phi ngi ti my khch v cho php chuyn gia QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -86--QUN TR H IU HNH MICROSOFT WINDOWS SERVER 2003 quyn truy cp. Bn kh ng th s dng Remote Assistance kt ni n mt my tnh m kh ng c ai cho php. Client-site Control (iu khin ti my khch): Cc my khch lu n l ngi c quyn quyt nh cui c ng trn mt kt ni Remote Assistance. My khch hon ton c th ngt kt ni bt k l c no bng cch nhn phm ESC hoc nhn vo Stop Control (ESC) trong trang Rem te Assistance hin th trn my khch. Remote C ntrol Configuration (Cu hnh iu khin t xa): S dng hp o i System Properties hoc cc chnh sch nhm tr gi p t xa (Remote Assistance Group Policy), ngi d ng v ngi qun tr c th xc nh liu chuyn gia c c php iu khin my khch hay kh ng. Mt chuyn gia khi ch c quyn c s kh ng c kh nng chnh sa cu hnh my tnh khi s dng Remote Assistance. Cc chnh sch nhm cng c th cho php ngi qun tr c quyn ch nh ngi d ng no c coi l chuyn gia v kh ng mt ngi d ng no khc c th s dng Remote Assistance kt ni n my khch mc d c quyn trn my . Firewalls (Tng la): Remote Assistance s dng cng 3389 trong giao thc TCP khi truyn th ng trn mng. Khi cc h thng mng s dng Remote Assistance ni b v c kt ni n Internet, ngi qun tr mng nn chn cng ny trn tng la ngn cn ngi d ng bn ngoi mng c th nm quyn iu khin my tnh th ng qua cc ngh h tr t xa bng Remote Assistance. Tuy vy, ch ng ta hon ton c th cung cp kh nng h tr t xa n cc my khch th ng qua Internet khi m cng 3389 ny. LU : S dng Windows Messenger. Nu bn mun s dng Windows Messenger gi li ngh Remote Assistance, bn phi m cng 1863 cho php ng dng Windows Messenger c th truyn th ng.

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -87--QUN TR H IU HNH MICROSOFT WINDOWS SERVER 2003 T NG KT Microsoft Management Console l c ng c qun tr h thng chnh dnh cho Windows Server 2003 MMC l mt ng dng lp v m bn s dng chy cc snap-in, l cc c ng c ring bit c np vo trong MMC C hai loi snap-in: Stand-Alone (n l) v Extention (M rng) trong cch thc hin th v chc nng ca loi m rng trong MMC s t y thuc vo ng cnh. Mt s snap-in c th s dng vi c my tnh ti ch v xa, mt s th ch gii hn trong cc my tnh ti ch. Bng iu khin MMC c th lu ch Tc gi (Author Mode), cho php ngi d ng c ton quyn vi cu hnh ca bng iu khin hoc Ch Ngi d ng (User Mode), cho php gii hn cc quyn truy cp.

    Remote Desktop for Administration cho php bn qun tr mt my ch xa nh l bn ng nhp vo my ch ti ch vi vai tr qun tr. Remote Assistance l mt s tr gi p c tnh cht tha thun: Ngi d ng ngh chuyn gia gi p hoc chuyn gia, nu c cu hnh th ng qua chnh sch nhm, c th khi to mt phin h tr. Trong cc trng hp khc, ngi s dng phi chp nhn thit lp kt ni v lu n lu n trong trng thi iu khin phin h tr ny. Kh ng bao gi chuyn gia c th nm quyn iu khin my tnh m ngi d ng kh ng c th ng bo. Remote Desktop Connection l thnh phn mc nh ca Windows XP v Windows Server 2003, c th ci t trn bt k h iu hnh Windows 32 bit no t a CD ci t Windows Server 2003 (hoc sau khi chia s th mc) hoc t bt k my tnh Windows Server 2003 no. C hai tnh nng Remote Desktop for Administration v Remote Assistance u s dng Dch v u cui (Terminal Services) truyn th ng, nhng kh ng bao gi yu cu mt giy php Terminal Services c bit no.

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -88--QUN TR H IU HNH MICROSOFT WINDOWS SERVER 2003 BI TP THC HNH Bi tp thc hnh 2-1: M mt ca s MMC Trong bi tp thc hnh ny, bn m mt ca s th hai trong mt bng iu khin MMC. 1. Nhn Start, tr vo Administrative Tools v nhn Computer Management. Bng iu khin Computer Management xut hin 2. T thc n Window, chn New Window. Mt ca s th hai xut hin bn trn ca s th nht. 3. T thc n Window, la chn Tile Horizontally (xp theo hang ngang). Bng iu khin thay i v hin th 2 ca s c ng mt l c. Lu rng bn c th thao tc trn hai ca s hon ton c lp nhau. Bi tp thc hnh 2-2: To mt bng iu khin MMC t y chn Trong bi tp thc hnh ny, bn s to mt bng iu khin MMC t y chn mi 1. Nhn Start v sau chn Run. Hp thoi Run xut hin 2. Trong hp vn bn Open, nhp vo mmc v nhn OK. Mt ca s c tn Console1 xut hin 3. T thc n File, la chn Add/Remove Snap-in. Hp thoi Add/Remove Snap-in xut hin 4. Nhn Add. Hp thoi Standalone Snap-in xut hin 5. Trong danh sch Available Standalone Snap-in, la chn Device Manager v nhn Add. Hp thoi Device Manager xut hin 6. Nhn Finish chp nhn cc thit lp mc nh v nhn Close sau nhn OK. Snap-in Device Manager xut hin trong phm vi (scope pane) ca bng iu khin 7. T thc n File, la chn Save as v sau lu bng iu khin trong th mc mc nh Administrative Tools vi tn l DevMgr.msc.

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -89--QUN TR H IU HNH MICROSOFT WINDOWS SERVER 2003 Bi tp thc hnh 2-3: Kch hot Remote Desktop for Administration Trong bi tp thc hnh ny, bn cu hnh my khch chp nhn cc kt ni Remote Desktop 1. Nhn S

    r vo Control Pane v la chn System. Hp thoi tart, t System Properties xut hin

    l 2. La chn th Remote

    v sau chn Allow Users To Connect Remotely To This Computer 3. Nhn OK CC CU HI N TP 1. Ch mc nh khi bn to m

    iu khin MMC l g ? 2. Liu mt snap-in c th hng vo c my tnh ti ch v my tnh xa c ng l c c kh ng ? 3. Nu cc th ng s cp php cn thit qun tr mt my tnh xa s dng MMC ? 4. Liu mt MMC c sn c th thay i ng cnh t Ti ch sang T xa hay phi np mt snap-in kiu tng t vo trong bng iu khin thc hin kt ni t xa? 5. Liu mi chc nng ca snap-in c lu n lu n sn sng s dng khi bn kt ni n mt my tnh xa? 6. Bao nhiu kt ni ng thi c kh nng thc hin n mt my ch Terminal chy ch Remote Administration? Ti sao ? 7. C ng c no c s dng kch hot Remote Desktop trn mt my ch ? a. Terminal Services Manager b. Terminal Services Configuration c. System Properties trong Control Panel d. Terminal Services Licensing

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -90---

    QUN TR H IU HNH MICROSOFT WINDOWS SERVER 2003 CC KCH BN TNH HUNG Tnh hung 2-1: S dng Remote Assistance C ng ty ca bn kch hot Remote Assistance trong mi my tnh trong h thng. Nhn vin kinh doanh thng xuyn i c ng tc v s dng my xch tay thc hin c ng vic khi h ang trn ng. Trong h thng mng ni b, bn s dng Windows Messenger lin lc vi cc my trm v s dng Remote Assistance. Tuy nhin, bn cm cc d liu kiu Instant Messenger vi Internet bng cch ng cng TCP 1863 ti tng la. Bn mun thc hin tc v Remote Assistance i vi cc my khch xa nhng bn kh ng th kt ni n h bng Windows Messenger xem h c online hay kh ng. M t hai phng php thay th cho cc nhn vin kinh doanh c th gi cc ngh Remote Assistance n cc chuyn gia trong vn phng c ng ty? Tnh hung 2-2: S dng kt ni Remote Desktop Bn ang c gng kt ni n mt my ch Windows Server 2003 trong mng ca bn bng Remote Desktop Connection, tuy nhin bn lu n nhn c th ng bo sau khi bn c gng kt ni:

    Bn kim tra thit lp trn my ch v xc nhn cc iu sau y: 1. Bn l thnh vin ca nhm Remote Desktop Users 2. Bn kh ng phi l thnh vin ca nhm Administrators 3. Bn c kh nng kt ni n mt th mc chia s trn my ch Terminal v my tnh ny c phn hi vi lnh ping. Thit lp no m bn phi kim tra trn my ch Terminal gii quyt s c ny ?

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -91--GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003

    CHNG 3: GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003 Mt trong nhng nhim v chnh ca ngi qun tr h thng l m bo cho h thng mng chy trn tru v hiu qu v Windows Server 2003, vi mt b su tp cc c ng c cho php bn thc hin iu ny. Mt my ch c th hot ng vi kh nng cao nht ngay sau khi ci t, tuy nhin hiu nng ca n c th gim dn theo thi gian v rt nhiu l do. Mt ngi

    qun tr h thng tt phi gim st hiu nng ca my ch thng xuyn u n nhn bit chiu hng v pht hin cc s c c th nh hng n hiu nng. Hc cch s dng cc c ng c qun tr ca Windows Server 2003 mt cch ng n l mt k nng c bn bn c th nhn bit cc thay i hiu nng h thng trc khi ri vo tnh trng thm ha. Sau khi hon thnh chng ny, bn c kh nng: S dng Event Viewer gim st nht k h thng Cu hnh Task Manager hin th cc d liu hiu nng S dng System Monitor hin th cc d liu hiu nng thi gian thc To cc counter log (Nht k ca cc bin m) v cc Alert (Cnh bo)

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -92GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003

    CC K NNG GIM ST MY CH

    gim st hiu nng my ch c trong Windows Server 2003 cho php ngi qun tr c th kim tra rt nhiu cc tham s h thng theo rt nhiu cch khc nhau. Cch thc bn s dng cc c ng c ph thuc vo cc ti nguyn m bn mun gim st cng nh cc s thch c nhn ca bn. C hai kiu gim st h thng c bn nh sau: Gim st theo thi gian thc: Gim st thi gian thc s dng cc c ng c hin th chui lin tc cc th ng s, m t h thng ang lm g ti thi im hin ti. Cc th ng s ny c th hin th bng s liu hoc di dng th. Hin nhin, phng php ny cung cp cc th ng tin gn vi hin ti nht, tuy nhin ch c mt s t qun tr h thng c thi gian v s thch ngi xem th cc tham s hiu nng h thng sut c ngy di. Gim st bng nht k: Gim st nht k th ng thng cung cp cc th ng tin tng t nh gim st thi gian thc tuy nhin cc th ng tin

    ny c lu trong mt thit b lu tr c nh thay v (hoc thm vo) hin th ch ng ngay lp tc. Phng php ny cho php ngi qun tr c th quan st xu hng pht trin qua thi gian di hn l theo di trong mt phin gim st thi gian thc. Khi s dng gim st bng nht k, cc qun tr h thng phi m bo cung cp kh ng gian lu tr lu cc d liu chp c v ng nhin, h phi kim tra cc th ng tin ny u n Cch thc s dng ca vic gim st thi gian thc v gim st bng nht k kh ng c tnh cht loi tr nhau. Mi phng php c gi tr ring ca n v mt s c ng c gim st ca Windows Server 2003 h tr c hai. Gim st cc phn h Hiu nng h thng Windows Server 2003 c th chia thnh 4 phn h c bn, mi phn h ny phi hot ng tt my tnh c th vn hnh c mt cch hon ho. Bn phn h ny l: B vi x l: Mt b vi x l trong my tnh thc hin hng triu php tnh s dng cc chu k ng h (Clock Cycles) ca b vi x l, vi mi php tnh ton dnh cho mt tc v c bit. Cc chu k ng h trong b vi x l c phn chia cho rt nhiu cc tin trnh chy trong my tnh. B vi x l cng nhanh th cng c nhiu chu k ng QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -93GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003 h trong mt khong thi gian nht nh. Gim st hiu nng b vi x l th ng thng s kim tra mc hot ng ca b vi x l khi n thc hin cc tc v thng l. Nu vic s dng chu k ng h ca b vi x l lu n t n 100%, hiu nng h thng c th ang qu ti do kh ng nng lc x l. B nh: B nh truy cp ngu nhin (RAM) l mt kh ng gian lu tr tm thi m mt my tnh s dng nh mt v ng m cho d liu i t v n b vi x l. Khi kh ng b nh RAM sn sng hon thnh cc tc v c th no , Windows s dng kh ng gian a cng thay cho RAM trong mt tin trnh gi l paging (phn trang). Bi v truy cp cc a cng chm hn rt nhiu so vi truy cp RAM nn hiu nng h thng s gim khi c qu nhiu vic phn trang din ra. Gim st hiu nng b nh l mt c ng vic quan trng m bo my tnh c b nh hon thnh cc tc v chuyn bit ca n. a cng: Cc a cng trong my tnh cung cp kh nng lu tr lu di cho h iu hnh v cc file ng dng, cng nh cc d liu s dng v to ra bi cc ng dng. Gim st hiu nng ca phn h a cng th ng thng s phi kim tra s lng cc yu cu truy cp a cng ang i x l ti mt thi im c th. Nu mt lng ln cc d liu ang i c hoc ghi vo a, hiu nng ni chung ca my tnh c th l ang qu ti. Mng: Gim st phn h mng c s khc bit i ch t so vi 3 phn h trn bi v hiu nng ca mng c th b nh hng bi cc yu t bn ngoi cng nh bn trong. Mt lng ln cc yu cu truyn th ng qua mng c xp hng c th lm gim hiu nng h thng, iu ny c th c cc ngi d ng trn mng cm nhn, mc d bn thn my tnh vn hot ng hon ho. Xc nh phn h no trong my tnh yu cu gim st k cng hn ph thuc vo cc ng dng m my tnh ny ang chy. Cc ng dng khc nhau yu cu hiu nng ca cc phn h cc mc khc nhau v mt s c vi mt phn h nht nh no c th c cc tc ng khc nhau i vi cc ng dng khc nhau.

    Thit lp mt Baseline (ng c s) Khi bn gim st cc c tnh ca hiu nng h thng, gi tr hiu nng thc ca cc phn h l kh ng quan trng bng s thay i ca cc gi tr ny theo thi gian. V d nu bn kim tra hiu nng ca b vi x l ca mt my ch m c ci t ln u cch y mt nm v pht hin ra mc s QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -94GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003 dng ca b vi x l l 100%, bn kh ng c cch no bit c liu n lu n nh vy hay l c s thay i no gn y tc ng n hiu nng ca b vi x l ny. Do cc nguyn nhn trn, mt trong nhng phn quan trng nht trong vic gim st hiu nng my ch l thit lp ng c s cho cc mc hiu nng h thng m bn c th tham kho sau ny. l l do ti sao phn gii thiu ca chng ny ch ra rng bn nn hc cch s dng cc c ng c gim st trc khi mi th c th h hng. Mt ng c s l mt tp hp ca cc mc hiu nng khi my tnh hot ng mt cch bnh thng, tt nht l ngay sau khi n c ci t v cu hnh y . Bng cch so snh cc mc sau ny vi ng c s, bn c th xc nh liu hiu nng ca cc phn h ny ang b suy gim hay kh ng. Bn s hc thm v cch to cc ng c s trong phn sau ca chng ny v tho lun v rt nhiu c ng c gim st c trong Windows Server 2003. S DNG EVENT VIEWER nd ws Server 2003 duy tr rt nhiu nht k cha cc th ng tin v cc Wi o tin trnh ang chy. xem cc nht k ny, bn c th s dng snap-in Event Viewer (Trnh xem s kin) trong MMC. Event Viewer c th hot ng nh mt snap-in n l hoc m rng. Nhm chng trnh Administrative Tools trong Windows Server 2003 c mt shortcut dn n bng iu khin cha Event Viewer, ng thi snap-in ny cng i km vi rt nhiu cc c ng c khc trong bng iu khin Computer Management. LU : Mc ch ca k thi. Mc ch ca k thi 70-290 l hc vin c kh nng gim st v phn tch s kin. Cc c ng c c th bao gm Event Viewer v System Monitor Cc nht k trong Event Viewer Khi bn np ng dng Event Viewer (Th hin trong Hnh 3-1), khung Phm vi cha mt danh sch cc nht k duy tr trong h thng. Ba nht k c bn xut hin trong tt c cc my tnh chy Windows Server 2003 l: ng dng: Cha cc th ng tin v cc chng trnh chy trong my tnh, c xc nh bi cc nh pht trin ng dng H thng: Cha cc th ng tin v cc s kin do cc cu thnh ca Windows Server 2003 sinh ra, v d nh cc dch v hoc trnh iu khin thit b. V d, mt dch v kh ng khi ng c hoc mt trnh iu khin kh ng th np trong qu trnh khi ng h thng s QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -95GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003 c ghi li trong nht k H thng. Cc kiu s kin ghi c trong nht k ny c h iu hnh cu hnh trc v kh ng th thay i c. y l cc nht k c bn ca Windows Server 2003 v bn nn lu n lu n xem cc nht k ny u tin khi bn tm kim th ng tin v mt s c h thng no . Bo mt: C th cha cc th ng tin v cc s kin lin quan n bo mt, v d nh kh ng ng nhp thnh c ng, cc truy cp n cc ti

    nguyn c bo v (V d nh cc th mc chia s hoc file h thng) v s thnh c ng hoc tht bi ca cc s kin c kim nh (audit). Windows Server 2003, trong cu hnh mc nh ca n, kh ng ghi th ng tin trong nht k Bo mt. Cc s kin ghi li trong nht k ny c xc nh bi cc chnh sch kim nh m bn c th kch hot bng cc Chnh sch Cc b ca My tnh (Local Computer Policy) hoc cc Chnh sch Nhm (Group Policy). Theo mc nh, ch c cc thnh vin ca nhm Administrators mi c kh nng xem cc nht k ny.

    Hnh 3-1: Bng iu khin Event Viewer Khi mt my tnh c thng cp thnh mt my ch qun tr min, hai nht k sau y c thm vo Event Viewer: Dch v th mc (Dircetory Service): Cha cc th ng tin v dch v th mc s dng Active Directory, v d nh vic ng b cc i QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -96GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003 tng kh ng th c ng tn ti hoc cc s kin quan trng trong th mc. Dch v ng b file (File Replication Service): Cha cc th ng tin v s thnh c ng hoc tht bi ca cc hot ng ng b xy ra gia cc my ch qun tr min. Cui c ng, khi my tnh c ci t dch v Microsoft DNS Server, Event Viewer c cha thm nht k: DNS Server: Cha cc th ng tin v tnh trng v hot ng ca dch v DNS Server Mc d Event Viewer cha cc nht k quan trng nht ca Windows Server 2003 nhng n kh ng cha tt c. Mt s lng ln cc dch v c trong h iu hnh s duy tr cc nht k ring ca n. Trong hu ht cc trng hp, cc nht k ny l cc file vn bn n gin m bn c th m bng bt k trnh son tho vn bn no, v d nh ng dng Windows

    Notepad. Mt s cc nht k ring l bn c th tim thy trn my tnh chy h iu hnh Windows Server 2003 nh sau: Kim nh DHCP Dr. Watson (Cc li ca chng trnh) Cc hot ng Fax Internet Connection Firewall (ICF Tng la cho cc Kt ni Internet) Microsoft Internet Information Services (IIS Dch v Th ng tin Internet ca Microsoft) Cc my khch ca Windows Media Services Cc giao dch CSDL trong WINS (Dch v Chuyn i Tn Internet) Hiu cc kiu s kin Khi bn la chn mt trong cc nht k lit k trong khung Phm vi ca snap-in Event Viewer, bn s thy mt danh sch cc s kin ring bit trong khung Chi tit. Kiu ca mi s kin s c hin th ngay bn cnh n bng cc biu tng. Kiu ca s kin th hin tm quan trng ca n v cho bit n l kt qu ca mt qu trnh th ng thng hay mt s c no . Cc kiu s kin s dng trong snap-in Event Viewer c lit k trong QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -97GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003 Bng 3-1. Hin nhin, cc bo li v cc cnh bo l nhng kiu s kin c ngha nht i vi mt ngi qun tr mng bi v ch ng th hin rng cc s c quan trng ang xy ra. Bng 3-1: Cc kiu s kin trong Windows 2000 Kiu s kin Biu tng M t Li Cnh bo Th ng tin Kim nh thnh c ng Kim nh tht bi Mt s c c ngha quan trng, v d nh mt d liu hoc sai chc nng Mt s kin c th kh ng c ngha nhng c th th hin mt s c trong tng lai Mt s kin m t hot ng thnh c ng ca mt ng dng, trnh iu khin hoc dch v Mt truy cp bo mt thnh c ng c kim nh Mt truy cp bo mt tht bi c kim nh Nhn p vo mt s kin trong khung khung Chi tit ca Event Viewer s hin th hp thoi thuc tnh ca s kin . Nh th hin trong Hnh 3-2. Hp thoi ny cha mt hoc nhiu th ng tin v s kin, bao gm: Date (Ngy): Ngy s kin din ra Time (Thi gian): Thi gian s kin din ra

    Type (Kiu): Kiu s kin din ra (Li, cnh bo, th ng tin, kim nh thnh c ng hoc kim nh tht bi) User (Ngi d ng): Tn ca ngi d ng lin quan n tin trnh sinh ra s kin ny Computer (My tnh): Tn ca my tnh trn s kin ny xy ra. Source (Ngun): Module phn mm sinh ra s kin ny Category (Hng mc): S phn loi ca s kin ny, c nh ngha bi tin trnh ngun Event ID (M s ca s kin): Mt gi tr n nht nhn bit s kin c th ny. Description (M t): Mt th ng bo vn bn m t bn cht ca s kin, c to ra bi tin trnh ngun Data (D liu): D liu nh phn sinh ra bi s kin QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -98GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003

    Hnh 3-2: Hp thoi Event Properties Cu hnh nht k trong Event Viewer Mi nht k trong snap-in Event Viewer c hp thoi thuc tnh ring ca n m bn c th s dng cu hnh cc tham s duy tr nht k v iu khin th ng tin no c hin th trong nht k. Cc thit lp ny c ni tr ng phn tip sau y ca chng trnh n o

    Cc thit lp duy tr nht k s kin Trn th General ca mi hp thoi Properties ca nht k (nh ch ra trn Hnh 3-3), bn c th ch nh kch thc ti a ca nht k v cch x l ca n khi cc nht k ny t n kch thc ti a. Cc la chn duy tr nht k c th l: Overwrite Events As Needed (Ghi cc s kin khi cn): Nht k s xa tng mc c nht nu cn khi file nht k t n kch thc ti a xc nh

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -99GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003 Overwrite Events Older Than X Days (Ghi s kin c hn X ngy): Nht k s duy tr cc mc trong mt s ngy (1 n 365) xc nh bi la chn ny v ghi cc mc c hn nu cn. Nu nht k t n gi tr ti a xc nh v kh ng c mc no c hn s ngy ch nh, h thng ngng ghi s kin mi vo nht k. Do Not Overwrite Events (Clear Log Manually) (Kh ng ghi nht k (Xa nht k th c ng)): H thng duy tr mi mc ca nht k cho ti khi ch ng c xa i mt cch th c ng bi ngi qun tr. Khi nht k t n kch thc ti a xc nh, h thng s ngng ghi cc s kin vo nht k.

    Hnh 3-3: Th H thng

    General trong hp thoi Properties ca nht k s kin

    Cc thit lp mc nh cho cc nht k s kin trong mt my ch qun tr min Windows Server 2003 chy dch v Microsoft DNS Server th hin trong Bng 3-2. Cc nht k ca dch v th mc v ng b file c kch thc ti a rt nh (512K) bi v cc mc vo ca nht k ny l tng i him. Nht k H thng, tuy vy, li c kch thc ti a v c ng ln (128 QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -100GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003 MB). iu ny xy ra khi my tnh c thng cp thnh mt my ch qun tr min v mt phn ca vic cu hnh mc nh cho my ch qun tr min Windows Server 2003 l kch hot mt s chnh sch kim nh, iu ny gy ra mt s lng ln cc s kin c ghi vo trong nht k H thng. Trong khi , gi tr ti a mc nh cho nht k Bo mt trong mt my tnh Windows Server 2003 m kh ng phi my ch qun tr min l 16MB Bng 3-2: Cc thit lp mc nh duy tr nht k s kin Event Log Application Maximum Log Size Log Retention Setting 16,384 KB (16 MB) Overwrite events as needed (Ghi khi cn) Directory Service 512 KB

    Overwrite events as needed Overwrite events older than 7 DNS Server File Replication Service Security 16,384 KB (16 MB)

    512 KB 131,072 KB (128 MB) days (Ghi cc s kin c hn 7 ngy)

    Overwrite events as needed Overwrite events as needed System 16,384 KB (16 MB) Overwrite events as needed LU : Cu hnh cc thit lp duy tr s dng cc chnh sch nhm. Ngoi cch cu hnh cc thit lp duy tr cho cc nht k s kin mt cch th c ng bng cch s dng snap-in Event Viewer, bn cn c th cu hnh cc tham s tng t cho cc nht k ng dng, H thng v Bo mt bng cch kch hot cc chnh sch nhm Event Log trong i tng chnh sch nhm (GPO) v p dng n vo cc my tnh ring l hoc vo mt i tng cha trong Active Directory. Trn mt my ch qun tr min, vic thit lp mc nh Overwrite Events As Needed trong nht k Bo mt c th dn n vic cc d liu lin quan n vn bo mt hoc cc truy cp ti nguyn quan trng s b ghi nu ngi qun tr kh ng thng xuyn lu cc mc trong nht k li. m bo cc nht k Bo mt kh ng b mt, Windows Server 2003 c QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -101GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003 mt bin php mnh di hnh thc mt chnh sch nhm cho la chn bo mt gi l Audit: Shut Down System Immediately If Unable To Log Security Audits (Kim nh: Tt h thng ngay lp tc nu kh ng th ghi nht k kim nh Bo mt).

    S dng cc b lc Khi bn s dng Event Viewer ln u tin, snap-in ny hin th mi s kin c ghi li trong nht k la chn theo th t thi gian. T y vo kch thc ca nht k v cc thit lp duy tr, danh sch ny c th rt di. Tuy nhin, nhiu mc trong nht k l thuc kiu Th ng tin, l cc kt qu ca cc hat ng th ng thng hng ngy. nh v cc mc c bit trong danh sch ny, bn c th chnh sa th t sp xp ca n bng cch nhn vo mt trong cc tiu ca ct hoc bn c th gii hn hin th cc th ng tin xut hin trong nht k tp trung vo cc s kin quan trng, bng cch s dng Filter (B lc) hoc d ng lnh Find (Tm kim) trin khai mt B lc trn mt nht k trong Event Viewer, t thc n View, la chn Filter hin th th Filter trong hp thoi Properties ca nht k s kin, nh th hin trong Hnh 3-4. Trong hp thoi ny, bn c th ch nh kiu s kin no bn mun hin th v la chn cc s kin tiu biu gim bt danh sch s kin v kch thc c th qun l c.

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -102GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003

    Hnh 3-4: Th Filter trong hp thoi Properties ca nht k s kin kim tra cc mc c bit trong danh sch cc s kin, bn c th la chn lnh Find t thc n View hin th hp thoi Find (Th hin trong Hnh 3-5) C hai hp thoi trong Th Filter v Find u cho php bn la chn t cc danh sch s kin tiu biu trong Cc kiu s kin Windows 2000 ni n trong chng trc, nh v cc mc c bit.

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -103GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003

    Hnh 3-5: Hp thoi Find trong Event Viewer Truy cp nht k s kin t xa Nh rt nhiu snap-in MMC khc, bn c th s dng Event Viewer xem cc nht k trn cc my tnh Window khc nh l xem trn my tnh bn ang lm vic. thc hin iu ny, trong khung Phm vi, la chn i tng Event Viewer (Local) v la chn Connect To Another Computer (Kt ni ti my tnh khc) t thc n Action. Trong hp thoi Select Computer, ch ra tn ca my tnh m bn mun xem cc nht k s kin trn my .

    Lu gi cc Nht k s kin Snap-in Event Viewer c th lu cc nht k thnh file trong mt s nh dng, bao gm dng vn bn (.txt), dng bng (.csv) v mt nh dng nht k s kin c phn m rng l .evt, nh dng ny c th m bng snap-in. Khi bn lu cc nht k ny vo mt file, bn c mt bn ghi lu di ca QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -104GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003 cc mc vo v khi bn c th xa cc nht k ny. Lu nht k thng xuyn u n m bo rng cc file nht k kh ng tng trng qu ln v gy ra mt mt d liu. S DNG TASK MANAGER Task Manager (Trnh Qun l Tc v) l mt ng dng quan trng ca Windows m bn c th s dng hin th th ng tin v cc mc hiu nng hin ti ca my tnh cng nh qun l cc chng trnh hoc cc tin trnh ang chy trong h thng. Bn c th m Task Manager bng cch nhn phi chut vo v ng trng ca thanh tc v v la chn Task Manager t thc n ng cnh, hoc c th nhn ng thi Ctrl+Alt+Del v chn vo phm Task Manager. Hp thoi Windows Task Manager theo mc nh s cha 5 th: Applications (ng dng) Processes (Tin trnh) Networking (Mng) Users (ngi d ng) Chc nng ca mi th c m t trong LU : Mc ch ca kha hc. Mc ch hc vin c kh nng gim st file v c th s dng bao gm Task Manager, Monitor Performance (Hiu nng)

    cc phn sau y ca chng. ca kha hc 70-290 l my ch in n. Cc c ng c Event Viewer v System

    Lm vic vi cc ng dng Th Applications (Th hin trong Hnh 3-6) ch ra trng thi ca cc chng trnh mc ngi d ng ang chy trong h thng. Cc dch v v ng dng h thng chy trong cc ng cnh khc vi ngi d ng ang ng nhp s kh ng hin th. i vi cc ng dng lit k y, ct Status (Trng thi) s ch ra liu ng dng ang chy (running) hay l kh ng phn ng (not responding).

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -105GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003

    Hnh 3-6: Th Applications trong Task Manager Bng cch la chn mt ng dng t trong danh sch v nhn vo Switch To, bn c th chuyn sang mn hnh hat ng ca ng dng ny v vn Task Manager m nh l ng dng nn. Bn cn c th la chn mt mc

    trong danh sch v nhn End Task ng ng dng li. LU : ng cc tc v. ng mt ng dng bng cch s dng Task Manager kh ng phi l cch c khuyn khch tr khi ng dng c trng thi Not Responding v kh ng th ng bng cc cch khc. Khi bn kt th c mt tc v bng cch ny, bn thng mt cc d liu m bn cha kp lu vo trong a cng.

    Khi bn nhn phi chut vo mt ng dng trong danh sch v la chn Go To Process t thc n ng cnh, hp thoi chuyn sang th Processes v tr vo tin trnh lin quan n ng dng . y l mt tnh nng hu ch khi bn ang mun tm xem tin trnh ca mt ng dng c bit no khi tn ca tin trnh kh c th on bng trc gic.

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -106GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003 Khi bn nhn vo phm New Task, mt hp thoi Create New Task (to tc v mi) xut hin, trong bn c th nhp vo hoc duyt n tn ca bt k mt file chy hoc lnh chun no . Hp thoi ny c chc nng tng t nh hp thoi Run m c th truy cp t thc n Start. Gim st cc tin trnh Th Processes (Th hin trong Hnh 3-7) lit k tt c cc tin trnh ca cc ngi d ng hin ti ang chy trn my tnh. Khi bn la chn Show Processes From All Users (Hin th cc tin trnh t tt c ngi d ng), bn cnh cc ng dng mc ngi d ng, danh sch ny cn hin th c cc dch v v cc tin trnh h thng. Theo mc nh, danh sch ny bao gm cc th ng tin sau y v mi tin trnh: Image Name: Tn ca file chy tin trnh ny. User Name: Tn ti khon ngi d ng l ch nhn ca tin trnh ny Mem Usage: Dung lng b nh tin trnh ny s dng CPU: Phn trm ca b vi x l do tin trnh ny s dng

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -107GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003 Hnh 3-7: Th Processes trong Task Manager Bng cch chn Select Columns t thc n View, bn m hp thoi Select Columns (Th hin trn Hnh 3-8), trong bn c th thm hoc bt cc ct d liu trong khung hin th. Task Manager cung cp mt b su tp cc counters (bin m), cho php bn c th hin th cc th ng tin chi tit v b vi x l, b nh v kh nng s dng I/O ca mi tin trnh trong danh sch. Bn c th sp xp danh sch hin th theo bt k bin m no bng cch nhn vo tiu ca ct .

    Hnh 3-8: Hp thoi Select Columns gim st th ng tin d dng v cc tin trnh h thng, bn c th thao tc

    ch ng bng Task Manager. Bng cch nhn phi chut vo bt k tin trnh no trong danh sch, bn c th thc hin cc tc v sau: Set Priority (Thit lp mc u tin): Chnh sa thi gian b vi x l s dng cho tin trnh trong mi tng quan vi cc tin trnh khc trong h thng Set Proccessor Afinity (Thit lp mi quan h vi x l): Ch nh bn mun chy tin trnh bng b vi x l no trn mt h thng my tnh c nhiu b vi x l. End Proccess (Kt th c tin trnh): Dng tin trnh ngay lp tc. Mi ti nguyn cha lu s b mt QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -108GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003 End Proccess Tree (Kt th c cy tin trnh): Dng mi tin trnh v cc tin trnh con hoc tin trnh lin quan ngay lp tc. Mi d liu cha lu s b mt. Debug (G li): To ra mt trng hp ngoi l ngt tin trnh v gn n vi mt trnh g li c ci t trong h thng. CNH BO: Thao tc vi cc tin trnh. Thay i cc thit lp ca mt tin trnh v d nh mc u tin hay mi lin h vi b vi x l c th gy ra nhng tc ng c hi n hiu nng ca cc ng dng khc trong h thng. Kt th c mt tin trnh v c bit l mt cy tin trnh ch nn lm khi cc thao tc th ng thng kt th c tin trnh l kh ng thc hin c. Windows Server 2003 c c ch bo v cc tin trnh ca h iu hnh kh ng b ngt bi Task Manager, tuy nhin ch ng vn c th d b nh hng bi s thiu ti nguyn h thng do vic iu chnh mc u tin ca cc tin trnh khc gy ra. Gim st mc hiu nng Th Performance (Th hin trong Hnh 3-9) hin th cch nhn trong thi gian thc v hiu sut s dng b vi x l v b nh. Mc s dng ca mi b vi x l v mc s dng ca page file (file phn trang b nh) c hin th bng th c ng vi cc gi tr thng k t trc ca cc th ng s ny. Nhn p chut vo mt trong cc th s m rng n theo chiu dc (trc tung) hin th cc gi tr mt cch r rng hn. Cc hin th s bn di s cho bit mc s dng b nh vt l (Physical), b nh li (Kernel) v b nh cam kt (Commit), ng thi c s lng cc Handle (Lin kt gia cc tin trnh), Thread (Lung), v cc tin trnh ang hot ng

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -109GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003

    Hnh 3-9: Th Performance trong Task Manager Gim st cc hot ng ca mng Th Networking (Th hin trong Hnh 3-10) cho thy cc kt ni mng ang hot ng theo tn, c ng vi tc kt ni, phn trm bng th ng s dng v tr ng thi hot ng ca n. ng thi c mt th hin th bng th ng s dng trong kt ni mng ang chn hin ti. Cng ging nh trn, vic nhn p vo trong th ny s hin th th mt cch r rng hn bng cch m rng trc tung y ca n.

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -110GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003

    Hnh 3-10: Th Networking trong Task Manager Gi

    m st ngi d ng Th Users (Th hin trong Hnh 3-11) s lit k tt c cc ngi d ng ang ng nhp vo my tnh. Cc ngi d ng ng nhp c th l ngi d ng lm vic trc tip ti mn hnh iu khin hoc ngi d ng ng nhp qua kt ni t xa trn mng. S dng cc iu khin trong th ny, bn c th ng xut ngi d ng , ngt kt ni ca h n my tnh hoc gi th ng bo cho h.

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -111GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003

    Hn

    h 3-11: Th Users trong Task Manager S DNG PERFORMANCE CONSOLE (BNG IU KHIN HIU NNG) Per r fo mance console (Bng iu khin hiu nng) l mt trong nhng c ng c g i m st mnh nht trong Windows Server 2003. Bng iu khin ny cha hai snap-in sau y:

    System Monitor (Gim st H thng): Hin th cc d liu hiu nng thi gian thc thu thp c t cc phn t cu hnh gi l cc performance counters (Bin m hiu nng) Performance Logs and Alerts (Nht k v Cnh bo Hiu nng): Ghi d liu t cc Bin m Hiu nng theo mt chu k thi gian nht nh v thc thi cc hnh ng xc nh khi cc bin m ny t n mt gi tr no . Performance l mt bng iu khin MMC c th truy cp t mt shortcut trong nhm chng trnh Administrative Tools. Bn cng c th thm cc QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -112GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003 snap-in khc vo trong bng iu khin t y chn. Theo mc nh, Bng iu khin Performance s gim st my tnh hin ti, tuy nhin bn c th cu hnh snap-in ny gim st hiu nng ca bt k my tnh no trong mng nu nh bn c cc quyn thch hp. THNG TIN THM. S dng cc Snap-in trong MMC. c thm th ng tin v vic to ra cc bng iu khin MMC, xem Chng 2 trong cun sch ny. LU . Mc ch ca k thi. Mc ch ca k thi 70-290 l hc vin phi c kh nng gim st hiu nng h thng S dng System Monitor (Gim st H thng) Khi bn m Bng iu khin Performance, theo mc nh th snap-in System Monitor (Gim st h thng) xut hin, th hin trong Hnh 3-12. Khung Chi tit ca snap-in c mt th dng ng, c cp nht theo thi gian thc, cho ta thy cc mc hin ti ca ba Bin m Hiu nng sau y: Memory: Pages/Second (B nh:Trang/giy): T l cc trang b nh c c t hay ghi vo a gii quyt cc li hard page (li Hard page xy ra khi cc tin trnh gi n cc on m hay d liu cn thit nhng hin kh ng sn sng trong cc tp lm vic (worrking set) hay trong b nh RAM, v ch ng buc phi ti to cc th ng tin trn t a cng). Bin m ny l th ng s chnh cho bit cc kiu/dng li gy ra tr trong h thng. PhysicalDisk(_Total): Average Disk Queue Length (a cng: di Hng i a Trung bnh). Bin m o di c gi tr l trung bnh s lng ca cc yu cu c v ghi trong hng i truy cp a cng c ly mu theo mt khong thi gian xc nh.

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -113GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003

    Hnh 3-12: Mn hnh hin th System Monitor theo mc nh Processor(_Total): % Processor Time (B vi x l: % Thi gian ca B vi x l). Phn trm ca thi gian tr i qua m b vi x l tiu tn thc hin mt chui lnh lin tc (non-idle thread). Bin m ny l th ng s ch yu th hin hat ng ca b vi x l v hin th trung bnh phn trm thi gian bn ghi c trong mt khong thi gian ly mu nht nh. Thay i cch Quan st th Mu nh dng c trnh by bn di ca th th hin mu dng k ca mi bin m trong ba bin m trn, gi tr tng ng ca mi bin m v cc th ng s nhn dng khc v cc bin m ny. Khi bn la chn mt bin m trong s , gi tr hin ti s hin th di dng s di y ca th. Nhn vo phm Highlight trong thanh c ng c (hoc nhn Ctrl+H) thay i th ca bin m chn thnh mt dng k rng mu trng gi p ta d dng phn bit c ch ng trn th (Th hin trong Hnh 3-13)

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -114GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003

    Hnh 3-13: Mt th System Monitor vi bin m (counter) c t sng Nu my tnh ca bn ang trong trng thi ngh, bn c th lu rng cc ng k trong th mc nh s nm l lng gn y ca thang chia v s kh khn nhn thy c cc gi tr ca ch ng. Bn c th gii quyt vn ny bng cch chnh sa thang chia trong trc y (trc tung). Nhn vo phm Properties trn thanh c ng c (hoc nhn Ctrl+Q) hin th hp thoi System Monitor Properties, sau la chn th Graph (Th hin trong Hnh 3-14). Trong hp Vertical Scale, bn c th gim gi tr ti a ca trc y, u ny s dn n vic ta s c mt th rng hn hin th cc d liu ca bin m

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -115GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003

    Hnh 3-14: Th Graph ca hp thoi System Monitor Properties Trong th General ca hp thoi System Monitor Properties, bn cn c th chnh sa tn sut ly mu ca th. Theo mc nh, th cp nht cc gi tr ca bin m sau mi 1 giy, tuy nhin bn c th tng gi tr ny hin th d liu trong khong thi gian lu hn trn mt trang ca th. iu ny cho php ta c th d dng pht hin cc xu hng c tnh cht lu di trong cc gi tr ca bin m. LU . Chnh sa thuc tnh ca th. Hp thoi System Monitor Properties cha mt lng ln cc iu khin khc m bn c th s dng chnh sa cch hin th b ngoi ca th. V d, trong th Graph, bn c th thm vo Tiu ca trc v cc ng k li ng thi trong th Appearance, bn c th thay i mu nn ca th v la chn cc kiu (font) ch khc. S dng cc cch Quan st khc. Bn cnh th dng ng, System Monitor cn hai cch thc xem khc bn c th quan st c ng mt d liu: Cch xem Biu v cch xem Bo co. Bn c th thay i cch hin th sang cc cch trn bng cch QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -116GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003

    nhn vo cc phm View Histogram hoc View Report trn thanh c ng c, hoc bng cch nhn Ctrl+B hay Ctrl+R. tr v cch xem th c, bn nhn vo phm View Graph hoc nhn Ctrl+G. Cch xem bng Biu l mt th bao gm cc thanh thng ng cho mi bin m, th hin trong Hnh 3-15. Trong cch xem ny, d dng gim st mt lng ln cc bin m bi v cc dng k kh ng tr ng ln nhau.

    Hnh 3-15: Cch xem bng biu trong System Monitor Cch xem bng Bo co (Th hin trong Hnh 3-26) hin th cc gi tr s cho mi performance counters (Bin m hiu nng)

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -117GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003

    Hnh 3-16: Cch xem bng Bo co trong System Monitor Cng nh cch d ng th, cch xem bng Biu v Bo co u cp nht cc gi tr ca bin m sau khong thi gian c nh c thit lp trong th General ca hp thoi System Properties. Nhc im chnh ca hai cch xem ny l ch ng kh ng hin th gi tr trc ca cc bin m, ch hin th gi tr hin ti. Mi ln ly mu mi s ghi gi tr trc trn mn hnh hin th, kh ng ging nh kiu th dng ng hin th c cc gi tr trc . Thm cc bin m (counter). Ba Bin m Hiu nng xut hin trong System Monitor theo mc nh l cc thc o rt hu ch cho hiu nng my tnh, tuy nhin cc snap-in cn bao gm hng t cc bin m khc m bn c th thm vo khung hin th. thm cc bin m vo trong khung Chi tit ca System Monitor, nhn vo phm Add trn thanh c ng c hoc nhn Ctrl+I hin th hp thoi Add Counters (Th hin trn Hnh 3-17)

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -118GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003

    Hnh 3-17: Hp thoi Add counter LU . Truy cp cc chc nng ca System Monitor. Kh ng ging nh cc snap-in MMC khc, System Monitor kh ng thm cc chc nng thng xuyn s dng ca n vo trong thc n Action ca bng iu khin. Cch duy nht truy cp vo cc chc nng ca System Monitor l s dng thanh c ng c, kt hp vi cc phm tt v thc n ng cnh xut hin khi bn nhn phi chut vo khung hin th. Trong hp thoi ny, bn phi ch r bn mc th ng tin sau y thm mt bin m vo khung hin th. Computer (My tnh). Tn ca my tnh bn mun gim st bin m chn. Kh ng ging nh cc snap-in MMC khc, bn kh ng th chuyn hng ton b vic theo di ca System Monitor vo mt my tnh khc trn mng c ng l c. Thay vo , bn phi ch r tn my tnh cho mi bin m m bn thm vo khung hin th. iu ny cho php bn to ra mt khung hin th th hin cc bin m cho cc my tnh khc nhau trong mng, v d mt th n hin th cc hot ng ca b vi x l ca tt c cc my tnh trn mng. Performance object (i tng cn o hiu nng). L vic phn loi i tng th hin cc thnh phn phn cng v phn mm ring QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -119GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003 bit trong my tnh. Mi i tng cn o hiu nng ny cha mt s cc Bin m Hiu nng lin quan n cc thnh phn Performance counters (Bin m hiu nng). Mt bin s th hin mt kha cnh c bit no trong cc hot ng ca cc Performance object. Instance (Trng hp ring): Mt phn t th hin mt trng hp

    ring nht nh ca Bin m Hiu nng chn. V d, trn mt my tnh c hai giao tip mng, mi bin m trong i tng cn o hiu nng Giao tip Mng s c hai instance, mi instance cho mt Giao tip, cho php bn theo di hiu nng ca mi cc mng ring bit. Mt s bin m cng c mt s instance nh Tng s hoc Trung bnh, cho php bn theo di hiu nng ca tt c mi instance kt hp li hoc gi tr trung bnh ca cc instance. Khi bn xc nh tn mt my tnh, mt i tng cn o hiu nng, mt bin m hiu nng v instance ca i tng , nhn vo Add bin m ny vo khung hin th. Hp thoi vn cn m cho bn c th thm v o nhiu bin m khc na. Nhn Close khi bn hon thnh c ng vic thm bin m hiu nng. LU : Hiu cc bin m. Nhn vo phm Explain s m ra mt hp th ng bo Explain Text cha m t chi tit v Bin m Hiu nng m bn la chn. Cc Perfomance Object, Perfomance counter, v cc instance xut hin trong hp thoi Add Counter t y thuc vo cu hnh phn cng ca my tnh, phn mm trn my tnh v vai tr ca my tnh trong mng. V d, vic ci t dch v DNS Server trn my tnh s thm vo i tng cn o Hiu nng DNS, i tng ny cha mt lot cc bin m bn theo di cc hot ng ca my ch DNS. To cch hin th hiu qu nht. Trong hu ht cc trng hp, khi ngi d ng ln u tin khm ph snap-in System Monitor, h s l ng t ng khi nhn thy hng trm bin m hiu nng sn sng s dng v h c th to ra mt th cha hng t cc bin m khc nhau. S lng ca cc bin m bn c th hin th mt cch hiu qu ph thuc vo kch thc ca mn hnh v phn gii ca cc mn hnh. Bn nn quan tm n cc li khuyn sau y khi la chn cc bin m: QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -120GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003 Gii hn s lng ca cc bin m. Qu nhiu bin m s dn ti khung ha tr nn kh hiu ng thi lm gim ng k hiu nng ca h thng. hin th mt lng ln cc th ng s thng k, bn c th hin th nhiu mn hnh ca s trong bng iu khin v la chn cc bin m khc nhau trong mi ca s, hoc s dng cch xem Biu hoc Bo co hin th mt s lng ln cc bin m trong mt nh dng hiu qu hn (ng ngha vi vic bn s phi hi lng khi kh ng xem c cc gi tr trc nh cch xem trong th) Chnh sa thuc tnh hin th ca bin m. T y thuc vo kch thc v kh nng ca mn hnh ca bn, mu mc nh v rng ca cc ng s dng trong th ca System Monitor c th gy kh khn khi phn bit cc bin m. Trong th Data ca hp thoi System Monitor Properties ca mi bin m, bn c th chnh sa mu sc, kiu v rng ca ng th hin bin m trong th d dng phn bit vi cc bin m khc. thm

    La chn bin m vi cc gi tr c th so snh c. System Monitor chp nhn kh ng gii hn s kt hp ca ca cc bin m bn la chn trong mt th n, tuy nhin mt s th ng s thng k s kh ng th hin th c ng vi nhau bi v cc gi tr ca ch ng khc hn nhau. Khi mt th cha mt bin m c gi tr in hnh l di 20 v mt bin m khc c gi tr in hnh l hng trm, rt kh c th sp xp hin th cc gi tr ny ta c th c c c hai bin m c ng l c. La chn cc bin m c gi tr khc nhau kh ng ng k bn c th hin th cc gi tr cho d c. Hn na, nu bn mun hin th cc bin m vi cc khong gi tr khc nhau, bn c th s dng cch xem bng Bo co thay cho cch xem bng th. Lu Bng iu khin System Monitor Khi bn hi lng vi cch hin th m bn to ra, bn c th lu n li nh mt file bng cch chn Save as t thc n File v ch ra tn ca file vi phn m rng .msc. Np bng iu khin t file ny s m Performance console v hin th snap-in System Monitor, vi tt c cc bin m v cc thuc tnh hin th m bn cu hnh trc khi lu n li.

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -121GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003 Gim st hiu nng ca my ch. Khi bn hiu cch s dng System Monitor, bc tip theo l quyt nh bin m no trong hng trm bin m hiu nng m bn s dng gim st hiu nng my tnh hiu qu nht. Hin nhin l kh ng th c mt cu tr li n gin cho vn trn trong mi trng hp. C th, bn s mun to ra vi bng iu khin gim st cc kha cnh khc nhau ca hiu nng my ch hoc c ng mt kha cnh nhng trn nhiu my ch khc nhau. Phng php thc hnh tt nht l to ra mt chin lc gim st my ch ngay sau khi my ch ny c ci t v cu hnh y . Theo cch ny, bn c th thit lp mt ng c s hiu nng (baseline) cho my ch trong cc trng thi hiu nng l c s dng th ng thng, l c ngh v l c lm vic ti mc nh. Khi c s c xy ra trong cc ln gim st sau , vic o li ln na gi tr ng c s ny c th gi p bn tm ra gii php cho vic gii quyt s c. LU : Tng mc ti khi gim st. Cn nh rng trong mt s trng hp, mc hiu nng o c bi System Monitor bao gm c ti nguyn s dng bi chnh tin trnh o ny. V d, snap-in System Monitor s dng mt s ti nguyn ca b nh v thi gian ca CPU ging nh bt k chng trnh no khc, v nu bn ang gim st cc bin m trn my tnh khc, tin trnh ny c th gy ra mt s ti lu th ng mng nht nh. Cn phi tnh n cc yu t thm vo ny khi bn phn tch kt qu ca System Monitor L do chnh ca vic gim st hiu nng my ch s dng System Monitor l m bo cc ng dng chy trn my ch hot ng tt v pht hin ra hin tng nghn c chai nh hng n hiu sut hot ng ca my tnh. Vic cc qun tr h thng phi i mt vi cc vn s c hiu nng my tnh l rt bnh thng v kh ng th ngay lp tc qui cho mt nguyn nhn c th no v d nh vic trc trc ca mt dch v no . Ngi d ng c th phn nn v vic my ch chm trong khong thi gian no trong

    ngy hoc hiu nng gim dn sau mt khong thi gian tnh bng thng. Khi iu ny xy ra, mt trong nhng nguyn nhn l hin nghn c chai ti u trong ng truyn mng gia my khch liu trn my ch m ngi d ng cn s dng. Hin tng nghn c chai (Bottleneck) xy ra khi mt thnh phn kh ng cu ng cp mt mc hiu nng chp nhn c so vi hiu nng ca

    tun hoc tng v d no

    cc thnh phn khc trong h thng. V d ngi d ng c th phn nn rng hiu nng my ch file ca h rt chm v bn c th mt nhiu thi gian v QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -122GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003 tin bc nng cp mng LAN ca bn t 10Base-T thnh 100Base-TX, hy vng c th ci thin c tnh hnh. Tuy nhin nu my ch ca bn l mt my ch c s dng cc b vi x l Pentium thi u, s ci thin l kh ng ng k bi v rt c th l do b vi x l my ch, ch kh ng phi c ng ngh mng LAN, l nguyn nhn ca hin tng nghn c chai. Mi thnh phn khc c th chy tt nhng b vi x l kh ng th x l kp vi lung d liu do h thng mng mi v nhanh cung cp c. LU : Mc ch ca k thi. Mc ch ca k thi 70-290 l hc vin phi c kh nng gim st hin tng nghn c chai phn cng my ch v gim st v ti u m i trng my ch cho hiu nng ca ng dng bng cch gim st cc i tng cn o Hiu nng nh b nh, mng, b vi x l v a cng. Hin tng nghn c chai c th xut hin do rt nhiu nguyn nhn nh sau: Tng mc ti trn my ch. Mt my ch c th hot ng tt trong mt vai tr c th no l c u, tuy nhin sau khi bn tng mc ti ca my ch bng cch thm vo nhiu ngi d ng v nhiu tc v, c th nhn thy cc phn t trong my ch kh ng hot ng tt nh trc na. V d mt my ch Web c th l d ng cho Web site ca c ng ty trong giai on u, tuy nhin sau khi c ng ty gii thiu thm nhiu sn phm v lu lng d liu n site tng ln gp 3 ln. t nhin bn nhn thy hiu nng ca a trn my ch Web l kh ng p ng cc lu lng d liu tng ny. Li Phn cng. Li Phn cng kh ng phi l c no cng gy ra vic ngng hot ng nghim trng ca h thng. Mt phn t no c th hot ng kh ng ng chc nng mt cch kh ng lin tc trong mt khong thi gian di, gy nn vic gim hiu nng ca my ch mt cch kh chu. V d li cp mng kt ni my ch n thit b switch/hub c th gy nn vic lu th ng mng thng thong b ngt v lm gim hiu nng ca my ch. Thay i vai tr ca my ch. Cc ng dng khc nhau yu cu cc ti nguyn khc nhau. Bn c mt my tnh thc hin chc nng ca mt my ch Web, tuy nhin khi bn thay i vai tr ca my ch ny thnh my ch CSDL, bn c th thy b vi x l hot ng kh ng nhanh chu mc ti ca ng dng mi trn n. Vic xc ddinhj v tr nghn c chai gy ra vic gim hiu nng h thng l mt nhim v rt phc tp, nhng gim st cc Bin m Hiu nng mt QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -123-

    GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003 cch hp l trong System Monitor l mt cch tt bt u nhim v ny. Trong rt nhiu trng hp, nguyn nhn ca hin tng ny c th thu hp v bn phn h chnh lit k phn u ca chng (B vi x l, b nh, a cng v mng) Khi bn gim st cc mc hiu nng my ch, tt nht l nn bt u t trn xung di-c ngha l bn bt u vi vic gim st bao qut ton b cu hnh ca mi phn h xc nh mt phn h no c kh nng gy ra s c nht. Khi bn xc nh c v ng gy s c tng qut, bn c th nhn su hn vo tng dch v v ng dng s dng phn h nhiu nht v thm ch xem c mc giao thc v lung nu cn. Th ng thng, s c gy ra bi mt ng dng hoc thit b, hoc thiu ti nguyn trong h thng. Mt thit b n c th c cu hnh li hoc thay th v cc ti nguyn chung c th c tng cng (v d bng cch thm nhiu b nh RAM hoc thm b vi x l) mt cch thch hp. Cc mc sau y s tho lun v cc vn cn tm hiu v cc Bin m Hiu nng c s dng gim st mi phn h trong bn phn h trn. Gim st hiu nng ca b vi x l Mt mng cc b vi x l b trc trc hoc hot ng kh ng c ng sut c th dn n vic my ch s a cc yu cu ca my khch vo hng i, ngn cn vic my ch p ng cc yu cu ca ngi d ng mt cch nhanh chng. gim st tng quan phn h vi x l, s dng cc Bin m Hiu nng sau y: LU . Xc nh cc bin m. Cc bin m hiu nng trong phn ny v phn sau c vit theo nh dng sau: i tng cn o Hiu nng:bin m hiu nng Processor: % Processor time (Vi x l:% Thi gian x l). Cho bit phn trm thi gian m b vi x l bn. Gi tr ny cng thp cng tt v di 85% th coi l chp nhn c. Nu gi tr ny lu n gi mc cao, bn phi xc nh tin trnh no chim qu nhiu thi gian x l, nng cp b vi x l hoc thm mt b vi x l khc nu c th System: Processor Queue Length (H thng: di hng i vi x l). Ch ra s lng cc lung chng trnh ang i c x l bi b vi x l. Gi tr ny cng thp cng tt, th ng thng di 10 l c th chp nhn c. Nu gi tr ny lu n gi mc cao, nng cp b vi x l hoc thm mt b vi x l khc. QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -124GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003 Server Work Queues: Queue Length (Hng i c ng vic ca my ch: di hng i). Ch ra s lng yu cu ang nm i s dng mt b vi x l no . Gi tr ny cng thp cng tt v th ng thng di 4 l chp nhn c. Nu gi tr ny lu n gi mc cao, nng cp b vi x l hoc thm mt b vi x l khc. Processor: Interrupts/sec (B vi x l:Ngt/giy). Ch ra s lng cc ngt phn cng m vi x l phc v tnh theo giy. Gi tr ny c

    th bin i rt ln v c ngha ch trong mi tng quan vi mc ng c s c thit lp trc . Mt thit b phn cng sinh ra nhiu ngt c th c quyn chim b vi x l, ngn cn b vi x l phc v cc tc v khc. Nu gi tr ny tng mt cch nhanh chng, kim tra cc thnh phn phn cng khc nhau trong h thng xc nh thnh phn no sinh ra qu nhiu ngt. Gim st hiu nng b nh Mt b nh kh ng trong my ch c th kh ng cho my tnh lu m thng xuyn cc d liu cn thit, gy ra vic cc tin trnh phi da vo vic c a hn l c b nh v do lm gim tc ca ton h thng. B nh l mt phn h n quan trng nht cn phi gim st bi v cc s c trong b nh c th nh hng n tt c cc phn h khc. V d, khi tnh trng ca b nh gy ra qu nhiu thao tc phn trang n a, h thng tr ng c v nh c trc trc trong phn h lu tr trong khi thc t b nh l th phm Mt trong cc nguyn nhn th ng thng c th gy ra cc trc trc lin quan n b nh l r r b nh (Memory leak). Vic r r b nh l kt qu ca vic mt chng trnh chim dng qu nhiu b nh m kh ng gii phng sau khi kh ng s dng na. Theo thi gian, cc b nh trng trong my tnh c th b chim dng hon ton, lm gim hiu nng h thng v cui c ng lm dng h thng. Vic r r b nh c th rt nhanh, gy ra s suy gim ngay lp tc i vi hiu nng h thng, tuy nhin ta cng c th mt nhiu thi gian v rt kh khn pht hin ra ch ng, khi m vic gim hiu nng h thng ny din ra t t theo hng ngy hoc hng tun. Trong hu ht cc trng hp, s r r b nh c th gy ra bi cc ng dng ca cc hng th ba m h iu hnh cha tng bit n. gim st hiu nng c bn ca b nh, s dng cc bin m sau y: Memory: Page Faults/Sec (B nh:Li trang/giy). Ch ra s ln trn giy m on m hoc d liu cn x l kh ng tm thy trong b nh. Gi tr ny cng thp cng tt, th ng thng di 5 l chp QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -125GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003 nhn c. Bin m ny bao gm c li nh (trong trang yu cu c th tm thy u trong b nh) v li nng (trong trang yu cu buc phi truy cp t a cng). Cc li nh sinh ra kh ng phi l mt vn ln, tuy nhin cc li nng c th gy ra tr ng k v truy cp a cng chm hn rt nhiu so vi truy cp b nh. Nu gi tr ny qu ln, bn nn kim tra xem h thng c ang phi chu qu nhiu li nng bng cch s dng Bin m Memory: Pages/Sec. Nu s lng li nng l qu nhiu, bn nn xem xt tin trnh no gy nn vic phn trang qu nhiu hoc ci t thm b nh RAM cho h thng. Memory: Pages/Sec (B nh:Trang /giy). Ch ra s lng trang d liu trn giy kh ng nm trong RAM v phi truy cp t a hoc phi ghi ln a to kh ng gian trng cho RAM. Gi tr ny cng thp cng tt v th ng thng di 20 l c th chp nhn c. Nu gi tr ny qu cao, bn nn xem xt tin trnh no gy nn s phn trang qu nhiu hoc ci t thm RAM cho h thng. Memory: Available Bytes (B nh:Cc byte trng). Ch ra dung lng b nh vt l cn trng tnh theo Byte. (Cn c cc bin m khc hin th c ng loi gi tr ny nhng c tnh theo kilobyte hoc megabyte). Gi tr ny cng cao cng tt v kh ng nn di 5% ca tng s b nh RAM trong h thng, vic b nh cn trng cn qu t c th l biu hin ca b nh ang b r r. Nu gi tr ny qu thp, xem xt vic thm RAM cho h thng.

    Memory: Committed Bytes (B nh: Cc Byte cam kt ). Cho bit dung lng b nh o c khong kh ng gian c d tr trn tp phn trang. Gi tr ny nn cng thp cng tt v nn lu n gi thp hn dung lng RAM vt l c trong h thng. Gi tr ny qu ln cho thy c th c s r r b nh v bn nn xem xt vic thm RAM cho h thng Memory: Pool Non-Paged Bytes (B nh: cc byte ca v ng kh ng phn trang). Cho bit kch thc ca v ng trong b nh c s dng bi h iu hnh cho cc i tng m kh ng th ghi vo trong a. Gi tr ny nn l mt s n nh v kh ng tng trng khi kh ng c thm cc hot ng ca my ch. Nu gi tr ny tng theo thi gian, iu th hin c th h thng ang b r r b nh.

    Gim st hiu nng a cng. QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -126GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003 Phn h a cng b qu ti khi c v ghi lnh c th lm gim t l my ch x l cc yu cu ca my khch. Cc a cng trong my ch cha mt lng ln cc d liu vt l hn bt k mt phn h no do phi p ng cc yu

    a rt nhiu my khch, u c a cng phi di chuyn lin tc ti cc v tr khc nhau trn v ng a phng. K thut m u c di chuyn l rt nhanh, tuy nhin mt khi a t n tc c/ghi ti a, cc yu cu thm na c th bt u gy ra s chn p trong hng i x l. i vi l do ny, phn h lu tr l mt phn t cn quan tm hng u khi c nghn c chai.

    PhysicalDisk: Disk Bytes/sec (a vt l:Byte/giy). Cho bit s byte trung bnh c chuyn n hoc ra khi a trong mi giy. Gi tr ny nn tng ng vi mc thit lp trong ng c s ban u hoc cao hn. Vic gi tr ny gim i cho thy trc trc trong a cng thm ch c th l hng. Nu trng hp ny xy ra, xem xt vic nng cp phn h a lu tr. PhysicalDisk: Avg. Disk Bytes/Transfer (a vt l: byte trung bnh /Giao dch). Cho bit s byte trung bnh c chuyn vn trong qu trnh vn hnh c v ghi. Gi tr ny nn tng ng vi mc thit lp trong ng c s ban u hoc cao hn. Vic gi tr ny gim i cho thy trc trc trong a cng thm ch c th l hng. Nu trng hp ny xy ra, xem xt vic nng cp phn h a lu tr. PhysicalDisk: Current Disk Queue Length ( di hng i a hin ti). Cho bit s lng yu cu c hoc ghi a ang tn ng. Gi tr ny nn cng thp cng tt, vi mc th ng thng thp hn 2 l c th chp nhn c trn 1 trc quay a. Gi tr bin m ny m ln c th cho thy a cng ang trc trc hoc n kh ng c kh nng p ng cc yu cu i vi n. Trong trng hp ny, bn nn xem xt vic nng cp phn h a lu tr PhysicalDisk: % Disk Time (a cng:Phn trm thi gian a). Cho bit phn trm thi gian m a cng bn. Gi tr ny cng thp cng tt v th ng thng di 80% l chp nhn c. Gi tr ca bin m ny cao chng t rng hot ng ca a ang trc trc, hoc n kh ng c kh nng theo kp cc yu cu i vi n, hoc trc trc trong b nh gy nn vic phn trang a qu nhiu. Kim tra vic b nh r r hoc cc vn lin quan v nu kh ng c li no tm thy, bn nn xem xt vic nng cp phn h a lu tr. LogicalDisk: % Free Space (a logic:%a trng). Cho bit phn trm a trng trn a cng. Gi tr ny cng ln cng tt, th ng QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -127GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003 thng ln hn 20% l chp nhn c. Nu gi tr ny qu thp, bn nn thm a cng. Hu ht cc s c trong phn h a cng, khi khng phi do phn cng trc trc gy ra, u dn n kt qu l phi nng cp h thng lu tr. Vic nng cp ny c th bao gm cc phng php sau y:

    Ci t cc a cng mi nhanh hn Ci t thm a cng v phn chia d liu trn cc a , gim truy cp I/O trn mi a Thay th cc a n bng cc dy a RAID (Redundant Array of Independent Disks Dy cc a c lp d tha) Thm nhiu a vo trong dy a RAID sn c Gim st hiu nng mng. Gim st hiu nng mng l nhim v phc tp hn rt nhiu vic gim st cc phn h khc bi v rt nhiu yu t bn ngoi my tnh c th nh hng n hiu nng mng. Bn c th s dng cc bin m sau y th xc nh nu nh mt s c mng xy ra, nhng nu bn nghi ng mt s c no , bn nn bt u tm kim nguyn nhn t ngoi my tnh ca bn trc Network Interface: Bytes Total/sec (Giao tip mng:Tng s Byte/giy). Cho bit s lng byte gi v nhn trn giy trn mt giao tip mng. Gi tr ny nn tng ng vi mc thip lp ti ng c s d kin ban u hoc cao hn. Gi tr ny gim chng t c trc trc trong thit b mng hoc s c khc trong mng. Network Interface: Output Queue Length (Giao tip mng: di hng i ra). Cho bit s lng gi tin i truyn i qua giao tip mng. Gi tr ny cng thp cng tt v c th l zero mc d gi tr l 2 hoc thp hn l c th chp nhn c. Nu gi tr ny l qu cao, giao tip mng c th b trc trc hoc c th tn ti s c mng khc. Server: Bytes Total/Sec (My ch: Tng s byte/giy). Cho bit tng s byte gi v nhn bi my ch trn tt c cc giao tip mng ca n. Gi tr ny nn kh ng qu 50% ca tng bng th ng ca giao tip mng trong my ch. Nu gi tr ny qu cao, xem xt vic chuyn mt s ng dng sang my ch khc hoc nng cp sang mt mng nhanh hn.

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -128GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003 Bng th ng ca cc kt ni mng gii hn lu lng n my ch th ng qua cc giao tip mng. Nu gi tr ca cc bin m ny cho bit rng mng ang b nghn, c hai cch nng cp mng v kh ng c cch no l n gin c: Tng tc ca mng. iu ny c ngha l thay th tt c cc giao tip mng trong mi my tnh, hub, router v cc thit b khc trn mng v c th thay th c cp mng. Ci t thm thit b giao tip mng trong my ch v ti phn b

    li mng. Nu lu lng d liu thng xuyn lm ngp trn giao tip mng trn my ch, ch c mt cch tng cng bng th ng mng m kh ng cn tng tc mng l ci t thm cc giao tip mng. Tuy nhin, vic kt ni thm cc giao tip trong c ng mt mng s kh ng cho php ti c nhiu lu lng mng hn n my ch. Thay vo , bn phi to thm cc subnet (mng con) trn mng v ti phn b cc my tnh vo trong mng con , do s c t lu lng mng hn trong mi subnet. Gim st cc vai tr my ch Khi bn gim st hiu nng my ch v tm kim cc nghn c chai, iu quan trng l bn phi hiu s lin quan ca cc vai tr m my ch thc thi. Cc ng dng v dch v c cc yu cu khc nhau n ti nguyn h thng v chnh sch gim st ca bn cho mi my ch nn tp trung vo cc i tng cn o Hiu nng v cc Bin m Hiu nng ca cc ti nguyn nh hng ln nht n my ch . Bng 3-3 lit k mt s vai tr my ch th ng dng, ti nguyn quan trng i vi mi vai tr v cc i tng cn o Hiu nng m bn nn gim st. Bng 3-3: Vai tr my ch v cc i tng cn gim st Vai tr my ch Ti nguyn s dng Cc Performance Object cn gim st My ch ng dng B nh, mng v b vi x l B nh, B vi x l, Giao tip mng v H thng My ch sao lu B vi x l v mngH thng, My ch, B vi x l v Giao My ch CSDLLu tr, mng v b tip mng a vt l, a logic, B vi x l, Giao vi x l tip mng v H thng

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -129GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003 B nh, B vi x l, H thng, Giao tip mng, cc i tng giao thc (ph My ch qun tr min

    My ch file v in n My ch Mail/Truyn tin My ch Web B nh, b vi x l, mng v a

    B nh, a v cc phn t mng b vi x l, a, mng v b nh Cache trn a v cc phn t mng thuc vo mng nhng c th bao gm TCPv4, UDPv4, ICMP, IPv4, Kt ni NBT, NWLink IPX, NWLink IPX, NWLink NetBIOS, v NWLink SPX), a vt l v a logic B nh, Giao tip mng, a vt l, a logic v Hng i my in B nh, Cache, B vi x l, H thng, a vt l, Giao tip mng v a logic Cache, Giao tip mng, a vt l v a logic S dng Performance Logs and Alerts Mc d snap-in System Monitor l rt hu ch tuy nhin rt t qun tr mng c thi gian hay s thch ngi xem cc th dng ng trn mn hnh ha tm cc du hiu s c trn my ch ca h. Performance Logs and Alerts (Nht k v Cnh bo Hiu nng) lm gim thiu c nhu cu lm vic . Performance Logs and Alerts l mt snap-in trong MMC cung cp kh nng gim st bng nht k s dng cc i tng cn o Hiu nng v Bin m Hiu nng ging nh System Monitor s dng. Vi snap-in ny, bn c th thu thp cc d liu hiu nng t ng t cc my tnh ni b v xa, lu n trong cc nh dng khc nhau v to ra cc cnh bo khi mt bin m c bit no t n mc ngng xc nh. Khi bn la chn snap-in Performance Logs And Alerts trong bng iu khin Hiu nng (Performance console), bn c th thy ba tiu ph nh sau: Counter Logs (Nht k cc bin m). Cho php Performance console chp cc th ng s thng k cho cc bin m nht nh vo mt file nht k ti cc thi im xc nh v u n sau mt khong thi gian c nh Trace Logs (Nht k theo di). Cho php Performance console ghi li cc th ng tin v cc ng dng h thng khi mt s kin no xy ra, v d nh li hot ng I/O ca a hoc li phn trang b nh. Alerts (Cnh bo). Cho php Performance console gim st gi tr ca mt bin m nht nh no theo cc khong thi gian lp v QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -130-

    GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003 thc hin mt hnh ng xc nh khi bin m t n gi tr gii hn no . Mt trong nhng li ch chnh ca Performance Logs and Alerts l cho php bn chp cc th ng tin v hiu nng ca cc bin m nghin cu v sau. Snap-in ny h tr rt nhiu nh dng file cho php bn lu cc th ng tin chp c vo cc chng trnh bng v CSDL. Bn c th s dng nht k cc bin m thit lp mt ng c s cho hiu nng h thng v sau u n kim tra cc nht k ny xem sai lch so vi ng c s chun l bao nhiu. Bn cn c th to ra cc cnh bo bo ng cho bn bit khi tnh trng mng sai lch qu nhiu so vi trng thi th ng thng. LU : Ghi nht k t ng. Performance Logs and Alerts chy nh mt dch v, iu ny c ngha l bn c th cu hnh snap-in ny gim st cc bin m hiu nng nht nh. Dch v ny s c np trong qu trnh h thng khi ng v tip tc hot ng thm ch c khi kh ng c ngi d ng no ng nhp vo h thng. To ra cc counter log (Nht k bin m): to ra cc nht k bin m trong snap-in Performance Logs and Alerts, bn c th la chn i tng Counter Logs trong khung Phm vi v la chn New Log Settings t thc n Action. Sau khi bn nhp vo tn ca nht k mi, bn s thy mt hp thoi (Th hin trong Hnh 3-18) trong bn nhp vo cc th ng tin sau y: Cc Performance objects v Performance counters. Bn s chn cc Performance objects v Performance counters v c giao din ging nh khi bn s dng System Monitor. Sample Interval (Thi gian lp ly mu). Thi gian lp m ti snap-in ny s ghi vo nht k gi tr ca bin m bn la chn. Lu rng thi gian lp ly mu m ngn s cho ra file nht k ln v ng thi h thng s phi lm vic nhiu hn. Gi tr chn nn t y thuc vo thi gian bn m d nh ghi nht k cho bin m l bao lu. Run as credentials (Cc th ng s ng nhp Run as). Tn ngi d ng v mt khu m dch v Performance Logs and Alerts s dng ng nhp vo h thng trc khi chp cc th ng tin vo trong nht k bin m.

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -131GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003 Log file type (Kiu file nht k). nh dng file nht k m bn mun s dng cho nht k bin m v th mc m bn mun lu. Bn c th lu nht k ny nh mt file vn bn c phn cch cc trng d liu bng du phy hoc du cch (tab), mt file nh phn dng th ng thng hoc dng lp vng (c th xem trong System Monitor), hoc mt file CSDL trong SQL. Bn cn c th ch ra kch thc ti a ca file nht k v cch to tn ca file t ng. LU : S dng file lp vng. M t file lp vng nh phn l file trong snap-in lin lc ghi cc th ng tin vo c ng mt file v ghi cc d liu c nht m n tng ghi trc .

    Scheduling information (Cc th ng tin lp lch). Bn c th cu

    hnh nht k bin m khi ng v dng ti cc thi im ngy v gi xc nh hoc bn c th la chn khi ng hoc dng qu trnh ghi nht k mt cch th c ng t snap-in. Close Command (Lnh k ih ng). Cho php bn ch nh lnh m snap-in phi chy khi file nht k c ng li.

    Hnh 3-18: Hp thoi cu hnh nht k bin m (Counter Log) QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -132GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003 Khi bn cu hnh nht k bin m, n xut hin trong khung Phm vi ca snap-in vi mt biu tng, mu ca biu tng th hin trng thi hin ti ca nht k. Mt biu tng mu c ngha l ang dng v mu xanh c ngha l ang chy.

    To ra mt Trace log. Qu trnh to ra mt trace log (Nht k ra mt nht k bin m, ngoi tr counters, bn li la chn cc s kin mun gim st, s dng giao din trong

    Theo di) tng t nh qu trnh to vic thay v la chn performance h thng (System events) m bn Hnh 3-19.

    Hnh 3-19: Hp thoi cu hnh trace log Xem nht k bin m (counter log). QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -133GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003 Khi bn la chn lu mt nht k bin m thnh mt file nh phn, n s xut hin trong th mc ch nh mt file c phn m rng .blg. m mt trong cc file ny v xem ni dung ca n, bn vo snap-in System Monitor v nhn vo thanh c ng c View Log Data hoc nhn Ctrl+L. Trong hp thoi System Monitor Properties (Th hin trong Hnh 3-20), bn phi cu hnh cc thnh phn sau y: Ngun d liu. Trong Th Source, nhn vo t y chn Log Files v la chn file nht k m bn mun hin th. Khong thi gian. Trong th Source, nhn vo phm Time Range hin th mt thanh trt cha khong thi gian m d liu c chp vo trong nht k. Bn c th s dng thanh trt ny la chn tt c hoc mt phn ca nht k hin th. Bin m. Trong th Data, nhn vo Add v la chn cc bin m m bn mun hin th. Trong trng hp ny, hp thoi Add Counter ch cha cc i tng cn o Hiu nng v Bin m Hiu nng m bn tng chn ghi li trong nht k.

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -134GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003 Hnh 3-20: Hp thoi System Monitor Properties c cu hnh hin th mt file nht k Khi bn nhn vo OK ng hp thoi ny li, th dng ng trong System Monitor hin th cc d liu c ghi trong nht k. Bn c th thc hin thao tc cu hnh cch hin th trong th cng ging nh cch m bn lm khi mn hnh hin th cc hot ng hin ti trong h thng.

    To cc Alerts (Cnh bo) Chc nng cnh bo cho php my tnh chy Windows Server 2003 th ng bo cho bn khi mc hiu nng h thng t n gi tr ngng xc nh. to cc cnh bo, bn la chn i tng Alerts trong khung Phm vi ca snap-in Performance Logs and Alerts v la chn New Alert Setting t thc n Action hin th hp thoi (Th hin trong Hnh 3-21) trong bn s

    nhp vo cc th ng tin sau y: Counters (bin m). Cc performance object v cc performance counter m bn c th la chn cnh bo, v giao din m bn s dng la chn ch ng ging nh trong System Monitor Gi tr gii hn ca bin m. i vi mi bin m bn la chn, bn phi ch ra mt gi tr gii hn v liu bn mun cnh bo ny s c kch hot khi gi tr ca bin m ny thp hn hay cao hn gii hn. Qung ngt ly mu. Thi gian lp m theo snap-in s thu thp gi tr ca bin m m bn la chn Cc th ng s ng nhp Run as. Tn ngi d ng v mt khu m dch v Performance Logs and Alerts s dng ng nhp vo h thng trc khi gim st cc bin m c la chn. Hnh ng (Action). Hnh ng m bn mun snap-in thc hin khi mt trong cc bin m la chn ca bn t n gi tr gii hn. Snap-in c th to ra mt mc trong nht k s kin, gi mt th ng bo qua mng n ngi d ng xc nh no , bt u ghi cc d liu hiu nng ca bin m vo nht k hoc chy mt chng trnh hoc dng lnh no .

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -135GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003 Cc th ng tin lp lch. Bn c th cu hnh snap-in khi ng v dng khi gim st cc bin m la chn ti cc thi im ngy gi c th hoc bn c th la chn khi ng hoc dng tin trnh gim st th c ng t snap-in.

    Hnh 3-21: Hp thoi cu hnh cnh bo

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -136GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003 TNG KT Event Viewer l mt snap-in MMC hin th cc nht k oc my tnh duy tr. Mi my tnh Windows Server 2003 u c cc nht k ng dng, Bo mt v H thng; my ch qun tr min cn c thm hai nht k cho Dch v Th mc v Dch v ng b File v my ch DNS cn c thm nht k cho dch v DNS Server. Mi mc vo ca nht k s kin c th cha cc th ng tin, cnh bo, th ng bo li hoc kt qu kim nh. Task Manager hin th cc d liu v hiu nng theo thi gian thc ca b vi x l, b nh my tnh, lit k cc ng dng v tin trnh chy trong my tnh, cc th ng tin v mng v ngi d ng. Bn c th ng thi s dng Task Manager dng mt ng dng v tin trnh, thit lp mc u tin hoc ngt ngi d ng khi kt ni ti my tnh ang theo di. Performance console cha hai snap-in: System Monitor v Performance Logs and Alerts System Monitor hin th cc d liu v hiu n ng theo thi gian thc ca cc thnh phn phn cng v phn mm trong h thng, s dng cc cch xem kiu th, Biu v Bo co gim st th ng tin thng k v mt h thng no bng System Monitor, bn la chn mt performance object th hin mt phn t xc nh, mi performance counter th hin mt kha cnh xc nh ca i tng la chn, hoc trong mt s trng hp l ca mt trng hp ring (instance) ca i tng la chn. Performance Logs and Alerts ghi cc th ng tin v hiu nng ca cc bin m vo nht k v cc s kin ca h iu hnh theo di cc nht k ny theo cc chu k thi gian c lp lch trc, cho php bn chp c mt s ln cc mu d liu kim tra sau ny.

    Performance Logs and Alerts cn c th gim st cc bin m xc nh v thc hin mt hnh ng no khi gi tr ca cc bin m ny t n mt mc ngng xc nh.

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -137GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003 BI TP THC HNH Bi tp thc hnh 3-1: S dng Event Viewer Trong bi tp thc hnh ny, bn s dng bng iu khin Event Viewer kim tra nht k H thng ca my tnh. 1. ng nhp vo my tnh vi ti khon Administrator. 2. 3. Nhn Start, tr vo Administrative Tools v nhn vo Event Viewer. Bng iu khin Event Viewer xut hin Trong khung Phm vi ca bng iu khin, nhn vo i tng System. Mt danh sch cc mc nht k h thng hin ln trong khung Chi tit 4. Nhn p vo mt trong nhng mc trong khung Chi tit hin th hp thoi Event Properties Bi tp thc hnh 3-2: S dng Task Manager Trong bi tp thc hnh ny, bn s dng Task Manager khi ng mt ng dng v nhn bit cc tin trnh 1. ng nhp vo my tnh vi ti khon Administrator 2. Nhn phi chut vo v ng trng trong thanh tc v v la chn Task Manager t thc n ng cnh. Ca s Windows Task Manager xut hin. 3. Trong th Applications, nhn vo New task. Nhp vo notepad v nhn OK. Mt ca s son tho vn bn Untitled-Notepad hin ra v mt mc Untitled-Notepad xut hin trong th Applications ca Task Manager 4. Trong th Applications ca Task Manager, nhn phi chut vo mc Untitled-Notepad v la chn Go to Process t thc n ng cnh. Task Manager chuyn sang th Process vi tin trnh Notepad c t sng. Bi tp thc hnh 3-3: To mt Bng iu khin System Monitor Trong bi tp thc hnh ny, bn s to mt bng Monitor mi

    iu khin

    System

    1. ng nhp vo my tnh vi ti khon Administrator QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -138GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003 2. Nhn Start, tr vo Administrative Tools v nhn vo Performance. Bng iu khin Performance xut hin 3. Trong khung khung Chi tit, nhn vo phm Add trong thanh c ng c. Hp thoi Add xut hin 4. i tng Processor c la m % Idle Time v sau nhn Add. Sau % Interrupt Time v Interrupts/Sec theo 5. T thc n File, la chn Save 6. Lu bng iu khin li vi tn l procmon.msc. CC CU HI N TP 1. chn nh mc nh, nhn vo bin thm vo cc bin m cch trn v nhn Close. as. Hp thoi Save as xut hin

    2. Bn kh ng mun d liu trong nht k Bo mt b ghi , tuy nhin bn cng kh ng mun my tnh ca bn ngng giao tip vi mng bt k l c no. Thit lp no m bn nn cu hnh trong my ch ? Mc ch ca bn l gim st tt c cc my ch ca mnh ch ng c th c chng phn mnh u n theo lch sp xp sao cho hiu qu nht. Chng trnh chng phn mnh a m bn mun s dng yu cu ti thiu 20% dung lng a cng trong mi a thc hin tt nhim v. Bn nn lm g ? 3. My tnh m bn s dng gim st cc h thng khc trong mng ang qu ti vi nhim v ny, do bn mun gim nh mc ti cho n. Bn nn lm g gim nh mc ti ca nhim v gim st trong khi duy tr cc d liu gim st mc ti a c th ? 4. Bn ang chy mt ng dng CSDL trn my tnh vi hai b vi x l. Bn mun ng dng CSDL ny chy trn b vi x l th hai. Lm th no bn c th s dng Task Manager thc hin vic ny? 5. Mnh no sau y l ng nu System Monitor hin th gi tr ca bin m PhysicalDisk:Current Disk Queue Length ln hn 2 trong mt h thng a kh ng phi l RAID ? a. Bn cn nhiu kh ng gian a cng hn b. Bn cn a cng nhanh hn c. Bn cn th ng tin thm xc nh liu a c vn g kh ng?

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -139GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003 6. Cc nht k no sau y c th s dng Event Viewer xem trn mt my ch thnh vin c chc nng my ch ng dng (Chn tt c cc cu tr li ng) ? a. ng dng b. Dch v th mc c. H thng d. Bo mt e. Dch v ng b file 7. Ti sao mt s cc Bin m Hiu nng trong System Monitor li c nhiu trng hp ring (instance) khc nhau ? 8. Hai cch cha phn h a lu tr b nghn c chai trong phn hiu nng my ch? CC KCH BN TNH HUNG Kch bn 3-1: Pht hin trng hp nghn c chai Bn l qun tr mng cho c ng ty c ng ngh cao Fabrikam, Inc., c ng ty gn y k kt c mt hp ng li nhun cao vi chnh ph. Kt qu ca hp ng ny l c ng ty s phi tri qua qu trnh m rng din ra trong 12 thng ti. S lng ngi d ng truy cp vo CSDL my khch ca c ng ty d kin l gp i v Gim c IT ch th cho bn xc nh liu my ch CSDL ca c ng ty, vi cu hnh hin ti ca n, c th p ng c nhu cu tng mc ti theo d tnh kh ng, v nu kh ng th s phi nng cp ci g. ho t n hnh nhim v ny, hnh ng u tin ca bn l trin khai mt k hoch gim st my ch xem c nghn c chai hay kh ng. Bc u tin ca k hoch ny, bn thit lp mt ng c s bng cch s dng snap-in Performance Logs and Alerts to ra mt nht k bin m theo di gi tr c a cc bin m quan trng ca cc i tng cn o Hiu nng nh b vi l, b nh, a vt l v giao tip mng. Sau khi thit lp cc gi tr cho cc bin m ny trong qu trng thi hot ng th ng thng, bn phi lm g tip theo cu hnh Performance console pht hin ra s nghn c chai ? a. cc nht k hiu nng ny chy ton thi gian v kim tra gi tr ca cc bin m ny theo cc khong thi gian lp u n.

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -140GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003

    d.

    Bn gp trc trc vi b nh, kh ng phi vi a cng .

    b. S dng System Monitor, to ra th ca c ng cc bin m trn v cu hnh snap-in to ra mt cnh bo bng m thanh khi bt k gi tr ca mt bin m no vt qu mc ngng ti a. c. Trong snap-in Performance Logs And Alerts, to ra mt lot cc cnh bo gi th ng bo n my trm ca bn khi bt k gi tr ca bin m no vt qu mt mc xc nh. d. Trong snap-in Performance Logs And Alerts, to ra mt trace log s dng c ng cc bin m nh khi xc nh ng c s. Kch bn 3-2: Loi b nghn c chai Bn l qun tr mng dc giao nhim v xc nh ti sao my ch file v in n chy Windows Server 2003 trong mt mng LAN li hot ng km. Bn cng ng thi phi trin khai cch gii quyt trng hp ny. Sau khi gim st cc Bin m Hiu nng trong my ch bng cch s dng Performance console, bn xc nh c rng h thng mng gy nghn lm gim hiu sut hot ng ca my ch. Gii php no sau y s cho php bn t c mc tiu tng cng mc hiu nng ca my ch file v in n ny? a) Ci t thm mt thit b giao tip mng trong my ch ny v kt ni n vi c ng mng ca giao tip cn li. b) Tng tc ca mng bng cch thay th cc giao tip mng 10BaseT trong cc my tnh trn mng v thit b hub m cc my tnh kt ni n bng cc thit b c tc 100Base-TX c) Phn chia mng thnh 2 mng LAN ring bit vi s lng my tnh ngang nhau trong mi mng. Sau ci t mt thit b giao tip mng th hai trong my ch file v in n v kt ni my ch n c hai mng LAN ny d) Thay th cc thit b giao tip mng trong my ch file v in n ny bng mt thit b b m ln hn. c nh

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003

    -141SAO LU V PHC HI D LIU

    CHNG 4: SAO LU V PHC HI D LIU S so snh tng ng th ng dng nht c s dng m t mi lin h gia mt a trong a cng (ni lu tr d liu) v u c ca n ( c v ghi d liu ln a) l hnh nh mt chic my bay dn dng 747 loi ln bay vi tc 600 dm mt gi trn cao 5 feet so vi mt t. Khi bn quan tm n iu ny, bn s tht s kinh ngc khi a cng c kh nng lm vic tt v lu c nh th. Mt ngy no , bn rt c th b mt mt a cng cha cc d liu rt quan trng. iu ny c th cha xy ra ngay ngy h m ny hoc ngy mai, tuy nhin cng c th n s n vo mt ngy no . Cc a cng ny c th b ly trm c ng vi my tnh, b ph hy bi chy nh hoc cc thm ha khc, hoc n gin l n b hng. V cho d ti bt k nguyn nhn g, d liu ca bn cng s b mt v vic c ly li c d liu hay kh ng l t y thuc vo bn. Ngy xy ra chuyn l ngy bn s phi cm n chnh mnh v tt c nhng n lc ca bn khi thit lp chin lc sao lu cho h thng. Nu bn kh ng c mt chin lc sao lu ng n, rt c th mt ngy no bn phi bt u c ng vic bng cch vit s yu l lch xin vic. Thc hin vic sao lu u n l mt trong nhng chc nng c bn nht ca qun tr mng v qun tr h thng. Kh ng ging nh hu ht cc thnh phn khc trong my tnh, a cng c mt b phn chuyn ng vi tc cao, lm vic vi mt dung sai rt nh. V kt qu a cng hng l mt iu kh th ng thng, v bn phi chun b cho iu bng cch u n sao lu d liu ca mnh trn cc phng tin lu tr khc. Sau khi hon thnh chng ny, bn c th: M t cc kiu phn cng khc nhau s dng sao lu. Hiu bit v kh nng ca cc phn mm sao lu mng. Hiu bit s khc nhau gia cc tc v sao lu full (Ton b), sao lu incremental (Tng ln) v sao lu differential (Sai khc). Lit k cc kh nng ca chng trnh Microsoft Windows Server 2003 Backup Sao lu v kh i phc CSDL ca Active Directory S dng volume shadow copies (Cc bn sao ca a) QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 142 SAO LU V PHC HI D LIU

    HIU BIT V SAO LU Nhim v sao lu n gin l sao chp d liu ca bn mt cch u n nu nh thit b lu tr ca bn b h hng hoc ph hy v d liu trn b mt, bn c th kh i phc li cc d liu ny mt cch kp thi. Sao lu l mt tiu chun nh gi kh nng chng li c bn. Thm ch nu nh bn c cc c ng ngh lu tr khc cung cp kh nng chng li, v d nh h thng a RAID hoc cm my ch cluster, bn vn cn phi c mt gii php sao lu cho mnh. H thng mng lm cho tc v sao lu u n tr nn va phc tp va n gin. Mt chin lc sao lu cho mt my tnh n bao gm vic ci t mt thit b sao lu trong h thng. Qu trnh sao lu mng s phc tp hn bi v bn c d liu lu trn nhiu my tnh cn bo v v vic ci t mt

    thit b sao lu trn mi my l kh ng thc t. Tuy vy, qu trnh sao lu mng li n gin bi thc t bn c th s dng mng truy cp n cc my ch cn sao lu, iu ny cho php bn s dng mt thit b sao lu bo v rt nhiu my tnh. Mt chin lc sao lu s phi ch ra d liu no cn sao lu, sao lu theo tn sut nh th no v phng tin lu tr no m bn s dng lu cc d liu sao lu. Quyt nh ca bn t y thuc vo phn cng v phn mm sao lu ng thi cc chnh sch qun tr m bn s dng, t y thuc vo dung lng d liu m bn phi sao lu, thi gian bn sao lu v mc bo v m bn mun p dng. Mt gii php sao lu mng bao gm hai thnh phn sau y: Mt hoc nhiu thit b sao lu Sn phm phn mm sao lu Mt k hoch sao lu hiu qu phi ch ra cch tn dng cc kh nng ca hai thnh phn trn cung cp mc bo v m doanh nghip cn. Tiu chun m bn nn s dng khi nh gi cc sn phm phn cng v phn mm sao lu s c bn lun trong cc phn sau. LU . Mc ch ca k thi. Mc ch ca k thi 70-290 l hc vin phi c kh nng qun l cc tc v sao lu Phn cng sao lu Bn c th sao lu bng bt k loi thit b lu tr no, mc d th ng thng ngi ta hay d ng cc thit b s dng cc phng tin lu tr c QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 143 SAO LU V PHC HI D LIU kh nng tho ri. Ba tiu ch quan trng nht nh gi cc thit b phn cng sao lu l: Dung lng. Mt trong nhng mc ch chnh ca vic pht trin mt chin lc sao lu hiu qu l t ng ha qu trnh sao lu cng nhiu cng tt. Mc d bn c th sao lu hng gigabyte d liu trn cc a mm 1.44MB, tuy nhin chc bn kh ng mun phi ngi lin tc nht 712 chic a mm vo a. Do , bn nn la chn mt thit b c kh nng lu tr d liu nhiu nht c th m kh ng cn phi thay th cc phng tin lu tr. Trng hp l tng nht l mt phng tin lu tr v khi ton b tc v sao lu c th lu va trong mt cun bng t n hoc cc phng tin lu tr khc. iu ny cho php bn c th lp lch sao lu v chy hon ton t ng m kh ng cn can thip. Tuy nhin iu ny kh ng c ngha l bn phi mua mt thit b lu tr c th cha ton b d liu ca tt c cc my tnh trong mng ca bn. Bn c th la chn cn thn d liu no m bn mun sao lu. V vy cho nn vic xc nh dung lng d liu cn bo v v tn sut bao lu l iu rt quan trng trc khi bn quyt nh dung lng ca thit b lu tr. Tc . Mt trong nhng tiu ch quan trng khc khi bn la chn mt thit b sao lu l tc m thit b ny c th ghi d liu ln cc phng tin lu tr. Cc thit b lu tr c th hot ng vi rt nhiu tc khc nhau v tht kh ng ngc nhin khi thit b nhanh nht th ng thng cng s t nht. Mt tc v sao lu in hnh s chy khi h thng mng ang kh ng s dng, iu ny m bo mi d liu trn mng sn sng cho nhim v sao lu. Khong thi gian m bn s dng sao lu i khi c gi l backup window (ca s sao lu). Thit b sao lu m bn s dng nn ph thuc mt phn vo dung lng d liu bn mun bo v v khong thi gian m bn mun s dng sao lu. V d nu bn c 10GB d liu cn sao lu v c ng ty ca bn s ng ca t 5 gi chiu n 9 gi sng h m sau, nh vy bn c mt khong thi gian sao lu (backup window) l 16

    gi - rt nhiu thi gian sao chp d liu s dng cc thit b lu tr tc trung bnh. Tuy nhin, nu nh c ng ty bn hot ng trong ba ca v cho bn ch 1 gi, t 7 gi n 8 gi, sao lu 100 GB d liu, bn phi s dng mt thit b sao lu nhanh hn nhiu hoc trong trng hp ny c th l vi thit b. Chi ph. Chi ph lu n lu n l mt nhn t trong vic la chn mt sn phm phn cng. Bn c th mu mt thit b sao lu loi thng vi QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 144 SAO LU V PHC HI D LIU gi khong 100$ n 200$, thit b ny ph hp sao lu mt my tnh gia nh v tc v dung lng kh ng phi l cc nhn t chnh. Tuy nhin, khi bn chuyn sang cc thit b c tc v dung lng ph hp vi nhim v sao lu mng, gi c ca ch ng s tng t ngt. Cc thit b sao lu cao cp c th c mc gi gm 5 con s. Khi bn nh gi mt thit b lu tr, bn phi quan tm n cc chi ph thm vo ca thit b. Cc thit b sao lu s dng cc phng tin lu tr c th tho di, v d nh bng t hoc u quay a. Cc phng tin lu tr ny cho php bn c th lu cc bn sao d liu ca bn ti ni khc (offsite), v d nh trong hm an ton c kt st ca mt ngn hng no . Nu ta nh m h thng mng ca bn t ti b ph hy bi la hoc thm ha no , bn vn cn d liu v bn c th khi ng li hot ng ca h thng ti mt ni no . Do , ngoi vic mua mt thit b lu tr, bn cng phi mua thm cc phng tin lu tr. Mt s sn phm l c u c v l kinh t bi v thit b l kh ng t, tuy nhin sau mt thi gian di chy th n kh ng cn nh th na bi cc phng tin lu tr l qu t. Mt trong nhng phng php th ng thng nh gi cc thit b sao lu l xc nh chi ph trn mt MB (hoc GB) trong kh nng lu tr ca n. Chia gi ca cc phng tin lu tr cho s lng MB (hoc GB) n c th lu tr v s dng con s ny so snh vi chi ph ca cc thit b khc tng ng. ng nhin, trong mt s trng hp, bn c th cn thit phi hy sinh tnh kinh t c c kh nng tc hoc dung lng. Mt s thit b lu tr c kh nng tho ri c th s dng nh l thit b sao lu s c xem xt trong cc phn sau y: Cc thit b CD-ROM v DVD-ROM. S ph bin ca cc thit b CD-ROM c kh nng ghi, v d nh cc a compact disc-recordable (CD-R) v compact disc-rewritable (CD-RW), tng cng kh nng s dng ch ng nh cc thit b lu tr. Mc d dung lng ca mt a CD b gii hn xp x khong 650MB nhng vi chi ph thp ca cc a lu tr, ta c th xem vic s dng a CD nh l mt gii php c tnh kinh t, thm ch c khi cc a ny ch c s dng mt ln nh trong trng hp cc a CD-R. Hin ti gi c ca cc a DVD-ROM gim, s dng DVD-ROM thch hp hn CD-ROM bi v kh nng lu tr ca n ln hn rt nhiu (trn 4GB). Yu t ln nht trong vic s dng rng ri CD-ROM hay DVD-ROM sao lu l rt nhiu my tnh u QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 145 SAO LU V PHC HI D LIU c trang b cc thit b CD, DVD cho cc mc ch khc, do gim i s cn thit phi mua thm cc thit b sao lu chuyn dng khc.

    i vi vic sao lu mng, CD-ROM kh ng c s dng thng xuyn bi hu ht cc h thng mng u c hng gigabyte d liu gi tr sao lu, khi s yu cu rt nhiu vic thay a. DVD-ROM gim s lng a phi thay v c th ph hp vi cc h thng mng nh, tuy nhin ch ng vn kh ng dung lng sao lu mt cch hiu qu trong cc mng ca doanh nghip ln. Hn na, CD-ROM v DVD-ROM cng thng kh ng c cc sn phm phn mm sao lu mng h tr. Mc d cc thit b ny thng c gn km cc phn mm c kh nng sao lu hn ch (thng p dng cho cc nhim v sao lu h thng n, qui m nh), cc phn mm ny thng xuyn kh ng cung cp cc tnh nng cn thit sao lu mt h thng mng mt cch hiu qu. Cc a Cartrigde Mt trong nhng thit b lu tr th ng dng khc c th s dng d dng cho vic sao lu l cc a Cartrigde ( a c bc) c kh nng tho di. Cc sn phm nh Iomega ZIP hay JAZ c th c d ng nh cc a cng, tuy nhin ch ng li s dng cc Cartrigde c kh nng tho di. Cc thit b ny c gn vo trong h thng file ca my tnh v bn c th lm vic nh vi cc a cng. Cc Cartrigde ZIP cha kh ng nhiu hn 750MB, do ch ng c ngha thc t hn kh ng ng k so vi CD. Tuy nhin, cc JAZ c cc phin bn 1GB v 2GB, cho nhim v sao lu, thm ch cho mt h thng mng nh. Nhc im ca vic s dng thit b ny sao lu l chi ph cao ca cc phng tin lu tr. Mt Cartrigde 2GB cho JAZ c th c gi khong 125$ - nh vy l 6 cent trn mt MB t hn rt nhiu so vi hu ht cc thit b lu tr khc. Cc a bng t Thit b phn cng c s dng th ng dng nht cho nhim v sao lu d liu l cc bng t, tr ng ging nh thit b trong hnh 4-1. Kh ng ging nh a cng, a mm v a CD-ROM, bng t kh ng phi l thit b truy cp ngu nhin. iu ny c ngha l thit b kh ng th di chuyn u c ca n c bt k file c bit no trn bng t m kh ng phi cun qua tt c cc file nm trc n. Cng ging nh cc loi thit b bng t khc, v d nh audio v video, thit b ny tho bng t ra khi ng trc v ko n qua u c n khi tm c im trn bng t cha d liu m n cn. Kt qu l bn kh ng th gn mt bng t vo h thng file ca mt my QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 146 SAO LU V PHC HI D LIU tnh, cp cho n mt k t a v sao chp file vo nh bn lm vi cc a cng c. Mt chng trnh phn mm c yu cu nh a ch cho bng ny, gi d liu bn la chn n n lu tr v kh i phc d liu sau ny. iu ny c ngha l cc bng t rt t s dng cho cc nhim v khc ngoi sao lu, trong khi cc loi thit b lu tr c th tho di khc, v d nh a CD-ROM, c th s dng cho cc chc nng khc.

    Hnh 4-1: Mt bng t lu tr ngoi Cc a bng t l rt ph hp cho nhim v sao lu. Ch ng kh nhanh, c th cha mt lng ln d liu, c th lu tr lu di kh ng gii hn thi gian, v cc phng tin lu tr ca n c gi trn mt MB l thp th ng thng thp hn 1,5 cent trn mt MB. C rt nhiu dng thit b bng t, ch ng khc nhau v tc , dung lng v gi c. Nguyn tc chung cho cc thit b bng t l bn tr chi ph kh ln khi cn nhiu tc v dung lng. Cc sn phm loi cp thp nh cc bng t inch (QIC), gi ca ch ng vo khong 200$. C rt nhiu nh dng QIC khc nhau, vi dung lng ca mt cun bng t QIC trong khong t 150MB n 20GB. Cc sn phm cao cp trn th trng l cc thit b bng t s tuyn tnh (digital linear tape - DLT) v bng t tuyn tnh chun m (linear tape-open LTO) vi gi tr c th ln n vi ngn USD v c th cha hng trm GB trn mt bng t n. Cc c ng ngh bng t th ng thng c s dng sao lu c lit k trong Bng 4-1.

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 147

    Bng 4-1. Cc kiu thit b bng t SAO LU V PHC HI D LIU

    LU : Nn bng t. Dung lng ca cc thit b bng t th ng thng c phn chia thnh 2 loi, v d nh 40GB v 80GB. Cc con s ny th hin dung lng ca mt bng t cha nn v nn. Hu ht cc thit b bng t u c kh nng nn d liu bng phn cng c trang b sn, nhng dung lng trng m bn c th c thm khi nn th da vo kiu ca d liu c lu tr. Dung lng th ng thng m nh sn xut thit b s dng c gi nh da trn t l nn 2:1, y l t l nn in hnh p dng vi cc kiu file chy v cc dng file ng dng khc. Mt s loi file khc, v d nh file hnh nh m s dng cc nh dng cha nn nh BMP hay TIF, c th c nn vi t l cao hn nh 8:1. tuy nhin cc file hnh nh c nn nh file GIF hay JPG s kh ng th nn thm c na v c lu tr vi t l nn l 1:1. Cc Autochanger Trong mt s trng hp, thm ch cc thit b bng t c dung lng cao nht cng kh ng sao lu mt h thng mng vi cc d liu lin tc thay i. Mt h thng mng c th phi lm vic vi mt lng d liu rt ln sao lu hoc thi gian sao lu (backup window) rt nh. to ra mt gii php sao lu t ng vi dung lng ln hn kh nng cung cp ca mt bng t n, bn c th mua mt thit b c gi l autochanger (Thit b c kh nng np t ng). Mt autochanger (Th hin trong Hnh 4-2) l mt thit b phn cng c cha mt hoc nhiu a (th ng thng l cc bng t, tuy nhin cng c cc thit b autochanger s dng a quang v CD-ROM), mt dy cc a QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 148 SAO LU V PHC HI D LIU lu tr v mt kt cu robot my c th tro i cc a lu tr vo v ra khi a. i khi cc thit b ny cn c gi l jukeboxe hoc tape library. Khi cc tc v sao lu ghi y d liu vo mt bng t (hoc cc phng tin lu tr khc), kt cu robot ny s r t a t ny ra khi v nht mt a khc vo, sau tc v sao lu s tip tc. Thit b autochanger ny ng thi duy tr mt b nh ghi li a no cn cha s dng, th ng thng c gi l mt danh mc, v do n c th t ng np cc bng t tng ng cn tip tc nhim v.

    Hnh 4-2. Mt thit b autochanger s dng bng t Mt s autochanger l cc thit b nh vi mt ghi n v mt dy bn hoc nm bng t, trong khi rt nhiu thit b c bn hoc nm ghi v mt dy gm mt trm bng t hoc nhiu hn. Nu bn mua mt autochanger ln, bn c th to ra mt chin lc sao lu lu di, cho php nhim v sao lu ca bn lu n hot ng mt cch t ng hon ton vo mt thi gian nht nh hng tun. Tuy nhin, trc khi bn c th xem xt v cng c k hoch ca mnh mt ln na quyt nh mua mt thit b autochanger c kch thc nh ci t lnh kh ng bao gi phi np mt bng t bng tay, bn hy nn bit rng chi ph mua cc thit b ny l rt ln, ln mt cch ng kinh ngc v trong mt s trng hp c th t n mt con s c su ch s.

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 149

    La chn giao tip cho thit b SAO LU V PHC HI D LIU Cc thit b sao lu c th s dng bt k mt giao tip my tnh chun no, v d nh Thit b in t Tch hp (Integrated Device Electronics - IDE), ng Ni tip a nng (Uuniversal Serial Bus - USB), v Giao tip H thng My tnh Nh (Small Computer System Interface - SCSI), cng vi giao tip mi nht theo xu th ch yu hin nay, IEEE 1394 (FireWire). Mt s thit b sao lu thm ch cn c th kt ni n my tnh th ng qua cng song song mc d y ch l mt dng ca giao tip SCSI s dng cc cng khc. Giao tip th ng dng nht c s dng hin nay trong cc gii php sao lu mng cao cp l SCSI. Cc thit b SCSI hot ng c lp hn cc thit b s dng IDE, iu ny c ngha l cc chu trnh sao lu, thng phi c t mt thit b v ghi vo mt thit b khc trn c ng mt giao din, s hot ng hiu qu hn. Khi hai thit b IDE chia s mt knh th ch mt thit b c th hot ng. Mi thit b phi nhn, thc thi, v hon thnh mt lnh trc khi thit b kia c th nhn lnh tip theo. Mt khc, cc thit b SCSI c th duy tr mt hng i cc lnh m ch ng nhn c t cc thit b giao tip my tnh v thc thi ch ng mt cch tun t v c lp. Cc bng t th ng thng yu cu mt dng d liu lin tc ghi vo cc bng t vi hiu sut cao nht. Nu c s ngt qung lin tip trong dng d liu ny, iu hay xy ra vi cc giao tip IDE, thit b bng t phi lp i lp li vic khi ng v dng bng t (cn gi l shoeshining), iu ny lm gim tc v kh nng lu tr tng th ca n. Mt thit b SCSI c th thng xuyn hot ng lin tc m kh ng cn phi tm dng i cc thit b khc trn knh truyn. Mt thit b sao lu SCSI th ng thng t hn khi so snh vi cc thit b IDE tng ng bi v cc a yu cu nhiu linh kin in t hn v cng bi v bn phi c mt b giao tip SCSI c ci t trong my tnh. Hu ht cc thit b SCSI u c cc sn phm loi cm trong hoc nm ngoi

    my tnh. Thit b nm ngoi c cc b cp ngun ring ca n v chi tit ny s tn thm chi ph. Tuy nhin, cc chi ph thm cho cc thit b SCSI s ng gi cho cc gii php sao lu mng nhanh v ng tin cy. Phn mm sao lu Bn cnh phn cng, mt thnh phn chnh trong mt gii php sao lu mng l phn mm m bn s dng thc hin nhim v sao lu. Cc thit b lu tr c thit k cho cc gii php sao lu chuyn dng s kh ng ging nh cc phn h lu tr khc trong my tnh; mt sn phm phn QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 150 SAO LU V PHC HI D LIU mm c bit c yu cu ly d liu m bn cn sao lu v gi ch ng n a. Windows Server 2003 c km theo mt chng trnh phn mm sao lu cung cp chc nng c bn cho cc nhim v sao lu h thng n, nhng cng ging nh hu ht cc chng trnh sao lu i km h iu hn h, phn mm ny thiu cc tnh nng tin tin cn thit sao lu hiu qu trong mt m i trng mng phc tp. Chc nng chnh ca mt phn mm sao lu tt s c xem xt trong cc phn sau y. Kh nng la chn mc tiu. Chc nng c bn nht ca mt chng trnh phn mm sao lu l cho php bn la chn ci g bn mun sao lu, i khi cn c gi l mc tiu (Target). Mt chng trnh sao lu tt cho php bn lm vic ny theo rt nhiu cch. Trong hu ht cc trng hp, bn c th la chn Ton b my tnh Cc th mc xc nh trong mt a cng Cc file xc nh trong mt th mc S dng la chn trong cy. Hu ht cc chng trnh sao lu u cung cp mt cch hin th hnh cy m bn c th s dng la chn mc tiu cho tc v sao lu. Hnh 4-3 th hin giao din m chng trnh Backup ca Windows Server 2003 s dng la chn mc tiu sao lu. Cc a cng xc nh trong mt my tnh

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 151 SAO LU V PHC HI D LIU

    Hnh 4-3. Th Backup trong chng trnh Windows Server 2003 Backup Trong hu ht cc trng hp, bn kh ng cn thit phi sao lu mi d liu trong cc a ca my tnh. Nu mt a cng b xa hoc ph hy hon ton, bn c th phi ci t li h iu hnh trc khi bn kh i phc cc file t mt bng t sao lu v do vic sao lu mi file ca h iu hnh mi khi bn chy mt tc v sao lu l kh ng c gi tr nhiu. Tng t i vi cc ng dng, bn c th ci t li mt ng dng t b ci gc, do bn c th ch cn sao lu cc file d liu v cc thit lp cu hnh ca ng dng . Hn na, hu ht cc h iu hnh hin nay u to ra cc file tm khi chy, nhng file ny bn cng kh ng cn thit phi sao lu. V d Windows to ra file phn trang b nh c th c kch c hng trm hoc hng ngn MB. Bi v cc file ny c to ra t ng, bn c th tit kim dung lng trong cc bng t sao lu ca bn bng cch b qua file ny v cc file

    tng t trong cc tc v sao lu. S la chn ng n cc mc tiu sao lu c ngha trong trng hp hoc bn c th lu va ton b d liu cn sao lu vo trong mt bng t hoc c th bn phi li mun sau gi lm vic nht bng t th hai vo trong a. S dng cc Filter (B lc). Vic la chn cc file, th mc v cng ring r m bn mun sao lu c th kh nhm chn trong mt mng ln, do rt nhiu cc chng trnh sao lu cung cp mt cch khc la chn mc tiu. Mt trong nhng phng php th ng dng l s dng b lc, cho php QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 152 SAO LU V PHC HI D LIU phn mm nh gi tng file v th mc trn mt a cng v sau quyt nh liu c sao lu kh ng. Cc chng trnh phn mm sao lu in hnh c h tr b lc thng cho php bn s dng cc b lc bao hm v b lc loi tr; c ngha l mt b lc c th nhn bit cc file bn mun sao lu hoc cc file bn mun loi b ra khi qu trnh sao lu. Mt chng trnh sao lu tt cung cp rt nhiu b lc cho php bn la chon mc tiu da trn cc th ng s sau y: Tn file v th mc. Vic chn tng file v th mc bng b lc l kh ng d hn cch hin th bng cy th mc, tuy nhin kh nng s dng cc k t i din trong tn file v th mc l mt tnh nng rt mnh. Bn c th s dng cc du hi (?) i din cho cc k t n hoc du hoa th (*) i din cho nhiu k t. V d to ra mt b lc loi tr s dng i din file *.tmp s loi b cc file c phn m rng l .tmp (th ng thng c s dng cho cc file tm) trong tc v sao lu. Kch thc file. B lc da trn kch thc file cho php bn loi tr cc file c ln zero ra khi tc v sao lu hoc loi tr cc file rt ln, v d nh file phn trang b nh Pagefile.sys Ngy gi ca file. Mt h thng file s duy tr ti thiu mt th ng s ngy v gi cho mi file lu tr, in hnh l cc th ng tin khi file c chnh sa gn y nht. Mt s h thng file, v d nh h thng file Windows NTFS, bao gm rt nhiu th ng tin ngy gi cho mi file, v d nh thi im file c to ra, thi im file c truy cp ln cui c ng, v thi im file c chnh sa ln cui. B lc da trn cc th ng s thi gian ny cho php bn sao lu ch cc file thay i t mt thi im nht nh hoc ch cc file c hn mt ngy xc nh no . Thuc tnh ca file. Thuc tnh l cc c gi tr 1-bit c gn km theo cc file cho bit cc c tnh ca ch ng. Hu ht cc h thng file h tr bn thuc tnh DOS chun, l H Thuc tnh n, R - thuc tnh Ch c, S thuc tnh H thng v A thuc tnh Lu tr, tuy nhin mt s h thng file cn c cc thuc tnh khc na. Phn ln cc chng trnh sao lu u da ch yu vo cc b lc thuc tnh lm nhim v sao lu, iu ny cho php ch ng sao lu ch cc file thay i t ln sao lu gn nht trc . Kiu b lc ny l kiu c bn s dng cho cc tc v sao lu incremental (Tng ln) v differential (vi sai). LU : B lc trong Windows Server 2003 Backup. Chng trnh sao lu Windows Server 2003 Backup cho php bn to ra cc b lc t y chn theo tn file v th mc loi b cc file c bit ra khi tc v sao lu. Tuy nhin, chng trnh ny kh ng h tr cc QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 153 SAO LU V PHC HI D LIU b lc bao hm hoc cc b lc kch thc, ngy/gi v thuc tnh ngoi cc b lc sn c trong cc tc v sao lu chun.

    Hiu bit v cc kiu tc v sao lu. Hu ht, tuy nhin kh ng phi l tt c, cc phn mm sao lu u bao gm mt lot cc kiu tc v sao lu chun m thc cht l vic kt hp cc b lc cu hnh trc. V d chng trnh Windows Server 2003 Backup cho php bn la chn t nm kiu tc v sau (Th hin trong Hnh 4-4): Normal (Th ng thng). Sao lu tt c cc file vo phng tin lu tr v t li bit lu tr trong mi file ch nh rng cc file ny c sao lu. Copy (Sao chp). Sao lu tt c cc file vo phng tin lu tr v kh ng t li bit lu tr ca cc file ny. Differential (Vi sai). Ch sao lu cc file thay i t ln sao lu Normal gn y nht v kh ng t li bit lu tr ca ch ng. Incremental (tng ln). Chi sao lu cc file thay i t cc ln sao luu Normal hoc Incremental gn y nht v t li bit lu tr ca cc file Daily (Hng ngy). Ch sao lu cc file m c to ra hoc chnh sa ngy h m nay v kh ng t li bit lu tr trong cc file .

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 154 SAO LU V PHC HI D LIU

    Hnh 4-4: Th Backup Type trong hp thoi Option ca chng trnh Windows Server 2003 Backup Kiu c bn nht ca tc v sao lu l sao lu y ton b (cn gi l sao lu normal trong Windows Server 2003 Backup), kiu ny s sao chp ton b cc mc tiu la chn vo bng t hay cc phng tin sao lu khc. Bn c th thc hin vic sao lu y hng ngy, nu bn mun, hoc ch lm th mi khi bn tin hnh sao lu mt my tnh c th no . Tuy nhin, vic lm nh th c th kh ng thc t do cc l do sau: C qu nhiu d liu sao lu. Cc a cng in hnh trong cc my tnh ngy nay cha nhiu d liu hn bao gi ht v trong mt mng ln, tng dung lng lu tr c th d dng t ti hng ngn GB. Tr khi bn mun tiu rt nhiu tin vo cc bng t lu tr v phn cng autochanger, cn li nu bn sao lu ton b d liu trong mi my tnh hng ngy l kh ng kh thi ch t no. Khng c thi gian tin hnh sao lu. Hu ht cc qun tr mng u lp lch sao lu mng vic ny c tin hnh vo bui m hoc khi ht gi lm vic. Sao lu trong thi gian kh ng lm vic s cho php chng trnh sao lu kh ng phi b qua cc file ang QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 155 SAO LU V PHC HI D LIU trong trng thi m v n cng ti thiu ha cc tc ng n lu lng mng gy ra bi cc qu trnh sao lu t xa. i vi mt s doanh nghip, thi gian tin hnh sao lu l kh ng sao lu ton b h thng mng tr khi s dng rt nhiu thit b sao lu tc cao. C qu nhiu d liu d tha. Hu ht cc d liu lu trong mt cng ca my tnh in hnh l d liu tnh; n kh ng thay i hng ngy. Cc file ng dng v file h iu hnh kh ng bao gi thay i, v mt s file ti liu vn bn c th tn ti lu di m kh ng c ngi d ng no thay i n c. Sao lu cc file nh vy hng ngy c ngha l lu cc d liu ging nhau vo bng t mi mi v mi mi, rt tn thi gian v phng tin lu tr. LI KHUYN. Lu tr trn my ch. Mc d dng ca sao lu l mt trong nhng l do m nhiu qun tr mng yu cu ngi d ng lu cc file d liu ca h trn my ch hn l trn cc a

    cng ca my trm ni b. Bng cch cp cho mi ngi d ng mt home directory (th mc gc ring) trn mt my ch, ta c kh nng sao lu cc file d liu ca ngi d ng bng vic sao lu mt my ch n thay cho vic phi cu hnh phn mm sao lu kt ni n mi my trm hng ngy. lu bng t v lm ngn thi gian sao lu, rt nhiu qun tr h thng tin hnh sao lu y mt ln trong mt tun hoc thm ch t hn. Gia cc ln sao lu y , h tin hnh cc kiu sao lu c bit khc m ch sao lu cc file c chnh sa gn y. Kiu tc v sao lu ny c gi l incremental backup v differential backup (Sao lu phn thay i v sao lu vi sai). Incremental backup l tc v sao lu m ch sao lu cc file thay i t bt k ln sao lu no trc . Differential backup l tc v sao lu m ch sao lu cc file thay i t ln sao lu y trc . Phn mm sao lu s lc cc file cho cc tc v ny bng cch s dng thuc tnh Lu tr, cn c gi l archive bit (bit lu tr), m mi file trong my tnh u c. Thc t bit lu tr kh ng chnh sa cc chc nng ca file ging nh cc thuc tnh Ch c v n, n ch n gin l mt bit nh du phn mm sao lu s dng xc nh liu c sao lu file ny kh ng. Trng thi ca cc bit lu ny trong cc tc v sao lu in hnh nh sau: 1. Khi mt file c ghi vo trong a cng my tnh ln u tin, bit lu ca n c kch hot, gi tr ca n c thit lp l 1. QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 156

    2. SAO LU V PHC HI D LIU Trong ln sao lu y u tin bn tin hnh trn my tnh, phn mm sao lu s sao lu ton b ni dung ca a cng v ng thi t li (ngha l a gi tr ny v 0) bit lu tr ca tt c cc file. Ti thi im ny, bn c mt bn sao lu y ca a cng trn bng t v kh ng mt file no trn a cng c bit lu tr c kch hot. 3. Khi bt k mt file trn a cng c chnh sa bi bt k ng dng hoc tin trnh no, h thng file s ti kch hot bit lu tr ca file 4. Trong ln sao lu tip theo, bn tin hnh mt tc v sao lu kiu incremental hoc differential. Phn mm sao lu s qut tt c cc bit lu tr ca cc file trn a cng v ch sao lu cc file c bit lu tr ang c kch hot. Ti thi im ny, bn c mt bn sao lu y ca ton b a cng v mt bn sao lu ca tt c cc file thay i t ln sao lu y trc. Nu s c hoc thm ha xy ra dn n ton b ni dung ca a cng b mt, bn c th kh i phc v trng thi hin ti bng cch tin hnh kh i phc t bng t sao lu y trc, sau kh i phc t bng t incremental hay differential, cho php phin bn thay i ca cc file ghi ln phin bn gc. Bi v cc cc bn sao lu incremental hay differential ch cha mt phn ca ni dung a nn ch ng s chy nhanh hn v tn t bng t hn l sao lu y . Mt chin lc sao lu mng in hnh bao gm mt ln sao lu y vo mt ngy trong tun v cc tc v sao lu incremental hoc differential trong cc ngy cn li. Vi cch b tr ny, bn lu n lu n c th kh i phc c a cng v trng thi gc m kh ng mt qu 24 gi. Khc nhau gia mt tc v sao lu incremental v differential nm cch

    x l ca phn mm sao lu khi n t li hoc kh ng t li bit lu tr ca cc file m n sao chp vo bng t. Tc v sao lu incremental s t li bit lu tr cn differential th kh ng. Vic chy cc tc v sao lu incremental hay differential thng xuyn cho php t ng ha ch sao lu ca bn m kh ng tn nhiu phn cng. V d bn sao lu y ca bn tng s l 50GB, bn c th mua mt thit b a 20GB. Bn s phi t tay nht hai bng t thm vo trong qu trnh sao lu y , mt tun mt ln, tuy nhin bn c th chy cc tc v sao lu incremental hay differential trong cc ngy cn li trong tun s dng ch mt tape cho mi ln, iu ny c ngha l tc v ny c th chy t ng m kh ng cn phi gim st. S dng sao lu Incremental. iu ny c ngha l khi bn chy mt tc v sao lu Incremental, bn ch sao lu cc file thay i t ln sao lu QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 157 SAO LU V PHC HI D LIU trc gn nht, ln c th l sao lu y hoc sao lu incremental. Thc hin sao lu Incremental gia cc ln sao lu y s s dng t bng t nht, tuy nhin iu ny cng ko di thi gian kh i phc. Nu bn phi kh i phc li ton b my tnh, u tin bn phi kh i phc t bng t sao lu y trc, sau bn phi tip tc kh i phc theo th t cc ln sao lu Incremental sau ln kh i phc y . V d, bn c th xem xt lch sao lu th hin trong Bng 4-2: Bng 4-2: Lch sao lu mu theo kiu Incremental

    Bn sao lu ngy Ch nht l bn sao y duy nht ca a cng my tnh v mi bn sao lu Incremental cha cc file thay i trong 24 gi trc. Bi v Data1.txt thay i hng ngy, n xut hin trong mi bn sao lu incremental. Bit lu ca file ny c kch hot mi ln n thay i v mi ln sao lu incremental s t li bit ny ln na. Data2.txt thay i ch mt ln vo th T nn n ch xut hin trong bn sao lu y v bn sao lu incremental ca ngy th T. Data3.txt thay i hai ln vo ngy th Ba v th Nm, do n xut hin trong bn sao lu y v bn sao lu incremental ca ngy th ba v th nm. Nu cc a cng trong my tnh b trc trc trong ngy th Su, hu qu l mi d liu u b mt ht, bn c th bt u qu trnh kh i phc bng cch kh i phc bn sao lu y ca ngy Ch nht gn nht, sau bn s phi kh i phc cc bn sao lu incremental ca ngy th Hai, th Ba, th T v th Nm theo ng th t sau bn sao lu y . Kt qu ca qu trnh kh i phc l ba file d liu s nh sau: Data1.txt. Bn sao chp gc t ln sao lu y s b ghi bi bn sao chp mi hn trong cc ln kh i phc incremental, li phin bn mi nht (ca th Nm) trn a cng sau khi qu trnh kh i phc chm dt. Data2.txt. Bn sao chp gc t ln sao lu y ngy Ch nht s

    c duy tr trn a cng n khi kh i phc bn sao lu incremental QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 158 SAO LU V PHC HI D LIU ca ngy th T, n l c phin bn mi nht (ngy th T) s ghi phin bn ca ngy Ch nht. Phin bn ca ngy th T s cn li trn a cng sau khi qu trnh kh i phc chm dt. Data3.txt. Bn sao chp gc t ln sao lu y ngy Ch nht s b ghi hai ln, ln u bi phin bn ca ln sao lu incremental ngy th Ba v sau l bi phin bn ca ln sao lu incremental ngy th Nm, li phin bn mi nht (ca th Nm) trn a cng sau khi qu trnh kh i phc chm dt. LU : Kh i phc Incremental. Khi bn kh i phc t cc bn sao lu Incremental, th t ca cc bng t bn kh i phc l rt quan trng. Bn phi kh i phc cc phin bn Incremental theo th t ng nhu khi n c ghi vo, nu kh ng bn c th kt th c vi phin bn c ca file ghi ln phin bn mi nht. S dng sao lu Differential. Nu bn tin hnh cc bc sao lu ging nh trn nhng thay cc tc v incremental bng differential, kt qu s c nh trong Bng 4-3. Bng 4-3. Lch sao lu mu theo kiu Differential

    Bi v cc file Data1.txt thay i hng ngy, n s xut hin trong tt c bn sao lu differential, cng nh khi n xut hin trong cc ln incremental. Tuy nhin, bi v cc tc v differential kh ng t li bit lu tr trong cc file n sao lu, nn khi mt file xut hin trong mt ln differential, n s xut hin trong mi ln tip theo cho n ln sao lu y k tip. Do , file Data2.txt ln u tin xut hin trong bn incremental ngy th T s ng thi c sao lu trong cc ngy th Nm, th Su v th By bi v bit lu tr ca n vn cn c kch hot. Cng ging nh th, file Data3.txt m xut hin ln u tin trong bn differential ngy th Ba cng s xut hin trong tt c cc bn sao lu differential tip theo tr bn Differential vo ngy th Nm, y l phin bn mi hn bn c sao lu hng m QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 159 SAO LU V PHC HI D LIU trc . Cc bit lu tr ca ba file ny kh ng c t li cho n ln sao lu y tip theo, din ra vo ngy Ch nht k tip. Khi bn s dng cc sao lu differential, tc v ny din ra lu hn v s dng nhiu bng t hn mt ch t bi v trong mt s trng hp, bn phi sao lu cc file ging nhau trong vi ngy lin tip. Tuy nhin, kh i phc t

    cc ln sao lu differential s n gin hn v nhanh hn bi v bi v bn ch phi kh i phc bn sao lu y v bn sao lu differential gn nht. Nu a trong v d ny b s c trong ngy th By, bn ch phi kh i phc bn sao lu y ca ngy Ch nht trc v bn sao lu differential ca ngy h m trc (Th Su). Bng t ca ngy th Su s cha cc file Data1.txt, Data2.txt v Data3.txt trong n. Phin bn ca Data1.txt s l ca ngy th Su, Data2.txt s l phin bn ca ngy th T v Data3.txt s l phin bn ca ngy th Nm. S dng cc tc v Copy v Daily. Cc chng trnh phn mm sao lu cho php bn tin hnh cc kiu sao lu Norman, incremental v differential, tuy nhin ng dng Windows Server 2003 Backup cn bao gm thm hai tnh nng m kh ng nht thit s c trn cc sn phm phn mm khc. Mt tc v sao lu Daily (Hng ngy) s dng mt b lc da trn ngy thay cho da trn cc bit lu ch sao lu cc file c to ra hoc thay i trong ngy m tc v sao lu ny chy. Mt tc v sao lu kiu Copy (Sao chp) ging nh mt tc v sao lu y ngoi tr vic phn mm sao lu ny kh ng chnh sa gi tr ca bit lu tr trong cc file m n sao chp ra bng t. Bn c th s dng kiu sao lu Copy tin hnh cc bn sao lu y vo bt k thi im no, v d nh cho cc thit b lu tr ngoi h thng, m kh ng nh hng n trnh t u n thng xuyn ca cc tc v sao lu y v incremental hoc differential. LU . Cc tn ca tc v sao lu. Ch c chng trnh Windows Server 2003 Backup s dng tn ca tc v sao lu y l Normal v kh ng c g l nu cc chng trnh phn mm sao lu khc s dng cc tn khc nhau khi cp n cc kiu sao lu c bn. Lp lch cho cc tc v Mi sn phm sao lu u cho php bn to ra cc tc v sao lu v thc hin ch ng ngay lp tc, nhng cha kha cho vic t ng ha cc chu trnh sao lu l kh nng lp lch cc tc v sao lu thc hin m kh ng cn gim st. Kh ng phi tt c cc chng trnh sao lu trang b c ng h iu hnh hoc thit k cho cc my tnh n u h tr kh nng lp lch, nhng mi sn phm phn mm sao lu mng u c. QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 160 SAO LU V PHC HI D LIU LU . Mc ch ca k thi. Mc ch ca k thi 70-290 l hc vin c kh nng lp lch cho cc tc v sao lu Hu ht cc doanh nghip u tin hnh cc tc v sao lu incremental hoc dif e

    hng ngy v mt ln sao lu y mt ln trong tun. Cch b tr ny cung cp mt s cn bng tt gia kh nng bo v vi thi gian v phng tin lu tr dnh cho nhim v sao lu l rt hp l. Trng hp l tng cho mt qun tr mng l d liu ca mi ln sao lu incremental hay differential hng ngy s cha va trong mt bng t n. iu ny cho php ngi qun tr c th lp lch cho cc tc v ny c th chy kh ng cn gim st khi vn phng ng ca v h thng mng ang ri ri. Kt qu l mi ti nguyn u sn sng cho nhim v sao lu v hiu su

    c ca ngi d ng kh ng b gim bi s nghn mng do cc lu

    lng d liu trong qu trnh sao lu, ng thi kh ng cn phi c ngi thay th cc phng tin lu tr. Khi bn c mt lch sao lu, bn ch cn n gin nht ng cc bng t vo cc a mi ngy. Cc ln sao lu y c th yu cu nhiu hn mt bng t v do vy ai phi c mt thay th cc phng tin lu tr. LI KHUYN. La chn phn cng sao lu. Kh nng to ra cc lch sao lu t ng kh ng cn gim st l nhn t quan trng nht xem xt khi bn nh gi cc sn phm phn cng sao lu. Trc khi la chn mt a, bn nn c lng dung lng d liu m bn s phi sao lu mi ngy (c tnh n c phn d liu tng trng) v xem xt cc a c th lu tr ti thiu l lng d liu trn trong mt bng t n. Cc chng trnh sao lu s dng rt nhiu phng php thi hnh cc tc v t ng. Chng trnh Windows Server 2003 Backup thm cc tc v ny vo trong danh sch Scheduled Tasks ca h iu hnh; cc chng trnh khc thng cung cp chng trnh hoc dch v ring ca ch ng m lin tc chy v kch hot cc tc v ti cc thi im tng ng. Mt s sn phm sao lu mng cao cp c th s dng dch v th mc v d nh Microsofts Active Directory hay Novells eDirectory lp lch. Cc chng trnh ny chnh sa schema (lc ) ca th mc (m cho bit kiu i tng no c th tn ti trong th mc) to ra cc i tng th hin hng i ca tc v ch c x l. ,Chu trnh lp lch ca cc phn mm sao lu l ging nhau, kh ng ph thuc vo k thut no m ch ng s dng np cc tc v. Bn c th ch ra liu bn c mun thc hin tc v mt ln hay lp li ti cc thi im xc nh mi ngy, tun hoc thng, s dng mt giao din ging nh chng QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 161 SAO LU V PHC HI D LIU trnh Windows Server 2003 Backup (Th hin trong Hnh 4-5). Mt tng ca tnh nng lp lch l cho ngi qun tr mng to ra s tun t logic ca cc tc v sao lu m t thc hin bi chnh ch ng sau cc khong thi gian lp u n. Sau khi ngi qun tr mng lm iu , hnh ng duy nht yu cu l thay i cc bng t mi ngy. Nu bn c mt thit b autochanger, bn thm ch cn c th loi b thao tc ny v to ra mt tc v sao lu tun t chy hng tun hoc hng thng m kh ng cn phi gim st mt ch t no.

    Hnh 4-5. Hp thoi 2003 Backup

    Schedule Job ca chng trnh

    Windows Server

    Duy tr cc nht k sao lu (Backup Logs). Khi mt tc v sao lu chy, phn mm truy cp vo mc tiu xc nh v lu d liu vo trong a sao lu theo cc cch thch hp. Do chc nng vn c ca cc phng tin lu tr thng c s dng cho sao lu, nn vic d liu i n thit b lu tr mt cch n nh v vi mt tc thch hp l iu rt quan trng. Phn mm, v vy, phi c thit k xc nh cc a theo cc phng thc thch hp i vi cc thit b ny. Khi phn mm a d liu vo trong bng, n cng ng thi theo di cc hot ng ca phn mm. Hu ht cc sn phm phn mm c th duy tr mt nht k cc chu trnh sao lu khi n din ra. Bn c th thng xuyn ch nh mc chi tit ca nht k, v d nh liu n c cha mt danh sch hon chnh ca mi file c sao lu hay ch ghi li cc s kin chnh QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 162 SAO LU V PHC HI D LIU din 2003 trnh None ra trong qu trnh sao lu. Chng trnh Backup trong Windows Server s dng mt giao din nh trong Hnh 4-6 xc nh liu chng s gi mt nht k Detail (Chi tit), mt bn Summary (Tng kt) hay (Kh ng lu nht k no c).

    Hnh 4-6. Th Backup Log trong hp thoi Options ca chng trnh Windows Server 2003 Backup. Trong hu ht cc trng hp, mt nht k chi tit ca tc v sao lu l kh ng cn thit. Kiu nht k ny thng cha mt danh sch cc file m chng trnh thc hin sao lu (Th hin trong Hnh 4-7) v do tc v sao lu thng cha hng ngn file nn mt nht k chi tit c th rt di v cc mc cn ch (v d nh li) li rt kh tm kim. Vic xem kch thc ca cc file nht k cng l rt quan trng, nht l khi bn cu hnh duy

    tr mc rt chi tit. Cc file ny c th tng dung lng rt nhanh v c th s dng ht dung lng trng trn a cng ni ch ng c lu tr.

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 163 SAO LU V PHC HI D LIU

    Hnh 4-7. Mt bn nht k sao lu ca chng trnh Windows Server 2003 Backup Vic kim tra nh k cc nht k l mt phn thit yu ca vic qun tr chng trnh sao lu mng. Cc nht k cho bn bit khi no cc file c th no b b qua do l do bt k no , v d nh khi file ang c m bi ng dng hoc kh ng th tm thy my tnh m ch ng c lu trn . Nht k cng cho bn bit khi no li xy ra trn cc a sao lu hoc trn mt trong cc my tnh nm trong chu trnh sao lu. Mt s sn phm phn mm sao lu cn c th to ra cc cnh bo khi li xy ra, th ng bo cho bn bng cch gi i cc th ng ip trng thi ti mt bng iu khin qun tr mng, bng cch gi cho bn mt th ng ip email hoc bng cc phng php khc. LU . Mc ch ca k thi. Mc ch ca k thi l hc vin phi c kh nng xc nhn s hon thnh ca cc tc v sao lu Cataloging (Lp mc lc) Bn cnh nhim v ghi nht k cc hot ng ca mnh, cc chng trnh

    phn mm sao lu cn lp mc lc cho cc file ch ng sao lu lm cho qu trnh kh i phc sau ny c d dng hn. Mt mc lc bn cht l mt danh sch cc file m phn mm sao lu li trong cc tc v sao lu. kh i phc cc file t cc phng tin sao lu, bn duyt qua mc lc v la chn cc file, th mc hay a m bn mun kh i phc. Cc sn phm phn mm sao lu khc nhau s lu th mc theo cc cch khc nhau. Cc chng trnh cp thp, v d nh cc phn mm sao lu cho cc my tnh n, thng lu mc lc cho mi bng t trong chnh cc bng t ny. Vn QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 164 SAO LU V PHC HI D LIU vi phng php ny l bn phi a mt bng t vo trong bng th mi c c mc lc v duyt cc file trn bng t . Cc chng trnh sao lu mng c ng phu hn c cc phng thc tip cn khc nhau bng cc duy tr mt CSDL ca cc mc lc cho mi bng t sao lu trong my tnh, n i m phn mm sao lu ny c ci t. CSDL ny cho php bn duyt qua cc mc lc ca tt c cc bng t v bn c th la chn kh i phc bt k phin bn no ca file hoc th mc. Trong mt s trng hp, bn c th xem ni dung ca cc CSDL ny theo cc cch khc nhau, v d nh theo my tnh, a hay th mc ni lu tr gc ca cc file ny, theo cc tc v sao lu hoc theo cc bng t hay cc tn khc ca phng tin lu tr. Sau khi bn la chn, chng trnh s nh v bng t no cha cc file hay th mc bn cn; bn a n vo trong bng v qu trnh kh i phc s c tin hnh. Cc tnh nng ca CSDL c th s dng rt nhiu kh ng gian a trn my tnh v nhp x l ca b vi x l, tuy nhin ch ng li tng cng rt nhiu kh nng cho phn mm, c bit l trong m i trng mng. LU . CSDL sao lu. Cc sn phm phn mm sao lu da trn CSDL thng lu mt bn sao ca CSDL trn cc bng t ng thi trn cc a cng my tnh. Vi tnh nng ny, nu my tnh d ng chy cc tc v sao lu ca bn b hng a cng th bn vn c th kh i phc cc c CSDL ny. Rt nhiu sn phm ng thi cho php bn xy dng li CSDL trn my tnh bng cch c ni dung ca bng t v chuyn cc ch mc ca n sang mt file CSDL mi. Quay vng s dng cc phng tin sao lu. Mt s qun tr mng kh tnh s dng cc bng t mi cho cc tc v sao lu v lu ch ng lu di. Tuy nhin, cch lm ny kh tn km. Vic s dng li cc bng t sao lu l th ng dng hn. lm tt iu ny, bn phi nh ra chnh sch quay vng cc phng tin sao lu mt cch cn thn kh ng v tnh ghi mt bng t no sau ny. Bn c th t to chnh sch ring ca mnh, tuy nhin mt s phn mm sao lu s lm vic ny cho bn. LU . Mc ch ca k thi. Mc ch ca k thi 70-290 ch ra rng hc vin phi c kh nng qun l cc phng tin sao lu Mt trong nhng chnh sch quay vng phng tin sao lu th ng dng nht c gi l phng php Grandfather-Father-Son (ng-B-Con). Trong phng php ny, cc khi nim ng, B v Con tham chiu tng ng n QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 165 SAO LU V PHC HI D LIU cc bng t hng thng, hng tun v hng ngy. Vi cc tc v sao lu

    hng ngy, bn c mt tp cc bng t mc con c s dng li hng tun. i vi cc tc v sao lu hng tun, bn c cc bng t mc cha c s dng li hng thng. Sau , vo mi thng, bn tin hnh thm mt ln sao lu y vo tp cc bng t mc ng, cc bng t ny c s dng li hng nm. Phng thc ny cho php bn tin hnh kh i phc mt cch hon chnh ti bt k thi im no v duy tr danh mc cc file trong mt nm ca bn. Ngoi ra cn c cc chnh sch sao lu khc c th thay i mc phc tp v s tin dng, t y vo sn phm phn mm sao lu. Khi chng trnh phn mm thc thi chnh sch quay vng, n cung cp mt lch trnh cho cc tc v (m bn c th chnh sa cc tc v c thc hin ti cc thi gian xc nh trong ngy), cho bn bit tn cn ghi trn mi bng t s dng n v khi bn bt u s dng li cc bng t ny, n s cho bn bit bng t no cn cho vo bng cho mi tc v. Kt qu cui c ng l bn duy tr mt bn ghi lu di cc d liu ca bn trong khi li s dng ti thiu s lng bng t m kh ng s ghi ln bt c mt bng t no bn cn. h h thit b Cu n Bi v cc sao lu chuyn dng ch c th truy cp c th ng qua vic s dng cc chng trnh c bit nn hu ht cc chng trnh sao lu u c cc i g ao din cho php bn tng tc trc tip vi cc bng thc hin cc tc v sau: nh dng bng t. Mi bng t u phi c nh dng trc khi phn mm sao lu c th ghi d liu vo. Phn ln cc phn mm sao lu u t ng nh dng bng t mi khi bt u tc v sao lu, tuy nhin ch ng ta vn c th nh dng mt cch th c ng. Cc dng khc nhau ca cc cun bng t yu cu cc kiu nh dng khc nhau. Mt s nh dng cn yu cu ton b bng t phi c ghi li trong khi mt s loi ch yu cu ghi mt header ( mc) mi ti phn u ca bng t. Vic nh dng s ghi tt c cc d liu hin ang c trn bng t. Xa bng t. Xa mt bng t thnh thong ch n gin l ti nh dng li bi v qu trnh ti nh dng s ghi li ton b chiu di ca cun bng. i vi mt s loi bng t khc, ti nh dng ch l thay th header v phn cn li ca bng t l kh ng thay i. Phn ln cc sn phm phn mm sao lu mng u cho php bn xa d liu t bt k bng t no bng cch ghi ln ton b chiu di ca cun bng do mc ch bo mt. iu ny kh ng c ngha l ton b QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 166 SAO LU V PHC HI D LIU d liu kh ng th ti to li bng cc phng php khc, tr bn thn phn mm sao lu kh ng th c c cc d liu b xa khi bng t. Duy tr bng t. Mt s dng bng t c th cait thin c tnh trng ca n nh vic Duy tr Bng t,, trong bng s quay bng t t u n cui cun bng v li quay ngc tr li m bo rng ton b chiu di ca bng t c qun vo trong ng cun vi

    cng u n. Sn phm phn mm c kh nng ny thng ch lm nh trn i vi mt s loi bng t cn thit thc hin ng tc ny. a nn. Hu ht cc nh sn xut bng t hin nay u tch hp kh nng nn d liu vo trong sn phm phn cng ca mnh v cc chng trnh phn mm sao lu cng thng cung cp kh nng la chn tt hoc bt chc nng nn ca phn cng a. Mt s chng trnh cn cung cp kh nng t nn da vo phn mm s dng vi cc thit b kh ng c kh nng nn bng phn cng. Tuy nhin, kh nng s dng ca nn bng phn cng lu n c a thch hn nn bng phn mm bi v vic nn bng phn mm s tiu tn mt lng ti nguyn ca b vi x l my tnh. Thc hin phc hi. Kh i phc d liu t cc bn sao lu, tt nhin, l l do duy nht to nn cc bn sao lu nh trong phn trc. Cm gic thanh thn ca bn khi xem v duyt cc file kh i phc l mt trong nhng tnh nng quan trng ca k phn mm sao lu no. iu ct yu l bn nn tin hnh th nghim bt mt cch nh k kh nng kh i phc d liu t cc bng t sao lu hoc cc phng tin lu tr khc m bo bn c kh nng ly li mi d liu b mt. Thm ch khi cc tc v sao lu ca bn dng nh thnh c ng hon ton v cc file nht k ch ra rng mi d liu u c sao lu, kh ng c bi kim tra kh nng ca cc tc v sao lu no tin cy bng vic kh i phc thc t t chnh cc bn sao lu . C rt nhiu cu chuyn ly k v nhng ngi qun tr mng, thc hin sao lu hng ngy, nhng ch n khi c mt s c xy ra mi bit c rng cc bng t dn nhn cn thn kia u trng rng do mt a hot ng kh ng c tt. LU . Mc ch ca k thi. Mc ch ca k thi ch ra rng hc vin phi c kh nng kh i phc cc d liu sao lu. Mc d tin hnh sao lu u n l mt bin php d phng bo v d liu khi thm cnh mt ton b cng nhng phn ln cc tc v kh i phc QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 167 SAO LU V PHC HI D LIU tin hnh trong m i trng mng li thng ch v mt s file m ngi d ng v tnh xa i mt. Nh cp trn, kh nng to mc lc ca cc phn mm sao lu l mt phn quan trng ca qu trnh kh i phc. Nu ngi d ng cn kh i phc mt s file v bn phi nht ht bng t n bng t kia vo trong a nh v ra cc file th thi gian ca mi ngi ang b lng ph. Mt chng trnh sao lu vi mt CSDL s cho php bn tm kim cc file c bit , lm cho nhim v ca bn d dng hn ng thi cho php bn c th kh i phc bt k file no trong vi ph t. Nhim v kh i phc cng tng t nh nhim v sao lu trong bn la chn file hoc th mc no m bn mun kh i phc, s dng mt giao din tr ng ging nh trong Hnh 4-8. Khi bn to ra mt bn sao lu, mt phn mm sao lu th ng thng s cho php bn cu hnh cc tham s sau y: La chn file. Bn s c th la chn bt k s kt hp no ca cc file, th mc hay a trn bt k bng t no. Mt s phn mm sao lu cho php bn chuyn qua gia cch nhn phng tin lu tr, trong hin th ni dung ca tng bng t trong t a, v cch nhn a, trong hin th cc mc tiu sao lu v mt danh sch cc phin bn khc nhau ca tng file c trong rt nhiu cc bng t. V tr kh i phc. Bn s c kh nng la chn kh i phc cc file bn chn vo v tr gc ca n mt cch t ng hoc ch ra a im thay th; bn s c kh nng ti to li cy th mc gc hoc chuyn tt c cc file vo trong mt th mc n.

    La chn ghi . Khi kh i phc cc file vo v tr gc ca n, bn s phi ch ra cc lut cho php ghi cc file c vi c ng tn da trn ngy ca ch ng hoc cc th ng s khc.

    Hnh 4-8. Th Restore And Manage Media trong chng trnh Windows Server 2003 Backup QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 168 SAO LU V PHC HI D LIU Cc tnh nng la chn thm ca sao lu mng Khi bn ang pht trin mt gii php sao lu cho mt h thng mng, mt iu rt quan trng l bn la chn sn phm phn mm sao lu c thit k cho mc ch sao lu mng. S khc nhau chnh gia phn mm sao lu mng v mt ng dng thit k cho cc h thng n l n c kh nng sao lu cc my tnh khc trong mng. iu ny c ngha l bn c th mua mt a sao lu v s dng n bo v ton mng. Rt nhiu sn phm sao lu n c th truy cp cc a cng trn cc my tnh mng, tuy nhin mt sn phm sao lu mng hon chnh cn c kh nng sao lu cc tnh nng quan trng ca h iu hnh trn cc my tnh khc, v d nh Windows registry v CSDL ca dch v th mc. Kiu sao lu t xa ny c th yu cu bn ci t thm cc thnh phn phn mm trn my tnh ch. Trong rt nhiu trng hp, sn phm sao lu mng u c thm cc thnh phn cho php bn thc hin cc tc v sao lu c bit, v d nh sao lu cc CSDL ang chy hoc cc my tnh chy cc h iu hnh khc. Mt s cc thnh phn ny c m t trong phn sau y. LU . Cc thnh phn b sung. Trong rt nhiu trng hp, cc gi phn mm sao lu mng ch bao gm cc thnh phn c bn m t trong cc chng trc. thm vo cc tnh nng tt hn m t trong phn sau, bn phi mua cc thnh phn khc nh l cc modul b sung ring r m c th c ng lm vic vi phn mm sao lu chnh. Cc Agent sao lu t xa. Hu nh tt c mi phn mm sao lu u c th sao lu cc a c chia s trn cc my tnh mng bn cnh kh nng sao lu trn chnh my ci t phn mm , tuy nhin iu ny kh ng c ngha l ch ng c coi l cc phn mm sao lu mng. Mt bn sao lu ng ngha l mt bn c th s dng kh i phc li mt a cng b xa hon ton tr v trng thi tt trc . Vic truy cp mt my tnh Windows t xa th ng qua mt a cng hay th mc chia s, v l thuyt s cho php bn sao lu mi th xut hin trong h thng file nhng bn kh ng th truy cp n cc phn t v d nh Windows registry hoc mt CSDL Active Directory theo cch

    ny. Do , mt bn sao lu ca mt th mc hoc a chia s s kh ng hon chnh v kh ng th s dng kh i phc mt my tnh xa v trng thi nguyn gc ca n.

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 169 SAO LU V PHC HI D LIU Trong chng trnh Windows Server 2003 Backup, bn la chn mt i tng tn l System State (Trng thi H thng - Th hin trong Hnh 4-9) sao lu cc phn t sau trong my tnh ni b. Cc file khi ng h thng Cc file h thng nm trong Windows File Protection Windows registry CSDL ng k COM+ Class Dch v th mc Active Directory (ch trong my ch qun tr min) Th mc Sysvol (ch trong my ch qun tr min) Cc th ng tin v dch v Cluster (ch i vi cc n t trong cluster) Siu th mc Internet Information Services (IIS) (ch trong my ch IIS) CSDL dch v Certificate (Ch vi certification authority - y quyn chng nhn) LU . Sao lu v kh i phc System State. Bn c th sao lu v kh i phc System State nh l mt i tng n. V d bn kh ng th ch kh i phc CSDL Windows registry t mt bn sao lu System State v cng kh ng th i vi cc phn t khc trong i tng ny, v d nh cc file khi ng h thng.

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 170

    SAO LU V PHC HI D LIU

    Hnh 4-9. Sao lu i tng System State Tuy vy, trong Windows Server 2003, bn kh ng th sao lu i tng System State trn mt my tnh khc ngoi my tnh m bn ang chy chng trnh Backup ny. S dng cc sn phm phn mm sao lu mng, bn c th sao lu cc phn t h thng ny trn mt my tnh xa, tuy nhin trong phn ln cc trng hp, bn phi ci t mt thnh phn phn mm th ng thng c gi l agent trn cc my tnh xa ny trc. Agent ny cho php my ch sao lu thit lp mi lin lc vi my tnh xa v ti v cc thnh phn h iu hnh cn thit thc hin vic sao lu hon chnh ca cc a my tnh. LU . Mua cc agent. Cc sn phm sao lu c th bao gm cc agent sao lu t xa khc nhau km theo thnh phn c bn. V d, khi bn mua mt sn phm m chy phn sao lu chnh trn mt my tnh Windows Server 2003, sn phm ny c th bao gm cc agent cn thit sao lu cc my tnh Windows khc trong mng. Tuy nhin, nu bn c cc my tnh chy cc h iu hnh khc, bn c th phi mua thm cc agent ring cho cc h iu hnh ny. Sao lu cc file ang m. Trong rt nhiu trng hp, khi mt ng dng m mt file vn bn, file ny b kha trng thi m v do kh ng c ng dng hoc tin trnh no QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 171

    kh c SAO LU V PHC HI D LIU

    khc thay i bn sao trn a ca mt file ang nm trong b nh. Mt trong nhng l do chnh ti sao cc qun tr mng li tin hnh sao lu sau gi lm vic l ngn cn tnh trng b qua cc file v ch ng ang c m bi ngi d ng. Do vy, nu ngi d ng ng dng chy vi mt file ang m, tc v sao lu vn c th kh ng bo v c file ny. gii quyt vn ny, mt s phn mm sao lu c kh nng sao lu cc file an m cho php kh nng sao lu cc kiu file ny thm ch ngay c khi cc ng dng khc ang m ch ng. Sao lu CSDL Cc CSDL hay c vn khi sao lu, bi v ch ng thng cha cc d liu quan trng sng cn cn bo v v cng bi ch ng thng xuyn trng thi chy lin tc kh ng ngh. Cc CSDL ang chy thng kha cc file d liu ca ch ng trng thi m ging nh cc ng dng khc, cho php cc tc v sao lu bo v cc file chng trnh CSDL (m rt d dng thay th) tuy nhin li b qua chnh bn thn cc CSDL ny. sao lu CSDL, bn phi tt ch ng i trc m kha trng thi ca cc file d liu. Trong trng hp vic tt cc ng dng l kh ng th c bi v cc CSDL ny lu n phi sn sng i vi ngi d ng, rt nhiu phn mm sao lu c mt agent c bit cho CSDL cho php d dng sao lu cc CSDL ny bng cch s dng cc th tc nh sau: 1. Agent to ra mt bn sao tm thi ca cc file CSDL c gi l delta file 2. Agent ny hng cc yu cu ca ngi d ng i vi cc th ng tin CSDL vo delta file 3. Agent ng file CSDL nguyn gc li 4. Agent giao tip vi my ch sao lu v chuyn pht ni dung ca cc file CSDL ny sao lu sang bng t. 5. Sau khi qu trnh sao lu hon thnh, agent sao chp tt c cc thay i bi ngi d ng i vi delta file sang file CSDL nguyn gc 6. Agent li m li file CSDL 7. Agent hng cc yu cu ngi d ng tr li vo file CSDL nguyn gc 8. Agent xa delta file.

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 172

    Kh i phc sau thm ha SAO LU V PHC HI D LIU Cng ging nh bt k ng dng no, phn mm sao lu yu cu mt h iu hnh chy. Nu nh cc a h thng hoc my ch sao lu ca bn c s c, bn c mt bn sao lu y ca a cng th bn phi lm th no kh i phc li n. Trong iu kin bnh thng, bn phi ci t li h iu hnh v sau ci t li phn mm sao lu trc khi bn c th kh i phc li a cng tr v trng thi nguyn gc. i vi mt doanh nghip m thi gian cht c ngha l tn tht v doanh thu, th s chm tr ny c th kh ng th chp nhn c LU . Mc ch ca k thi. Mc ch ca k thi 70-290 ch ra rng hc vin phi c kh nng thc hin kh i phc h thng cho

    c th truy cp n.

    iu ny

    bo v kh ng cho cc chng trnh

    mt my ch v ti to li h thng sau khi phn cng my ch c s c Mt s phn mm sao lu c th gii quyt vn ny bng cch cung cp tnh nng kh i phc thm ha. Phn mm c tnh nng ny c thit k cho php ngi qun tr tin hnh kh i phc li hon ton cc a h thng trn my tnh trong thi gian ngn nht. Phn mm ny to ra mt bn sao lu y kt hp vi mt a khi ng ch cha cc file h iu hnh cn thit chy chng trnh sao lu v thc hin vic kh i phc. Sau khi khi ng t a khi ng ny, bn c th tin hnh vic kh i phc v my tnh s tr li trng thi nguyn gc, nhanh hn rt nhiu so vi vic bn phi ci li h iu hnh mt cch th c ng. Chng trnh Windows Server 2003 Backup c tnh nng kh i phc sau thm ha c gi l Automated System Recovery (Kh i phc h thng t ng-ASR). Khi bn chy Automated System Recovery Preparation Wizard (Trnh chun b kh i phc h thng t ng) (th hin trong Hnh 4-10), phn mm s hng dn bn qua cc qu trnh to ra bn sao lu y ca my ch v sau nhc bn a a mm vo, trnh ny s s dng a mm to ra a khi ng cho h thng. Trong trng hp thm ha m ton b ni dung ca a h thng b mt, bn ch cn n gin l a bng t sao lu vo trong bng t v khi ng t a mm ni trn hon tt vic kh i phc h iu hnh.

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 173 SAO LU V PHC HI D LIU

    Hnh 4-10. Trnh Automated System Recovery Preparation Wizard LU . Mc ch ca k thi. Mc ch ca k thi 70-290 ch ra rng hc vin phi c kh nng s dng Automated System Recovery (ASR) Bo mt sao lu Cc bn sao lu cha cc bn sao ca c ng d liu bn lu trn cc a cng, do bn s phi mt c ng sc bo mt cc bn sao lu ny nh khi bn bo mt cc d liu gc. Cc chng trnh sao lu mang cho php bn ch nh tn ti khon v mt khu m phn mm ny s dng truy cp cc mc tiu sao lu. Phng php thc hnh tt nht l to ra mt ti khon c bit cho mc ch ny m ch c quyn cn thit thc hin sao lu hn l s dng ti khon Administrator hoc cc ti khon khc c nhiu tnh nng. Bn c th d dng cung cp mt ti khon ngi d ng vi cc quyn ny bng cch thm n vo trong nhm Backup Operators to sn trong Active Directory. Cch ny s ngn cn cc ngi d ng cha xc thc kh ng th gy hi cho tnh bo mt ca mng bng cch s dng cc phn mm sao lu.

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 174 SAO LU V PHC HI D LIU LU . Mc ch ca k thi. Mc ch ca k thi 70-290 ch ra rng hc vin phi c kh nng cu hnh bo mt cho cc nhim v sao lu gi cho d liu ca bn c bo mt, bn phi bo v cc file trong cc bng t sao lu. Cc phn mm sao lu mng th ng thng cho php bn s dng mt khu bo v cc bng t sao lu ny. Bn c th ch nh mt khu trong qu trnh to ra cc tc v sao lu v bn phi cung cp mt khu ging th kh i phc d liu t cc bn sao lu . Khi s dng mt khu bo v bng t ca bn, bn nn s dng c ng yu cu cho mt khu m bn d ng cho h thng mng, v d nh di v tnh phc hp ca mt khu. Bn cng phi bo mt mc vt l cc bng t, kh ng ch bo mt d liu m cn phi m bo tnh an ton ca ni ct gi. Bo v bng mt khu c th ngn nga nhng k xm phm v tnh kh ng kh i phc d liu ca bn bng phn mm sao lu nhng thc t d liu vn trong bng t vi mt nh dng kh ng c bo v v mt ai c k nng v thit b c th vn truy cp c cc file ny. Do , bn nn lu n gi bn sao lu ca mnh c kha cht ch, tt nht l trong cc t chng chy hoc cc khu vc lu tr bo mt no . Bn cng nn lu cc bn sao lu ny xa khu vc lm vic nu c trm hoc thm ha cng kh ng lm cho cc bn sao lu ny mt i c ng vi my tnh ca bn. S DNG WINDOWS SERVER 2003 BACKUP Chng trnh Backup trang b trong Windows Server 2003 kh ng phi l mt gi phn mm sao lu y tnh nng nh m t phn trc, tuy

    nhin n cng sao lu mt my ch. Vi chng trnh Backup, bn c th c hin cc tc v sau y: th Sao lu cc cng ti ch, cc chia s trn mng v i tng System State ni b La chn mc tiu sao lu bng cch s dng cch hin th hnh cy Thc hin cc tc v sao lu normal, incremental, differential, copy hoc daily. Loi b cc file c bit c nh du khi tc v sao lu Sao lu cc file sang mt bng t hoc sang file trn cc a ni b khc, sau bn c th chuyn sang mt a CD-ROM, DVD-ROM hoc cc phng tin lu tr khc. QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 175

    SAO LU V PHC HI D LIU Lp lch sao lu din ra ti cc thi gian xc nh hoc lp li sau cc khong thi gian xc nh. Xc nhn cc bn sao lu bng cch so snh d liu nh trn cc phng tin sao lu vi bn nguyn gc ca n. Khi phc cc file sao lu vo v tr nguyn gc ca n hoc n mt v tr thay th khc Ch nh khi no v liu cc file kh i phc c ghi cc file tn ti. Mt s cc tnh nng lin quan n sao lu m Windows Server 2003 cung cp c cp trong cc phn sau y. S dng Volume Shadow Copy Volume Shadow Copy (Bn sao hnh bng ca a) l mt tnh nng ca Windows Server 2003 cho php duy tr mt th vin cha cc phin bn khc nhau ca cc file la chn. Mc d kh ng th thay th cho vic sao lu h thng, Volume Shadow Copy cho php ngi d ng truy cp cc phin bn lu trc ca file m h v tnh xa hoc ph hy. Tnh nng ny gim bt cho ngi qun tr mt trong cc c ng vic lt vt phin h nht: kh i phc file n l cho ngi d ng khi h l xa file . LU . Mc ch ca k thi. Mc ch ca k thi 70-290 ch ra

    rng hc vin phi c kh nng kh i phc d liu t shadow copy volume kch hot volume shadow copy cho mt a trn my tnh ca bn, bn cho hin th hp thoi Local Disk Properties ca a logic v la chn th Shadow Copies (th hin trong Hnh 4-11). Khi bn la chn mt a logic trong danh sch v nhn vo Enable, Windows Server 2003 to ra mt bn sao chp ca tt c cc fie trong th mc chia s trn a logic v dn nhn ln bn sao chp th ng tin ngy gi hin ti. Sau khi kch hot tnh nng ny cho a, Windows Server 2003 tip tc to ra hai bn sao ca cc file ny mi ngy trong tun v lu ch ng cho n khi dung lng a ch nh dnh cho chc nng ny y. Bn c th chnh sa c tn sut m h iu hnh Windows to ra cc bn sao v kch thc ca kh ng gian a s dng lu cc bn sao ny. QUAN TRNG. Gii hn ca Volume Shadow Copy. Volume Shadow Copy ch bo v cc file trn a logic m lu trong cc th mc chia s, v a ny phi s dng nh dng h thng file NTFS. QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 176 SAO LU V PHC HI D LIU

    Hnh 4-11. Th Shadow Copy ca hp thoi Local Disk Properties ca mt a logic Ch nhng my tnh chy Windows Server 2003 v Windows XP mi c th truy cp cc file shadow copy trn cc a. Trn cc my trm Windows XP, u tin bn phi ci t phn mm my khch c th s dng chc nng ny. Sau ngi d ng c th truy cp shadow copy bng cch hin th hp thoi Properties ca file trong shadow volume v la chn th Previous Versions (th hin trong hnh 4-12)

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 177 SAO LU V PHC HI D LIU

    Hnh 4-12. Th Previous Versions trong hp thoi Properties ca file.

    LU . Volume Shadow Copy Clients. Windows Server 2003 bao gm phn mm my khch ca volume shadow copy trong th mc Systemroot\System32\Clients\Twclient. Bn c th ci t phn mm ny mt cch th c ng trn cc my trm Windows XP hoc bng cch ci t t ng, v d nh s dng chnh sch nhm Bn cnh vic cung cp cho ngi d ng kh nng truy cp vo cc phin bn khc nhau ca cc file, volume shadow copy cn cung cp k thut sao lu cc file m cho trng trnh Windows Server 2003 backup. Theo mc nh, Backup s dng cc bn sao volume shadow ca cc file m ang kha trng thi m khi thc hin sao lu. iu ny cho php chng trnh Backup sao lu cc file m ang s dng bi cc ng dng trong thi im tin hnh sao lu. Bn c th kh ng cho Backup s dng cc bn sao volume shadow trong cc tc v sao lu c bit no bng cch la chn Disable Volume Shadow Copy trong hp thoi Advanced Backup Options (th hin trong hnh 4-13) QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 178 SAO LU V PHC HI D LIU

    Hnh 4-13. Hp thoi Advanced Backup Options Sao lu v kh i phc Active Directory. Nh cp trong phn trc ca chng, bn c th sao lu CSDL Active Directory trn my ch qun tr min Windows Server 2003 bng cch s dng chng trnh Backup v la chn i tng System State nh l mc tiu sao lu. Tuy nhin vic kh i phc my ch qun tr min Active Directory l kh ng n gin. Trc khi bn c th kh i phc CSDL Active Directory t bn sao lu System State, bn phi khi ng my tnh trong ch Directory Services Restore Mode. Bn lm iu ny bng cch nhn F8 khi my tnh ang khi ng v la chn Directory Services Restore Mode t thc n Windows Advanced Options. Theo cch ny my tnh s khi ng vi CSDL Active Directory c ng v do bn c th truy cp chng trnh Backup v kh i phc li CSDL ny t bng t.

    LU . ng nhp. Khi bn khi ng my tnh trong ch Directory Services Restore Mode bn phi ng nhp vi ti khon Administrator s dng tn ti khon v mt khu Security Accounts Manager (SAM) ch kh ng phi tn ti khon v mt khu trong Active Directory. l bi v Active Directory ang offline ( trng thi ng, kh ng kch hat) nn vic xc nhn ti khon kh ng th thc hin c. CSDL ti khon SAM c s dng iu khin truy cp vo Active Directory trong khi Active Directory ang offline. Bn phi nhp mt khu ny khi bn ci t Active Directory QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 179 SAO LU V PHC HI D LIU Khi my tnh khi ng trong ch Directory Services Restore Mode, bn c th chy chng trnh Backup v kh i phc li i tng System State t bng t hoc cc phng tin sao lu khc. Chng trnh Windows Server 200 B 3 ackup h tr 2 kiu kh i phc Active Directory: Kh i phc non-authoritative (kh ng c thm quyn). Cc i tng trong CSDL Active Directory c kh i phc chnh xc nh n xut hin trong System State vi cc s th t cp nht gc c gi nguyn. Bi v cc s th t ny c gi tr bng vi gi tr m cc i tng c c khi tc v sao lu c tin hnh, ch ng qu hn v qu trnh ng b Active Dir t ec ory s ghi cc i tng ny bng cc phin bn mi hn trong cc my ch qun tr min khc. Bn c th s dng phng php kh i phc non-authoritative ny khi bn mun xy dng li mt my ch qun tr min m b hng vi cc th ng tin Active Directory mi nht c cp t t cc my ch qun tr min khc. Chng trnh Windows Server 2003 nh Backup theo mc nh s thc hin tc v kh i phc theo kiu nonauthoritative. Kh i phc Authoritative (c thm quyn). Cc i tng trong CSDL Active Directory s c kh i phc m cc s th t cp nht s kh ng b ghi trong cc qu trnh ng b Active Directory sau . Bn s dng kh i phc kiu Authoritative khi bn mun d ng bn sao lu System State phc hi li cc i tng Active Directory m bn v tnh xa i. th c hin vic kh i phc Authoritative, ban u bn phi thc hin kh i phc kiu non-authoritative trc, sau trc khi khi ng li my tnh, bn s dng mt tin ch dng lnh c gi l Ndsutil.exe nh du cc i tng trong Active Directory hin ti nh l authoritative. Tin ch su il.exe c th tm thy trong th mc Systemroot\System32. Vic nh Nd t du c c i tng l authoritative s thay i s th t cp nht ca i tng cao hn bt k s th t cp nht no khc trong khi ng b h thng Active Directory. iu ny m bo rng mi d liu m bn kh i phc s c ng b trong ton h thng.

    Khi my ch qun tr min c kh i phc v trng thi trc tuyn v kt ni vo h thng mng, cc tc v ng b th ng thng s a cc d liu trong my ch qun tr min ny cp nht vi cc thay i trong cc my ch qun tr min khc m kh ng b ghi bi n c kh i phc kiu authoritative. Vic ng b ng thi cng phn tn cc i tng c kh i phc sang cc my ch qun tr min khc trong forest. Cc i tng tng b xa c nh du l authoritative s c ng b t my ch qun tr min c kh i phc ti cc my ch qun tr min khc. Bi v cc QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 180 SAO LU V PHC HI D LIU i tng c kh i phc c c ng thuc tnh i tng nn kh nng bo mt c gi nguyn v s ph thuc ca cc i tng s c duy tr. V d, gi s bn sao lu h thng vo ny th Hai v sau to mt ngi d ng mi tn l Jeff Smith vo th Ba, th ng tin ny s dc ng b vi cc my ch qun tr min khc trong min. Sau , vo ngy th T, bn v tnh xa i tng ngi d ng Nancy Anderson. kh i phc ngi d ng Nancy Anderson m kh ng phi to li cc th ng tin v kh ng mt ti khon ca Jeff Smith, bn tin hnh kh i phc nonauthoritative my ch qun tr min vi bn sao lu System State c to trong ngy th Hai. Sau , s dng Ntdsutil.exe bn s nh du i tng ngi d ng Nancy Anderson l authoritative v khi ng li my ch qun tr min ny. Kt qu l i tng Nancy Anderson c kh i phc m kh ng tc ng g n ti khon Jeff Smith. LU .Mc ch ca k thi. Mc ch ca k thi 70-290 ch ra rng hc vin phi c kh nng sao lu cc file v d liu System State sang cc phng tin lu tr

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 181

    TNG KT SAO LU V PHC HI D LIU Mt gii php sao lu mng bao gm phn cng sao lu, phn mm sao lu v k hach s dng ch ng. Khi bn nh gi mt phn cng sao lu, tc lng ln hn gn nh c ngha l gi s t hn.

    Bng t l phng tin sao lu th ng dng nht sao lu bi bng t c tc sao lu nhanh, kh ng t v cha c rt nhiu d liu. Cc bng t c rt nhiu loi khc nhau v tc , dung lng v khong gi c ph hp vi cc nhu cu ci t khc nhau. Chc nng chnh ca phn mm sao lu l cho php ngi qun tr mng c th la chn cc mc tiu sao lu v sau chuyn d liu ny n cc bng t hoc cc thit b khc. Cc tc v sao lu Incremental v differential s tit kim bng t bng cch ch sao lu cc file m thay i t ln sao lu cui c ng, da trn tnh trng ca bit lu trong mi file. Mt phn mm sao lu tt cho php bn lp lch sao lu chy vo bt k thi im no v n duy tr phin bn mc lc ca tt c cc file sao lu trn c bng t v trn a cng Phn mm sao lu mng cho php bn sao lu mi d liu trong cc my tnh trong mng ca bn v cng cung cp cc tnh nng tin tin v d nh sao lu cc CSDL trc tuyn. sao lu Windows registry, CSDL Active Directory v cc ti nguyn h thng khc, bn phi sao lu i tng System State. Volume shadow copy l mt tnh nng ca Windows Server 2003 cho php ni d ng c th truy cp cc bn sao khc nhau ca cc file m h v tnh xa mt hoc b hng Khi bn kh i phc d liu System State trong ch nonauthoritative, mi thnh phn trong d liu System State m c ng b vi cc my ch qun tr min khc, v d nh CSDL Active Directory, s c cp nht bi qu trnh ng b sau khi bn kh i phc. Khi bn kh i phc d liu System State trong ch Authoritative,

    cao hn v dung

    cc thay i sau khi sao lu ln cui c ng s kh ng c kh i phc, cc i tng b xa s c phc hi v ng b. thc hin kh i phc authoritative, bn s dng tin ch dng lnh Ntdsutil.exe. QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 182

    BI TP THC HNH SAO LU V PHC HI D LIU Bi tp thc hnh 4-1: La chn mc tiu sao lu Trong bi tp thc hnh ny, bn thc hnh s dng cch hin th cy th mc trong chng trnh Backup la chn cc mc tiu sao lu. 1. ng nhp vo my tnh Windows Server 2003 bng ti khon Administrator 2. Nhn Start, tr vo All Programs, chn Accessories, chn Tools v sau chn Backup. Trang Welcome To The Backup Or Restore Wizard xut hin. 3. Nhn vo lin kt Advanced Mode. Ca s Backup Utility xut hin 4. La chn th Backup 5. M rng a Local disk (C) v la chn th mc Windows 6. La chn hp chn System State 7. T thc n Job, la chn Exit Bi tp thc hnh 4-2: Sao lu Incremental v Differential 1. Nu bn sao lu h thng mng ca bn bng cch thc hin sao lu y vo cc ngy th T l c 6h P.M v sao lu differential trong cc bui chiu su ngy cn li trong tun, bao nhiu tc v m bn cn thit phi thc hin kh i phc li my tnh khi mt a cng b hng vo tra ngy th Ba ? 2. Nu bn sao lu h thng mng ca bn bng cch sao lu y vo 6h P.M ngy th T, bao nhiu tc v cn thit nu bn tin hnh cc tc v sao lu incremental trong cc bui chiu su ngy cn li trong tun v mt a cng b hng vo tra ngy th Ba ? 3. kh i phc li hon ton mt my tnh b hng vo tra ngy th Ba, bao nhiu tc v cn thit nu bn tin hnh sao lu y vo 6h A.M cc ngy t T v th By hng tun v sao lu incremental vo 6h P.M cc ngy cn li? Bi tp thc hnh 4-3. Kch hot Volume Shadow Copy 1. Trong bi tp thc hnh ny, bn kch hot tnh nng volume shadow copy trong a C: ca my tnh. QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 183 SAO LU V PHC HI D LIU 2. ng nhp vo my tnh Windows Server 2003 bng ti khon Administrator 3. Nhn Start, tr vo All Programs, chn Accessories, v chn Windows Explorer. Ca s Windows Explorer xut hin 4. M rng i tng My Conputer trong khung phm vi, la chn

    System

    Local Disk (C:), v t thc n File, la chn Properties. Hp thoi Local Disk (C:) Properties xut hin 5. La chn th Shadow Copy v nhn Enable. Hp th ng bo Enable Shadow Copy xut hin 6. c cnh bo v nhn Yes. Sau mt khong thi gian tr, ngy v gi xut hin trong danh sch Shadow Copies Of Selected Volume, ch nh rng h thng to ra bn shadow copy u tin CC CU HI N TP 1. Ti sao tin hnh sao lu li tt nht sau khi ht gi lm vic? 2. Cc kiu tc v sao lu no sau y kh ng t li bit lu tr trong cc file m n sao chp sang cc phng tin lu tr ? (La chn tt c cc cu tr li ng) a. Full b. Incremental c. Differential d. Copy 3. Cc thit b bng t no sau y c dung lng ln nht ? a. LTO b. QIC c. DAT d. DLT 4. Cc tiu chun no di y c s dng nhiu nht lc cc file trong cc tc v sao lu? a. Tn file b. Phn m rng ca file c. Cc thuc tnh ca file QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 184

    d.

    Kch thc ca file

    SAO LU V PHC HI D LIU 5. m u? 6. Ba thnh phn ca h thng quay vng s dng phng tin sao lu Grandfather-Father-Son l g ? a. Cc a cng, CD-ROM v cc bng t b. Cc tc v sao lu Incremental, differential v full c. Cc tc v sao lu hng thng, hng tun v hng ngy? d. Cc bng t QIC, DAT v DLT 7. no? a. b. c. Cc thit b sao lu mng s dng thng xuyn nht giao tip thit b IDE SCSI USB Lm th no m mt autochanger tng dung lng lu tr tng ca

    d. Parallel port 8. Lm th no Windows Backup xc nhn cc d liu ghi vo phng tin sao lu ? 9. Khi bn khi ng my tnh trong ch Directory Services Restore Mode, bn s dng ng nhp nh th no? Ti sao ? KCH BN TNH HUNG Bn ang thit k mt gii php sao lu cho h thng mng ca c ng ty. d dng sao lu cc d liu quan trng ca c ng ty, bn cp cho 125 ngi d ng mng mi ngi mt th mc gc trn mt a chia s trn my ch v hng dn ngi d ng lu cc file d liu ca h trn cc th mc . Bn cng ng thi to ra mt hn ngch a cho php mi ngi d ng c s dng ti a 1GB dung lng a. Bi thit k nh trn, bn s phi sao lu ch my ch m kh ng phi l cc my trm ngi d ng. Bn cnh my ch file cha cc th mc gc ca mi ngi d ng, trong mng cn c 6 my ch Web, mi my ch c mt cng 40 GB cha cc file trang ch, mt my ch CSDL vi cng 80GB cha xp x 10GB file d liu v mt my ch Email vi 25GB d liu th. Da trn cc th ng tin nh trn, bn hy tr li cc cu hi sau: QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 185 SAO LU V PHC HI D LIU 1. Tng dung lng xp x ca d liu thay i thng xuyn m bn phi sao lu mi ngy l bao nhiu ? a. 60 GB b. 160 GB c. 360 GB d. 480 GB 2. Gi nh rng bn quyt nh thc hin sao lu y hng tun v sao lu incremental hng ngy, dung lng d liu xp x t 6 my ch Web m bn mong i tm thy trong mi bng t sao lu Incremental l bao nhiu? Gii thch cu tr li ca bn. 3. Da trn cc th ng tin trn trong Bng 4-1, kiu bng t no ph hp nht cho h thng mng ny, gi nh rng bn mun s dng ch mt bng t n cho cc tc v sao lu Incremental hng ngy ? a. DLT b. 8 mm c. QIC d. DAT

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 186 DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003

    CHNG 5: DUY TR H IU HNH Cc sn phm phn mm hin nay ang trong giai on pht trin lin tc v cc nh sn xut lu n u n a ra cc bn cp nht v nng cp . H iu hnh cng kh ng phi l mt ngoi l v mt iu rt quan trng l gi cho h iu hnh Windows Server 2003 ca bn lu n c cp nht. Vic cp nht cc my tnh n l l mt vic n gin, tuy nhin cp nht mt h thng mng ln mt cch ng l c v hiu qu th phc tp hn rt nhiu. Trong chng ny bn s hc v cc kiu cp nht h iu hnh m Microsoft a ra v mt s phng php bn c th s dng trin khai cc bn cp nht ny Sau khi hon thnh chng ny, bn c th: Hiu s khc nhau gia cc service pack (Cc gi dch v) v hotfix (Bn sa li nng)

    Trin khai service pack bng cc ng dng Windows Update (Cp nht Windows), Automatic Update (T ng cp nht) v cc chnh sch nhm Tch hp cc bn service pack and hotfix vo trong cc b ci t ca h iu hnh Windows Server 2003 S dng phn mm Microsoft Baseline Security Analyzer (Trnh phn tch ranh gii bo mt) Ci t v cu hnh mt my ch Microsoft Software Update Services (Dch v cp nht phn mm ca Microsoft ) Hiu cc ch giy php bn quyn Per Server v Per Device

    hoc Per User (Tnh theo my ch, thit b hoc theo ngi d ng) Cu hnh cc giy php bn quyn s dng c ng c Choose Licensing Mode (La chn Ch Giy php) trong Control Panel v c ng c Licensing Administrative (Qun tr Giy php) To cc nhm giy php bn quyn

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 187 DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003

    CC BN CP NHT CA H IU HNH WINDOWS c thi k, vic cp nht phn mm l mt vn rt nh. Nu c mt s c no trong mt ng dng hay h iu hnh, nh sn xut s pht hnh mt bn cp nht di dng mt bn v li m ngi d ng c th p dng cho cc my tnh ca mnh. Mt bn cp nht (Update) l mt phn ph ca bn ci t phn mm c sa li v thng c xu hng gii quyt mt vn c bit no hn l thm vo cc tnh nng mi cho phn mm . Khi nh sn xut a ra phin bn tip theo ca phn mm, h s tch hp cc bn v vo trong phin bn nng cp (Upgrade). Mt phin bn nng cp l mt bn ci t phn mm chnh v c th cha cc tnh nng mi cng nh cha c cc bn v ca phin bn trc ca sn phm ny. LU . Mc ch ca k thi. Mc ch ca k thi 70-290 yu cu hc vin c kh nng qun tr mt c s h tng cp nht phn mm Khi sn phm phn mm pht trin ngy cng phc tp, s lng ca cc s c trong chng trnh cng c xu hng tng theo v tng ng l s lng cc bn v li. Mt s sn phm, th ng thng l cc h iu hnh, c th c hng t cc bn v li c pht hnh gia cc ln nng cp. Vic cp nht cc chng trnh v cc h iu hnh do thng lm tng thm cc vn kh gii quyt bi mt s l do sau: S lng cc bn v li. Khi mt sn phm phn mm c s lng ln cc bn v li, n s tr nn kh khn trong vic theo di xem cc bn v no c p dng v phin bn no ca file sn phm ang c s dng trong ln ci t no. Th t ca cc bn v. Khi cc bn v c p dng theo cc th t khc nhau, kt qu l cu hnh phn mm c th thay i, in hnh l vic mt sn phm c nhiu bn v s cha cc phin bn khc nhau ca c ng mt file. C bn Service Pack Khi i mt vi hng trm cc bn v cho h iu hnh hin i ngy nay, Microsoft quyt nh la chn s dng mt phng php khc pht hnh cc bn cp nht ny. Thay v rt nhiu bn v nh, Microsoft to ra mt bn cp nht tm thi ln hn dc gi l service pack. Mt bn service pack l mt tp hp ca cc bn v v cc bn cp nht khc tng c kim tra QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 188

    DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 v ng gi li thnh mt khi n l. Mt chng trnh ci t n s p dng tt c cc bn cp nht c ng mt l c, thng nht mt cu hnh phn mm cho mi my tnh m trn bn service pack c p dng. Cc bn service pack n gin qu trnh cp nht cho tt c mi ngi tham gia. i vi Microsoft, pht hnh cc bn cp nht trong mt bn service pack c ngha l c th kim tra ton b gi phn mm ny thay cho vic phi kt hp vic kim tra rt nhiu cc bn v khc nhau li. i vi ngi qun tr h thng v ngi d ng cui, qu trnh ci t s c gim bt v ch cn chy mt chng trnh n thay cho tin hnh ci t rt nhiu ln cc bn v ring bit. i vi cc nhn vin h tr k thut, qu trnh gii quyt s c cng n gin hn bi v h kh ng gp phi tnh trng mt s lng ln cc bn v c ci t theo bt k th t no. D dng xc nh c bn service pack no c ci t trn mt my tnh Windows ve 2000, Windows XP hay Windows Server 2003 bng cch nhn vo Ser r th General trong hp thoi System Properties (Th hin trong Hnh 5-1)

    Hnh 5-1. Hp thoi System Properties Cc bn service pack ca Microsoft c pht hnh theo kiu tch ly dn, ngha l mi bn service pack cho mt sn phm no u cha cc bn cp nht t khi bn ci t chnh gn nht ca sn phm c pht hnh, bao gm c cc bn service pack trc . Do , khi bn tin hnh ci t QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 189 DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 mt h iu hnh Windows hoc mt sn phm no ca Microsoft, bn ch phi p dng bn service pack gn y nht. Pht hnh cc bn service pack

    Microsoft pht hnh cc bn service pack ca h iu hnh theo ba dng: CD-ROM. Ch ng ta c th nhn c cc bn service pack cha trong CD-ROM trc tip t Microsoft ch vi chi ph danh ngha kh ng ng k. a CD ny c cha cc file ci t service pack v mt chng trnh ci t tn l Update.exe. a ny cn cha cc ti liu ca bn service pack, cc c ng c trin khai v cc c ng c h tr cp nht m th ng thng kh ng c trong cc bn ci t c ti v t Internet. Express Download (Bn r t gn). Bn r t gn ch cha mt s file cn thit bt u qu trnh ti bn service pack v. Khi bn chy chng trnh ci t, phn mm s kim tra h thng, truy cp trang Web ca Microsoft v ti cc file cn thit v hon thnh qu trnh cp nht. Bi v chng trnh ci t kim tra xem bn service pack no c ci t trong my tnh, n c th ch ti cc file n cn, iu ny c th lm gim ng k kch thc tng ca cc file cn ti v. chy qu trnh ci t r t gn, my tnh phi c kh nng truy cp Internet. Network Download (ti v t mng). Vic ti v t mng s bao gm ton b bn service pack di dng mt file chy n. Cch thc ny s dng cho cc qun tr mng khi trin khai service pack trn mt s lng ln my tnh. Khi bn tin hnh ti xong, bn c th np file chy v ci t service pack trn bt k my tnh no ang chy h iu hnh m kh ng cn thit phi c kh nng truy cp Internet. Tuy nhin bi v phin bn ny cha tt c cc file service pack nn bn ny c th rt ln, th ng thng l 100MB hoc hn. Ci t mt ln. Khi bn ci t bn service pack trn my tnh chy mt trong cc h iu hnh Windows, chng trnh ci t s p dng ch cc cp nht cho cc thnh phn c trong h thng. V d, nu bn ci t Microsoft Internet Information Services (IIS) v Certificates Services trn my tnh chy Windows Server 2003, vic ci t service pack s ch p dng cc bn cp nht cho hai thnh phn ny m kh ng cp nht cho cc thnh phn khc m kh ng c ci t trong h thng. QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 190 DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 Mt l c no , nu bn chnh sa cu hnh phn cng hoc phn mm trong mt my tnh chy Windows NT, bn s phi ci t li bn service pack mi nht p dng phn mm cp nht cho cc thnh phn c ci t. Tuy nhin, bt u t Windows Server 2000, iu ny kh ng cn cn thit na. Chng trnh ci t service pack ngy nay lu v tr ca cc file cabinet (.cab) cha tt c cc trnh iu khin c cp nht cho my tnh cng nh cc file th ng tin c gi l Layout.inf. iu ny m bo bt c khi no bn ci t li cc thnh phn h iu hnh mi, k c l cc trnh iu khin thit b, mt ng dng hay mt dch v, h thng s s dng cc phin bn mi nht ca cc file t cc bn service pack pht hnh. Cc bn sa li nng (Hotfix). Mc d lch trnh ca vic pht hnh cc bn service pack l d thay i, cc bn cp nht xut hin ngy cng t i, thng l kh ng hn mt ln trong mt nm. Mc d vy, mt iu cng rt bnh thng khi mt h iu hnh ny sinh ra cc vn m yu cu cn phi ch ngay lp tc v kh ng th i n khi pht hnh bn service pack tip theo c. i vi cc trng hp ny, Microsoft pht hnh cc bn v li ring r, c gi l hotfix (bn sa li nng). Mt hotfix l mt phn mm cp nht m gii quyt mt li c bit no . Ging nh cc bn service pack, hotfix c

    pht hnh nh l mt file chy n v s ci t bn v li trn my tnh m n chy. Microsoft thng pht hnh cc bn hotfix kt hp vi mt bi Knowledge Base (Kin thc C bn) gii thch cho s c ny v cc trng hp m ngi d ng hoc qun tr mng nn p dng bn cp nht ny. THNG TIN THM. Microsoft Knowledge Base. Microsoft Knowledge Base l mt th vin ca cc bi vit cung cp cc th ng tin h tr cho mi sn phm Microsoft. Bn c th truy cp Knowledge Base ti a ch http://support.microsoft.com. Kh ng ging nh cc bn service pack, m Microsoft yu cu ci t trn mi my tnh, cc bn hotfix thng c p dng cho cc my tnh b mt s c c bit no hoc chy mt cu hnh phn cng hoc phn mm c bit. Bn phi lu n lu n lm quen vi chc nng ca cc bn hotfix v iu kin s dng trc khi ci t n vo cc my tnh. Khi no phi cp nht Cu hi khi no phi p dng cc bn service pack v hotfix l mt vn c tranh ci nng hi gia cc qun tr mng trong nhiu nm. Kh ng phi tt c cc bn cp nht pht hnh u c th tin cy c v mt s QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 191 DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 qun tr mng rt kh tnh trong vic p dng cc bn service pack cho ti khi h thy c s n nh m ch ng mang li. Trong thc t, mt s ngi d ng thch i n bn service pack 3 c pht hnh trc khi h ci t bn service pack 2. S cn trng ny tng c coi l thch hp vi thi gian trc, tuy nhin by gi th hon ton kh ng phi nh vy. Cc bn service pack v hotfix c pht hnh thng xuyn gii quyt cc vn v bo mt v d cc virus mi hoc su my tnh khc, v vic trin khai cc bn cp nht ny ng l c l iu rt quan trng. Tuy nhin, ni nh th kh ng c ngha l nht thit mi ngi d ng u phi p dng tt c cc bn cp nht ny ngay lp tc sau khi n c pht hnh. i vi cc my tnh n, trang Web Windows Update s lm cho qu trnh ti v p dng cc bn cp nht tr nn d dng hn v trong hu ht cc trng hp, bn c th g ci t cc bn cp nht ca Microsoft khi cn. Do , hu ht ngi d ng u c th p dng cc bn cp nht mt cch an ton ngay sau khi ch ng c pht hnh. Tuy nhin trong mt m i trng mng ln, quyt nh bn cp nht no cn c ci t v khi no phi ci t s kh ng th t y thuc vo ngi d ng. Ngi qun tr mng phi chu trch nhim ly cc bn cp nht v sau khi ch ng c pht hnh v trin khai ch ng trong mng ca mnh ng l c. Tuy nhin ngi qun tr mng kh ng cn thit phi ci t mi bn cp nht ngay lp tc sau khi n c pht hnh. iu rt quan trng l bn phi kim tra cc bn cp nht ny trc v l l do ti sao mt doanh nghip phi c cc chnh sch cp nht c thit lp trc trong h thng ca mnh. Chnh sch cp nht phn mm c thit k h tr qun tr mng trong vic tin hnh cc tc v sau:

    Duy tr kh nng nhn bit cc bn cp nht mi dc pht hnh. Microsoft thng xuyn pht hnh cc bn cp nht m c th cn thit p dng hoc kh ng trong h thng mng ca bn. Qun tr mng phi bit c cc bn cp nht mi khi ch ng c pht hnh v phi hiu mi bn cp nht cp v gii quyt nhng vn g. Xc nh my tnh no cn phi cp nht. Trong mt s trng hp, mt bn cp nht c th ch p dng cho cc my tnh thc hin mt chc nng nht nh, s dng mt ng dng hoc tnh nng c bit no , hoc c mt thnh phn phn cng c bit. Cc qun tr mng phi hiu c chc nng c th ca mi ln pht hnh v xc nh c my tnh no cn bn cp nht .

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 192

    DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 Kim tra cc bn cp nht pht hnh trn cc cu hnh my tnh khc nhau. Mt bn cp nht phn mm c th gy ra s trc trc trong hot ng ca mt my tnh n. iu ny c th ch gy ra phin phc cho chnh my tnh ny, tuy nhin trong mt h thng mng ln, n c th gy ra mt thm ha. Qun tr mng phi tin hnh cc bin php kim tra ca ring mnh i vi cc bn cp nht trc khi trin khai ch ng cho ton h thng mng. Trin khai cc bn cp nht trn mt mng c qui m ln. Vic ci t cc bn cp nht mt cch th c ng trn hng trm my tnh yu cu rt nhiu thi gian, c ng sc v chi ph. trin khai cc bn cp nht trn mt mng ln mt cch hiu qu, qu trnh ny phi c t ng ha. Microsoft cung cp cc c ng c h tr qun tr mng hon thnh cc tc v ny, v d nh cc c ng c c trnh by trong cc phn sau y ca chng trnh. Th nghim cc bn cp nht bo mt. Trc khi bn c th cp nht cc bn cp nht phn mm trong mng, bn phi th nghim ch ng m bo ch ng tng thch vi cc tt c cc cu hnh h thng ca bn. S lng v cch thc kim tra ph thuc vo ngun gc ca cc bn cp nht v s phc tp ca h thng mng ca bn. i vi mt bn cp nht nh mt bn service pack, vic th nghim nn

    dc thc hin rng ri. Bn c th nn tin hnh th nghim ny trong mt mng th nghim c lp vi mng ang vn hnh thc hin trin khai th im trong mt phn ca h thng tin hnh vic trin khai i tr. i vi cc bn cp trin khai th im c th coi nh l hon thnh vic th c th trin khai i tr lu n nu nh kh ng c s c no

    bn pht hnh trc, sau mng trc khi nht ph v nh, vic nghim v sau xy ra.

    G ci t cc bn Service pack Khi bn ci t mt bn service pack, chng trnh ci t lu n cho php bn c hi lu cc bn sao lu d phng ca cc file h iu hnh m bn service pack ny thay th. iu ny cho php bn g ci t bn service pack sau v kh i phc li cu hnh nguyn gc ca h thng nu cn thit.

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 193 DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 S DNG MICROSOFT BASELINE SECURITY ANALYZER Microsoft Baseline Security Analyzer (Trnh phn tch ranh gii bo mt ca Microsoft - MBSA) l mt c ng c ha (Th hin trong Hnh 5-2) c th kim tra cc l hng bo mt th ng thng trong mt my tnh n hoc nhiu my tnh chy cc phin bn h iu hnh Windows khc nhau. Cc l hng th ng thng l do vic cu hnh cc tnh nng bo mt kh ng chun hoc cha hon chnh v vic ci t cc bn cp nht bo mt l kh ng c thc hin hon ho. Cc li bo mt m MBSA c th pht hin tra nh sau: Thiu cc bn cp nht bo mt. S dng mt bn lit k cc bn cp nht pht hnh t my ch ca Microsoft trn Internet hoc t mt my ch Microsoft Software Update Services (SUS) ni b, MBSA xc nh liu cc bn service pack v cc bn cp nht m n yu cu c ci t trong my tnh hay cha v nu cha, n s son ra mt danh sch cc bn cp nht cn thit phi ci t.

    Hnh 5-2. Giao din Microsoft Baseline Security Analyzer

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 194 DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 LU . Hfnetchk.exe. MBSA l chng trnh thay th tin ch kim tra cp nht trc kia ca Microsoft c tn Hfnetchk.exe, tin ch ny thc hin t giao din dng lnh v ch kim tra cc bn cp nht cn thiu trong my tnh. MBSA bao gm tt c cc tnh nng ca Hfnetchk.exe, bao gm c giao din dng lnh, trong bn c th kch hot bng cch chy file chy Mbsacli.exe vi tham s /hf. iu ny cho php ngi qun tr tip tc s dng cc file b (batch) v cc kch bn (script), kt hp vi dng lnh Htnetchk.exe vi rt t chnh sa. Cc im yu ca Ti khon. MBSA kim tra xem liu ti khon Guest c c kch hot trong my tnh hay kh ng, liu c nhiu hn hai ti khon c quyn Administrator, liu cc ngi d ng n danh (anonymous) c qu nhiu quyn truy cp n cc th ng tin h thng hay kh ng v liu my tnh c s dng tnh nng Autologon. Mt khu kh ng hon chnh. MBSA kim tra mt khu ca cc ti khon my tnh xem liu ch ng c cu hnh gii hn thi gian hiu lc ca mt khu kh ng, c l mt khu trng hoc qu n gin kh ng. Vic kim tra ny kh ng c thc hin trn cc my ch qun tr min. Cc im yu ca h thng file. MBSA kim tra xem liu cc a trn my tnh c s dng h thng file NTFS hay kh ng. Cc im yu ca cc ng dng IIS v SQL. Nu my tnh chy dch v IIS hay SQL, MBSA kim tra cc ng dng ny xem c cc im yu bo mt kh ng. nh , MBSA cn n th cc th ng tin khc v cc vn bo mt Bn c hi

    trn my tnh, v d nh danh sch cc chia s trn mng, s phin bn ca h iu hnh Windows v liu vic kim nh (audit) c c kch hot hay kh ng. LU . Ti MBSA. MBSA kh ng i km trong h iu hnh Windows Server 2003, tuy nhin n li c th ti v min ph t trang Web ca Microsoft. MBSA l mt c ng c th ng tin m c th hin th cc th ng tin bo mt ca y t nh, tuy nhin n kh ng th thc hin bt k mt hnh ng no gii m quyt cc im yu d b tn c ng m n tm thy. Bn c th s dng MBSA xc nh xem bn cp nht bo mt no cn thit ci t trn cc my tnh nht nh, tuy nhin xy dng mt chnh sch cp nht hiu QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 195 DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 qu, bn phi trin khai h thng theo di xem cc bn cp nht no c ci t trn cc my tnh trong doanh nghip. S DNG WINDOWS UPDATE Windows Update l mt Web site, do Microsoft duy tr, cho php cc my tnh chy Windows Server 2003 v hu ht cc phin bn khc ca Microsoft Windows c th nh v v ti cc bn cp nht v bn v li mi nht ca h iu hnh v cc trnh iu khin. Khi bn truy cp site Windows Update bng cch nhn vo Start, tr vo All Program v la chn Windows Update, hoc bng cch s dng a ch URL http://windowsupdate.microsoft.com, my tnh s ti mt ng dng kim tra cu h nh hin ti ca my tnh ca bn v lit k ra mt danh sch cc bn cp ht v bn v li m h thng c th cn (Th hin trong Hnh 5-3), trong cc mc sau y: Cc bn cp nht v service pack mang tnh quan trng mu cht Cc bn cp nht cho cc phin bn nht nh ca Windows Cc bn cp nht trnh iu khin Ngi d ng c th la chn t mt danh sch cc cp nht, ti ch ng v ci t tt c c ng l c, do s n gin ha qu trnh bo dng.

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 196 DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003

    Hnh 5-3. Giao din Web ca Windows Update i vi ngi d ng n l s dng my tnh gia nh, Website Windows Update l phng thc hu hiu nht gi cho my tnh ca bn c cp nht, tuy nhin s l kh ng ph hp khi s dng trong h thng mng, do cc l do sau: Bng th ng. Mi khi mt my tnh nhn mt bn cp nht pht hnh bng Windows Update, n ti phn mm t my ch Microsoft trn

    Internet. Trong mt h thng mng ln, iu ny c ngha hng trm my tnh s c ng ti cc file ging nhau. i vi cc bn cp nht nh, iu ny c th kh ng c vn g, tuy nhin cc bn service pack ca Windows thng ln hn 100MB v vic ti cc file ging nhau cho mi my tnh s gy ra s chim dng mt lng ln bng th ng kt ni Internet ca mng. Kim th. Mc d Microsoft th nghim cc bn cp nht cn thn trc khi pht hnh ch ng nhng h kh ng th kim tra kt hp tt c cc kiu thit lp cu hnh v cc sn phm phn mm c. Do , mt bn cp nht c bit no c th gy ra s c cho mt s my tnh trong h thng mng ca bn. Hn na, i vi mt my tnh n, u ny c th kh ng phi l vn ln, tuy nhin nu bn QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 197 DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 cp nht ny gy ra s c trn tt c cc my tnh trong mng, thit hi v nng sut v gnh nng cho cc nhn vin h tr k thut c th l rt ln. LU . Windows Update v Software Update Service. Hn ch lit k y khi s dng Windows Update gi nh rng my tnh c cu hnh truy cp Web site Windows Update trn Internet. Tuy nhin, cng c th cu hnh Windows Update truy cp n cc bn cp nht phn mm ny t mt my ch SUS trong mng ni b. Vic lm ny s gim thiu cc vn v s dng bng th ng v vn th nghim. Bn c th hc thm v SUS trong phn sau ca chng ny. S dng Automatic Update. Mc d bn lu n lu n c th truy cp Web site mt cch th c ng bng cch s dng Internet Explorer, bn cn c th cu hnh Windows Server 2003 ti t ng v ci t cc bn cp nht phn mm ngay sau khi ch ng c pht hnh. Tnh nng ny c gi l Automatic Updates (T ng cp nht) v n c sn trong Windows Server 2003, Windows XP ci t service pack 1 v trong Windows Server 2000 ci t service pack 3. LU . Cp nht bng Automatic Update. i vi cc my trm chy cc h iu hnh trc y nhng c h tr kh nng cp nht, bn c th ti Automatic Update nh l mt phn mm cho my trm t trang Web Microsoft SUS ti a ch http://go.microsoft.com/fwlink/?LinkID=6930. Theo mc nh, ng dng Automatic Update trong Windows Server 2003 c cu hnh kt ni t ng n mt my ch Windows Update, ti cc bn cp nht v sau nhc ngi d ng ci t ch ng. Bn c th chnh sa cch hot ng mc nh ny bng cch m hp thoi System Properties t Control Panel v la chn th Automatic Update (th hin trong Hnh 5-4), hoc bng cch chy trnh hng dn ci t Automatic Updates Setup Wizard (Trnh Hng dn Ci t Cp nht T ng) bng cch nhn vo biu tng Stay Current With Automatic Updates trn khay tc v. Bn cn c th cu hnh Automatic Update bng cch s dng i tng chnh sch nhm GPO, nh m t trong mc Configuring Automatic Updates phn sau ca chng ny.

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003

    198 DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003

    Hnh 5-4: Th Automatic Updates trong hp thoi System Properties Khi bn cu hnh Automatic Update, bn c th la chn mt trong ba la chn sau y: Notify Me Before Downloading Any Updates And Notify Me Again Before Installing Them On My Computer (Th ng bo cho t i trc khi ti bt k bn cp nht no v th ng bo cho t i ln na trc khi ci t ch ng trn my tnh). Khi cc bn cp nht sn sng, my tnh s to ra mt mc trong nht k H thng (m bn c th truy cp bng Event Viewer) v th ng bo cho qun tr h thng bng mt hnh qu bng bay trong khay tc v Download The Updates Automatically And Notify Me When They Are Ready To Be Installed (Ti cc bn cp nht t ng v th ng bo cho t i khi ch ng sn sng ci t). My tnh s ti t ng cc bn cp nht t Web site Windows Update ngay khi ch ng c pht hnh, s dng dch v Background Intelligent Transfer Service (BITS Dch v Vn chuyn Th ng minh Di nn) tin hnh vic truyn file khi bng th ng mng ri ri. BITS m bo rng hiu nng h thng kh ng b nh hng bi vic truyn file. Phn mm my khch Automatic Update s xc nhn ch k s ca Microsoft trn cc file c ti, Thc hin vic xc nhn CRC (Cyclical Redundancy Check mt bit c bit trong mi gi tin c QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 199 DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 gi, m bo cho gi tin l nguyn vn trong sut qu trnh vn chuyn) trn mi gi ci t v th ng bo qun tr mng v s hin

    din ca ch ng bng cch ghi mt mc vo nht k H thng v hin th mt hnh qu bng trn khay tc v. Ngi qun tr sau s la chn cc bn cp nht ci t t danh sch cc bn ti v c. Automatically Download The Updates, And Install Them On The Schedule That I Specify (Ti t ng cc bn cp nht v ci t ch ng theo lch m t i ch nh). My tnh s ti cc bn cp nht t site Windows Update ngay khi ch ng c pht hnh, s dng BITS, v ci t ch ng theo thi gian xc nh hng ngy hoc hng tun. Nu ngi qun tr mng ng nhp vo my tnh ti thi im trong lch, mt th ng bo hin th s m ngc hin ra trc khi ci t v ngi qun tr mng c th la chn l i vic ci t n thi im tip theo trong lch. Nu mt ngi d ng kh ng phi l qun tr mng ng nhp vo, mt hp thoi cnh bo xut hin nhng ngi d ng kh ng th l i vic ci t. Nu kh ng c ngi d ng no ng nhp vo, vic ci t s c thc hin t ng. Nu cc bn ci t cp nht yu cu h thng khi ng, mt th ng bo vi b m l i nm ph t xut hin, th ng bo ngi d ng v vic khi ng sp xy ra. Ch c ngi qun tr mng mi c th hy b vic khi ng ny. TRIN KHAI CC BN CP NHT TRONG H THNG MNG Mt ngi qun tr mng khi quyt nh rng ngi d ng kh ng phi ti cc bn cp nht h iu hnh t Internet c th s dng rt nhiu phng php khc nhau chuyn cc bn cp nht ny n tng my tnh trong mng, nh m t trong cc phn sau: Ci t cc bn service pack th c ng. Khi bn mua mt a CD cha cc bn service pack, bn s nhn c mt a c tt c cc file ca bn service pack trong mt nh dng m rng. ci t bn service pack ny, bn chy chng trnh Update.exe trong folder Update. Vic ny s np trnh ci t Service Pack Setup Wizard (Th hin trong Hnh 5-5), trnh ny s hng dn bn qua cc bc ci t bn service pack. Sau khi bn ng tha thun giy php cho ngi d ng cui b sung, trnh ci t ny s nhc bn bn ch nh rng liu bn c mun to ra cc bn sao lu di ca cc file m service pack thay th bn c th QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 200 DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 g i c t bn service pack ny sau nu cn. Sau khi qu trnh ci t hon thnh, bn s c nhc nh khi ng my tnh.

    Hnh 5-5: Windows XP Service Pack 1 Setup Wizard Khi bn ti v phin bn trn mng (Network version) ca mt bn service pack, bn s nhn c mt file chy nn n (File chy c th t gii nn) vi tn file cho bit h iu hnh m bn cp nht ny p dng v s pht hnh ca bn service pack ny. V d, file chy ca Windows XP service pack 1 l Xpsp1.exe. Khi bn chy file ny, my tnh s bung tt c cc file trong file nn ny, ghi ch ng vo folder tm trong a h thng, sau chy file Update.exe v qu trnh ci t s ging nh l ci t t phin bn trn CD. Bn c th t file ny ln mt folder chia s trn mng v c th chy file t bt k my tnh no trong mng. Chng trnh chy ny lu n sao chp cc file ci t vo cng cc b v chy chng trnh ci t t folder . File Update.exe trong bn service pack v file chy ti t mng cng h tr kh nng s dng cc kha chuyn dng lnh m bn c th s dng tc ng n qu trnh ci t. Bn c th chy file chy ny vi cc kh c a huyn sau y t mt du nhc dng lnh hoc t hp thoi Run. Cc kh c a huyn, ging nhau i vi c file Update.exe v file chy nn n, c cc tham s nh sau: QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 201 DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 /D:Tn folder. Theo mc nh, chng trnh ci t s to ra cc bn sao lu ca tt c cc file m n b ghi trong folder gi l $ntservicepackuninstall$. Kha chuyn ny cho php bn ch nh mt tn folder khc cha cc file sao lu. /F. Chng trnh ci t s ng tt c cc chng trnh ang m m kh ng lu cc d liu khi n khi ng my tnh sau khi qu trnh ci t hon thnh. /L.hin th mt danh sch cc hotfix c ci t trong my tnh /N Kh ng cho chng trnh ci t to ra cc bn sao lu ca cc file b ghi trong qu trnh ci t

    /O Chng trnh ci t s ghi cc file th ng tin v nh sn xut thit b gc (OEM) trong qu trnh ci t m kh ng th ng bo vi ngi d ng. /Q. Chy chng trnh ci t trong ch kh ng hin th. Trong ch ny, chng trnh ci t s dung cc gi tr mc nh cho cc la chn, tuy nhin kh ng hin th thanh tin trnh hoc bt k th ng bo li no. /S:Tn folder. Kt hp cc file service pack vi cc file ci t ca h iu hnh to ra mt b ci t tch hp. Qu trnh ny cn c gi l slipstreaming. Tn folder l folder m bn ch nh l ng dn n folder cha cc file ci t ca h iu hnh. /U. Qu trnh ci t s c thc hin trong ch kh ng cn gim st. Trong ch ny, chng trnh ci t s dng cc gi tr mc nh cho mi la chn v hin th thanh tin trnh, tuy nhin ch cc th ng bo li nghim trng mi lm dng qu trnh ci t ny c. /X Vic np file chy ca service pack s bung cc file trong n v lu ch ng trong mt cu tr c th mc i386 trn a cng m kh ng chy file Update.exe. /X:Tn folder. Vic np file chy ca service pack s bung cc file trong n v lu ch ng trong folder m bn ch nh trn a cng m kh ng chy file Update.exe. /Z. Kh ng cho qu trnh ci t khi ng li my tnh sau khi vic ci t hon thnh. La chn ny c s dng thng xuyn khi bn c k hoch ci t cc hotfix ngay sau khi ci service pack v mun hon vic khi ng li cho ti khi hon thnh vic ci t hotfix. QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 202 DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 Ci t th c ng cc hotfix Cng ging nh cc bn service pack, ngi d ng c th ti v ci t cc bn hotfix th ng qua trang Web Windows Update, tuy nhin ta cng c th ti ch ng nh cc file chy ring r. iu ny cho php cc qun tr mng trin khai cc bn hotfix cho mt lng ln cc my tnh m kh ng cn phi tin hnh ti nhiu ln t Internet. Mt file hotfix l mt file chy nn, ging nh file ti trn mng ca service pack, nhng c dung lng nh hn. Tn ca file ny s dng nh dng sau y: OperatingSystem-KBKnowledgeBase#-Platform-Language.exe (H iu hnh-KB+s hiu bi vit v vn bn hotfix s chnh sa-loi CPUng n ng) V d, mt bn cp nht bo mt in hnh cho Windows Server 2003 tn l WindowsServer2003-KB823980-x86-ENU.exe. S 823980 l s ca bi vit trong Knowledge Base m t vn m bn hotfix ny gii quyt c, x86 l nn tng b vi x l m bn hotfix ny p dng v ENU cho bit bn hotfix ny cho phin bn U.S English ca Windows Server 2003. LU . Thay th cc file ca hotfix. Kh ng ging nh service pack, cc hotfix ch cp nht phn mm m thc t ci t trong my tnh khi bn chy chng trnh ci t ny. Nu bn hy b mt thnh phn h iu hnh v sau ci t li thnh phn , bn phi ng thi ci t li cc bn hotfix m p dng cho thnh phn ny. Vic np file chy ca hotfix s bung cc file trong n ra mt folder tm trn h thng ni b v chy file chng trnh Update.exe, cng ging nh trong service pack. Cc hotfix theo mc nh lu n lu n to ra cc bn sao chp sao lu ca cc file b ghi bn c th g b ci t. Lu ch ng trong mt folder n trong folder gc h thng v c tn $NtUninstallKB######$, trong ###### l s ca bi vit trong Knowledge Base ca bn hotfix .

    thay i cc hnh x mc nh ca chng trnh ci t ca hotfix, bn c th chy file ny vi bt k trong cc kha chuyn sau y: /F. Chng trnh ci t s ng tt c cc ng dng ang m m kh ng lu d liu khi n khi ng my tnh sau khi qu trnh ci t hon thnh. /L Hin th danh sch cc bn hotfix ci t trong my tnh /N Kh ng cho php qu trnh ci t to cc bn sao chp sao lu cc file b ghi trong qu trnh ci t. QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 203 DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 /Q. Chy chng trnh ci t trong ch kh ng hin th. trong ch ny, chng trnh ci t s dung cc gi tr mc nh cho cc la chn, tuy nhin kh ng hin th thanh tin trnh hoc bt k th ng bo li no. /U. Qu trnh ci t s c thc hin trong ch kh ng cn gim st. Trong ch ny, chng trnh ci t s dng cc gi tr mc nh cho mi la chn v hin th thanh tin trnh, tuy nhin ch cc th ng bo li nghim trng mi lm dng qu trnh ci t ny c. /X Vic np file chy ca service pack s bung cc file trong n v lu ch ng trong mt cu tr c th mc trn a cng m kh ng chy file Update.exe. /Z. Kh ng cho php qu trnh ci t khi ng my tnh sau khi vic ci t hon thnh. LU . Kim tra cc hotfix. Khi bn ci t cc bn hotfix, chng trnh ci t lu n lu n kim tra xem bn service pack no tng c ci t trong my tnh. Nu bn hotfix bn ang ci t l c hn bn service pack hin ti ang c trong my tnh, qu trnh ci t s b dng bi v bn hotfix lu n c p dng nh l mt phn ca bn service pack. Nu bn hotfix l mi hn bn service pack hin ti trong my tnh, qu trnh ci t s c thc hin. Xu chui cc hotfix. Bt u t bn Windows Server 2000 service pack 3, mi hotfix u c mt chng trnh gi l Qchain.exe cho php ci t rt nhiu hotfix, bn ny nga s y au bn kia m kh ng cn phi khi ng li my tnh sau mi ln ci t. Nu bn ci t nhiu hotfix m bao gm cc phin bn khc nhau ca c ng mt file, Qchain.exe m bo rng h thng s s dng ng phin bn chun nht ca cc file sau khi qu trnh ci t hon thnh. xu chui cc qu trnh ci t cc bn hotfix, bn c th chy cc chng trnh ci t hotfix vi kha chuyn dng lnh /Z, iu ny s ngn cn cc chng trnh ny khi ng my tnh. Tuy nhin, bn phi nh khi ng my tnh sau khi bn hotfix cui c ng c ci t cc bn hotfix ny c tc dng. t ng qu trnh ci t cc bn hotfix ny, bn c th to ra mt file b (batch) ging nh sau y: WindowsServer2003-KB8239809-x86-ENU.exe /Z /U WindowsServer2003-KB8239810-x86-ENU.exe /Z /U QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 204 DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003

    WindowsServer2003-KB8239811-x86-ENU.exe /U Lu rng lnh ci t 2 hotfix u tin trong file b ni trn bao gm kha chuyn /Z, ngn kh ng cho khi ng h thng trong khi dng lnh cui li kh ng c kha chuyn ny my tnh c th khi ng li sau khi tt c cc hotfix c ci t xong. C ba dng lnh ny u c kha chuyn /U, kha ny kh ng cho php chng trnh tm dng nhn th ng tin nhp vo ca ngi d ng. Bn c th tch hp mt qu trnh ci t service pack trong mt file b, iu ny s cho php t ng ha ton b qu trnh cp nht nh sau: Update.exe /Z /U WindowsServer2003-KB8239809-x86-ENU.exe /Z /U nd wsServer2003-KB8239810-x86-ENU.exe /Z /U Wi o WindowsServer2003-KB8239811-x86-ENU.exe /U Thc hin Slip streaming Khi bn ci t mt my tnh mi trong mng, vic ci t h iu hnh kh ng hn l qu trnh cui c ng. Bn cn c th phi ci t thm cc bn service pack v rt nhiu hotfix. Ngay c khi c th ci t cc thnh phn ny mt cch ring r, ngi ta thng chn mt phng php hiu h n l phng php tch hp cc bn service pack v hotfix ny trong qu qu tr nh ci t h iu hnh. Qu trnh ny c gi l Slipstreaming (Kt hp lin mch cc qu trnh) Slipstreaming mt bn service pack Slipstreaming mt bn service pack trong qu trnh ci t h iu hnh Windows Server 2003, u tin bn phi to ra mt folder phn phi trn mt folder chia s trn mng v sao chp folder I386 trong a CD ci t Windows Server 2003 vo folder ny. Sau , t folder cha file chng trnh ci t service pack, bn np file Update.exe hoc file chy ci t vi kh c a huyn /S, ch nh v tr ca folder phn phi m bn to ra nh trong v d sau y: Update.exe /s:distfolder W2k3sp1.exe /s:distfolder Ch n g trnh ci t s bung cc file ca service pack t file chy sang mt folder tm (nu cn) v sau sao chp cc file vo v tr tng ng trong folder phn phi. Sau bn c th bt u qu trnh ci t h iu QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 205 DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 hnh t folder phn phi ny v cc file service pack s c ci t ng thi trong c ng thi im ny. d ng cc chnh sch nhm S Phng php khc t ng ha qu trnh ci t service pack l s dng kt hp Windows Installer (Trnh ci t Windows) v chnh sch Software Installation (Ci t phn mm) trong mt GPO. Windows Installer l mt

    chng trnh ci t phn mm m c lu nh l mt file Windows Installer Packet (Gi phn mm ci t Windows) vi phn m rng .msi. Cc bn service pack c pht hnh u bao gm mt phin bn Windows Installer Packet ca chng trnh ci t gi l Update.msi. Update.msi nm trong folder Update trn a CD service pack. Nu bn ti phin bn trn mng ca service pack, bn phi bung cc file trong n ra bng cch chy file ny vi kha chuyn /X trc khi bn c th s dng Update.msi. trin khai mt bn service pack bng cch s dng file Update.msi v chnh sch nhm, bn phi la chn mt i tng trong Active Directory c ch c

    n mun cp nht. Nu tt c my tnh trong h thng mng ca bn u chy c ng mt phin bn Windows, bn c th cu hnh chnh sch Software Installation trong GPO mc nh ca min v gn vi cc i tng trong min s dng Active Directory ca bn. Nu bn c cc my tnh chy nhiu phin bn h iu hnh khc nhau, bn c th to ra cc i tng OU cho mi phin bn v sau to ra mt GPO cha cc bn Windows Installer Package tng ng vo trong mi OU ny, hoc bn c th to ra nhiu Windows Installer Package trong GPO min mc nh v s dng vic gn cc Cp php ch nh my tnh no s nhn c cc gi phn mm ny. THNG TIN THM. S dng chnh sch nhm GPO. c thm th ng tin v vic s dng i tng chnh sch nhm, xem kha hc cho k thi 70-294 Lp k hoch, trin khai v duy tr mt c s h tng da trn Windows Server 2003 Active Directory Thm Windows Installer Package thm mt Windows Installer Package (Gi phn mm ci t Windows) vo trong chnh sch nhm GPO mc nh ca min, s dng cc thao tc sau y: 1. ng nhp vo my tnh Windows Server 2003 bng ti khon Administrator

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 206 DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 2. Bung cc file trong file nn service pack vo mt folder trong mt chia s trn mng 3. Nhn Start, tr vo administrative Tools v nhn vo Active Directory Users And Computers. Bng iu khin Active Directory Users And Computers xut hin 4. La chn biu tng min trong khung Phm vi v t thc n Action, la chn Properties. Hp thoi Properties ca i tng min ca bn xut hin 5. La chn th Group Policy v sau nhn Edit. Bng iu khin Group Policy Object Editor xut hin 6. khung rng Trong Phm folder vi, m

    Computer Configuration/Software Settings v la chn biu tng Software Installation Mc User Configuration cng c mt folder Software Settings v mt biu tng Software Installation, tuy nhin bn kh ng th s dng ch ng ci t mt service pack. Bn phi s dng mc Computer Configuration 7. Trong thc n Action, tr vo New v la chn Package. Mt hp thoi Open xut hin 8. Nhp vo ng dn y ca file Windows Installation Package Update.msi trong folder con Update ca folder chia s ca bn. Mt hp thoi Deploy Software xut hin. Hy chc chn rng ang bn s dng tn Universal Naming Convention (UNC) ca ng dn n file ng gi, ch kh ng phi bng cc k t a. V d, bn c th s dng \\Server01\d$\sp1\i386\update\update.msi nhng kh ng th l D:\sp1\i386 \update\update.msi. 9. Nhn vo OK chp nhn la chn mc nh Assigned. Gi phn mm ci t ca bn service pack xut hin trong khung Chi tit (Th hin trong hnh 5-6).

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 207 DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003

    Hnh 5-6. Bng iu khin Group Policy Object Editor vi mt gi ci t service pack Ln khi ng sau ca cc my tnh trong min, h thng s ti file ci t service pack t folder chia s ni trn ci t ch ng. S DNG MICROSOFT SOFTWARE UPDATE SERVICES - SUS (DCH V CP NHT PHN MM CA MICROSOFT) Vic trin khai bt k phn mm no trong mt h thng mng ln l mt nhim v phc tp, v cc bn cp nht h iu hnh cng kh ng l mt ngoi l. Nhng tc v c coi l n gin trong mt my tnh n s l vn ln khi bn c hng trm hoc hng ngn my tnh. SUS l mt sn phm min ph, n th ng bo cho ngi qun tr mng khi mt bn cp nht bo mt mi xut hin, ti bn cp nht v trin khai ch ng n cc my tnh trn mng (th hin trn hnh 5-7)

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 208 DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003

    Hnh 5-7. Giao din qun tr SUS

    THNG TIN THM. S dng SUS. SUS c service pack 1 kh ng c sn trong Windows Server 2003 hoc bt k h iu hnh Windows no nhng n c th c ti min ph t trang Web ca Microsoft ti a ch: http:// www.microsoft.com/windowsserversystems/SUS/default.mspx. Nh cp phn trn ca chng, vic ngi d ng t ti v ci t cc bn cp nht h iu hnh bng cch s dng Web Site Windows Update l lng ph thi gian v bng th ng. SUS v bn cht l mt phin bn intranet ca Web Site Windows Update, cho php gim thiu nhu cu ti bn cp nht cho phn mm cho mi my tnh t Internet v gi p ngi qun tr kh ng phi trin khai cc bn cp nht mt cch th c ng trn cc my tnh. Ngi qun tr c th iu khin bn cp nht no p dng vo cc my tnh trn mng v khi no th qu trnh ny xy ra, cho php t ng ha qu trnh ny do vic cp nht c th hon thnh m ngi d ng kh ng h hay bit SUS bao gm cc thnh phn sau y: My ch ng b. Mt my tnh chy SUS, ng vai tr nh mt my ch ng b, s ti cc bn cp nht phn mm t Web Site Windows Update ngay sau khi ch ng c pht hnh. Ngi qun tr c th cho php vic ti ny din ra nu cn, lp lch cho ch ng din ra ti cc thi im xc nh (v d nh thi im ht gi lm vic) hoc c th kch hot vic ny mt cch th c ng. Khi m my ch QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 209

    DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 SUS ti cc bn cp nht, n lu ch ng trn my ch. iu ny gim thiu vic qun tr mng lin tc kim tra Web Site Windows Update tm kim cc bn mi pht hnh. My ch Intranet Windows Update. Khi my ch SUS ti cc bn cp nht, ngi qun tr phi quyt nh liu my ch c trin khai ch ng trn mng ngay lp tc hoc lu ch ng li th nghim v trin khai sau. Khi cc bn cp nht sn sng trin khai, chc nng ca SUS nh l my ch Windows Update cho cc my tnh trn mng ngoi tr vic n l my ch trong mng intranet v kh ng yu cu ngi d ng kt ni ra Internet. Automatic Update. Automatic Update l mt tnh nng ca h iu hnh Windows cho php my tnh ti v ci t cc bn cp nht phn mm m kh ng cn ngi d ng tc ng. Bn c th cu hnh tnh nng ny trn my trm cc my ny c th nhn cc bn cp nht t mt my ch SUS trong mng ni b hn l t Web site Windows

    Update, do hn ch vic cp nht s dng ch cc bn cp nht m ngi qun tr mng cho php. LP K HOCH. Cc yu cu h iu hnh ca SUS. SUS ch chy trn cc h iu hnh Windows Server 2003 v Windows Server 2000 vi service pack 2 hoc hn. Cc my khch s dng SUS phi chy trn nn h iu hnh Windows Server 2003, Windows 2000 hoc Windows XP Trin khai SUS Qu trnh trin khai SUS bao gm cc bc c bn sau y: 1. Ci t my ch SUS. SUS l mt lot cc trang Web v ng dng intranet, cung cp cho my khch v ngi qun tr kh nng truy cp n dch v ny, Bn phi ci t IIS trn my ch trc khi bn ci t SUS 2. ng b ha my ch. ng b ha l mt qu trnh trong my ch SUS ti cc bn cp nht t Web site Windows Update trn Internet v lu ch ng trn a cng ni b 3. Ph chun cc bn cp nht. Trc khi cc my khch c th truy cp cc bn cp nht lu trong my ch SUS, ch ng phi c ph chun (Approve), hoc th c ng bi ngi qun tr mng hoc t ng. Ngi qun tr c th la chn t cc bn cp nht mi trn

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 210 DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 trong mt ch th nghim trc khi ph chun ch ng cho cc my khch truy cp. 4. Cu hnh Automatic Updates trn cc my khch. S dng cc chnh sch nhm, bn c th cu hnh tnh nng Automatic Update trn cc my khch ly cc bn cp nht v t my ch SUS ch khng phi t Web site Windows Update Ci t SUS Do SUS s dng Web site cho c my khch v cc tc v qun tr truy cp, bn phi ci t IIS trn my ch ny trc khi bn ci t SUS. Windows Server 2003 cha IIS trong b ci t nhng kh ng ci t n theo mc nh. ci t IIS, m Add Or Remove Programs trong Control Panel, nhn vo Add/Remove Windows Components v la chn Internet Information Services (IIS) t trong danh sch cc thnh phn ca Application Server Khi bn ci t IIS, bn c th chy chng trnh ci t SUS m bn ti v t Web Site ca Microsoft v Microsoft Software Update Services Setup Wizard (Trnh Hng dn Ci t Dch v Cp nht) s c np. Sau khi bn ng vi cc iu khon tho thun v giy php ca ngi d ng phn mm, trnh hng dn ci t ny s hng dn bn qua cc bc cu hnh cc tham s nh sau: V tr ca file. Mi bn v Windows Update bao gm hai thnh phn: Bn thn file v li v metadata (Siu d liu) trong ch nh nn

    tng h thng v ng n ng m bn v ny s p dng. SUS lu n lu n ti metadata, y l d liu m bn s dng ph chun cc bn cp nht v cc my khch trong mng intranet c th ti to c cc d liu ny t my ch SUS. Bn c th la chn liu c ti cc file hay kh ng v nu c th lu cc file ny u. Nu bn la chn duy tr cc file cp nht trn my ch Microsoft Windows Update, cc my khch s kt ni n my ch SUS ly danh sch cc bn cp nht c ph chun nhng li kt ni n Web site Windows Update ti cc file. Nu bn la chn lu cc file cp nht my ni b, bn s phi s dng mt folder trn a cng c nh dng NTFS. xut mt dung lng ti thiu khong 6GB cho vic lu tr ny. Cc thit lp v ng n ng. Ch nh ng n ng no m bn mun lu cc bn cp nht trn my ch. Nu tt c cc my khch ca bn s dng phin bn ng n ng ting Anh ca Windows, bn c th s dng la chn English Only. Nu cc my khch ca bn s dng cc ng n ng khc ngoi ting Anh, bn c th ti cc bn cp nht cho tt c QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 211

    DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 cc ng n ng c sn hoc la chn mt s ng n ng c th. Tham s ny c cu hnh ch khi bn la chn lu cc bn cp nht ni b. Cc thit lp ph chun bn cp nht. Khi SUS ti phin bn mi ca mt bn cp nht m c ph chun, thit lp ny ch liu phin bn mi ny c c ph chun mt cch t ng hay i n khi c ph chun mt cch th c ng. LU . Cc a ch URL ca SUS. Khi trnh ci t kt th c, n hin th mt URL cho giao din qun tr ca my ch SUS v URL m my khch phi s dng nhn c cc bn cp nht t my ch. Hy lu n cc URL ny bi v bn s cn ch ng qun tr my ch v cu hnh cc my khch. Trnh Microsoft Software Update Services Setup Wizard ci phn sau y vo my ch: Dch v Software Update Synchronization Service, dch v ny ti ni dung bn cp nht v my ch SUS Mt Web site s dng IIS phc v my khch c t ch Automatic Update p nht ca cc

    nh

    t ba thnh

    Mt trang Web qun tr SUS, t bn c th tin hnh ng b my ch SUS v ph chun cc bn cp nht. Khi qu trnh ci t kt th c, Internet Explorer hin th giao din qun tr Web ca SUS LU . Cu hnh cc tnh nng bo mt tin tin ca Internet Explorer. Bn c th cn phi thm my ch ca bn vo trong danh sch cc site ni b mng intranet c tin cy truy cp site ny. M Internet Explorer v la chn Internet Option t thc n Tool. La chn th Security, la chn Trusted Site v nhn vo Sites. Thm tn my ch ca bn vo danh sch cc site tin cy. ng b SUS Hai tc v qun tr chnh cho my ch SUS l ng b my ch v ph chun cc bn cp nht. Khi bn nhn vo siu lin kt Synchronize Server trong trang qun tr chnh, bn s thy mt giao din nh Hnh 5-8. trong trang ny, bn c th lp lch ng b vic ny din ra theo mt lch u n hoc kch hot ch ng mt cch th c ng.

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 212 DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003

    Hnh 5-8. Trang SUS Synchronize Server lp lch ng b, bn nhn vo phm Synchronization Schedule (Lch

    ng b) hin th hp thoi Schedule Synchronization (Th hin trong hnh 5-9). Trong qu trnh ng b, my ch kt ni n Web site Windows Update v ti danh mc ca cc bn cp nht c sn. Sau , t y vo cc thit lp m bn ch nh trong qu trnh ci t, SUS hoc ti tt c cc bn cp nht hoc tch hp metadata vo trong danh mc cp nht ring ca n.

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 213 DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003

    Hnh 5-10. Hp thoi Schedule Synchronization hun cc bn cp nht Ph c

    Khi th cc cc

    qu trnh cp nht hon thnh, bn c a ti trang Approve Update, hin trn Hnh 5-10. ti y, ngi qun tr c th xem mt danh sch bn cp nht c ng b v la chn bn no c th cung cp cho my khch.

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 214 DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003

    Hnh 5-10. Trang SUS Approve Updates Mi m an n cp nht ny c mt siu lin kt Details (Chi tit) hin th mt trang Update Details (Chi tit Cp nht) ging nh th hin trong Hnh 5-11. Trang ny cung cp cc th ng tin v bn cp nht c la chn, kch thc v ngy ca bn , ng thi cc tham s ci t m bn cp nht ny s s dng khi n c ci t trong cc my khch. Trang Update Details cng cha mt lin kt n cc bi vit Knowledge Base (trn Web site h tr ca Microsoft) tng ng vi bn cp nht ny v mt lin kt n chnh file chy ca bn cp nht ny ngi qun tr c th truy cp bn cp nht cho mc ch th nghim.

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 215 DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003

    Hnh 5-11. Trang SUS Update Details Cu hnh Automatic Update Khi cc my ch SUS c ci t v hot ng, bc tip theo l cu hnh cc my khch s dng n. Nh cp trong phn trc ca chng, bn hc v cc tnh nng sn c ca Automatic Update trong Windows Server 2003, Windows XP v Windows 2000. Theo mc nh, Automatic Update s ti cc file cp nht t Web site Windows Update, tuy nhin bn c th cu hnh my khch ny ly cc bn cp nht t mt my ch SUS. lm iu ny, bn phi cu hnh phn mm my khch Automatic Update bng cc chnh sch nhm. trin khai cc tnh nng ny hoc bt k chnh sch nhm no, bn phi la chn mt min s dng Active Directory, site hoc i tng OU, m hp thoi Properties ca n, la chn th Group Policy v np bng iu khin Group Policy Object Editor bng cch chn Group Policy thch hp v nhn Edit, Trong bng iu khin ny, bn m rng cc folder Computer Configuration, Administrative Templates v Windows Components, sau la chn Windows Update hin th bn chnh sch nh trong Hnh 5-12

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 216 DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003

    Hnh 5-12. Cc chnh sch Windows Update trong bng iu khin Group Policy Object Editor Cc chnh sch nh sau: Cu hnh Automatic Update. Ch nh hot ng mc nh ca phn mm my khch Automatic Update s dng mt trong ba la chn sau: Notify For Download And Notify For Install, Auto Download And Notify For Install, v Auto Download And Schedule The Install (Th ng bo ti v th ng bo ci t, T ng ti v th ng bo ci t v T ng ti v lp lch ci t). Cc la chn ny bn cng c th cu hnh trong th Automatic Update ca hp thoi System Properties trn my khch. Ch nh my ch Intranet Microsoft Update Service. Ch nh my ch m t cc my khch truy cp cc bn cp nht ca Windows. y l chnh sch cho php bn hng cc phn mm my khch Automatic Update vo mt my ch SUS thay cho vic s dng Web site Windows Update. Trong hp thoi Set The Intranet Update Service For Detecting Updates (Thit lp my ch dch v cp nht Intranet pht hin cc bn cp nht), bn nhp vo URL ca my ch SUS m trnh ci t Microsoft Software Update Server Setup Wizard cung cp cho bn trong qu trnh ci t. Theo mc nh, my trm ghi nht k li cc tng tc gia n v my ch SUS, ni m n ly cc bn cp nht v. Tuy nhin chnh sch ny cng ng thi cho php bn tr my trm vo mt my ch IIS khc QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 217 DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 ghi nht k thng k. iu ny s cho php my khch ly cc bn cp nht t mt my ch SUS ni b trong khi li ghi nht k cc hot ng ca n vo mt my ch trung tm n no d dng thu hi v phn tch cc d liu nht k. Nht k IIS c t trong folder systemroot\System32\Logfiles\W3svc1 Reschedule Automatic Updates Scheduled Installations (Ti lp li lch ci t Automatic Update trc ). Nu vic ci t c lp lch nhng cc my tnh khch li tt ti thi im t lch, cch thc hot ng mc nh l i n thi im tip theo trong lch. Trong chnh sch ny, nu thit lp gi tr l gia 1 v 60, s lm cho Automatic Update ti sp xp li lch vic ci t din ra sau mt s ph t sau khi h thng khi ng ln tip theo. No Auto-Restart For Scheduled Automatic Updates Installations (Kh ng t ng khi ng li khi ci t cc bn cp nht theo lch). Khi ngi d ng ng nhp vo h thng, Automatic Update s yu cu khi ng li h thng khi bn cp nht c ci t. Thay vo vic h thng t khi ng, ngi d ng nhn c th ng bo rng h thng cn khi ng vic ci t c hon tt. Khi bn cu hnh GPO v cc chnh sch nhm c p dng, phn mm my khch Automatic Update s truy vn my ch SUS vi khong thi gian lp 22 gi, cng vi mt khong dch chuyn ngu nhin ( trnh s tng cao t ngt trong lu lng mng). Sau khi my khch ti cc bn cp nht c ph chun t my ch SUS, ch ng s c ci t v cu hnh th c ng hoc t ng ti thi im c lp lch trc. Nu mt bn cp nht c ph chun m sau li kh ng c ph chun bi qun tr mng, bn cp nht s kh ng b g ci t nhng n kh ng th c ci thm na bi bt k my khch no khc. Cc bn cp nht c ci t th ng qua SUS c th c g ci t mt cch th c ng, tuy nhin phi s dng Add Or Remove Programs trong Control Panel. LU . Cc bn cp nht quan trng then cht. Trong mt s trng hp, mt bn cp nht s gii quyt mt vn bo mt then cht no v quan trng n mc bn kh ng cn phi i n khi

    cc my khch truy vn, ti v ci t. Trong trng hp ny, bn vn c th t ci t mt cch th c ng.

    DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 Khi bn ci t nhiu my ch SUS trong h thng mng, bn c th cu hnh ch ng tng tc vi nhau theo mt trong bt k cc kin tr c sau y: Kin tr c a my ch. Mi my ch SUS s ng b ni dung ca n t trang Windows Update v qun tr danh sch cc bn cp nht ring ca n. Kin tr c ny cho php ngi qun tr mi my ch c th iu khin c bn danh sch cp nht trong my ch v cng cho php mt doanh nghip c th duy tr rt nhiu cc bn v v cc cu hnh cp nht. Kin tr c cha/con cht ch. Mt my ch SUS mc cha s ng b ni dung ca n t Web Site Windows Update v lu cc bn cp nht trong folder ni b. Ngi qun tr SUS sau s ph chun cc bn cp nht ny p dng cho cc my khch. Cc my ch SUS khc trong doanh nghip s ng b t my ch mc cha v c cu hnh ng b c cc file cp nht v bn danh sch cc bn cp nht c ph chun. Cc my khch c th ly cc bn cp nht t my ch SUS gn nht. Trong kin tr c ny, ngi qun tr ca my ch SUS mc con kh ng th ph chun hoc kh ng ph chun cc bn cp nht, tc v ny ch c thc hin trn my ch SUS mc cha. Kin tr c cha/con lng lo. My ch SUS mc cha ng b ni dung ca n t Windows Update v lu cc bn cp nht ny trn folder ni b. Cc my ch SUS khc trong doanh nghip ng b t my ch mc cha ny. Kh ng ging nh trong cu hnh cht ch, cc my ch SUS thm vo ny kh ng ng b danh sch cc bn cp nht c ph chun, do ngi qun tr mng ca mi my ch c th ph chun hoc kh ng i vi cc bn cp nht ny mt cch c lp. Mc d kin tr c ny tng c ng vic qun tr nhng n rt hu ch khi mt doanh nghip mun ti u ha vic s dng Internet v yu cu phn phi quyn ph chun cc bn cp nht, cc bn v li v cc cu hnh cp nht. SUS s dng kin tr c a my ch theo mc nh. trin khai mt kin tr c cha/con, bn truy cp trang Set Option (Thit lp la chn) trong trang qun tr my ch SUS v cu hnh la chn Select Which Server To Synchronize Content From (La chn my ch no ng b ni dung). i v i kin tr c cha/con, bn c th gi nguyn cc thit lp mc nh trn y h SUS mc cha v cu hnh my ch mc con vi la chn m c Synchronize From A Local Software Update Services Server (ng b t my ch dch v cp nht phn mm ni b) l tn ca my ch SUS mc cha. i vi kin tr c cha/con cht ch, bn cng la chn Synchronize List QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 219 DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 Of Approved Items Updated From This Location (ng b danh sch cc bn cp nht c ph chun t ni y); i vi kin tr c cha/con lng lo, bn c th xa b la chn ny.

    X dng Mt my vi cc QUN L 218

    kin tr c SUS ch SUS n c th l cho mt doanh nghip nh, tuy nhin i doanh nghip ln, bn c th mun c nhiu hn mt my ch ny. V DUY TR H IU HNH WINDOWS SERVER 2003

    Gim st SUS Trang Monitor Server (Gim st my ch) ca Web site qun tr SUS hin th cc th ng s thng k th hin s lng ca cc bn cp nht kh thi i vi tng nn tng my ch v cc th ng s thi gian, ngy gi ca cc bn cp nht mi nht. Th ng tin ny c tng kt t cc d liu metadata ca Windows Update m c ti trong mi qu trnh ng b. Th ng tin metadata dc ghi vo a cng v lu trong b nh ci thin hiu nng khi h thng yu cu cc bn cp nht tng ng ca cc nn tng my ch Bn c th gim st SUS v Automatic Update bng cc nht k sau: Nht k ng b. Bn c th ly cc th ng tin v cc qu trnh ng b trong qu kh hoc hin ti v cc gi phn mm xc nh c ti bng cch nhn vo View Synchronization Log trong thanh duyt bn tri. Nht k ph chun. c th ng tin v cc gi phn mm c ph chun, nhn vo phm View Approval Log (Xem nht k ph chun) trong thanh duyt bn tri Nht k Windows Update. Cc my khch Automatic Update s ghi nht k v cc hot ng trong file systemroot\Windows Update.log trn a cng ni b ca my khch. Wutrack.bin. Cc tng tc gia my khch vi my ch SUS s c ghi li vo trong nht k th ng k c bit ca my ch IIS, th ng thng c lu trong folder systemroot \System32\Logfiles\W3svc1 Cc s kin h thng SUS Dch v ng b s to ra cc th ng bo nht k s kin cho mi khi vic ng b c thc hin bi my ch v khi bn cp nht c ph chun. Cc th ng bo ny c th xem c trong Nht k H thng bng cch s dng Event Viewer. Cc s kin lin quan n tnh hung ny: Khng th kt ni. Automatic Update kh ng th kt ni n dch v cp nht (Windows Update hoc my tnh c ch nh lm my ch SUS) QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 220 DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 Sn sng ci t lch kh ng nh k. Cc bn cp nht lit k trong s kin ny c ti v ch ci t. Qun tr mng phi nhn vo biu tng th ng bo v nhn Install Sn sng ci t lch nh k. Cc bn cp nht lit k trong s kin ny c ti v s c ci t vo ngy v gi xc nh ghi trong s kin.

    Ci t thnh c nng Cc bn cp nht c lit k trong s kin ny c ci t thnh c ng. Ci t tht bi. Cc bn cp nht lit k trong s kin ny b trc trc v kh ng c ci t Yu cu khi ng li lch kh ng nh k. Mt bn ci t yu cu khi ng li h thng. Nu vic ci t c thit lp l phi th ng bo th qu trnh khi ng li phi c thc hin th c ng. Windows kh ng th tm kim cc bn cp nht khc trc khi vic khi ng li c thc hin. Yu cu khi ng li Lch nh k. Khi Automatic Update c cu hnh t ng ci t cc bn cp nht, mt s kin s c ghi li nu mt bn cp nht no yu cu khi ng. H thng s khi ng trong vng 5 ph t. Windows kh ng th tm kim cc bn cp nht mi cho n khi khi ng xong Gii quyt s c SUS SUS trong mt my tnh Windows Server 2003 c th yu cu cc bc khc phc s c nh sau: Np li b nh m cache. Nu kh ng c bn cp nht mi no xut hin t ln cui c ng bn ng b my ch, c kh nng l kh ng c bn cp nht no. Tuy nhin cng c th l do b nh m (cache) kh ng np cc bn cp nht mi mt cch tt p. T site qun tr SUS, nhn vo Monitor Server v nhn Refresh Khi ng li dch v ng b. Nu bn nhn c th ng bo rng dch v ng b kh ng chy tt hoc bn kh ng th chnh sa cc thit lp trong trang Set Option ca Web Site qun tr SUS, m bng iu khin Service t nhm chng trnh Administrative Tools, nhn phi chut vo Software Update Services Synchronization Service (Dch v ng b SUS) v la chn Restart.

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 221

    DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 Khi ng li IIS. Nu bn kh ng th kt ni n site qun tr hoc nu my khch kh ng th kt ni n my ch SUS, khi ng li World Wide Web Publishing Service bng cch s dng bng iu khin Service. QUN L CC BN QUYN PHN MM d- ser License Agreement (Tha thun Giy php cho Ngi d ng Cui En U - EULA) kh l phin toi khi cc bn phi c v nhn vo bt u ci t h iu hnh, cc bn cp nht hoc cc ng dng mi. EULA l mt hp ng kt hp cho bn quyn hp php s dng phn mm. Trong

    mt m i trng doanh nghip ln, qun l cc giy php s dng phn mm l iu quan trng then cht v Windows Server 2003 bao gm nhiu c ng c giy php m bn c th s dng ng k v gim st cc giy php v mc tun th ca ngi d ng trong doanh nghip.. LU . Cc phin bn th nghim. Phin bn th nghim nh gi ca Windows Server 2003 l kh ng h tr ch qun tr giy php. Bn kh ng th theo ht cc v d trong bi hc ny khi kh ng c mt phin bn thng mi y ca sn phm ny. Nhn Giy php Truy cp My khch (Client Access License CAL) Giy php cho my ch Windows Server 2003 cho php bn ci t h iu hnh ln my tnh, tuy nhin bn cn cn Client Access License (Giy php truy cp cho my khch - CAL) trc khi ngi d ng hoc thit b c c xc thc mt cch hp php kt ni n my ch. CAL thng c mua di dng gi v c th bao gm trong bn mua h iu hnh. V d bn thng thy mt bn Windows Server 2003 bn ra vi mt gi giy php 5 hoc 10 ngi d ng. Tuy nhin, nu h iu hnh kh ng bao gm bt k mt CAL no, bn phi mua ch ng ring bit. Gi li cc chng nhn CAL v EULA ca bn trong mt kp ti liu phng trng hp doanh nghip ca bn b kim nh xem c tun th theo giy php hay kh ng. LU . Cc giy php nng cp. Khi bn nng cp mt my ch t Windows NT hoc Windows 2000 sang Windows Server 2003, bn phi mua CAL nng cp tng ng. Bn phi mua CAL cho bt k kt ni no ti my tnh Windows Server 2003 m s dng cc thnh phn ca my tnh, bao gm dch v file v in n QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 222 DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 hay xc thc. Rt t ng dng my ch chy c lp m kt ni my ch/my khch kh ng yu cu CAL. Trng hp ngoi l c ngha nht m kh ng yu cu CAL l cc kt ni kh ng xc thc c kim sot th ng qua Internet. Khi kh ng c s trao i th ng tin xc thc trong qu trnh truy cp Internet, v d nh ngi d ng Internet duyt cc Web site mt cch v danh, th CAL l kh ng cn thit. Do cng kh ng yu cu CAL cho phin bn Web ca Windows Server 2003. C hai loi CAL: Windows Device CAL(Giy php Truy cp theo Thit b), loi ny cho php mt thit b kt ni n mt my ch m kh ng quan tm n s lng ngi d ng c th s dng thit b , v Windows User CAL(Giy php Truy cp theo Ngi d ng), loi ny cho php mt ngi d ng kt ni n mt my ch t rt nhiu thit b. Windows Device CAL c li cho mt doanh nghip m c nhiu ngi d ng trn mt thit b, v d nh c ng nhn lm ca. Windows User CAL s dng cho hu ht cc doanh nghi p c nhn vin truy cp mng t rt nhiu thit b, k c cc thit b cha tng c bit n. LU . User CAL v Device CAL. Cc c ng c giy php v giao din ngi d ng s kh ng phn bit gia Windows User v Windows Device CAL. Mt Device CAL c ng k gin tip, s dng nhm giy php S lng cc giy php CAL bn yu cu v lm th no c th theo di cc giy php ph thuc vo ch giy php cho my khch m bn c. C hai ch giy php: Giy php Per Server v giy php Per Device hay Per User

    Giy php Per Server Giy php Per Server yu cu mt Windows User hoc Windows Device CAL cho mi kt ni ng thi. Nu mt my ch c cu hnh vi 1000 CAL, kt ni ng thi th 1001 s b t chi truy cp. CAL c thit k s dng trn mt my ch c th, do nu 1000 ngi d ng yu cu kt ni ng thi n mt my ch th hai, bn phi mua thm 1000 CAL na. Giy php Per Server c li im ch trong cc trng hp gii hn truy cp, v d nh mt mng nh ngi d ng truy cp vo rt t my ch. Giy php Per Server l kh ng hiu qu trong trng hp nhiu ngi d ng truy cp vo nhiu ti nguyn trong nhiu my ch. Nu bn kh ng chc chn v cc ch giy php tng ng, hy chn Per Server. Tha thun giy php cho php chuyn i kh ng mt chi ph, mt ln, mt chiu t Per Server QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 223 DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 sang ch giy php Per Device hay Per User khi bn c th thc hin iu ny mt cch thch hp. Giy php Per Device hay Per User. Ch giy php Per Device hay Per User chuyn i t m hnh Per Seat trong cc phin bn trc ca Windows. Trong ch mi ny, mi thit b hoc ngi d ng c th kt ni n mt s my ch trong doanh nghip. Ch Per Device hay Per User thng l ch la chn cho cc m i trng my tnh phn tn trong nhiu ngi d ng truy cp nhiu my ch. V d, mt developer (Nhn vic pht trin phn mm) s dng mt my xch tay v hai my bn s yu cu ch mt Windows User CAL. Mt mng ngang hng gm 10 my PC bn m s dng bi 30 c ng nhn lm ca s yu cu ch 10 Windows Device CAL. Tng s CAL bng vi s lng ngi d ng hoc thit b, hoc s pha trn ca cc i tng trn m truy cp n cc my ch. CAL c th c cp li trong cc iu kin c bit. V d, mt giy php Windows User CAL c th c cp li t mt ngi d ng lu di sang mt ngi d ng tm thi trong khi ngi d ng lu di ri c ng ty. Mt Windows Device CAL c th c cp li cho mt thit b mn trong khi thit b gc ang c sa cha. Cc ch giy php Per Server v Per Device hay Per User c minh ha trong Bng 5-1 Bng 5-1. Cc ch giy php CAL

    Cp giy php kiu truyn thng trong ch Per Server khi c t

    my ch v ch ng yu cu truy cp gii hn

    Cp giy php kiu truyn thng trong ch Per User hay Per Device khi c nhiu my ch v ch ng yu cu cc truy cp trng QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 224 DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 xuyn trn din rng

    Thng kinh k hn khi s lng cc S lng cn thit ca CAL c xc nh bi s kt ni ng thi yu cu CAL cn thit c xc nh bi s lng ngi d ng hoc thit b, hoc c hai, c yu cu truy cp n my ch LU . Cc giy php cho Terminal Services. Windows Server 2003 bao gm Terminal Services, dch v ny c sn giy php cho 2 kt ni ng thi cho php qun tr mng c th kt ni n mt my ch t xa. Khi Terminal Services thc hin chc nng ca mt my ch ng dng, cho php mt ngi d ng kh ng c quyn qun tr kt ni n v chy ng dng th bn phi c cc Terminal Services CAL, cc CAL ny c km theo trong Windows XP Professional Cc c ng c cho giy php C hai tin ch m bn c th s dng theo di v qun l giy php s dng phn mm: Licensing trong Control Panel. C ng c Choose Licensing Mode trong Control Panel, th hin trong hnh 5-13, qun l cc giy php yu cu cho mt my tnh n chy Windows Server 2003. Bn c th s dng Licensing thm hoc bt cc CAL cho my ch chy

    trong ch Per Server, thay i ch giy php t Per Server sang Per Device hoc Per User, hoc cu hnh vic ng b giy php.

    Hnh 5-13. C ng c Choose Licensing Mode trong Control Panel

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 225 DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 Licensing trong Administrative Tools. C ng c qun tr Licensing, tho lun trong phn ti y, cho php bn qun l cc giy php cho mt doanh nghip bng cch tp trung vic iu khin cc giy php v ng b giy php trong m hnh da trn cc site. Qun l Dch v Windows khi my ph p, th ng tin v cc giy php s c ng b vi mt CSDL giy php tp trung trn mt my ch trong site. My ch ny c gi l my ch giy php ca site. Ngi qun tr site, hoc ngi qun tr my ch giy php ca site c th s dng c ng c Licensing trong nhm chng trnh Administrative Tools xem v qun l cc giy php cho ton site. Tnh nng qun l v theo di giy php mi ny tch hp cc giy php kh ng ch cho cc dch v file v in n, m cn cho IIS, Terminal Services v cc sn phm khc ca Microsoft (v d nh my ch Exchange v SQL) My ch giy php ca site Mt my ch giy php ca site th ng thng l mt my ch qun tr min c to ra trong mt site. tm kim my ch no l my ch giy php cho mt site, m Active Directory Sites And Services, m rng la chn n t Site v sau nhn phi chut vo Licensing Site Settings (Cc thit lp giy php ca site) v la chn Properties. My ch giy php hin ti ca site hin th, nh trong Hnh 5-14. giy php cho cc site. License Logging (Ghi nht k giy php), chy trong mi my tnh Server 2003, thc hin vic cp php v theo di cc giy php khch truy cp ti nguyn my ch. m bo vic tun th giy

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 226 DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003

    Hnh 5-14. Nhn bit v thay i my ch giy php ca site bng Active Directory Sites and Services

    gn vai tr my ch giy php ca site cho mt my ch khc hoc my ch qun tr min, nhn vo Change v la chn my tnh mun gn. duy tr lch s ca cc giy php trong doanh nghip ca bn, bn phi dng dch v License Logging trn my ch giy php mi ngay lp tc sau khi chuyn giao vai tr v sau sao chp cc file sau y t my ch c sang my ch giy php mi: Systemroot\System32\Cpl.cfg, trong cha lch s vic mua bn ca doanh nghip Systemroot\Lls\Llsuser.lls, trong cha th ng tin ngi d ng v s lng kt ni Systemroot\Lls\Llsmap.lls, trong cha cc th ng tin nhm giy php Sau khi tt c cc file c sao chp, khi ng dch v License Logging QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 227 DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 Qun tr cc giy php ca site. Khi bn xc nh my ch qun l giy php ca site, bn c th xem cc th ng tin v giy php trn my ch bng cch m Licensing t nhm chng trnh Administrative Tools. Th Server Browser trong Licensing (Th hin trong Hnh 5-15) cho php bn qun l cc giy php cho mt site hoc doanh nghip.

    Hn

    Licensing Th Server Browser trong Licensing cho php bn qun l bt k my ch no trong bt k site hoc min no m bn c quyn qun tr. Bn c th nh v my ch v qun l cc giy php ca my ch bng cch nhn phi chut vo n v la chn Properties. i vi cc sn phm my ch c ci t trong my ch , bn c th thm hoc bt cc giy php ch Per Server. Bn cn c th chuyn i cc ch giy php ti ni no thch hp. Hy nh rng ch giy php Per Server s xut ra mt giy php khi mt ngi d ng no kt ni n sn phm my ch. Khi mt ngi d ng ngt kt ni t mt sn phm my ch, dch v License Logging s cho giy php ny sn sng vi ngi d ng khc. Cc thuc tnh ca my ch cn cho php bn cu hnh vic ng b cc giy php, trong bn c th cu hnh mt my ch bng cch s dng cc thuc tnh Licensing ca n trong Control Panel. Theo mc nh, cc th ng tin v giy php c ng b t mt my ch dch v License Logging n my ch giy php ca site c sau 24 gi v h thng s t ng b tr vic ng b xen k trnh vic qu ti cho my ch giy php ca site. Nu QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 228 DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 bn mun iu khin lch ng b hoc tn sut xy ra, bn phi thay i thi gian Start At v tn sut Start Every ca mi my ch ng b vi my ch giy php ca site c th no qun l cc giy php Per Device hay Per User, nhn vo Licensing trong nhm chng trnh Administrative Tools v sau la chn lnh New License t thc n License. Trong hp thoi New Client Access License (Giy php truy cp cho my trm mi), la chn sn phm my ch v s giy php mua. Cc giy php s c thm vo trong qu ca cc giy php. Khi mt thit b hoc mt ngi d ng kt ni n bt c sn phm no trong site, ch ng s c phn chia mt giy php t qu ny v mi giy php l cho mt thit b hoc ngi d ng. Khi qu cc giy php ny c pht ht, s vi phm giy php xy ra khi bt k mt thit b hay ngi d ng thm vo no truy cp n sn phm. Th Purchase History (Lch s mua) trong Licensing (Th hin trong hnh

    h 5-15. Th

    Server Browser trong c ng c qun tr

    Microsoft

    5-16) cung cp mt cch nhn tng qut cc giy php mua cho mt site, cng nh s lng, ngy v cc vn qun tr lin quan n vic thm hay bt cc giy php ny.

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 229 DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 xem cc th ng tin tch ly v cc giy php v s tun th theo ng giy php hay kh ng, la chn th Products View. th ny cho bit bao nhiu giy php c mua v phn chia cho ngi d ng hoc thit b (trong ch Per Device hay Per User) hoc s lng cc giy php mua c cho cc my ch trong site v s lng kt ni nhiu nht trong ngy (trong ch Per Server). Bn cng c th xc nh xem hot ng c ng nh giy php mua hay kh ng bng cch s dng cc biu tng trng thi giy php th hin trong Bng 5-2. Bng 5-2. Cc k t trng thi ca giy php Sn phm ny ang tun th ng vi yu cu giy php hp php. S lng kt ni t hn s lng giy php mua Sn phm ny kh ng tun th ng vi yu cu giy php hp php. S lng kt ni vt qu s lng giy php mua Sn phm ny t n mc ngng hp php. S lng cc kt ni bng vi s lng giy php mua. Nu mt thit b hoc ngi d ng khc kt ni n sn phm my ch, bn phi mua thm v ghi nht k li cc giy php mi

    Hnh 5-16. Th Licensing

    Purchase History trong c ng c qun tr Microsoft

    Cc nhm giy php. Cc giy php Per Device hoc Per User yu cu mt CAL cho mi thit b. tuy nhin, dch v License Logging cung cp v theo di cc giy php ny theo tn ngi d ng. Khi nhiu ngi d ng chia s mt hoc nhiu thit b, bn phi to ra cc nhm giy php, hoc nu kh ng cc giy php s c d ng n ht rt nhanh. Mt nhm giy php l mt tp hp cc ngi d ng c ng chung mt hoc nhiu CAL. Khi mt ngi d ng kt ni n mt sn phm my ch, dch v License Logging theo di ngi d ng bng tn nhng li cp mt CAL t cc CAL cp cho nhm giy php. Khi nim d hiu nht c th hiu qua v d nh sau: 10 ngi d ng chia s mt thit b cm tay thc hin vic kim k. Bn to ra mt nhm giy php vi thnh vin l 10 ngi d ng ny, Nhm giy php ny c cp 1 CAL, th hin nh mt thit b n m h chia s. 100 sinh vin t khi s dng mt phng lab my tnh vi 10 my tnh. Bn to ra mt nhm giy php vi thnh vin l 100 ngi d ng v cp cho nhm 10 CAL. QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 230 DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 to ra nhm giy php, nhn vo thc n Options v t thc Advanced, la chn New License Group. Nhp vo tn nhm v cp mt giy php cho mi thit b m bn s dng kt ni n my ch. S lng ca cc giy php phn chia cho mt nhm s tng ng vi s lng thit b s dng bi thnh vin ca nhm. LU . Mc ch ca k thi. Mc ch ca k thi 70-290 yu cu sinh vin c kh nng qun l giy php phn mm ca site n

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 231 DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 TNG KT Microsoft pht hnh cc bn cp nht cho h iu hnh di dng cc bn service pack v hotfix Mt bn service pack l mt tp hp ca cc bn cp nht m c kim th c ng nhau v c ph chun ci t trong tt c cc my tnh Mt hotfix l mt bn v li gii quyt mt vn n l no v c gii thch trong mt bi vit i km ca Microsoft Knowledge Base. Cc hotfix kh ng cn thit phi ci t trn tt c cc my tnh, mt s ch dnh cho cc my tnh thc hin cc tc v c bit hoc gp phi s c c th no .

    Cc bn service pack c th c ly v t Microsoft trn mt a CD ch vi mt t l ph hoc c th ti min ph trn Internet. Nu cc bn service pack ny l mt file n, n c th c gii nn bng cch thc hin file vi kha chuyn /X Cc bn service pack c th c trin khai mt cch th c ng trn mi my tnh, tch hp trong bn ci t gc ca h iu hnh (slipstreamed) v c th t ng ci t th ng qua cc chnh sch nhm. Microsoft Software Update Services cho php bn tp trung v qun l cc ph chun v phn phi ca cc bn cp nht then cht trong Windows cng nh cc bn v bo mt ca Windows. Mt hay nhiu my ch SUS cha danh sch cc bn cp nht c ph chun v bn

    thn cc file cp nht, vic cha cc file cp nht ny l mt t y chn nhng kh th ng dng, Phn mm my khch Automatic Update c cu hnh, th ng thng th ng qua cc GPO, ly cc bn cp nht t cc my ch SUS trong intranet thay cho ly trc tip t Microsoft Windows Update Theo di v qun l cc giy php v s tun th ca ngi d ng l mt phn quan trng ca nhim v qun tr. Windows Server 2003 cho php bn cp cc giy php cho cc kt ni ng thi cho mt my ch c th hoc duy tr giy php cho mi thit b hoc ngi d ng m kt ni n bt k my ch no trong doanh nghip ca bn. Cc giy php c ng b gia my ch dch v License Logging v my ch giy php ca site. My ch giy php ca site c th c nhn bit th ng qua Active Directory Sites And Services, tuy QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 232

    DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 nhin giy php cho site c qun tr bng c ng c Licensing trong nhm chng trnh Administrative Tools Mt nhm giy php cho php ngi d ng chia s mt hoc nhiu thit b. Mt s lng nht nh cc Windows Device CAL c cp cho nhm giy php ny. BI TP THC HNH Bi tp thc hnh 5-1: S dng Windows Update Trong bi tp thc hnh ny, bn s dng Windows Update ti cc bn hotfix mi nht cho Windows Server 2003 1. 2. 3. ng nhp vo my tnh Windows Server 2003 m c kh nng truy cp Internet bng ti khon Administrator Kt ni vo Internet (nu cn) Nhn Start, tr vo All Program v la chn Windows Update. Site Windows Update xut hin, sau hp thoi Security Warning xut hin, hi bn c mun ti v ci t ng dng Windows Update hay kh ng. 4.

    Xem cc cnh bo bo mt m bo rng ni dung c k bi

    Microsoft v nhn Yes tip tc 5. 6. 7.

    8.

    9. Nhn vo lin kt Scan For Updates (Qut cc bn cp nht) Nhn vo lin kt Review And Install Updates (Xem qua v ci t cc bn cp nht) Xem li cc bn cp nht c lit k v nhn vo Install Now. Mt hp thoi Microsoft Windows Update xut hin, cha tha thun giy php cho cc bn cp nht ny. Nhn Accept ng vi cc iu khon trong tha thun giy php. Mt hp thoi Windows Update xut hin, cha mt thanh ch th tin trnh Khi vic ci t hon thnh, nu cc bn cp nht ci t yu cu khi ng li, mt th ng bo Microsoft Internet Explorer xut hin, nhc nh bn khi ng li h thng. Nhn OK khi ng li h thng.

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 233 DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 Bi tp thc hnh 5-2: Cu hnh Automatic Updates Trong bi tp thc hnh ny, bn cu hnh Automatic Update ti cc bn cp nht theo mt thi gian lp lch c trc. 1. ng nhp vo Windows Server 2003 bng ti khon Administrator 2. 3. Nhn Start, tr vo Control Panel v sau nhn System. Hp thoi System Properties xut hin. La chn th Automatic Updates 4. Trong hp Settings, la chn Automatically Download The Updates, And Install Them On The Schedule That I Specify 5.

    Trong danh sch lp lch x xung, la chn Every Sunday v 6:00 A.M, sau nhn OK. Bi tp thc hnh 5-3: Gii nn mt bn Service Pack Trong bi tp thc hnh ny, bn s gii nn phin bn mng ca mt bn service pack vo trong mt cu tr c folder. 1. 2. ng nhp vo my tnh bng ti khon Administrator M Windows Explorer v to ra mt folder trn C: c tn l temp 3. Ly bn service pack cho Windows Server 2003 hoc Windows XP t trang Web ca Microsoft hoc t ging vin ca bn v sao chp n vo trong folder temp m bn va to ra. 4. Nhn vo Start, tr vo All program, tr vo Accessories v la chn Command Prompt. Mt ca s du nhc dng lnh xut hin 5. Trong ca s dng lnh, nhp vo cd \temp. Mt du nhc C:\temp> xut hin. Ti du nhc, nhp vo tn y ca file service pack ti v, theo sau l du cch v kha chuyn /X, ging nh trong v d sau: xpsp1.exe /X 6. Sau nhn Enter. Mt hp thoi Directory For Extracted Files xut hin 7. Nhn OK chp nhn folder mc nh C:\temp. Chng trnh ci t s to ra mt folder mc cha i386 trong folder temp cha cc file ci t service pack gii nn. 8. ng ca s Command Prompt

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 234 DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003

    CC CU HI N TP 1. Bn ang cu hnh mt c s h tng Software Update Services s dng kin tr c cha/con lng lo. Mt my ch c ng b cc d liu metadata v ni dung t Windows Update. Cc my ch khc (mt my trong mt site) c ng b ni dung t my ch SUS mc cha. Cc bc no sau y c yu cu hon thnh c s h tng SUS? (La chn tt c cc cu tr li ng) a. Cu hnh my khch Automatic Update s dng Control Panel trong mi my. b. Cu hnh GPO hng cc my khch vo my ch SUS trong site ca ch ng. c. Cu hnh mt im phn phi ni dung mt cch th c ng d. Ph chun cc bn cp nht bng cch s dng trang qun tr SUS trn cc my ch mc con 2. Bn ang cu hnh SUS cho mt nhm cc my ch Web. Bn mun cc my ch Web ny t cp nht hng m da trn mt danh sch cc bn cp nht c ph chun trn my ch SUS. Tuy nhin, khi mt ngi qun tr ng nhp vo, thc hin vic bo tr vo l c m mun trn my ch Web v bn kh ng mun ci t cc bn cp nht

    v c th yu cu khi ng li lm nh hng n cc tc v ny. Chnh sch cu hnh Windows Update no m bn s dng trong kch bn ny? a. Notify For Download And Notify For Install b. Auto Download And Notify For Install c. Auto Download And Schedule The Install d. Auto Download And Install Immediately 3. Bn mun tt c my khch trn mng ti v ci t cc bn cp nht mt cch t ng vo gi m v bn cu hnh lp lch cch ci t cho Automatic Update. Tuy nhin, bn pht hin ra rng mt s ngi d ng tt my tnh ca h vo bui m v cc bn cp nht kh ng c p dng. Chnh sch nhm no cho php bn x l tnh hung ny m kh ng phi thay i lch ci t? a. Ch nh mt Intranet Microsoft Update Service Location QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 235 DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 b. No Auto-Restart For Scheduled Automatic Updates Installations c. Reschedule Automatic Updates Scheduled Installations d. Cu hnh Automatic Updates 4. Lnh no bn mun s dng gii nn file n bn ti ca mt bn service pack? a. Setup.exe -u b. Update.exe -x c. Update.msi d. Servicepackname.exe x 5. Ch giy php hp l trong Windows Server 2003 (La chn tt c cc cu tr li ng) a. Per User b. Per Server c. Per Seat d. Per Device hay Per User 6. Bn ang thu mt i ng gii quyt mt d n pht trin phn mm. S c ba ca cho su lp trnh vin. Mi lp trnh vin s dng bn my tnh lp trnh v kim th phn mm, phn mm ny xc thc qua mt my tnh Windows Server 2003. S CAL ti thiu m bn yu cu nu my ch ny ang trong ch giy php Per Device hay Per User? a. 6 b. 4 c. 18 d. 24 7. C ng c no cho php bn nhn bit my ch giy php ca site trong site ca bn ? a. Active Directory Domains And Trusts

    b. c. d. QUN L 236

    C ng c Licensing trong Control Panel Active Directory Sites And Services DNS V DUY TR H IU HNH WINDOWS SERVER 2003

    DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 8. Bn qun tr mt mng cho mt i ng gm 500 nhn vin kinh doanh in thoi. Bn c 550 giy php cu hnh trong ch giy php Per Device hay Per User. Mt chin dch mi c khi ng v bn s phi thu thm mt ca lm vic na cho 500 nhn vin ny. Bn cn lm g qun l hiu qu nht vic theo di v kim tra vic thc hin c ng theo cc giy php ny kh ng ? a. Yu cu li cc giy php t cc my khch c sn b. Xa cc giy php c v mua thm 500 giy php mi c. To ra cc nhm giy php d. Chuyn i ch giy php Per Server CC KCH BN TNH HUNG Kch bn 5-1. Trin khai Microsoft SUS Bn l ngi qun tr mng cho mt doanh nghip c va v ang quan tm xem xt vic trin khai SUS mt cch rng ri trn cc my trm Windows XP Professional v cc my Windows Server 2003. Trc khi trin khai i tr vic ny, mt chng trnh trin khai th im c s c thc hin. Bn c giao cho mt phng Lab vi 10 my tnh Windows XP Professional, mt my ch thnh vin chy Windows Server 2003, mt my ch qun tr min chy Windows Server 2003 v mt my ch n chy Windows Server 2003. bn mun cu hnh tt c cc my tnh ngoi tr my ch SUS thc hin vic t ng kt ni n my ch SUS mi bui sng vo l c 7.A.M ti v ci t cc bn cp nht mi. Bn phi thc hin cc bc no sau y hon thnh nhim v trn ? (La chn tt c cc cu tr li ng) S dng th Automatic Update trong hp thoi System Properties trong tt c cc my trm Windows XP thit lp my ch cp nht l a ch ca my ch SUS. Thit lp tt c cc my trm Windows XP t ng ti v ci t cc bn cp nht vo l c 7 A.M mi ngy. a) S dng th Automatic Update trong hp thoi System Properties trong tt c cc my tnh Windows Server 2003 ngoi tr my ch SUS thit lp my ch cp nht l a ch ca my ch SUS. Thit lp tt c cc my tnh Windows Server 2003 t ng ti v ci t cc bn cp nht vo l c 7 A.M mi ngy. b) t cc my trm Windows XP v my ch qun tr min Windows Server 2003 trong mt OU ring bit c tn SUStest. Cu hnh thuc QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 237 DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 tnh Windows Update ca GPO s p dng cho OU SUStest, ch ra a ch ca my ch cp nht l my ch SUS trong phn chnh sch Specify Intranet Microsoft Update Service Location. Thit lp Configure Automatic Updates Policy to Automatic Download And Schedule The Install v thit lp lch ci t l hng ngy v thi gian

    l 7 A.M. p dng GPO ny vo OU SUStest c) Trn my tnh Windows Server 2003 n, cu hnh thuc tnh Windows Update trong GPO ni b ca my, ch nh a ch ca my ch cp nht l my ch SUS trong phn chnh sch Specify Intranet Microsoft Update Service Location. Thit lp Configure Automatic Updates Policy to Automatic Download And Schedule The Install v thit lp lch ci t l hng ngy v thi gian l 7 A.M. p dng GPO ny vo OU SUStest d) Trn my ch SUS, cu hnh thuc tnh Windows Update trong GPO ni b ca my, ch nh a ch ca my ch cp nht l my ch SUS trong phn chnh sch Specify Intranet Microsoft Update Service Location. Thit lp Configure Automatic Updates Policy to Automatic Download And Schedule The Install v thit lp lch ci t l hng ngy v thi gian l 7 A.M. p dng GPO ny vo OU SUStest Kch bn 5-2: Trin khai mt bn service pack Fred l ngi qun tr h thng cho mt vn phng hc vin ti mt trng i hc. Vn phng c 40 my trm Windows XP v 2 my ch Windows Server 2003. Mt trong hai my ch ny c cu hnh thnh mt my ch qun tr min, cn li l my ch dch v file v in n. Cc my tnh trong vn phng l thnh vin c a mt min Windows Server 2003 n. Microsoft gn y c pht hnh mt bn service pack cho Windows XP v, sau khi kim th n, Fred cm thy t tin trin khai bn service pack trn cho cc my trm Windows XP trong vn phng. Anh ta gii nn file service pack vo mt folder trn my ch file l \\Fileshare\newsrvpk. phng php no sau y c th s dng c ci t bn service pack trn tt c cc my trm Windows XP? (La chn tt c cc cu tr li ng) a) Anh ta c th vo tng my Windows XP v ci t bn service pack mt cch th c ng t file chia s ny b) Anh ta c th to ra mt nhm c tn l Xpwkstn v t tt c cc my trm Windows XP vo trong nhm . Sau anh ta c th to ra mt GPO trong cu hnh gi phn mm mi trong mc Computer QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 238 DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 Configuration\Software Settings, s dng a ch ca file .msi ca bn service pack trn folder chia s \\Fileshare\newsrvpk. Trong hp thoi Deploy Software, anh ta la chn Assign v sau p dng GPO ny vo nhm Xpwkstn c) Anh ta c th to ra mt nhm c tn l Xpusrs v t tt c cc ngi d ng s dng my trm Windows XP vo trong nhm . Sau anh ta c th to ra mt GPO trong cu hnh gi phn mm mi trong mc Computer Configuration\Software Settings, s dng a ch ca file .msi ca bn service pack trn folder chia s \\Fileshare\newsrvpk. Trong hp thoi Deploy Software, anh ta la chn Assign v sau p dng GPO ny vo nhm Xpusrs d) Anh ta c th to ra mt OU c tn l Xpwkstn v t tt c cc my trm Windows XP vo trong OU . Sau anh ta c th to ra mt GPO trong cu hnh gi phn mm mi trong mc Computer Configuration\Software Settings, s dng a ch ca file .msi ca bn service pack trn folder chia s \\Fileshare\newsrvpk. Trong hp

    thoi Deploy Software, anh ta la chn GPO ny vo OU Xpwkstn

    Assign v sau p dng

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 239 DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003

    PHN 2 QUN L V DUY TR

    H IU HNH

    QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 240 LM VIC VI TI KHON NGI DNG

    CHNG 6: LM VIC VI TI KHON NGI DNG Trc khi bt c ngi d ng no c th truy nhp vo my tnh chy Microsoft Windows 2003 t bt c bng iu khin no hoc qua mng th hc u phi c xc thc. Xc thc l mt qu trnh nhn dng v xc nhn cc iu kin ca ngi d ng. Trong hu ht cc trng hp, qu trnh xc thc yu cu ngi d ng cung cp tn ti khon v mt khu my ch kim tra bn ghi trc khi truy nhp. Qun l ti khon ngi d ng v mt khu l mt trong cc tc v th ng thng ca ngi qun tr. Trong chng ny, cc bn s hc cch to, qun l v x l cc tnh hung xy ra i vi ti khon ngi d ng. Sau khi hon thnh chng ny, bn c kh nng: Hiu c s khc nhau gia ti khon ngi d ng cc b, ti khon ngi d ng min. Lp k hoch to ti khon ngi d ng. To v qun l ti khon ngi d ng. To v qun l ti khon ngi d ng bng mu (template), nhp vo t ngun c sn v cc c ng c dng dng lnh. Qun l khi lc ngi d ng (User Profile) Hiu c s khc nhau gia cc khi lc cc b (Local), di tr

    (Roaming) v bt buc (Mandatory). X l cc tnh hung i vi vic xc thc ngi d ng.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 LM VIC VI TI KHON NGI DNG TM HIU TI KHON NGI DNG (USER ACCOUNT) Mng Microsoft Windows da trn hai m hnh t chc thng c bit n l nhm (Group) v min (Domain). C hai m hnh ny u yu cu NSD c Ti khon Ngi d ng xc thc. Nhng v mt bn cht cc ti khon ngi d ng v cc c ng c d ng to v qun l ch ng i vi hai m hnh ny c khc nhau i ch t. Cc im khc nhau gia ti khon ngi d ng cc b s dng cho nhm v ti khon ngi d ng min c tng kt trong bng 6-1. Bng 6-1 Cc c im ca Local User Name v Domain User Name. Local User Names C ng c qun l Local Users And Groups Domain User Names Active Directory And Computers Ni cha

    Users

    ti Trnh Qun l cc Ti CSDL Active Directory

    khon ngi khon Bo mt (SAMd ng. Security Accounts

    Ni ng nhp

    Truy nhp ti Manager) trn mi my tnh cc b. My tnh cc b Ti nguyn trn my tnh cc b

    Min Active Directory Ti nguyn trn min v trn mng.

    NHM LM VIC (Workgroup) Nhm lm vic (Workgroup) l tp hp cc my tnh m trong ch ng tng tc mt cch kh ng chnh thc vi quyn kh ng tp trung. Mi my tnh trong nhm c mt tp cc ti khon ngi d ng cc b ring lu ti c s d liu ca my tnh ny, c gi l Trnh Qun l cc Ti khon Bo mt (SAM - Sercurity Accounts Manager). Cc my tnh s dng cc ti khon ny xc thc v cho php ngi d ng truy nhp vo ti nguyn ch trn ring my tnh ny. Nu mun truy nhp vo ti nguyn trn my tnh khc trong nhm th ngi d ng phi c cc ti khon khc trn chnh cc my tnh v c n xc thc bi tch bit ring trc khi c php truy nhp vo. Mc d mi my tnh trong nhm thc hin vic xc thc ring ca mnh nhng kh ng nht thit ngi d ng phi cung cp tn ti khon v mt khu kt ni ti tng my tnh. Nu mi my tnh u c ti khon cho ngi

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 242 LM VIC VI TI KHON NGI DNG d ng c c ng tn ti khon v c ng mt khu th tt c cc ln xc thc sau ln u tin s thc hin ngm v t ng. to ti khon ngi d ng cc b, bn s dng MMC snap-in gi ti Local User and Group. Mun ng nhp bng ti khon ngi d ng cc b, ti hp thoi Log On To Windows bn cung cp tn ti khon, mt khu v chn This Computer ti danh sch Log On To. Qu trnh to ti khon ngi d ng cc b kh n gin, nhng hn ch ca m hnh nhm lm vic l buc ngi qun tr duy tr cc ti khon cho c ng mt ngi d ng trn ng thi nhiu my tnh khc nhau. V d, nu ngi d ng c ti khon trn 10 my tnh khc nhau th bn phi thay i mt khu tng ti khon ring r trn 10 my tnh. V vy, m hnh nhm lm vic l kh ng thc t, tr khi l mng nh. MIN (Domain) M hnh min do Microsoft Windows 2003, Microsoft Windows XP v Microsoft Windows 2000 s dng da trn nn tng dch v Microsoft Active Directory. Trong chng 1, bn hiu v kin tr c v chc nng ca Active Directory. Cc Ti khon Ngi d ng Active Directory nm di dng ca cc i tng Ngi d ng, v ch ng c lu, cng ging nh tt c cc th ng tin ca Active Directory, trn my tnh iu khin min, ni m ch ng

    c th c truy nhp ti t mi ni trong min. Khi ng nhp bng ti khon ngi d ng min ngi d ng s c xc thc bi my ch iu khin min, ch kh ng phi bi my tnh m ngi d ng ang lm vic hoc truy nhp vo. Ti khon ngi d ng min gm c tn ng nhp v mt khu, tn ny l duy nht v c gi l m nhn dng bo mt (SID - Security Identifier). Trong khi ng nhp, Active Directory xc thc tn ngi d ng v mt khu a vo. Tip theo, h thng bo mt s to th truy nhp tng ng vi ngi d ng ny. Th truy nhp cha m nhn dng bo mt ca ti khon ngi d ng v m nhn dng bo mt cc nhm ca ngi d ng ny. Th ny sau c th c s dng kim tra li quyn gn cho ngi d ng, bao gm c quyn ng nhp cc b v quyn c php truy nhp vo ti nguyn c bo mt bi danh sch iu khin truy nhp(ACLsAccess Control Lists). Trong m hnh min, mi ngi d ng ch c mt ti khon min, nh vy s gim nh c ng vic ca ngi qun tr mng. Ch mt ti khon ny c th c ngi d ng s dng truy nhp vo mi ti nguyn trn mng. CSDL Active Directory thng xuyn c ng b gia cc my tnh iu khin QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 243 LM VIC VI TI KHON NGI DNG min, nn cc ti khon ngi d ng gn nh lu n sn sng xc thc cho ngi d ng truy nhp ti ti nguyn mi. Ngi Qun tr s dng snap-in Active Directory User and Computer to i tng ngi d ng min . ng nhp bng ti khon ngi d ng min bn h i cung cp tn ti khon, mt khu v ti Log On To la chn min mu n ng nhp, ch ra trong hnh 6-1.

    Hnh 6-1: Hp thoi ng nhp vo Windows LU : ng nhp vo my tnh iu khin min. Khi my tnh Microsoft Windows 2003 ng vai tr l my tnh iu khin min th kh ng c s la chn no khc nngoi tr vic ng nhp vo min. Ti khon ngi d ng cc b v snap-in Local User And Group cng kh ng c s dng. LP K HOCH TI KHON NGI DNG Khi bn thc s bt tay vo vic to ti khon ngi d ng cc b hoc ti khon ngi d ng min, bn nn cn nhc gia cc k hoch c vch ra, nht l khi bn lm vic vi mt mng ln v phc tp. Mc d vic to ti khon ngi d ng ban u dng nh l n gin, thu thp cc tn v la

    chn ti khon, mt khu cho php v cu tr c ca phn cp Directory s gi p bn gii quyt cc vn sau ny.

    Active

    T TN CHO TI KHON Khi bn to ti khon ngi d ng, c dng cc b v min, bn phi xc nh Firt Name (Tn gi) v Last Name (H) ca ngi d ng, nhng thc s c d ng khi ng nhp v xc thc l tn ti khon. Tn ca ti khon ngi d ng cc b v ti khon ngi d ng min c di ti a cho php l 20 k t, nhng thun li cho ngi d ng nn t ngn hn. Cc tn kh ng phn bit ch hoa ch thng (mc d Microsoft Windows 2003 gi nguyn kiu ch bn nhp vo) v kh ng c cha cc k t sau:

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 244 LM VIC VI TI KHON NGI DNG / \ [ ] : ; | = , + * ? < > @ LU : tn ti khon v a ch th in t. Khi to tn ti khon m ng thi mun s dng ch ngcho a ch E-mail, phi m bo chc chn n ch gm cc k t cho php ca phn mm E-Mail, mt s h thng E-mail kh ng cho php s dng tn c du cch hoc du ngoc n, cho d n vn c Microsoft Windows 2003 chp nhn.. Dng ca tn ti khon, ti nhiu t chc s dng mt s kiu kt hp ca Firt Name hoc Last Name v mt hoc thm cc ch ci u. V d , tn ngi d ng l Mark Lee c th c tn ti khon l mlee hoc markl, Mc d vy, i vi cc t chc c qui m ln, s dng First Name l kh ng thc t v rt d c hai ngi c ng tn l Mark, thm ch rt c th c hai Mark u c Last Name bt u bng ch L". Cho d bn s dng bt c dng no cho Tn Ti khon ca bn, iu quan trng nht l bn phi to c mt tp cc lut to ra ch ng v trung thnh vi ch ng. Vic gn cc tn ti khon mt cch kh ng thng nht, s dng cc bit hiu (Nickname) ti ngha hay theo s thch ca ngi s dng s dn n vic nhm ln ca cc qun tr khc khi xc nh tn ti khon cho mt ngi s dng c th no . Lut ca bn nn ch ra mt s kt hp chun gia First Name v Last Name hay cc ch vit tt, cng nh cc phng php c chun ha to ra cc tn ti khon duy nht. v khi bn nghe tn ti khon bn c th d dng suy ra c tn ngi d ng . LA CHN MT KHU Ngy nay, bo mt nh hng mnh m n nhim v ca qun tr trn ton mng v vic to ti khon ngi d ng cng kh ng thuc ngoi l. Khi to ti khon ngi d ng mi bn phi xc nh mt khu v p dng chnh sch vi mt khu tu theo mc bo mt m t chc ca bn mun. Mc nh, khi to ti khon ngi d ng min trong Microsoft Windows 2003, bn phi t mt khu dng phc tp, c di ti thiu 7 k t. Nhng rng buc ny bc n nh ti chnh sch nhm, c cu hnh mc nh ti Default Domain Policy Group Object - GPO. Ti khon ngi d ng cc b s kh ng b cc rng buc ny. Bn c th iu chnh li cc rng buc v cc quy tc gn mt khu mc nh bng cch s dng bng iu khin Group Policy Object Editor sa li cc thit lp chnh sch mt khu. Enforce Password History: Xc nh s lng mt khu khc nhau trc khi ngi d ng c php s dng li mt khu c, gi tr mc nh l 24.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 245 LM VIC VI TI KHON NGI DNG Maximun Password Age (Tui di nht ca mt khu): Xc thi gian bao lu mt mt khu c th c d ng trc khi h iu hnh buc ngi d ng i li, gi tr mc nh l 42 ngy. Minimun Password Age (Tui ngn nht ca mt khu): Xc thi gian bao lu mt mt khu phi s dng trc khi h iu hnh cho php ngi d ng i li, gi tr mc nh l 1 ngy. Minimum Password Length ( di mt khu ti thiu): di ti thiu ca mt khu m h iu hnh cho php, gi tr mc nh l 7. Password Must Meet Complexity Requirements (Mt khu phi tha mn iu kin phc tp): Xc nh iu kin i vi mt khu nh di t nht l 6 k t, kh ng tr ng vi ton b tn hoc mt phn ca tn ti khon, bao gm t nht 3 trong s 4 kiu k t: Ch hoa, ch thng, s v k t c bit. Mc nh, h iu hnh enable (cho php) chnh sch ny. Cc thit lp mc nh cho ngi d ng mi l thit lp User Must Change Password At Next Logon (Ngi d ng bt buc phi i mt khu ti ln ng nhp sau). Thit lp ny gi s l cc ngi d ng s c trch nhim cung cp mt khu ca h v thay i ch ng nh k. Ngi qun tr to ti khon ch l cp mt khu tm thi cho ln ng nhp u tin ca ngi d ng. Vic bn mun ngi d ng cung cp mt khu ca h l mt quyt nh v bo mt m bn phi thc hin trc khi bn bt tay vo to ti khon. Ni chung, vic ngi d ng t cp mt khu l th ng dng hn v hai l do, mt l s d dng hn cho ngi d ng nh c mt khu v hai l vic phi thay i mt khu nh k 42 ngy mt ln s l gnh nng ln i vi qun tr mng. Chnh sch mt khu mc nh bt ngi d ng thay i nh k thay i li mt khu ng thi cng ngn cn vic h s dng li c ng mt mt khu thng xuyn. T y thuc vo yu cu bo mt mng, bn c th mun thit lp cc chnh sch mt khu khc cho ngi d ng m kh ng th thc hin bng phn mm c, nh: Khng tit l mt khu cho ng nghip hoc vi bt k ai trong hoc ngoi t chc Khng ghi mt khu v n c th d dng c tm thy Khng to mt khu s dng th ng tin nh ngy sinh, tn, con hoc vt nu i. Ni mt khu qua in thoi hoc gi bng th in t. QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 246 LM VIC VI TI KHON NGI DNG THIT K M HNH PHN CP ACTIVE DIRECTORY Do cc ti khon ngi d ng cc b kh ng c d nh d ng trong cc mng ln, ch ng c lu ti c s d liu dng CSDL kh ng phn cp. SAM thc s nh hn mt danh sch ngi d ng v nhm vi mt vi thuc tnh chnh c bn cho mi ti khon. Do vy kh ng cn c mt thit k cho loi ti khon ny. Ngc li, Ti khon ngi d ng min l mt phn ca kin tr c Active Directory, v vic thit k kin tr c ny l mt phn rt quan trng ca k hoch c s h tng mng. Nh bn tm hiu ti chng 1, cu tr c c bn ca min Active Directory l theo kiu hnh cy, tng t nh cu tr c th mc ca h thng file. Trong , i tng min l ngn ca cy ( i khi cng c gi l gc) v vi mt hoc mt s phn cp di n l OU - Organization

    Unit(n v t chc). Tt nht l ch ng ta nn ginh cc tc v thc s ca vic thit k kin tr c ny cho cc nh thit k mng, nhng ngi qun tr c trch nhim to cc ti khon ngi d ng cn bit r cc kin trc ny v cc m hnh c s to nn ch ng. to ngi d ng min, u tin l bn phi quyt nh t h vo OU no. Quyt nh ny da vo chc nng ca OU to. Cy Active Directory thit k c th da vo chnh sch phn chia ca t chc nh theo phng ban, theo nhm hoc v tr a l nh ton nh, tng, vn phnghoc ht hp ca cc yu t trn v nhiu cc yu t khc na. Mc ch ca phn cp gi p n gin ho vic nh v ccc i tng trong cy v thc hin vic gn cc thuc tnh cho mt s lng ln cc i tng bng cch gn ch ng cho cc OU v cc thuc tnh ny, lp tc s c cc di tng con tha hng theo kin tr c hnh cy. t cc i tng ngi d ng vo ng v tr trong kin tr c s gi p ch ng s nhn c cc thit lp cu hnh cn thit m kh ng phi thc hin cu hnh n l v trnh cho bn kh ng phi di chuyn cc ngi d ng sau ny. LM VIC VI TI KHON NGI DNG CC B Ti khon cc b c php truy nhp vo ti nguyn trn my tnh m bn to ti khon t bng iu khin hoc qua mng. Mc nh, Microsoft Windows 2003 s to 3 ti khon ngi d ng cc b sau: Administrator (Qun tr): Ti khon ny yu cu cho ln ng nhp h thng u tin, s dng mt khu c cp trong qu trnh ci t h thng. Ngi d ng Administrator l thnh vin nhm Administrators, c ton quyn truy nhp n mi ni trong h thng. Bao gm c vic c th khi QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 247 LM VIC VI TI KHON NGI DNG to ti khon ngi d ng cc b, phn quyn cho cc ti khon ngi d ng cc b, ci t phn cng v phn mm. Ti khon Administrator cc b lu n c cn n, thm ch trn mng Active Directory, do c cc c ng vic i hi Administrator cc b truy nhp ti chnh my tnh ny. Guest (Khch): Ti khon s dng cho ngi d ng tm thi v b gii hn truy nhp vo h thng. Ti khon ny s c to t ng trong qu trnh ci t h thng, mc nh s c trng thi v hiu ho v kh ng c mt khu. Bn cn phi kch hot (Enable) ti khon ny trc khi c bt k mt ai s dng n ng nhp. Ti khon Guest l thnh vin ca nhm Guests v b gii hn quyn truy nhp vo h thng. Trong hu ht cc trng hp, bn nn v hiu ho n v to cc ti khon mi, ring cho cc ngi d ng c th thay cho vic cho h ng nhp vo tt c u s dng ti khon Guest. SUPPORT_number Ti khon ny to cho Nhn vin H tr K thut ca Microsoft khi h kt ni vo h thng s dng tnh nng Remote Assistance. Mc nh ti khon ny trng thi v hiu ho v phi c kch hot trc khi k thut vin ca Microsoft c th truy nhp vo my tnh. Nu my tnh c kt ni vo min kh ng cn thit to thm ti khon ngi d ng cc b bi v ngi d ng s ng nhp s dng ti khon ngi d ng min v t c th truy nhp vo ti nguyn h thng. Nhng nu my tnh cu hnh tham gia vo nhm lm vic th bn c th to ti khon ngi d ng cc b mi bng cch s dng snap-in Local Users And Groups. Ti my kh ng phi l my ch iu khin min, snap-in ny c tch hp vi bng iu khin Computer Managerment chy t nhm chng trnh Administrator Tools ti thc n StartThc n

    Hnh 6-2: Snap-in Local Users and Groups

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 248 LM VIC VI TI KHON NGI DNG TI KHON NGI DNG CC B t o ti khon ngi d ng cc b bn chn Folder User t thc n Ac n , s xut hin hp thoi (hnh 6-3), bn a vo cc th ng tin sau: User Name: Tn ti khon ng nhp vo my tnh (bt buc). Full Name: Tn y ca ngi d ng (tu chn). Description: Din gii v ngi d ng hoc chc nng ca ngi d ng (tu chn). Password: mt khu xc thc ngi d ng, c di ti a l 127 k t (tu chn). Confirm Password: Vo li mt khu thm mt ln na chc chn bn g vo ng. Nu hai ln kh ng tr ng khp nhau th s yu cu bn vo li thm mt ln na. User Must Change Password At Next Logon: Chn la chn ny nu bn mun ngi d ng thay i li mt khu khi ng nhp vo h thng ln u. Bn s kh ng th chn la chn ny nu bn chn Password Nerver Expires (Mt khu kh ng gi hn thi gian). La chn ny cng s t ng xo b la chn User Cannot Change Pas w s ord (Ngi d ng kh ng thay i c mt khu) User Cannot Change Password: Chn la chn ny, ngi d ng s kh ng thay i li c mt khu, thng th bn s d ng la chn ny khi c ng thi t hai ngi tr ln d ng chung mt ti khon ngi d ng min hoc bn mun qun l dch v mt khu ngi

    d ng. Bn kh ng th chn la chn ny nu chn User Must Change Password At Next Logon. Password Nerver Expires: Bn chn la chn ny nu mun mt khu kh ng bao gi b ht hn. Bn s kh ng chn c la chn ny nu bn chn User Must Change Password At Next Logon.

    Thng bn s chn la chn ny qun l dch v mt khu ti khon. Account Is Disable: Chn la chn ny v hiu ho ti khon, v nh l cho nhn vin mi, nhng ngi ny li cha cn truy nhp vo mng.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 249 LM VIC VI TI KHON NGI DNG

    Hnh 6-3: Hp thoi New User QUN L TI KHON NGI DNG CC B Ti khon ngi d ng cc b c tng i t cc thuc tnh. Bn chn Account ti Folder Users t snap-in Local User And Group v chn Properties t Thc n Action. Hp thoi Properties s xut hin (ch ra ti hnh 6-4). Hp thoi ny cho php bn sa li cc thuc tnh trong khi to ti khon ngi d ng, ngoi tr tn ngi d ng v mt khu. i li tn

    bn chn lnh Rename v i li mt mt khu chn Set Password t Thc n Action. Hp thoi ny cung cp cc th ng s ca ti khon ti cc th sau: General Member Of Profile Environment Sessions Remote Control Terminal Services Profile Dial-in

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 250 LM VIC VI TI KHON NGI DNG

    Hnh 6-4: Hp thoi Properties ca ngi d ng cc b Thit lp ti cc th ging nh ti hp thoi Properties ca hp thoi ngi d ng im n. Xem thm Qun l ti khon ngi d ng min ti chng sau. LM VIC VI TI KHON NGI DNG MIN Lm iv c vi ti khon ngi d ng min tng t nh l vi ti khon ngi d ng cc b nhng ti khon ngi d ng min c nhiu th ng tin hn. Khi bn to min Active Directory bng cch thng cp my tnh iu khin min u tin, Microsoft Windows 2003 mc nh s to cc ngi d ng sau: Administrator: Ti khon min Administrator l thnh vin ca nhm Administrators ca min v thc hin c ng chc nng chnh nh ti khon ngi d ng cc b. l ti khon u tin ng nhp vo min v c ton quyn truy nhp ti tt c cc chc nng v tnh nng ca min. iu quan trng l bn phi phn bit ti khon min Administrator v ti khon cc b Administrator l hai ti khon tch bit nhau. Hai ti khon ny c mt khu khc nhau, cc Cp php khc nhau v cc kh nng khc nhau. Vi my tnh chy Microsoft Windows 2003 th my ch thnh vin ca min (nhng kh ng phi l

    my ch iu khin min) c th ng nhp s dng c hai ti khon ny tu theo thit lp ti la chn Log On To ti hp thoi Log On To Windows. Guest: Tng t nh ti khon cc b Guest, ti khon min Guest trng thi v hiu ho v dnh cho ngi d ng tm thi truy nhp vo min. LU : Mc ch ca bi thi. Mc ch ca bi thi 70-290 xc nh bn c th to v qun l ti khon ngi d ng. QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 251 LM VIC VI TI KHON NGI DNG Microsoft Windows 2003 cng to cc ti khon dng sn mc nh khc khi bn ci t cc dch v trn my tnh ny. V d, khi thng cp mt my ch thnh my ch iu khin min s to cc i tng ngi d ng n gi l krbtgt c chc nng nh l i tng bo mt ca dch v Trung tm Phn phi Kho (Key Distribution Center - KDC). Khi bn ci Microsoft Internet Information Services (IIS) c hai ngi d ng c to l IUSR_computerName l ngi d ng v danh kt ni ti my ch Web v IWAM_computername m IIS s dng khi chy cc ng dng c lp (out-of-process) Cc i tng ngi d ng dng sn trong min c t ti i tng cha (Container) tn l Users. Thm ch, bn c th to i tng ngi d ng mi ti y hoc ti i tng cha khc, thm tr trc tip ti chnh min. Tt nht l bn nn to ti OU tin cho vic s dng chnh sch nhm sau ny. Bn ch c th lin kt mt i tng chnh sch nhm (Group Policies Objects- GPO) vi mt min, Site hoc OU nhng kh ng th lin kt vi i tng cha Users. Do , Bn nn to cc OU ph hp vi thit k Active Directory ca c quan bn, trc khi bn bt u tay vo to ngi d ng. LU : Cc i tng cha. Cc i tng Users, Builtin, Computers, v ForeignSecurity- Principals thuc v cc lp i tng c bit c gi l i tng cha (Container). Trong Dch v Th mc (Directory Service) thut ng Container c s dng mt cch khi qut ch n mt i tng no c cha cc i tng con khc. Do , trong trng hp bn i tng lit k trn, theo ng nh ngha, u c gi l Container. Bn kh ng th p dng GPOs cho bn i tng cha ny, hoc xo n i hay to cc i tng mi c ng kiu. Tuy vy, bn c th chuyn cc i tng t cc Container ny ti cc i tng OU m bn to ra tin cho vic qun l hn. Trong my ch iu khin min, chy Microsoft Windows 2003 bn to i tng ngi d ng min bng cch s dng snap-in Active Directory Users And Computers (hnh 6-5),. chn t nhm chng trnh Administrative Tools trong Thc n Start . to i tung ngi d ng, bn phi l thnh vin ca nhm Enterprise Admins, Domain Admins hoc Account Operators hoc bn phi c u quyn qun tr cn thit to i tng ngi d ng. LU : Ci t bng iu khin. Mc d , Bng iu khin Active Directory Management trong nhm chng trnh Administrative Tools ch c ti my my iu khin min, nhng bn cng c th QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 252 LM VIC VI TI KHON NGI DNG

    chy ch ng t Microsoft Windows 2003 Server, Windows XP workstations. ci gi Administrative Tools bn chy Adminpak.msi t Folder I386 trn a CD ci t Microsoft Windows 2003.

    Hnh 6-5: Bng iu khin Active Directory Users And Computers TO TI KHON NGI DNG MIN to i tng ngi d ng t thc n Action chn New chn tip User khi s xut hin New Object User wizard. Kh ng nh hp thoi New User to i tng ngi d ng cc b, trnh hng dn New Object User xut hin nh sau: Ti trang u ca trnh hng dn (ch ra ti hnh 6-6) gm cc tham s sau:

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 253 LM VIC VI TI KHON NGI DNG

    First Name: Tn gi ca ngi d ng (tu chn). Initials: Ch ci u tn m ca ngi d ng (tu chn). Last Name: Tn h ca ngi d ng (tu chn).

    Hnh 6-6: Trang u ca trnh hng dn New Object User Full Name: Tn y ca ngi d ng (bt buc). Khi bn g vo First Name hoc Last Name th gi tr Full Name c t ng a vo v sau bn c th sa li c. Gi tr a vo ny s sinh ra mt s cc thuc tnh ca i tng ngi d ng: common Name (CN tn ph bin), distinguished Name (DN tn phn bit), Name (tn) v DisplayName (tn hin th) . Do thuc tnh CN buc phi l duy nht trong mt Container. nn, tn y bn nhp vo y phi l duy nht mt cch tng i so vi cc i tng khc trong OU ni m i tng ngi d ng c to ra(hoc vi cc Container khc) . User Logon Name (Tn ng nhp): Tn ca ti khon s dng ng nhp (bt buc). Tn ny s c d ng trong User principal Name (UPN tn chnh ca ngi d ng), bao gm tn ng nhp v u i UPN, mc nh l tn h thng tn min (Domain Name System - DNS) ca min. ton b tn UPN c nh dng Tn-ng-nhp@ u i-UPN (logon-Name@UPN-suffix) v phi l duy nht trong rng Active Directory. V d UPN l someone@ACNA.com. UNP s dng ng nhp vo mi my tnh chy Microsoft Windows 2003, Windows XP hoc Windows 2000. User Logon Name (PreWindows 2000): tn ti khon s dng ng nhp vo cc my khch trc Windows 2000 (bt buc), c th l Windows 95, Windows 98, Windows Millennium Edition (Windows Me) hoc Windows NT. Gi tr ny s c a vo t ng theo tn ngi d ng ng nhp v c di ti 20 k t. Gi tr ny cng phi l duy nht trong mt min. Sau khi vo cc gi tr cho trang u bn chn Next, s xut hin trang th 2 bao gm cc tham s sau: QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 254 LM VIC VI TI KHON NGI DNG Password: Mt khu xc thc ngi d ng, c di ti a l 127 k t (tu chn). Confirm Password: Vo li mt khu thm mt ln na chc chn bn g vo ng. Nu hai ln kh ng tr ng khp nhau h thng s yu cu bn vo li thm mt ln na. User Must Change Password At Next Logon: Chn la chn ny nu bn mun ngi d ng thay i li mt khu khi ng nhp vo h thng ln u. Bn s kh ng th chn la chn ny nu bn chn Password Nerver Expires. La chn ny cng s t ng xo b la chn User Cannot Change Password

    Hnh 6-7: Trang th hai ca trnh hng dn New Object-User User Cannot Change Password: Chn la chn ny, ngi d ng s kh ng thay i li c mt khu, thng th bn s d ng la chn ny khi c ng thi t hai ngi tr ln d ng chung mt ti khon ngi d ng min hoc bn mun qun l dch v mt khu ngi d ng. Bn kh ng th chn la chn ny nu chn User Must Change Password At Next Logon. Password Nerver Expires: Bn chn la chn ny nu mun mt khu kh ng bao gi b ht hn. Bn s kh ng chn c la chn ny nu bn chn User Must Change Password At Next Logon. Thng bn s chn la chn ny qun l ccmt khu ca ti khon dch v Account Is Disable: Chn la chn ny v hiu ho ti khon, v nh l cho ngi mi n, nhng ngi ny li cha cn truy nhp vo mng. Mt s tu chn ca ti khon c th mu thun vi chnh sch nhm thit lp m n c k tha t min hoc i tng cha. V d, chnh sch QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 255 LM VIC VI TI KHON NGI DNG nhm ca min mc nh l mt khu phi i theo chu k l 42 ngy. Trong khi bn li chn Password Never Expires th n s ghi ln chnh sch nhm v ngi d ng s kh ng nhn c nhc nh phi i li mt khu na. Sau khi bn vo cc gi tr ti trang th 2 ny chn Next, khi s xut hin tramh summary. Chn Finish hon thnh vic khi to i tng ngi d ng mi ti i tng cha chn. QUN L TI KHON NGI DNG MIN Sau khi bn to i tng ngi d ng, bn s dng bng iu khin Active Dir t ec ory Users And Computers qun l cc thuc tnh ca n. Bng cch chn i tng ngi d ng, sau chn thc n Action, bn c th thc thi cc c ng vic sau:

    Add To A Group: a i tng ngi d ng vo thnh thnh vin ca nhm c Disable Account: V hiu ho ti khon, kh ng cho php ng nhp vi ti khon ny. Nu mun d ng li bn ch cn xo du chn ti hp kim tra Account Is Disable trong danh sch Account Option trn th Account ca hp thoi Properties ca i tng ngi d ng ny. Reset Password: Cho php qun tr t li mt khu ti khon m kh ng cn bit mt khu c. Open Home Page: M Microsoft Internet Explorer v kt ni ti a ch trang web (Uniform Resource Locator - URL) c xc nh ti hp Web Page trong th General ti hp thoi Properties ca tng ngi d ng Send Mail : D ng ng dng Th in t mc nh, to th mi vi a ch ti hp Email trong th General ti hp thoi Properties ca i tng ngi d ng. Delete : Xo i tng ngi d ng khi CSDL Active Directory. Rename: Sa i li trng Full Name ca i tng ngi d ng v m hp thoi Rename User bn c th sa i li First Name, Last Name, Display Name, User Logon Name v User Logon Name (PreWindows 2000). Lu : Mc ch ca bi thi. Mc ch ca bi thi 70-290 xc nh bn c th to mi v sa i li ti khon bng cch s dng snap-in Active Directory Users And Computers.. QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 256 LM VIC VI TI KHON NGI DNG Khi bn to ti khon ngi d ng mi, bn ch cn a vo cc thuc tnh c bn nht. Sau , bn c th s dng mt c ng c qun tr mnh dnh cho i tng ngi d ng l hp thoi Properties ca chnh i tng ny. Bn m hp Properties bng cch chn i tng ngi d ng sau ti thc n Action chn tip Properties sa li. Mc nh hp thoi ny c 13 th, vi rt nhiu cc thuc tnh m bn c th thit lp cho User. Cc th ny c phn loi nh theo bng 6-2 i y LU : Active Directory Schema and Object Properties. Trong mt s trng hp hp thoi Properties c nhiu hn 13 th hay c th c thm cc trng khc trn mt vi th mc nh.iu ny xy ra do lc (schema) Active Directory, ni xc nh s cc thuc tnh cho mi kiu i tng, l c th m rng c. . Ngi qun tr c th m rng thm lc mt cch th c ng bng cch thm cc thuc tnh cho kiu i tng (Microsoft khuyn co l kh ng nn lm nh vy) hoc lc cng c th t ng c m rng khi ci t cc sn phm phn mm nh ci t Microsoft Exchange th s to thm cc th Exchange General, Exchange Features, and E-mail Addresses ti hp thoi Properties ca i tng ngi d ng. Bng 6-2: Phn loi cc thuc tnh ngi d ng trong cc th ca hp thoi User Properties

    Phn loi

    n tin c nhn Th g (Personal information)

    Thuc tnh Ti khon (Account properties) Qun l cu hnh ngi d ng (User configuration management)

    General Address Telephones Organization Account

    Profile Th an h thnh vin nhm Qu ro p membership) (G u QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 257 LM VIC VI TI KHON NGI DNG Terminal Services Profile Dch v u cui (Terminal Services) Member Of

    Truy cp t xa (Remote Access) ng dng (Applications) Environment Remote Control Sessions Dial-in COM+

    Thit lp ti tng th s c nu r trong cc phn sau: Th General

    Th General gm cc th ng tin c bn ca ngi d ng nh First Name v Last Names m bn nhp vo khi to i tng ngi d ng. Bn cng c th a vo cc trng khc nh Display Name, Office Location (v tr c quan) v Description, thm vo l Telephone Numbers (s in thoi), Web page addresses (a ch trang WEB) v E-mail address (a ch Th in t) ca ngi d ng. Rt nhiu trng trong cc Th General, Address, Telephones v Organization l cc th ng tin c nhn v cc trng ny l tu chn v cc gi tr ca n kh ng c mi lin quan trc tip ti cc hot ng ca i tng ngi d ng hay ca dch v Active Directory, n n gin ch cung cp cc th ng tin v ngi d ng.. Vic cung cp cc th ng tin ny gi p cho ngi qun tr d dng tm kim ti khon ngi d ng min bng cch s dng c ng c tm kim (Search) vi bt k th ng tin no h c v ngi QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 258

    LM VIC VI TI KHON NGI DNG d ng . cc ngi d ng trn mng cng c th tm kim mt ngi d ng c th no tm ra cc th ng tin lin h hoc d liu khc. Th Address

    Th Address gm cc trng th ng tin cho php qun tr nhp cc th ng tin a ch ngi d ng vo Active Directory. Th Telephones

    Th Telephones gm cc trng cho php qun tr lu cc s in thoi ca ngi d ng. Mc d cc trung nh vy ch n thun l th ng tin trong cu hnh mc nh ca Active Directory, nhng cng kh ng th ni l n chng lm g c. C rt nhiu th ng tin c ch, v d nh c th to ng dng quay s in thoi cho php bn tm kim ti khon ngi d ng khc trong Active Directory v t ng quay s vo s in thoi t trong th ny.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 259

    Th Organization

    LM VIC VI TI KHON NGI DNG Th Organization bao gm cc trng m ngi qun tr c th xc nh th ng tin v v tr ca ngi d ng trong t chc, c c trng m bn c th chn ti khon ngi qun l ca ngi d ng ny trogn CSDL Active Directory . Th Account

    Th Account cha cc trng User Logon Name, UPN Suffix, and User Logon Name (PreWindows 2000) c cc gi tr bn a vo khi to ngi d ng, tu theo bn la chn t ttrnh hng dn Create Object User. Th ny cng s bao gm mt s cc tu chn khc nh sau. Logon Hours (Gi ang nhp): Hin hp thoi Logon Hours, ti qun tr c th t thi gian hng ngy hoc theo ngy xc nh trong tun m ngi d ng s c php ng nhp vo min. Mc nh, tnh nng ny ch cm ngi d ng ng nhp vo. Nu ngi d ng ng nhp v ht thi gian cho php th s kh ng b ngt. Nhng nu trong Network Security ti i tng chnh sch nhm (GPO) chn

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 260 LM VIC VI TI KHON NGI DNG Network Security l Force Logoff When Logon Hours Expire, th qun tr s ngt kt ni ca ngi d ng mt cch t ng. Hn ch ca Logon Hours l ch p dng cho ng nhp min ch kh ng p dng cho ng nhp cc b.

    Log On To (ng nhp vo): Hin hp thoi Logon Workstations, ti qun tr c th xc nh tn ca cc my tnh trn mng m ngi d ng ny c th ng nhp vo. Tnh nng ny cn c gi l Computer Restrictions. Bn phi chn Enable NetBIOS over TCP/IP trn mng s dng tnh nng ny do n hn ch vic ng nhp vo my tnh da trn tn NetBIOS ca my.

    Account Is Locked Out (Ti khon b kha): Mc nh ch v hiu ho, n ch c kch hot v chn khi ti khon ngi d ng b kho do nhiu ln c tnh ng nhp kh ng thnh. Bn c th t kha cc ti khon tu theo cc gi tr Account Lockout Duration (Thi gian kha ti khon), Account Lockout Threshold (ngng kha ti khon), v Reset Account Lockout Counter After (t li bin m kha ti khon sau) ca chnh sch nhm (GPO). V d, Account Lockout Threshold t l 3 th ti khon s b kho sau 3

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 261 LM VIC VI TI KHON NGI DNG ln ng nhp kh ng thnh c ng. Khi ti khon b kho th qun tr c th m li bng cch xo la chn ny. Store Password Using Reversible Encryption (Lu mt khu s dng m ha o): Buc Active Directory lu mt khu ca tng vi thut ton m ho o, thay cho vic s dng cc thut ton m ha thun chiu, mnh hn v hin ang c s dng ph bin trong vic m ha mt khu. La chn ny c thit k cho cc ng dng yu cu o mt khu , nh phin bn u tin ca Challenge Handshake Authentication Protocol (CHAP). Trong tt c cc trng hp khc, l dng v hiu ho. Bn

    cng c th thit lp l kch hot hoc v hiu ho la chn ny bng cch s dng Group Policies. Khi la chn ny c chn th n s ln gi tr c ng loi trn cc Group Policy khc nu c xung t. Account Is Disabled (Ti khon b v hiu ha): Cho php qun tr v hiu ho hoc kch hot ti khon ngi d ng Smart Card Is Required For Interactive Logon (Yu cu c Smart Card khi ng nhp): ngi d ng c yu cu smart card khi ng nhp. Smart card l thit b th cha th ng tin nh danh ca ngi d ng, thng l di dng chng ch s v kho m ring. ngi d ng ng nhp bng smart card th my tnh phi c thit b u c v phn mm tng ng v ngi d ng phi c chnh xc s PIN (personal identification number) ca Card. La chn ny dnh cho cc ti khon yu cu tng cng tnh nng bo mt. Bi v vic d ng smart card kh ng cn ti mt khu , la chn ny thay i mt khu

    ti khon thnh gi tr phc tp v ngu nhin v kch hot la chn Password Never Expires. Account Is Trusted For Delegation (Ti khon c tin cy cho y quyn): La chn ny cho php dch v chy di tn ti khon ngi d ng (gi l service account ti khon dch v) nhm ng vai tr l mt ngi d ng truy nhp vo ti nguyn my tnh thay mt cho ti khon ngi d ng khc trn mng. Trn mng, la chn ny him khi c chn, nu c, trong i tng ngi d ng thay mt cho ngi d ng thc s. Account Is Sensitive And Cannot Be Delegated (Ti khon l nhy cm v kh ng c y quyn): U quyn cho php qun tr trao quyn kim sot cho mt ti khon c th, thng l d ng tm thi, v d nh l ti khon Guest. La chn ny ngn cm ti khon c u quyn bi cc ti khon khc,

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 262 LM VIC VI TI KHON NGI DNG Use DES Encryption Types For This Account (S dng kiy m ha DES cho ti khon ny): Active Directory s s dng thut ton m ho DES (Data Encryption Standard) cho cc i tng ngi d ng ny. Do Not Require Kerberos Preauthentication (kh ng yu cu qu trnh tin xc thc Kerberos): Active Directory b qua th tc tin xc thc Kerberos (qu trnh tin xc thc kerberos l qu trnh so snh thi gian trn my khch c m hoa bng mt khu ca ngi d ng, nu thnh c ng mi thc hin tip qu trnh xc thc) khi thc hin vic xc thc ngi d ng ny. La chn ny l dnh cho cc ti khon s dng cc thc thi xc thc khc ca giao thc xc thc kerberos, m kh ng h tr vic xc thc trc. B qua vic thc thi tin xc thc giao thc Kerberos, s gy gim tnh nng an ton c cung cp bi giao thc ny, do vy, kh ng nn kch hot la chn ny tr khi c l do c bit.

    b v

    Account Expires: Cho php qun tr xc nh ngy ti khon t ng hiu ho, s dng giao din sau:

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 263

    Th Profile

    LM VIC VI TI KHON NGI DNG Th Profile gm cc trng bn c th ch nh v tr t User profile (Khi lc Ngi d ng), Home Folder (Th mc ch) v Logon Script (Kch bn ng nhp) s thc thi khi ngi d ng ng nhp. THNG TIN THM: bit thm th ng tin v User Profiles xem phn Qun l User Profiles ti chng sau. Th Member Of

    Th Member Of lit k cc nhm m ngi d ng l thnh vin v cho php qun tr sa i li cc quan h thnh vin nhm ca ngi d ng. Mc nh, ngi d ng mi to l thnh vin ca nhm Domain Users. LU : bit thm th ng tin v nhm Active Directory xem chng 7 Lm vic vi Nhm

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 264 LM VIC VI TI KHON NGI DNG Th Terminal Services Profile

    Cho php qun tr cho php ngi d ng kt ni vo Terminal Servers (My ch Dch v u cui) v ch nh v tr ca User Profile v Home Folder s c p dng khi ngi d ng kt ni vo Terminal Server. Th Environment

    Th Environment (M i trng) cho php qun tr ch nh ng dng s chy ngay khi ngi d ng kt ni vo My ch Dch v u cui. Ti y cn c cc la chn c cho php hay kh ng kt ni ti cc a c gn kt (Map) v cc my in trn my trm ngay sau khi ng nhp. V ch nh liu c in vo my in mc inh ti mmy trm hay kh ng.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 265 Th Remote Control LM VIC VI TI KHON NGI DNG

    Th Remote Control cho php bn cu hnh cc thit lp iu khin t xa Dch v u cui (Terminal Services) cho i tng ngi d ng. Cc la chn ny ch nh liu cc phin lm vic ca ngi d ng c th c truy nhp bng cch s dng tnh nng kim sot t xa ca Dch v u cui hay kh ng, liu cc Cp php cho ngi d ng c cn thit hay kh ng khi thc hin truy cp ni trn, v liu ngi kim nh (Auditor) ch n thun quan st cc phin lm vic ca ngi d ng hay thc s tham gia vo cc phin lm vic ny. Cc la chn ny cng cn c th c cu hnh th ng qua

    bng iu khin Terminal Services Configuration hoc Chnh sch Nhm (Group Policies-GP), Trong trng hp nu cc thit lp cho cc la chn ny s dng cc c ng c khc nhau ni trn c xung t th cc thit lp trong Chnh sch Nhm s c u tin. Th Sessions

    Th Sessions (Phin) cho php qun tr c th cu hnh hnh vi khi ngt kt ni phin lm vic Dch v u cui ca ngi d ng, s dng cc iu khin sau: QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 266 LM VIC VI TI KHON NGI DNG End A Disconnected Session (Kt th c phin lm vic c ngt): t thi gian cho phin lm vic (secsion) ca ngi d ng s dng Terminal Services tip tc duy tr trn my ch sau khi ngi d ng ngt kt ni. Active Session Limit (Gii hn ca Phin lm vic ang hot ng): t khong thi gian ti a cho phin lm vic ca ngi d ng s dng Dch v u cui, Phin lm vic s b ngt khi t ti gii hn t. Idle Session Limit (Gii hn ca phin lm vic ang dng ): t khong thi gian ngh ti a cho php ca phin lm vic trc khi my ch ngt kt ni. When A Session Limit Is Reached Or Connection Is Broken (Khi t ti giihn ca phin lm vic hy kt ni b t): Thit lp My ch Dch v u cui ngt hay hy b phin lm vic khi phin t n gii hn, ngi d ng c th lp li phin b ngt nhng kh ng th kt ni li n phin b my ch hy b. Allow Reconnection (Cho php kt ni li): Ch nh liu ngi d ng c hay kh ng c php kt ni li ti My ch Dch v u cui t mt my trm bt k hoc t my trm khi to phin. Th Dial-in

    th Dial-in (quay s vo) bao gm cc iu khin cho php qun tr thit lp cc kh nng truy nhp t xa ca ngi d ng, bao gm: Remote Access Permission (Dial-In Or VPN) (Cp php Truy nhp T xa Quay s hay VPN): Bn c th chn cc la chn cho php truy nhp, t chi truy nhp hoc iu khin truy nhp th ng qua cc thit lp trong Chnh sch Truy nhp T xa (Remote Access Policy).

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 267 LM VIC VI TI KHON NGI DNG Nu bn la chn Allow Access (cho php truy nhp), cc d nh kt ni ca ngi d ng ti my ch thm ch vn b t chi do cc thit lp t trong Chnh sch Truy nhp T xa, cc thuc tnh ca Ti khon Ngi d ng hay ti cc thuc tnh ca Khi lc (Profile) Dch v u cui . Verify Caller ID (Kim tra nh danh Ngi gi): My ch kt ni t xa kim tra li s nh danh Ngi gi m ngi d ng s dng kt ni bng cch so snh n vi nh danh Ngi gi (Caller ID) c nhp trong th ny. Nu s nh danh Ngi goi ca ngi d ng kh ng c xc nhn hoc kh ng ng s in thoi nh trc th kt ni ny s b t chi. Callback Options (cc t y chn gi li): Cho php ngi qun tr cho php ngi d ng s dng tnh nng gi li khi kt ni ti my ch t xa hay kh ng. Nu c, sau khi ngi d ng kt ni ti my ch th n s ngt kt ni ng thi sau thit lp kt ni quay li ti ngi d ng theo s in thoi c ngi d ng ch nh hay theo s m qun tr t trc ngay trong th ny. Tnh nng gi li s tit kin cho ngi d ng, cc ha n s c tnh cho s in thoi ti my ch, v m bo tnh an ton, do ch nhng ngi gi ti mt trong cc s in thoi nht nh c cho php mi c th truy nhp t xa vo my ch. Assign A Static IP Address (Gn IP tnh): Cho php qun tr t a ch IP tnh m my ch t xa s lu n gn cho ngi d ng ny. Apply Static Routes: Cho php qun tr ch nh cc bn ghi nh tuyn tnh s c thm vo bng nh tuyn ca my trm khi kt ni Demand-Dial (Quay theo yu cu) c thit lp. Th COM+

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 268 LM VIC VI TI KHON NGI DNG Th COM+ cho php qun tr gn mt tp partition COM+ xc nh cho ngi d ng. Tp Partition COM+ l tp hp ca cc cc partition COM+ m cc ng dng COM+ c lu. Chn mt tp partition COM+ no s cho php ngi d ng truy nhp n cc ng dng khc nhau c trong tp ny. QUN L NG THI NHIU NGI DNG Khi qun l cc ti khon ngi d ng min, khi bn phi lm cc c ng vic sa i ging nhau cho nhiu ti khon ngi d ng v bn thc hin ch ng mt cch ring l th s thc s l mt c ng vic mt thi gian v nhm chn. Trong nhng trng hp nh vy, bn hon ton c th c ng l c thay i cc thuc tnh ca nhiu ti khon ngi d ng bng cch s dng bng iu khin Active Directory Users And Computers. n gin l bn chn ng thi cc i tng ngi d ng bng cch gi phm CTRL trong khi bm chn tng ngi d ng trong khung chi tit, sau chn Properties t thc n Action. Hp thoi Properties On Multiple Objects xut hin nh hnh 6-8.

    Hnh 6-8: Hp thoi Properties On Multiple Objects LU : Chnh sa cc lp i tng (Object Classes).

    Khi bn

    chn ng thi cc i tng thay i, bn s nhn c cc kt qu tt nht khi tt c cc i tng l c ng mt lp. V d, nu bn chn ng thi cc i tng l ngi d ng th s sa c rt nhiu cc thuc tnh, nhng nu bn chn i tng ngi d ng v i tng my tnh th ch c mt thuc tnh chung ca ch ng c th sa c l Description.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 269 LM VIC VI TI KHON NGI DNG Hp thoi Properties On Multiple Objects khc mt ch t so vi hp thoi Properties chun ca i tng ngi d ng. N ch c mt s gii hn cc thuc tnh, l cc thuc tnh c p dng \cho ng thi nhiu i tng. Cc thuc tnh ca hp thoi ny c tng kt trong bng 6-3 Bng 6-3: Cc thuc tnh c th c hin cho vic chnh sa khi chn ng thi cc i tng ngi d ng

    General

    Account Th

    Description Office Telephone Number Fax Web Page E-mail UPN Suffix Logon Hours Thuc tnh

    Address

    Profile

    Organization Computer Restrictions Account Options Account Expires Street P.O. Box City State/Province Zip/Postal Code Country/Region Profile Path Logon Script Home Folder Title Department Company Manager

    DI CHUYN CC I TNG NGI DNG Mc d vic c trong tay bn thit k v cu tr c Active Directory cho t chc ca bn khi bn to cc i tng ngi d ng tht s l mt iu l tng do bn c th to ch ng trong ng cc i tng cha c th, nhng vic phi di chuyn cc i tng ny sau vn hon ton c th xy ra. QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 270 LM VIC VI TI KHON NGI DNG Kh nng ny cng cn cho php bn iu chnh li cho ph hp vi vic thuyn chuyn nhn s hoc ti c cu li c ng vic. di chuyn i tng ngi d ng (hay bt c mt i tng no khc) bn chn i tng ny v sau t thc n Action bn chn Move, khi s xut hin hp thoi Move (ch ra trong hnh 6-9). Sau chn i tng cha bn mun chuyn n n v nhn OK. Bn cng n th di chuyn i tng bng cch ko v th.

    Hnh 6-9: Hp thoi Move LU : Xo cc i tng Khi bn chuyn cc i tng trong cu tr c Active Directory, bn phi cn thn kh ng tnh c xo ch ng. SID tng ng vi i tng ngi d ng l mt gi tr duy nht c gn cho i tng khi n c khi to. Khi bn xo v to li vi c ng tn v cc thuc tnh th SID vn l khc nhau. y kh ng phi l vn ln khi to mi i tng, nhng nu bn xo i tng th bn phi cu hnh li mi Cp php ca ngi d ng v ch ng c cp cho ngi d ng theo SID ca h. KHI TO NG THI NHIU NGI DNG i khi, qun tr mng c yu cu phi to nhiu i tng ngi d ng mt cch nhanh chng, p ng cho mt t tuyn dng mi hoc mt lp sinh vin mi nhp hc. Khi , bn s c cc phng php m bn c th s dng lm n gin ha hay t ng ha qu trnh to i tng ngi d ng thay cho vic phi to ring l tng ti khon. Bng iu khin Active Directory Users And Computers l mt c ng c thit k ch yu dnh cho vic to v qun l cc i tng mt cch n l. Tuy nhin, Windows Server 2003 c c cc c ng c khc d ng cho vic to cc i tng s d ng cc k thut nh nhp (import) v cc kch bn dng dng lnh (command-line scripting). QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 271 LM VIC VI TI KHON NGI DNG S dng cc mu (Template) i tng Th ng thng th cc i tng ca Active Directory trong c ng mt lp (class) s chia s cc thuc tnh tng t nhau. V d, tt c cc thnh vin c ng mt ph ng ban s c ng cc nhm ging nhau, c php ng nhp vo mng c ng gi v c cc Home Folders (Th mc ch) v Roaming Profiles ( c di tr )

    t trn c ng mt my ch. Trong trng hp

    ny s rt thun tin khi bn bt u vic to ti khon cho cc ngi d ng i b ng cch to mt i tng c cc thuc tnh chung, i tng ngi m d ng chung, hay cn gi l Template (Mu) v sau s dng vic sao chp i tng ny to cc i tng ngi d ng mi. to i tng ngi d ng mu, ta to i tng ngi d ng mi, gn tn cho n v d l UserTemplate v t cu hnh cc thuc tnh ca n l cc thuc tnh chung ca tt c mi ngi d ng mi m bn mun to, cch lm nh l bn cu hnh cho tng ngi d ng vy. Cc thuc tnh s c sao chp ti i tng mi c tng kt trong bng 6-4. Sau khi cu hnh cc thuc tnh cho i tng mu ny, bn phi v hiu ho (Disable) ch ng kh ng ai c th s dng i tng ny ny truy nhp vo mng.

    Bng 6-4: Th General C c Propertie sao chp ti i tng ngi d ng mi. Cc thuc tnh (Properties) s c chp Kh ng Address Tt c, ngoi tr Telephones Organization Account

    Street Address

    Profile

    Member Of Kh ng Tt c, ngoi tr Title Tt c, ngoi tr User Logon Name v User Logon Name (Pre-Windows 2000), s c xc nh trong qu trnh thc hin sao chp. Tt c, gm Profile Path v Local Path, s c chnh sa tng ng logon Name ca ngi d ng mi Tt c

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 272

    Terminal Services Profile

    Kh ng

    Environment Remote Control Sessions Dial-in COM+ LM VIC VI TI KHON NGI DNG Kh ng Kh ng Kh ng Kh ng Kh ng

    Mt khi i tng mu c o ra, bn c th s dng n to ti khon ngi d ng mi bng cch chn i tng mu thch hp, sau chn thc n Action, chn Copy, khi s xut hin trnh Hng dn Chp i tng Ngi d ng (Copy Object-User) gn ging nh trnh Hng dn To i tng Ngi d ng Mi (New Object-User) bn s dng trong phn trc ca chng ny. Trnh hng dn s dn bn qua cc bc ca qu trnh cu hnh cc thuc tnh ca i tng bt buc phi c cc gi tr duy nht, nh First Name, Last Name, Initials, Logon Name, Password v cc tu chn ca ti khon. Khi trnh Hng dn kt th c, i tng ngi d ng mi s c to vi cc gi tr thuc tnh ging nh ca i tng mu i vi cc thuc tnh c lit k trong bng trn. LU : Vic sao chp i tng v cc Cp php. Mt ngi d ng c to bng cch sao chpi tng mu c c ng quan h nhm ging nh i tng mu,do vy cc Cp php v Quyn gn cho nhm ny cng s c p dng cho ngi d ng mi. Tuy nhin, cc Cp php v cc Quyn c gn trc tip cho i tng mu s kh ng c sao chp ti i tng ngi d ng, do vy, i tng ngi d ng mi cng kh ng c c cc Cp php v Quyn ny.. NHP I TNG NGI DNG S DNG CSV DIRECTORY EXCHANGE CSV Directory Exchange (Csvde.exe) l tin ch dng dng lnh cho php nhp vo hoc kt xut ra cc i tng t Active Directory, s dng file vn bn c cc trng c phn cch bng du phy ( ,), Cc file ny, QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 273 LM VIC VI TI KHON NGI DNG

    LU : To ng thi nhiu Templates. Tu theo quy m chc v mc phc tp cu hnh i tng ngi d ng, to ng thi mt s cc i tng mu ti cc trong cy Active Directory. V d, to ring r cc ca ngi d ng ti mi OU s cho php bn cu hnh cc thuc tnh theo tng OU .

    ca t bn phi v tr khc nhau i tng mu gi tr

    cn c gi l file CSV (Comma-Separated Value), l dng lit k dng vn bn tng minh (Plain-text) ca cc th ng tin CSDL vi mi bn ghi l mt dng, v cc trng c phn cch bi du phy (,). LU : Mc ch k thi. Mc ch bi thi 70-290 xc nh bn thy c th import User Accounts (nhp cc ti khon ngi d ng). To CSV file Phn kh nht ca vic s dng CSV Directory Exchange to i tng ngi d ng nm chnh bn thn nh dng ca file CSV. Dng u ca file CSV c gi l tiu , bt buc phi bao gm danh sch cc thuc tnh c trong tt c cc hng tip theo. Bn lit k cc thuc tnh s dng tn gn cho ch ng trong Lightweight Directory Access Protocol (LDAP), l giao thc giao tip Active Directory tiu chun. Dng CSV tiu c dng tiu biu nh sau: DN,ObjectClass,sAMAccountName,sn,givenName,UserPrincipalName Trong dng ny, tn trng i din cho cc thuc tnh nh sau: DN: Distinguished Name (DN), n xc nh kh ng ch ring tn ca i tng m c v tr ca n trong cy phn cp AD. DN gm c tn th ng dng (Common Name - CN) ca ngi d ng v tip theo sau l tn ca tt c cc i tng cha bn trn ca n, ton b ng i ti gc (Root, Top) ca cy. ObjectClass: Xc nh kiu ca i tng. sAMAccountName: Xc nh preWindows 2000 logon Name ca i tng sn: Xc nh tn h (Surname) ca ngi d ng givenName: Xc nh tn gi (first Name) ca ngi d ng UserPrincipalName: Xc nh UPN y , bao gm c tn, ca ngi d ng min (UserName@DomainName.com). Cc dng tip theo sau tiu (header) phi xc nh gi tr cho tng thuc tnh lit k trn tiu . V d cc bn ghi trong file CSV nh sau: "CN=Scott Bishop,OU=Employees,DC=ACNA,DC=com", User,sbishop,Bishop,Scott,scott.bishop@ACNA.com File ny, khi c nhp vo, s to i tng ngi d ng trong OU Employees c tn l Scott Bishop. Logon Name, First Name v Last Name cng c cu hnh bng file CSV ny. y ch l mt v d n gin ca

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 274 LM VIC VI TI KHON NGI DNG file CSV vi ch mt vi thu c tnh. Dng tiu c th di hn nhiu v c th bao gm bt k mt thuc tnh no bn c th tm thy i tng. LU : To cc thuc tnh trng. Khi to cc dng trong file CSV, bn c th gi tr ca ca mt vi thuc tnh nht nh l trng, nhng bn vn phi tnh n n khi trnh by.. V d, nu bn b trng First Name trong v d trn th file CSVs c dng sau: "CN=Scott Bishop,OU=Employees,DC=ACNA,DC=com", user,sbishop,Bishop,,scott.bishop@ACNA.com S lng cc du phy(,) vn hon ton ging nhau gia hai v d, do trng Givenname (t n gi) vn c tnh n, nhng kh ng c gi tr.

    Cch tt nht to file CSV l s dng mt file c sn nh l mt v d. Bn c th s dng CSV Directory Exchange kt xut ra ton b CDSL Active Directory thnh tp CSV, bng cch g lnh sau ti ca s dng lnh: csvde f outputFileName Trong : outputFileName l file c kt xut ra Bn c th m file ny bng bt c h son tho vn bn no, nh Notepad chng hn v s dng n xc nh cc tn LDAP cho cc thuc tnh bn mun s dng v ly nh dng chun ca mi bn ghi. Nhp vo tp CSV Sau khi bn to to c file CSV c nh dng chun, c cha cc th ng tin ca rt nhiu cc i tng Active Directory, bn c th nhp ch ng vo CSDL th mc ca bn tt c c ng l c bng cch chy chng trnh Csvde.exe t ca s dng lnh ca Windows c ng vi tn ca file CSV, theo c php sau: csvde i f FileName k Chc nng ca cc tham s nh sau: -i : Chuyn sang ch nhp. Nu kh ng c tham s ny th ngm nh l ch kt xut ra. -f fileName: Xc nh tn ca file CSV s c nhp vo k: Buc chng trnh b qua cc li, v d nh Object already exists(i tng tn ti) , constraint violation(vi phm cc rng buc) attribute or value already exists (thuc tnh hay gi tr

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 275 LM VIC VI TI KHON NGI DNG tn ti), trong khi vic nhp vo ang thc hin v tin trinh vn c thc hin tip. TO I TNG NGI DNG BNG DSADD.EXE Dsadd.exe l chng trnh ca Windows Server 2003 cho php bn to mi cc i tng Active Directory, vi y cc thuc tnh,t ca s dng lnh. Khi bn c mt s lng ln cc i tng ngi d ng to, s u vit ca vic s dng Dsadd.exe l bn c th to file b (batch) gm nhiu dng lnh nhm to ng thi nhiu i tng c ng l c vi s lng ln bao nhiu t y thch. LU : Mc ch ca k thi. Mc ch bi thi 70-290 yu cu cc th sinh c kh nng To v sa cc ti khon ngi d ng mt cch t ng. C php chnh to i tng ngi d ng bng Dsadd.exe nh sau: dsadd User UserDN [parameters] LU : To cc kiu i tng khc. Bn c th s dng Dsadd.exe to bt k mt kiu i tng Active Directory no bng cch thay cc tham s ngi d ng bng tn ca bt k mt lp i tng no m dch v th mc h tr v cung cp cc tham s tng ng vi lp i tng . Tham s UserDN l mt hoc nhiu hn cc tn phn bit (Distinguished Names) cho mt (hoc nhiu) i tng ngi d ng mi. DN s dng c ng mt nh dng ging nh nh dng ca n trong tp CSV, nh nu phn trn. Trong trng hp DN c du cch, th bn phi t n trong du

    ngoc kp (). Khi bn s dng Dsadd.exe mt cch tng tc t du nhc dng lnh, bn c th cung cp tham s UserDN theo mt trong cc cch sau: Nhp tng tn DN mt, phn cch nhau bi du cch, trong v tr ca n ti dng lnh. Ly danh sch cc DN t cu lnh khc, v d nh t Dsquery.exe B trng tham s DN, Bn s nhp DN ti du nhc a ra t chng trnh. Bn n Enter sau mi DN v nhn CTRL+Z v Enter sau DN cui c ng.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 276 LM VIC VI TI KHON NGI DNG Ngoi tham s UserDN, bn c th thm bt c mt trong cc tham s sau trong cu lnh Dsadd.exe, nhm ch nh cc gi tr cho cc thuc tnh ca i tng: -samid SAMName (tn truy nhp vi cc h iu hnh trc Windows 2000) -upn UPN (tn chnh ca ngi d ng) -fn FirstName (Tn gi) -mi Initial (Ch ci u ca tn m) -ln LastName (Tn h) -display DisplayName (Tn hin th) -empid EmployeeID (M nh danh nhn vin) -pwd {Password | *}, (mt khu), nu bn t du * trong cu lnh, mn hnh s hin du nhc cho bn g mt khu. -desc Description(m t) -Memberof GroupDN (Tn y ca nhm) -office Office (tn vn phng) -tel PhoneNumber (s in thoi) -email Email -hometel HomePhoneNumber (in thoi nh ring) -pager PagerNumber (S my nhn tin) -mobile CellPhoneNumber (s di ng) -fax FaxNumber -iptel IPPhoneNumber -webpg WebPage -title Title -dept Department -company Company -mgr ManagerDN -hmdir HomeDirectory (th mc ch) -hmdrv DriveLetter (K t a) -profile ProfilePath (ng dn n khi lc ngi d ng)

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 277 LM VIC VI TI KHON NGI DNG -loscr ScriptPath (ng dn n kch bn ng nhp) -mustchpwd {yes | no} -canchpwd {yes | no} -reversiblepwd {yes | no}

    -pwdneverexpires {yes | no} -a t cc expires S ngy s ht hn -Disabled {yes | no} Bn

    thm cc tham s s, -u v p ch nh my iu khin min s thc thi Dsadd.exe v tn ngi d ng, mt khu cng s c d ng chy lnh ny. {-s Server | -d Domain} -u UserName -p {Password | *} Mt bin c bit, $UserName$ (kh ng phn bit ch hoa hay ch thng), c t s dng cung cp tn ti khon SAM ca ngi d ng trong gi tr ca cc tham s -email, -hmdir, -profile v -webpg. V v, nu tn SAM ca ti khon l Denise tham s -hmdir s c ghi l mt trong cc dng sau: -hmd r i \Users\Denise\home -hm r di \Users\$UserName$\home to i tng cho ngi d ng Scott Bishop ti v d trc y, bn c th s dng dng lnh Dsass.exe nh sau: dsadd User "CN=Scott Bishop, OU=Employees, DC=ACNA, DC=com" samid sbishop ln Bishop fn Scott upn scott.bishop@ACNA.com Sa i tng ngi d ng bng Dsmod.exe Dsmod.exe l mt lnh khc ca Windows Server 2003 bn c th d ng chnh sa cc i tng Active Directory. C php v dng lnh sa tng ngi d ng hon ton ging nh vi Dsadd.exe. dsmod User UserDN [parameters] Ngoi tr, bn kh ng th d dng tham s samid sa thuc tnh User Logon Name, bn cng kh ng th d ng tham s Memberof thay i nhm cha n. Mc d vy, ban vn c th sa quan h nhm bng lnh Dsmod Group.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 278 LM VIC VI TI KHON NGI DNG QUN L KHI LC NGI DNG Khi lc ngi d ng (User Profile) l tp hp ca cc Folder v d liu m trong lu tr cc m i trng nn, cc thit lp ng dng v cc d liu c

    nhn hin thi ca ngi d ng. Khi lc ngi d ng gm tt c cc khon mc ca thc n Start ca ngi d ng v cc a nh x ti my ch. Khi lc ngi d ng duy tr cho ngi d ng c c ng m i trng nn m ch ng c t ln ng nhp cui vo my tnh. LU : Mc ch ca k thi. Mc ch ca k thi 70-290 nhm xc nh sinh vin c kh nng Qun l khi lc ngi d ng cc b, di tr v bt buc. Trn my tnh chy Windows Server 2003, khi lc ngi d ng s t ng c to v duy tr thit lp nn cho tng ngi d ng ti chnh my ny. H thng to khi lc ngi d ng mi cho mi ngi d ng khi h ng nhp vo my ln u. Khi lc ngi d ng cung cp mt vi tnh nng u vit cho ngi d ng nh sau: Nhiu ngi d ng c th lm vic trn c ng mt my, v mi ngi trong s h u c th duy tr cc thit lp nn ring ca mnh mi khi ng nhp vo my tnh. Khi ngi d ng vo my trm ca mnh, h s nhn c cc thit lp nn ging nh ln thot ra trc . Vic chnh sa m i trng nn ca mt ngi d ng no s kh ng lm nh hng ti cc thit lp ca bt k ngi no khc. Khi lc ngi d ng c th trn my ch, bi vy vi c ng mt ngi d ng trn cc my khc nhau th vn d ng chung c mt khi lc ngi d ng. Khi , n c gi l khi lc ngi d ng di tr (Roaming User Profiles). Nhng ng dng m c xc nhn l tng thch vi Windows 2000 v cc h iu hnh sau s lu cc thit lp ca ch ng ti Khi lc Ngi d ng. Ging nh mt c ng c qun tr, Khi lc Ngi d ng cung cp cc la chn sau: o Bn c th to khi lc ngi d ng mc nh thch hp vi cc tc v ca ngi d ng.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 279 LM VIC VI TI KHON NGI DNG o Bn c th thit lp Khi lc Ngi d ng Bt buc (Mandatory User Profile), l loi Khi lc m ngi d ng kh ng th thay i c, p t mt cu hnh h thng nht nh cho mi ngi d ng. o Bn c th ch nh cc thit lp mc nh cho ngi d ng, s c a vo Khi lc Ngi d ng ca tt c cc ngi d ng ring l. NI DUNG KHI LC NGI DNG Khi lc ngi d ng bao gm cu hnh cc s thch cc t y chn cho mt ngi d ng c th. Bng 6-5 s lit k cc thit lp c trong Khi lc Ngi d ng. Bng 6-5: Cc thit lp ti khi lc ngi d ng Cc th ng s c lu Tt c cc thit lp cho Windows Explorer ngi d ng c th xc nh

    Cc vn bn lu tr ca ngi d ng Cc file nh lu tr ca ngi d ng cc Shortcut v cookie cho cc web site a thch trn Internet Cc mng c nh x m ngi d ng to ra Lin kt ti cc my tnh khc trn mng Biu tng t trn mn hnh nn, thanh tc v v cc yu t shortcut. Mu mn hnh v cc thit lp hin th ch D liu ng dng v cc thit lp cu hnh do ngi d ng xc nh Cc kt ni ti my in mng Ngun Windows Explorer My Documents My Pictures Favorites/Cookies Mapped network drive My Network Places Desktop contents Screen colors and fonts Application data and registry Printer settings

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 280

    LM VIC VI TI KHON NGI DNG Tt c cc thit lp ngi d ng c th xc nh trong Control Panel Cc thit lp chng trnh hng ngi Control Panel Programs certified for use with d ng (Per-User) cho cc ng dng c Windows 2000 and later thit k theo di cc thit lp chng trnh. Chng ch operating systems store

    Certificate h mc Khi lc Ngi d ng Cu tr c T Khi lc ngi d ng cc b t ti a h thng ca my tnh ti Folder A . Khi bn ng nhp vo ln u, Windows Server 2003 to Folder con trong Documents And Settings, vi tn l tn ng nhp. Hnh 6-10 ch ra cu tr c th mc ca khi lc ngi d ng.

    Hnh 6-10: Cu tr c ca th mc Khi lc Ngi d ng Chc nng ca cc Folder trong khi lc ngi d ng nh sau: Application Data: Folder n cha d liu xc nh trong chng trnh, nh t in t y chnh. Nh pht trin ng dng s quyt nh d liu no s c lu trong Folder ny. Cookies: Cha cc th ng tin ngi s dng trang WEB v cc s thch ca ngi d ng c Internet Explorer lu. Desktop: Cha cc biu tng trn mn hnh nn, bao gm shortcut n cc file v Folder. Favorites: Cha shortcut ti cc trang c a thch trn Internet. Local Settings: L Folder n,cha Folder Application Data v Folder History, cng nh cc Folder ph thm khc dnh cho vic cha cc file tm thi .

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 281 LM VIC VI TI KHON NGI DNG My Documents: Cha cc ti liu c lu tr bi ngi d ng. My Recent Documents: L Folder n, cha shortcuts ca cc ti liu mi va c s d i c truy nhp ti. NetHood: L Folder n, cha cc shortcut ti cc mc trong My Network Places. PrintHood: L Folder n, cha cc shortcut ti cc mc ca Folder printer. SendTo: L Folder n, cha cc shortcut ti cc tin ch qun l vn bn (document-handling). Thc n Start : Cha cc shortcut n cc file chy v cc file khc to thnh thc n Start . Templates: Cha cc mc mu ca ngi d ng. Thm vo , khi lc ngi d ng cn cha mt bn ca file NtUser.dat, y l file ng k ca Windows Server 2003 cha cc thit lp ca ngi d ng. Ngoi ra, cc thit lp ny cn gm rt nhiu cc t y chn m bn c th cu hnh ti Control Panel. S dng Khi lc Ngi d ng Cc b Vic s dng Khi lc Ngi d ng Cc b trn my tnh s dng Windows Server 2003 l hon ton n i vi cc ngi d ng th ng thng. H iu hnh hk i to Khi lc Ngi d ng mt cc t ng cho mi ngi d ng khi ng nhp ln u. Cc ln ng nhp tip theo, Windows Server 2003 s ti cu hnh t ng Khi lc Ngi d ng ca h trc . Thm ch ngi d ng kh ng bit c rng chnh h cc thay i Khi lc Ngi d ng Cc b ca mnh, n gin nh l thay i thit lp mn hnh nn, lu cc a ch a thch mi hoc i li mu mn hnh. Khi ngi d ng thay i m i trng mn hnh nn, Windows Server 2003 s kt hp cc thay i vo khi lc ngi d ng lu trn my tnh v s dng cho ln ng nhp tip theo. Nh vy, ngi d ng ng nhp vo my tnh chy

    nd ws Server 2003 s lu n nhn c thit lp mn hnh nn nh phin Wi o kt ni cui trc . Khi nhiu ngi d ng chung mt my tnh th m i ngi d ng duy tr v nhn c Khi lc Ngi d ng ring. S dng Khi lc Ngi d ng Di tr (Roaming Profiles) h tr ngi d ng lm vic trn nhiu my tnh, qun tr mng c th thit lp cc Khi lc Ngi d ng Di tr cho ngi d ng. Khi lc Ngi d ng Di tr n gin l bn sao chp ca Khi lc Ngi d ng Cc b v QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 282 LM VIC VI TI KHON NGI DNG c lu tr chia s trn mng (ti ni ngi d ng c cc Cp php ph hp), do ngi d ng c th truy nhp ti t bt c my tnh no trn mng. Cho d ngi d ng ng nhp t bt k my tnh no, h cng s lu n nhn c c ng mt thit lp mn hnh nn v v kt ni t Khi lc Ngi d ng c trn my ch, hon ton ngc li vi Khi lc Ngi d ng Cc b, ch nm ti mt my trm. ngi d ng truy nhp vo Khi lc Ngi d ng Di tr thay cho Khi lc Ngi d ng Cc b, bn phi m hp thoi Properties ca ngi d ng v ch nh v tr ca Khi lc Ngi d ng Di tr to hp Profile Path trong Profile th. Ln tip theo ngi d ng ng nhp, Windows Server 2003 truy nhp vo Khi lc Ngi d ng Di tr theo cch sau: 1. Khi ngi d ng ng nhp ln u tin, my tnh sao chp ton b ni dung ca Khi lc Ngi d ng Di tr vo Folder con v file tng ng trong Folder Documents And Settings trn a cc b ca my tnh ny. 1. Ni dung Khi lc Ngi d ng Di tr ca ngi d ng cha trn a cho php ngi d ng ng nhp v truy nhp ti Khi lc Ngi d ng ngay c khi my ch cha Khi lc Ngi d ng Di tr kh ng hot ng. 2.

    3. Khi ngi d ng lm vic m c bt k thay i no nh hng ti Khi lc Ngi d ng, ch ng s c lu vo bn sao trn a cc b. 4. Khi ngi d ng thot khi Windows (log off), my tnh s ng b cc thay i t bn sao cc b ln Khi lc Ngi d ng Di tr trn my ch. 5. Ln ng nhp tip theo trn c ng my tnh ny, h thng s so snh ni dung ca Khi lc Ngi d ng uc ti my cc b vi Khi lc Ngi d ng Di tr trn my ch 6. My tnh ch sao chp nhng thnh phn ca Khi lc Ngi d ng Di tr b thay i vo bn sao cc b, vic ny lm tin trnh ng nhp vo nhanh v hiu qu hn. Bn nn to Khi lc Ngi d ng Di tr trn My ch Qun l File (File Sever) no bn thng xuyn thc hin vic sao lu (Backup), nh bn s c c cc bn sao ca cc Khi lc Ngi d ng mi nht cho cc ngi d ng ca bn. tng tc ng nhp trn cc mng co nhiu lu

    My tnh p dng cc thit lp c trong Khi lc Ngi d ng Di tr dnh cho n.

    th ng, hy t Khi lc Ngi d ng Di tr trn my ch thnh vin thay QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 283 LM VIC VI TI KHON NGI DNG cho my ch iu khin min. Vic sao chp Khi lc Ngi d ng Di tr gia my ch v cc my trm c th tn nhiu ti nguyn h thng nh bng th ng mng v cc chu k x l. Nu Khi lc Ngi d ng trn my ch iu khin min, tin trnh xc thc ca cc ngi d ng min s b chm. LU : L do chia s profile. Khi bn to mt Khi lc Ngi d ng Di tr cho nhiu my trm, cn m bo l bn cn nhc n vic phn chia cc chng loi cu hnh phn cng khc nhau trn cc h thng s d ng chung mt if. V d nh nu cc Shortcut trn mn hnh nn c cu hnh cho phn gii mn hnh l 1024 768 v bn ang nhp vo h thng c cc mn hnh ch p ng phn gii 800 600 th mt s shortcut c th kh ng nhn thy c. Cc Khi lc Ngi d ng cng kh ng hon ton l c th d ng cho tt c cc h iu hnh.. Khi lc Ngi d ng thit k cho Windows 98 kh ng c y cc chc nng nh trn Windows Server 2003. Thm ch, bn s gp phi cc s kh ng ng nht khi thc hin di tr gia cc h thng chy Windows Server 2003 v chy Windows XP hoc Windows 2000. S DNG KHI LC NGI DNG BT BUC Khi lc Ngi d ng Bt buc chnh l Khi lc Ngi d ng Di ch dng ch c. Ngi d ng cng nhn c cc thip lp mn hnh nn nh khi h lm vic vi Khi lc Ngi d ng Di tr v h c th cu hnh mn hnh nn sau khi ng nhp nhng kh ng mt thay i no c ghi li khi h thot ra khi Windows. Ln ng nhp tip theo, Khi lc Ngi d ng li ging nh ln ng nhp trc. Windows Server 2003 ti Khi lc Ngi d ng Bt buc vo my tnh cc b mi ln ngi d ng ng nhp. Bn c th gn mt Khi lc Ngi d ng Bt buc cho nhiu ngi d ng c chung mt yu cu i vi cc thit lp mn hnh nn, v d nh mt nhm ngi d ng c c ng mt c ng vic. Do Khi lc Ngi d ng kh ng bao gi b thay i, nn bn kh ng cn lo lng l ai lm thay i gy nh hng ti nhng ngi d ng khc. Ngoi ra, Khi lc Ngi d ng Bt buc cn gi p bn c th thay i m i trng mn hnh nn cho nhiu ngi d ng bng cch ch thay i duy nht mt Khi lc Ngi d ng m th i. to Khi lc Ngi d ng Bt buc bn ch cn i li tn file NtUser.dat trong Folder cha Khi lc Ngi d ng Di tr thnh NtUser a .m n, NtUser.dat l file n cha cc thit lp ng k ca Windows Server 2003 p dng cho cho tng ti khon ngi d ng n l v cha cc

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 284 LM VIC VI TI KHON NGI DNG thit lp m i trng ca ngi d ng nh hin th nn. i tn file ny vi

    phn m rng l .man lm n thnh ch c, ngn kh ng cho cc my tnh ngi d ng lu cc thay i vo Khi lc Ngi d ng khi ngi d ng thot ra khi Windows. GIM ST V KHC PHC S C VIC XC THC NGI DNG Khi bn cu hnh i tng ngi d ng v v cc ngi d ng s c xc thc th ng qua cc ti khon nh vy, bn s gp phi hai thch thc l cc im yu bo mt, trong trng hp nu kh ng c xc nh r s lm nh hng.n tnh ton vn ca mng, v cc thch thc v k nng x hi, khi bn lm cho qu trnh xc thc tr nn thn thin v ng tin cy i vi ngi d ng. Kh ng may l hai im ny li bt ng vi nhau, nu tnh bo mt cng cao bao nhiu th tnh thn thin vi ngi d ng cng km by nhiu. Vic thc thi cc tnh nng bo mt cho q a trnh xc thc ngi d ng ca Windows Server 2003 s thng xuyn gay ra cc rc ri khi ngi d ng ang nhp. v mt phn c ng vic ca ngi qun tr mng l gii quyt cc rc ri khi ch ng xy ra. Trong phn tip theo, chng ta s kho st mt s cc ngu n y nhn ph bin gy ra cc rc ri khi xc thc ngi d ng v cc

    S dng cc Chnh sch Mt khu Trong phn trc ca chng ny, ti phn La chn Mt khu, bn tm hiu v Chnh sch Mt khu m Windows Server 2003 cung cp, cho php bn xc nh chiu di, phc tp v thi hn ca mt khu c ngi d ng cp cho ti khon ca h. Mc ch chnh ca cc chnh sch ny l buc ngi d ng t mt khu mt cch hiu qu v h phi nh k thay i mt khu. Tht l dng khi s dng Chnh sch Mt khu buc ngi d ng phi s dng cc mt khu c an ton rt cao, nhng vic yu cu ngi d ng mt khu phc tp c 15 k t v thay i li hng tun dng nh lm ny sinh thm cc vn rc ri nhiu hn l cc li ch m n mang li. Nhn vin h tr mng c l s nhn c cc cuc goi qun mt khu thng xuyn ca ngi d ng, v thm ch cn t hn, ngi d ng s ghi mt khu li v nhng ni kh ng m bo an ton. Bn phi thit k Chnh sch Mt khu sao cho n lm nn ch mt cch c hiu qu cc k xm nhp trong khi vn m bo c tnh thn thin tt cho ngi d ng, h kh ng b qun mt khu hay phi vit ch ng ra. QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 285 LM VIC VI TI KHON NGI DNG LU : Xc nh di mt khu. Khi bn trin khai chnh sch mt khu cn nh rng Windows Server 2003, Windows XP Professional v Windows 2000 h tr cc mt khu di ti 127 k t, nhng Windows 95, Windows 98 v Windows Me ch h tr cc mt khu c di ti a ti 14 k t. C nm chnh sch mt khu c a ra phn trn ca chng ny c th

    c ng c m bn c th d ng pht hin v khu tr

    ch ng.

    p dng vi cc i tng Chnh sch Nhm Active Directory. M bn c th cu hnh bng cch s dng bng iu khin Group Policy Object Editor, trong bn duyt n Computer Configuration\Windows Settings \Security Settings\Account Policies\Password Policy. Tuy nhin, bn cng c th xc nh cng cc chnh sch nh vy cho cc Ti khon Ngi d ng Cc b bng cch s dng bng iu khin Local Security Policy, c trong nhm chng trnh Administrative Tools trn bt c mt my ch thnh vin chy Windows Server 2003 no LU : Thay i Chnh sch Mt khu. Cu hnh di mt khu v cc yu cu v phc tp kh ng gy nh hng ti cc mt khu t t trc. Nhng thay i ny ch nh hng vi cc ti khon mi v mt khu s thay i sau khi p dng chnh sch mt khu mi. S DNG CHNH SCH KHO TI KHON Vic kho ti khon xy ra sau mt s ln c tnh ng nhp kh ng thnh c ng ca ngi d ng, h thng gi thit l c tn c ng c hi ti ti khon bng cch d tm mt khu, bi vy s kho ti khon kh ng c ng nhp tip na. Chnh sch kho ti khon min xc nh s ln ng nhp kh ng hp l c php thc hin trong mt khong thi gian nh trc trc th ti khon b kho. Cc chnh sch ny thm ch cn c xc nh c phi lin h vi qun tr b kho ti khon ny hay kh ng hay ch n gin l b kha sau khi ht mt thi hn xc nh. LU : Mc ch ca k thi. Mc ch ca k thi 70-290 xc nh th sinh c kh nng chn on v gii quyt cc ti khon b kho. Bn s dng chnh sch nhm kim sot kho ti khon nh sau: Account Lockout Threshold: Xc nh s ln c tnh ng nhp kh ng thnh c ng gy ra vic kho ti khon, gi tr ny trong khong t 0 ti 999. Gi tr qu thp (v d l 3) c th gy nn kho i vi li ngi d ng th ng thng trong khi ng nhp. Gi tr l 0 ngn kh ng cho ti khon ngi d ng b kho. QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 286 LM VIC VI TI KHON NGI DNG Account Lockout Duration: Xc nh thi hn m ti khon ngi d ng sau khi b kho s c Active Directory t ng m li. Chnh sch ny kh ng oc thit lp mc nh do n ch c tc dng khi s dng kt hp vi chnh sch Account Lockout Threshold. Gi tr ny trong khong t 0 ti 99.000 ph t (khong 10 tun). Vic t gi tri ny thp (5 ti 15 ph t) l gim ng k cc cuc tn c ng m kh ng lm nh hng cc ngi d ng hp l b kha do li. Gi tr 0 yu cu ngi d ng lin h vi ngi qun tr m kha ti khon ny. Reset Account Lockout Counter After: Xc nh thi hn sau ln c tnh ng nhp kh ng thnh trc khi bin m kha (Lockout counter) c t li v gi tr 0. Gi tr trong khong t 1 ti 99.999 ph t v phi nh hn hay bng gi tr ca Account Lockout Duration. Cng ging nh i vi Chnh sch Mt khu, bn c th cu hnh chnh sch ti khon ti bng iu khin Group Policy Object Editor, chn Computer Configuration\Windows Settings\Security Settings\Account Policies\Account Lockout Policy. Chnh sch kho ti khon cng c th c ti bng iu khin Local Security Policy. Khi bn trin khai chnh sch kho ti khon trn mng, bn chc chn l s nhn c mt s cuc gi h tr nht nh t ngi d ng m h kh ng bit l t kho chnh mnh. Cc cuc gi nh vy i khi li uc bo co l

    h gp mt s trc trc khc, nh mt mt khu hay cc chc nng khc hot ng kh ng K tr k thut hiu bit cn phi bit r v chnh sch kho ti khon trn mng v th tc m ti khon b kho c th xc nh c chnh xc v trc trc thc t xy ra da trn bo co dng nh kh ng my chnh xc ca ngi d ng. LU : Mc ch ca k thi. Mc ch ca k thi 70-290 xc nh th sinh c kh nng khc phc s c ca ti khon ngi d ngv Khc phc cc s c lin quan n vic xc thc ngi d ng. DCH V ACTIVE DIRECTORY MY KHCH Khi bn lm vic trn mt mng hn hp, bn cn nh l kh ng phi mi h iu hnh thm ch kh ng phi tt c cc h iu hnh Windows u h tr Active Directory. Active Directory c gii thiu u tin ti Windows 2000 v ch trn cc h iu hnh Windows 2000, Windows XP v Windows Server 2003 mi c cc tnh nng ca dch v Active Directory my khch.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 287 LM VIC VI TI KHON NGI DNG Cc my tnh chy Windows 95, Windows 98, Windows Me, and Windows NT 4 c th c chc nng ca dch v Active Directory my khch, nhng trc ht bn phi ti phn mm Active Directory Client t trang Web ca Microsoft v ci t n. Cc my khch c th thc hin rt nhiu tnh nng ca Active Directory trn h thng Windows Server 2003, Windows XP v Windows 2000, gm c: Site-awareness: My tnh chy dch v Active Directory my khch s ng nhp vo my iu khin min gn nht trn mng thay cho vo my ch iu khin min chnh (PDC Primary Domain Controller). Active Directory Service Interfaces (ADSI): kch hot kh nng s dng cc kch bn (script) qun l Active Directory. Distributed File System (Dfs): Cho php my khch truy nhp vo ti nguyn chia s ca h thng file phn phi (Dfs) trn my ch chy Windows Server 2003 v Windows 2000. NT LAN Manager (NTLM) version 2 authentication: My khch s dng tnh nng xc thc ci tin trong NTLM version 2. Active Directory search capability: my khch c th tm kim cc i tng Active Directory bng cch s dng cc tnh nng tm kim (Find hoc Search). Ngi d ng c cc Cp php thch hp cn c th s dng cc trang thuc tnh ca Windows Address Book (WAB) cu hnh cc thuc tnh ca cc i tng. c nh nng sau y h tr trong Windows 2000 Professional and C t Windows XP Professional nhng kh ng dnh cho dch v Active Directory my khch trn Windows 95, Windows 98, and Windows NT 4:

    Xc thc Kerberos V5 H tr Group Policy hoc Change And Configuration Management Service Principal Name (SPN) hoc xc thc ln nhau H tr Internet Protocol Security (IPSec) hoc Layer 2 Tunneling Protocol (L2TP). Thm vo , bn nn thc c cc vn sau trong m i trng hn hp: Khng c dch v Active Directory my khch, ngi d ng trong h thng chy cc phin bn trc Windows 2000 ch c th thay i mt khu nu h thng truy nhp c ti my iu khin min c chc nng nh l Primary Domain Controller Emulator. xc nh QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 288

    LM VIC VI TI KHON NGI DNG PDC-Emulator trong min, m Active Directory Users And Computers, chn min, chn lnh Operations Masters t thc n Action , sau chn th PDC. Nu PDC Emulator kh ng lm vic (hoc kh gn trn mng (offline) hoc ang nm trn pha bn kia ca kt ni mng b t) th ngi d ng kh ng th thay i c mt khu ca h. Nh bn bn tm hiu trong phn trc ca chng ny, i tng ngi d ng duy tr hai thuc tnh tn ngi d ng ng nhp. Tn ng nhp PreWindows 2000, hay tn SAM l tng ng vi tn ngi d ng trong Windows 95, Windows 98 hoc Windows NT 4. Khi ngi d ng ng nhp, h nhp tn ngi d ng v chn min t danh sch chn Log On To. Cch khc na l tn ngi d ng c th c vo theo dng DomainName\UserLogonName. Ngi d ng ng nhp vo my chy Windows 2000 hoc cc phin bn sau ca h iu hnh Windows c th ng nhp theo c ng cch nh vy, hoc h c th s dng tn UPN theo dng UserLogonName@UPN Suffix, trong UPN suffix mc nh l tn DNS min ca i tng ngi d ng. Khi bn kh ng cn phi chn min t Log On To. Trn thc t hp chn ny s b v hiu ho ngay sau khi bn g k hiu @. KIM NH XC THC Nu bn lo lng rng c th c cc cuc tn c ng d tm mt khu hoc bn mun bit thm th ng tin v khc phc cc vn s c xc thc, bn c th

    cu hnh Chnh sch Kim nh ghi cc s kin li vo nhtj k bo mt (Security log) gi p bn thy r qu trnh xc thc din ra nh th no.. Cc chnh sch kim nh sau c t ti Computer Configuration \Windows Settings\Security Settings\Local Policies\Audit Policy c hai bng iu khin Group Policy Object Editor v Local Security Policy. Bn u hnh ghi li cc s kin thnh c ng hoc b li. c th c Audit Account Logon Events: Ghi li tng s kin ng nhp thnh c ng hoc li. i vi My ch iu khin Min, chnh sch ny c xc nh trong Chnh sch My ch iu khin Min Mc nh (Default Domain Controllers Policy GPO). Vic kch hot chnh sch trn s khi to mt mc vo ca nht k bo mt trn My ch iu khin Min mi ln ngi d ng ng nhp trc tip hoc qua mng s dng ti khon min. nh gi y kt qu ca vic kim nh bn phi kim tra nht k bo mt trn tt c cc My ch iu khin

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 289 LM VIC VI TI KHON NGI DNG Min do ngi d ng c xc thc phn tn trn tt cc cc My ch iu khin Min trong site hoc min Audit Account Management: Cu hnh kim nh trong tc v qun tr bao gm to, xo hoc sa ti khon ngi d ng, nhm, my, my tnh, cng nh vic t li mt khu Audit Logon Events: S kin ng nhp gm ng nhp v thot ra khi Windows, trc tip hoc qua mng. Nu bn kch hot chnh sch kim nh s kin ti khon ng nhp cho nhng ln thnh c ng trn my iu khin min, vic ng nhp my trm s kh ng to ra cc mc vo kim nh khi ng nhp. Ch ng nhp trc tip v qua mng vo My ch iu khin Min mi to ra cc s kin ng nhp. Cc s kin ng nhp ca ti khon c to trn my cc b cho ti khon cc b v trn My ch iu khin Min cho cc ti khon mng. Cc s kin ng nhp c sinh ra bt c l c no khi vic ng nhp xy ra. LU : Mc ch k thi. Mc ch ca k thi 70-290 xc nh th sinh c kh nng Phn on v gii quyt cc vn lin quan ti cc thuc tnh ti khon ngi d ng. Mt khi bn cu hnh chnh sch kim nh, nht k bo mt s bt u in cc th ng ip s kin. Bn c th xem cc th ng ip ny bng cch s dng bng iu khin Event Viewer . THNG TIN THM: bit thm th ng tin v vic s dng bng iu khin Event Viewer, xem chng 3 Gim st Microsoft Windows Server 2003.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 290

    TNG KT LM VIC VI TI KHON NGI DNG Cc my tnh chy Windows Server 2003 c th c ti khon ngi d ng cc b v min. Ti khon ngi d ng cc b c lu ti h thng cc b v c th cho ngi d ng truy nhp vo ch cc ti nguyn cc b m th i. Ti khon ngi d ng min ti CSDL Active Directory ca My ch iu khin Min v cho ngi d ng truy nhp vo ton b ti nguyn trn mng. to ti khon ngi d ng min, bn phi l thnh vin ca nhm Enterprise Admins, Domain Admins hoc Account Operators. Hoc bn phi c u quyn to i tng ngi d ng. i tng ngi d ng gm cc thuc tnh chnh tng ng vi ti khon ngi d ng, bao gm tn ng nhp, mt khu v m nhn dng bo mt (SID) ca ngi d ng. Ch ng cn bao gm mt s cc thuc tnh lin quan n c nhn ngi d ng m n i din nh th ng tin c nhn, quaqn h nhm v cc thit lp qun tr. Windows Server 2003 cho php bn c th thay i mt s cc thuc tnh ny cho nhiu i tng ngi d ng mt cch ng thi.

    i tng ngi d ng mu (Template) l cc i tng c sao chp trong qu trnh to cc ngi d ng mi. Nu mu kh ng l ngi d ng tht, n nn l v hiu ho. Ch mt s cc thuc tnh ca ngi d ng l c chp t mu. CSV Directory Exchange cho php bn c th nhp cc i tng t tp vn bn c phn cch cc trng bi du phy (,). Windows Server 2003 gm cc c ng c dng dng lnh m bn c th s dng to v qun l cc i tng Active Directory bao gm c Dsadd.exe v Dsmod.exe Khi lc ngi d ng l cc tp cc Folder ca cc Folder v file to thnh m i trng cho ngi d ng xc nh. Khi lc ngi d ng gm cc ti liu c nhn, biu tng trn mn hnh nn, cc thc n Start shortcut v cc thit lp Control Panel nh mu mn hnh,

    Windows Server 2003 to khi lc ngi d ng ring cho tng c nhn ng nhp vo h thng. Khi lc Ngi d ng c t mc nh cc b ti Systemdrive\Documents and Settings\UserName. Khi lc ngi d ng cc b c ti a cc b, cn khi lc ngi d ng di tr trn my ch. Khi lc Ngi d ng Di tr cung cp cho ngi d ng c c ng khi lc ngi d ng t bt k my tnh no trn mng.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 291 LM VIC VI TI KHON NGI DNG Khi lc Ngi d ng Bt buc kh ng bao gi b thay i, cung cp c ng mt cu hnh nn thng nht ti mi ln ngi d ng ng nhp. Kim nh xc thc t ch iu khin Min. r kin cho nht k bo mt ca My

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 292 LM VIC VI TI KHON NGI DNG BI TP THC HNH Bi tp thc hnh 6-1: Thay i cc Thit lp Chnh sch Mt khu Trong Bi tp thc hnh ny, bn sa li cc thit lp chnh sch mt khu mc nh trn my tnh ca bn. 1. 2. ng nhp vo Windows Sever 2003 domain nh Administrator. Bm chn Strat, ch n Administrative Tools v chn Directory Users And Computer, khi s xut hin bng iu khin Active Directory Users And Compute. 3. Chn i tng min, chn thc hin hp thoi Properties . 4. 5. n Action, chn Active

    Properties, xut

    Ti th Group Policy, chn Default Domain Policy v chn xut hin bng iu khin Group Policy Object Editor. Di Computer Configuration, m Windows Settings, Settings v Account Policies, sau chn Password Policy.

    Edit, Security

    6. Kch p Minimum Password Length policy, xut hin hp thoi Minimum Password Length Properties. 7. Thay i Minimum Password Length thnh 8 k t v sau chn OK. 8. Kch p Maximum Password Age, xut hin hp thoi Maximum Password Age Properties. 9. Thay i thit lp maximum password age thnh 7 ngy, sau chn OK. 10.ng bng iu khin Group Policy Object Editor. 11.Bm OK v ng hp thoi Properties ca min. 12.ng the bng iu khin Active Directory Users And Computers. Bi tp thc hnh 6-2: To i tng ngi d ng min Trong Bi tp thc hnh ny, bn s to i tng mi trong i tng cha Active Directory. 1. ng nhp vo Windows Server 2003 My ch iu khin Min nh Administrator.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 293 LM VIC VI TI KHON NGI DNG 2. Bm Start, ch n Administrative Tools v bm Active Directory Users And Computers. Xut hin bng iu khin Active Directory Users And Computers. 3. M i tng min v chn the i tng cha Users. Trong thc n Action tr ti New v bm User. Xut hin trnh hng dn New Object User. 4. Ti Full Name, g vo Mark Lee. 5. Ti User Logon Name, g mlee, v bm Next. 6. Ti Password v Confirm Password, type rabbit!runs4all, v chn Next. 7. Bm Finish to i tng mi. 8. ng bng iu khin Active Directory Users And Computers. Bi tp thc hnh 6-3 Trong Bi tp thc hnh ny, bn s di chuyn mt i tng ngi d ng n mt i tng cha khc. 1. ng nhp vo Windows Server 2003 my iu khin min nh Administrator. 2. ti Bm Start, tr Active Directory iu khin Active Directory

    Administrative Tools v bm

    Users And Computers. Xut hin bng Users And Computers.

    3. M i tng min v chn i tng cha Users. Chn tip Guest.Trn thc n Action , chn Move. Xut hin hp thoi Move. 4. Chn i tng cha Computers, bm OK. Ngi d ng Guest c chuyn ti i tng cha Computers. 5. Chn i tng cha Computers. 6. Chn i tng ngi d ng Guest v ko n vo i tng vha Users. i tng Guest c chuyn li vo i tng cha Users.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 294 LM VIC VI TI KHON NGI DNG CC CU HI N TP 1. Bn s dng bng iu khin Active Directory Users And Computers cu hnh i tng ngi d ng trong min, v bn c th thay i thuc tnh address v telephone number ca i tng ngi d ng. Tuy nhin, Lnh New User kh ng chn c. Hy gii thch? 2. Cc thuc tnh no sau y c th cu hnh ng thi trn hn mt i tng ngi d ng. a. Password Never Expires b. Direct Reports c. User Must Change Password At Next Logon d. Last Name e. Logon Hours f. Computer Restrictions (Logon Workstations) g. User Logon Name h. Title 3. Trong ba phng php to ng thi nhiu i tng ngi d ng tho lun trong chng ny, phng php no l hiu qu nht sinh ra 100 i tng ngi d ng mi, vi tt c cc thuc tnh xc nh ca Profile Path, Home Folder, Title, Web Page, Company, Department v Manager 4. Bin no c th c s dng trong vi lnh chng trnh Dsadd.exe v Dsmod.exe to folder ch v folders Profile cho ngi d ng xc nh. a. %Username% b. $Username$ c. CN=Username d. <Username>

    5. Bn lm a. Cu hnh quyn write l b. Cu hnh

    th no to mt khi lc ngi d ng di tr bt buc? Cp php trong thuc tnh Security ca folder vi Deny. Cp php trong thuc tnh Sharing ca folder vi ch

    c quyn read only l allow.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 295 LM VIC VI TI KHON NGI DNG c. Cu hnh thuc tnh ca folder profile l Read Only d. i tn file Ntuser.dat thnh Ntuser.man. 6. Phn bit s khc nhau gia khi lc ngi d ng cc b v khi lc ngi d ng di tr ? 7. Lm th no bn c th chc chn l mt ngi d ng trn my tnh chy Windows Server 2003 c Khi lc Ngi d ng Bt buc? 8. Bn c th kch hot yu cu Password Must Meet Complexity Requirements trong min ca bn. Hy din t cc yu cu cho mt khu v khi no th cc yu cu ny s thc hin CC KCH BN TNH HUNG Kch bn 6-1: Cu hnh i tng ngi d ng Properties Bn s to mt s cc i tng ngi d ng cho mt nhm c ng nhn thi v a t chc ca bn. H s lm vic hng ngy t 9 A.M. n 5 P.M.,

    theo hp ng thi gian kt th c trong khong t mt n hai thng v h s kh ng lm vic ngoi gi. Thuc tnh no sau y bn s cu hnh m bo

    t ti a cho cc i tng ny? 1. Password 2. 3. Account Expires 4. 5. 6. 7. Account Is Trusted For Delegation User Must Change Password At Next Logon Account Is Disabled 8. Password Never Expires Kch bn 6-2: Qun l kho ti khon d ng b qun mt khu nhng li c tnh ng nhp vi ln vi mt Ng i khu sai. Rt cc l ngi d ng nhn c th ng bo ng nhp ch ra ti Store Password Using Reversible Encryption Logon Hours

    qun t 1. 2. r mng. Khi qun tr s phi lm g? Xo i tng ngi d ng v to li. i tn i tng ngi d ng.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 296 LM VIC VI TI KHON NGI DNG 4. M kha i tng ngi d ng. 5. t li mt khu ca i tng ngi d ng.

    3.

    Kch hot i tng ngi d ng.

    khon ny b v

    hiu ho hoc b kho, th ng bo ngh lin h vi

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 297 LM VIC VI NHM

    CHNG 7: LM VIC VI NHM Trong chng 6, bn bit cc i tng ngi d ng cung cp s truy cp n cc ti nguyn trong mng s dng Active Directory cho cc ngi s dng mng nh th no. Mt c ng c qun tr quan trng khc l i tng Nhm (Group Object). S dng Nhm, cc qun tr vin c th n gin ha qu trnh cp php truy cp cho ngi d ng. Trong chng ny bn s c hc v cc loi nhm m Active Directory h tr, to ch ng nh th no, v lm th no c th s dng ch ng mt cch hiu qu. Kt th c chng ny, bn c th Hiu c cc chc nng ca Nhm v cch s dng ch ng nh th no. Hiu c s khc nhau gia Nhm Cc b (Local Group) v Nhm Min (Domain Group). Nhn bit hai Kiu Nhm (Group type) v ba loi Phm vi Nhm (Group Scope) v lm th no s dng ch ng c hiu qu. Lit k cc Nhm Dng sn (Build-in) v cc Nhm Xc nh Trc (Predefined) trong Microsoft Windows Server 2003. Hiu c s khc nhau gia cc Nhm v cc nhm ng nht c bit (Special Identities)

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 -298-

    HIU V NHM LM VIC VI NHM ngi d ng c kh nng truy cp cc ti nguyn trn mng Active Directory, h nht thit phi c cc cp php thch hp. Cc th mc, a, my in c chia s, v ni rng hn l tt c cc loi ti nguyn khc trn mng u c mt Danh sch Kim sot Truy cp (Access Control List ACL). ACL chnh l danh sch ca cc i tng c cho php truy cp n ti nguyn, theo cc mc truy cp khc nhau m mi i tng c cp. Trong Microsoft Windows Server 2003, ACL c hin th ti th Sercurity (Bo mt) ca phn ln trong b t c hp thoi Properties no, nh c th hin trong hnh 7-1. Cc i tng trong ACL c gi l Sercurity Principals (i tng bo mt). Bn c th s dng Di tng ngi d ng nh l cc i tng Bo mt trao cho ngi d ng quyn truy cp n cc ti nguyn h cn, do i lng ngi d ng xc nh tnh duy nht ca ngi d ng th ng qua qu trnh xc thc

    Hnh 7-1: Th Security trong hp thoi Properties ca th mc V mt l thuyt, Qun tr vin c th to ton b cc cp php cho mi ngi d ng bng cch thm cc i tng ngi d ng vo ACL, v vic thc hin iu ny vi ton b cc mng my tnh (tr trng hp i vi cc mng rt nh) l iu kh ng th do vic tiu tn mt cch lng ph thi gian v lao ng. Hy tng tng bn ang tuyn thm 250 nhn vin mi v, sau khi to cc i tng ngi d ng cho h, phi cp php cho h truy cp khong mt t hoc hn cc ngun ti nguyn tri di trn ton b mng. Thm ch vi trng hp xu nht, gi s my ch b hng v bn cn QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 -299LM VIC VI NHM ci t nhanh mt my ch thay th v sau tin hnh cp php cho 250 ngi h c th truy cp n my ch mi. trnh nhng c ng vic kinh hong nh nu trn, Qun tr mng s dng Nhm. Nhm s lm n gin ha danh sch ca cc ngi d ng c ng nh cc i tng Bo mt. Trong Active Directory i tng chc n Nhm c th bao gm cc i tng ngi d ng, My tnh, Mi lin h (Contact), v trong nhng iu kin nht nh, thm ch bao gm cae Nhm. Khi bn s dng i tng Nhm nh l i tng Bo mt bng cch thm ch ng vo trong danh sch ACL, tt c cc thnh vin trong nhm u nhn cc cp php m bn gn cho nhm (nh ch ra trong hnh 7-2). Nu bn thm thnh vin mi vo nhm ti cc thi im sau ny, h cng s nhn c cc cp php ging nh vy. Nu bn loi b thnh vin no , cc cp php cho h cng b loi b theo. Trong v d nu trn, bn c th to ra mt i tng Nhm v gn cho n cc cp php m nhng ngi mi c nhn vo lm vic cn c. Khi cc nhn vin mi n lm vic, ton b cc c ng vic bn phi lm ch l to ra cc i tng ngi d ng cho h v thm h vo Nhm. n gin ha vic t chc mt my ch thay th, bn cn to ra mt nhm cha ton b cc ngi d ng ca my ch ban u. Nu my ch hng v bn cn chuyn sang s dng my ch thay th, tt c cc c ng vic bn cn lm l gn cc cp php truy cp n my ch mi cho i tng Nhm to, v tt c cc ngi d ng s c chuyn qua s dng my ch mi mt cch m thm. Trn cc mng c h thng cc nhm c thit k tt, Qun tr mng rt him khi, nu c, phi gn cc cp php cho cc ngi d ng ring l.

    Hnh 7-2: L ngi d ng

    i tng Bo mt, mt Nhm tng ng vi nhiu

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 -300LM VIC VI NHM Nhm cng c th gi p ch ng ta gn Quyn ca ngi d ng cho nhiu ngi d ng c ng l c. Trong Microsoft Windows Server 2003, khi nim Quyn (Right) hon ton khc vi khi nim Cp php (Permission). Quyn ca gi d ng (User right) trao cho ngi d ng hay nhm kh nng thc hin mt tc v nht nh, nh truy cp n mt my tnh no th ng qua mng, thay i thi gian h thng, hoc ginh quyn s hu (Take ownership) i vi file hay cc i tng khc. Thm vo , bn cng c th s dng Nhm to ra cc danh sch phn phi th in t. S dng Nhm (Group) v cc Chnh sch Nhm (Group Policies - GP). Trong chng 6, bn bit rng cu tr c ca cy Active Directory l mt phn rt quan trng ca qu trnh to Ti khon ngi d ng trong Min do cc Quyn v Cp php ta gn cho cc i tng cha s c cc i tng con ca n tha hng, bao gm c cc i tng ngi d ng. Vic tha k gia cc nhm cng lm vic ging nh th, vi cc thnh vin s nhn c cc thit lp gn cho nhm. S kc bit ch yu gia tng nhm v i tng Cha l i tng Nhm kh ng b chi phi bi cu tr c hnh cy ca Active Directory. Bn c th to ra nhm vi cc thnh vin bt c u trong min, thm tr ti cc min khc, v trao cho ch ng cc c quyn ch vi mt thao tc n gin. Chnh sch Nhm, mc d vi tn nh vy, c kt hp cht ch vi cc i tng Cha nhiu hn l vi cc i tng Nhm. i tng Chnh sch Nhm (Group Policy Object - GPO) ch c th gn vi cc i tng Min, V tr (Site), OU c s dng Active Directory, v cc thit lp ca ch ng s c truyn xung theo cy Active Directory. Bn kh ng th gn GPO cho nhm, mc d trong nhiu trng hp, bn c th cu hnh cc thit lp Chnh sch Nhm cu hnh mt vi tnh nng ca h iu hnh trn tt c cc thnh vin ca Nhm. V d, bn c th to i tng OU trong cy Active Directory bao gm tt c cc i tng my trm trong min ca bn v gn GPO cho OU ny. Tt c cc my tnh trong OU s c tha hng cc thit lp chnh sch nhm t GPO ny, v mt trong cc thit lp ny c th kch hot Quyn Qun l Kim nh v Nht k Bo mt (Manage Auditing And Security Log), gn quyn ny cho i tng nhm c cc Nhn vin H tr K thut Tin hc. Trong trng hp ny, cc my tnh trong OU nhn c cc thit lp chnh sch nhm t GPO, v cc chnh sch nh vy s trao quyn cho cc i tng nhm nht nh. QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 -301-

    Tm hiu v cc Cp Chc nng ca Min

    LM VIC VI NHM Mt trong s cc hiu lm ph bin nht i vi khi nim Active Directory chnh l Cp Chc nng. Cc Qun tr mng i khi cng nn lng trc vin cnh ca vic thay i Cp Chc nng ca Min hay Rng do n l mt trong vi quyt nh m bn s kh ng th thu hi c trong Microsoft Windows Server 2003. Khi bn thay i cp chc nng, bn s kh ng c c hi i ngc n li. Ni nt cch n gin, cc phin bn khc nhau ca Windows c mt ch t khc nhau trong vic thc thi cc chc nng ca Active Directory. Mi phin bn thnh c ng s c mt vi tnh nng mi kh ng c s dng ti khi mt vi My ch Qun tr Min (DC) hin ang chy cc phin bn c ca Windows. Vic thay i Cp Chc nng ca Min s th ng bo cho h iu hnh bit rng tt c cc My ch Qun tr Min u tng thch v l an ton kch hot cc tnh nng ch c trong phin bn mi. Trong Microsoft Windows Server 2003, bn Cp Chc nng c th c ca ch gn bao gm: Windows 2000 mixed (Pha trn), Windows 2000 Native (T nhin), Windows 2003 Interim (Chuyn tip), v Windows Server 2003. Cc cp chc nng ni trn h tr cc My chu Qun tr Min chy trong m i trng kt hp rt nhiu cc h iu hnh, v ch ng s cung cp rt nhiu cc tnh nng ph thm, v mt vi tnh nng ny s c p dng cho ch c nng ca i tng Nhm trong Min. Cc c tnh ca Cp Chc nng cho Min c lit k sau y: LU : Cp Chc nng cho Min v cc My ch Thnh vin: Nng cp Chc nng cho Min kh ng hn ch cc my tnh chy cc phin bn c ca Windows gia nhp vo min. Cp chc nng ch cp n cc My ch Qun tr Min. Cc min ang chy cp chc nng Windows Server 2003 vn c th h tr cc my ch thnh vin v my trm chy cc h iu hnh Windows 2000, Windows NT, Windows XP, Windows Me, Windows 98 v Windows 95 mt khi ch ng c ci t ng cc phn mm Active Directory my khch. Windows 2000 Mixed: l Cp chc nng mc nh ca My ch Qun tri Min Windows Server 2003. o H tr cc My ch Qun tri Min chy Windows Server 2003, Windows Server 2000, v Windows NT 4. o H tr Nhm Phn phi Tng hp (Universal Distribution Group), nhng kh ng h tr Nhm Bo mt Tng hp (Universal Security Group). QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 -302LM VIC VI NHM o Nhm Ton cc (Global Group) kh ng th cha cc nhm khc (nhm trong nhm). o Vic chuyn i cc nhm l kh ng c php. Windows 2000 Native: H tr cc My ch Qun tri Min chy Windows Server 2003 v Windows Server 2000. o H tr cc Nhm Phn phi v Bo mt Tng hp. o Cho php mt hay nhiu nhm l thnh vin ca nhm khc. o Cho php chuyn i qua li gia cc Nhm Bo mt v Nhm Phn phi. o Cho php di chuyn cc i tng Bo mt (Security Principal) t Min ny qua Min khc (Lch s SID). Windows Server 2003 Interrim: H tr cc My ch Qun tri Min chy Windows Server 2003 v Windows NT 4. Cp chc nng ny

    ch c s dng khi bn c nh nng cp cc My ch Qun tri Min ang chy Windows NT 4 ln My ch Qun tri Min chy Windows Server 2003. o Kh ng cung cp cc tnh nng mi. Windows Server 2003: Ch h tr cc My ch Qun tri Min chy Windows Server 2003. o H tr cc Nhm Phn phi v Bo mt Tng hp. o Cho php mt hay nhiu nhm l thnh vin ca nhm khc (nhm trong nhm). o Cho php chuyn i qua li gia cc Nhm Bo mt v Nhm Phn phi. o Cho php di chuyn cc i tng Bo mt (Security Principal) t Min ny qua Min khc (Lch s SID). LU : Cc tnh nng ca Cp chc nng trong Min: cc chc nng lit k trn ch bao gm cc tnh nng ca Active Directory i vi cc Cp chc nng m gn lin vi i tng nhm v cc hot ng ca n. Tng cp chc nng cho min ng thi cng kch hot nhiu tnh nng khc, nh kh nng i tn min, . Mt vi tnh nng ph thm ca Active Directory cng s c kch hot trong trng hp bn tng cp chc nng cho rng trn mng ca bn, khi tt c cc My ch Qun tri Min trong ton b rng u QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 -303LM VIC VI NHM chy Windows Server 2003. V mc d vy, cc chc nng ny kh ng h nh hng n vic s dng cc i tng Nhm. qun tr Cp chc nng trong Windows Server 2003, ta s dng bng iu khin Active Directory Doman And Trusts nm trong nhm chng trnh Administrative Tools. xem c Cp chc nng hin ti ca Min v Rng, Chn i tng Min trong Phm vi v nhn Properties trong thc n Action. Hp thoi Properties ca min s hin th Cp chc nng hin ti trn th General, nh c ch ra trn hnh 7-3.

    Hnh 7-3: Hp thoi Properties ca min.

    thay i Cp chc nng, chn i tng min v t thc n Action, nhn Raise Domain Functional Level (Tng cp chc nng cho min) hin th hp thoi nh hnh 7-4. Trong danh sch x Select An Available Doamain Functional Level (La chn cp chc nng cho min), chn cp chc nng bn mun s dng v nhn Raise (Nng cp). Nh ni trn, bn kh ng th h cp chc nng sau khi nng cp ch ng, ngoi tr trng hp bn ci t li Active Directory trn ton b cc My ch Qun tri Min trong mng ca bn, do vy chng trnh s cnh bo bn cn chc chn v cc quyt nh ca chnh mnh. Mt khi cp chc nng c nng cp ti mt My ch Qun tri Min, thay i s c nhn bn n ton b cc My ch Qun tri Min khc trong min.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 -304LM VIC VI NHM

    Hnh 7-4: Hp thoi Raise Domain Functional Level LU Nng cp chc nng cho Rng: nng cp chc nng cho r ng, bn chn i tng Active Directory Domains And Trusts trong Phm vi v t thc n Action, nhn Raise Forest Function Level. S DNG NHM CC B Trong chng 6, bn bit Windows Server 2003 h tr c hai loi ti khon: Ti khon ngi d ng Cc b, v Ti khon ngi d ng trong Min. Mi vic cng ng nh vy vi Nhm. Windows Server 2003 h tr cc Nhm Cc b (Local Group) v Nhm trn Min (Domain Group). Mt nhm Cc b l mt tp hp ca cc Ti khon ngi d ng Cc b trn mt my tnh nht nh. Nhm cc b thc hin c ng cc chc nng c bn ca Nhm: n cho php bn c th gn cc Cp php cho nhiu ngi d ng trong c ng mt bc thc hin. Bn to Nhm cc b bng Snap-in Local Users And Groups c tch hp trong bng iu khin Computer Management (c th truy cp t nhm chng trnh Administrative Tools), nh ch ra trong hnh 7-5. Khi bn to ta Nhm Cc b, h thng s lu ch ng ti CSDL ca Trnh Qun l Ti khon bo mt (Security Accounts Manager - SAM) Cc nhm Cc b cng c nhng hn ch ging nh i vi cc ngi d ng cc b. Cc hn ch ca nhm cc b c lit k sau:

    Bn ch c th s dng Nhm Cc b ch trn my tnh ni bn to ra n. Ch c cc ngi d ng cc b trn c ng my tnh c th l thnh vin ca Nhm cc b.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 -305LM VIC VI NHM Khi my tnh l thnh vin ca mt min, thnh vin ca nhm cc b c th bao gm cc ngi d ng v cc nhm ton cc ca min ny hay bt c min no khc c tin cy. Nhm cc b kh ng th c cc thnh vin l cc nhm cc b khc. Vic cp php cho nhm cc b ch cung cp vic truy cp n cc ngun ti nguyn trn chnh my tnh m bn to ra nhm. Bn kh ng th to ra nhm cc b trn my tnh chy Windows Server 2003 ng vai tr nh l My ch Qun tri Min

    Hnh 7-5: Snap-in Local Users And Groups S DNG NHM ACTIVE DIRECTORY Cc nhm Active Directory c phn bit bi Kiu (Type) v Phm vi (Scope) ca ch ng. Nhm Active Directory c hai kiu, m mi kiu u c ba Phm v khc nhau. Vic xy dng cc nhm ny ng phm vi ca n s

    ch ng ta s dng tt nht ngun lc qun tr khi to, gn, v qun l vic truy cp n cc ngun ti nguyn. Kh nng ca vic xy dng cc nhm cng ph thuc vo Cp chc nng ca min m ti cc nhm c to ra. Windows Server 2003 c hng lot cc nhm c to sn, v bn cng c th to ra thm bao nhiu nhm l t y vo yu cu ca bn. Nhm Active Directory, kh ng ph thuc vo kiu hay phm vi ca n, l cc i tng trong CSDL Active Directory, cng ging nh Ti khon ngi d ng v i tng Cha l cc i tng. So snh vi i tng ngi d ng, i tng nhm l hon ton tng t. Thay vo hng t cc

    gi p

    thuc n t h (attribute) ca i tng ngi d ng, i tng nhm ch c mt vi thuc tnh, m quan trng nht trong s l danh sch cc thnh vin. Nh tn ca n ch ra, Danh sch Thnh vin n gin ch l mt danh sch cc i tng, nh ngi d ng, cc nhm khc, my tnh, v Lin lc QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 -306LM VIC VI NHM (Contact), l cc thnh vin ca nhm. Tt c cc Cp php v Quyn c gn cho nhm s c mi i tng c tn trong danh sch thnh vin ca nhm tha k. Trong Windows Server 2003, bn c th to v qun tr tt c cc nhm Active Directory bng cch s dng bng iu khin Active Directory Users And Computers, m ta c th truy cp t nhm chng trnh Adminitrative Tools. Nh ch ra trn hnh 7-6. Ging nh i vi bt c mt i tng Active Directory no, c th to v qun tr c nhm bn cn c cc cp php thch hp ti i tng cha, ni nhm c b tr.

    Hnh 7- : Bng iu khin Active Directory Users And Computers Kiu ca Nhm Active Directory Nhm Active Directory c hai kiu: nhm Bo mt (Security) v nhm Phn phi (Distribution). Nhm Bo mt Nhm bo mt l nhm bn d ng gn cc cp php n c th truy cp ti cc ti nguyn mng. Khi mt ngi no ni ti nhm lin quan ti Windows Server 2003 hay Active Directory, th ng thng l h cp n nhm Bo mt. Cc chng trnh c thit k lm vic vi Active Directory cng c th s dng cc nhm Bo mt cho cc mc ch kh ng lin quan ti vic bo mt, v d nh gi cc th ng tin ngi d ng s dng trong cc ng dng Web. LU Windows Server 2003 ch s dng nhm Bo mt: Nhm Bo mt c th s dng nh cc nhm Phn phi, ngc li, nhm Phn phi kh ng th s dng nh nhm Bo mt. Bn thn Windows Server 2003 ch c th s dng nhm Bo mt nhng do nhm Bo mt c y cc tnh nng ca nhm Phn phi nn y kh ng phi l mt thiu st ca h iu hnh. QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003

    -307-

    Nhm Phn phi LM VIC VI NHM Nhm Phn phi c s dng cho cc chng trnh c cc chc nng kh ng lin quan ti bo mt. Bn s dng nhm Phn phi ch khi chc nng ca nhm kh ng lin quan n vic bo mt, nh gi E-mail n mt nhm cc ngi d ng trong c ng thi im. Bn kh ng th s dng nhm Phn phi gn Quyn hay Cp php. Ch cc chng trnh c thit k lm vic vi Active Directory l co sth s dng nhm Phn phi. Th d nh Microsoft Exchange s dng nhm Phn phi nh l danh sch gi th gi E-mail Phm vi ca nhm Active Directory. Phm vi ca nhm xc nh vic cc Cp php c gn cho cc thnh vin ca n m h nh th no. Tt c cc nhm Active Directory, c nhm Phn phi v nhm Bo mt, u c th xp vo mt trong ba Phm vi: Domain Local (cc b Min), Global (Ton th), v Universal (Tng hp). Nhm Domain Local (cc b min) Nhm cc b min thng c s dng gn cc Cp php truy cp n cc ti nguyn, hoc trc tip hoc bng cch thm nhm Global vo nhm Doain Local. Nhm Doain Local c cc c tnh sau: Nhm Doain Local tn ti trong tt c cc cp chc nng: Windows 2000 Mixed, Windows 2000 native, Windowws Server 2003 interim, v Windows Server 2003. Bn ch th s dng nhm cc b min trao cc Cp php truy cp ch n cc ti nguyn trn c ng min bn to ra nhm. Khi bn s dng Cp Chc nng Windows 2000 mixed hay Windows 2003 interim, thnh vin ca nhm cc b min c th bao gm cc Ti khon ngi d ng, Ti khon My tnh v cc nhm Global t bt c min no trong rng. Ngoi ra, kh ng tn ti bt c mt kiu nhm trong nhm no khc. Khi bn s dng Cp chc nng Windows 2000 native hay Windows Server 2003, nhm cc b min c th bao gm cc Ti khon ngi d ng, My tnh, cc nhm Global v Universal t bt c min no trong rng, v cc nhm cc b min khc trong c ng min. Nhm cc b min c th c chuyn thnh nhm Universal khi n kh ng c thnh vin no l nhm cc b min.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 -308LM VIC VI NHM LU Nhm cc b (Local) v nhm cc b trn min (Domain Local) : do cc nhm Active Directory c phm vi Domain Local i khi c cp n nh l nhm local, cn c s phn bit

    chnh xc gia cc nhm local trn mt my tnh no ( i khi c gi l nhm local trn my tnh) v nhm Active Directory c Phm vi Domain Local. Nhm cc b min c s dng th ng thng nht kim sot s truy p t i cc ti nguyn ch trong mt min n. V d nh bn c th to mt c nhm cc b min trao cp php cho cc thnh vin ca n c truy cp n mt my in nht nh. Sau bn c th thm trc tip cc ngi ng trong min vo nhm cc b min to, hoc bn c th to ra cc d nhm Global gm cc ngi d ng cn truy cp n my in v t nhm Global ny l thnh vin ca nhm cc b min to. Nhm Global m Glo al b c s dng cung cp cc thnh vin c phn loi Nh trong nhm cc b min cho cc i tng Bo mt hay cho vic gn cc Cp php mt cch trc tip (ring cho trng hp mng s dng Cp chc nng Windows 2000 mixed, hay Windows Server 2003 interim). Th ng thng, nhm Global c s dng gom cc ngi d ng v My tnh trong c ng mt min m c c ng c ng vic, vai tr, hay chc nng hoc h c c ng cc nhu cu tng t trong vic truy cp mng. Nhm Global c cc c tnh sau: Nhm Global c mt ti tt c cc Cp Chc nng: Windows 2000 Mixed, Windows 2000 native, Windowws Server 2003 interim, v Windows Server 2003. Nhm Global ch bao gm cc thnh vin t c ng mt min. Khi bn s dng Cp chc nng Windows 2000 native hay Windows Server 2003, thnh vin ca nhm Global c th bao gm cc Ti khon ngi d ng, My tnh cng nh cc cc nhm Global khc trong c ng min. Nhm Global c th chuyn i thnh nhm Universal mt khi n kh ng phi l thnh vin ca bt c mt nhm Global no khc. Khi bn s dng Cp Chc nng Windows 2000 Mixed, nhm Global chi bao gm cc thnh vin l Ti khon ngi d ng, My tnh trong c ng min m th i.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 -309LM VIC VI NHM Nhm Global c th l thnh vin ca nhm Machine Local (My tnh Cc b) hay nhm Domain Local (cc b min). Nhm Global c th c trao cc Cp php truy cp n cc ti nguyn trn bt c min no trong rng v trn cc min c tin cy nm trn rng khc. Nhm Global c s dng th ng dng nht trong vic qun l cc Cp php cho cc i tng Th mc, nh Ti khon ngi d ng v My tnh, thng yu cu vic bo tr trng xuyn. Trn mt mng bao gm nhiu min, li ch chnh ca vic s dng nhm global thay cho nhm Universal trong vic qun l cc Cp php l ch nhm global kh ng b nhn bn

    ngoi phm vi ca min. iu ny lm gim cc lu th ng mng c d ng cho vic nhn bn n Global Catalog, l th mc ca ton b cc ti nguyn trong rng. S dng nhm Global gn cc Cp php cho cc i tng cn nhn bn n Global Catalog s l thch hp hn so vi vic s dng nhm Domain Local cho mc ch ny. Nhm Universal Nhm Universal c s dung ch yu trao cc Cp php truy cp n cc ti nguyn trn nhiu min. Nhm Universal c cc c tnh sau: Nhm Universal ch xut hin trong cc Cp chc nng Windows 2000 native v Windows Server 2003. Thnh vin ca nhm Universal c th bao gm cc Ti khon ngi d ng, My tnh, cc nhm Global, v cc nhm Universal khc trong bt c min no trong rng. Nhm Universal c th chuyn i thnh nhm Domain Local, nhm Global khi ch ng kh ng c cc nhm Universal khc l thnh vin. Khi bn s dng Cp Chc nng Windows 2000 mixed, bn kh ng th to ra nhm Universal. Nhm Universal c th c trao cc Cp php truy cp n cc ti nguyn trong bt k min no trong rngv trong cc min nm trong cc rng c tin cy. Chc nng chnh ca nhm Universal l tp hp cc nhm m rng qua nhiu min. Ni chung, nhm Universal l kh ng cn thit trn mng ch bao gm mt min n. s dng nhm Universal mt cch hiu qu, tt nht l ch ng ta to nhm Global trn mi min, trong c cha cc Ti khon ngi d ng v My tnh, sau thm cc nhm Global ny vo danh sch thnh vin ca nhm Universal. Vic ny cho php bn c th to ra QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 -310LM VIC VI NHM mt nhm Universal n m c th s dng trn ton b doanh nghip, vi mi quan h thnh vin kh ng b xo trn mt cch thng xuyn. Phng php trn thng c la chn hn so vi vic thm trc tip ngi d ng v My tnh vo nhm Universal mt cch trc tip do mi thay i v thnh vin ti nhm Universal s dn ti vic ton b cc mi quan h thnh vin u phi c nhn bn n Global Catalog. Qun l cc ngi d ng v My tnh trong nhm Global s kh ng nh hng n an h thnh vin ca nhm Universal v do kh ng sinh ra cc lu qu th ng ph thm cho vic nhn bn. Nhm Universal cng l hu dng khi ch ng ta mun trao Cp php cho d ng c truy cp n cc ti nguyn nm trn nhiu hn mt min. ng i Kh ng ging nhm cc b min, ban c th gn cc Cp php cho nhm Universal c truy cp n cc ngun ti nguyn c b tr ti bt c min no trn mng ca bn. V d, nu ban lnh o cn truy cp n cc m i y n trn ton b mng ca ban, bn c th to nhm Universal cho mc ch ny v gn Cp php cho n, nh vy ton b cc thnh vin ca nhm ny c th s dng tt c cc my in hin c trn tt c cc min trong mng. Nhm trong nhm (Group nesting). Nh bit trong phn trc, kh nng a mt nhm l thnh vin ca nhm khc l mt trong cc tnh nng hu dng ca vic thc thi i tng

    nhm Active Directory. K thut ny c gi l Nhm trong nhm: (Group nesting). Thc thi nhm trong nhm to cho bn c kh nng qun l vic cp php truy cp ti nguyn mt cch hiu qu hn trong doanh nghip ca bn m kh ng gy ra cc lu th ng ph thm bt thng cho vic nhn bn. Nh nhc ti trn, min ca bn bt buc phi s dng Cp chc nng Windows 2000 native hay Windows Server 2003 nhn c y cc tnh nng u vit ca kh nng nhm trong nhm ca Active Directory, v thm ch nh vy, vn cn cc hn ch trong vic thc thi k thut nhm trong nhm ca cc loi Phm vi nhm khc nhau. Cc hn ch ny, cng vi ton b cc hn ch v thnh vin trong ba phm vi nhm, c tng kt trong bng 7-1

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 -311LM VIC VI NHM Bng 7-1: Cc qui tc thnh vin ca Phm vi nhm

    Phm vi nhm cc b min

    Global Thnh vin i vi cp chc nng Windows 2000 Mixed hay Windows Server 2003 Interim: Ti khon ngi d ng, My tnh v nhm global t bt c min no Ti khon ngi d ng, My tnh trong c ng min Thnh vin i vi cp chc nng Windows 2000 Native hay Windows Server 2003: Ti khon ngi d ng, My tnh, nhm universal, and nhm global t bt c min no; nhm cc b min trong c ng min Ti khon ngi d ng, My tnh, nhm global khc trong c ng

    min

    khon ng Tii d ng, My tnh, nhm universal, v nhm global t bt c min no trong rng

    Cc qui tc thnh vin trong bng trn l yu t u tin ca vic qun tr nhm mt cch hiu qu. Nu bn ri vo trng hp bn kh ng th thm thnh vin nht nh no vo mt nhm hay kh ng th s dng nhm cung cp vic truy cp n mt ngun ti nguyn no , qu trnh x l s c nn bt u bng vic th li Phm v nhm v Cp chc nng, xc nh bn c c h tr trong vic thc hin cc tc v ni trn kh ng. Mc d k tht nhm trong nhm l mt c ng c ng gi, Qun tr mng nn thn trng vi cc tnh nng ca n. Khi bn b tr nhm theo nhiu lp su, c th lm cho vic theo di cc quan h thnh vin v cc cp php c tha k th no trn ton mng tr nn kh khn hn. Mt qui lut chung, b tr nhm trong nhm mt cp l hu hiu trong phn ln cc m i trng mng v l d duy tr hn. Chuyn i nhm Khi bn to nhm, bn phi xc nh kiu v phm vi ca n. Mc d vy, trong min s dng cp chc nng Wind 2000 Native hay Windows Server 2003, bn c th chuyn i cc nhm to sang phm vi khc bt c l c no, c lu n mt s hn ch trong quan h thnh vin. Bng 7-2 tng kt cc chuyn i Phm vi nhm c php v cc iu kin cn thit chuyn i.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 -312LM VIC VI NHM Bng 7-2: Cc hn ch chuyn i Phm vi nhm Active Directory

    T Domain Local n Domain Local n Global Kh ng p dng Kh ng c php n Universal Cho php ch trong trng hp kh ng c thnh vin l nhm cc b min

    rsal Unive

    Kh ng p dng

    T Global Kh ng c php Kh ng p dng Cho php nu kh ng l thnh vin ca nhm Global khc T Universal Kh ng hn ch Cho php nu kh ng c nhm Universal khc l thnh vin Kh ng p dng

    Xy dng Nhm Global v Domain Local S l mt tng tt nu bn c mt chin lc nhm sn sng trc khi to ra cc nhm Active Directory. To ra cc nhm vi Kiu v Phm vi sai s dn n vic gp cc li khi thc thi cc tc v nh. i vi phn ln vic ci t mng, phng php thng thy nht l pht trin cc nhm s dng Phm vi Global v Domain Local theo cc tiu ch sau: To nhm cc b min cho cc ti nguyn c chia s: Xc nh cc ti nguyn, nh th mc hay my in m ngi d ng cn truy cp, v to mt hay hai nhm cho cc ti nguyn ny. V d: nu bn c mt s cc my in mu trong c ng ty, to nhm cc b min c tn Color Printer. Gn cc Cp php truy cp ti nguyn cho nhm cc b min : gn cc Cp php cn thit truy cp ti nguyn cho nhm cc b min tng ng. V du: bn cn gn cc Cp php cn thit c th s dng cc my in mu cho nhm Color Printer.

    Thm nhm Global cn truy cp ti nguyn vo nhm cc b min tng ng: Xc nh tt c cc nhm Global c yu cu truy QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 -313LM VIC VI NHM cp n mt ngun ti nguyn nht nh, v a cc nhm Global l thnh vin ca nhm domain local tng ng. V du: cc k ton vin c th truy cp n cc my in mu, thm nhm Global Accounting vo nhm domain local Color Printer. Cc ngi d ng trong nhm Accounting s nhn c cc Cp php trao cho nhm Color Printer.

    To cc nhm Global cho cc ngi d ng c c ng cc c ng vic: Xc nh cc ngi d ng c c ng cc yu thm i tng ngi d ng ca h vo nhm Global. phng K ton, thm i tng ngi d ng ca tt c vin vo nhm Accounting.

    yu cu cu c ng vic v V du: trong cc k ton

    Khi bn to ra cc nhm theo cc tiu ch trn, bn s iu chnh cc Cp php cho nhm cc b min khi ngun ti nguyn cn thay i v s iu chnh thnh vin ca nhm Global khi nhn s cn thay i. C th bn s ngh rng vic s dng c hai loi Phm vi nhm: Domain Local v Global l kh ng cn thit. Sau ht, bn vn c th ch to mt nhm n, hoc Domain Local hoc Global, trao cho n cc cp php cn thit truy cp ti nguyn, v thm cc i tng ngi d ng ca cc nhn vin cn truy cp ti nguyn vo l thnh vin ca nhm. Mc d vy, s c cc hn ch r rt trong chin lc ny, bt k bn ang s dng nhm domain local hay nhm Global. t i tng ngi d ng vo nhm cc b min v trao cp php cho nhm cc b min: Chin lc ny kh ng cho php bn gn cc Cp php cho cc ti nguyn ngoi min, n lm gim mc linh hot ca chin lc nhm khi mng ca bn pht trin.

    CC NHM MC NH CA WINDOWS SERVER 2003 Windows Server 2003 s t ng to ra mt s ln cc nhm trong cha cc Ti khon ngi d ng dng sn. Bn c th s dng cc nhm ny, thay i ch ng nu cn (trong mt vi trng hp), hay to ra cc nhm mi ca ring bn. C bn loi nhm mc nh trong Windows Server 2003: Nhm Cc b dng sn, ch tn ti trong trng hp my tnh kh ng phi l My ch Qun tri Min, v ba loi nhm mc nh trong Active Directory nhm xc nh trc (Predefined Group), nhm dng sn (Built-in Group), v nhm ng nht c bit (Special Identities Group). Ta s tho lun v cc nhm mc nh ny trong phn tip theo. QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 -314LM VIC VI NHM Nhm Cc b Dng sn (Built-in Local Group) My ch c lp chay My ch thnh vin chy Windows Server 2003 tt c u c cc nhm cc b dng sn. My ch Qun tri Min kh ng c cc nhm cc b (hay ngi d ng cc b) do SAM ca n c chuyn i sang s dng Active Directory. Cc nhm cc b dng sn trao cho ngi d ng quyn thc thi cc tc v h thng trn mt my tnh n l, nh l vic sao lu v phc hi file, thay i thi gian h thng, v qun tr cc ngun ti nguyn h thng. Cc nhm cc b dng sn nm trong th mc Group ca Snap-in Local Users And Groups. Cc nhm cc b dng sn trong Windows Server 2003 v cc kh nng ca n c ch ra di y. Ngoi tr ti nhng ch s c ch ra c th, kh ng mt nhm no khc c sn cc thnh vin. Administrators (Nhm Qun tr): Thnh vin ca nhm ny c cc quyn y v kh ng hn ch khi truy cp n my tnh v min, gi p h c th thch thi tt c cc tc v qun tr. Mc inh, ngi d ng cc b dng sn Administrator l thnh vin ca nhm ny. Khi my tnh gia nhp vo min, Windows Server

    cho tr cc cc

    t Ti khon ngi d ng vo nhm Global v trao Cp php nhm Global: Chin lc ny lm phc tp hn c ng vic qun khi bn s dng m hnh nhiu min. Nu cc nhm Global trong min khc nhau yu cu c ng mt tp cc cp php, bn phi gn cp php ny cho mi nhm Global ring r.

    2003 thm nhm xc nh trc Domain Admins vo nhm ny. Backup Operators (nhm Sao lu): Cc thnh vin ca nhm ny c Quyn (User Rights) cho php h c th b qua cc hn ch v bo mt c th thc hin cc tc v Sao lu v Phc hi file. Guests (Nhm Khch): Thnh vin ca nhm ny ch c th thc hin cc tc v m bn trao quyn cho h, v ch c th truy cp n cc ti nguyn m bn cp php cho h truy cp. H cng kh ng th to ra cc thay i thng trc trn m i trng mn hnh ca h. Mc nh, Ti khon ngi d ng cc b dng sn ca my tnh Guest l thnh vin ca nhm ny. Khi my tnh gia nhp min, Windows Server 2003 thm nhm ton cc xc nh trc Domain Guest vo nhm ny. Network Configuration Operators (Nhm cu hnh mng): Thnh vin ca nhm ny c mt s quyn qun tr gii hn, gi p h c th thc hin cc thay i thit lp ca TCP/IP, v lm mi hay gii phng a ch IP. Performance Log Users (Nhm ghi chp hiu nng): Thnh vin ca nhm ny c trao cc quyn gi p h c th qun l QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 -315LM VIC VI NHM c cc bin m hiu nng (Performance Counter), nht k (Logs), v Cnh bo (Alerts) trn my tnh, c ti ch ln t xa. Performance Monitor Users (Nhm Theo di Hiu nng): Thnh vin ca nhm ny c trao cc quyn gi p h c th theo di cc bin m hiu nng trn my tnh, c ti ch ln t xa. Power Users (Nhm Quyn lc): Thnh vin ca nhm ny c th to ra cc Ti khon Nhm hay hay ngi d ng cc b trn my tnh v thay i cc ngi d ng hay nhm h to ra . H cng c th thm hay loi b ngi d ng trong cc nhm cc b Power Users, Users v Guest, to cc ngun ti nguyn chia s, qun tr cc ngun ti nguyn chia s h to ra. Power Users kh ng th chim quyn s hu (Take Ownership) file, Sao lu v Phc hi th mc, ti v d b cc trnh iu khin thit b, hay qun tr cc Bn ghi Bo mt (Security Log). Print Operators (Nhm Vn hnh My in): Thnh vin ca nhm ny c th qun tr cc my in v hng i in trn my tnh. Remote Desktop Users (Nhm Truy cp Mn hnh T xa): Thnh vin ca nhm ny c th s dng dch v u cui (Terminal Service) truy cp t xa vo my tnh. Replicator (Nhm Nhn bn): Nhm ny c to h tr chc nng nhn bn th mc. Thnh vin duy nht ca n, thng l Ti khon ngi d ng trong min, l ti khon thng xuyn ng nhp vo dch v nhn bn (Replicator) ca My ch Qun tri Min. Kh ng thm cc ti khon ca ngi d ng thc s vo nhm ny. Users (Nhm Ngi d ng): Thnh vin ca nhm ny c th thc thi cc tc v nh chy cc ng dng, s dng cc my tnh cc b hay trn mng, v kha my ch. Thnh vin ca nhm ny kh ng th chia s th mc hay ci t cc my in cc b. Tt c cc ti khon ngi d ng cc b dc to ra trn my tnh s c t ng thm vo nhm ny. Khi my tnh gia nhp min, Windows Server 2003 thm cc nhm Domain Users,

    Authenticate Users, v Interactive vo nhm cc b Users. V do , ton b cc ti khon ngi d ng trn min tr thnh thnh vin ca nhm cc b Users ny. QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 -316LM VIC VI NHM Trong phn ln cc trng hp, cc c quyn m cc nhm cc b ny c c l do vic gn cc quyn ngi d ng cho cc nhm ny. Bng 7-3 lit k danh sch cc Quyn ngi d ng c gn cho cc nhm cc b dng sn (Cc nhm kh ng lit k kh ng c cc quyn mc nh gn cho ch ng) Bng 7-3 Cc Quyn ngi d ng mc nh c gn cho nhm cc b dng sn. Local Group Administrators Default User Rights Access This Computer From The Network (Truy cp my tnh t mng) Adjust Memory Quotas For A Process (iu chnh hn ngch b nh dnh cho cc tin trnh ) Allow Log On Locally (Cho php ng nhp cc b) Allow Log On Through Terminal Services (Cho php ng nhp qua dch v u cui) Back Up Files And Directories (Sao lu file v th mc) Bypass Traverse Checking (Kh ng kim tra Cp php khi ngi d ng duyt th mc) Change The System Time (thay i thi gian h thng) Create A Pagefile (to b nh o) Debug Programs (g ri chng trnh) Force Shutdown From A Remote System (Tt Windows t xa) Increase Scheduling Priority (tng cp u tin ca chng trnh lp lch) Load And Unload Device Drivers (ci t v d b Trnh iu khin thit b) Manage Auditing And Security Log (Qun l vic kim nh v nht k bo mt) Modify Firmware Environment Variables (thay i cc bin m i trng phn sn) Perform Volume Maintenance Tasks (thc thi vic bo tr cng) Profile Single Process (lp h s cc tin trnh n) Profile System Performance (lp h s hiu nng ca h thng) QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 -317LM VIC VI NHM

    Remove Computer From Docking Station (d b my tnh khi trm ni) Restore Files And Directories (Phc hi file v th mc) Shut Down The System (Tt windows) Take Ownership Of Files Or Other Objects (Chim quyn s hu ca file hay cc i tng khc) Backup Operators Access This Computer From The Network Allow Log On Locally Back Up Files And Directories Bypass Traverse Checking Restore Files And Directories Shut Down The System Power Users

    Remote Desktop Users Users Access This Computer From The Network Allow Log On Locally Bypass Traverse Checking Change The System Time Profile Single Process Remove Computer From Docking Station Shut Down The System Allow Log On Through Terminal Services Access This Computer From The Network Allow Log On Locally Bypass Traverse Checking Bypass Traverse Checking

    Nhm Xc nh trc Active Directory Tt c cc min Active Directory u c mt tp cc nhm xc nh trc (Predefined Group). y l nhm Bo mt, phn ln thuc Phm vi Global, vi mc ch l nhm cc loi ti khon ngi d ng min th ng dng li vi nhau. Mc nh, Windows Server 2003 s t ng thm cc thnh vin vo mt vi nhm xc nh trc. Bn cng c th thm cc i tng ngi d ng vo cc nhm xc nh trc ny h c tha hng cc Quyn v Cp php c trao cho cc nhm ny. Khi bn to min Active Directory, Windows Server 2003 to ra cc nhm ton cc xc nh trc trong i tng cha Users, nh trn hnh 7-7. Mc nh, cc nhm xc nh trc ny kh ng c tha hng bt c mt QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 -318-

    Qu n LM VIC VI NHM

    bng cch thm cc nhm ton cc xc nh trc ny vo nhm min cc ha bng cch gn trc tip cc Quyn hay Cp php cho cc nhm ton b y cc xc nh trc ny.

    Hnh 7-7: Th mc Users ca min Active Directory cha cc nhm ton cc xc nh trc. Cc nhm ton cc xc nh trc do Windows 2000 to ra v cc thnh vin ca n bao gm: CertPublishers (Xut bn Giy Chng nhn) Thnh vin ca nhm ny c trao cc Cp php c th to v trao cc Certificate (Giy chng nhn) cho ngi d ng v My tnh. Kh ng ging phn ln cc nhm xc nh trc khc, nhm ny l nhm cc b min. Domain Admins (Qun tr Min) Thnh vin ca nhm ny c ton quyn qun tr trn min. Mc inh, ngi d ng ca min Administrator l thnh vin ca nhm ny. Khi my tnh gia nhp min hay n c nng cp thnh My ch Qun tri Min, nhm Domain Admins s tr thnh thnh vin ca nhm cc b Administrators ca my tnh. iu ny cho php cc qun tr min c ton quyn truy cp n tt c cc my tnh trong min. Domain Computers (Cc My tnh trong Min) nhm ny cha ton b cc my tnh trong min (tr cc My ch Qun tri Min). Mc nh, tt c cc i tng my tnh mi c to ra trong min (tr cc My ch Qun tri Min mi to) s tr thnh thnh vin ca nhm ny. Domain Controlers (My ch Qun tri Min) nhm ny c cc thnh vin l cc i tng my tnh ca ton b cc My ch Qun tri Min trong min. Mc nh, cc i tng ni trn khi c thm vo min s tr thnh thnh vin ca nhm ny. QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 -319LM VIC VI NHM

    hay Cp php no. Bn c th gn Quyn v Cp php cho ch ng

    Domain Guests (Khch ca min) Mc nh, i tng Guest l thnh vin ca nhm ny, v Windows Server 2003 s t ng thm nhm ton cc Domain Guests vo nhm cc b min dng sn Guests.

    Domain

    Nhm ny c to ra i din cho tt c cc ngi d ng ca min. Windows Server 2003 t ng thm tt c cc i tng ngi d ng ca min vo nhm ny v ng thi cng thm nhm ton cc Domain Users vo nhm cc b min dng sn Users. Enterprise Admins (Qun tr Doanh nghip)

    NhmEnterprise Admins ch xut hin min gc ca rng (min u tin trong rng), cc thnh vin ca n, c ton quyn qun tr trn tt c cc min trong rng. Mc nh, nhm Enterprise Admins l thnh vin ca nhm cc b trn min Administrators v i tng ngi d ng min Administrator l thnh vin ca nhm Enterprise Admins. Group Policy Creator Owners (nhm To ra Chnh sch Nhm) Thnh vin ca nhm ny c php thay i cc thit lp chnh sch trong min. Mc nh, ti khon min Administrator l thnh vin ca nhm ny. my ch l thnh vin ca nhm ny c php truy cp cc thuc tnh truy cp t xa ca ngi d ng. Schema Admins (nhm Qun tr Lc )

    RAS and IAS Servers (nhm My ch RAS v IAS)

    Nhm ny ch xut hin ti min gc ca rng, v cc thnh vin ca n c php thay i Lc Active Directory. Mc nh, ti khon min Administrator l thnh vin ca nhm ny. LU Enterprise Admins v Schema Admins Phm vi ca cc nhm xc nh trc ny ph thuc vo Cp chc nng ca min. vi min chy ti Cp chc nng Windows 2000 Mixed hay Windows Server 2003 Interim, n l Global, vi min chy ti Cp chc nng Windows 2000 Native hay Windows Server 2003, n l Universal. Ngoi nhng nhm xc nh trc lit k trn, mt vi nhm khc s c to ra khi bn ci t cc cu thnh phn mm nht nh ca Windows

    Domain Users (ngi d ng ca min)

    Cc

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 -320LM VIC VI NHM Server 2003, nh nhm DnsAdmins v DnsUpdateProxy (Khi bn ci dch v DNS Server), nhm IIS_WPG (khi bn ci IIS). Cng ging nh i vi cc nhm dng sn cc b, mt vi nhm xc nh trc Active Directory cng c cc c quyn th ng qua vic gn cc Quyn ngi d ng. Trong trng hp ny, mc d vy, ch ng vi cc nhm Domain Admins v Enterprise Admins. Cc Quyn ngi d ng c gn cho cc nhm ny mt cch mc nh c lit k trong bng 7-4. Bng 7-4: Cc Quyn ngi d ng mc nh c gn cho cc nhm xc nh trc Local Group Default User Rights Domain and Admins Admins Enterprise Access This Computer From The Network Adjust Memory Quotas For A Process Back Up Files And Directories Bypass Traverse Checking Change The System Time Create A Pagefile Debug Programs Enable Computer And User Accounts To Be Trusted For Delegation Force Shutdown From A Remote System Increase Scheduling Priority Load And Unload Device Drivers Allow Log On Locally Manage Auditing And Security Log Modify Firmware Environment Values Profile Single Process Profile System Performance Remove Computer From Docking Station Restore Files And Directories

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 -321-

    Shut Down The System LM VIC VI NHM Take Ownership Of Files Or Other Objects Cc nhm Active Directory dng sn Mi min Active Directory u c cc i tng cha, trong h thng s to ra hng lot cc nhm Bo mt, m tt c ch ng u l cc nhm c phm vi Domain Local. Cc nhm ny cung cp cho ngi d ng c cc Quyn ngi d ng v Cp php kh nng thc hin cc tc v trn My ch Qun tri Min v trong cy Active Directory. Cc nhm cc b min dng sn cung cp cc Quyn v Cp php xc nh trc cho cc ti khon ngi d ng khi bn thm cc i tng ngi d ng hay nhm Global vo l thnh vin ca nhm cc b min dng sn ny. Nhm cc b min dng sn v cc kh nng c gn cho cc thnh vin ca n nh sau: Accounts Operators (Nhm Vn hnh Ti khon)

    Thnh vin ca nhm c th to, xa v thay i cc i tng ngi d ng, My tnh v Nhm trong i tng cha Users and Computers v trong ton b cc OU ngoi tr i tng cha Domain Controlers. H kh ng c cp php thay i nhm Administrators v nhm Domain Admins, cng nh kh ng c thay i cc ti khon l thnh vin ca cc nhm ny. Thnh vin ca nhm ny c th ang nhp cc b vo My ch Qun tri Min v tt Windows ca ch ng. Administrators (Qun tr)

    Thnh vin ca nhm c ton quyn truy cp n stt c cc My ch Qun tri Min v ti ton b min. Mc nh, nhm Domain Admins, nhm Enterprise Admins v ti khon Administrator l thnh vin ca nhm ny. Backup Operators (Vn hnh Sao lu) Thnh vin ca nhm c cc Quyn ngi d ng cho php h tin hnh Sao lu v phc hi file trn ton b cc My ch Qun tri Min trong min, thm ch khi h kh ng c cc Cp php nht nh i vi file. Thnh vin ca nhm ny cng c th ng nhp cc b vo My ch Qun tri Min v tt windows ca ch ng. Guests (Khch) Thnh vin ca nhm kh ng c cc Quyn mc nh. Mt cch mc nh, nhm Global Domain Guest v i tng ngi d ng trong min Guest l thnh vin ca nhm ny.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 -322LM VIC VI NHM

    Incoming Forest Trust Builders (Ngi Xy dng mi Quan h Tin cy Trong rng) Thnh vin ca nhm c th to cc mi quan h tin cy mt chiu trong rng n min gc ca rng. Network Configuration Operators (Vn hnh Cu hnh Mng) Thnh vin c th thay i cc thit lp TCP/IP, lm mi hay d b cc a ch TCP/IP trn cc My ch Qun tri Min trong min. Perfomance Log Users (Ngi qun l nht k hiu nng) Thnh vin ca nhm c trao cc c quyn h c kh nng qun l cc bin m hiu nng, cc nht k, v cc cnh bo trn My ch Qun tri Min trong min, c ngay trn my cc b hay t xa. Thnh vin ca nhm c tra cc c quyn c th theo di cc b m hiu nng trn My ch Qun tri Min, ngay trn my cc b hay t xa. Pre-Windows 2000 Compatible Access (Truy cp tng thch cc phin bn trc Windows 2000) Thnh vin ca nhm c th truy cp c cc i tng nhm v ngi d ng trong min. nhm ny c xy dng nhm tha mn s tng thch ngc i vi cc my tnh chy cc phin bn Windows NT 4 hay cc phin bn trc . Khi bn chn t y chn Permissions Compatible With Pre-Windows 2000 Server Operating Systems (cc Cp php tng thch vi cc h iu hnh trc Windows 2000 Server) trong Trnh hng dn ci t Active Directory, nhm ng nht c bit Everyone s tr thnh thnh vin ca nhm ny. Print Operators (Vn hnh in n) Thnh vin ca nhm ny c th qun l, to, chia s v xa cc my in c ni ti My ch Qun tri Min trong min v h cng c th qun l cc i tng my in trong Active Directory. Cc thnh vin ny cng c th ng nhp cc b vo My ch Qun tri Min v tt Windows ca ch ng. Remote Desktop Users (ngi d ng Mn hnh T xa) Thnh vin ca nhm c th ng nhp vo My ch Qun tri Min trong min th ng qua Dch v u cui. Replicators (nhm Nhn bn) Nhm ny c d ng h tr cc chc nng nhn bn th mc. Thnh vin duy nht ca n, thng l Ti khon ngi d ng trong min, l ti khon thng xuyn ng nhp vo dch v nhn bn (Replicator) ca My ch Qun tri Min. Kh ng thm cc ti khon ca ngi d ng thc s vo nhm ny. QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 -323LM VIC VI NHM Server Operators (nhm Vn hnh My ch) Trn My ch Qun tri Min, thnh vin ca nhm ny c th ng nhp, to v xa cc ngun ti nguyn chia s, khi ng hay dng mt vi dch v, Sao lu v phc hi file, nh dng cng v tt Windows ca my. Terminal Server Licence Servers (nhm cc my ch qun l giy php ca my ch chy dch v u cui) Thnh vin ca nhm ny c th truy cp cc my ch qun l giy php ca my ch chy Perfomance Monitor Users (Ngi Gim st hiu nng)

    dch v u cui, c s dng cung cp cc giy php (License) cho cc my khch chy Dch v u cui trn mng.

    Thnh vin ca nhm ny c th thc thi cc tc v th ng thng nht nh chy cc ng dng, s dng cc my tnh cc b hay trn mng, v kha my ch. Mc nh, nhm Domain Users, v cc nhm ng nht c bit Authenticated Users (ngi d ng c xc thc), Interactive l thnh vin ca nhm ny. Do vy, bt c ti khon ngi d ng no c to ra trong min u l thnh vin ca nhm ny. Windows Authorization Access Group (Nhm Truy cp Xc thc ca Windows) Thnh vin ca nhm ny c php truy cp n thuc tnh TokenGroupsGlobalAndUniverrsal ca cc i tng ngi d ng min. LU Nhm cc b dng sn v nhm cc b dng sn trong min Mt vi nhm cc b dng sn trong min, nh nhm BackUp Operators, Network Configuration Operators v mhm Remote Access Users l do nhn bn (duplicate) t cc nhm cc b dng sn c c ng tn trn cc my ch c lp v my ch thnh vin chy Windows Server 2003. Cc nhm ny c s dng thc hin cng cc chc nng nh vi cc nhm cc b dng sn nhng trn My ch Qun tri Min kh ng tn ti cc nhm cc b dng sn ca chnh n. Cc Quyn ngi d ng mc nh c trao cho cc nhm cc b min dng sn c lit k trong bng 7-5. Bng 7-5: Quyn ngi d ng Mc nh c gn cho cc nhm dng sn Active Directory . Local Group Default User Rights

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 -324-

    Account Operators Allow Log On Locally Shut Down The System

    Users (nhm ngi d ng)

    LM VIC VI NHM Administrators, Access This Computer From The Network dom i a n local Adjust Memory Quotas For A Process Back Up Files And Directories Bypass Traverse Checking Change The System Time Create A Pagefile Debug Programs Enable Computer And User Accounts To Be Trusted For Delegation Force Shutdown From A Remote System Increase Scheduling Priority Load And Unload Device Drivers Allow Log On Locally Manage Auditing And Security Log Modify Firmware Environment Values Profile Single Process Profile System Performance Remove Computer From Docking Station Restore Files And Directories Shut Down The System Take Ownership Of Files Or Other Objects Backup Operators, Back Up Files And Directories domain local Allow Log On Locally Restore Files And Directories Shut Down The System

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 -325LM VIC VI NHM PreWindows 2000 Access This Computer From The Network Compatible Access Local Group

    Print Operators

    Server Operators Bypass Traverse Checking Default User Rights Allow Log On Locally Shut Down The System Back Up Files And Directories Change The System Time Force Shutdown From A Remote System Allow Log On Locally Restore Files And Directories Shut Down The System

    Cc nhm ng nht c bit (Special Identities) Cc nhm ng nht c bit tn ti trn tt c cc my tnh chy Windows Server 2003. kh ng phi l cc nhm thc s do bn kh ng th to ra, xa hay trc tip thay i cc thnh vin ca n. Cc nhm ng nht c bit kh ng xut hin trong Snap-in Local Users And Groups hay trong bng iu khin Active Directory Users And Groups. Nhng bn c th s dng ch ng ging nh nhm, bng cch thm ch ng vo ACL ca h thng v cc ti nguyn mng, nh hnh 7-8 i y:

    Hnh 7-8: Nhm ng nht c bit trong ACL QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 -326LM VIC VI NHM Cc nhm ng nht c bit ban u ch l cc khong trng dnh cho mt

    hay nhiu ngi d ng. Khi bn thm nhm ng nht c bit vo ACL, h thng s thm cc ngi d ng tha mn cc c im nhn dng ca nhm ti thi im ACL x l. Cc nhm ng nht c bit i din cho cc ngi d ng khc nhau ti cc thi im khc nhau, ph thuc vo cch thc ngi d ng truy cp vo my tnh hay cc ngun ti nguyn nh th no. V d, nhm ng nht c bit Authenticated Users s bao gm ton b cc ngi d ng hin ti ang ng nhp, c My tnh hay My ch Qun tri Min xc thc thnh c ng. Ti bt c thi im no c ch ra, danh sch ngi d ng xut hin trong nhm ng nht c bit Authenticated Users c th thay i, do ngi d ng c th ng nhp hay thot khi Windows. Danh sch chnh xc ca cc ngi d ng nm trong nhm ng nht c bit Authenticate Users c xc nh ti thi im ti nguyn c truy cp v ACL ca n c x l, ch kh ng phi ti thi im m nhm ng nht c bit ny c thm vo ACL. Cc nhm ng nht c bit hin c trong Windows Server 2003 c lit k sau y: Anonymous Logon (ng nhp khuyt danh) Bao gm tt c cc ngi d ng kt ni ti my tnh nhng kh ng tin hnh xc thc. Authenticated Users (ngi d ng xc thc) bao gm tt c cc ngi d ng c cc ti khon cc b hay trn min hp l, v cc yu t nhn dng ca h c xc thc. Nhm ny kh ng bao gm ngi d ng Guest ngay c trong trng hp ti khon ny c mt khu. Batch (B) Gm tt c cc ngi d ng hin ti ang ng nhp th ng qua cc tin nghi dng b, v d cc tc v c dt lch (Task Scheduler Job). Creator Owner (ngi s hu)

    Gm nhm ngi d ng chnh to ra hay chim quyn s hu (Take Ownership) ti nguyn. DialUp (Quay s) Gm tt c cc ngi d ng hin ang ng nhp th ng qua ng in thoi. Everyone (Mi ngi) Trn cc my tnh chy Windows Server 2003, nhm ng nht c bit Everyone bao gm tt c nhm Authenticated Users cng vi ti khon ngi d ng Guest. Trn cc my tnh chy cc phin bn trc ca Windows, Everyone bao QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 -327LM VIC VI NHM gm Authenticated Users, ti khon Guest v nhm Anonymous. Interactive (Tng tc) bao gm tt c cc ngi d ng hin ang ng nhp qua mng. Service (Dch v) Gm tt c cc i tng Bo mt hin ang ng nhp nh l mt dch v. Terminal Service Users (ngi d ng Dch v u cui) Gm tt c cc ngi d ng hin ang ng nhp vo My ch Dch v u cui (Terminal Service Server) ang chy Dch v u cui phin bn 4, ch ng dng. TO V QUN L CC I TNG NHM

    Mt khi bn xc nh bn nh s dng nhm nh th no trn mng ca bn v nghin cu cc hng dn cng nh cc hn ch ca rt nhiu kiu v phm vi nhm khc nhau, bn sn sng bt tay thc s vo vic to ra cc nhm mnh cn. Rt may mn l vic to ra nhm l d rng hn nhiu so vi vic bn hiu v ch ng v cc kh nng ca ch ng. Phn sau y m t v mt vi trong cc tc v th ng thng nht ca vic qun tr nhm m cc nh qun tr mng v h thng cn thc hin mt cch thng xuyn. LU Mc ch ca k thi Mc ch ca k thi 70-290 yu cu sinh vin c kh nng To v Qun l nhm To nhm cc b to nhm cc b trong Windows Server 2003, bn bt buc phi lm vic trn my ch c lp hay my ch thnh vin do My ch Qun tri Min kh ng c nhm cc b. bn cng nht thit phi ng nhp vi mt ti khon ngi d ng l thnh vin ca nhm cc b Administrators hay nhm cc b Power Users (hoc nhm Domain Admins trong min, m bn thn n l thnh vin ca nhm cc b Administrators). to ra nhm cc b, bn theo cc bc sau: 1. ng nhp vo my tnh vi ti khon Administrator (hoc c th s dng cc ti khon khc c cc c quyn thch hp). 2. Nhn chut vo Start, tr n Administrative Tools v chn Computer Management. Bng iu khin Computer Management xut hin. QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 -328LM VIC VI NHM

    3. M rng im Local Users And Groups trong chn th mc Groups.

    phm vi, sau

    Trong Snap-in Local Users And Group, ngi d ng v nhm c t trong cc th mc ring r, kh ng c t ln nhau trong cc i tng cha nh trong Active Directory. 4. T thc n Action chn New Group (nhm mi). Hp thoi New Group xut hin.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 -329LM VIC VI NHM

    5. Trong hp vn bn Group Name (tn nhm), g tn ca nhm bn cn to. 6. Nhn Add (thm). Hp thoi Select Users (chn ngi d ng) xut hin.

    7. G tn ca ngi d ng cc b hay ca nhm ng nht c bit trong hp vn bn Enter The Object Name To Select (Nhp tn ca i tng la chn). Sau nhn OK. ngi d ng hay nhm ng nht c bit c thm vo danh sch thnh vin. Bn cng c th nhn vo Advanced (nng cao) tm kim ngi d ng cc b hay cc nhm ng nht c bit. 8. Nhn Create (to). Snap-in s to ra nhm mi trong th mc Groups, v n lm trng hp thoi New Group bn c th tip tc to nhm khc. 9. Nhn Close (ng).

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 -330LM VIC VI NHM

    Sau khi to nhm cc b, bn c th chn n v t thc n Action, chn Properties (thuc tnh) m hp thoi Properties ca nhm, nh ch ra trn hnh 7-9. Ti y, bn c th thm thnh vin hay loi b ch ng khi nhm vo bt c l c no.

    Hnh 7-8: Hp thoi Properties ca nhm cc b. Bn cng c th qun l thnh vin ca nhm cc b t hp thoi Properties ca ti khon ngi d ng, nh ch ra trong hnh 7-10. mi hp thoi Properties ca ngi d ng cc b u cha th Member Of (Thnh vin ca) m bn c th d ng thm cc nhm cc b bn mun ngi d ng tr thnh thnh vin.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 -331LM VIC VI NHM

    Hnh 7-10: Th member Of trong hp thoi Properties ca ngi d ng cc b Lm vic vi nhm Active Directory Mc d nhm Active Directory phc tp hn nhm cc b rt nhiu, do c rt nhiu loi Kiu v Phm vi khc nhau, nhng qu trnh to v qun l ch ng cng kh l n gin. Trong phn sau, bn s hc cch to, qun l cc thnh vin ca n v thay i cc thuc tnh (Properties) ca ch ng nh th no bbng cch s dng bng iu khin Active Directory Users And

    Computers. LU Mc ch k thi Mc ch ca k thi 70-290 yu cu

    sinh vin c kh nng S dng bng iu khin Active Directory Users Anh Computers to v thay i nhm. To nhm Bo mt Kh ng ging nh trong Local Users Anh Computers, bt buc bn phi to nhm trong mt th mc ring, Bng iu khin Active Directory Users And Computers cho php bn to cc i tng nhm ti bt c u bn mun. Bn c th to nhm ca mnh ti i tng cha Users vi cc nhm ton cc xc nh trc, hay to trong i tng cha Built-in vi nhm cc b min dng sn, trong bt c i tng OU no do bn to ra, v thm ch trc tip ngay di i tng min. Cng nh i vi vic to ra bt c i tng Active Directory no, v tr bn chn cho i tng cn da trn thit k cy th mc ca bn. Nu bn c k hoch s dng nhm gn Quyn ngi d ng cho cc ngi d ng ca bn, bn cn to cc i tng OU thch hp, trong bn s t cc nhm. Nh cc bn bit trong chng 6, cc i tng cha Users v Built-in kh ng phi l cc OU v bn kh ng th gn cc Chnh QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 -332LM VIC VI NHM sch Nhm cho ch ng. gn cc Quyn ngi d ng cho i tng cha ny, bn phi s dng GPO p dng cho V tr (Site), v cc Chnh sch nh vy s c tt Min hay trong V tr (Site) tha k. to i tng nhm, bn chn i tng cha trong iu khin Active Directory Users And Computers v Action, tr n New v chn Group. Hp thoi Group s xut hin nh trong hnh 7-11. nhm trong cc Min (Domain) hay c cc i tng trong Phm vi ca bng t thc n New Object -

    Hnh 7-11: Hp thoi New Object - Group Trong hp thoi ny, bn cn xc nh cc th ng tin sau: Group Name (tn nhm): Tn bn mun t cho i tng nhm. Tn ny c th di ti 64 k t v nht thit phi l duy nht trong

    min. Group Name (Pre-Windows 2000) (tn tng thch vi cc phin bn trc Windows 2000): ngay khi bn nhp tn nhm, tn tng thch vi cc phin bn trc Windows 2000 s xut hin trong ny. Group Scope (Phm vi nhm): Chn t y chn no p ng c mong mun ca bn khi chn Phm vi nhm: Domain Local, Global hay Universal. Cc Phm vi bn c th chn la ph thuc vo Cp chc nng ca min bn ang lm vic, nh m t ti phn trn ca chng ny. Bng iu khin Active Directory Users Anh Computers kh ng cho php bn chn cc loi Phm vi kh ng c php trong Cp chc nng hin ti ang d ng.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 -333-

    LM VIC VI NHM Group Type (Kiu nhm): chn t y chn no p ng c mong mun ca bn: Security (Bo mt), hay Distribution (Phn phi). Trong phn ln cc trng hp, bn s to cc nhm Bo mt. Khi bn nhn OK, bng iu khin s to ra i tng nhm mi trong i tng cha bn chn. Qun l thnh vin nhm n ging nh Snap-in Local Users And Groups, bn c th xc Kh g nh cc thnh vin ca nhm ngay khi tao ra nhm, trong Active Directory Users And Computers, bn phi to i tng nhm trc, sau thm cc thnh vin vo. thm thnh vin vo nhm, bn chn n trong bng iu khin v t thc n Action, chn Properties m hp thoi Properties ca nhm, nh ch ra trong hnh 7-12. LU Mc ch ca k thi Mc ch ca k thi 70-290 yu cu sinh vin c kh nng Qun l thnh vin nhm

    Hnh 7-12: Hp thoi Properties ca i tng nhm. Hp thoi Properties ca mi i tng nhm u c th Member (thnh vin) v th Member Of (thnh vin ca), cho php bn thm thnh vin vo nhm v a nhm tr thnh thnh vin ca mt nhm khc. thm thnh vin vo nhm, chn th Member sau nhn Add, hp thoi tiu chun Select Users, Contacts, Computers, Or Groups (chn ngi d ng, Lin lc, My tnh hay Nhm) xut hin, nh ch ra trong hnh 7-13.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 -334LM VIC VI NHM

    Hnh 7-13: Hp thoi Select Users, Contacts, Computers, Or Groups Trong hp thoi ny, bn c th g tn ca i tng bn mun thm vo danh sch thnh vin ca nhm, hoc bn c th nhn Advanced xut hin hp thoi nh hnh 7-14, trong bn c th tm cc i tng bn mun thm.

    Hnh 7-14: Hp thoi Advanced ca Select Users, Contacts, Computers, Or Groups Mt khi bn nhp hay tm cc i tng bn mun thm, nhn OK trong hp thoi Select Users, Contacts, Computers, Or Groups s thm cc i tng ny vo danh sch thnh vin ca n. Khi bn thm tt c cc thnh vin cn thit vo nhm, nhn OK ng hp thoi Properties. L c ny, bn nn m hp thoi Properties ca i tng bn va thm vo nhm v xem i tng nhm trong th Member Of, nh hnh 7-15 i y.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 -335LM VIC VI NHM

    Hnh 7-15: Th Member Of ca hp thoi i tng ngi d ng. Lp Nhm trong nhm Nh bn d bit trong phn trc ca chng ny, kh nng lp nhm trong nhm ca cc i tng nhm ph thuc vo Cp chc nng ca min bn ang d ng v vo Kiu v Phm vi ca nhm bn ang s dng. Xem li bng 7-1 nu bn kh ng chc chn liu Cp chc nng ca min bn ang d ng c h tr kiu nhm trong nhm m bn nh to hay kh ng. Bn kh ng th t nhm trong nhm trong bng iu khin Active Directory Users And Computers bng cch to nhm mi trong mt nhm d tn ti. Thay vo , bn phi to hai nhm ring bit, sau thm nhm ny vo l thnh vin ca nhm kia. Active Directory Users And Computers s kh ng cho php bn thc hin nhm trong nhm nu min ca bn kh ng h tr vic ny. Thay i Kiu v Phm vi ca nhm.

    Khi cc chc nng ca nhm thay i, bn c th cn thit phi i i tng nhm t Kiu ny sang Kiu khc. V d, bn c th to ra nhm Phn phi gm 100 thnh vin trong nhiu phng ban khc nhau c ng lm vic vi mt d n vi mc ch d ng gi E-mail. Trong qu trnh tin trin ca d n, cc thnh vin c th cn truy cp n CSDL chung. Bng vic chuyn nhm t Phn phi sang Bo mt v gn cc Cp php cho nhm, bn c th cung cp kh nng truy cp CSDL chung m kh ng cn to ra nhm mi v thm 100 thnh vin vo nhm li mt ln na. Bn ch c th chuyn i Kiu nhm khi min ca bn ang s dng Cp chc nng Windows 2000 Native hay Windows Server 2003.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 -336-

    LU LM VIC VI NHM Mc ch k thi mc ch ca k thi 70-290 yu cu

    sinh vin c kh nng Nhn dng v thay i Phm vi ca nhm. thay i Kiu nhm, m hp thoi Properties ca nhm trong bng iu khin Active Directory Users And Computers, nh hnh 7-16. Trn th General bn c th nhn thy Group Type option (cc la chn Kiu nhm), nhn chut vo la chn cha c chn v nhn OK. Qu trnh thay i Phm vi nhm cng ging ht nh vy, ngoi tr vic bn chn mt trong cc Group Scope Option trong th General. Bng iu khin ch cho php bn chn cc phm vi c th. Trong hnh i ay, vi d, bn c th thy la chn Domain Local kh ng c hiu lc do bn kh ng th chuyn i nhm Global thnh nhm domain local. Xem bng 7-2 bit thm cc th ng tin v cc phm vi bn c php chuyn i.

    Hnh 7-16: Th General trong hp thoi Properties ca i tng

    nhm. Xa nhm Cng nh i vi i tng ngi d ng, mi i tng nhm bn to ra trong Active Directory l c mt nh danh Bo mt (Security Identifier SID) duy nht v kh ng s dng li c. Windows Server 2003 s dng SID nhn dng nhm v cc Cp php c gn cho n. Khi bn xa nhm, Windows Server 2003 kh ng s dng c ng SID li cho nhm mt ln na, thm ch nu bn to nhm mi c ng tn vi nhm xa. Do vy, bn kh ng th phc hi cc Cp php truy cp bn gn cho ti nguyn

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 -337LM VIC VI NHM bng cch to li nhm xa. Bn bt buc phi to li tt c t u mt nhm mi nh l mt i tng Bo mt trong ACL ca ti nguyn. Khi bn xa nhm, bn ch xa i tng nhm v cc Cp php c ng cc Quyn ch ra rng nhm l mt i tng bo mt. Vic xa nhm s kh ng xa cc i tng l thnh vin ca ch ng. LU Li xa nhm Bn kh ng th xa nhm nu mt trong cc thnh vin ca n c thit lp nhm t nhm nh xa l nhm chnh (Primary Group). Thot khi s hn ch ca vic xa nhm ny, nhm chnh ch lin quan n cc my khch Macintosh v trong cc ng dng POSIX. thay i nhm chnh ca ngi d ng, m hp thoi Properties ca i tng ngi d ng, v trong th Member Of, chn mt nhm khc v nhn Set Primary Group. xa nhm, bn cn chn ch ng trong bng iu khin Active Directory Users And Computers v t thc n Action, chn Delete. Mt hp th ng bo Active Directory xut hin, nhc bn xc nhn li quyt nh ca mnh. Nhn Yes, nhm s b xa. QUN L NHM T NG Mc d bng iu khin Active Directory Users And Computers l mt c ng c thun tin trong vic to v qun l nhm, n vn kh ng phi l phng php hiu qu nht trong vic to mt s lng ln cc i tng bo mt. Cc c ng c dng lnh Active Directory do Windows Server 2003 cung cp gi p bn c kh nng to v qun l cc nhm vi s lng ln bng cch s dng cc file b hoc cc kch bn (script), tng t nh diu cc bn lm trong chng 6 i vi ngi d ng. Ch ng ta s tho lun v mt vi c ng c nh vy trong phn di y. LU Mc ch ca k thi Mc ch ca k thi 70-290

    yu cu cc sinh vin c kh nng To v qun l nhm bng cch s dng cc c ng c t ng. To i tng Nhm bng Dsadd.exe Bn s dng c ng c Dsadd.exe trong chng 6 to ngi d ng mi, bn cng hon ton c th d ng c ng c ng c ny to cc i tng nhm. C php c bn trong vic s dng Dsadd.exe to nhm nh sau: QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 -338-

    Dsadd GroupDN [parameters] LM VIC VI NHM Trong , GroupDN l tn phn bit (Distinguished Name - DN) ca i tng nhm bn mun to. Tn DN s dng c ng nh dng ca n trong file CSV, nh ch ng ta tho lun trong Importing User Objects Using CSV Directory Exchange (Nhp i tng ngi d ng s dng Exchange Directory CSV) trong chng 6. Nu tn DN c khong trng, bn phi t ch ng trong du ngoc. Khi bn s dng Dsadd.exe mt cch tng tc t du h c lnh, bn c th cung cp tham s GroupDN bng mt trong cc cch sau: Bng cch g tn DN ca cc nhm ngay trong dng lnh, gia cc tn DN cch nhau bng khong trng. Bng cch dn ra danh sch ca DN t mt lnh khc, nh Dsquery.exe Bng cch trng tham s tn DN, v bn c th g tng tn mt sau du nhc ca chng trnh, nhn Enter sau mi tn DN, nhn Ctrl + Z v Enter sau tn DN cui c ng. Mc nh, Dsadd.exe to ra nhm bo mt Global, nhng bn vn c th s dng cc tham s dng dng lnh to cc nhm vi Kiu v Phm vi khc, ch nh cc thnh vin ca n hay cc nhm cha n, cng nh cc thuc tnh khc ca nhm. Cc tham s (parameters) dng lnh th ng thng nht c trnh by di y: -secgrp [yes|no] Ch nh chng trnh hoc to ra nhm Bo mt (yes) hay nhm Phn phi (no). Gi tr mc nh l yes. -scope [l|g|u]

    Ch nh chng trnh s to ra nhm c phm vi

    Domain Local (l), Global (g), hay Universal (u). Gi tr mc nh l g. Ch -samid SAMname nh tn ca SAM (Security Accounts

    Manager Trnh Qun l cc Ti khon Bo mt) cho i tng nhm, c s dng i vi cc h thng chy cc phin bn trc Windows 2000. -desc description t cho i tng nhm.

    -memberof GroupDN ch nh tn DN ca mt hay nhiu nhm

    m nhm mi to ra s l thnh vin ca ch ng. -member GroupDN Ch nh tn DN ca mt hay nhiu nhm s tr thnh thnh vin ca nhm mi to. QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 -339LM VIC VI NHM Bn cng c th thm cc tham s -s, -u, -p ch nh My ch Qun tri Min m lnh Dsadd.exe s chy, v tn ngi d ng v mt khu c s dng chy lnh. {-s Server | -d Domain} -u UserName -p {Password | *} LU Ch nh mt khu khi s dng Dsadd.exe s dng k t thay th * c ng vi kha p thay cho vic nhp mt khu s lm cho chng trnh nhc bn nhp mt khu trc khi thc hin lnh. V d, to ra nhm c tn Sales trong i tng cha Users v a ngi d ng Administrator l thnh vin ca nhm ny, bn s s dng cu lnh sau: Dsadd group CN=Sales, CN=Users, DC=ACNA, DC=com member CN=Administrator, CN=Users, DC=ACNA, DC=com Qun l i tng nhm bng Dsmod.exe Dsmod.exe cho php bn c th thay i cc thuc tnh ca cc i tng

    Ch nh cc m

    nhm ang tn ti t du nhc lnh ca Windows Server 2003. S dng lnh ny, bn c th thc hin cc tc v nh thm thnh vin cho nhm, loi b ch ng ra khi nhm, v thay i Kiu v Phm vi ca nhm. C php c bn ca lnh Dsmod.exe nh sau: dsmod group GroupDN [parameters] Cc tham s (parrameters) th ng dng nht ca lnh ny nh sau: -secgrp {yes|no} t kiu nhm l Bo mt (yes) hay Phn phi (no). -scope {l|g|u} t phm vi nhm l Domain Local (l), global (g), hay Universal (u). -addmbr members Thm thnh vin vo nhm. Thay tham s ph members bng tn DN ca mt hay nhiu i tng. -rmmbr members Loi b cc thnh vin ra khi nhm. Thay tham s ph members bng tn DN ca mt hay nhiu i tng.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 -340-

    -chmbr members

    LM VIC VI NHM Thay ton b danh sch ca cc thnh vin nhm. Thay tham s ph members bng tn DN ca mt hay nhiu i tng. V d, thm ngi d ng Administrator vo nhm Guests, bn s dng lnh sau: dsmod group "CN=Guests,CN=Builtin,DC=ACNA,DC=com" addmbr C =Administrator,CN=Users,DC=ACNA,DC=com" " N Tm kim i tng s dng Dsget.exe Mt khi CSDL Active Directory bt u pht trin, n c th rt nhanh t ti qui m m khi , ta kh c th d ng cc bng iu khin, v d nh Active Directory Users And Computers, khi cn lm vic vi mt i tng c th no , do vn thi gian v s phc tp. Khi chuyn xy ra, rt nhiu qun tr mng s quay sang s dng cc c ng c dng dng lnh. Mt trong cc c ng c nh vy, l chng trnh Dsget.exe, cho php bn c th nh v v hin th cc th ng tin v bt k mt i tng no trong CSDL Active Directory. Dsget.exe s dng c php tng t nh cc c php s dng trong Dsadd.exe, Dsmod.exe. trong bn s ch nh lp i tng (Object class), tn DN ca mt hay nhiu i tng, v cc tham s ch ra cc th ng tin n cn hin th, th d:

    dsget objectclass ObjectDN [parameters] Gi tr ca bin ObjectClass c th l Computer Subnet Group OU User Partition Quote Server Contact

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 -341LM VIC VI NHM Mi lp i tng trn li c mt tp hp cc tham s lin quan dn lp , cho php bn c th hin th gi tr ca cc thuc tnh ca kiu i tng . Vi lnh Dsget user, vi trong cc tham s ca n l: dn hin th tn DN ca ngi d ng. samid Hin th tn SAM ca ti khon ngi d ng

    display

    Hin th tn hin th (display name) ca ngi d ng

    email

    tel Hin th s din thoi ca ngi d ng

    sid Hin th M s Nhn dng Bo mt (SID) ca ngi d ng upn Hin th tn chnh (principal) ca ngi d ng. fn Hin th tn gi (first name) ca ngi d ng ln Hin th tn gia nh (last name) ca ngi d ng

    memberof trc tip expand thnh vin Hin th a ch E-mail ca ngi d ng Hin th cc nhm m ngi d ng l thnh vin Hin th danh sch cc nhm qui m ngi d ng l V d, hin th danh sch cc nhm m ngi d ng l thnh vin, ta s dng cu lnh sau: dsget user "CN=Administrator,CN=Users,DC=ACNA,DC=com Memberof LU Mc ch ca k thi Mc ch ca k thi 70-290 yu cu cc sinh vin c kh nng Tm cc nhm trn min m mt ngi d ng c th no l thnh vin.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 -342-

    TNG KT LM VIC VI NHM Nhm l mt i tng gm c mt danh sch cc ngi d ng. Bn c th Cp php bo mt cho nhm bng cch thm n vo trong danh sch ACL, ging nh bt c mt i tng bo mt no khc, v d ngi d ng hay My tnh. Tt c cc Cp php bn gn cho nhm s c cc thnh vin trong nhm tha k. Windows Server 2003 h tr cc nhm cc b v cc nhm Active Directory trn min theo c ng phng thc m n h tr cho ngi d ng cc b v ngi d ng trn min.

    Cp chc nng Active Directory ca min xc nh cc Kiu v Phm vi ca nhm bn c th s dng, loi nhm no bn c th t trong cc nhm khc, v loi nhm no bn c th chuyn i. Trong Active Directory, c hai Kiu nhm: Bo mt (Securitiy) v Phn phi (Distribution), v c ba loi Phm vi: Domain Local, Global, Universal. Nhm Bo mt c th c gn cc Cp php, trong khi nhm Phn phi c s dng truy vn cc i tng cha, nh cc nhm Phn phi E-mail, v kh ng th Cp php truy cp ti nguyn cho n. Nhm cc b min c s dng gn cc Cp php truy cp cc ti nguyn. Nhm Global nhm tp hp cc ngi d ng c c ng mt nhu cu i vi ti nguyn. Nhm Universal c s dng chnh cho vic truy cp n cc ti nguyn nm trn nhiu min. to v qun l nhm cc b, bn s dng Snap-in Local Ussers And Groups. to v qun l nhm Active Directory, bn s dng bng iu khin Active Directory Users And Computers. Bn c th to cc nhm trn min ti bt k i tng cha no hay ti OU trong cy Active Directory. K thut Nhm trong nhm (Nesting) l bn lm cho mt nhm ny tr thnh thnh vin ca nhm kia. Bn c th to ra hay chnh sa nhm bng cc c ng c dng dng lnh, v d nh: Dsadd.exe, Dsmod.exe, Dsget.exe.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 -343-

    BI TP THC HNH Bi tp thc hnh 7-1: To nhm Bo mt LM VIC VI NHM Trong bi tp thc hnh ny, bn s to nhm Active Directory trn min ca bn. 1. ng nhp vo My ch Qun tri Min Windows Server 2003 vi ti khon ca Administrator. 2.

    3.

    4. Nhn Start, tr n Administrative Tools, v nhn Active Directory Users And Computers. Bng iu khin Active Directory Users And Computers xut hin. Chn i tng cha Users trong Phm vi (scope pane), v trn thc n Action, tr n New v nhn Group. Hp thoi New Object Group xut hin. Trong hp vn bn Group Name, g Accountants. 5. Trong hp Group Scope, chn t y chn Global, v nhn OK. 6. Thc hin cc bc tng t nh trn to nhm bo mt c Phm vi Global th hai c tn Development. Bi tp thc hnh 7-2: Thm thnh vin vo nhm Trong bi tp thc hnh ny, ta thm cc i tng ngi d ng vo lm thnh vin ca nhm. 1. ng nhp vo My ch Qun tri Min Windows Server 2003 vi ti khon ca Administrator. 2.

    3. Nhn Start, tr n Administrative Tools, v nhn Active Directory Users And Computers. Bng iu khin Active Directory Users And Computers xut hin. Chn i tng cha Users trong Phm vi. 4. Trong Chi tit, chn nhm trn min Users v t thc n Action, chn Properties. Hp thoi Domain Users Properties xut hin. 5. Chn th Members v nhn Add. Hp thoi Select Users, Computers, Contacts, Or Groups xut hin. 6. Trong hp Enter The Object Names To Select, g Guest, v nhn OK. i tng ngi d ng Guest c thm vo danh sch thnh vin ca nhm. QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 -344LM VIC VI NHM 7. Nhn OK ng hp thoi Domain Users Properties.

    Bi tp thc hnh 7-3: a nhm vo trong nhm Trong bi tp thc hnh ny, bn s to cc nhm cha nhau bng cch thm mt nhm vo lm thnh vin ca mt nhm khc. 1. ng nhp vo My ch Qun tri Min Windows Server 2003 vi ti khon ca Administrator. 2. Nhn Start, tr n Administrative Tools, v nhn Active Directory Users And Computers. Bng iu khin Active Directory Users And Computers xut hin. 3. Chn i tung cha Users trong Phm vi, v trn thc n Action menu, tr n New v nhn Group. Hp thoi New Object Group

    xut hin. 4. Trong hp vn bn Group Name , g Printers. 5. Trong hp Group Scope, chn t y chn Domain Local, v nhn OK. L c ny, bn nn gn cho nhm Printers cc Cp php cn thit c th truy cp cc my in trn mng. 6. To i tng nhm bo mt th hai s dng phm vi Global c tn Sales. 7. Chn i tng nhm Printers bn va to, v t thc n Action, chn Properties. Hp thoi Printers Properties xut hin. 8. Chn th Members, v nhn Add. Hp thoi Select Users, Computers, Contacts, Or Groups. 9. Trong hp Enter The Object Names To Select, g Sales, v nhn OK. i tng nhm Sales c thm vo danh sch thnh vin ca nhm Printers. 10. Nhn OK ng hp thoi Domain Users Properties. L c ny, nhm Sales s tha hng ton b cc Cp php bn trao cho nhm Printers v truyn n cho cc thnh vin ca mnh.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 -345-

    CC CU HI N TP. LM VIC VI NHM 1. 2. Loi nhm no trong min l ging nht so vi nhm cc b (Local Group) trn cc my ch thnh vin? Ch ng ging nhau nh t no? Trong min chy Cp chc nng Windows Server 2003, cc i tng bo mt no c th l thnh vin ca nhm Global? (chn tt c cc cu tr li ng). a. Users b. Computers c. Universal groups d. Global groups 3. Trong hp thoi Properties bn truy cp vo th no thm ngi d ng vo nhm?

    4. Bn cn a nhm IT Administrators vo trong nhm Sales cc thnh vin ca n c th truy cp n c ng cc ti nguyn ( c t cc Cp php trong ACL) nh l cc thnh vin ca nhm Sales. T trang Properties ca nhm IT Administrator, bn cn truy cp th no thc hin vic ny? 5. Nu m i trng ca bn c hai min, mt chy Windows Server 2003, mt chy Windows NT 4, cc phm vi nhm no bn c th s dng gn cc Cp php i vi bt k ti nguyn no nm trn mt My ch Qun tri Min bt k? 6. Cc s thay i phm vi nhm no sau y l c php? (Chn tt c cc cu tr li ng.) a. Global thnh universal b. Domain local thnh universal c. Universal thnh global d. Domain local thnh local e. Global thnh domain local 7. Bn s s dng c ng c no to nhm cc b trn my tnh chy Windows 2000 kh ng phi l My ch Qun tri Min? 8. Bn d nh xa nhm Bo mt Global bng bng iu khin Active Directory Users And Computers, v bng iu khin kh ng cho php QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 -346LM VIC VI NHM bn thc hin tc v ny. Cc nguyn nhn no sau y gy nn li trn? (Chn tt c cc cu tr li ng.) a. Vn cn thnh vin trong nhm. b. Mt trong cc thnh vin ca nhm c thit lp nhm t n l nhm chnh (Primary Group.) c. Bn kh ng c y cc Cp php cn thit i vi i tng cha m nhm ny ang c nh v trong n. d. Bn kh ng th xa nhm Global bng cch s dng bng iu khin Active Directory Users And Computers. 9. Ti sao bn kh ng nn s dng cc nhm cc b trn my tnh sau khi n tr thnh thnh vin ca min.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 -347-

    CC KCH BN TNH HUNG Kch bn 7-1: S dng Phm vi nhm LM VIC VI NHM Bn l Qun tr ca min Windows Server 2003 ang hot ng ti Cp chc nng Windows 2000 Mixed. Min Windows 2003 ca bn, Consoto.com, c thit lp quan h tin cy vi min Windows NT 4, ACNA_north, trong ACNA_north l min c tin cy. Bn ang lp k hoch s dng cc nhm trong min ca bn v cn phi xc nh loi phm vi nhm no c th s dng trn bt c min no trong rng ca bn. Loi Phm vi nhm no bn c th s dng nh l cc i tng bo mt tha mn cc iu kin trn? a. b. c. d. Domain local Global Universal Domain local with a nested global group Kch bn 7-2: To nhm s dng Dsadd.exe Bn l Qun tr mng ang xy dng Active Directory trn mt mng mi c tn Fabrikam, Inc., v bn cn to i tng ngi d ng cho 75 nhn vin ca phng Inside Sales. Bn to min Fabrikam.com v mt OU c tn Inside Sales cho mc ch ny. Phng nhn s cp cho bn mt bn danh

    sch cc nhn vin v yu cu bn to tn ti khon vi ch ci u ca tn gi v tn h. Mi ngi d ng nht thit phi c gi tr Inside Sales trong thuc tnh Department v gi tr Fabrikam, Inc. trong thuc tnh Company. S dng tn u tin trong danh sch, Mark Lee, lm v d, cc nh dng cu lnh no sau y gi p bn c th to c 75 i tng ngi d ng c cc gi tr thuc tnh ng theo yu cu? a. dsadd "Mark Lee" company "Fabrikam, Inc." dept "Inside Sales" b. dsadd user CN=Mark Lee,CN=Inside Sales,DC=fabrikam,DC=com company Fabrikam, Inc. dept Inside Sales c. dsadd company "Fabrikam, Inc." dept "Inside Sales""CN=Mark Lee,CN=Inside Sales,DC=fabrikam,DC=com" e. dsadd user "CN=Mark Lee, CN=Inside Sales, DC=fabrikam, DC=com" company "Fabrikam, Inc." dept "Inside Sales" QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 -348LM VIC VI TI KHON MY TNH

    CHNG 8: LM VIC VI TI KHON MY TNH Trong hai chng trc, bn tm hiu k v cc i tng ca Active Directory nh ngi d ng, nhm v OU, l cu tr c logic cho php ngi d ng truy nhp vo cc ti nguyn trn mng. Tuy nhin, cn c cc i tng ca Active Directory i din cho nhng ti nguyn c th, vt l v mt trong nhng i tng quan trng nht ny l Computer Object (i tng my tnh). Kh ng c i tng my tnh ngi d ng vn c th c cc Cp php truy nhp vo cc ti nguyn nhng h li kh ng c c ch vt l cung cp truy nhp . Trong chng ny bn s tm hiu lm th no to v qun l cc i tng my tnh trn mng Active Directory. Sau khi hon thnh chng ny, bn c kh nng: M t qu trnh a thm my tnh vo min Active Directory To v qun l i tng My tnh Gii quyt s c ca Ti khon My tnh

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 - 349 LM VIC VI TI KHON MY TNH

    TM HIU I TNG MY TNH (COMPUTER OBJECT) Trong cu hnh mc nh ca Windows Server 2003 v tt c cc h iu hnh khc ca Windows, mt my tnh thuc v mt nhm lm vic (Workgroup). Nh bn tm hiu trong chng 6, cc my tnh thuc Nhm lm vic xc thc ngi d ng bng ti khon c lu tr ti h thng cc b. Nu ngi d ng mun truy nhp vo mt ti nguyn trn mt my tnh thucNhm lm vic th ngi phi c mt ti khon ngi d ng trn my tnh , nh ch ra trong hnh 8-1. Thm ch, bn vn c th kt ni ti my tnh thuc Nhm lm vic th ng qua mng, nhng mi h thng chu trch nhim bo mt v kim sot truy nhp ring ca mnh. Do , trn Nhm lm vic kh ng c bt c cu hi no v my tnh no m bn ang s dng bi v bn phi c xc thc s dng ti khon trn chnh my tnh ny.

    Hnh 8-1 Lu tr ti khon ngi d ng trongNhm lm vic Hu ht cc mng chy Windows c nhiu hn mt vi my tnh ngi ta kh ng s dng m hnh Nhm lm vic (Workgroup) m h s dng m hnh Min (Domain), c thc thi trong Windows Server 2003 nh Dch QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 - 350 LM VIC VI TI KHON MY TNH v Th mc Active Directory.Trong Dch v Active Directory, ngi d ng c ti khon trong mt Min thay cho ti khon trn nhng my tnh ring r. Ngi qun tr c th s dng ti khon min gn ngi d ng truy nhp vo ti nguyn trn cc my tnh trn ton mng. Ti khon ngi d ng min c lu tr ti th mc tp trung trn my ch c gi l My ch iu khin Min, ngi d ng c th ng nhp vo Min t my tnh bt k trn mng v c xc thc bi My ch iu khin Min. Do mng Min Windows s dng th mc tp trung, vic theo di cc my tnh thc s, l mt phn ca Min, s c mt s ngha nht nh. lm c vic ny, Active Directory s dng Ti khon My tnh, trong nh dng ca i tng My tnh trong cy Active Directory (ch ra nh trong hnh 8-2). Bn c th c mt ti khon ngi d ng Active Directory v mt khu hp l, nhng nu my tnh ca bn kh ng c biu din bng mt i tng My tnh th bn s kh ng th ng nhp vo Min. Cc i tng My tnh c lu tr ti phn cp Active Directory ging nh vic lu cc i tng Ngi d ng hay i tng Nhm, ch ng c c ng cc kh nng nh sau: Chng cha cc thuc tnh xc nh tn ca my tnh, ni m n nh v v ai l ngi c php qun l n. Chng k tha cc thit lp Chnh sch Nhm t cc i tng Cha nh l Min, Site v OU. Chng c th l thnh vin ca cc nhm Bo mt (Security Group) v nhm Phn Phi (Distribution Groups) v k tha cc Cp php ca cc i tng Nhm.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 - 351 LM VIC VI TI KHON MY TNH

    Hnh 8-2 Lu tr ti khon my tnh Min Active Directory. Khi mt ngi d ng thc hin ng nhp vo Min Active Directory, my trm thit lp mt kt ni ti mt My ch iu khin Min xc thc nh danh ca ngi d ng. Nhng trc khi xy ra vic xc thc ngi d ng, hai my tnh thc hin chun b xc thc s dng cc i tng My tnh tng ng m bo l c hai h thng u l cc phn ca Min ny. Dch v Truy nhp Mng (NetLogon service) ang chy trn my trm kt ni ti c ng dch v ny trn My ch iu khin Min v sau tng my kim tra li h thng kia c ti khon my tnh hp l cha. Khi s kim tra c hon tt, hai h thng thit lp mt knh kt ni bo mt m sau ch ng c th s dng bt u qu trnh xc thc ngi d ng. S kim tra Ti khon My tnh gia my trm v My ch iu khin Min l qu trnh xc thc thc s d ng tn ti khon v mt khu ng nh khi xc thc ngi d ng Min. S khc nhau l ch mt khu c s dng bi ti khon my tnh c sinh ra mt cch t ng v c gi di dng n. Ngi qun tr c th khi to li (Reset) Ti khon My tnh nhng h kh ng phi cung cp mt khu cho ch ng. LU : H iu hnh Windows v cc i tng My tnh: Cc my tnh chy trn nn tng h iu hnh Windows NT nh Windows Server 2003, Windows XP, Windows 2000 v Windows NT h tr Min mt cch t nhin v lu n c i din bi cc i tng My tnh trong Active Directory . Cc h iu hnh Window QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 - 352 LM VIC VI TI KHON MY TNH

    trn nn tng MS-DOS gm c Windows Millennium Edition (Me), Windows 98 v Windows 95 c th tham gia vo Min th ng qua vic ci t Active Directory my khch nhng ch ng s dng tn Min c ch ra trong khi ci t Active Directory trn my trm v kh ng c i tng My tnh cho cc my trm ni trn trong Min ny. B SUNG THM MY TNH VO MIN Ngi qun tr, ngoi vic to ti khon ngi d ng v ti khon nhm trong Min, cng phi chc chn rng cc my tnh mng l mt phn ca Min. Vic b sung thm my tnh vo Min Active Directory bao gm hai bc sau: To ti khon my tnh Bn to ti khon my tnh bng cch to mt i tng My tnh mi trong Active Directory v gn tn ca n cho mt my tnh thc s trn mng. Kt ni my tnh vo Min Khi bn kt ni my tnh vo Min, h thng lin lc vi My ch iu khin Min, thit lp mt quan h tin cy vi Min, nh v (hoc to) i tng My tnh tng ng vi tn ca my tnh, sa nhn dng bo mt SID ca n ph hp vi i tng My tnh v chnh sa quan h thnh vin nhm ca n. Thc hin cc bc ny nh th no v ai thc hin ch ng, ph thuc vo vic cc my tnh c trin khai trn mng nh th no. C nhiu cch to i tng My tnh mi v lm th no ngi qun tr la chn lm vic ny ph thuc vo mt s cc yu t, gm s lng cc i tng h cn to, v tr ca cc i tng ny khi to v c ng c g h thch d ng. Ni chung, bn s to cc i tng My tnh khi bn trin khai cc my tnh mi trong Min. Khi mt my tnh c i din bi mt i tng My tnh v kt ni vo Min, bt c ngi d ng no trong Min c th ng nhp vo t my tnh . V d, bn kh ng phi to i tng My tnh mi hoc kt ni li cc my tnh vo Min khi c nhn vin ri khi c ng ty v nhn vin mi s dng cc my tnh ca h. Tuy nhin, nu bn ci li h iu hnh trn my tnh th bn phi to i tng My tnh mi cho n (hoc khi to li (Reset) Ti khon My tnh c) bi v my tnh ny s c m nhn dng bo mt (SID) khc sau khi ci t li. Vic kt ni mt my tnh mi vo Min lu n c thc thi ti chnh my tnh bi ngi qun tr hoc bi ngi d ng. Tuy nhin, vic to i tng My tnh c th xy ra trc hoc trong khi xy ra qu trnh kt ni. QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 - 353 LM VIC VI TI KHON MY TNH Ngi qun tr thng chu trch nhim to i tng My tnh nhng

    d ng cui cng c th t to cc i tng ca h vi nhng iu kin nht nh. LU : Mc ch k thi Mc ch ca k thi 70-290 yu cu cc th sinh c kh nng To v qun l ti khon my tnh trong m i trng Active Directory. TO I TNG MY TNH Vic to i tng My tnh lu n lu n phi xy ra trc khi my tnh tng ng thc s c th kt ni vo Min, mc d n i khi kh ng xut hin theo

    ngi

    cch . C hai chin lc c bn cho vic to i tng My tnh trong Active Directory: To cc i tng My tnh trc s dng c ng c Active Directory, sao cho cc my tnh c th nh v cc i tng sn c khi ch ng gia nhp Min. Bt u qu trnh gia nhp Min trc v cho php my tnh ny t to cc i tng My tnh ca mnh. Trong mi trng hp, i tng My tnh lu n xut hin trc khi s kin my tnh gia nhp min xy ra. Ti chin lc th hai, qu trnh gia nhp xut hin trc nhng my tnh s to ra i tng My tnh trc khi thc s bt u qu trnh gia nhp Min. Khi bn c mt s cc my tnh cn trin khai, c bit l nhiu v tr khc nhau, hu ht cc qun tr thch to cc i tng My tnh trc hn. i vi s lng my tnh ln thm ch c th thc hin qu trnh to cc i tng My tnh t ng bng cch s dng cc c ng c dng dng lnh v cc file b (*.BAT). Trong cc phn tip theo ta s nghin cu cc c ng c bn c th s dng to cc i tng My tnh. To cc i tng My tnh s dng Active Directory And Computers Cng nh i vi cc i tng Ngi d ng v i tng Nhm bn nghin cu ti cc chng trc, tin ch chnh ca Windows Server 2003 to c c i tng My tnh l bng iu khin Active Directory Users And Computers, nh c ch ra trong hnh 8-3.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 - 354 LM VIC VI TI KHON MY TNH

    Hnh 8-3 Bng iu khin Active Directory Users And Computers to cc i tng My tnh ti Min Active Directory bng cch s dng bng iu khin Active Directory Users And Computers hay bt c tin ch no khc bn phi c cc Cp php thch hp cho i tng Cha s b tr cc i tng ny. Mc nh, nhm Administrators c Cp php to cc i tng ti bt k ni no trn Min v nhm Account Operators c Cp php c bit Create Computer Objects v Delete Computer Objects to v xo i tng My tnh ra khi i tng Cha Computers, cng nh l ra khi bt k OU mi no m bn to. Nhm Domain Admins v Enterprise Admins l thnh vin ca nhm Administrators, bi vy thnh vin ca cc nhm ny cng c th to cc i tng My tnh ti bt c ni no. Ngi qun tr cng c th u quyn iu khin i tng Cha cho cc ngi d ng hay cc nhm nht nh cho php h to cc i tng My tnh ti cc i tng Cha ny. THNG TIN THM: Ngi d ng bnh thng cng c php to mt s lng gii hn cc i tng My tnh. bit chi tit hn, xem Nhp My tnh vo Min ti phn sau ca chng ny. Qu trnh to mt i tng My tnh ti Active Directory Users And Computers tng t nh qu trnh to ngi d ng hoc nhm. Bn chn i tng Ch n t i tng v chn thc n Action, tr ti

    New v chn Computer. Xut hin trnh hng dn New Object Computer, nh trong hnh 8-4. QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 - 355 LM VIC VI TI KHON MY TNH Ti trang u ca trnh hng dn, bn c th cu hnh cc thuc tnh sau ca i tng My tnh : Computer Name Ch ra tn ca my tnh c di ti 63 k t, c gn cho i tng My tnh. Tn ny phi ng vi tn ca my tnh c kt ni vi i tng ny. Computer Name (PreWindows 2000) Khi bn nhp vo tn my tnh, 15 k t u xut hin trong trng ny. y l tn ca my tnh m cc my tnh trc Windows 2000 trn mng s d ng. User Or Group Ch ra ngi d ng v nhm c php nhp my tnh vo Min. Gi tr mc nh l nhm Domain Admins. thay i bm Change m hp thoi chun Select User or Group. Assign This Computer Account As A PreWindows 2000 Computer Chn hp chn ny nu my tnh gia nhp vo Min s dng i tng ny chy Windows NT 4.0. Assign This Computer Account As A Backup Domain Controller Chn hp chn ny nu my tnh gia nhp vo Min s dng i tng ny c chc nng nh My ch iiu khin Min D phng chy Windows NT 4.0 (Backup Domain Controller - BDC).

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 - 356 LM VIC VI TI KHON MY TNH

    Hnh 8-4 Trnh hng dn New Object Computer Sau khi hon thnh trang ny, bm Next hin th trang Managed, ch ra ti hnh 8-5. Trn trang ny, bn c th ch ra liu my tnh c nh x ti i tng My tnh trn min l c th qun l c m bn s ci t s dng Dch v Ci t T xa (Remote Installation Services - RIS) hay kh ng Nu bn chn hp chn ny, bn phi cung cp M nhn dng Duy nht Ton cc (Globally Unique Identifier - GUID) hoc M nhn dng Duy nht Tng hp (Universally Unique Identifier - UUID) cho my tnh ny.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 - 357 LM VIC VI TI KHON MY TNH

    Hnh 8-5 Trang Managed ca trnh hng dn New Object Computer Bm Next hin th trang Summary v bm Finish, trnh hng dn s to i tng My tnh trong i tng Cha chn. To i tng My tnh s dng Dsadd.exe Cng nh i vi ngi d ng v nhm, bng iu khin Active Directory Users And Computers rt tin li cho vic to v qun l cc i tng n l, nhng rt nhiu ngi qun tr d ng cc c ng c dng dng lnh ca Active Directory trong Windows Server 2003 khi h phi to ng thi nhiu i tng. Tin ch Dsadd.exe cho php bn to cc i tng My tnh t dng lnh tng t nh vic to i tng Ngi d ng v i tng Nhm trong cc chng trc. Bn c th to file b (*.BAT) ca lnh Dsad x php c bn to mt

    i tng My tnh bng Dsadd.exe nh sau: dsadd computer ComputerDN [parameters] Tham s ComputerDN l Tn Phn bit (Distinguished Name) ca i tng My tnh mi bn mun to. DN s dng c ng nh dng nh ti file CSV (Comma-Separated Value), nh ch ng ta tho lun trong chng 6. QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 - 358 LM VIC VI TI KHON MY TNH Nu DN cha du cch th bn phi trong du ngoc kp (). Khi s dng Dsadd.exe mt cch tng tc t du nhc lnh bn s cung cp tham s ComputerDN theo mt trong cc cch sau: Bng cch g DN ngay trn dng lnh, phn tch nhau bi du cch. Bng cch dn nhp danh sch DN t dng lnh khc, nh Dsquery.exe. Bng cch b trng tham s DN, ti du nhc ca chng trnh bn c th g DN vo. n phm Enter sau mi DN , n Ctrl+Z v Enter sau DN cui c ng. Bn cng c th b sung thm bt k mt tham s no sau y vo dng lnh Dsadd.exe, xc nh cc gi tr cho cc thuc tnh ca i tng My tnh: -samid SAMName Ch ra tn SAM (Security Accounts Manager) cho i tng My tnh, c cc h thng trc Windows 2000 s dng. -desc description Ch ra din gii cho i tng My tnh -loc location Ch ra v tr ca my tnh tng ng vi i tng My tnh -memberof GroupDN Ch ra DN ca mt hoc nhiu nhm m my tnh mi s tr thnh thnh vin. Bn cng c th b sung thm cc tham s -s, -u v -p ch ra My ch iu khin Min m lnh Dsadd.exe s chy trn , tn ngi d ng v mt khu s c d ng thc thi lnh ny, nh ch ra di y: {-s Server | -d Domain}

    sinh ra ng thi cc i tng. C

    -u UserName -p {Password | *} , Khi c du *, bn s c nhc nhp mt khu ti du nhc lnh. V d, to mt i tng My tnh c tn l webserver1 trong i tng Cha Computers, bn s s dng lnh sau: dsadd computer "CN=webserver1, CN=Computers, DC=ACNA, DC=com" To i tng My tnh s dng Netdom.exe Netdom.exe l c ng c dng lnh khc na m bn c th d ng to i tng My tnh cng nh thc hin nhiu cc c ng vic v ti khon Min QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 - 359 LM VIC VI TI KHON MY TNH v cc tc v bo mt khc. Li ch ca vic s dng Netdom.exe thay cho Dsadd.exe l bn kh ng phi ch ra tn ca i tng My tnh bn mun to nh l DN. Lnh n gin sau to ra mt i tng My tnh trong i tng h a Computers : netdom add webserver1 LU Netdom.exe Netdom.exe c sn trong Windows Server 2000, nhng n kh ng c ci c ng vi h iu hnh. Bn c th ci Netdom.exe t Windows Support Tools bng cch chy Suptools.msi t folder Support\Tools trong a CD ci t Windows Server 2003. C php y ca Netdom.exe, khi bn s dng cu lnh ph add nh sau: netdom add computername [/Domain:DomainName] /UserD:User/PasswordD:UserPassword] [/OU:OUDN] Chc nng ca tham s ca dng lng nh sau: computername Ch ra Tn Ph bin (Common Name) ca i tng My tnh c to. /Domain:DomainName Ch ra tn Min m ti bn to i tng My tnh. Khi b qua, chng trnh to i tng ny trong Min m ngi d ng hin thi ang ng nhp. /UserD:User Ch ra tn ca ti khon ngi d ng m chng trnh s s dng to i tng My tnh. Khi b trng, chng trnh s dng ti khon ca ngi d ng hin ang ng nhp. /PasswordD:UserPassword Ch ra mt khu tng ng vi ti khon ngi d ng ch ta bi tham s /UserD. Tham s ny phi c khi dng lnh cha tham s /UserD. K t i din (*) c th c s dng nhc bn nhp mt khu. /OU:OUDN Ch ra DN ca OU ti ni m i tng My tnh s c to. Khi b trng, chng trnh to i tng trong i tng Cha Computers. Nhp my Qu trnh tnh ny tnh cc tnh vo Min nhp mt my tnh vo Min phi thc s xy ra ti chnh my v c thc thi bi thnh vin ca nhm Administrators ca my b. Sau khi ng nhp, bn nhp my tnh chy Windows Server

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 - 360 LM VIC VI TI KHON MY TNH

    2003 vo Min t th Computer Name ti hp thoi System Properties (chy t biu tng System ti Control Panel), nh trong hnh 8-6.

    Hnh 8-6 Th Computer Name trong hp thoi System Properties Trn my tnh kh ng gia nhp vo Min, Th Computer Name hin th tn gn cho my tnh trong khi ci t h iu hnh v tn ca Nhm lm vic m h thng hin ang thuc v ( l WORKGROUP theo mc nh). nhp my tnh vo Min bm Change hin th hp thoi Computer Name Changes (ch ra trong hnh 8-7).

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 - 361 -

    LM VIC VI TI KHON MY TNH

    Hnh 8-7 Hp thoi Computer Name Changes Ti hp thoi ny, hp Computer Name cho php bn thay i tn gn cho my tnh trong khi ci t. Ph thuc vo vic bn to i tng My tnh hay cha, cn nhc k cc kh nng phng sau: Nu bn mun nhp my tnh vo Min c i tng My tnh trong Active Directory, tn nhp vo ti hp ny phi ph hp chnh xc vi tn ca i tng tn ti. Nu bn d nh to i tng My tnh trong khi thc hin tin trnh nhp my tnh vo Min, tn ti hp ny phi cha tn ti trong Min. Tip theo, chn tu chn Domain v g tn ca Min m my tnh s kt ni ti v bm OK. Khi my tnh thit lp lin h vi My ch iu khin Min ca Min ny, xut hin hp thoi Computer Name Changes th hai, nh ch ra trong hnh 8-8, nhc bn cho vo tn ti khon v mt khu ca ti khon ngi d ng min c Cp php nhp my tnh vo Min.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 - 362 LM VIC VI TI KHON MY TNH

    Hnh 8-8 Hp thoi xc thc Computer Name Changes LU : Giao tip vi My ch iu khin Min Nu bn nhn thy th ng bo cho bn bit l my tnh kh ng th tm thy my ch iu khin min m bn ch ra, y thng l li cu hnh mng. Th ng thng, l a ch my ch DNS ti cu hnh TCP/IP kh ng ng. Windows Server 2003 da vo H thng Tn Min (Domain Name System - DNS) tm my ch iu khin min v nu my tnh kh ng c kt ni ti my ch DNS gi tn min th giao tip vi my ch iu khin min kh ng th thc hin c. Khi bn c xc thc vi My ch iu khin Min, c mt th ng bo vi ni dung cho n my tnh gia nhp vo Min v bn c ch dn khi ng li my tnh. Nhp my tnh vo Min s dng Netdom.exe Bn cng c th s dng tin ch dng lnh Netdom.exe kt ni my tnh ti Min. C php ca dng lnh nh sau: netdom join computername /Domain:DomainName [/UserD:User /PasswordD:UserPassword] [/UserO:User /PasswordO:UserPassword] [/OU:OUDN] [REBoot:seconds] Chc nng ca cc tham s dng lnh nh sau: computername Ch ra tn my tnh c kt ni. /Domain:DomainName Ch ra tn Min my tnh s kt ni ti. QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 - 363 LM VIC VI TI KHON MY TNH /UserD:User Ch ra tn ti khon ngi d ng min m chng trnh s s dng nhp my tnh vo Min. /PasswordD:UserPassword Ch ra mt khu tng ng vi ti khon ngi d ng min ch ra bi tham /UserD. /UserO:User Ch ra tn ca ti khon ngi d ng cc b m chng trnh s s dng truy nhp ti my tnh ny. /PasswordO:UserPassword Ch ra mt khu tng ng vi ti khon

    ngi d ng cc b ch ra bi tham s /UserO. /OU:OUDN Ch ra DN ca OU m ti i tng My tnh s c to ra. Nu trng, chng trnh to i tng ti i tng Cha Computers. /REBoot:seconds Ch ra my tnh s t ng tt v khi ng li sau khi gia nhp Min. Bn cng c th ch thi gian tnh theo giy trc khi my tnh khi ng li. Gi tr mc nh l 20 giy. To i tng My tnh trong khi nhp my tnh vo Min Bn c th nhp my tnh vo Min cho d bn to i tng My tnh cho n hay cha. Khi my tnh xc thc vi My ch iu khin Min, My ch iu khin Min s qut CSDL Active Directory tm i tng My tnh c ng tn vi my tnh ny. Nu kh ng tm thy i tng ph hp My ch iu khin Min s to i tng My tnh ti i tng Cha Computers d ng tn do my d nh gia nhp Min cung cp. i vi i tng My tnh c to t ng theo cch ny, n s i hi ti khon ngi d ng m bn ch ra khi kt ni ti My ch iu khin Min phi c quyn Khi to i tng (Create Object) ti i tng Cha Computers,v d nh l thnh vin ca nhm Administrators. Tuy nhin, kh ng phi l c no cng ng nh vy. Ngi d ng min cng c th t to i tng My tnh ca h mt cch gin tip. Chnh sch Nhm ca My ch iu khin Min Mc nh (Default Domain Controllers Policy) gn Quyn Ngi d ng Add Workstations To Domain cho nhm ng nht c bit Authenticated Users, nh trong hnh 8-9. iu ny c ngha l bt c ngi d ng no xc thc thnh c ng vi Active Directory s c quyn nhp ti 10 my trm vo Min v to 10 i tng My tnh tng ng, thm ch c khi h kh ng c quyn Create Object.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 - 364 LM VIC VI TI KHON MY TNH

    Hnh 8-9 Phn quyn ngi d ng Default Domain Controllers Policy iu quan trong cn phi lu v Quyn Ngi d ng Add Workstations To Domain, mc d vy, l Workstations l t c ngha nht. Ngi d ng xc thc c th thm ti 10 my trm vo Min cn my ch th kh ng. iu ny c ngha my tnh phi chy Windows XP Professional, Windows 2000 Professional hoc mt trong nhng bn Active Directory my khch thp hn. Ngi d ng xc thc kh ng th nhp my tnh chy Windows Server 2003 hoc Windows 2000 Server vo Min. Nhp vo Min trong khi ci t h iu hnh Mc d bn c th nhp mt my tnh Windows Server 2003 tn ti vo Min bt k l c no, bn cng c th thc hin nhp ch ng trong khi ci t h iu hnh. Khi trnh hng dn ci t Windows hin trang Workgroup Or Computer Domain, nh trong hnh 8-10, bn c th ch ra tn ca Min m my tnh s gia nhp. Bn c nhc vo ti khon ngi d ng min v mt khu xc thc vi My ch iu khin Min v qu trnh gia nhp c din t trn.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 - 365 LM VIC VI TI KHON MY TNH

    Hnh 8-10 Trang The Workgroup Or Computer Domain ca trnh Hng dn Ci t Windows nh v i tng My tnh M c nh, mi Min Active Directory mi c hai i tng Cha l Computers v Domain Controllers, nh ch ra trong hnh 8-11. Khi bn to Min bng cch thng cp My ch iu khin Min u tin, Trnh hng dn ci t Active Directory to ra hai i tng Cha ny v tip l to i tng My tnh cho My ch iu khin Min mi ti i tng Cha Domain Controllers.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 - 366 LM VIC VI TI KHON MY TNH

    Hnh 8-11 i tng Cha Computers v Min Active Directory

    Domain Controllers trong

    nh v i tng My tnh ca My ch iu khin Min i tng Cha Domain Controllers l mt i tng OU. Bn kh ng bao gi phi to i tng My tnh cho My ch iu khin Min bi v Trnh hng dn ci t Active Directory to v t ch ng vo OU Domain Controllers. i tng Cha ny phi l mt OU bi v c GPO p dng cho n c gi l Default Domain Controllers Policy GPO. GPO ny cha cc thit lp ca chnh sch ch yu cho vic bo mt ca My ch iu khin Min. Trong hu ht cc bn ci t Active Directory th i tng My tnh ca My ch iu khin Min vn ng ch c ca n. Nu bn mun di chuyn ch ng, bn phi m bo p dng chnh sch Default Domain Controllers Policy GPO cho OU mi c cha My ch iu khin Min hoc to mt GPO tng ng c cha cc thit lp dnh ring cho vai tr My ch iu khin Min. nh v c i tng My tnh khc i tng Cha Computers l v tr mc nh cho tt c cc i tng My tnh khc m c to bng phng php t ng, nh l khi mt my tnh gia nhp Min v cha tn ti i tng My tnh tng ng vi n. S dng bng iu khin Active Directory Users And Computers, bn c th QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 - 367 LM VIC VI TI KHON MY TNH to i tng My tnh ti mt i tng Cha bt k, qun l v di chuyn ch ng. C th, bn s thy rt l, l i tng Cha Computers kh ng phi l mt OU, n l mt trong cc i tng c bit, l loi i tng m lp tng ny theo ngha en th ng l mt i tng Cha, cng nh cc i tng Cha Users, Builtin v Foreign- SecurityPrincipals. Nh bn tm hiu ti chng 6, bn kh ng th to hoc xo nhng i tng Cha ny v bn kh ng th p dng GPO cho ch ng. Do vy bn kh ng th trin khai cc thit lp chnh sch nhm cho cc i tng My tnh ct gi mt cch n gin. V l do ny, nn to t nht mt OU v di chuyn cc i tng My tnh t i tng Cha Computers ti . Nhiu mng Active Directory to ng thi cc OU cho cc i tng My tnh theo t chc hoc theo phn cp a l trong cy Active Directory hoc to cc i tng Cha ring r theo cc vai tr khc nhau m cc my tnh thc h n . V d, bn nn to mt OU cho my trm ca bn v mt lot cc OU cho cc My ch Thnh vin (Member Server). iu ny cho php bn trin khai mt GPO cha cc thit lp chnh sch cho tng OU, t to mt cu hnh h thng khc theo mi vai tr ca tng my tnh. Chuyn hng i tng My tnh Mc d bn c th to cc i tng My tnh trong i tng Cha Computers v di chuyn ch ng ti bt k v tr no m bn mun v bn

    cng c th cu hnh Windows Server 2003 t ng t cc i tng My tnh n to ra vo mt i tng Cha khc. Cch ny thng c s dng hn v n cho php bn t i tng My tnh mi vo OU thch hp trc khi my tnh thc s gia nhp Min. Vic ny m bo l my tnh c kim so t bi cc chnh sch p dng cho OU ngay sau khi my tnh gia nhp Min. chuyn hng i tng My tnh mi, Min ca bn phi s dng Doma in functional level (Cp chc nng Min) Windows Server 2003 . M ca s du nhc lnh v t dng lnh chy tin ch Redircmp.exe, cung cp c ng vi Windows Server 2003, ch ra DN ca OU hoc i tng Cha khc bn mun t i tng mi vo, nh v d sau: redircmp ou=workstations,DC=ACNA,dc=com THNG TIN THM: bit chi tit hn v Cp chc nng Min (domain functional level) v lm th no ch ng nh hng n vic to v qun l cc i tng ca Active Directory, xem Tm hiu v cc Cp Chc nng Min ti chng 7. QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 - 368 LM VIC VI TI KHON MY TNH QUN L CC I TNG MY TNH Khi bn to cc i tng My tnh v nhp ch ng vo Min, bn c th qun l cc i tng v cc my tnh t bng iu khin Active Directory Users and Computers. Mt s cc chc nng qun l bn c th thc thi c m t phn sau. CHNH SA CC THUC TNH CA I TNG MY TNH Ging nh l tt c cc i tng trong Active Directory, i tng My tnh cng bao gm cc thuc tnh cha rt nhiu cc th ng tin v h thng m i tng i din cho n. chnh sa cc thuc tnh ca i tng My tnh, bn chn n ti bng iu khin Active Directory Users and Computers v t thc n Action, chn Properties hin th hp thoi Properties ca i tng, nh ch ra trong hnh 8-12. c

    Hnh 8-12 A Hp thoi Properties ca i tng My tnh Hp thoi c 7 th: General Ti y, bn c th g vo din gii cho my tnh i din bi i tng ny. Cc hp khc (Computer Name [PreWindows QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 - 369 LM VIC VI TI KHON MY TNH 2000], DNS Name, v Role) cha cc th ng tin c th c cung cp t ng khi my tnh gia nhp Min. Operating System Gm c tn, phin bn v mc ca gi dch v (service pack level) ca h iu hnh chy ang chy trn my tnh c i din bi i tng ny. Th ng tin ny c cp t ng khi my tnh nhp vo Min. Kh ng c thc tnh no do ngi d ng nh ngha ti th ny. Member Of Cho php bn ch ra nhm m i tng My tnh ny l thnh vin. Mc nh, tt c cc i tng My tnh mi kh ng phi l My ch iu khin Min c a vo nhm ton cc Domain Computers. Delegation Cho php bn gn cc dch v chy di Cp php ca ti khon my tnh gi cc yu cu dch v ti my tnh khc trn mng vi t cch mt ngi d ng. Bn c th cho php i tng ny yu cu dch v bt k hoc to danh sch cc dch v c bit n c u, s dng ti khon u quyn khc. Location C cha hp m bn c th s dng xc nh v tr ca my tnh tng ng vi i tng ny. Managed By Cho php bn ch ra i tng ngi d ng chu trch nhim qun l ca my tnh i din bi i tng ny. Khi bn lm nh vy, cc thuc tnh thch hp t ca i tng ngi d ng chn s hin th trong th ny, nh trong hnh 8-13. Cc th ng tin ny c ly mt cch ng t i tng ngi d ng; ch c tn ca ngi d ng l c lu tr nh l mt phn ca i tng My tnh. Dial-In Cho php bn ch ra gi tr cho cc thuc tnh kim sot truy nhp quay s t xa ti my tnh i din bi i tng ny, nh l s c php truy nhp hay b t chi v s s dng hay kh ng cc tnh

    nng nh l nh danh ngi gi (caller ID) v gi li (callback).

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 - 370 LM VIC VI TI KHON MY TNH

    Hnh 8-13 Th My tnh

    Managed By trong hp thoi

    Properties ca i tng

    XO , V HIU HO V KHI TO LI I TNG MY TNH Di cc iu kin bnh thng, cc i tng My tnh kh ng i hi ngi qun tr bo tr v chm sc. Tuy nhin, trong mt s hon cnh ngi qun tr nn thao tc vi cc i tng My tnh, nh l trnh cho ch ng b s dng sai hoc tin hnh cc thay i cho ph hp vi my tnh vt l.

    Xa i tng My tnh Xo mt i tng My tnh trong bng iu khin Active Directory Users and Computers rt n gin, bn chn i tng ny v t thc n Action chn Delete. Sau khi bn xc nhn li thao tc ny th i tng b xo vnh vin. Tuy nhin, trc khi bn bt u xo i tng My tnh cn bo m l bn hiu rt r hnh ng ny ca bn. Cng nh vi cc i tng Ngi d ng v Nhm, SID ca i tng My tnh m c gi tr duy nht cng b mt khi i tng b xo.Vic to mt i tng mi c c ng tn v c ng gi tr thuc tnh s kh ng to li c ng SID nh c v bt c quyn v nhm no gn cho n ban u khi i tng b QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 - 371 LM VIC VI TI KHON MY TNH xo cng u b mt kh ng th cu li c. Bi th bn kh ng nn xo cc i tng My tnh (hoc bt k i tng no, chnh v l do ny) tr khi bn hon ton chc chn l bn kk ng cn li n ch ng. Bn c th trnh cho i tng b s dng thay bng cch khc l v hiu ho n. LI KHUYN Tch ri my tnh ra khi Min Khi mt my tnh b di chuyn ra khi Min bng cch nhp n ti mt nhm hoc mt Min khc, n s c gng xo i tng My tnh ca mnh. Nu my tnh kh ng th xo c i tng do vn trc trc v mng, do kh ng quyn hoc bt k l do no khc, ti khon ny vn cn trn Active Directory. N c th xut hin, ngay lp tc hoc t t, nh l b v hiu ho. Nu i tng ny l kh ng cn thit ti Min th n phi c xo th c ng. V hiu ho i tng My tnh Nu bn d kin s t my tnh ri khi mng (offline) trong mt thi gian di, c h

    nguyn tc c bn nht ca bo mt l lu gi cc nh danh nhn dng cng t cn c xc thc xy ra ch vi mt s lng ti thiu cc ti khon cn thit phc v cho c quan ca bn. Khi bn v hiu ho mt i tng My tnh, SID v tt tt c cc gi tr thuc tnh ca n vn cn nguyn vn, bi vy khi bn kch hot li i tng ny c th d ng ngay m kh ng cn chnh sa. v hiu ho mt i tng My tnh, ti bng iu khin Active Directory Users And Computers, chn i tng ny v t thc n Action chn Disable Account. Xut hin du X mu ti biu tng ca i tng bo l n b v hiu ho, nh trong hnh 8-14. Khi i tng b v hiu ho, my tnh ny kh ng th thit lp knh bo mt ti Min. Ngi d ng trc cha tng ng nhp vo my tnh, do s kh ng c cc th ng tin ng nhp c lu tm trn my tnh s kh ng th ng nhp c cho ti khi bn thit lp li knh th ng tin bo mt bng cch kch hot li ti khon ny.

    c tt nht l ng xo n, hy v

    hiu ha (Disable) n. Mt nhng

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 - 372 LM VIC VI TI KHON MY TNH

    Hnh 8-14 V hiu ho ti khon my tnh kch hot li i tng, s dng c ng qui trnh nh trn v chn Enable Account t thc n Action. Reset (khi to li) i tng My tnh i khi ngi qun tr mun thay th mt my tnh trn mng nng cp phn cng hoc v cc l do khc, nhng vn mun s dng i tng My tnh ban u c ng vi nhm v cc quyn c gn ca n. Khi mt my tnh gia nhp vo mt Min v tng ng vi mt i tng My tnh c th, bn kh ng th nhp mt my tnh khc vo c ng i tng v bn cng kh ng th tch ri my tnh ra khi Min v nhp li mt my tnh khc c c ng tn m kh ng cn to li i tng ny v kh ng b mt SID cng nh nhm v cc quyn tng ng. Mc d vy, bn vn c th s dng li c ng i tng My tnh cho hai my tnh khc nhau bng cch khi to li (Reset) i tng ny. Vic khi

    to li mt i tng My tnh phi t li mt khu ca n nhng vn duy tr c tt c cc thuc tnh ca n. Bng cch t li mt khu, i tng ny c php d ng li. Bt c mt my tnh no c t tn thch hp l c th gia nhp vo Min v s dng li c i tng . khi to li mt i tng My tnh ta s dng bng iu khin Active Directory Users QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 - 373 LM VIC VI TI KHON MY TNH And Computers, chn i tng v t thc n Action chn tip Reset Account. Sau khi xc nhn li s xut hin hp th ng bo tnh trng ti khon c khi to li thnh c ng. Bn cng c th khi to li ti khon my tnh bng cch s dng tin ch dng lnh Netdom.exe. LU Mc ch k thi Mc ch k thi 70-290 i hi th sinh c kh nng Khi to li ti khon my tnh. Qun l my tnh t xa Ngoi cc thao tc vi cc i tng My tnh, bng iu khin Directory Users And Computers cng cho php bn truy nhp vo my tnh ca chnh n. Khi bn chn i tng My tnh v t thc n Action chn Manage s m ra bng iu khin Computer Management mi, tr ti my tnh c chn. Tip theo bn c th thc hin bt c chc nng chun no t bng iu khin ny vi my tnh chn (vi cc Cp php thch hp). Qun l cc i tng My tnh bng dng lnh Tt c cc c ng vic qun l i tng My tnh m bn tm hiu trong cc phn trc cng c th s dng cc c ng c dng lnh c trong Windows Server 2 3 c ng c ny. 00 . Phn trnh by sau y s c s dng cc Qun l thuc tnh ca i tng My tnh bng Dsmod.exe C ng c Dsmod.exe c th chnh sa cc thuc tnh ca i tng My tnh, cng ging nh i vi i tng ngi d ng v i tng nhm. Ngoi ra, bn c th s dng Dsmod.exe v hiu ho, kch hot v khi to li i tng My tnh (nhng kh ng xa c ch ng). C php chnh sa li i tng My tnh ca c ng c ny nh sau: dsmod computer ComputerDN [parameters] Chc nng ca cc tham s dng lnh nh sau: ComputerDN Ch ra DN ca i tng My tnh cn chnh sa. -desc Description Ch ra gi tr thuc tnh Description ca i tng My tnh. -loc Location Ch ra gi tr thuc tnh Location ca i tng My tnh. -disabled [yes|no] V hiu ho hoc kch hot i tng My tnh nh. -Reset t li mt khu ca i tng My tnh nh. QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 - 374 LM VIC VI TI KHON MY TNH

    Active

    -s Server Ch ra tn ca My ch iu khin Min m chng trnh d ng truy nhp ti i tng My tnh ny. Khi b trng th chng trnh mc nh tr ti My ch iu khin Min m ngi d ng ang ng nhp. -d Domain Ch ra tn ca Min m i tng My tnh ang nh v trong . Khi b trng chng trnh s mc nh ly Min m ngi d ng ang ng nhp. -u UserName Ch ra tn ca ti khon ngi d ng chng trnh s s dng truy nhp vo Min. Khi b trng, chng trnh s mc nh ti khon ngi d ng m h thng ang ng nhp. -p [Password | *] Ch ra mt khu ng vi ti khon ngi d ng ch ra ti tham s -u . Nu c du hoa th (*), chng trnh dng li v nhc ngi d ng nhp mt khu. v hiu ho ti khon my tnh, s dng dng lnh sau: dsmod computer CN=webserver1, CN=Computers, DC=ACNA, DC=com disabled yes khi to li ti khon my tnh, s dng dng lnh sau dsmod computer CN=webserver1, CN=Computers, DC=ACNA, DC=com Reset Xa i tng My tnh bng Dsrm.exe Dsmod.exe c th chnh sa i tng My tnh nhng kh ng xo ch ng c. xo i tng My tnh bn phi s dng tin ch Dsrm.exe. Bn cn ch ra DN cu i tng m bn mun xo ti dng lnh Dsrm.exe, s dng c php sau: Dsrm ObjectDN Khi bn xc nhn yu cu xo, chng trnh s xo i tng ny. Mt v d ca chng trnh Dsrm.exe nh sau: dsrm CN=webserver1,CN=Computers,DC=ACNA,DC=com KHC PHC S C TI KHON MY TNH Active Directory xem i tng My tnh nh l Ch th Bo mt (Sercurity Principal). iu ny c ngha l my tnh cng ging ngi d ng l c cc thuc tnh nh tn, mt khu v SID, cho php n c a vo Danh sch Kim sot Truy nhp (ACLs) ca cc i tng khc. Cc ti khon my tnh v quan h bo mt gia cc my tnh v Min thng rt QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 - 375 LM VIC VI TI KHON MY TNH mnh. Tuy nhin, ging nh cc ti khon ngi d ng, cc ti khon my tnh i khi yu cu c bo tr v khc phc s c. Him khi gp tnh hung l mt ti khon hoc knh bo mt b b gy, cc du hiu ca li thng rt r rng. Cc du hiu ph bin ca s c ti khon my tnh nh sau: Thng bo l c ng nhp ch ra l kh ng th lin h c vi My ch iu khin Min, ti khon my tnh c th b mt hoc quan h tin cy (cch khc ch ti knh bo mt) gia my tnh ny v Min b mt. Mt v d th ng bo li t my trm Windows XP, nh hnh 8-15. Thng bo li hoc ghi li cc s kin ch ra cc vn tng t hoc gi l mt khu, s tin cy, knh bo mt, hoc quan h vi Min hoc My ch iu khin Min b li. Ti khon my tnh trong Active Directory b mt.

    Hnh 8-15 Th ng bo ng nhp Windows XP ch ra c th ti khon my tnh gp s c LU Mc ch k thi Mc ch ca k thi 70-290 yu cu th sinh c kh nng khc phc s c ti khon my tnh v d on v gii quyt cc vn lin quan n cc ti khon my tnh bng cch s dng bng iu khin Active Directory Users and Computers. Nu mt trong cc tnh hung ny xy ra th bn phi khc phc s c Ti khon My tnh. Bn c hc phn trn l lm th no xa, v hiu ha, v khi to li ti khon my tnh v lm th no nhp c my tnh vo Min. Cc quy tc khc phc s c ti khon my tnh khi mt trong cc s kin xy ra nh sau: 1. Nu ti khon my tnh c trong Active Directory th bn phi khi to li n.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 - 376 -

    2.

    LM VIC VI TI KHON MY TNH n my tnh b mt trong Active Directory th bn phi to li ti khon my tnh. 3. Nu my tnh vn thuc Min th bn phi di chuyn n ra khi min bng cch thay i quan h thnh vin ca n sang Nhm lm vic (Worrkgroup). Tn ca Nhm lm vic l kh ng quan trng. 4. Nhp li my tnh vo Min. Cch khc l nhp mt my tnh khc vo Min ny, nhng my tnh mi phi c c ng tn nh ti khon my tnh. khc phc bt k s c no ca ti khon my tnh bn p dng tt c cc quy tc ny. Ch ng c th c tin hnh theo mt th t bt k, tr quy tc 4, nhp li my tnh vo Min phi lu n l bc cui c ng. Hai tnh hung di y minh ho vic s dng cc quy tc ny: Ngi d ng phn nn l khi c y ng nhp, h thng xut hin th ng bo li thng bo ti khon my tnh c th b mt. p dng quy tc 1, bn m Active Directory Users And Computers v tm thy ti khon my tnh trong Min. Bn khi to li i tng ny. Kh ng p dng quy tc 2 - i tng tn ti. Sau , s dng quy tc 3, bn tch ri h thng ny ra khi Min v theo quy tc 4, kt ni li n vo Min ny. Ti khon my tnh b khi to li do ri ro, v th quy tc 1 l c p dng. D cho vic khi to li l ngu nhin, bn vn phi

    tip tc cu li bng cch p dng ba quy tc cn li. Quy tc 2 kh ng p dng do i tng My tnh tn ti trong Min. Theo quy tc 3 v 4, tch my tnh ra khi Min v sau nhp li.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 - 377 -

    TNG KT LM VIC VI TI KHON MY TNH ngi d ng ng nhp vo Min Active Directory, h kh ng ch cn c i tng Ngi d ng, m cn phi c c i tng i din cho my tnh ca h. i tng My tnh i din cho mt h thng c th trn mng v cha cc th ng tin thuc tnh v h thng. Cc i tng My tnh c chc nng nh l Ch th Bo mt . Bn c th a ch ng vo cc nhm v gn cho ch ng cc Cp php. thm my tnh vo Min, bn phi to i tng My tnh cho n trong Active Directory v sau kt ni my vt l vi Min. i tng My tnh c th c to trc hoc trong tin trnh kt ni. i ng nhp vi t cch nh l thnh vin ca nhm

    Administrators cc b thay i quan h thnh vin Min ca my tnh. to i tng My tnh bn c th s dng bng iu khin Active Directory Users And Computers, tin ch Dsadd.exe hoc Netdom.exe. Nhm Administrators v Account Operators c quyn to i tng My tnh mi v bn cng c th u quyn thch

    hp ti ngi d ng v nhm khc. i tng My tnh m kh ng ng vai tr l My ch iu khin Min mc nh c t ti i tng Cha Computers . Bn kh ng th p dng chnh sch nhm cho i tng Cha ny, bi vy cc i tng My tnh thng c t ti OU thay cho vic t ti v tr nh ny. nhp mt my tnh vo Min, bn s dng th Computer Name ti hp thoi System Properties hoc d ng tin ch Netdom.exe. Nu i tng My tnh ca my tnh cha tn ti th khi bn tin hnh nhp n th h thng s to ra i tng ny (gi thit l bn c

    cc Cp php cn thit to n.) S dng bng iu khin Active Directory Users and Computers, tin h Dsmod.exe v Dsrm.exe, bn c th qun l cc thuc tnh ca i tng My tnh cng nh xo, v hiu ho v khi to li ch ng. i tng My tnh c M nh danh Bo mt SID m Active Directory s dng ch dn n cc quan h thnh vin nhm ca n v cc Cp php khc. Vic b xo ngu nhin l nguyn nhn lm cho SID ca n b mt kh ng cu li c, bt buc bn phi to li QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 - 378 -

    LM VIC VI TI KHON MY TNH cc Cp php. Phi cn thn khi xo i tng My tnh, thay vo h y v hiu ha ch ng v ta c th kch hot li ch ng m kh ng mt th ng tin. Cc bc chnh gii quyt s c ca i tng My tnh bao gm vic to hoc khi to li i tng, loi b my tnh khi Min v nhp li n vo Min.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 - 379 -

    BI TP THC HNH LM VIC VI TI KHON MY TNH Bi tp thc hnh 8-1: To i tng My tnh s dng Active

    Directory Users And Computers Trong bi tp thc hnh thc hnh ny, bn to i tng My tnh mi s dng bng iu khin Active Directory Users and Computers. 1. ng nhp vo My ch iu khin Min Windows Server 2003 vi t cch l Administrator. 2. Bm Start, tr ti Administrative tools v chn Active Directory Users And Computers. Xut hin Bng iu khin Active Directory Users And Computers. 3. Chn Computers i tng Cha v thc n Action tr ti New v chn Computer. Xut hin New Object Computer trnh hng dn. 4. Ti hp Computer Name , g Computer1 v tip theo chn Next. 5. Bm Next v sau bm Finish. i tng My tnh ca Computer1 xut hin trong Computers i tng Cha. Bi tp thc hnh 8-2: To i tng My tnh s dng Dsadd.exe Trong bi tp thc hnh ny, bn to i tng My tnh mi s dng tin ch Dsadd.exe. 1. ng nhp vo My ch t cch l Administrator. iu khin Min Windows Server 2003 vi 2. 3. Bm Start chy Command Prompt. Xut hin du nhc lnh. Ti du nhc, g lnh sau (vi xx l s hiu ca bn) v nhn Enter:

    dsadd computer "CN C = omputer2, CN=Computers, DC=ACNAxx, DC=com" desc "Mark Lee s Workstation" 4. Bm Start, tr ti Administrative tools v chn Active Directory Users And Computers. Xut hin bng iu khin Active Directory Users And Computers. 5. Chn i tng Cha Computers . Xc nhn l i tng My tnh ca my tnh Computer2 xut hin trong i tng Cha v c din gii Description l Mark Lees Workstation trong th General ca hp thoi Properties ca i tng. QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 - 380 LM VIC VI TI KHON MY TNH Bi tp thc hnh 8-3: V hiu ho v kch hot i tng My tnh Trong bi tp thc hnh ny, bn s v hiu ho v kch hot li i tng My tnh s dng Bng iu khin Active Directory Users And Computers. 1. ng nhp vo My ch iu khin Min Windows Server vi t cch l Administrator. 2. Bm Start, tr ti Administrative tools v chn Active Directory Users And Computers. Xut hin Bng iu khin Active Directory Users And Computers. 3. Chn i tng Cha Computers . Sau chn i tng My tnh Computer1 bn to bi tp thc hnh 8-1 v ti thc n Action chn Disable Account. Xut hin th ng bo ca Active Directory nhc bn xc nhn li lnh.

    4. Bm Yes. Xut hin th ng bo khc xc nhn l i tng Computer1 b v hiu ho. 5. Bm Yes. Biu tng Computer1 xut hin c ng vi du X mu . 6. Chn li i tng My tnh ca my tnh Computer1 v ti thc n Action chn Enable Account. Xut hin th ng bo ca Active Directory cho bn bit l i tng c kch hot. 7. Bm Yes. Biu tng Computer1 xut hin kh ng c du X mu na. CC CU HI N TP 1. Ti thiu cn phi l thnh vin ca nhm no c th to c ti khon my tnh Windows Server 2003 trong mt OU ca Min? Cn nhc tt c cc bc x l v gi thit l i tng My tnh ca h thng ny cha tng tn ti trong Active Directory. (Chn tt c cc cu tr li ng.) a. Domain Admins b. Enterprise Admins c. Administrators trn My ch iu khin Min d. Account Operators trn My ch iu khin Min e. Server Operators trn My ch iu khin Min f. Account Operators trn my tnh ny QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 - 381 -

    2. LM VIC VI TI KHON MY TNH g. Server Operators trn my tnh ny h. Administrators trn my tnh ny Cc c ng c dng lnh no sau y c th to tnh trong Active Directory? a. Dsmod.exe b. Dsrm.exe c. Netdom.exe d. Dsadd.exe e. Net.exe

    c i tng My

    3. Trn nn Windows no sau y c kh nng nhp mt i tng My tnh vo Min Active Directory? a. Windows 95 b. Windows NT 4 c. Windows 98 d. Windows 2000 e. Windows Me f. Windows XP g. Windows Server 2003 4. Khi bn m hp thoi Properties ca i tng My tnh trong Bng iu khin Active Directory Users And Computers, bn pht hin ra

    rng kh ng c thuc tnh no c hin th trong th Operating System. Cc nguyn nhn no lm cho cc thuc tnh ny b vng mt? 5. Sau mt thi k di, c ng ty ca bn to Min th hai. Tun cui c ng, mt s cc my tnh m tng trong Min ca bn c chuyn ti Min mi. Khi bn m Active Directory Users And Computers th i tng ca my tnh ny vn Min ca bn v xut hin biu tng X m . Vic thch hp tip theo l g? a. Kch hot i tng ny b. V hiu ho i tng ny c. Khi to li i tng ny d. Xo i tng ny QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 - 382 LM VIC VI TI KHON MY TNH 6. Ngi d ng th ng bo l khi tin hnh ng nhp, anh y nhn c th ng bo tnh trng my tnh kh ng th lin h c vi Min v My ch iu khin Min b tt hoc ti khon my tnh c th b mt. Bn m Active Directory Users And Computers v pht hin ra l ti khon ca my tnh b mt. Cc bc bn nn lm l g? 7. Mt ngi d ng th ng bo l khi tin hnh ng nhp, anh y nhn c th ng bo tnh trng my tnh kh ng th lin h c vi Min v My ch iu khin Min b tt hoc ti khon my tnh c th b mt. Bn m Active Directory Users And Computers v nhn thy ti khon xut hin bnh thng. Cc bc bn nn lm l g? CC KCH BN TNH HUNG Kch bn 8-1: Khi to li i tng My tnh Ti Windows Server 2003 Min ACNA.com, bn c i tng My tnh ca mt My ch Thnh vin (Member Server) c tn l Pserver01 trong OU c tn l Pservers. i tng ny i din cho my ch Print server b rt mng trong thi gian di v kh ng lin h c vi my tnh khc trong Min chp nhn lnh in. Bn xc nh l mt khu ca ti khon my tnh trong Min cn phi c khi to li. Lnh no bn c th s dng khi to li chnh xc ti khon my tnh ny? a. dsmod

    CN=pserver01, CN=PSERVERS, DC=ACNA, DC=com Reset b. dsmod computer pserver01.ACNA.com Reset c. dsmod ACNA\pserver01 Reset d. dsmod

    computer CN=pserver01, CN=PSERVERS,

    DC=ACNA, DC=com Reset Kch bn 8-2: Khc phc s c i tng My tnh Sau khi thc hin bo tr cc my tnh vn phng chi nhnh ti pha ng vo cui tun, ngi d ng phn nn gp trc trc ng nhp. Bn kim tra cc nht k s kin ca my tnh ti chi nhnh ny, thy ghi li nh sau:

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 - 383 LM VIC VI TI KHON MY TNH

    Dng nh c vn vi ti khon my tnh. Ch ra ti cc bc no sau y bn nn thc hin gii quyt vn ny, theo ng trt t. a. Xo ti khon my tnh. b. Khi to li ti khon ngi d ng. c. Nhp my tnh vo Nhm lm vic. d. V hiu ho ti khon my tnh. e. Khi to li ti khon my tnh. f. Kch hot ti khon my tnh. g. To ti khon my tnh mi. h. Nhp my tnh vo Min.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 - 384 -

    PHN 3 QUN L V DUY TR CC NGUN TI NGUYN CHIA S

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 - 385 CHIA S CC TI NGUYN H THNG FILE

    CHNG 9: CHIA S CC TI NGUYN H THNG FILE Mt trong nhng l do chnh ca s tn ti cc mng d liu l kh nng chia s cc file cho nhiu ngi s dng trn cc my tnh khc nhau. Trn mt mng nh, chia s file thng l mt tin trnh th ng thng c thc hin bi ngi s dng u cui, tnh cht bo mt t c ch ti. Tuy nhin, trn mt mng ln, m c bit l trong cc t chc thng xuyn vn hnh vi cc d liu nhy cm. Ngi qun tr mng cn m bo rng cc file cn thit c chia s, m bo ch ng phi c bo v trnh nhng ph hy do yu t khch quan hoc ch quan v ch nhng ngi no c xc thc mi c th lm vic vi ch ng.Trong chng ny, ch ng ta s im li cc ni dung v cc yu cu chia s file cho nhng ngi s dng mng mt cch hiu qu v an ton. Hon thnh chng ny bn c kh nng: To/qun l cc th mc chia s v lm vic vi cc Cp php chia s S dng cc Cp php truy cp NTFS kim sot qu trnh truy cp n cc file Qun l vic chia s file bng Microsoft Internet Information Services

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 386 CHIA S CC TI NGUYN H THNG FILE TM HIU V CC CP PHP Cp php l mt trong nhng khi nim c bn trong qu trnh qun tr h thng trn h iu hnh Windows Server 2003. Ni cch khc, Cp php l mt c n c gn cho mt thc th xc nh nh mt ngi s dng, nhm hoc my tnh chng hn nhm cho php thc th ny hnh thnh mt hnh ng xc nh hoc truy cp ti mt ti nguyn c th. Windows Server 2003 v tt c cc h iu hnh Windows khc s dng cc Cp php theo mt lot cc phng php khc nhau kim sot truy cp ti cc thnh phn khc nhau trn h iu hnh. Windows Server 2003 c nhiu loi Cp php, trong ni bt l cc Cp php c lit k di y. Mi loi Cp php ny c phn bit hon ton vi nhau mc d ch ng c th c cp cho c ng cc thnh phn h thng.

    Cc Cp php trn file: c s dng kim sot vic truy cp ti cc file v th mc trn cc a NTFS. Tt c cc ngi d ng u s dng cc Cp php ny truy cp ti cc file v th mc NTFS, bt k h ang lm vic trn mng hoc trn my tnh cha d liu. Cc Cp php chia s: c s dng kim sot vic truy cp ti cc file/folder/my in c chia s. c th truy cp n cc ti nguyn chia s ny, cc ngi d ng phi c cc Cp php nht nh. Cc Cp php Active Directory: c s dng kim sot vic truy cp ti cc i tng ca dch v Active Directory. Ngi d ng phi c mt s Cp php nht nh c th ng nhp vo Min v truy cp ti cc ti nguyn trn mng. Ngi qun tr cn c cc Cp php cao hn nhm duy tr cc c tnh ca cc i tng v cu tr c cy Active Directory. Cc Cp php registry: c s dng kim sot vic truy cp ti cc kha ca registry. c th thay i cc kha ny, ngi qun tr cn c cc Cp php tng ng. Trong s cc Cp php ni trn, mt s cn c s duy tr nhiu hn so vi nhng ci cn li. Mt ngi qun tr mng th ng thng c th lm vic vi cc Cp php trn file mi ngy nhng s kh ng bao gi thay i bng tay cc Cp php registry. Trong cc chng 6,7 v 8 bn c hc v cc Cp php Active Directory nhm cho php ngi qun tr

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 387 CHIA S CC TI NGUYN H THNG FILE (Administrator) to v qun tr cc i tng nh: ngi d ng, nhm v my tnh chng hn. Trong nhiu trng hp, cc Cp php Active Directory c chuyn giao mt ln cho cc nhm qun tr c th v kh ng cn phi iu chnh li tr phi c s ti c cu li cu tr c t chc doanh nghip ca bn. Danh sch Kim sot Truy cp (ACL) Chc nng ca cc Cp php ni trn da trn khi nim Danh sch iu khin Truy cp (Access Control List - ACL). Hu ht cc thnh phn ca Windows bao gm cc file, cc ti nguyn chia s, cc i tng ca Active Directory v cc kha ca registry u c mt ACL. ACL thc cht l mt danh sch cc Cp php nhm xc nh xem ai c Cp php truy cp v truy cp n mc no. ACL ca mt thnh phn xc nh bao gm cc Mc vo Kim sot Truy cp (Access Control Entry - ACE). Mt ACE xc nh tn ca Ch th Bo mt ( c th l ngi d ng, nhm hoc my tnh c gn Cp php) v cc Cp php xc nh c gn cho ch th . CH : Vy cc ACL c t u? Ngi qun tr h thng cn phi hiu rng ACL lu n lu n c i km vi cc thnh phn c kim sot ch kh ng phi i km vi cc Ch th Bo mt. V d, mt th mc trn a NTFS c mt ACL cha danh sch cc ngi d ng hay nhm c Cp php truy cp ti th mc . Nu bn xem c tnh ca mt i tng c th, bn s kh ng th tm thy danh sch cc th mc m i tng c php truy cp. y chnh l mt im quan trng khi bn khi bn di chuyn cc thnh phn gia cc v tr khc nhau hoc sao lu ch ng ra mt thit b lu tr khc. Di chuyn cc file t mt a NTFS ti mt a FAT, s lm cho cc Cp php b mt i do h thng file FAT kh ng cha cc ACL. Lm vic trn cc ACL l kh n gin do tt c cc Cp php trn h iu hnh Windows Server 2003 u s dng mt giao din ging nhau. Tt c cc thnh phn h thng c bo v bng cc Cp php u c hp thoi Properties cha th Security, nh c ch ra trong hnh v 9-1. Trong hp thoi ny, phn trn hin th danh sch cc ACE ( chnh l cc ch th bo mt) cn phn di xc nh cc Cp php tng ng c cp cho cc ACE pha trn. Bn c th thm v xa cc ACE khi cn v xc nh cc Cp php c cho php hoc cm cho tng ACE.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 388 CHIA S CC TI NGUYN H THNG FILE

    Hnh 9-1: Th Security trong hp thoi Properties Cc Cp php Cc Cp php trong cc ACE c thit k nhm cung cp cho vic kim sot truy cp mt cch tp trung cho cc thnh phn m ch ng cung cp. Khi bn gn Cp php truy cp n mt th mc cho mt ngi d ng, vic truy cp kh ng ch n thun l C hay Kh ng. Bn c nhiu la chn cho php xc nh mc truy cp m ngi d ng nhn c. Mi Cp php ca h thng Cp php c lit k trn u c mt danh sch cc Cp php ring r nhm xc nh cc loi ti nguyn m ch ng kim sot. Khi to mt ACE, bn la chn mt ch th bo mt sau la chn cc Cp php ring l m bn nh gn cho i tng . V d, cc Cp php NTFS cho php bn xc nh mt ngi d ng c kh nng c cc file trong mt th mc nhng kh ng c php thay i ch ng hoc bn cng c th cp nhiu Cp php hn so vi nhu cu ca anh ta. T y thuc vo ti nguyn bn ang lm vic, bn c th c hng t cc Cp php khc nhau, bn c th kt hp ch ng theo bt k cch no m bn thch. Trong mt s trng hp, s lng cc Cp php chnh xc c th lm cho ngi qun tr ACL cm thy phc tp. n gin ha vn ny, Windows Server 2003 s dng 02 mc Cp php: cc Cp php Chun v Cp php c bit. Cc Cp php Chun l cc Cp php m bn nhn thy trong th Security trong hp thoi Properties. y l cc Cp php m bn c th lm vic hng ngy do ch ng cung cp iu khin c bn ti thnh phn c bo v. Tuy nhin, cc Cp php Chun l s kt hp ca hai hay nhiu Cp php c bit (bn c th c thm v vic s dng cc Cp php c bit ny QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 389 CHIA S CC TI NGUYN H THNG FILE nh th no trong chng ny). truy cp n cc Cp php c bit, bn kch chut vo n t Advanced trong Th Security, hin th hp thoi Advanced Security Settings nh trong hnh v 9.2.

    Hnh 9-2: Hp thoi Advanced Security Settings Trong hp thoi ny, bn c th kim sot qu trnh truy cp ti mt ti nguyn vi mc tp trung cao hn bng cch la chn t mt danh sch y cc Cp php c bit trong hp thoi Permission Entry (xem hnh 9-3 bit thm chi tit). iu ny thng kh ng cn thit trn mt mng th ng dng, nhng mt s cc thit lp v Cp php mc nh c Windows Server 2003 to ra trong sut tin trnh ci t h iu hnh li da trn cc Cp php c bit ny.

    Hnh 9-3: Hp thoi Permission Entry CH : Bn lm vic vi tt c cc h thng Cp php trn Windows Server 2003 theo c ng mt phng php, ngoi tr cc Cp php Chun v c bit c th khc nhau t y thuc vo ti nguyn m bn cn bo v.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 390

    Tnh k tha CHIA S CC TI NGUYN H THNG FILE Mt trong nhng c tnh quan trng ca cc h thng Cp php trn Windows Server 2003 l cc i tng con s tha hng cc Cp php t i tng cha. Cc Cp php lu n lu n i theo mt dng chy da trn tnh cht phn cp ca h thng file, kin tr c phn cp ca dch v Active Direc r to y hay cu tr c ca registry. Khi bn gn Cp php truy cp n mt th mc NTFS hoc chia s, registry cho mt i c cc Cp php ging ht mc NTFS hoc chia s, cc Directory hoc cc kha con

    mt i tng Active Directory hoc kha tng bo mt no , i tng ny cng s nhn khi truy cp n cc th mc con bn trong th i tng con bn trong i tng Active bn trong mt kha xc nh.

    V d, bn gn Cp php cho mt ngi d ng ti th mc gc ca a NTFS iu c ngha rng ngi d ng s nhn c cc Cp php ging ht trn tt c cc file v th mc con nm trn a . Trong hu ht cc trng hp, s k tha Cp php c u im to ln l trnh cho ngi qun tr phi cung cp cc Cp php ring bit cho tng th mc con, tng i tng tr n dch v Active Directory hoc cc kha. Trong thc t, i vi hu ht cc nh qun tr mng, u im tip theo c tnh n ca tnh k tha l ng dng ch ng khi thit k cu tr c dch v th mc, chia s trng thi v cc cy Active Directory. Tuy nhin, trong mt s trng hp s k tha ny l kh ng cn thit v loi b tnh cht mc nh ny ch ng ta c hai phng php: Tt tnh nng k tha: khi bn lm vic trn cc Cp php c bit, bn c th iu khin cc Cp php m bn gn cho mt thnh phn xc nh c c cho mt s hoc tt c cc thnh phn con bn trong k tha hay kh ng. Cm cc Cp php: tt c cc h thng Cp php u cho php bn ngn cm mt Cp php c th i vi mt i tng xc nh. iu ny s ngn cn Cp php k tha m i tng nhn c t cc i tng cha.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 391 CHIA S CC TI NGUYN H THNG FILE khc nhau tng tc vi nhau nh th no. Tt c cc Cp php m mt i tng nhn c mt cch ring r th ng qua tnh k tha v thnh vin nhm u l cc th ng s u vo cho cc lut ny. Ch ng c nhim v kt hp cc Cp php ny li v to nn cc Cp php Hiu dng ca ngi d ng. Cc lut to nn cc Cp php Hiu dng ca cc i tng bao gm: Cc Cp php cho php (Allow) l tch ly: tt c cc Cp php cho php c gn cho mt i tng c kt hp to nn cc Cp php nh hng ca i tng . V d, mt ngi d ng no c gn Cp php truy cp ton quyn (Full Control) n mt th mc trn a NTFS. Tuy nhin l c ny ngi d ng cng ang l thnh vin ca mt nhm c Cp php truy cp ch c (readonly) trn th mc ny. Ngoi ra, ngi d ng cn tha hng Cp php read v write t th mc cha ca th mc ni trn. Trong trng hp ny tt c cc Cp php ca ngi d ng bt k l c gn hay tha hng t bt k ngun no cng s c kt hp li. Cc Cp php ngn cm (Deny) loi b cc Cp php cho php (Allow): cc Cp php deny m mt i tng nhn c s loi b tt c cc Cp php allow bt k t ngun no. V d, nu mt ngi d ng nhn c Cp php truy cp ton quyn ti mt th mc th ng qua tnh k tha v ng thi cng nhn c Cp php truy cp ton quyn th ng qua c ch thnh vin nhm. Tuy nhin

    Cc Cc my Cp Cp cho

    Cp php Hiu dng i tng c gn Cp php thng l cc ngi d ng, nhm hoc tnh, v vy rt d xy ra trng hp mt i tng s nhn c cc php khc nhau t cc ngun khc nhau v trong mt s trng hp cc php ny l xung t vi nhau. V l do ny m c mt s chnh sch php xc nh xem cc Cp php m i tng nhn c t cc ngun

    Cp php m bn to ra nhm ngn chn ngi d ng ny truy cp ti th mc ni trn s ghi tt cc Cp php tha hng t th mc cha v nhm. V vy trong trng hp ny, Cp php Hiu dng ca ngi d ng l kh ng c php (Deny) truy cp ti th mc ny. Cc Cp php gn ring r c mc u tin cao hn cc Cp php k tha: khi mt i tng bo mt k tha cc Cp php t i tng cha hoc th ng qua nhm, bn c th loi b cc Cp php ny bng cch gn trc tip cc Cp php khc nhau cho chnh i tng . Cc Cp php k tha tun theo lut cn cc Cp php gn ring r nm ngoi lut . V vy, cc Cp php cho php gn ring r s loi b cc Cp php k tha ngn cm. CC TH MC CHIA S Khi bn ang ngi vo mt my tnh s dng h iu hnh Windows Server 2003, bn c th truy cp n cc file v th mc trn cc a ca n t QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 392 CHIA S CC TI NGUYN H THNG FILE mn hnh giao din (hay cn gi l bng iu khin h thng System Console) vi gi thit bn c cc Cp php thch hp. Bn cng c th cho php cc ngi d ng trn mng truy cp ti cc file v th mc trn my tnh c a bn, nhng lm c iu trc ht bn phi to mt chia s nhm xc nh nhng g m h c th truy cp. THNG TIN THM Bn c th to ra hai loi chia s trn cc my tnh s dng h iu hnh Windows: cc chia s trn h thng file v cc chia s my in. Trong chng ny bn s c lm quen vi cc chia s trn h thng file. Vic to cc chia s my in s c cp trong chng 10. Tnh nng to ra cc chia s trn Windows Server 2003 c da trn hai dch v c chy trn mi my tnh Windows: dch v Workstation (dch v my trm) v dch v Server (dch v my ch). Hai dch v ny c thc hin bi hai module: Client For Microsoft Networks v File And Printer Sharing For Microsoft Networks. C hai module ni trn u xut hin trong hp thoi Local Area Connection Properties ca tt c cc giao din mng c ci t trn my tnh (xem hnh v 9-4). Dch v Server chu trch nhim to ra cc ti nguyn chia s sn sng trn mng cn dch v Workstation cho php cc my tnh khc truy cp ti nhng ti nguyn ny. CH Workstations v Servers Mc d cc tn ny c nhiu phin bn khc nhau nhng Windows l mt h iu hnh ngang hng (peer-to-peer) c ngha l mi my tnh u c kh nng hot ng c c ch my trm ln my ch. Thm ch cc my tnh kh ng s dng h iu hnh c tn Server trn vn c th chy dch v Server.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 393 CHIA S CC TI NGUYN H THNG FILE

    Hnh 9-4: Hp thoi Local Area Connection Properties Cc chia s d ng qun tr Trc khi bn to ra cc chia s trn h iu hnh Windows Server 2003, c mt s chia s mc nh. Mc nh, tin trnh ci t Windows Server 2003 to ra cc chia s sau nhm mc ch qun tr (xem hnh 9-5):

    Hnh 9-5: Cc chia s qun tr trong snap-in Shared Folders Cc chia s a Mi a trn my tnh u c mt chia s qun

    tr mc nh ti mc gc. Chia s ny s c t tn da theo k t a vit hoa v k t $ (v d C$). K t ny lm cho chia s kh ng c hin th trong My Network Places mc d vn c th truy cp ch ng trc tip bng cch s dng snap-in Shared Folders trong MMC bng vic to mt shortcut hoc s dng Windows Explorer. Mc nh nhm Administrators (nhm qun tr) c gn Cp php Full Control cho cc chia s ny. Cc Cp php ny l kh ng th thay i hay xa c.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 394 CHIA S CC TI NGUYN H THNG FILE Admin$ C:\Windows) t mt chia s Administrators cn bit chnh IPC$ Mt chia s c to ra nhm cung cp qu trnh truy cp t xa ti cc Named Pipe trn my tnh. y l mt phn ca b nh c s dng chuyn th ng tin t mt tin trnh ny sang mt tin trnh khc. Chia s ny l cn thit d thc hin cc c ng vic qun tr my tnh t xa qua mng. Ngoi ra, Windows Server 2003 cn to ra cc chia s qun tr khc khi bn ci t cc thnh phn xc nh: Print$ Khi bn ci t mt my in c chia s u tin trn my tnh, Windows Server 2003 to ra mt chia s n ti th mc <Systemroot>\System32\Spool\Drivers vi tn l Print$. Chia s ny cho php cc h thng khc trn mng truy cp ti cc trnh iu khin my in c ci t tn my tnh. Cc nhm Administrators, Print Operators, Server Operators c Cp php Full Control i vi chia s ny. Nhm ng nht c bit Everyone ch c Cp php Read. Faxclient Khi bn ci t dch v Fax trn my tnh, Windows Server 2003 t ng to ra mt chia s ti th mc C:\WINDOWS\system32\clients\faxclient c tn l faxclient. Chia s ny cho php cc ngi d ng trn mng truy cp n phn mm fax dnh cho my trm. Nhm ng nht c bit Everyone c Cp php Read trn chia s ny. FxsSrvCp$ Khi bn ci t dch v Fax trn my tnh, Windows t ng to ra mt chia s n ti th mc C:\Document and Settings\All Users\Application Data\Microsoft\Windows NT\MSFax\Common Coverpage vi tn chia s l FxsSrvCp$. Chia s ny cho php cc my khch fax truy cp ti cc trang c Th mc gc h thng (mc nh n c ng dn l ng c chia s vi tn Admin$. y cng l n, n cho php cc thnh vin ca nhm truy cp y ti th mc gc h thng m kh ng xc v tr ca ch ng.

    lu trn my ch. Nhm Administrators c Cp php Full Control (ton quyn) trn chia s ny trong khi nhm ng nht c bit Everyone ch c Cp php Read. SYSVOL Khi bn nng cp mt my tnh Windows Server 2003 thnh mt DC (My ch iu khin Min), h thng s chia s th mc <Systemroot>\SYSVOL\sysvol v t tn n l SYSVOL. My ch iu khin Min s dng chia s ny lu tr cc GPO QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 395 CHIA S CC TI NGUYN H THNG FILE (Group Policy Object chnh sch nhm) v cc script (kch bn), ch ng s c nhn bn n cc my tnh khc thuc Min. Cc nhm Administrators v Authenticated Users (nhm nhng ngi s dng c xc thc) c Cp php Full Control trn chia s ny trong khi nhm c bit Everyone ch c Cp php Read. NETLOGON Khi bn nng cp mt my tnh Windows Server 2003 thnh mt My ch iu khin Min, h thng s chia s th mc Systemroot\SYSVOL\sysvol\<tn Min>\SCRIPTS v t tn n l NETLOGON. y l mt chia s c to ra nhm to tnh tng thch ngc cho cc h iu hnh mng trc y. My ch iu khin Min s dng chia s ny nhm cung cp chc nng c bn ging nh SYSVOL cho cc My ch iu khin Min Windows NT4. Nhm Administrators c Cp php Full Control (ton quyn) trn chia s ny trong khi nhm c bit Everyone ch c Cp php Read. CH Cc chia s n Bn cht n ca cc chia s qun tr kh ng gii hn cc chia s xc nh khc. Bn c th n bt k chia s no bng cch s dng k t $ ti cui ca tn chia s. N kh ng ngn nga ngi s dng truy cp ti cc chia s, n ch ngn kh ng cho ch ng hin th trong Windows Explorer. Chun b cho qu trnh to cc th mc chia s to mt h thng file chia s, bn phi c cc quyn sau: Trn My ch iu khin Min: trn my ch iu khin Min, to cc th mc chia s, bn phi l thnh vin ca nhm Administrators hoc Server Operators. Do cc nhm Enterprise Admins v Domain Admins l thnh vin ca nhm Administrators nn cc nhm ny cng c th to cc th mc chia s. Trn My ch thnh vin hoc my trm gia nhp min: to cc th mc chia s trn my ch thnh vin hoc my trm thuc Min, bn phi l thnh vin ca nhm Administrators, Server Operators hoc Power Users. Trn nhm lm vic hay my c lp: to cc th mc chia s trn mt my tnh kh ng phi l thnh vin ca mt Min, bn phi l thnh vin ca nhm Administrators hoc Power Users.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 396

    CHIA S CC TI NGUYN H THNG FILE Trn a NTFS: Nu th mc m bn nh chia s trn NTFS, bn phi ng nhp vo my tnh vi ti khon c t nht Cp php Read rrn th mc . a

    Cng nh nhiu cc c ng vic khc trn Windows Server 2003, bn c th to cc th mc chia s theo nhiu cch. Trong phn sau s cung cp mt s cc c ng c gi p bn to v qun tr cc th mc chia s. CH Mc ch ca k thi Mc ch ca k thi 70-290 yu cu hc vin c th "cu hnh truy cp ti cc th mc chia s" To th mc chia s bng Windows Explorer Phng php th ng dng nht l s dng Windows Explorer la chn th mc cn chia s sau thc hin chia s ch ng. Bn c th chia s bt k th mc no trn bt k a no ca my tnh. Khi ngi s dng trn mng duyt cc th mc chia s, ch ng s xut hin nh cc th mc ring bit nhng kh ng c li ch thch. Tr phi bn ni vi ngi s dng, cn h kh ng th bit c cc th mc chia s nm trn a no hoc v tr ca ch ng. chia s th mc trong Windows Explorer, nhp chut phi vo n v la chn Sharing And Security hin th hp thoi nh trn hnh v 9-6. bn cng c th truy cp ti hp thoi ny bng cch la chn mt th mc ri chn theo ng dn File -> Properties -> Sharing.

    Hnh 9-6: Th Sharing trn hp thoi Properties ca folder Khi bn la chn Share This Folder, bn s thc hin c ng vic kch hot cc iu khin khc trong th Sharing cho php cu hnh cc tham s sau: QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 397 CHIA S CC TI NGUYN H THNG FILE

    Share Name (tn chia s): Xc nh tn hin th trn mng ca th mc chia s. Mc nh, tn ca th mc xut hin trong hp vn bn nhng bn c th t bt c tn no vi chiu di cho php ln ti 80 k t. Trng ny l bt buc. Description (m t): cho php bn cung cp cc th ng tin thm v th mc chia s nh: mc ch ca th mc chia s, ni dung ca n hoc bt k th ng tin khc. Trng ny l kh ng bt buc. User limit (gii hn ngi s dng): cho php bn xc nh c bao nhiu ngi c kh nng kt ni ti th mc chia s ti c ng mt thi im. c tnh ny gi p bn ngn nga tnh trng cc ti nguyn h thng b q a ti do c qu nhiu ngi s dng truy cp ng thi. Permissions (Cp php truy cp): cho php bn xc nh ai c Cp php truy cp n th mc chia s v mc truy cp. bit thm chi tit v vn ny xem phn qun l cc Cp php chia s trong chng ny. Offline Settings (cc thit lp v c ch lm vic kh ng kt ni): c cho php ngi s dng mng lu tr tm thi ni dung th mc chia s trn my tnh ca h hay kh ng. bit thm chi tit v vn ny, xin xem phn iu khin lu tr kh ng kt ni trong chng ny. Mt khi bn hon tt vic cu hnh cc tham s trong th Sharing, nhp OK to th mc chia s. xc nhn th mc c chia s, bn c mt vi phng php bao gm: Trong Windows Explorer, phn My Computer th mc c chia s s c biu tng hnh bn tay m ra.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 398

    CHIA S CC TI NGUYN H THNG FILE

    Trong Windows Explorer, phn My Network Places, mt biu tng th mc chia s s xut hin trn my tnh m bn to n.

    L c ny, cc ngi d ng trn mng c th truy cp n th mc chia s v cc file/th mc bn trong n nu h c Cp php truy cp thch hp. Chia s a bng cch s dng Windows Explorer Bn c th to ra mt chia s cho a c th bng cch s dng Windows Explorer nhng tin trnh thc hin c khc i ch t so vi th ng thng do s tn ti ca chia s qun tr trn mi a. Khi bn la chn a trong Windows Explorer v nhp vo th Sharing, bn s thy mt giao din nh hnh v 9-7.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 399 CHIA S CC TI NGUYN H THNG FILE

    Hnh 9-7: Mt a chia s y, bn c th thy la chn Share This Folder c la chn v tn ca chia s qun tr xut hin trong hp vn bn Share Name. Nu bn mun gn Cp php truy cp cho ngi s dng nhng kh ng mun xung t vi tnh bo mt ca chia s qun tr, bn phi to ra mt chia s th hai ti mc gc ca a. thc hin c ng vic ny, bn nhp New Share hin th hp thoi New Share nh hnh v 9-8.

    Hnh 9-8: Hp thoi New Share Trong hp thoi ny, bn xc nh mt tn mi chia s, m t v n, gii hn s lng ngi s dng, cc Cp php chia s ging nh bn to mt th mc chia s l c trc. Khi bn nhp vo OK, chia s mi c to ra v

    c a vo hp danh sch s Share Name trong th Sharing. By gi bn c th la chn bt k chia s mc gc no t hp lit k th phc v cho c ng tc qun tr. Bt k bn la chn chia s no th n cng c kim sot bi cc th ng s: gii hn v ngi s dng, Cp php v cc thit lp v c ch kh ng kt ni. To th mc chia s bng cch s dng snap-in Shared Folders S dng Windows Explorer l mt phng php thun tin to cc th mc chia s nhng n cng c mt nhc im: bn ch c th to ra cc chia s khi bn ang lm vic trn chnh my tnh . Bn kh ng th la QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 400 CHIA S CC TI NGUYN H THNG FILE chn cc th mc trn cc my tnh khc v chia s n. Tuy nhin, Windows Server 2003 cho php bn thc hin iu nh c ng c Shared Folders, mt dang snap-in MMC. Snap-in Shared Folders c tch hp vo trong mn hnh qun tr Windows Server 2003 nh trn hnh v 9-9. Bn cng c th to mt mn hnh qun tr MMC t y bin cha Shared Folders v bt k snap-in no m bn mun. Nhp vo th mc con Shares ca snap-in s hin th mt danh sch cc chia s hin ti trn my tnh k c nhng chia s n kh ng hin th trong Windows Explorer.

    Hnh 9-9: Snap-in Shared Folders CH Qun l cc chia s t xa qun tr mt my trn mng, la chn biu tng Computer Management tip theo trn thc n Action la chn Computer. Nhp tn my tnh m bn mun qun tr v Sau , bn c th to v qun tr cc chia s trn nh th bn ang lm vic trn my tnh .

    tnh khc (Local), Connect To Another nhp OK. my tnh khc

    to mt chia s mi la chn th mc con Shares v trn thc n Action la chn New Share khi to Trnh hng dn Share A Folder. Trnh hng dn ny bao gm 03 trang: Folder Path (ng dn th mc) xc nh ng dn ti th mc m bn mun chia s

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 401 CHIA S CC TI NGUYN H THNG FILE

    Name, Description, And Settings (tn, m t v cc thit lp) xc nh tn v m t dnh cho chia s. Bn cng c th nhp Change cu hnh cc thit lp kh ng kt ni cho chia s.

    Permissions (cc Cp php) la chn Cp php m bn mun gn cho th mc chia s.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 402 CHIA S CC TI NGUYN H THNG FILE Kt th c Trnh hng dn, h thng s a chia s mi vo danh sch. To mt h thng file chia s bng cch s dng Net.exe Windows Server 2003 cho php bn to chia s t ch dng lnh bng cch s dng chng trnh net.exe vi cu lnh con share. C php cu lnh nh sau: net share <tn chia s>=< a>:\<ng dn> [<cc tham s>] Cc tham s m bn c th a vo trong cu lnh bao gm: /grant:<i tng bo mt>, [read|change|full] gn cho mt i tng bo mt Cp php Read (c), Change (thay i) hoc Full Control (ton quyn iu khin) i vi th mc chia s. /users:<s lng> xc nh s lng ln nht ngi s dng c th truy cp ng thi n th mc chia s. /unlimited kh ng hn ch s lng ngi s dng truy cp n th mc chia s. /cache:[manual|documents|programs|none] cu hnh cc thit lp kh ng kt ni dnh cho th mc chia s. V d di y minh ha vic to mt th mc chia s Documents nm trong th mc C:\Docs v gn cho nhm Users Cp php Read: net share documents=c:\docs /grant:users. read QUN L CC TH MC CHIA S Khi bn to cc h thng file chia s, bn c th qun l ch ng bt c l c no vi Windows Explorer, bng cch s dng th Sharing ca hp thoi Properties m bn s dng chia s. Bn cng c th la chn chia s trong snap-in Shared Folders khi trong thc n Action, la chn Properties hin th hp thoi trn hnh 9-10.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 403 CHIA S CC TI NGUYN H THNG FILE

    Hnh 9-10: Hp thoi Properties ca th mc chia s Hn na, c th thay i cc c tnh chia s c thit lp trong qu trnh to chia s chng hn nh gii hn ngi d ng hoc miu t, bn cng c th cu hnh cc tnh nng c m t trong cc phn di y. Kim sot lu tr kh ng kt ni ( offline) Bo mt thng l mt vn quan trng i vi h thng chia s d liu. Bn mun cc file lu trn th mc chia s lu n lu n sn sng i vi nhng ngi s dng thch hp v ch nhng ngi d ng m th i. Ngi qun tr c th d ng cc Cp php kim sot ai s l ngi c th truy cp n cc th mc chia s nhng anh ta kh ng th lm nh vy i vi cc file ang c s dng. Mt phng n cho php khc phc tnh trng ny l gii hn tnh nng Offline Files (cc file ch kh ng kt ni) ca ngi d ng truy cp ti cc chia s. Khi bn nhn vo la chn Offline Settting trong hp thoi Properties ca chia s, bn s thy hp thoi nh trn hnh v 9-11. y bn c th la chn cc my tnh trm khi truy cp vo chia s c c php lu th ng tin vo b nh m th ng qua tnh nng Windows Offline Files hay kh ng.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 404

    CHIA S CC TI NGUYN H THNG FILE

    Hnh 9-11: Hp thoi Offline Settings Trn Windows Server 2003, Microsoft Windows XP, v Microsoft Windows XP, Offline Files l c ch nhm duy tr mt phin bn ca cc file nm trn my tnh ca ngi s dng khi h truy cp trn mng. Nu lin kt mng ca cc my trm ti my ch b mt hay t, ngi d ng vn c th tip tc lm vic vi cc phin bn ny ca cc file. Khi kt ni c thit lp li, my trm s cp nht nhng thay i trn phin bn offline ln phin bn gc ca cc file nm trn th mc chia s. Vn pht sinh vi cc file offline l cc phin bn nm trn my tnh cc b kh ng c Cp php bo v nh cc file gc nm trn th mc chia s. Cc file nhy cm mc d c bo v cn mt trn th mc chia s nhng khi c lu tr ti cc my trm li kh ng c bo v t no. La chn trong hp thoi Offline Settings s cho php ngi qun tr quyt nh c cho php cc my trm lu cc phin bn offline ca cc file hay kh ng vi tnh nng Offline Files. La chn ny c miu t nh sau: CH : S dng Net.exe Bn cng c th cu hnh cc thit lp offline t dng lnh, bng cch s dng chng trnh Net.exe vi cu lnh con share. Cc th ng s dng lnh tng ng vi cc la chn trong hp thoi Offline Settings c lit k di y. Only The Files And Programs That Users Specify Will Be Available Offline (Ch cc file v chng trnh m ngi s dng xc nh mi c th d ng offline): cho php ngi d ng la chn ti liu v cc chng trnh c lu tr offline trn cc my trm ca ngi s dng. Cc tham s dng lnh cho Net.exe l /cache:manual All Files And Programs That Users Open From The Share Will Be Automatically Available Offline (Tt c cc file v chng trnh m ngi s dng m t th mc chia s s t ng offline) QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 405 CHIA S CC TI NGUYN H THNG FILE T ng lu tt c ti liu chia s offline trn cc my trm ca ngi s dng. nh du chn ti hp kim tra Optimized For Performance s t ng ghi vo b nh m tt c cc chng trnh d ng thc thi ni b trn my trm. Cc tham s dng lnh cho Net.exe l /cache:documents v /cache:programs. Files And Programs From The Share Will Not Be Available Offline (Cc file v chng trnh trn th mc chia s s kh ng

    c d ng c ch offline) Ngn kh ng cho tt c cc ti liu v cc file thc thi c lu tr offline trn my trm. Cc th ng s dng lnh tng ng cho Net.exe l /cache:none. C ng b cc th mc chia s trong Active Directory Khi bn nhn th Publish trn hp thoi Properties ca th mc chia s trong snap-in Shared Folders (xem hnh 9-12), th ny s cho php bn c ng b cc th mc chia s trn Active Directory. C ng b cc th mc chia s trn Active Directory kh ng c ngha l lu ch ng trong c s d liu ca Active Directory m n s to ra mt i tng th mc chia s tr n v tr thc s ca th mc ny trn mng. Khi th mc chia s c c ng b, ngi d ng c th tm kim n trn Active Directory bng cch s dng ngay c ng c Active Directory Users and Computers.

    Hnh 9-12: Th Publish trong hp thoi Properties ca th mc chia s c ng b mt th mc chia s trn Active Directory, bn cn la chn hp kim tra Publish This Share In Active Directory v cung cp tn ca ngi s hu th mc chia s . Bn cng c th cung cp cc t kha miu t

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 406 CHIA S CC TI NGUYN H THNG FILE ni dung i tng chia s nhm tng tnh hiu qu ca qu trnh tm kim th ng tin. Qun l cc Cp php chia s Nh cp trong chng trc, cc i tng chia s u c cc h thng Cp php ring cho php ai c php truy cp ch ng. xc nh Cp php cho cc th mc chia s, bn c th d ng mt trong cc giao din sau: Trong Windows Explorer, m hp thoi Properties ca th mc v nhn Permissions trong phn th Sharing. Trong snap-in Shared Folders, m hp thoi Properties ca th mc chia s v chn th Share Permissions. CH : Mc tiu ca k thi M n thi 70-290 yu cu hc vin c th "qun l cc Cp php chia s th mc"

    Bt k bn d ng phng php no, bn u thy giao din nh trn hnh 913.

    Hnh 9-13: Th Share Permissions trong hp thoi Properties ca th mc chia s H thng phn Cp php cho cc chia s l mt trong nhng h thng n gin nht trong Windows Server 2003. Trong trng hp ny, kh ng c s phn bit gia cc Cp php Chun v Cp php c bit m ch c 3 Cp php n gin nh sau:

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 407 CHIA S CC TI NGUYN H THNG FILE Read (c): Ngi d ng c th hin th tn th mc, tn file, ni dung file v cc thuc tnh. Ngi d ng cng c th thc thi cc file chng trnh (v d cc file .exe, .com,.) v truy cp ti cc th mc khc trong th mc chia s. Change (Thay i): Ngi d ng c th to cc th mc, thm file vo th mc, thay i ni dung ca file, thm d liu vo file, thay i thuc tnh file, xa th mc v file cng nh thc hin cc hot ng cho php trn Cp php Read. Full Control (Ton quyn iu khin): ngi d ng c th thay i cc Cp php truy cp file, chim Cp php s hu file v thc hin mi c ng vic cho php trn Cp php Change. thit lp cc Cp php truy cp, nhp vo Add, la chn i tng bo mt (nh ngi d ng, nhm hoc my tnh) ri xc nh cc Cp php m bn cho php hay ngn cm i vi cc i tng . Bn c th chn cc i tng c sn trong danh sch Group Or User Names thay i cc Cp php theo mun. S dng cc Cp php chia s Cc Cp php chia s l mt dng ca iu khin truy cp nhng ch cung cp mt cch hn ch kh nng bo v cho cc file chia s. Mt vi hn ch ca cc Cp php chia s bao gm: Phm vi b gii hn: cc Cp php chia s ch p dng cho cc truy cp ti file v folder qua mng. Cc Cp php chia s ny

    kh ng ngn chn c kh nng truy cp ca ngi s dng khi h lm vic ngay trn my tnh cha th mc ny hoc truy cp n my tnh bng cc c ng c khc nh: Web, FTP, Telnet v cc ng dng Terminal Server. Thiu tnh mm do: Cc Cp php truy chia s kh ng c tnh mm do. Ch ng ch cung cp mt phng tin chia s n gin vi ba la chn, c ng dng cho mi file v th mc bn di th mc chia s. Bn kh ng th thay i Cp php chia s cho cc th mc hoc file c th bn trong th mc chia s. Kh ng th sao chp: cc Cp php chia s kh ng th sao chp bng dch v sao chp file (FRS - File Replication Service) Kh ng c tnh phc hi: Cc Cp php chia s kh ng th sao lu c hoc phc hi khi xy ra mt mt d liu.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 408 CHIA S CC TI NGUYN H THNG FILE D mt: Cc Cp php chia s s b mt khi bn di chuyn hay i tn th mc ang chia s. Kh ng kim sot (Audit): Bn kh ng th cu hnh s kim sot da trn cc Cp php chia s. u im duy nht ca cc Cp php chia s l n gin ha h thng v ch ng lu n sn sng i vi mi h thng file c Windows Server 2003 h tr. Trong a d ng h thng file FAT, cc Cp php chia s l cch duy nht qun l s truy cp vo a. Trong cc mng nh vi t cc yu cu bo mt, Cp php chia s c th l mt gii php chp nhn c. Tuy nhin trong hu ht cc trng hp, ngi qun tr mng s la chn cc Cp php linh hot v mnh m hn c cung cp bi h thng file NTFS. Nu bn la chn gii php ny, cn ch n cc im sau: H thng Cp php chia s s vn c bt k bn c d ng NTFS hay kh ng H thng Cp php chia s l hon ton c lp i vi h thng Cp php NTFS C hai h thng Cp php ny u c th p dng trn c ng mt i tng. Do , cch tt nht s dng Cp php NTFS qun l truy cp l cho tt c ngi s dng (c bit n th ng qua nhm Everyone) Cp php Full Control trn tt c cc th mc chia s. iu ny s trnh mi xung t gia hai h thng Cp php. Ngha l bn nn s dng mt trong hai Cp php ni trn qun l file nhng kh ng nn d ng ng thi c hai. Nu kh ng d ng cch ny, Cp php Hiu dng ngi d ng nhn c l s kt hp Cp php ca c hai h thng. V d nu bn gn Cp php chia s c (Read) v Cp php NTFS l ton quyn iu khin (Full Control) cho nhm Users th tng hp li ngi s dng s ch nhn c cc gii hn do Cp php chia s cung cp. iu ny, c ng vi s phc tp khi tha k, thnh vin nhm, cc Cp php b t chi c th s gy nn mt cn c mng. Mt trong nhng nguyn nhn th ng thng nht i vi vic truy cp h thng file chia s l xung t gia Cp php chia s v Cp php NTFS. Khi gii quyt cc vn nh th ny, cn kim tra c hai loi Cp php chc chn ngi d ng nhn c Cp php truy cp ti file h cn.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003

    409 CHIA S CC TI NGUYN H THNG FILE THNG TIN THM: Li ch v kh nng ca h thng Cp php NTFS s c miu t chi tit phn sau ca chng ny. Cp php chia s mc nh Tt c cc h iu hnh windows trc y cho n Windows 2000, khi to ra mt th mc chia s mi mc nh Cp php Full Control s c gn cho tt c ngi d ng (Everyone). iu ny khin cc chia s c l m toang theo quan im bo mt, d dng hn cho ngi qun tr khi ln k hoch cc Cp php NTFS, nhng gy kh khn cho nhng ngi mun d ng cc Cp php chia s. K t Windows XP tr i , cc Cp php mc nh cho cc file chia s c thay i. Windows XP v Windows 2003 Server gn Cp php Read cho nhm ng nht c bit Everyone v trao Cp php Full Control cho nhm qun tr Administrators . ngha nu mun d ng cc Cp php NTFS kim sot truy cp, bn phi nh thay i bng cch gn Cp php Full Control cho nhm Everyone. To chin lc cho h thng file chia s Chin lc n gin nht cho h thng file chia s l chia s th mc gc ca cc a (volume) trn mi my tnh trn mng. Tuy nhin c hai l do khin y l mt phng php ti: Gy nhm ln: Khi ngi d ng gp cc chia s khc nhau th hin cho cc a trn cc my tnh khc nhau, s rt kh khn cho h tm ra u l file m h mun tm. Ngi d ng c th phi tm kim qua mt vi h thng khc nhau trc khi h c th xc nh ng v tr file cn tm. Thm ch vi mt a ln duy nht, chia s t th mc gc c th dn ti cu tr c th mc ln v phc tp. Bo mt: chia s ton b a, c bit l cc a h thng s cho php ngi d ng c Cp php truy cp ti rt nhiu file v th mc m h kh ng nn nhn thy. Ngi d ng th ng thng kh ng cn truy cp ti cc file h thng v ng dng trn cc my tnh khc, h c th gy h hng nu v tnh xa mt mt file hay th mc cn thit. Gii php cho vn ny l to chia s i vi th mc xc nh ch kh ng phi trn c a. Trn thc t, snap-in Shared Folders s hin th mt hp thoi cnh bo khi bn c gng chia s mt a no v l do bo mt. Cc file thng c truy cp qua mng l cc file ti liu v d liu. Do , bn nn t chc cc cu tr c th mc trn h thng sao cho cc ti liu v

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 410 CHIA S CC TI NGUYN H THNG FILE cc file chia s c lu trn th mc c tn ring v to cc Cp php chia s trn cc th mc ny. Chia s cc a di ng Mt ngoi l i vi chin lc trn l khi bn chia s file trn cc a di ng nh: CD-ROM, DVD-ROM hay cc bng. Kh ng c g ngn cn bn thc hin c ng vic chia s mt th mc trn cc a ny nhng cn nh rng chia s s ch c hiu lc khi a hoc bng lu th mc nm trong . Chia s gc ca cc ny cho php bn hon i cc phng tin theo mun m vn m bo tnh sn sng ca th mc chia s.

    iu ny c

    Lng cc chia s Nh c cp trn, bn c th chia s bt k th mc no trn a, thm ch c cc th mc nm trong cc th mc c chia s. V d: bn c th chia s a D vi tn chia s D, sau to ra mt th mc chia s khc D:\docs vi tn chia s Docs. Hai i tng ny c th c cc Cp php truy cp khc nhau. Tuy nhin bn cn nh rng mc d cc th mc chia s lng vo nhau trn Windows Explorer nhng i vi ngi d ng trn mng th ch ng vn l hai i tng chia s ring bit v hon ton c lp. Hn na, cc Cp php cho hai i tng cng ring bit. V d nh nu bn gn cho ngi d ng Cp php Full Control trn D v ch cho Cp php Read trn Docs, s gii hn Cp php truy cp trn th mc D:\docs qua i tng Docs kh ng nh hng ti Cp php iu khin ton b ca h khi truy cp ti th mc d ng i tng D. S DNG CC CP PHP NTFS Windows 2003 Server h tr hai h thng file chnh: FAT v NTFS. H thng file FAT c pht trin t h iu hnh MS-DOS cung cp cc chc nng c bn nhng c rt t cc tnh nng dnh cho lu tr trn mng. Thun li duy nht khi s dng cc a FAT l bn c th khi ng my tnh bng a khi ng MS-DOS v vn c th truy cp c ti ch ng. H thng file NTFS c gii thiu u tin trn Microsoft Windows NT 3.1 bao gm mt s cc tnh nng thun tin cho ngi qun tr mng. Tnh nng quan trng nht m NTFS mang li l cho php bn cung cp cc Cp php mt cch chi tit n tt c cc file v th mc trn a. CH : Mc ch ca k thi: Mc ch ca m n thi 70-290 yu cu hc vin c th "cu hnh H thng cp php file"

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 411 CHIA S CC TI NGUYN H THNG FILE Mi file v th mc trn a NTFS c mt ACL cha cc ACE, lit k cc i tng bo mt c gn Cp php trn cc file/th mc . Khi ngi d ng truy cp ti mt file hoc th mc, h thng s so snh th truy cp b mt ca ngi s dng (cha cc nhn dng bo mt (SIDs) ca ti khon ngi d ng) vi cc SID trong cc ACE ca ACL (cc SID ny l ca cc nhm m ngi d ng l thnh vin). Mt khi ngi s dng c xc thc, Cp php truy cp ti file/folder s c cp. So vi Cp php chia s c cp trong chng trc, Cp php NTFS c rt nhiu u im bao gm: Phm vi (scope): cc Cp php NTFS p dng trn file v th mc bt k phng php m n c truy cp. Ngi d ng truy cp cc b hay kt ni qua mng bng bt c phng tin no u b qun l bi cc Cp php ging nhau. Tnh linh hot (Flexibility): NTFS cung cp mt danh sch di cc Cp php c bit, ch ng c th kt hp li vi nhau to nn cc Cp php chun, u c th p dung cho bt c file/folder no trn a. ng thi NTFS cho php iu khin ton b th ng qua tnh k tha Cp php. Tnh sao chp (replication): Cp php NTFS c sao chp bi FRS. Tnh gi nguyn trng thi (resilience): khi sao lu hay kh i phc d liu trn mt a, cc Cp php NTFS cng c nh km. V vy bn kh ng phi lo lng v vic sa cha li cc Cp php NTFS khi c s c xy ra. Kh ng thay i (Less fragile): Cp php NTFS s kh ng b mt

    nu bn di chuyn hay i tn file/folder c cc Cp php ang p dng (min l file hay th mc vn nm trn c ng NTFS) Kh nng kim nh (Audit): bn c th gim st v ghi li qu trnh truy cp ti cc file/folder NTFS ca cc i tng bo mt. Lm vic vi cc Cp php NTFS phc tp hn nhiu so vi Cp php chia s, nhng vi cc tnh nng bo v m n em li th NTFS thc s l mt c ng c tuyt vi cho ngi qun tr mng. Qun tr cc Cp php NTFS chun Hu nh ngi qun tr mng u lm vic vi cc Cp php NTFS chun v n cung cp tnh linh hot kim sot truy cp ti cc file/folder chia s. Trong Windows Explorer, mi file v th mc trn a NTFS u c QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 412 CHIA S CC TI NGUYN H THNG FILE hp thoi Properties vi th Security nh trn hnh 9-14, bn c th d ng thit lp cc Cp php NTFS chun cho file/folder cng nh truy cp ti cc Cp php iu khin phc tp hn c tho lun phn di ca chng ny.

    Hnh 9-14: Th Security ca mt th mc NTFS. CH : Qun tr NTFS t xa Windows Explorer c kh nng cu hnh cc Cp php NTFS cho bt c file hay th mc no trn mng min l ngi s dng c cc c quyn ph hp. iu ny tri ngc vi Cp php chia s ca Windows Explorer, ch d ng c trong cc h thng file cc b. Qu trnh gn cc Cp php NTFS chun cho file/folder tng t nh vic gn cc Cp php chia s. Bn phi chn i tng chia s trong danh sch "Group Or User Names" hay nhp "Add" thm i tng bo mt mi. Tip theo bn phi la chn cc hp kim tra Allow (cho php) hay Deny (cm) trn cc Cp php m bn mun cung cp cho i tng trong hp Permissions. Cc Cp php NTFS chun v cc c ng vic m bn c th thc hin c vi cc Cp php c lit k trn bng 9-1. CH : Cc Cp php trn file/folder C mt s khc bit nh gia Cp php c gn mt file v th mc. Cp php List Folder Contents (lit k ni dung th mc) kh ng p dng cho file.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 413 CHIA S CC TI NGUYN H THNG FILE Bng 9-1: Cc Cp php NTFS chun Cp php NTFS chun Khi gn cho mt th mc, cho php ch th bo mt: Khi gn cho mt file, cho php ch th bo mt: Read Xem cc file v cc th mc con trong th mc . c ni dung file Xem ch s hu, cc Cp php v cc c

    Read and Excute

    Write

    Modify Xem ch s hu, cc Cp php v cc c tnh ca th mc. Cho php i qua cc th mc b ngn cn ti cc file v th mc khc. Cho php thc hin tt c cc chc nng do Cp php Read v List Folder Contents cung cp. To cc file v cc th mc con mi bn trong mt th mc. Thay i cc c tnh th mc. Xem ch s hu v cc Cp php trn th mc tt c do Cp v Cp Xa th mc Cho php thc hin cc chc nng php Write php Read

    tnh ca file.

    Cho php thc hin tt c cc chc nng do Cp php Read cung

    cp.

    Chy cc ng dng

    Cho php ghi ln file Thay i cc c tnh ca file Xem ch s hu v cc Cp php trn file

    Thay i file Xa file Cho php thc hin tt c cc chc nng do Cp php Write v QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 414 CHIA S CC TI NGUYN H THNG FILE

    List Folder Contents

    Full Control and Excute cung cp. Xem cc tn ca cc file v cc th mc con cha trong th mc cha. Thay i cc Cp php trn th mc Chim Cp php s

    hu th mc Xa cc th mc con v cc file nm trong th mc cha Cho php thc hin tt c cc chc nng do tt c cc Cp php NTFS khc cung cp. Cp php Read and Excute cung cp.

    Thay i cc Cp php trn file Chim Cp php s hu file Cho php thc hin tt c cc chc nng do tt c cc cp php NTFS khc cung cp.

    CH : Cc Cp php tha k Khi hp kim tra trong th Security c chn v c mu xm, c ngha l Cp php ny c k tha t th mc cha. S dng cc thit lp bo mt nng cao Giao din c bn trong th Security cho php ngi qun tr thit lp cc Cp php th ng thng nhanh chng v d dng nhng n kh ng cung cp nhiu th ng tin hay cung cp c ng c s dng ht cc tnh nng ca h thng file NTFS. Nhn vo n t Advanced trong hp thoi Advanced Security Settings (hnh v 9-15) bn s thu c giao din tng t nh bn xem ACL thc s ca file hay th mc trong giao din ha ca Windows.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 415 CHIA S CC TI NGUYN H THNG FILE

    Kh ng p dng

    Hnh v 9-15: Hp thoi Advanced Security Settings Th Permissions mc nh ca hp thoi Advanced Security Settings cha mt danh sch cc mc vo Cp php, v c bn y l mt danh sch ca cc ACE ring l trong ACL ca file/folder. Mi mc vo cha cc th ng tin sau: Type (loi) Cho bit mc vo cho php hay t chi Cp php Name (tn) Cho bit tn ca i tng bo mt nhn cc Cp php . Permission (Cp php): cho bit cc Cp php NTFS chun c gn cho i tng bo mt. Nu ACE c d ng gn cc Cp php c bit, t "Special" s xut hin trong trng ny. Inherited From (k tha t) Cho bit Cp php c c k tha kh ng v nu c th k tha t u. Apply to (p dng cho) Cho bit Cp php ny c c p dng cho cc th mc con hay cc file bn trong n hay kh ng. Nu c th l nhng th mc con hoc file no. Danh sch cc mc vo Cp php c th cha nhiu mc vo cho c ng mt i tng. iu c ngha rng i tng nhn c nhiu Cp php t cc ngun khc nhau v d nh c Cp php c gn trc tip cho i tng, c Cp php c k tha hoc c th c cc i tng c thit lp c hai Cp php Allow v Deny. Trong trng hp ny, mi mc vo trong danh sch c qun l ring bit. lm vic vi mi mc vo trong danh sch, n la chn v nhn Edit m hp thoi Permission Entry. Ngoi

    ra, ch c hai iu khin c kch hot trong hp thoi Advanced Security Settings cung cp thm hai la chn:

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 416

    CHIA S CC TI NGUYN H THNG FILE Allow Inheritable Permissions From The Parent To Propagate To This Object And All Child Objects (cho php cc Cp php k tha t i tng cha c truyn n i tng ny v tt c

    cc i tng con): Xc nh xem cc file/folder c k tha Cp php t i tng cha hay kh ng. Mc nh hp kim tra ny c la chn. Khi bn loi b la chn ny mt th ng bo s xut hin cho php hoc xa b hoc gi li cc Cp php k tha t th mc cha xung. Nu bn la chn gi li, cc Cp php nh hng vn c gi nguyn nhng file/folder kh ng cn k tha Cp php t th mc cha na. Nu bn thay i cc Cp php trn th mc cha, file v cc th mc con s kh ng b nh hng g. Replace Permission Entries On All Child Objects With Entries Shown Here That Apply To Child Objects (Thay th Mc vo Cp php y cho cc i tng con) La chn ny lm cho cc i tng con c tha hng cc Cp php t th mc ny tr cc Cp php c gn ring ch ng. Hp kim tra ny ch p dng cho cc th mc. Qun l cc Cp php c bit Khi bn thay i mt trong cc Mc vo Cp php trong hp thoi Advanced Security Settings hay thm mt Mc vo mi vo hp thoi bn u nhn c hp thoi Permission Entry c m t trong hnh 9-16. Ln u tin, bn truy cp trc tip n cc Cp php c bit to nn xng sng ca h thng Cp php NTFS.

    Hnh 9-16: Hp thoi Permission Entry NTFS c 14 Cp php c bit, chc nng ca ch ng c m t chi tit di. Trong trng hp cc Cp php c bit xut hin theo cp v c

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 417 CHIA S CC TI NGUYN H THNG FILE ngn cch bi mt du cho c ngha l Cp php u tin s c p dng cho th mc v Cp php tip theo s p dng cho file. Traverse Folder/Execute File (duyt th mc/thc thi cc file) Cp php Traverse Folder cho php hay ngn cm cc i tng bo mt kh nng di chuyn qua cc th mc m h kh ng c Cp php truy cp, v vy h c th ti c file hay th mc m h c Cp php. Cp php ny ch p dng cho cc th mc. Cp php Execute File cho php hay ngn cm cc i tng chy chng trnh. Cp php ny ch p dng cho file. List Folder/Read Data (Lit k th mc/c d liu) Cp php

    List Folder cho php hay ngn cm cc i tng bo mt kh nng hin th file v tn cc th mc con. Cp php ny ch p dng vo cc th mc. Cp php Read Data cho php hay ngn cm cc i tng xem ni dung file. Cp php ny ch p dng cho cc file. Read Attributes (c thuc tnh) Cho php hay ngn cm cc i tng bo mt kh nng xem cc thuc tnh NTFS ca file hay th mc. Read Extended Attributes (c thuc tnh m rng) Cho php hay ngn cn cc i tng bo mt kh nng xem cc thuc tnh m rng ca file hay th mc. Create Files/Write Data (to cc file/thay i ni dung) Cp php Create Files cho php hay ngn cn i tng bo mt kh nng to file trong th mc. Cp php ny ch p dng cho cc th mc. Cp php Write Data cho php hay ngn cm i tng kh nng thay i ni dung file sn c. Cp php ny ch p dng cho cc file. Create Folders/Append Data (To th mc/Chn d liu) Cp php Create Folders cho php hay ngn cn i tng bo mt kh nng to th mc con trong mt th mc. Cp php ny ch p dng cho cc th mc. Cp php Append Data cho php hay ngn cm i tng kh nng thm d liu vo cui file nhng kh ng c thay i ni dung sn c trong file. Cp php ny ch p dng cho file. Write Attributes (thay i thuc tnh) Cho php hay ngn cm i tng bo mt kh nng thay i cc thuc tnh NTFS ca mt file hay th mc sn c.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 418 CHIA S CC TI NGUYN H THNG FILE Write Extended Attributes (thay i thuc tnh m rng) Cho php hay ngn cm i tng bo mt kh nng thay i cc thuc tnh m rng ca mt file hay th mc sn c. Delete Subfolders and Files (Xa cc th mc con v file) Cho php hay ngn cm i tng bo mt kh nng xa cc th mc con v file thm ch Cp php Delete kh ng c gn cc th mc con hay file. Delete (xa) Cho php hay ngn cm i tng bo mt kh nng xa file hay th mc. Read Permissions (cho php hin th cc Cp php) Cho php hay ngn cm i tng bo mt kh nng c cc Cp php trn file hay th mc. Change Permissions (Thay i Cp php) Cho php hay ngn cm i tng bo mt kh nng thay i cc Cp php ca file hay th mc. Take Ownership (Chim quyn s hu) Cho php hay ngn cm i tng bo mt kh nng chim quyn s hu ca file hay th mc. Synchronize (ng b) Cho php hay ngn cm cc thread (chui) khc nhau ca mt multithread (a chui), cc chng trnh a x l c kh nng ch i vic iu khin file hay th mc v ng

    b n vi cc thread khc th ng bo cho n. Hp thoi Permission Entries cho mt ACE hin th cc Cp php c bit ring r m v chc nng n tng ng vi cc Cp php NTFS chun c xc nh trong hp thoi Advanced Security Settings. Cc Cp php c bit to nn su Cp php NTFS chun c lit k trong bng 9-2. Bng 9-2: Cc Cp php NTFS chun v cc Cp php c bit tng ng Cp php NTFS chun Read Cc Cp php c bit List Folder/Read Data (lit k th mc/c d liu) Read Attributes (c cc c tnh) Read Extended Attributes (c cc c

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 419

    Read and Excute

    Modify

    Write CHIA S CC TI NGUYN H THNG FILE tnh m rng) Read Permissions (c cc Cp php) Synchronize (ng b) List Folder/Read Data (lit k th mc/c d liu) Read Attributes (c cc c tnh) Read Extended Attributes (c cc c tnh m rng) Read Permissions (c cc Cp php) Synchronize (ng b) Traverse Folder/Execute File (cho php duyt th mc/thc thi file) Create Files/Write Data (to cc file/c kh nng ghi d liu) Create Folders/Append Data (to th mc/thm d liu) Delete (xa) List Folder/Read Data (lit k th mc/c d liu) Read Attributes (c cc c tnh) Read Extended Attributes (c cc c tnh m rng) Read Permissions (c cc Cp php) Synchronize (ng b) Traverse Folder/Execute File (cho php duyt th mc/thc thi file)

    Write Attributes (thay i cc c tnh) Write Extended Attributes (thay i cc c tnh m rng) Create Files/Write Data (to cc file/c kh nng ghi d liu) QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 420

    List Folder Contents

    Full Control CHIA S CC TI NGUYN H THNG FILE Create Folders/Append Data (to th mc/c kh nng thm d liu) Read Permissions (c cc Cp php) Synchronize (ng b) Write Attributes (thay i cc c tnh) Write Extended Attributes (thay i cc c tnh m rng) List Folder/Read Data (lit k th mc/c d liu)

    Read Attributes (c cc c tnh) Read Extended Attributes (c cc c tnh m rng) Read Permissions (c cc Cp php) Synchronize (ng b) Traverse Folder/Execute File (cho php duyt th mc/thc thi file) Change Permissions (thay i cc Cp php) Create Files/Write Data (to cc file/c kh nng ghi d liu) Create Folders/Append Data (to th mc/c kh nng thm d liu) Delete (xa) Delete Subfolders and Files (xa cc th mc con v cc file) List Folder/Read Data (lit k th mc/c d liu) Read Attributes (c cc c tnh) Read Extended Attributes (c cc c tnh m rng) Read Permissions (c cc Cp php)

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 421 CHIA S CC TI NGUYN H THNG FILE Synchronize (ng b) Take Ownership (ot Quyn s hu) Traverse Folder/Execute File (cho php duyt th mc/thc thi file) Write Attributes (thay i cc c tnh) Write Extended Attributes (thay i cc c tnh m rng) Khi thay i mt Mc vo Cp php, bn c th thay i bt k th ng s no di y: Name (Tn) Xc nh tn ca i tng bo mt c gn Cp php. Khi bn mun thay i Cp php t mt i tng ny sang mt i tng khc, thay v to ra mt ACE mi, bn c th d ng giao din ny thay i tn i tng c gn Apply Onto (Gn cho) Xc nh i tng no c gn Cp php bng cch s dng cc la chn trn hnh 9-17. Giao din ny cho php bn iu khin hon ton tnh k tha cc Cp php c gn cho mt th mc cha: cho cc file, cc th mc, cc th mc con v cc file su hn na.

    Hnh 9-17: Cc la chn Apply Onto Permissions (Cp php) Xc nh cc Cp php c bit c gn cho cc i tng bo mt. Hp danh sch Permissions bao gm tt c cc Cp php c bit c th d ng c lit k trn cng thm Cp php NTFS chun Full Control. CH : S dng la chn Apply Onto Khi bn s dng la chn Apply Onto gi hn cc i tng nhn Cp php k tha, tt c QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 422 CHIA S CC TI NGUYN H THNG FILE cc th mc con v file vn nhn c ACE t th mc cha. ngn kh ng cho cc i tng con k tha ch cn ngn kh ng cho ch ng nhn cc Cp php trong ACE. Trng hp ACE c k tha bi mt s lng ln cc i tng con iu ny s nh hng ti hot ng ca mng, khi s dng la chn Apply Onto s kh ng phi l mt gii php tt gii hn k tha Cp php.

    Hin th cc Cp php Hiu dng Mc d h thng Cp php NTFS phc tp nhng rt may mn l Windows Server 2003 cha mt c ch cho php hin th Cp php Hiu dng ca mt i tng bo mt trn mt file hoc th mc xc nh. xem cc Cp php Hiu dng, hy m hp thoi Advance Security Settings ca file hoc th mc v chn th Effective Permissions nh trn hnh 9-18. Khi bn nhn Select v xc nh tn ca i tng bo mt trong hp thoi "Select User, Computer, Or Group" hp kim tra trong danh sch Effective Permission s thay i hin th Cp php tng hp i tng nhn c.

    Hnh 9-18: Th Effective Permissions ca hp thoi Advanced Security Settings CH Mc tiu ca k thi Mc tiu cho m n thi 70-290 yu cu hc vin c th "xc nh Cp php Hiu dng khi gn Cp php" Mc d th Effective Permissions rt thun tin sa cc li lin quan ti vic truy cp cc file chia s tuy nhin n cng kh ng c tht s hon ho.

    Cp php Hiu dng hin th trn giao din ny c xc nh nh tng hp cc vn sau: Cc Cp php c gn ring r cho i tng Cp php k tha t i tng cha QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 423 CHIA S CC TI NGUYN H THNG FILE Cp php k tha t nhm cc b hay Min Tuy nhin danh sch Cp php Hiu dng kh ng tnh n cc Cp php chia s hay Cp php c k tha t cc nhm ng nht c bit do ch ng ph thuc vo trng thi truy cp ca i tng bo mt. V d, th Effective Permissions c th ch ra rng mt nhm c th c Cp php Full Control trn mt th mc ca a chia s. Tuy nhin nu bn vn s dng Cp php chia s mc nh iu c ngha l nhm ng nht c bit everyone ch c Cp php Read (c) tc l nhm ny ch c Cp php c bt k Effective Permissions hin th nh th no. Cng theo cch nh vy, Cp php Hiu dng kh ng th tnh n trng thi truy cp ca i tng bo mt ti mt thi im bt k. Windows Server 2003 cho php gn Cp php da trn cc nhm ng nht c bit nh: Truy cp nc danh (Anonymous Logon), quay s qua ng thoi (Dialup) v tng tc (Interactive). Nh hc chng 7, nhng ng nht c bit ny c xc nh da trn cch m ngi d ng truy nhp vo h thng hay mng. V d mt ngi s dng truy cp vo mng bng cch s dng dialup l mt phn ca nhm ng nht c bit Dialup trong sut qu trnh kt ni . V i tng bo mt kh ng cn truy nhp khi bn xem Cp php Hiu dng ca h v vy kh ng c cch no h thng c th bit c ng nht c bit no s c nh hng ti cc i tng khi h truy nhp. CH : Lin quan n Cp php Hiu dng xem xt cc Cp php c cp cho cc nhm ng nht c bit c th c nh hng th no ti ngi s dng ca bn, bn c th d ng th Effective Permissions hin th Cp php Hiu dng ca mt nhm ng nht c bit no , sau bn c th chuyn nhng kt qu vo Cp php Hiu dng ca ngi s dng. S hu ti nguyn (Resource Ownership) Mi file v th mc trn h thng file NTFS (cng nh mi i tng trn Active Directory) u c mt ch s hu. Mc nh, ch s hu l ngi to ra file hay th mc . Trong trng hp file hay th mc c to bi h iu hnh th nhm Administrators s l ch s hu. Tuy nhin cc thnh vin ca nhm Administrators hoc nhng ngi s dng c cp Cp php c bit Take Ownership (chim quyn s hu) i vi file hay th mc u c kh nng chim ot quyn s hu ca file hay th mc ti bt k thi im no.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 424 CHIA S CC TI NGUYN H THNG FILE CH Mc tiuca k thi Mc tiu ca m n thi 70-290 yu cu hc vin c kh nng "thay i quyn s hu ca file hay th mc" Quyn s hu file hay th mc c hai mc tiu chnh sau Cc ch s hu c th thay i cc ACL Bt k ch s hu ca mt file hay th mc c Cp php g anh ta vn c th thay i

    c ACL ca file hay th mc. V vy c th coi s s hu nh mt c ch d phng khi c mt ai kha file hay th mc i vi tt c mi ngi. V d nu bn to mt file mi v ngu nhin b ht mi Cp php ca bn i vi file , quyn s hu file cho php bn c th thay i ACL v kh i phc li cc Cp php. Hn ngch a c xc nh theo ch s hu Hn ngch a cho php ngi qun tr theo di v kim sot mi ngi s dng c th s dng bao nhiu kh ng gian a cng trn my ch. Bn s c hc vn ny trong chng 12. Ngoi Cp php Take Ownership (chim quyn s hu) cng c hai Cp php nhm cung cp kh nng qun l ch s hu ca file hoc th mc NTFS: Take Ownership Of Files Or Other Objects (chim quyn s hu ca cc file v cc i tng khc) Ngi d ng hay nhm s hu Quyn ny c th chim quyn ca bt k file hay th mc NTFS. Mc nh, nhm Administrators nhn c quyn ny t chnh sch nhm Default Domain Controller Policy (chnh sch nhm mc nh d ng cho cc my ch iu khin v ng). Restore Files And Directories (phc hi cc file v th mc) Ngi d ng hay nhm s hu Quyn ny c th chim quyn s hu ca bt k file hoc th mc NTFS no hay gn quyn s hu cho ngi d ng hay nhm khc. Mc nh, chnh sch nhm Default Domain Controller Policy s gn Quyn ny cho cc nhm Administartors (nhm qun tr), nhm Backup Operator (thc hin cc c ng vic sao lu) v nhm Server Operators (nhm qun tr cc hot ng trn my ch). xem hay chim quyn s hu ca file hay th mc, m hp thoi Advanced Security Settings v chn th Owner nh trn hnh 9-19. Th ny lit k ch s hu hin thi ca file hay th mc. Nu bn c Cp php c bit Take Ownership i vi file hay th mc hoc c quyn Take Ownership Of Files Or Other Objects, bn c th la chn ti khon ca bn trong hp Change Owner To ri nhn Apply hay OK chim quyn s QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 425 CHIA S CC TI NGUYN H THNG FILE hu i tng . Nu bn c quyn Restore Files And Directories, bn cng c th nhn vo Other Users Or Groups la chn i tng bo mt khc ri cp quyn s hu i tng cho n.

    Hnh 9-19: Th Owner ca hp thoi Advanced Security Settings Nu bn l ngi ch s hu hin ti cu file hay th mc v bn mun chuyn quyn s hu cho ngi khc nhng bn li kh ng c quyn Restore

    Files And Directories, bn vn c th thay i ACL v cp cho ngi s dng Cp php Take Ownership. Sau ngi s dng kia s d ng cc tin trnh nh trn chim quyn s dng ca file hay th mc. QUN TR IIS Cho ti chng ny, ch ng ta hc cch cung cp cho ngi d ng mng kh nng truy cp ti cc file trn mt my tnh chy Windows Server 2003 th ng qua vic c ng b cc im chia s bng dch v Server. Dch v ny cho php cc my trm s dng dch v Worksbntion c th truy nhp c. Tuy nhin trn Windows Server 2003, y kh ng phi l cch duy nht chia s cc file. Thay vo bn cng c th s dng cc dch v Internet c cung cp bi Microsoft IIS k c khi my trm ca bn nm trong mng LAN. CH Mc tiu ca k thi Cc mc tiu cho m n thi 70-290 yu cu cc hc vin c kh nng qun tr dch v IIS IIS l mt ng dng ca Windows Server 2003 c kh nng c ng b cc file v cc ng dng bng vic s dng cc giao thc chun Internet nh HTTP (l mt giao thc chun cho truyn th ng Web ) v FTP . So snh vi vic chia s file th ng thng, vic chia s file trong IIS, vi cu hnh mc nh ca IIS, l mt phng php hn ch trong vic c ng b cc file . V cc l do an ninh , IIS c ci t trong ch kha v bo mt cho php my QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 426 CHIA S CC TI NGUYN H THNG FILE ch ch cung cp ni dung tnh cho cc my trm. Ngi d ng c th ly cc file t mt my ch IIS v a ni b ca mnh v lm vic vi ch ng trn my c nhn nhng h kh ng th m file trc tip t my ch cng nh lu cc phin bn c sa i so vi trng thi ban u ca file nh h vn lm trn h thng file chia s th ng thng. Tuy nhin , k c khi trong trng thi kha, IIS vn cung cp nhng phng tin ph bin cc file mt cch d dng v bo mt. Trong cc phn sau y, ch ng bn s hc cch ci t v cu hnh IIS trn mt my tnh chy Windows Server 2003 v qun l vn bo mt ca mt my ch IIS . Ci t IIS Kh ng ging nh Windows 2000, mc nh Windows Server 2003 kh ng ci t IIS. Vic lm ny nhm phng nga l hng an ninh tim n trong h iu hnh. Mc nh, cc phin bn trc ca Windows ci t dch v IIS, kch hot dch v World Wide Web Publishing v to mt trang Web mc nh . Trong cc trng hp m ngi qun tr kh ng d ng ti v qun tt dch v, n s tr thnh mt li vo tim n cho nhng ngi d ng tri php . Trong Windows Server 2003 , bn phi ci t IIS mt cch th c ng sau khi hon tt vic ci t h iu hnh. ci t IIS, m Add Or Remove Programs trong Control Panel ri chn Add/Remove Windows Components khi ng Trnh hng dn Windows Components . Trong Trnh hng dn ny , chn Application Server , nhn Details , ri chn Internet Information Services (IIS) . Bn c th nhn Details mt ln na ch r cc thnh phn IIS no m bn mun ci t . Mc nh, Trnh hng dn s ci t cc thnh phn sau : Common Files: Ci t cc file chng trnh cn thit dnh cho IIS . Internet Information Services Manager: ci t snap-in IIS Manager. Bn s dng snap-in ny qun l cc dch v IIS v cu hnh an ninh site . World Wide Web Service: Ci t dch v cung cp kt ni HTTP vi cc my trm TCP/IP trn mng .

    CH Ci t cc thnh phn b sung Mc d ch ng kh ng cn thit cho cc chc nng s c m t trong chng ny, bn vn c th chn cc thnh phn IIS b sung cung cp tnh nng cao hn cho my ch, nhng kh ng c b bt c thnh phn mc nh no lit k y .

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 427 CHIA S CC TI NGUYN H THNG FILE Sau khi bn hon tt Trnh hng dn , Windows Server 2003 s ci t cc thnh phn m bn la chn v kch hot dch v World Wide Web Publishing. Qun tr mt Web Site IIS Khi IIS c ci t, mt trang Web mc nh c to ra, cho php bn thc thi mt m i trng Web nhanh chng v d dng. Ban u, site mc nh cha c ni dung g (ngoi tr mt bn tin Under Construction) . Bng cch b sung cc file ca bn vo th mc gc ca site mc nh , bn c th to ra mt trang ch nhm cung cp cho cc my trm kh nng truy cp ti bt k file, th mc v th ng tin no m bn mun c ng b. CH Mc tiu ca k thi Cc mc tiu cho m n thi 70-290 yu cu cc hc vin c kh nng qun tr mt my ch Web qun tr cc Web site trn mt My ch IIS, bn s dng snap-in IIS Manager (nh trong hnh 9-20) , bng cch truy nhp Administrative Tools trn thc n Start . Snap-in ny cho php bn to v qun l mt s lng Web site ring bit nhiu ti mc m phn cng ca my ch c th chy c.

    Hnh 9-20: Snap-in qun tr dch v IIS Ban u ch c mt Web site duy nhy trn my ch, gi l Default Web Site. xem cc site trn my ch, m rng n t ca my ch trong khung Phm vi ri m rng th mc Web Sites. Bng cch chn mt trong cc web site c lit k ri chn Properties t thc n Action, bn c th m hp thoi Properties ca site . Hp thoi ny cha mt lng ln cc chc nng iu khin cho php bn cu hnh cc th ng s cho Web site ny . Cc phn sau y xem xt mt vi chc nng iu khin quan trng ca hp thoi ny . S dng th Web Site

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 428

    CHIA S CC TI NGUYN H THNG FILE Th Web Site ca hp thoi Properties (hnh v 9-21), cha cc thit lp xc nh cch thc cc my trm c th truy nhp ti Web Site. IIS c th duy tr (Host) mt s lng kh ng gii hn cc Web site o trn mt my tnh, nhng cho cc my trm c th truy nhp c ti ch ng, phi c mt cch thc phn bit gia site ny vi cc site khc.

    Hnh 9-21: Th Web Site trong hp thoi Properties ca mt Web site Cc my ch Web th ng thng s dng cc k thut sau y duy tr nhiu site c ng l c : Cc a ch IP khc nhau: Bng cch cu hnh my tnh vi nhiu a ch IP khc nhau v gn mi a ch IP khc nhau cho mt Web site, my ch Web c th hng cc yu cu ti site thch hp, da trn a ch IP c xc nh trong yu cu. Cc cng khc nhau: Mc nh, giao thc HTTP s dng cng th ng dng l 80 cho th ng tin TCP/IP ca n. Khi kt ni vo mt Web site, trnh duyt s mc nh s dng cng 80 tr phi bn ch nh khc i, bng cch s dng mt a ch URL nh http://www.ACNA.com:81. Bng cch gn cc cng khc nhau cho cc Web site, mt my ch c th hng cc yu cu ti site thch hp da trn s cng c ch r trong yu cu. Host headers: Mc d cc my trm th ng thng s dng tn truy nhp vo cc Web site nhng qu trnh truyn th ng TCP/IP vn da trn cc a ch IP. Cc my ch DNS chu trch nhim chuyn i cc tn ny sang cc a ch IP. Host Header l mt trng t y chn trong bn tin yu cu HTTP bao hm tn URL ca my ch Web. Cc yu cu vi cc gi tr host header khc nhau c th c hng ti mt my ch Web n vi mt a ch IP v mt cng duy nht. Sau , my ch c th hng cc yu cu ti site thch hp da vo gi tr host header. V d, mt c ng ty c th QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 429 CHIA S CC TI NGUYN H THNG FILE duy tr (host) hai Web site www.adatum.com v www.ACNA.com trn mt my ch Web. My ch DNS ca c ng ty s chuyn i c hai tn gi sang c ng mt a ch IP v vy cc bn tin yu cu gi n mi site u ti c ng mt my ch. My ch Web sau s phn bit hai ch bng cch xem xt cc trng host header. Vi cc chc nng iu khin trong th Web Site, bn c th s dng bt c phng php no trong 3 phng php nu trn phn bit cc Web site

    vi nhau. Web site mc nh c cu hnh s dng cng 80 v tt c cc a ch IP ca my tnh s kh ng c gn cho cc Web site khc. Nu bn mun to thm cc Web site khc trn my ch, bn c th thay i cc gi tr ny bng cch chn mt gi tr a ch IP xc nh, thay i gi tr cng TCP hoc nhp vo n t Advanced xc nh tn host header cho site . Th ny cn cho php bn nh ra mt gii hn thi gian trc khi nhng ngi d ng trng thi inactive (kh ng hot ng mc d vn ang kt ni) b ngt kt ni ra khi my ch, cng nh kim sot cch thc ng nhp ca my ch i vi site ny bng cch chn mt nh dng file nht k, xc nh th ng tin no c ghi vo nht k v cu hnh thi gian biu ghi nht k. S dng th Home Directory Th mc gc ca mt web site l v tr mc nh cha cc file ni dung ca mt web site. Khi bn xc nh mt URL trong trnh duyt Web vi tn site no (nh www.ACNA.com chng hn), my ch s t ng cung cp cho bn cc file ni dung trong th mc gc ca site . Trong th Home Directory (hnh v 9-22) bn c th xc nh v tr ca th mc gc cho mt Web site nht nh. Bng cch to ra cc th mc gc khc nhau cho cc site khc nhau chy trn mt my ch duy nht, bn c th duy tr ni dung ring bit cho mi site.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 430 CHIA S CC TI NGUYN H THNG FILE Hnh 9-22: Th Home Directory trong hp thoi Properties ca mt Web site IIS cho php bn xc nh mt th mc gc bng cch chn mt trong ba t y chn sau : A Directory Located On This Computer (th mc trn my tnh ny) s dng k hiu ch ci a chun xc nh th mc gc trn mt trong cc a logic ca my tnh. A Share Located On Another Computer (th mc chia s trn my tnh khc) s dng ng dn Universal Naming Convention (UNC) xc nh th mc gc nm trn mt v ng chia s u trn mng. A Redirection To A URL (chuyn hng ti URL) s dng ng dn URL xc nh th mc gc trn mt my ch Web khc. Web site mc nh s dng mt th mc gc cc b c to ra mc nh trong qu trnh ci t IIS t ti th mc C:\Inetpub\wwwoot. Ban u th mc ny kh ng cha mt ni dung thc s no ngoi tr cc file th hin

    trang Under Construction nhng bng vic a cc file ni dung vo th mc ny, bn c th bin ch ng s dng c ngay lp tc i vi cc my trm. Ngoi vic cho php bn xc nh v tr thc s ca th mc gc, th ny cn cho php bn cu hnh cc kiu truy nhp m my trm c th s dng truy nhp ti th mc ny. Bn c th chn cc t y chn di y sau khi xc nh th mc gc trn a cc b hay trn im chia s trn mng: Script Source Access: cho php cc my trm c th truy nhp cc file kch bn (script) trong th mc vi gi thit rng cc Cp php Read hay Write c thit lp. Read: cho php cc my trm c th c v ti v cc file trong th mc . Write: cho php cc my trm ti ln th mc cc file hoc thay i ni dung ca cc file cho php ghi. Directory Browsing: gi thit rng kh ng c ti liu mc nh (Default Documents), cho php ngi d ng xem mt danh sch cc lin kt siu vn bn lit k cc file v cc folder c trong th mc .

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 431 CHIA S CC TI NGUYN H THNG FILE Log Visits: gi thit rng tnh nng ghi nht k c kch hot cho site ny, cho php ghi li cc cuc truy nhp vo th mc vo nht k Index This Resource: to mt ch mc ca cc ni dung vn bn (full-text index) ca th mc trong dch v Microsoft Indexing (bn phi ci t dch v Indexing bng cch nhn Add/Remove Windows Components trong c ng c Add or Remove Programs). Application Settings: cho php bn xc nh cc kiu ng dng Web m my trm c php chy. S dng th Documents Trong th Documents (hnh v 9-23) bn c th xc nh tn ca file ni dung m IIS phn phi ti cc my trm mt cch mc nh. Khi mt my trm a mt URL kh ng cha bt c mt tn tp no trong trnh duyt, my ch Web phn phi file vi tn mc nh c ch r trong hp Enable Default Content Page. Nu tn tp u tin c lit k kh ng tn ti trong th mc, my ch s kim tra ln lt cc file c lit k trong hp ni trn theo th t t trn xung. Nu kh ng c tp no trong danh sch tn ti, my ch hoc hin th mt siu vn bn lit k ni dung ca th mc (nu t y chn Directory Browsing c kch hot trong th Home Directory) hoc mt bn th ng bo li (nu Direcoty Browsing b v hiu).

    Hnh 9-23: Th Documents trong hp thoi Properties ca mt Web site Hp Enable Document Footer cho php bn cung cp tn ca file footer c gn vo tt c cc ti liu c Website xut bn. S dng th Performance Trong th Performance (hnh v 9-24) bn c th gii hn bng th ng s dng cho site ny cng nh s lng ngi d ng c th kt ni ng thi. QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 432 CHIA S CC TI NGUYN H THNG FILE N cho php bn ngn chn tnh trng mt Web site c chim ton b bng th ng h thng.

    Hnh 9-24: Th Perfomance trong hp thoi Properties ca Web site To cc th mc o Khi bn xc nh mt th mc gc cho mt Website IIS, tt c cc file trong th mc v cc th mc con ca n u c my ch c ng b v sn sng phc v cho cc my trm. Tuy nhin, nu bn mun c ng b cc file v th mc sn c th bn cng kh ng cn phi di chuyn ch ng n cu tr c th mc gc. Thay vo bn c th to ra mt th mc o. Mt th mc o l mt con tr n mt th mc nm ti mt v tr khc v i vi cc my trm ch ng l mt phn trong cu tr c th mc ca Web site. to ra mt th mc o trn mt IIS Web site, bn la chn site trn mn hnh qun tr IIS Manager, sau trn thc n Action tr ti New ri la chn Virtual Directory. Hot ng ny kch hot Trnh hng dn Virtual Directory Creation, bn phi cung cp nhng th ng tin sau: Virtual Directory Alias (cc b danh cho th mc o): cung cp tn ca th mc o cho cc my trm. B danh m bn nhp s xut hin nh mt th mc con ca Web site trong cc URL ca my trm. B danh m bn chn kh ng cn thit phi l tn tht ca th mc m bn mun c ng b. Web Site Content Directory (th mc cha ni dung ca Web site): xc nh ng dn ti th mc m bn nh chia s cho th mc o. ng dn m bn a vo c th s dng mt k t a hoc ng dn UNC v c th c t trn mt a cc b hoc mt th mc chia s trn mng.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 433 CHIA S CC TI NGUYN H THNG FILE Virtual Directory Access Permissions (cc Cp php truy cp n th mc o): xc nh Cp php cp cho cc my trm khi truy cp n th mc o (nh Read (c), Run Scripts (chy cc kch bn), Excute (thc thi), Write (ghi) v Browse (duyt trang Web)). Mt khi bn to th mc o, cc file trong th mc ni dung m bn mun c ng b trn Web site s nm trong mt th mc con c xc nh theo b danh bn cung cp trn. Cu hnh bo mt IIS Hu ht cc Web site trn Internet u cung cp cho cc my trm Cp php truy cp nc danh (anonymous). Khi bn cu hnh mt IIS Web site cho vic truy cp nc danh, tt c cc my trm kt ni ti my ch u s dng mt ti khon c bit c thit k cho mc ch ny. Tn ti khon mc nh trong Windows Server 2003 l IUSR_servername trong servername l tn ca my tnh. V mt k thut, cc my khch vn c xc thc nhng kh ng c s trao i cc th ng tin b mt v ch ng kh ng b hn ch trong qu trnh truy cp ti Web site. CH Mc tiu ca k thi Cc mc tiu cho k thi 70-290 yu cu cc hc vin c kh nng qun tr tnh bo mt ca IIS Tuy nhin, nu bn mun hn ch vic truy cp ti mt Web site, bn c th gia tng mc bo mt theo mt vi phng php sau y: Authentication and Access Control (kim sot truy cp v xc thc): yu cu cc my trm cung cp tn truy cp v mt khu khi truy cp Web site. IIS cung cp mt s loi m ha vi mc bo mt khc nhau.

    IP Address and Domain Name Restrictions (cc hn ch v tn min v a ch IP): bn c th cho php hoc ngn cm cc my khch nht nh truy cp ti site da trn a ch IP v tn min ca ch ng. Secure Communications (cc knh truyn th ng bo mt): yu cu cc my trm s dng mt giao thc truyn th ng bo mt hoc mt chng ch s khi truy cp ti Web site. Bn c th cu hnh tt c cc c ch bo mt ni trn trong th Directory Security trong hp thoi Properties ca Web site nh hnh v 9-25.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 434

    CHIA S CC TI NGUYN H THNG FILE

    Hnh 9-25: Th Directory Security trong hp thoi Properties ca Web site CH IIS v cc Cp php NTFS Ngoi cc c ch bo mt trn bn cng c th s dng cc Cp php NTFS bo v cc Web site. Nh cp trong chng trc, cc Cp php NTFS cung cp cho cc ngi d ng bt k h truy cp bng phng php no. iu c ngha rng mt ngi d ng truy cp ti mt Web site vi ni dung c lu trn a NTFS phi c cc Cp php tng ng truy cp cc file ni dung. Xem phn S dng cc Cp php NTFS trong chng trc bit thm th ng tin. Cu hnh xc thc IIS cu hnh mt IIS Web site s dng mt m hnh nhn thc khc vi truy cp nc danh mc nh, bn nhp vo n t Edit trong hp Authentication And Access Control trn th Directory Security hin th hp thoi Authentication Methods (xem hnh v 9-26).

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 435

    CHIA S CC TI NGUYN H THNG FILE Hnh 9-26: Hp thoi Authentication Methods ngn chn hnh thc truy cp kh ng xc thc ti Web site, bn phi b du chn ti hp kim tra Enable Anonymous Access. Bn cng phi cp cc Cp php NTFS cho cc file v th mc m bn mun bo v. K bn phi la chn mt hnh thc xc thc thay th t cc la chn sau: Integrated Windows Authentication (xc thc tch hp vi Windows): my ch thc hin trao i mt m vi my trm v vy tn truy cp v mt khu c truyn i trong dng cc m ri (Hash) nhm ngn chn nhng ngi nghe trm c th c c ni dung v ti khon ca ngi s dng. Hnh thc xc thc ny kh ng ph hp vi vic truy cp qua my ch proxy hoc cc tng la. Digest Authentication For Windows Domain Servers (xc thc dng phn loi cho cc my ch Min): ch dnh cho cc my trm c cc ti khon Active Directory, My ch s thu thp cc chng thc ngi s dng v lu ch ng trn My ch iu khin di dng MD5 (Message Digest 5) Hash (m ri MD5). Basic Authentication (xc thc c bn): my trm truyn tn truy cp v mt khu theo dng vn bn tng minh, v vy s to nn mt nguy c tim n v bo mt. Bn ch s dng la chn ny khi kh ng c kh nng chn cc la chn khc mang tnh bo mt hn. .NET Passport Authentication (xc thc da trn .NET Passport): cc my trm kt ni ti my ch bng cch s dng cc ti khon .NET Passport sn c ca ch ng. Ch ng c xc thc bi mt my ch .NET Passport trung tm trn Internet. Cu hnh cc hn ch v a ch IP v tn min Khi bn nhp vo n t Edit trong hp IP Address And Domain Name Restrictions, bn s nhn thy hp thoi IP Address And Domain Name Restrictions nh hnh v 9-27. y bn c th xc nh cc a ch IP ring r, cc a ch mng v cc tn min sau bn s cho php hoc cm ch ng truy cp ti Web site.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 436 CHIA S CC TI NGUYN H THNG FILE

    Hnh 9-27: Hp thoi IP Address And Domain Restrictions Trong hp thoi IP Address And Domain Name Restrictions, trc ht bn phi xc nh xem bn mun cc a ch v cc tn m bn la chn s c php hay ngn cm truy cp n Web site. Tip theo bn nhp vo Add m hp thoi Granted Access or Denied Access, bn s nhp a ch IP ca my tnh no , a ch mng v mt n mng con hoc tn min. Loi hn ch ny c da trn my tnh ch kh ng phi da trn ngi s dng. Khi bn gn Cp php truy cp n Web site cho mt a ch IP no th bt k ngi s dng no lm vic trn my tnh cng c th truy cp n Web site ngoi tr c cc c ch bo mt khc c thc thi. Do nhng hn ch ny l c lp vi c ch xc thc ca Web site nn bn c th s dng n thay th hoc kt hp vi c ch xc thc. V d, bn c th gn Cp php truy cp n Web site cho mt ngi d ng xc nh nhng vi mt iu kin l ngi d ng phi truy cp t mt my tnh c th. Bng cch cho php xc thc v thc hin hn ch theo a ch IP, bn c th s dng ng thi c hai. Cu hnh bo mt truyn th ng Khi bn nhp vo n t Edit trong hp Secure Communications, hp thoi Secure Communications s xut hin (hnh v 9-28), bn c th cu hnh cc la chn sau:

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 437 CHIA S CC TI NGUYN H THNG FILE

    Hnh 9-28: Hp thoi Secure Communications Require Secure Channel (SSL) (yu cu knh bo mt): yu cu cc my tnh s dng mt giao thc truyn th ng m ha khi kt ni ti Web server nh giao thc SSL chng hn. Bn cng c th yu cu cc my trm s dng m ha 128-bit tng tnh bo mt. Client Certificates (cc chng thc my trm): xc nh xem cc my trm c th, kh ng th hoc phi s dng cc chng thc s khi truy cp ti Web site. yu cu cc chng thc, bn phi chn la chn Secure Socket Layer (SSL). Enable Client Certificate Mapping (cho php nh x chng thc my trm): cu hnh my ch xc thc cc my trm truy nhp vi cc chng thc hp l. Nhp Edit nh x cc chng thc vi cc ti khon ngi s dng. Enable Certificate Trust List (kch hot danh sch chng thc tin cy): cu hnh my ch s dng mt danh sch cc trung tm y quyn chng thc tin cy xc minh tnh hp l cc chng thc ca ngi s dng. Cc ngi d ng kh ng nhn mt chng thc t mt trong cc trung tm y quyn c lit k trn b cm truy cp.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 438

    TNG KT CHIA S CC TI NGUYN H THNG FILE Windows Server 2003 cha mt s cc h thng Cp php c lp bao gm: cc Cp php chia s, cc Cp php NTFS, cc Cp php Active Directory v cc Cp php trn registry. Mi mt h thng Cp php cho php bn kim sot vic truy cp ti mt loi ti nguyn h thng xc nh. Mi i tng c bo v th ng qua cc Cp php u c mt ACL (Danh sch Kim sot Truy cp). Mi ACL l mt danh sch cc ACE (Mc vo Kim sot Truy cp) cha mt i tng bo mt (nh ngi d ng, nhm hoc my tnh chng hn) v cc Cp php c gn cho i tng . H thng file chia s cho php cc ngi d ng trn mng truy cp ti cc file v cc th mc nm trn cc my tnh khc. to ra cc chia s, bn c th s dng Windows Explorer hoc snap-in Shared Folders hoc c ng c Net.exe ch dng lnh. Cc Cp php chia s cung cp mc bo v c bn cho cc th mc

    chia s, nhng ch ng kh ng c tnh a dng v mm do nh cc Cp php NTFS. Cc Cp php chia s ch p dng cho cc truy cp mng th ng qua dch v Server. Cc file c bo v bng cc Cp php chia s vn c th truy cp c t my tnh cc b hoc th ng qua cc dch v mng khc nh IIS hay dch v u cui (Terminal) chng hn. Cc Cp php NTFS c th cho php hoc ngn cm, gn Cp php mt cch ring r hoc c k tha t trn. Cp php ngn cm s loi b tt c cc Cp php cho php khc v cc Cp php gn ring r s c mc u tin cao hn so vi cc Cp php k tha. Kt qu l mt Cp php cho php gn ring r s loi b Cp php ngn cm k tha. Cc Cp php Hiu dng trn mt file hoc th mc l s tng hp ca tt c cc Cp php gn cho i tng xc nh bao gm c Cp php gn trc tip hoc th ng qua c ch k tha. Cc Cp php truy cp NTFS c th b hn ch hn na nh cc Cp php khc v cc nhn t khc nh cc Cp php IIS trn mt Web site. Bt k hai kiu Cp php no c gn cho mt ti nguyn, nh cc Cp php chia s v Cp php NTFS chng hn, mi kiu cung cp mt tp hp cc Cp php khc nhau v bn phi tnh ton xem kiu no hn ch hn. QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 439 CHIA S CC TI NGUYN H THNG FILE Tnh k tha cho php ngi qun tr iu khin vic truy cp cc file v th mc bng cch cp Cp php cho mt th mc cha v cho php cc Cp php ny c a xung tt c cc th mc con v cc file nm bn trong n. Mi file v th mc NTFS u c mt ch s hu. Ch s hu lu n lu n c php thay i cc ACL (Danh sch Kim sot Truy cp) trn mt file hoc th mc thm ch i tng ny kh ng c Cp php. Bt k ngi s dng c Cp php Take Ownership (chim ot quyn s hu) hoc quyn hn ngi s dng Take Ownership Of Files Or Other Objects (quyn hn chim ot quyn s hu cc file hoc cc i tng khc) u c th ot li quyn s hu mt i tng. Mt ngi s dng vi quyn hn ngi s dng Restore Files And Directories u c th gn quyn s hu ca bt k i tng no cho bt k ngi s dng no. IIS l mt dch v trn h iu hnh Windows Server 2003 cho php chia s cc file v th mc bng cch s dng dch v my ch Web v FTP. Bn c th bo mt cc IIS site bng cch gn cc Cp php NTFS v yu cu xc thc ngi s dng th ng qua vic hn ch truy cp i vi cc a ch v tn Min xc nh hoc bng cch s dng cc giao thc truyn th ng m ha v cc chng ch s.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 440 CHIA S CC TI NGUYN H THNG FILE BI TP THC HNH =============================================== Bi tp thc hnh thc hnh 9-1: To mt chia s bng cch s dng Windows Explorer Trong bi thc hnh ny, bn s thc hin vic chia s mt th mc bng cch s dng Windows Explorer Truy cp vo h iu hnh Windows Server 2003 bng ti khon Administrator. Nhp Start v chn Windows Explorer. Mn hnh Windows Explorer xut hin. M rng biu tng My Computer v a C: Kch chut phi vo th mc Documents And Settings, t thc n ng cnh chn Sharing And Security. Hp thoi Documents And Settings Properties xut hin vi th Sharing c kch hot. Nhp vo Share This Folder. Trong hp vn bn Share Name g Test Share. Nhp OK. Biu tng ca th mc Documents And Settings b thay i v xc nhn rng n c chia s. =============================================== Bi tp thc hnh thc hnh 9-2: S dng snap-in Shared Folders Trong bi thc hnh ny, bn s s dng snap-in Shared Folders to mt chia s mi v cu hnh cc Cp php cho n. 1. Truy cp vo h iu hnh Windows Server 2003 bng ti khon Administrator. Nhp Start -> Administrative Tools -> Computer Management. Mn hnh qun tr Computer Management xut hin. M rng biu tng Shared Folders v la chn th mc con Shares.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003

    441 CHIA S CC TI NGUYN H THNG FILE Trn thc n Action la chn New Share. Trnh hng dn Share A Folder xut hin. Nhp Next b qua trong gii thiu. Trang Folder Path xut hin. Trong hp vn bn Folder Path, g C:\Windows v nhp Next. Trang Name, Description, And Setttings xut hin. Trong hp vn bn Share Name, g Test Share 2 v nhp Next. Trang Permissions xut hin. La chn Administrators Have Full Access; Other Users Have Read-Only Access (cc thnh vin nhm qun tr c ton quyn cn cc ngi d ng khc ch c Cp php c m th i) ri nhp Finish. Trang Sharing Was Successful xut hin. Nhp Close. ===============================================

    Bi tp thc hnh thc hnh 9-3: Cu hnh cc Cp php NTFS Trong bi thc hnh ny, bn s cu hnh cc Cp php NTFS cho mt th mc trn my tnh ca bn bng Windows Explorer. 2. Truy cp vo h iu hnh Windows Server 2003 bng ti khon Administrator. Nhp Start v chn Windows Explorer. Mn hnh Windows Explorer xut hin. M rng biu tng My Computer v a C: Kch chut phi vo th mc Documents And Settings, t thc n ng cnh chn Sharing And Security. Hp thoi Documents And Settings Properties xut hin vi th Sharing c kch hot. La chn th Security v nhp Computers, Or Groups xut hin. Add. Hp thoi Select Users,

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 442 CHIA S CC TI NGUYN H THNG FILE Trong hp vn bn Enter The Object Names To Select, g Guests ri nhp OK. Nhm ny s c thm vo hp danh sch Group Or User Name trong th Security. La chn i tng Guests v trong hp danh sch Permissions For Guests la chn cc hp kim tra Modify v Write trong ct Allow. Nhp OK gn cc Cp php v Settings Properties li. ng hp thoi Documents And

    CC CU HI N TP 1. Trong cc c ng c di y, c ng c no cho php bn to mt chia s trn mt my ch xa? (La chn tt c cc cu tr li ng) a. Mt mn hnh qun tr MMC t y bin cha snap-in Shared Foldes. b. Windows Explorer chy trn my tnh cc b v kt ni ti

    chia s ADMIN$ ca my tnh xa c. d. Net.exe Mn hnh qun tr Computer Management

    2. Mt th mc c chia s nm trn a FAT. Nhm Project Managers c gn ton quyn (Full Control) trn th mc ny. Nhm Project Engineers c gn Cp php c trn . L c u, Julie l thnh vin ca nhm Project Engineers. Sau c ta c a vo nhm Project Managers. Cc Cp php Hiu dng ca c ta trn th mc ny l g? 3. Mt th mc c chia s nm trn a NTFS vi cc Cp php chia s mc nh. Nhm Project Managers c gn ton Cp php NTFS. Julie l mt thnh vin ca nhm Project Managers, th ng bo vi bn rng c ta kh ng th to cc file trong th mc ni trn. Ti sao? QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 443 CHIA S CC TI NGUYN H THNG FILE 4. Cc Cp php NTFS yu cu ti thiu cho php ngi s dng m cc ti liu v chy cc chng trnh trn mt th mc chia s l g? e. f. g. h. i. Full Control Modify Write Read & Excute List Folder Contents

    5. Bill phn nn rng anh ta kh ng th truy cp ti ti liu c cha th ng v th ng tin ti chnh ca phng. Bn m th Security ca ti liu v thy rng tt c cc Cp php trn u c tha hng t th mc cha. Cp php ngn cm Read c gn cho nhm Acctg3 m Bill l thnh vin. Trong cc phng php di y, ci no cho php Bill truy cp ti ti liu ny? (la chn tt c cc cu tr li ng) a. Thay i cc Cp php trn th mc cha bng cch thm Cp php cho php Full Control cho Bill b. Thay i cc Cp php trn th mc cha bng cch thm Cp php cho php Read cho Bill. c. Thay i cc Cp php trn ti liu bng cch gn thm Cp php cho php Read cho Bill. d. Thay i cc Cp php trn ti liu bng cch loi b Inheritable Permissions, la chn Copy v loi b Cp php ngn cm. e. Thay i cc Cp php trn ti liu bng cch loi b Inheritable Permissions, la chn Copy v thm Cp php cho Allow

    Allow

    php Full Control cho Bill. f. Loi b Bill ra khi nhm c gn Cp php ngn cm.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 444 CHIA S CC TI NGUYN H THNG FILE 6. Bn mun m bo mc bo mt cao nht cho my ch IIS trong t chc ca bn m kh ng phi thm bt k dch v chng ch no. Mc tiu l cung cp qu trnh xc thc trong sut i vi ngi s dng v cho php bn bo mt cc ti nguyn Intranet vi cc ti khon nhm hin c trn Active Directory. Tt c ngi s dng u c bo v bi tng la ca t chc. Cc phng php xc thc no di y chop php thc hin mc tiu trn? a. b. c. d. Truy cp nc danh Xc thc c bn Xc thc da trn .NET Passport Xc thc tch hp vi Windows

    7. Bn ang cu hnh cc Cp php chia s cho mt th mc chia s trn mt my ch file. Bn mun tt c ngi s dng c xc thc u c Cp php lu cc file ln th mc, c tt c cc file trong v thay i hoc xa cc file do h lm ch. Cc Cp php ti thiu bn cn t trn th mc chia s t c mc tiu trn l g? (la chn tt c cc cu tr li ng) a. Authenticated Users (nhm ngi d ng c xc thc): Control (ton quyn) b. c. d. Authenticated Users: Read (c) Creator Owner (ch s hu to file): Change Creator Owner: Read

    CC KCH BN TNH HUNG =============================================== Kch bn 9-1: c ng b Web server Cc file ni dung my ch Web ca c ng ty bn hin ang c t trn a D ca mt my tnh Windows Server 2003 ci t IIS. Tn ca my QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 445 CHIA S CC TI NGUYN H THNG FILE ch l Web1 v URL ca n l http://intranet.ACNA.com. Bn c yu cu to ra mt gii php IIS cho php phng nhn s c th c ng b cc ti liu v li ch v chnh sch ca c ng ty t my ch ca h. URL cho php truy cp ti cc th ng tin ni trn s l http://intranet.ACNA.com/hr. Bn

    Full

    phi lm g? a. Ci t IIS trn my ch ca phng nhn s. b. c. d. To mt Web site mi trn Web1 v t tn l hr. Ci t dch v FTP trn Web1. To mt th mc o trn Web1 vi b danh l hr. =============================================== Kch bn 9-2: Cu hnh cc Cp php chia s Phng k ton c mt file server acctg01 ci t h iu hnh Windows Server 2003 nhm cung cp bng thi gian v cc mu th ng bo c ng tc ph cho cc nhn vin. Bn l qun tr mng chu trch nhim cu hnh cc Cp php chia s trn cc th mc chia s, cc Cp php phi p ng cc yu cu sau: Cc mu d ng cho nhn vin c lu tr trn th mc Forms v c chia s vi tn chia s l Forms. Tt c cc nhn vin u c th truy cp n cc mu ny. Ch c nhng ngi s dng c xc thc mi c th truy cp n cc mu ni trn. Cc nhn vin c th ti ln cc mu c in y ln th mc c tn l Forms\Reports\username v c tn chia s l username. Ngi s dng phi c c cc mu ca chnh h nhng kh ng th c c cc mu ca ngi s dng khc. Cc mu dnh cho cc gim st vin c lu trn th mc Forms\Supervisors v c tn chia s l Supervisors. Ch c cc thnh vin ca nhm ton cc Supervisors mi c kh nng truy cp n th mc ny. Nhm p ng nhng yu cu ni trn, bn gn cc Cp php chia s nh bng di y:

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 446

    Th mc chia s Forms Supervisors Username CHIA S CC TI NGUYN H THNG FILE Cc Cp php chia s Everyone: Allow read (cho php c)

    Supervisors: php c)

    Allow read (cho

    Username: Allow change (cho php thay i) Gi thit rng cc Cp php NTFS cho tt c cc th mc u gn Cp php Modify (thay i) cho nhm Authenticated Users. Vi Cp php chia s c gn nh trn, nhng yu cu no di y c p ng? (la chn tt c cc cu tr li ng) a. Tt c cc nhn vin u c th ti xung cc mu ca h. b. Tt c cc nhn vin u c th ti ln cc mu c in y ln cc th mc ca h. c. Cc nhn vin ch c c cc mu ca chnh h.

    d. Ch c cc thnh vin nhm Authenticated Users mi c th ti xung cc mu. e. Ch c cc thnh vin nhm Supervisors mi c th ti xung cc mu dnh cho h.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 447 LM VIC VI CC MY IN

    CHNG 10: LM VIC VI MY IN Ngoi chia s file, mt ng lc th c y khc cho s pht trin ca cc mng LAN l kh nng chia s cc my in. Cc my in thng em n nhng phin toi cho qun tr mng do ch ng kh ng ch n thun lin quan n cc thnh phn in t m cn lin quan n cc c ng vic kh ng c sch s cho lm nh mc in v cc tin trnh lin quan n my mc nh cho giy vo

    khay chng hn. Microsoft Windows Server 2003 cung cp mt tp hp cc c tnh mnh m nhm h tr cho cc dch v in n trong mt t chc ln. ng thi cc tnh nng ny cng gi p bn tm hiu cch thc s dng nhm ti thiu ha nhng rc ri bn gp phi khi c trc trc xy ra. Trong chng ny, bn s c hc phng php ci t, qun tr v x l s c cc my in cc b, my in mng v my in Internet. Hon thnh chng ny bn c kh nng: Hiu v m hnh v thut ng c s dng cho tc v in n trong Windows. Ci t mt my in logic trn mt my ch in n Chun b mt my ch in n cho cc my trm Kt ni mt my trm in n n mt my in logic trn my ch in n Qun tr hng i in n v cc c tnh my in X l s c cc li v my in

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 448 LM VIC VI CC MY IN TM HIU V M HNH IN N TRONG WINDOWS SERVER 2003 Windows Server 2003 cung cp cc c ng c mnh m, bo mt v mm do cho cc dch v in n. Bng cch s dng mt my tnh ci t Windows Server 2003 qun l cc my in, cc nh qun tr mng c th to nn kh nng sn sng i vi cc ng dng chy cc b trn my tnh hoc cc ngi d ng trn bt k m hnh no bao gm cc phin bn trc ca Windows cng nh h iu hnh Novell Netware, UNIX v Macintosh. Windows Server 2003 v cc phin bn trc ca Windows h tr hai loi my in: Cc my in c gn trc tip: l cc my in c kt ni ti mt cng vt l trn my ch in n th ng thng l cng USB hoc cng song song LPT. Cc my in c gn vo mng: l cc my in c kt ni trc tip n mng thay v kt ni ti mt cng vt l trn mt my tnh. Mt my in mng cha (hoc c kt ni ti) mt card mng v hot ng nh mt n t trn mng. Cc my tnh lin lc vi my in bng cch s dng giao thc mng chun nh TCP/IP hoc DLC

    chng hn. Khi bn ci t mt my in trn mt my tnh s dng Microsoft Windows, h iu hnh to ra mt my in logic m t cho thit b in n vt l. My in logic nh ngha cc c tnh v cch thc iu khin ca my in. N cha trnh iu khin my in, cc thit lp v my in, cc thit lp in n mc nh v cc c tnh khc nhm iu khin cch thc mt tc v in n c x l ra sao v c gi ti my in vt l nh th no. Vic o ha my in th ng qua khi nim my in logic cho php cc nh qun tr mm do v linh hot trong vic cu hnh cc dch v in n. S dng cc my in gn trc tip Khi bn ci t mt my in gn trc tip trn my tnh ci t Windows Server 2003 (hoc bt k phin bn no ca Windows), my tnh s s dng n x l cc tc vin n. V vy bn c th chia s my in ny cho cc my tnh khc trn mng. Khi bn chia s my in, my tnh kt ni trc tip vi my in s tr thnh mt print server (my ch in n). Mt my ch in n l mt my tnh (hoc mt thit b c lp) nhn cc tc vt cc my trm

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 449 LM VIC VI CC MY IN trn mng, lu cc tc v ny trong mt hng i v gi tng ci mt n my in vt l. CH : Thut ng in n Trong ti liu trn cc phin bn trc ca Windows, my in vt l c xem nh mt thit b in n v my in logic c xem nh mt my in. Nhm trnh nhng s hiu lm v thut ng ny, Microsoft c nhng s thay i trong Windows Server 2003. By gi ch ng ta s dng thut ng my in (printer) v my in logic (logical printer). S dng cc my in gn vo mng Khi bn ang s dng mt my in c gn vo mng, bn c th s dng hai m hnh in n trn mng. Ch ng c m t trong cc phn di y. To mt my in logic trn tt c cc my trm Trong m hnh ny, bn s ci t mt my in logic trn mi my trm v kt ni trc tip ch ng ti my in mng. Trong trng hp ny kh ng c my ch in n. Mi my trm s duy tr cc thit lp in ca ring ch ng, x l cc tc v in n ca ch ng v lu cc tc v in n ln hng i ring. Trong m i trng mng, m hnh ny c nhng nhc im sau: Khi ngi s dng kim tra ni dung ca hng i, h ch thy cc tc v in n ca chnh h. Ngi s dng kh ng th bit c c nhng tc v no do nhng ngi s dng khc c gi ti my in. Cc nhn vin qun tr mng kh ng th qun l tp trung hng i in n. Cc nhn vin qun tr kh ng th thc hin cc tnh nng in n tin tin nh kh nng in trn nhiu my in khc nhau. Cc th ng bo li ch xut hin trn cc my tnh ang thc hin tc v in n. Tt c cc tin trnh x l tc v in n u c hnh thnh trn my trm do ch ng kh ng th bit c tnh trng qu ti trn my ch in n. M hnh ny c th ph hp vi m hnh mng nhm lm vic (workgroup)

    nh nhng trong m i trng mng ln th n kh ng th cung cp kh nng qun tr tp trung. u im duy nht ca m hnh ny l d dng ci t k c i vi ngi s dng u cui. Mi my trm ci t my in theo phng

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 450 LM VIC VI CC MY IN php th ng thng v kh ng cn quan tm n cc my trm khc (ngoi tr khi i cc tc v in n ca ch ng hon thnh). To mt my ch in n Do nhng nhc im ca m hnh ni trn nn cu tr c in n th ng dng nht dnh cho cc t chc ln l m hnh gm ba phn. M hnh ny gm c cc thnh phn sau: My in vt l My ch in n bao gm mt my in logic c kt ni ti my in vt l. My khch in n c kt ni ti my in logic ca my ch. In n th ng qua mt my ch in n mang li nhng u im sau: My in trn my ch in n nh ngha cc thit lp in n v qun tr cc trnh iu khin. My in logic s dng mt hng i in duy nht v cc my trm u c th nhn c hng i ny. Do cc nhn vin qun tr mng v ngi s dng u c th thy c danh sch y cc tc v in n ang ch i. Cc bn th ng bo nh ht giy hoc kt giy c gi ti tt c cc my trm do ngi s dng v cc nhn vin qun tr c th thc hin x l s c. Hu ht cc ng dng v cc trnh iu khin my in u c th phn nh tin trnh in n trc khi gi ti my ch in n. iu ny gia tng s phn hi ca my trm. Tc l, khi mt my trm thc hin in mt ti liu, tc v in s c gi ngay lp tc n my ch in v kim sot cc phn hi ca my tnh ti ngi s dng trong khi my ch in m nhn tc v x l c ng vic in n. Cc chc nng bo mt, kim nh v kim tra, gim st v ghi nht k c qun tr tp trung. TRIN KHAI MY IN CHIA S Tin trnh trin khai mt my in chia s s dng m hnh my ch in bao gm cc bc sau: Ci t my in trn my ch in n To mt chia s my in trn my ch in n QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 451 LM VIC VI CC MY IN Kt ni cc my trm vi my ch in n Cc bc ni trn c m t chi tit trong cc phn sau. Ci t mt my ch in n Windows Server 2003 Bc u tin trong vic trin khai mt my ch in n trn mng l ci t my in trn my tnh ng vai tr nh mt my ch in n. Qu trnh ny kh ng khc vi vic ci t mt my in trn my tnh th ng thng. Thc

    hin c ng tc chia s my in s cho php Windows Server 2003 hot ng nh mt my ch in n. Trong Windows Server 2003, bn qun tr cc my in bng cch s dng mn hnh Printers And Faxes t Control Panel hoc t thc n Start. Kch p vo biu tng Add Printer, trnh hng dn Add Printer xut hin. Sau khi nhp Next b qua trang Welcome, bn s hon thnh cc trang cn li trong trnh hng dn c m t danh sch di y. CH S dng cc my in USB Cc my in kt ni ti my tnh th ng qua cng USB kh ng yu cu bn khi to trnh hng dn Add Printer bng tay. Do cc thit b USB l plug and play nn my tnh s t ng pht hin v ci t ch ng. Tuy nhin, bn c th cung cp cc trnh iu khin kh ng c Microsoft h tr cho cc my in. Local Or Network Printer (my in mng hay cc b) Trong trang ny, bn cn xc nh bn ang ci t mt my in cc b hay mt my in mng. Trong ng cnh ca trnh hng dn ny, my in cc b c xem nh mt my in vt l c gn trc tip vo mt my tnh hoc c gn vo mng nhng hin nay cha c chia s bi my ch in n khc. My in mng c xem nh mt my in chia s bi my tnh khc trn mng. V vy ci t mt my ch in n, bn lu n lu n la chn Local Printer Attached To This Computer (my in cc b c gn vi my tnh ny). Nu my in ny hin c kt ni v sn sng, bn c th la chn hp kim tra Automatically Detect And Install My Plug And Play Printer (t ng pht hin v ci t my in plug and play) ci t my in t ng. Tuy nhin, bn cng c th ci t my in logic m kh ng cn c s hin din ca mt my in vt l.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 452 LM VIC VI CC MY IN

    Select A Printer Port (la chn cng my in) Trong trang ny, bn

    s xc nh my tnh lin kt vi my in nh th no. Nu my in c kt ni ti cng LPT (cng song song) hoc cng COM (cng ni tip), bn s la chn Use The Following Port (s dng cng di y) t danh sch th xung. Nu my in c kt ni bng mt s phng tin khc, bn la chn Create A New Port (to mt cng mi) v la chn mt trong cc kiu cng t danh sch th xung. V d, cc my in c gn vo mng th ng thng yu cu mt cng TCP/IP. Khi bn la chn Standard TCP/IP Port (cng TCP/IP chun), trnh hng dn Add Standard TCP/IP Printer Port (thm cng my in TCP/IP chun) xut hin. bn s xc nh a ch IP m bn gn cho my in v nu cn thit bn c th gn loi giao din mng d ng kt ni my in ti mng.

    Install Printer Software (ci t phn mm my in) Nu tnh nng plug and play kh ng pht hin v ci t chnh xc trnh iu khin cho my in, bn c th la chn my in ca bn t mt danh sch cc trnh

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 453 LM VIC VI CC MY IN iu khin my in c phn loi theo nh sn xut v cc model sn c trn Windows Server 2003. Nu my in kh ng xut hin trong danh sch ni trn, bn c th nhp Have Disk ci t cc trnh iu khin my in do nh sn xut thit b cung cp. Name Your Printer (tn my in ca bn) Trong trang ny, bn cn xc nh tn cho my in nhm cung cp cho cc ng dng chy trn my tnh. Mc nh, trnh hng dn s gn mt tn da trn tn nh sn xut v chng loi kt hp vi trnh iu khin my in c ci nhng bn c th thay i tn ny. Nhm tng thch y vi cc ng dng, bn nn hn ch chiu di tn my in (ti a 31 k t). Khi cc my in khc c ci t, trang ny cn cho php bn xc nh my in no l my in mc nh trn my tnh ny c ngha l cc ng dng s t ng in trn my in tr phi bn la chn ci khc. Thit lp ny ch p dng cho cc ng dng chy trn my tnh cc b m th i ch khng p dng cho cc my trm trn mng.

    Printer Sharing (chia s my in) Trong trang ny, bn cn xc nh bn c mun chia s my in ny kh ng lm cho n hot ng nh mt my ch in n. to mt my in chia s, bn la chn Share Name v xc nh tn d ng c ng b trn mng. Mc nh, trnh hng dn s gn mt tn bao gm 8 k t u tin ca tn bn cung cp trang trc tuy nhin bn c th s dng bt k tn no m bn mun. Nhm mc ch tng thch, tt nht tn my in kh ng cha cc k t trng. CH Cc my in chia s Trang Printer Sharing trong trnh hng dn Add Printer ch cung cp cc chc nng chia s my in c bn nht. cu hnh cc la chn chia s khc, bn phi s dng hp thoi Properties c a my in c m t trong phn k tip. QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 454 LM VIC VI CC MY IN

    Location And Comment (v tr v ch thch) Trang ny cha cc trng m bn c th cung cp th ng tin v v tr hay kh nng ca my in. Th ng tin ny s hin th khi ngi s dng duyt mng v gi p cho h xc nh my in chnh xc.

    Print Test Page (in trang kim tra) Trang ny cho php bn thc hin mt tc v in kim tra nhm xc nh xem my tnh kt ni vi my in nh th no.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 455 LM VIC VI CC MY IN

    Khi bn hon thnh trnh hng dn Add Printer, h thng s ci t trnh iu khin my in tng ng v to mt biu tng my in logic cho my in ny trong ca s Printers And Faxes. Bn s s dng biu tng ny truy cp n tt c cc c ng c cu hnh v duy tr my in. T thi im ny, cc ng dng trn my tnh cc b c th s dng my in v nu bn chia s n th

    cc my trm trn mng cng c th s dng n. Chia s my in Bn c th chia s mt my in bng cch s dng trnh hng dn Add Printer nhng bn c th iu khin chia s ny nhiu hn na bng cch s dng th Sharing trong hp thoi Properties ca my in (xem hnh v 10-1). truy cp ti th ny, la chn mt biu tng my in trong ca s Printers And Faxes v chn Sharing t thc n File.

    Hnh 10-1: Th Sharing trong hp thoi Properties ca mt my in chia s my in (nu n cha c chia s) la chn Share This Printer (chia s my in ny) v xc nh tn chia s trong hp vn bn Share Name.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 456 LM VIC VI CC MY IN Bn cng c th la chn hp kim tra List In The Directory (lit k trong dch v th mc Active Directory ) to mt i tng my in trong Active Directory. Kt qu l mt i tng my in c to ra nh mt con tr cho php ngi s dng xc nh mt my in bng cch tm kim trn dch v da theo tn hoc cc tnh nng ca n. Mt trong nhng ch li ca cc tham s trong trng Location v cc c tnh tng t l tng cng kh nng tm kim mt my in da trn cc c tnh ny. Nhp vo Additional Drivers m hp thoi Additional Drivers, nh hnh v 10-2. Khi mt my trm trn mng truy cp n mt my in chia s, n c th t ng ti v trnh iu khin my in t th mc chia s Print$ trn my ch. y l tnh nng m Windows gi l Point and Print (tr ti v in). Hp thoi ny cho php bn ci t cc trnh iu khin my in cho cc h iu hnh khc nhau m my trm ca bn c th s dng. y l u im nu my in s dng cc trnh iu khin kh ng c trong Windows Server 2003. Khi bn la chn cc h iu hnh khc trong hp thoi ny v nhp OK, h thng s ci t cc trnh iu khin yu cu v th ng bo cho bn a a cha trnh iu khin ca nh sn xut nu cn thit.

    Hnh 10-2: Hp thoi Additional Drivers CH Cp nht cc trnh iu khin Cc my trm ci t h iu hnh Windows NT, Windows 2000, Windows XP v Windows Server 2003 s ti trnh iu khin my in t my ch in n v khi kt ni ti my in chia s ln u tin. Mi ln in, ch ng xc nhn rng c trnh iu khin my in v nu kh ng c ch ng s ti mt trnh iu khin cp nht t my ch. Vi cc my trm ny, bn ch cn gi cc cp nht ca trnh iu khin my in trn my ch in n. Cc my trm ci t Windows 95, Windows 98 v Windows Me c th t ng ti v v ci t cc trnh iu khin khi ch ng kt ni ti my in chia s ln u tin nhng sau ch ng s kh ng kim tra cc cp QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 457 LM VIC VI CC MY IN nht. Nu bn nhn c mt cp nht ca trnh iu khin, bn phi ci t n bng tay trn cc my trm ny cng nh trn my ch. Kt ni cc my trm n mt my ch in n Khi bn ci t mt my in v chia s n th cc my trm c th truy cp ti my in ny th ng qua mng. Ch ng c th truy cp n my in theo vi cch khc nhau c m t trong phn di y. S dng trnh hng dn Add Printer Tin trnh ci t mt my in trn my trm bng cch s dng trnh hng dn Add Printer cng tng t nh bn ci t trn mt my ch in n. Ch khc mt ch t l khi ci t trn my ch trong trang Local Or Network Printer, bn la chn A Network Printer hoc A Printer Attached To Another Computer th by gi trn my trm bn phi xc nh my in mun s dng trong trang Specify A Printer (hnh v 10-3).

    Hnh v 10-3: Trang Specify A Printer ca trnh hng dn Add Printer Cc phng php c lit k di y s gi p bn xc nh mt my in: Find A Printer In The Directory (tm kim mt my in trong dch v th mc) Nu my trm gia nhp vo Min Active Directory, trang ny s hin th la chn ny. Vi la chn ny, trnh hng dn s hin th hp thoi Find Printers gi p bn tm kim cc my in theo tn, v tr hoc cc c tnh khc m bn xc nh khi to cc i tng my in.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 458 LM VIC VI CC MY IN

    Browse For A Printer (duyt my in) Nu my trm l thnh vin ca mt nhm lm vic (workgroup), trang Printer s hin th la chn ny u tin. Vi la chn ny, trnh hng dn s hin th trang Browse For Printer cho php bn duyt cc my tnh xc nh trong cc Min hoc cc nhm lm vic v la chn cc my in chia s c ci t trn mi my tnh. Connect To This Printer (kt ni ti my in ny) Chn la chn ny cho php bn xc nh tn ca mt my in chia s trn mng bng cch s dng ng dn UNC (Universal Naming Connvention quy c t tn tng hp) nh \\tnmych\tnmyinchias. Nhp Next m kh ng cn xc nh tn tng t nh la chn Browse For A Printer thc hin trong trang Browse For Printer. Connnect To A Printer On The Internet Or On A Home Or Office Network (Kt ni ti mt my in trn Internet hay mng nh hoc mng vn phng) La chn ny cho php bn xc nh tn ca mt my in trn mng hoc trn Internet bng cch s dng mt URL (Uniform Resouce Locator quy c t tn chun hng ti trm Internet mng hoc mt

    ni

    b)

    nh

    http://www.adatum.com/printers/printername. Mt khi bn xc nh chnh xc my in cn ci t, trnh hng dn s ci t trnh iu khin tng ng (gi thit rng trnh iu khin ny sn c trn my ch hoc my trm) v to ra mt my in logic trong ca s Printers And Faxes. Duyt trong Windows Explorer Bn c th ci t n gin mt my in chia s trn mt my trm bng cch duyt trong My Network Places th ng qua Windows Explorer. Khi bn m rng mt biu tng my tnh trong My Network Places, Windows Server 2003 s hin th mt danh sch cc chia s trn my tnh . Cc my in chia

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 459 LM VIC VI CC MY IN s c hin th trong mt khoang cha c tn l Printers And Faxes (xem hnh v 10-4). La chn mt my in chia s, t thc n File chn Connect bt u tin trnh ci t trnh iu khin my in logic.

    Hnh 10-4: Duyt cc my in trong Windows Explorer Tm kim trong Active Directory i vi cc my trm trong cc Min Active Directory , trnh hng dn Add Printer s cung cp kh nntg tm kim cc i tng my in trong dch v th mc. Bn c th tm kim ch ng theo nhiu cch khc nhau trong Active Directory nh thc n Start trong trang Search chnh. Khi bn la chn Other Search Options, trang ny cho php bn xc nh cc cch tm kim khc nhau bao gm mt la chn Printers, Computers, Or People nh hnh v 10-5. La chn tm kim mt my in trn mng s hin th hp thoi Find Printers ging nh trnh hng dn Add Printer hin th. Bn c th truy cp n hp thoi ny theo nhiu cch khc nhau th ng qua giao din Windows Server 2003.

    Hnh 10-5: Tm kim cc my in trong Active Directory

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 460 LM VIC VI CC MY IN CU HNH CC C TNH MY IN Sau khi ci t my in logic trn my ch in n, bn c th cu hnh mt lot cc c tnh bng cch m hp thoi Properties ca my in (xem hnh v 106). Mt s iu khin trong hp thoi ny l ging ht nhau i vi tt c cc my in nhng mt s ci c trnh iu khin my in cung cp c c trng theo tng chng loi sn phm. V d, mt my in mu c th c cc iu khin qun l mu trong khi cc my in en trng li kh ng cn.

    Hnh 10-6: Th General trong hp thoi Properties ca my in Th General cho php bn cu hnh tn my in, v tr v cc li ch thch. Tt c cc th ng s ny u c cu hnh da trn cc gi tr bn a vo trong trnh hng dn Add Printer. Nh cp trn, th Sharing cho php bn xc nh my in logic c chia s cha v cho php cc my trm trn mng truy cp cha. Mt s chc nng khc, bn c th iu khin trong hp thoi Properties, s c cp trong cc phn di y. Kim sot bo mt my in Vi cc h thng file chia s, bn c th s dng cc Cp php gn truy cp nht nh n ch ng. Vi cc my in chia s bn cng thc hin tng t th ng qua th Security trn hp thoi Properties ca my in nh hnh v 10-7.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 461 LM VIC VI CC MY IN

    Hnh 10-7: Th Security trn hp thoi Properties ca mt my in Cc Cp php chun m bn c th gn cho mt my in gm c: Print (in n) cho php cc i tng bo mt kt ni ti my in v thc hin cc tc v in n trn . Mc nh nhm Everyone c gn Cp php ny. hn ch vic truy cp ti my in bn c th loi b Cp php ny khi nhm Everyone v gn n cho cc i tng bo mt khc hoc bn c th ngn cm i vi cc i tng c th. Manage Printers (qun tr my in) cho php cc i tng bo mt thc hin tt c cc c ng vic m Cp php Print cung cp i tng bo mt ng thi cung cp Cp php iu khin qun tr my in. i tng nhn Cp php ny c th thay i cc c tnh my in, dng v khi ng li my in, iu khin trng thi chia s my in, iu chnh cc thit lp b m (mt chng trnh tin ch ca h iu hnh cho php lu tr tm thi cc lnh in vo mt file trn a hoc RAM khi my ang bn sau s gi ti my in khi CPU rnh) v thay i cc Cp php my in. Mc nh trn mt my tnh kh ng phi l My ch iu khin Min nhm Administrators v Power Users c gn Cp php ny cn trn my My ch iu khin Min cc nhm Server Operators v Print Operators s c Cp php ny. Manage Documents (qun tr ti liu) cho php cc i tng bo mt iu khin cc ti liu trong hng i nh: dng, phc hi, khi to li, loi b hoc sp xp li th t. Tuy nhin Cp php ny kh ng cung cp kh nng gi ti liu ti my in hoc iu khin trng thi my in. Mc nh, nhm Creater Owner c gn Cp php ny. Cp php gn cho nhm Creator Owner c k tha t

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 462 LM VIC VI CC MY IN ngi to ra i tng nn Cp php ny cho php ngi s dng qun l cc tc v in n m h to ra. Cp php ny cng c gn cho cc nhm Administartors, Print Operators v Server Operators nn thnh vin ca cc nhm ny c th iu khin bt c ti liu no trn hng i. Trn cc my kh ng phi My ch iu khin Min, nhm Power Users c gn Cp php ny. Ngoi vic cung cp cc Cp php chun, th Security cn cho php truy cp n hp thoi Advanced Security Settings (xem hnh v 10-8). bn c th s dng qun tr cc ch mc ACL ring l v lm vic trn cc Cp php c bit ging nh bn ang lm vic vi cc Cp php NTFS. Tuy nhin kh ng ging nh NTFS cc Cp php c bit cho my in ch c thm ba tnh nng cho php cc i tng bo mt c cc Cp php, thay i cc Cp php v ot quyn s hu mt my in.

    Hnh 10-8: Hp thoi Advanced Security Settings CH Th ng tin thm Xem chng 9 bit r hn v vic s dng cc Cp php chu v c bit iu khin truy cp ti cc ti nguyn h thng. Thit lp cc nh dng cho khay giy Nu mt my in c nhiu khay cho php bn s dng cc kch thc giy khc nhau, bn c th thit lp mt nh dng cho mt khay xc nh. nh dng d ng nh ngha kch thc giy in. Khi ngi s dng in mt ti liu vi nh dng trang in xc nh, Windows Server 2003 s nh tuyn tc v in n n khay tng ng vi kch thc . V d v cc nh dng gm c: Legal, Letter, A4, Envelope v Executive. gn mt nh dng cho mt khay, la chn th Device Settings trn hp thoi Properties ca my in (hnh v 10-9). S lng cc khay hin th trong

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 463 LM VIC VI CC MY IN

    phn Form To Tray Assignment ph thuc vo loi my in m bn ci t v s lng khay n h tr. Vi mi khay lit k, bn c th la chn mt nh dng khc nhau. Ngoi ra, khi m rng cy Device Settings bn s thy cc thit lp cho php xc nh trng thi ci t ca cc la chn my in nh cc khay giy thm vo, cc thnh phn iu khin giy in, ph ng ch v b nh my in. Tt c cc thit lp ny u c dnh cho my in v ph thuc vo kh nng ca n cng nh trnh iu khin.

    Hnh 10-9: Th Device Settings trn hp thoi Properties ca my in Thit lp cc tc v in n mc nh Th General trn hp thoi Properties ca my in c la chn Printing Preferences v th Advanced c la chn Printing Defaults. C hai la chn ny u hin th hp thoi cho php bn iu khin cch thc thc hin cc tc v in n trn my in logic bao gm nh dng kiu in (in theo khu n dng nm ngang hay nm dc), in hai mt (nu my in h tr tnh nng ny), phn gii v cc thit lp ti liu in n khc nh hnh v 10-10. Cc hp thoi ny ging nhau v cng ging hp thoi hin th khi bn nhp Properties hoc Preferences trn hp thoi Print ca ng dng.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 464 LM VIC VI CC MY IN

    Hnh 10-10: Hp thoi Printing Preferences S tn ti ca ba hp thoi ring bit vi cc iu khin ging nhau kh ng phi l s nhm ln hay d phng. Hp thoi Printing Defaults cu hnh cc thit lp mc nh cho tt c ngi s dng ca my in logic. Nu my in c chia s, cc thit lp in n mc nh ny s tr thnh cc c tnh mc nh cho tt c cc my in trn my trm. Hp thoi Printing Preferences d ng cu hnh cho mt i tng c th. Nu c xung t xy ra th vi quyn u tin cao hn cc thit lp trong Printing Preferences s c cp cho ngi s dng. Hp thoi Properties hoc Preferences trn cc ng dng d ng cu hnh cc c tnh dnh cho tc v in n m ng dng x l. Cc c tnh trong cc hp thoi ny s quyn u tin cao hn hai hp thoi nu trn (Printing Defaults v Printing Preferences). To mt t hp my in (Printer Pool) T hp my in l mt my in logic h tr nhiu my in vt l. Cc my in vt l c th c gn vo my ch hay vo mng hoc c hai. Khi bn to mt t hp my in, my ch in n s gi cc tc v in n c xc nhn pha my trm ti my in sn sng u tin. My in logic i din cho t hp my in s kim tra cng no ang sn sng v hng tc v in n cng . Bn cu hnh t hp my in trong th Ports trn hp thoi Properties ca my in. Nu bn la chn hp kim tra Enable Printer Pooling, bn c th xc nh nhiu cng cha cc thit b in n thuc mt t hp. Hnh v 10-11 biu din mt t hp my in c kt ni ti ba my in gn vo mng.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 465 LM VIC VI CC MY IN

    Cu hnh nhiu my in logic trn mt my in vt l Trong khi mt t hp my in l mt my in logic duy nht c kt ni ti nhiu my in vt l th ngc li cu tr c nhiu my in logic kt ni ti mt my in vt l duy nht th ng dng hn v mnh hn. Bng cch to ra nhiu my in logic hng trc tip cc tc v in n ti c ng mt my in vt l, bn c th cu hnh cc c tnh khc nhau, cc thit lp in mc nh, cc thit lp mc nh, c ch kim sot v ghi li, gim st vi mi my in logic. V d, bn mun cc cn b iu hnh trong c ng ty c th thc hin cc tc v in ngay lp tc bt k cc tc v khc ang c thc thi bi ngi s dng khc. lm c iu ny, bn c th to ra mt my in logic th hai tr ti c ng mt my in vt l nhng vi mc u tin cao hn. thc hin iu ny, bn ch cn s dng trnh hng dn Add Printer to thm cc my in logic s dng c ng mt cng vi my in logic u tin. Mi my in logic phi c mt tn v tn chia s duy nht. Tip theo bn cu hnh ring r cc my in logic vi cc thit lp ph hp vi cc my trm s s dng my in logic .

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 466 LM VIC VI CC MY IN cu hnh cc c tnh khc nhau cho cc my in logic, bn la chn th Advanced trn hp thoi Properties (hnh v 10-12) v xc nh mt gi tr trong trng Priority ( u tin) nm trong di t 1 ( u tin thp nht) n 99 ( u tin cao nht). Nu bn gn gi tr 99 cho my in logic ca cc cn b iu hnh v 1 cho my in logic ca nhng ngi s dng khc, th cc ti liu gi ti my in logic vi u tin 99 s c thc hin trc cc ti liu khc trong hng i. Tuy nhin nh th kh ng c ngha l ti liu ca cn b iu hnh s loi b tc v in n ca ngi s dng khc m y mun cp khi my in ri, n s chp nhn cc tc v t my in logic c u tin cao hn trc khi chp nhn cc tc v t my in logic c u tin thp hn. ngn kh ng cho ngi s dng thc hin in n trn my in logic ca cn b iu hnh, bn c th cu hnh ACL ca n v loi b Cp php in c gn cho nhm Everyone, thay vo ch cp cho cc cn b iu hnh Cp php in.

    Hnh 10-11: Th Ports trn hp thoi mt t hp vi ba my in vt l CH Nhng yu cu v phn cng Do nhiu my in vt l c iu khin ch c mt trnh iu khin c ci l kh ng ging nhau hon ton v ch iu khin c ci t trn my in

    Properties ca my in biu din mt t hp my in gm c bi mt my in logic duy nht nn t. Trong khi cc my in vt ng phi tng thch vi trnh logic.

    Hnh 10-12: Th Advanced trn hp thoi Properties ca my in GIM ST CC MY IN Mt khi bn to, cu hnh v chia s my in cc b trn my ch in n cng nh cc my trm trn mng kt ni ti my cc my in ny th bn phi bt u xem xt cc c ng vic qun tr ch ng trong sut qu trnh in n. Cc phn di y m t cc c ng c khc nhau c Windows Server 2003 cung cp gi p bn gim st tin trnh in n trn mng khi cn thit. CH : Mc tiu ca k thi Cc mc tiu cho k thi 70-290 yu cu cc hc vin c kh nng gim st cc my ch file v in n. Cc c ng c gm c Task Manager, Event Viewer v System Monitor.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 467

    Gim st cc hng i in LM VIC VI CC MY IN Kch p vo mt biu tng my in trong mn hnh Printers And Faxes s m ra mt ca s khc c tiu l tn ca my in (xem hnh v 10-13). y l ca s hng i in, n lit k tt c cc tc v hin nay ang i gi ti my in vt l. T y thuc vo Cp php ca mnh trn my in, ngi s dng c th can thip vo hng i my in v cc tc v in n theo nhiu cch khc nhau v cc mc khc nhau bng cch s dng cc thc n trn ca s. Cc c ng vic chung m ngi s dng v ngi qun tr thc hin bao gm: dng, kh i phc, loi b cc tc v c th trong hng i, sp xp li th t cc tc v, dng v kh i phc hng i xc nh.

    Hnh 10-13: Ca s hng i in CH Mc tiu ca k thi Cc mc tiu cho k thi 70-290 yu cu cc hc vin c kh nng qun l cc hng i in nh hng li cc tc v in n Nu mt my in gp trc trc, bn c th gi ti liu trong hng i trn my in ti mt my in khc c kt ni ti mt cng cc b trn my tnh hoc c gn vo mng. ng tc ny gi l nh hng li tc v in n. nh hng li cho php ngi s dng tip tc gi cc tc v ti mt my in logic c ng loi v trnh cho ngi s dng phi thc hin li tc v in. nh hng li mt my in, n gin bn c th thay i cng m my in logic ang gi tc v ti. Bn thc hin iu ny bng cch m hp thoi Properties ca my in, la chn th Ports v chn mt cng khc hoc thm mt cng mi. Hp kim tra cha cng kt ni ti my in b li ngay lp tc b xa i tr phi t hp my in c la chn. Trong trng hp ny, bn phi xa bng tay hp kim tra ny. Do cc tc v trong hng i c my in logic sn sng cho vic in n nn my in m bn mun nh hng li phi tng thch vi trnh iu khin c my in logic s dng. Tt c cc tc v in n c nh hng li ti cng mi (tuy nhin bn kh ng th nh hng li cc ti liu ring r v bt k ti liu hin ang in n cng kh ng th nh hng li).

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 468 LM VIC VI CC MY IN Trong hu ht cc trng hp, vic nh hng li tc v in n rt hu ch khi bn s dng cc my in mng c truy cp th ng qua cc cng TCP/IP. Khi mt my in b trc trc, bn c th thay i cng trong my in logic ca n ti a ch IP ca my in vt l khc trn mng. My in vt l ny phc v hai my in logic cho n khi bn xc nh c li trn my in v thay i thit lp cng tr li gi tr c. S dng mn hnh qun tr hiu nng (Performance) Bn c th truy cp vo mn hnh qun tr Performance t Administrative Tools. Mn hnh ny cha hai snap-in System Monitor v Performance Logs And Alerts cho php bn gim st hiu nng ca cc my in theo thi gian thc, s dng cc file nht k cho vic phn tch sau ny hoc thit lp cc mc cnh bo v cc hot ng. THNG TIN THM bit thm th ng tin Xem chng 3 xem li kh nng v cc tin trnh th ng qua mn hnh qun tr Performance. cu hnh System Monitor hoc Perfomance Logs And Alerts nhm gim st cc hot ng in n trn mng, th ng thng bn la chn i tng o hiu nng Print Queue (hng i my in) trong hp thoi Add Counters (thm bin m) nh hnh v 10-14. i tng ny cung cp mt hnh nh hiu nng v mi my in c ci t trn my tnh v mt s bin m hiu nng gi p bn gim st tin trnh in n, bao gm:

    Hnh 10-14: La chn cc bin m hiu nng gim st cc hot ng trn my in vi mn hnh qun tr Performance Bytes Printed/Sec (s lng byte c in trong 1s) xc lng d liu th tnh theo byte gi ti my in trong 1s. Gi tr ca

    nh s

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 469 LM VIC VI CC MY IN bin m ny cng thp ng ngha vi vic my in ny hot ng kh ng ng mc hoc do my in kh ng c tc v in, do hng i cha c ti hoc do my ch qu bn. Gi tr ny thay i t y theo chng loi my in. Tham kho ti liu my in bit c gi tr m my in c th chp nhn c. Job Erros (cc li tc v in) xc nh s lng cc li tc v in n xy ra khi b m khi to ln cui c ng. Cc li tc v in th ng thng gy ra bi cu hnh cng kh ng chnh xc; kim tra cu hnh cng v cc thit lp kh ng hp l. Mt li tc v in s lm tng gi tr bin m ny ch mt ln duy nht thm ch li c th xy ra nhiu ln. Jobs (cc tc v) xc nh s lng cc tc v trong hng i. Mt gi tr ca bin m ny cao hoc tng c nh ng ngha vi vic my in hot ng kh ng bnh thng hoc cc tc v kh ng c thc hin mt cch chnh xc. Not Ready Errors (cc li kh ng sn sng) xc nh s lng cc li do my in kh ng sn sng xy ra k t khi b m c khi to. Out Of Paper Errors (cc li v tnh trng ht giy) xc nh s lng cc li xy ra do tnh trng ht giy xy ra k t khi b m c khi to. Total Jobs Printed (tng s cc tc v c in) xc nh s lng cc tc v c gi ti my in k t khi b m c khi to. Total Pages Printed (tng s cc trang c in) xc nh s lng cc trang ti liu c in k t khi b m c khi to. Bin m ny cung cp mt con s xp x gn ng dung lng ca my in mc d n kh ng phi tht l chnh xc do t y thuc vo loi tc v v cc c tnh ti liu ca cc tc v . CH S dng cc bin m hiu nng m

    Mt s bin

    hng i my in ph hp vi tin trnh ghi li nht k hiu nng nh ch ng c th lu li khi lng hot ng ca my in chng hn. Nhng mt s ci khc li ph hp vi cc cnh bo nh cc bin

    m li chng hn. S dng cc cnh bo, bn c th cu hnh cho h thng th ng bo cho ngi qun tr mng khi c li xy ra. S dng Event Viewer Bn c th s dng cc file nht k h thng (System Log) trong Event Viewer kim tra hot ng ca my in v b m trn my in. Mc nh, QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 470 LM VIC VI CC MY IN b m ng k cc s kin lin quan ti vic to, xa v thay i my in. File nht k cng cha cc s kin v lu lng my in, kh ng gian a cng, cc li b m v cc vn bo dng. iu khin hoc thay i cc s kin v b m c ghi li, m th mc Printers And Faxes v la chn Server Properties t thc n File. La chn th Advanced truy cp cc c tnh nh hnh v 10-15. Trong th ny, bn c th iu khin cc s kin no c ghi li v cc th ng bo tc v in n. Th ny cng cho php bn thc hin mt c ng vic rt quan trng l di chuyn th mc b m khi bn cu hnh mt my ch in n hot ng hoc khi kh ng gian a cng cha th mc b m trn mt my in sn c b y.

    Hnh 10-15: Th Advanced trn hp thoi Print Server Properties Kim nh truy cp my in Bn c th kim nh vic truy cp n mt my in tng t nh kim nh trn th mc v file. Bn c th thc hin kim nh i vi mt nhm hoc ngi s dng xc nh vi mt hot ng c th trn mt my in. Sau khi thit lp chnh sch kim nh truy cp, bn c th xem kt qu trong phn Security ca mn hnh qun tr file nht k Event Viewer. cu hnh kim nh cho mt my in, m hp thoi Properties ca n, la chn th Security ri nhp vo Advanced. Trong hp thoi Advanced Security Settings, la chn th Auditing v thm cc ch mc cho cc nhm v ngi s dng xc nh. Vi mi i tng bo mt m bn a vo danh sch kim nh, bn c th cu hnh kim nh cc s kin thnh c ng hoc tht bi da trn cc Cp php my in chun bao gm Print, Manage Documents v Manage Printers.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 471 LM VIC VI CC MY IN K tip bn phi cho php chnh sch Audit Object Access (kim nh vic truy cp i tng) t trn mn hnh qun tr Group Policy Object Editor hoc Local Security Policy trong Computer Configuration\Windows Settings\Security Settings\Local Policies\Audit Policy. Sau khi chnh sch c hiu lc, bn c th kim tra cc file nht k trong phn Security xem v phn tch cc ch mc. LI KHUYN Khi no th thc hin kim nh vn in n Kim nh my in to ra hng t cc mc vo i vi mt tc v in, v vy n ch ph hp khi bn ang x l s c. Kh ng nn s dng c ch kim nh nhm gim st mc s dng hoc lm ha n tnh tin. Thay vo , bn nn s dng cc bin m nh Total Jobs Printed hoc Total Pages Printed. X L S C MY IN X l s c l mt trong cc c ng vic quan trng trong qu trnh qun tr my in. Phn ny gi p bn hiu v xc nh cc li c th xy ra trong qu trnh in n trn Windows Server 2003. CH Mc tiu ca k thi

    Cc mc tiu cho k thi 70-290 yu cu cc hc vin c kh nng x l s c hng i Bn cn lu qu trnh x l s c in n gm nhiu thnh phn gm c: ng dng ang thc hin in n My in logic trn my tnh c ng dng ang chy Kt ni mng gia my khch in n v my in logic chia s trn my ch. My in logic trn my ch: b m, cc trnh iu khin, cc thit lp bo mt v cc thnh phn khc. Kt ni gia my ch in n v my in. Bn thn my in vt l: phn cng, cu hnh v cc trng thi. Mt phng php hiu qu gii quyt hu ht cc li trong in n l x l s c theo tng phn ring bit mt cch logic v c phng php. Xc nh phm vi li Nu mt ngi s dng kh ng th thc hin mt tc v in n t mt ng dng trn my tnh ca anh ta nhng vn c th thc hin c t cc ng dng khc cng trn my tnh th li dng nh xut pht t ng dng ch QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 472 LM VIC VI CC MY IN kh ng phi t my tnh, mng hay my ch in n hoc phn cng my in. Tuy nhin, trong mt s trng hp s dng mt trnh iu khin khc hoc loi d liu khc c th gii quyt c cc li in n ca ng dng. Nu ngi s dng kh ng th in t bt k ng dng no, bn cn xc xem anh ta c th in ra cc my in khc trn c ng my ch in n kh ng hay

    nh

    trn my ch in n khc. Nu tt c cc kh nng ny vn kh ng thc hin c v nu cc ngi s dng khc vn c th in trn cc my in trn mng th li dng nh xy ra trn my tnh ca h. Nu my in c kt ni mng, c gng to ra mt my in cc b trn h thng ang c li tr trc tip ti cng my in ny. Tc l b qua vai tr qun l ca my ch in n. Nu vic in n thnh c ng c ngha l li trn my ch hoc kt ni gia my ch v my trm c vn . Kim tra xem my khch in n c th kt ni ti my ch Bn c th kim tra li kt ni gia my in khch v my ch in n bng cch m ca s hng i t th mc Printers And Faxes trn my trm. Nu ca s ny m v hin th bt k ti liu no trn hng i c ngha l my trm kt ni thnh c ng ti my ch. Nu c li xy ra c ngha rng mng c vn hoc c li v vic xc thc hay Cp php. Nu trng hp ny xy ra bn c th s dng c ng c Ping kim tra kt ni ti a ch IP ca my ch hoc nhp Start, chn Run v g \\<my ch in n>. Nu ping thnh c ng hoc mt ca s m ra hin th th mc Printers And Faxes v bt k th mc chia s no tc l my trm kt ni ti my ch. Trong trng hp ny, bn nn kim tra cc Cp php bo mt trn my in logic. Xc nhn my in ang hot ng Kim tra chnh my in v m bo rng n trng thi sn sng. Kim tra cc vn nh mc in b ht, tc giy v cc li khc sau in mt trang kim tra t mn hnh qun tr my in. Kim tra cp kt ni gia my in v my ch hoc mng. Nu my in c gn vi mng, bn cn chc chn rng n trn card giao din mng sng iu c ngha rng kt ni mng tt. Xc nhn rng bn c th truy cp ti my in t my ch Mt s my in c th hin th a ch IP ca ch ng trn mn hnh qun tr my in hoc bn c th in ra mt trang cu hnh. Xc nhn rng a ch IP ca my in ging vi a ch IP ca cng my in logic. a ch IP ca cng c th kim tra trn th Port trong hp thoi Properties ca my in. m bo rng bn c th kt ni vi my in qua mng bng cch ping a ch IP ca my in.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 473 LM VIC VI CC MY IN Xc nhn rng cc dch v trn my ch ang hot ng S dng Bng iu khin Services kim tra cc dch v di y lin quan n in n ang hot ng tt: Print Spooler Qun l cc hng i in n cc b v trn mng. Nu dch v ny kh ng hot ng th vic in n kh ng th thc hin c. Remote Procedure Call (RPC) Mt dch v cn thit cho cc kt ni mng chun ti cc my in chia s. Bn cng c th kim tra dung lng th mc m b m c lu tr trn m bo rng kh ng gian a cng cn cho vic lu m. V tr ca th mc b m c th thay i c trong hp thoi Server Properties (bn c th truy cp vo hp thoi ny t thc n File ca th mc Printers And Faxes). Mc nh, b m ca cc tc v in n c lu tr ti th mc <Systemroot>\system32\spool\Printers. Vi mt my ch c mt in cao, bn nn cn nhc di chuyn th mc ny ti mt phn v ng khc ch kh ng nn trn phn v ng h thng hoc khi ng. Nu phn v ng cha th mc b m y th qu trnh in n s ngng v nghim trng hn h iu hnh c th nh hng. Bn cng c th tm kim cc file nht k trong phn System xem b m c a ra bt k th ng bo li no kh ng v trong th mc Printers And

    Faxes m bo rng my in ca bn kh ng ch kh ng kt ni. C gng thc hin mt tc v in n t mt ng dng trn my ch. Nu bn c th in t my ch c ngha rng li kh ng phi do my in. Nu bn kh ng th thc hin c iu ny, to mt my in logic tr trc tip ti c ng cng v c gng in trn my in mi ny. Nu thc hin thnh c ng tc l c vn vi cu hnh ca my in logic u tin. Nu thc hin kh ng thnh c ng c ngha l c vn trong vic kt ni vi my in hoc chnh bn thn phn cng my in.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 474

    TNG KT LM VIC VI CC MY IN Kin tr c in n trong Windows Server 2003 c module ha bao gm: my in vt l, my ch in n vi my in logic, chia s kt ni ti my in vt l th ng qua mt cng cc b hoc mng v my in logic trn my trm kt ni ti my in logic, chia s trn my ch. My in logic c to ra vi mc ch h tr my in c gn trc tip vi my tnh hoc mng. My in mng kt ni ti my in logic do my tnh khc duy tr, hay cn c gi l my ch in n. Mc nh, cc my in chia s c c ng b trong Active Directory, cho php ngi s dng d dng tm kim cc my in da trn v tr hoc cc c tnh khc ca my in. to mt my in logic, bn s dng trnh hng dn Add Printer v xc nh trnh iu khin v cng thch hp. Mt my in logic c th hng cc tc v ti nhiu hn mt cng bng cch to ra t hp my in (Printer pool). Mt my in vt l c th phc v nhiu my in logic khc nhau, mi my in c th cu hnh vi cc thuc tnh, cc trnh iu khin, cc thit lp, cc c tnh theo di v cc Cp php ring bit. Ca s hng i in n, cc nht k s kin v cc bin m hiu nng cho php bn gim st cc my in nhm x l s c, pht hin cc li tim n v mc s dng my in. Nu mt my in trng thi kh ng kt ni hoc b li, bn c th nh hng li tt c cc tc v in n cha thc hin ca n ti mt my in khc bng cch thm hoc la chn cng my in mi trong

    phn thit lp c tnh ca my in logic gc. My in trn cng thay th phi tng thch vi trnh iu khin m my in gc ang s dng. Do m hnh in n trong Windows Server 2003 c module ha vi chnh my in , vi my in logic trn my ch v vi my in logic trn my trm kt ni ti my in chia s trn my ch nn bn c th x l s c khi my in c li bng cch xc nh mi thnh phn c th gy nn li v s lin quan gia cc thnh phn vi nhau.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 475

    BI TP THC HNH LM VIC VI CC MY IN =============================================== Bi tp thc hnh thc hnh 10-1: To mt my in logic Trong bi thc hnh ny, bn s ci t mt my in logic trn my tnh ca bn. Truy cp vo h iu hnh Windows Server 2003 bng ti khon Administrator. Nhp Start v chn Printers And Faxes. Ca s Printers And Faxes xut hin. Kch p vo biu tng Add Printer. Trnh hng dn Add Printer xut hin. Nhp Next b qua trang Welcome. Trang Local Or Network Printer xut hin. La chn Local Printer Attached To This Computer. m bo rng hp kim tra Automatically Detect And Install My Plug And Play Printer b xa ri nhp Next. Trang Select A Printer Port xut hin. Trong danh sch lit k Use The Following Port la chn cng my in LTP3: ri nhp Next. Trang Install Printer Software xut hin. Trong trng hp my tnh ca bn kh ng c cng LTP3, hy chn mt cng m my tnh ca bn kh ng s dng nh COM3 v COM4 chng hn. Trong ct Manufacturer la chn Generic. Trong ct Printers la chn Generic/Text Only ri nhp Next. Trang Name Your Printer xut hin. Trong hp vn bn Printer Name, g Test Printer ri nhp Next. Trang Printer Sharing xut hin.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 476 LM VIC VI CC MY IN Nhp Next chp nhn cc tham s chia s mc nh. Nhp Next mt ln na b qua trang Location And Comment. Trang Print Test xut hin. La chn No ri nhp Next. Trang Completing The Add Printer Trnh hng dn xut hin. Nhp Finish. ===============================================

    Bi tp thc hnh thc hnh 10-2: Thit lp cc Cp php trn my in Trong bi thc hnh ny, bn s cu hnh cc Cp php trn my in chia s ca bn. 3. Truy cp vo h iu hnh Windows Server 2003 bng ti khon Administrator. 4. Ci t mt my in logic nh trong bi 10-1.

    Nhp Start -> Printer And Faxes. Ca s Printer And Faxes xut hin. La chn biu tng Test Printer trn my in logic m bn va to v t thc n File la chn Properties. Hp thoi Properties xut hin. La chn Remove. i tng bo mt Everyone trn th Security ri nhp

    Nhp Add. Hp thoi Select Users, Computers, Or Groups xut hin. Trong hp vn bn Enter The Object Names To Select g Users ri nhp OK. Nhm Users s xut hin trong danh sch cc i tng bo mt. La chn hp kim tra Allow i vi Cp php Manage Documents v nhp OK. ===============================================

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 477 LM VIC VI CC MY IN Bi thc hnh 10-3: Loi b mt tc v in n Trong bi thc hnh ny, bn s loi b mt tc v in cha hon thnh trong hng i . 5. Truy cp vo h iu hnh Windows Server 2003 bng ti khon Administrator. Ci t my in logic nh bi thc hnh 10-1.

    Nhp Start v la chn Faxes xut hin.

    Printers And Faxes. Ca s

    Printers And

    Trn my in logic bn va to, kch chut phi vo biu tng Test Printer v la chn Properties. Hp thoi Properties ca my in xut hin. Nhp Print Test Page trong th General in mt trang kim tra trn my in. Hp th ng bo Test Printer m ra. Nhp OK ng hp th ng bo v nhp OK ng hp thoi Properties ca my in. Trn my in logic bn va to, nhp p vo biu tng Test Printer. Ca s Test Printer xut hin. La chn ti liu Test Page trong danh sch v ch trng thi li ca n do kh ng c mt my in vt l no kt ni vi cng bn la chn. Trn thc n Document la chn Cancel. Mt hp th ng bo Printers xut hin nhc nh bn xc nhn xa tc v in. Nhp Yes. Tc v s b xa khi hng i.

    CC CU HI N TP 1. Bn ang ci t my in trn my trm. My in s c kt ni ti mt my in logic c ci t trn mt my ch in n Windows Server 2003. Nhng kiu th ng tin no m bn phi cung cp cho tin trnh ci t my in? (La chn tt c cc cu tr li ng) a. Mt cng my in TCP/IP.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 478 LM VIC VI CC MY IN b. c. d. e. Nh sn xut my in vt l v chng loi ca n. ng dn URL ti my in trn my ch ng UNC ti my in chia s Trnh iu khin my in

    2. Mt trong nhng my in mng ca bn kh ng lm vic tt v bn mun ngn kh ng cho ngi s dng gi cc tc v ti my in logic kt ni ti my in ni trn. Bn s lm g? a. b. c. d. Dng chia s my in Loi b my in ra khi dch v th mc Active Directory Thay i cng my in Thay i tn chia s

    3. Bn ang qun tr mt my tnh Windows Server 2003 c cu hnh nh mt my ch in n. Bn mun thc hin c ng tc bo dng trn my in vt l c kt ni vi my ch. Hin ang c mt s ti liu trn hng i. Bn mun ngn kh ng cho cc ti liu c in trn my in ny nhng bn cng kh ng mun ngi s dng phi thc hin li tc v in n. Phng php ti u nht ca bn l g?

    a. M hp thoi Properties ca my in la chn th Sharing v la chn Do Not Share This Printer. b. M hp thoi Properties ca my in v trn th Ports la chn mt cng cha c thit b in n s dng. c. M ca s hng i, la chn ti liu u tin v tip theo la chn Pause t ca s Document. Lp li tin trnh ny vi mi ti liu. d. M ca s hng i v la chn Pause Printing t thc n Printer.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 479 LM VIC VI CC MY IN 4. Bn ang qun tr mt my tnh Windows Server 2003 c cu hnh nh mt my ch in n. Ngi s dng trong nhm Marketing phn nn rng h kh ng th in cc ti liu th ng qua my in trn my ch. Bn hin th cc Cp php trn hp thoi Properties ca my in. Nhm Marketing c Cp php Manage Documents. Ti sao ngi s dng kh ng in c trn my in ny? a. b. c. d. Nhm Everyone phi c gn Cp php Manage Documents. Nhm Administrators phi c gn Cp php Mange Printers Nhm Marketing phi c gn Cp php Print Nhm Marketing phi c gn Cp php Manage Printers

    5. Bn ang ci t mt t hp my in trn my tnh Windows Server 2003. T hp my in cha ba thit b in n v tt c u ging nhau. Bn m hp thoi Properties trn my in ny v la chn Enable Printer Pooling trn th Port. Bn phi lm g tip theo? a. b. Cu hnh cng LPT1 h tr ba my in La chn hoc to cc cng nh x ti ba my in

    c. Trn th Device Settings, cu hnh cc la chn c kh nng ci t c nhm h tr hai thit b in n thm vo d. Trn th Advanced, cu hnh u tin cho mi thit b in nhm m bo tin trnh in c phn phi cho ba thit b in. n

    6. Bn ang qun tr mt my tnh Windows Server 2003 c cu hnh nh mt my ch in n. Vo ngy gia tun lm vic, my in b li v cn c thay th. Ngi s dng gi cc tc v in n my in ny v n c a ch IP l 192.168.1.81.Mt my in tng t c a ch 192.168.1.217 c my ch khc h tr. Cc c ng vic bn cn thc hin sao cho cc tc v ca ngi s dng vn c tip tc? (La chn tt c cc cu tr li ng)

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 480 LM VIC VI CC MY IN a. Trn hp thoi Properties ca my in li la chn Printer Pooling. b. Trn hp thoi Properties ca my in li nhp Add Port Enable

    c. Trn th mc Printer And Faxes kch chut phi vo my in li v la chn Use Offline. d. Trn hp thoi Properties ca my in li la chn cng 192.168.1.217. 7. Trong cc m hnh di y, m hnh no cho bn bc tranh gn ng nht v mc s dng trn my in, cho php bn hiu v mc tiu th ca mc v giy in? a. Cu hnh kim nh my in logic v kim nh cc s kin thnh c ng trong vic s dng Cp php in ca nhm h thng Everyone. b. Xut cc nht k s kin h thng (System log) ra file vn bn phn cch cc trng bng du phy (*.csv) v s dng Excel phn tch cc s kin b m. c. Cu hnh nht k hiu nng v gim st bin Printed trn mi my in logic. m Total Pages

    d. Cu hnh nht k hiu nng v gim st bin m Jobs vi mi bin m logic. CC KCH BN TNH HUNG =============================================== Kch bn 10-1: Cp nht cc trnh iu khin my in Phng marketing phn nn vi bn v cht lng in trn my in chia s c tn gi l MarketingPrinter. Khi ngi s dng in t my tnh PC Windows XP s dng cc ng dng Microsoft Office, cc ti liu c in tt. Nhng khi h in t cc ng dng Adobe, cc ti liu in ra kh ng c nh mong mun. Phng kinh doanh c mt my in chia s tng t c tn l SalesPrinter v s

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 481 LM VIC VI CC MY IN dng hn hp cc my trm Windows 2000/XP v Office kh ng th ng bo bt c mt li no. Bn cn nhc trng hp ny, n xy ra v mt s ng dng khc nhau to ra cc kt qu khc nhau ph thuc vo my in c ang s dng PostScript hoc mt trnh iu khin kh ng phi PostScript hay kh ng. Bn s trin khai trnh iu khin my in hot ng tt u sao cho cc my tnh

    cn n c cp nht? e. Hp thoi Server Properties ca my ch in n f. g. Hp thoi Properties ca my in MarketingPrinter Hp thoi Properties ca my in SalesPrinter

    h. Hp thoi Properties ca cc my in logic c ci t trn cc my tnh ca mi ngi s dng phng marketing. =============================================== Kch bn 10-2: Gia tng hiu nng in n Bn l nh qun tr mng cho mt c ng ty lut vi mt nhm gm c 20 nhn vin tr l v mt lut php cho cc lut s. Tt c cc nhn vin ny u s dng mt my in laser chia s, tc cao c ci t trn mt h thng Windows Server 2003. Theo mt lch trnh h phi in mt s lng ln ti liu. Mc d my laser in nhanh nhng n cn m bo hot ng gn nh kh ng i trong khi in n ti liu. Ti mt s thi im, cc nhn vin tr l phi i 20 ph t hoc lu hn sau khi xc nhn mt tc v cho cc ti liu ca h cho ti khi ln ti v tr u tin trong hng i. Kh ng mt nhn vin no mun tm kim mt danh sch cc my in sn sng nhm kim tra xem ci no c t tc v nht trc khi thc hin tc v in. La chn no di y m bn s xem xt nhm ti thiu ha lng thi gian m cc my in tiu tn hon thnh cc ti liu in n cho tt c cc nhn vin tr l? a. Ci t mt my in my in laser th hai vi c ng chng loi v to mt t hp my in. b. Thit da trn danh trng nht s nht s c lp cc u tin my in khc nhau cho mi nhn vin tr l sch do ngi ng u nhm to ra. Nhn vin quan c u tin l 1 cn ngi c vai tr quan trng thp u tin l 99.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 482 LM VIC VI CC MY IN c. Thit lp cc u tin my in khc nhau cho mi nhn vin tr l da trn danh sch do ngi ng u nhm to ra. Nhn vin quan trng nht s c u tin l 99 cn ngi c vai tr quan trng thp nht s c u tin l 1. d. Mua thm cc my in laser tng t v ci t ch ng nh nhng my in chia s ring r trn my ch.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 483

    PHN 4 LM VIC VI CC MY IN QUN L V DUY TR PHN CNG

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 484 QUN L CC TRNH IU KHIN THIT B

    CHNG 11: QUN L CC TRNH IU KHIN THIT B Khi bn lm vic vi mt h iu Server 2003 chng hn, n cha nhiu phn mm ny tuy nh v hu nh bn nhng li gi p bn lm c mi th. dng cc phn cng trn my tnh cn

    hnh phc tp nh Microsoft Windows mnh phn mm phc tp. Nhng kh ng thy s hin din ca n Vi mt h iu hnh, c th s phi c mt phn mm gi l trnh

    iu khin thit b cho mi thit b phn cng. Lm vic vi cc trnh iu khin thit b c th kh ng phi l c ng vic hng ngy nhng cc nhn vin qun tr h thng cn phi cn trng vi ch ng v bn cn phi bit lm g khi n thi im cp nht hoc x l s c. Hon thnh chng ny bn c kh nng: Hiu c mi quan h gia cc thit b phn cng v cc trnh iu khin. Ci t Trnh iu khin Thit b S dng Device Manager hin th v qun l cc thit b phn cng v cc trnh iu khin thit b ca ch ng. X l cc li v trnh iu khin thit b

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 485 QUN L CC TRNH IU KHIN THIT B TNG QUAN V TRNH IU KHIN THIT B Trnh iu khin thit b l mt tp hp phn mm thc hin cc chc nng trn cc thit b c th cho cc hot ng vo ra (I/O - Input/Output). V d, khi mt ng dng chy trn Windows 2003 ghi mt file vo a, n s gi mt hm h iu hnh gi l WriteFile. Hm ny nh ngha mt hot ng c bn nh sau: d liu ti v tr b nh xc nh s c chp ti mt thit b lu tr xc nh c ci t trn my tnh. Tuy nhin, hm WriteFile kh ng bit g v thit b phn cng thc s, n ch lm vic vi thit b kha cnh th tc hon ton c lp vi thit b. thc hin cc hm cho mt thit b c th nhm hon thnh cc tc v, h iu hnh phi gi cc th tc do cc trnh iu khin cung cp cho thit b lu tr. Th ng thng, ng dng s lu gi file trn a cng nhng n cng c th lu gi trn cc a mm hoc cc thit b lu tr khc. Cc trnh iu khin thit b khc nhau s cung cp kh nng truy cp ti cc thit b lu tr m ng dng c th s dng. Cc trnh iu khin thit b cng cung cp kh

    nng truy cp n cc th tc dnh cho cc thit b c th. a cng trong my tnh c th s dng giao din IDE hoc SCSI. a cng c th c sn xut bi hng chc nh sn xut thit b. Trnh iu khin thit b cung cp kh nng truy cp n cc th tc cho mt loi thit b xc nh, chy trn mt nn h iu hnh xc nh. Nh sn xut thit b cng c th a ra cc trnh iu khin thit b cho cc h iu hnh khc v cho cc dng cng khc m h sn xut. Cc chc nng ca trnh iu khin thit b Cc trnh iu khin thit b cung cp hai chc nng c bn sau: Ch ng to s c lp v thit b vi h iu hnh iu ny cho php cc ng dng v cc thnh phn phn mm khc giao tip vi vi phn cng c ci t trn my tnh. Khi mt ng dng gi hm WriteFile, h iu hnh s gi trnh iu khin a cng thc hin cc th tc, cho php a cng nhn d liu t h thng v ghi n vo a Ch ng thao tc vi cc c tnh vt l ca thit b phn cng Khi mt ng dng hay th tc trn h iu hnh gi mt hm no , trnh iu khin thit b c th thay i cu hnh vt l ca thit b phn cng. V d khi bn mun mt ng dng in ti liu theo kiu nm ngang thay v kiu thng ng nh mc nh, trnh iu khin

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 486 QUN L CC TRNH IU KHIN THIT B thit b s chu trch nhim vic thay i cu hnh phn cng ca my in. Hai chc nng ni trn thc s l hai kha cnh ca c ng mt tin trnh nhng trong Windows Server 2003 ch ng c th c thc hin bi cc trnh iu khin khc nhau. Trong trng hp ny, mt trnh iu khin mc thp chu trch nhim lin kt thc s vi phn cng cn mt trnh iu khin mc cao s tng tc vi cc ng dng v cc hm ca h iu hnh. Bn kh ng th nhn thy kh nng ny trong giao din Windows tuy nhin bn kh ng phi tm v ci t hai trnh iu khin ring bit ni trn. CH Thi Cc trnh iu khin v h iu hnh im

    trc khi h iu hnh Windows xut hin, cc trnh iu khin thit b c thc thi bi cc ng dng n l. Khi bn ci t mt sn phm phn mm x l vn bn, bn phi la chn mt trnh iu khin cho dng my in ca bn. K nu bn ci t mt ng dng x l bng tnh (nh Excel by gi chng hn), bn kh ng th s dng c ng mt trnh iu khin . ng dng ny yu cu mt trnh iu khin dnh ring cho n. Windows khc phc c nhng nhc im ni trn bng cch tch hp ch ng vo h iu hnh ch khng s dng ring r cho tng ng dng. Khi bn ci t mt trnh iu khin cho mt my in trn bt k phin bn no ca Windows, tt c cc ng dng chy trn h iu hnh u c th s dng cc hm th tc ca trnh iu khin. Cc thit b v trnh iu khin Mt my tnh bao gm nhiu thit b phn cng, hot ng nh cc thnh phn n l nhng hu ht ch ng u cn mt trnh iu khin thit b. Tuy

    nhin, da trn phng thc hot ng m mt s thit b c chun ho hn cc thit b khc. Thit b cng c chun ho th ch ng cng ph bin v cc nh qun tr h thng cng t quan tm ti vic cp nht hay duy tr. V d, hu ht mi my tnh u c bn phm v mi h iu hnh u cn c trnh iu khin thit b ny. Tuy nhin chc nng hot ng ca bn phm cng nh tn hiu m n trao i vi my tnh u c chun ha v n nh cho nn t khi h iu hnh no cn c trnh iu khin ca bn phm m vn nhn c bn phm. Trng hp duy nht mt trnh iu khin thit b bn phm c bit c yu cu khi bn ang s dng mt phn cng khng bnh thng vi cc kh nng c bit nh mt thit b u vo dnh cho ngi khim th.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 487 QUN L CC TRNH IU KHIN THIT B Cui c ng l hnh nh ca cc thit b nh card mn hnh yu cu cn phi c trnh iu khin c thit k lm vic vi cc thit b phn cng c th. Cc thit b c chng c th gy ra cc vn cho cc qun tr vin h thng, bao gm: Ch ng t c h tr bi h iu hnh H iu hnh Windows 2003 (cng ging nh tt c cc h iu hnh Windows) bao gm mt th vin cc trnh iu khin, cung cp kh nng tng thch vi m t danh sch di cc thit b phn cng ca mi loi. Cc thit b cng ph dng th cng chc chc c h tr bi trnh iu khin h iu hnh. Nhng i vi cc thit b cc c bit nht l cc thit b va sn xut hoc ngoi lung th c th kh ng c trnh iu khin h tr trong Windows hoc kh ng c phin bn gn nht ca trnh iu khin. Trong nhng trng hp ny, bn phi cung cp cho h iu hnh trnh iu khin bn nhn c t nh sn xut thit b. CH Microsoft v cc trnh iu khin thit b Mc d Windows Server 2003 v cc h iu hnh Windows khc cha hng trm cc trnh iu khin thit b cho cc sn phm phn cng khc nhau v mt s t trong ny thc s c to ra bi Microsoft. Microsoft nhn trnh iu khin t nh sn xut thit b v tch hp ch ng c ng vi h iu hnh Windows. V l do ny, khi bn gp vn vi trnh iu khin, bn cn s gi p t pha nh sn xut hn l t pha Microsoft. Kh ng c trnh iu khin ca nh cung cp phn cng Trong mt vi trng hp th cc nh sn xut phn cng pht trin trnh iu khin cho Windows 2003 cho cc thit b ca h sau khi h pht hnh phin bn WindowsXP v h iu hnh ny ch yu d ng cho my trm hoc do h kh ng xem Windows Server 2003 nh l mt phn ca th trng sn phm. Thit b kh ng tng thch hoc hot ng kh ng ng Nhiu thit b thng c hin tng hot ng kh ng ng, iu ny thng xy ra khi m ch ng c iu khin hot ng ch cao hn. V d, cc trnh iu khin card mn hnh c xu hng b tnh trng ny do cc chc nng hot ng phc tp ca ch ng v do nhiu ng dng a ch ng n trng thi gii hn. Cc card mn hnh gn y c thit k cho chc nng chi tr chi in t thng gp trc trc hn so vi cc card mn hnh tch hp trong h

    thng mc thp. Khi trnh iu khin b li, ngi qun tr h thng QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 488 QUN L CC TRNH IU KHIN THIT B phi lin lc trc tip vi nh sn xut thit b phn cng thay th ch ng. Ch ng thng c cp nht nhiu hn so vi cc trnh iu khin ph dng y l mt kt qu tt yu ca tnh cht phc tp, mt s trnh iu khin thng c cp nht nhiu hn so vi cc trnh iu khin khc. Mt ln na, trnh iu khin card mn hnh li l mt v d in hnh. Cc trnh iu khin card mn hnh gn y thng xuyn c nh sn xut cp nht. T y thuc vo thi im thit b phn cng c pht hnh v bn ang s dng phin bn no ca Windows, trnh iu khin i km vi h iu hnh c th c mt vi phin bn c. Trong hu ht cc trng hp, trnh iu khin i km c ng vi Windows gi p bn trong tin trnh ci t nhng bn c th phi ci t cc trnh iu khin cp nht dnh cho thit b nhm t c hiu nng y nht. Tt c cc thit b phn cng c chng nhn s dng cho Windows Server 2003 c lit k trong Windows Server Catalog, lu n sn sng ti a ch www.microsoft.com/windows/catalog/server. Catalog ny thay th cho danh sch lit k cc thit b tng thch (HCL) c s dng trong cc phin bn trc ca Windows. Khi la chn phn cng cho cc my tnh Windows Server 2003, bn cn phi m bo rng cc thit b bn la chn c lit k trong catalog. Trnh iu khin thit b v cc ti nguyn phn cng Mt my tnh c nhn bao gm nhiu thit b phn cng c kt ni (trc tip hoc gin tip) ti bo mch chnh. B vi x l, cc module b nh, a cng, mn hnh v cc thit b khc tt c ch ng u c chc nng duy nht v h thng phi c kh nng lin kt vi mi thnh phn mt cch ring r. thc hin iu ny, mi thit b phi c mt s phng tin h thng c th xc nh tnh duy nht ca n v vy khi my tnh to ra d liu u ra cn hin th trn mn hnh th ch ng phi c chuyn ti card mn hnh ch kh ng phi bn phm hay a cng. c nhn ho cc thnh phn giao tip, PC s dng cc loi ti nguyn phn cng khc nhau (ch ng cn c gi l cc ti nguyn h thng). Mi trnh iu khin thit b c cu hnh s dng cc ngun ti nguyn cho php n lin kt vi thit b phn cng chnh xc v ch thit b m th i. Cc loi ti nguyn phn cng m cc thit b c th s dng gm c: Interupt Request (IRQ) Line (chui yu cu ngt) Mt yu cu ngt cng ging nh tn gi ca n, l mt tn hiu c gi t mt QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 489 QUN L CC TRNH IU KHIN THIT B thnh phn ny ti mt thnh phn khc (th ng thng l t mt thit b ngoi vi ti b vi x l) vi ng th ng bo cho bn nhn rng n nn tm dng cc hot ng hin thi thc hin mt c ng vic khc. V d, mi ln bn n mt phm trn bn phm my tnh, bn phm s gi mt yu cu ngt ti b vi x l th ng bo rng c d liu u vo mi gi ti b vi x l. Mt PC c 16 chui yu cu ngt c thit k cho vic s dng cc thit b phn

    cng khc nhau (mt s c th chia s mt chui yu cu ngt). I/O Address (a ch vo/ra) Mt a ch vo/ra (cn c gi l cng vo/ra) l mt v tr trong b nh c phn b mt thit b phn cng xc nh cho php n trao i th ng tin vi h thng. Mi thit b trong my tnh u c gn mt a ch vo/ra duy nht, cho php h thng lin kt vi cc thit b n l. Direct Memory Access (DMA) channel (knh truy nhp b nh trc tip) Cc knh DMA l cc tuyn ng m mt s thit b s dng ch ng truyn trc tip d liu ti v t b nh h thng m kh ng cn lin quan ti b vi x l. Khi so snh vi cc chui yu cu ngt, th c tng i t thit b (nh cc a mm v cc card m thanh chng hn) s dng cc knh DMA do mi PC ch c 08 knh DMA. Memory address (a ch b nh) Mt vi thit b nh card mn hnh hay card mng chng hn cn c kh ng gian trong b nh cp trn vi mc ch ci t mt BIOS (h thng vo/ra c bn) b sung. Mt thit b thng yu cu ti nguyn phn cng ny l card giao tip SCSI vi BIOS ca chnh thit b ny cho php h thng khi ng t mt a SCSI. Mn hnh qun tr Device Manager trong Windows Server 2003 cho php bn hin th cc ti nguyn phn cng trn my tnh v cc thit b ang s dng ch ng nh hnh v 11-1.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 490 QUN L CC TRNH IU KHIN THIT B

    Hnh 11-1: Cc ti nguyn phn cng ca mt thit b c hin th trong Device Manager Cu hnh cc ti nguyn phn cng mt thit b phn cng c th lin kt c vi my tnh, thit b v trnh iu khin ca n c hai u c cu hnh s dng cc thit lp ti nguyn phn cng chnh xc. V d, khi bn kt ni mt my in ti cng song song LPT1, bn cng phi cu hnh trnh iu khin my in s dng cng LPT1 lin kt vi my in. Nu my in c kt ni vi LPT1 v bn cu hnh trnh iu khin s dng cng LPT2 th s lin kt ni trn s kh ng xy ra v my tnh s kh ng th s dng c my in. Mi quan h gia cc thit lp ti nguyn phn cng dng nh kh n gin khi ch ng ta cp ti vn my in nhng khi ni ti cc thnh phn bn trong ca mt my tnh th vn li kh ng h n gin ch t no. V d, ci t mt card mng trn my tnh thng yu cu mt chui yu cu ngt v mt cng vo/ra. Khi , card phn cng v trnh iu khin card phi c cu hnh s dng c ng mt chui IRQ v cng vo/ra. Ngoi ra, kh ng c bt k xung t no vi thit b khc do s dng c ng chui IRQ v cng vo/ra. C ng l c, bn cn cu hnh c thit b phn cng v trnh iu khin thit b mt cch th c ng. cu hnh card mng, bn c th thit lp cc cu nhy (jumper) trn chnh card ny hoc chy mt chng trnh c bit do nh sn xut cung cp. Tip theo bn ci t trnh iu khin v cu hnh n s dng cc thit lp ti nguyn phn cng ging nh bn cu hnh l c trc. Vi tin trnh ny, mt s vn kh ng ng c th xy ra gm c:

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 491 QUN L CC TRNH IU KHIN THIT B Cc thit lp ti nguyn hn ch Mt s thit b ch c th s dng c mt s ti nguyn phn cng nht nh. V d, mt s card mng c ch c th s dng hai hoc ba IRQ. Nu cc IRQ ny u b s dng th bn phi cu hnh li cc thit b khc hoc s dng mt card khc. Cn kit ti nguyn Khi vn chia s IRQ kh ng cn ph bin, cc chui IRQ cc h thng c trang b y s b chim dng ht bi cc thit b khc dn n tnh trng ngn kh ng cho ci t cc thnh phn mi. Xung t thit b Khi hai thit b c cu hnh s dng c ng ti nguyn h thng, th ng thng mt trong hai s hot ng kh ng chnh xc. Khi la chn cc ti nguyn phn cng cho mt thit b mi bn phi bit c cc ti nguyn c cc thnh phn khc trn my tnh s dng. Plug and Play May mn, nhng li ny c loi tr bi s ra i ca chun Plug and Play (cm l chy) vo nm 1995. Plug and Play (PnP) l mt chun nh ngha cc c tnh ca cc thnh phn my tnh nhm cho php ch ng t ng pht hin v cu hnh phn cng trn mt my tnh. Vi chc nng PnP, tt c cc thnh phn di y phi h tr chun ny: Phn cng h thng Phn cng thit b ngoi vi

    BIOS h thng H iu hnh Hu ht cc thit b phn cng PC c sn xut t nm 1997 v ngy nay tt c u h tr chun PnP. iu ny c p dng cho hu ht cc sn phm BIOS h thng v tt c cc h iu hnh Microsoft k t Windows 95. iu c ngha khi bn ci t mt thit b mi trn mt my tnh chy Windows Server 2003 th hu nh bn kh ng phi quan tm cc ti nguyn h thng cng nh cu hnh thit b. H thng s m nhn mi th (vi gi thit trnh iu khin c sn). Khi bn ci t mt thit b PnP mi, my tnh s thc hin nh sau: Pht hin phn cng mi Ci t trnh iu khin thit b tng ng Xc nh xem thit b yu cu ti nguyn h thng no QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 492 QUN L CC TRNH IU KHIN THIT B D qut h thng xc nh cc ti nguyn phn cng cn trng La chn cc thit lp ti nguyn tng ng cho thit b Cu hnh c thit b ln trnh iu khin thit b s dng cc ti nguyn la chn. Nu kh ng c thit lp ti nguyn no cn trng cho thit b mi s dng, PnP c kh nng cu hnh li mt cch t ng phn cng khc trn my tnh gii phng cc ti nguyn cho thit b mi. Nu Windows Server 2003 kh ng c trnh iu khin, h iu hnh s nhc nh bn cung cp a c cha trnh iu khin hoc tm kim trnh iu khin tng ng. Khi bn ci t mt thit b phn cng mi kh ng h tr chun PnP, Windows Server 2003 c th hoc kh ng th pht hin ra n. T y thuc vo loi thit b m c nhng trng hp sau xy ra: H thng kh ng th pht hin ra thit b mi Nu my tnh vn duy tr trng thi kh ng th ng bo v thit b phn cng mi, bn phi chy Add Hardware Trnh hng dn t Control Panel v xc nh, ci t, cu hnh thit b v trnh iu khin n bng tay. H thng pht hin s hin din ca thit b mi nhng kh ng th xc nh n i khi my tnh pht hin ra s hin din ca thit b phn cng mi nhng kh ng th xc nh loi thit b l g. Mt ln na bn phi la chn bng tay loi thit b, nh sn xut v chng loi th ng qua Add Hardware Trnh hng dn. H thng pht hin thit b mi v xc nh n mc c bn nhng kh ng th xc nh c chng loi c th My tnh c th xc nh c loi phn cng ci t nh card mng chng hn nhng kh ng th xc nh nh sn xut v chng loi ca n v vy bn phi la chn ch ng bng tay trong Add Hardware Trnh hng dn. H thng pht hin v xc nh thit b mi, tip theo ci t v cu hnh trnh iu khin thit b nhng n kh ng th cu hnh chnh bn thn phn cng Nu my tnh xc nh thnh c ng phn cng mi v ci t trnh iu khin thch hp, h thng c th cu hnh trnh iu khin s dng cc thit lp ti nguyn phn cng hin ti ca thit b. Tuy nhin, nu cc thit lp mc nh ca thit b xung t vi cc thnh phn khc ca my tnh th h thng kh ng th cu hnh li phn cng s dng cc thit lp khc. Trong trng hp ny, bn phi cu hnh bng tay cc thit lp ti nguyn cho thit b phn cng. QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003

    493 QUN L CC TRNH IU KHIN THIT B TO CHIN LC DUY TR TRNH IU KHIN Ngoi vic l c u ci t cc trnh iu khin chnh xc, ngi qun tr h thng cng c trch nhim duy tr cc trnh iu khin thit b v cu hnh ca ch ng. Vic cp nht trnh iu khin l c ng vic thng xuyn do nhng thay i hot ng trn h iu hnh v cc thit b phn cng s phn nh nhng thay i mt cch tng ng trong cc trnh iu khin. Trong mt s trng hp, nhng cp nht ny kh ng tng ng vi cc phin bn service pack nh k ca h iu hnh trong khi nhng ci khc lu n sn sng nh cc hotfix (bn v) t trang Web Windows Update. Tuy nhin, trong nhiu trng hp, phn cn li thuc v ngi qun tr h thng nhm kim tra cc phin bn trnh iu khin mi ca cc nh sn xut phn cng khc nhau v quyt nh khi no v c nn ci t ch ng cng nh ai l ngi chu trch nhim ci t. C cp nht hay kh ng? Mt trong nhng cu hi u tin m mt ngi qun tr h thng cn phi cn nhc khi ng trc mt phin bn cp nht trnh iu khin mi l c nn ci t n hay kh ng. Kh ng may cho bn, li ny kh ng th gii quyt bng chnh sch cng v nhanh hoc mt chnh sch no ca c ng ty. Th ng thng cc nh sn xut phn cng xut bn cc bn cp nht trnh iu khin do ba l do sau: Nng cao hiu nng cc c tnh ca phn cng hin ti Trin khai cc tnh nng mi Loi tr cc li trong cc phin bn trc Trong hai trng hp u, vic ci t bn cp nht l mt c ng vic tt nhin do n kh ng gy ra cc li mi. Trong trng hp sau, c th bn phi xem xt k xem cu hnh hin ti ca bn c mc phi nhng li nh nhng g m bn cp nht a ra. Nu kh ng bn c th loi b vic ci t cp nht. Trn tt c, cu hi xem c nn ci t cc cp nht trnh iu khin hay kh ng ph thuc vo cc thit b phn cng, cc chnh sch v danh ting ca nh sn xut. Mt s nh sn xut a ra cc cp nht cho trnh iu khin mt cch thng xuyn v lung tung, thng xuyn gy ra cc li mi trong cc khi sa cha cc li c. iu ny ng trong trng hp mt sn phm phn cng l mi trn th trng vi m trnh iu khin cha c

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 494 QUN L CC TRNH IU KHIN THIT B kim tra mt cch cn thn. Trong nhng trng hp nh vy, trnh iu khin cui c ng c th kh ng phi l tt nht. T ng ci t tt c phin bn trnh iu khin mi c th dn n nhng li hiu nng nghim trng c bit nu bn c cc thit b ging nhau c ci t trn hng trm my tnh. Phng php tt nht dnh cho ngi qun tr h thng l phn loi cc phin bn cp nht trnh iu khin, thc hin vic kim tra ch ng trn cc h thng tng t, cng ging nh khi bn s dng bt k bn cp nht phn mm no, trc khi trin khai ch ng trn cc my tnh ca bn. Ngi s dng, nh qun tr v qu trnh ci t trnh iu khin thit b

    Trong hu ht cc m i trng, phng n thch hp nht cho ngi s dng u cui l h kh ng phi ci t hoc cp nht cc trnh iu khin thit b. iu ny cn l c bit ng trong m i trng mng khi m cc nh qun tr mun duy tr mt cu hnh h thng ng nht trn ton mng. N s lm n gin ha tin trnh duy tr v x l s c cho cc my tnh trn mng do cc nhn vin h tr k thut kh ng cn phi kim tra mi h thng xc nh xem cc cp nht c ci t cha. Tuy nhin, vic cp nht cc trnh iu khin thit b thng l kh khn hn khi trin khai trn mt lng ln my tnh so vi vic cp nht cc phn mm. i khi bn cn ci t trnh iu khin trn mi my tnh ring l v cc nh qun tr kh ng c thi gi hoc s kin nhn di chuyn ti tt c cc my tnh nhm cu hnh cc thit b v trnh iu khin ca ch ng. Windows Server 2003 bao gm cc t y chn trnh iu khin c xc nhn (driver signing), kh nng gn cc quyn ci t trnh iu khin cho cc ngi s dng thch hp, to ra mt m i trng mm do trong vic cu hnh thit b v ci t trnh iu khin. Kim sot truy cp trnh iu khin thit b i vi hu ht cc c ng vic ci t, cc thnh vin nhm Administrators u c quyn hn kh ng hn ch trong vic ci t bt k thit b phn cng no cng nh cc trnh iu khin ca ch ng. S d nh vy l v nhm Administrators nhn c quyn hn ngi s dng Load And Unload Device Drivers (ci t v g b cc trnh iu khin thit b) th ng qua cc chnh sch cc b hoc th ng qua GPO Default Domain Controllers. Tuy nhin, cc thnh vin ca nhm Users v Domain Users kh ng c gn quyn hn ny nn h s b hn ch quyn thc hin cc c ng vic trn. Mc

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 495 QUN L CC TRNH IU KHIN THIT B nh, ngi s dng ch c th ci t cc thit b PnP vi iu kin cc yu cu sau phi c p ng: Trnh iu khin phi c mt ch k s ha (y l c tnh chng t rng trnh iu khin ny c hng Microsoft tin hnh th nghim v kim tra) Kh ng c nhng i hi yu cu Windows hin th giao din cho php ci t thit b. Trnh iu khin thit b c sn trn my tnh. Vi nhng yu cu ny c ngha ngi s dng c th ci t cc my in v cc thit b USB v IEEE 1394 (FireWire). Nu c bt k mt iu kin no ni trn kh ng p ng, ngi s dng kh ng th ci t thit b nu h kh ng c gn thm quyn. Cc la chn trnh iu khin c xc nhn Tt c cc trnh iu khin thit b v cc file h iu hnh trn Windows Server 2003 u c mt ch k s ha ca Microsoft. iu ny xc nhn rng ch ng c kim tra v cha b thay i k t khi nh sn xut to ra. c tnh ny c a ra nhm ngn chn kh ng cho can thip v thay i cc trnh iu khin thit b v cc phn mm khc khi ngi s dng ci t cc on m cha c xc thc nh virus, Trojan horses chng hn. Ch ng cng xc nhn rng thit b ny l hon ton tng thch vi h iu hnh. Cc trnh iu khin thit b do cc hng sn xut th ba cung cp c th hoc kh ng c xc nhn. Trong Windows Server 2003, bn c th iu khin my tnh s phn ng ra sao khi bn ci t cc file cha trnh iu khin cha c xc nhn. thc hin iu ny, truy cp vo my tnh bng ti khon Administrator,

    kch p vo System trong Control Panel sau la chn th Hardware trn hp thoi System Properties. Nhp Driver Signing hin th hp thoi Driver Signing Options (nh hnh v 11-2).

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 496 QUN L CC TRNH IU KHIN THIT B

    Hnh 11-2: Hp thoi Driver Signing Options Cc la chn trn hp thoi ny gm c: Ignore (b qua) Cho php ci t tt c cc trnh iu khin thit b ln my tnh bt k ch ng c c xc nhn hay kh ng. La chn ny ch cho php khi bn truy cp vo h iu hnh vi ti khon l thnh vin ca nhm Administartors. Warn (cnh bo) Hin th cnh bo khi chng trnh ci t hoc Windows ci t mt trnh iu khin thit b kh ng c ch k s ha. Tip theo ngi s dng c th la chn hoc tip tc hoc ngng ci t. y l la chn mc nh. Block (kha) ngn kh ng cho php ci t cc trnh iu khin thit b kh ng c ch k s ha. CH Mc tiu ca k thi Cc mc tiu cho k thi 70-290 yu cu cc hc vin c kh nng cu hnh cc la chn v trnh iu khin c xc nhn Khi bn truy cp h iu hnh bng ti khon l thnh vin ca nhm Administartors, th ny cn c hp kim tra Make This Action The System Default (s dng la chn ny nh thit lp mc nh ca h thng). Khi

    la chn hp kim tra ny c ngha l la chn bn chn trn tr thnh thit lp mc nh cho tt c ngi s dng truy cp vo h thng. Ngoi ra cu hnh bng tay cc la chn v trnh iu khin c xc nhn cho cc my tnh n l, bn c th s dng cc chnh sch nhm bt buc tt c hoc mt phn cc my tnh trn mng. Trong bng iu khin Group Policy Object Editor, tr ti th mc User Configuration/Administrative Templates/System. y bn s thy mt chnh sch c tn l Code Signing For Device Drivers. Khi bn m hp QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 497 QUN L CC TRNH IU KHIN THIT B thoi Code Signing For Device Drivers Properties, nh hnh v 11-3, bn c th thy cc la chn ging trong hp thoi Driver Signing Options.

    Hnh 11-3: Hp thoi Code Signing For Device Drivers Properties S DNG TRNH HNG DN ADD HARDWARE Trnh hng dn Add Hardware c thit k gi p bn tng bc trong qu trnh ci t v cu hnh thit b phn cng mi v cc trnh iu khin thit b. Tuy nhin trnh hng dn (Wizzard) bt u nh th no v vic tng tc c yu cu t pha ngi s dng ra sao li ph thuc vo bn cht ca thit b phn cng c ci t. Trong hu ht cc trng hp, trnh hng dn c khi to khi h thng pht hin mt thit b phn cng mi hoc th ng qua PnP hoc th ng qua tin trnh pht hin phn cng mc nh ca h iu hnh. CH Mc tiu ca k thi Cc mc tiu cho k thi 70-290 yu cu cc hc vin c kh nng ci t v cu hnh cc thit b phn cng my ch Vi cc thit b PnP, trnh hng dn thng kh ng tng tc vi ngi s dng. H thng s hin th mt s ch th tin trnh khi n xc nh v nhn din phn cng mi. K n s ci t v cu hnh trnh iu khin thit b. Nu Windows Server 2003 kh ng cha trnh iu khin thit b, trnh hng dn s nhc nh bn cung cp hoc tm kim n. Nu h thng kh ng th xc nh thit b, trnh hng dn s gi p bn xc nh chng loi thit

    b, nh sn xut v kiu. QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 498 QUN L CC TRNH IU KHIN THIT B Nu h thng kh ng pht hin s hin din ca thit b phn cng mi, bn c th khi to trnh hng dn bng tay theo cc cch sau: La chn Add Hardware trong Control Panel. M hp thoi System Properties, la chn th Hardware v nhp vo Add Hardware Wizard. Khi bn nhp Next b qua trang Welcome ca trnh hng dn, h thng s thc hin mt tin trnh pht hin phn cng PnP. Nu h thng kh ng pht hin ra c bt k phn cng mi no, trang Is The Hardware Connected? xut hin nh hnh v 11-4 nhc nh bn xc nh xem bn c ci t phn cng mi kh ng. y l mt cu hi th thut: nu bn la chn No, I Have Not Added The Hardware Yet (kh ng, t i kh ng thm phn cng no c) v nhp Next th trnh hng dn s dng li, hng dn bn ci t phn cng v chy li trnh hng dn. Trong thc t, bn c th ci t mt s loi phn cng m kh ng cn s hin din thc s ca ch ng. V d, bn c th ci t mt my in cc b v trnh iu khin trc khi kt ni my in vt l n my tnh.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 499 QUN L CC TRNH IU KHIN THIT B

    Hnh 11-4: Trang Is The Hardware Connected? ca Wizard Nu bn la chn Yes, I Have Already Connected kt ni thit b phn cng vo my tnh) v hin th mt trang lit k tt c cc thit b tnh nh hnh v 11-5. ci t thit b mi, trong danh sch v la chn Add A New Hardware

    Add Hardware The Hardware (vng, t i nhp Next, trnh hng dn s phn cng c ci t trn my di chuyn xung pha di Device v nhp Next.

    Hnh 11-5: Hp danh sch Installed Hardware trn Add Hardware Wizard CH X l s c thit b phn cng Danh sch cc thit b c ci t cung cp chc nng c bn khc ca trnh hng dn l kh nng x l s c vi cc thit b phn cng sn c trn h thng. bit thm th ng tin v qu trnh x l s c trn phn cng v trnh iu khin thit b, xem phn X l s c cc thit b v trnh iu khin phn sau ca chng ny. Trong trang k tip, xem hnh v 11-6, bn cn xc nh xem bn mun trnh hng dn tm kim phn cng mi hoc la chn phn cng t mt danh sch. iu ny dng nh hi k cc do trnh hng dn thc s chy th ng qua mt tin trnh pht hin phn cng ngay sau khi khi to. Tuy nhin l i vi cc thit b PnP. Vi cc thit b kh ng phi PnP, bn cn la chn Search For And Install The Hardware Automatically khi to qu trnh tm kim.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 500 QUN L CC TRNH IU KHIN THIT B

    Hnh 11-6: La chn pht hin phn cng Add Hardware Wizard Nu trnh hng dn kh ng th xc nh c phn cng mi ca bn hoc nu bn la chn Install The Hardware That I Manually Select From A List v nhp Next, mt trang xut hin cho php bn la chn chng loi thit b t danh sch bao gm cc phn cng th ng dng nh hnh v 11-7. La chn loi thit b m bn mun ci t v nhp Next.

    Hnh 11-7: Hp Common Hardware Types trong Add Hardware Wizard T y thuc vo loi phn cng bn la chn, bn c th nhn thy thm mt trang pht hin phn cng nhng cui c ng trnh hng dn s hin th mt trang ging nh hnh v 11-8. y bn c th la chn nh sn xut thit b phn cng v dng sn phm c th. Tt c cc thit b phn cng c lit k u c cc trnh iu khin i km vi h iu hnh. Nu thit b phn cng ca bn kh ng c trong danh sch lit k, bn phi nhp vo Have Disk v xc nh v tr cc file cha trnh iu khin thit b.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 501 QUN L CC TRNH IU KHIN THIT B Hnh 11-8: Mt trong nhng danh sch la chn phn cng ca Add

    Hardware Wizard Mt khi bn xc nh chnh xc thit b phn cng cn ci t, trnh hng dn s hin th cc iu khin theo loi thit b bn s xc nh xem h thng truy cp ti phn cng nh th no. V d, nu bn ci t mt modem, trnh hng dn s nhc nh bn cng COM m modem s dng. Trong mt s trng hp nu trnh hng dn kh ng th xc nh phn cng bn la chn, n s ci t trnh iu khin thit b bng cch s dng cc thit lp mc nh. Tip theo bn c th phi cu hnh li trnh iu khin bng tay trc khi h thng c th lin kt vi thit b. Khi trnh hng dn hon thnh, thit b mi c a vo cu hnh phn cng ca my tnh. Bn c th truy cp c ti n hoc kh ng. Bn c th lm vic vi bt k thit b phn cng no c ci t trn my tnh cng nh trnh iu khin ca ch ng th ng qua mn hnh qun tr Device Manager c m t trong phn tip theo. S DNG DEVICE MANAGER Device Manager l mt c ng c qun tr phn cng v trnh iu khin thit b ch yu trn h iu hnh Windows Server 2003. Mc d n kh ng xut hin trong mn hnh mc nh (xem hnh v 11-9) nhng Device Manager l mt MMC snap-in m bn c th truy cp theo cc cch khc nhau: Nhp Start, tr ti Control Panel v la chn System. Trong hp thoi System Properties, la chn th Hardware v tip theo nhp Device Manager. Nhp Start, tr ti Administrative Tools ri la chn Computer Management. Trong mn hnh qun tr Computer Management la chn biu tng Device Manager. M hp thoi Run, g mmc trong hp vn bn Open v nhp Enter m mt ca s trng MMC. K t thc n File chn Add/Remove Snap-in v thm snap-in Device Manager vo mn hnh qun tr.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 502 QUN L CC TRNH IU KHIN THIT B

    Hnh 11-9: Mn hnh qun tr Device Manager Mc nh, mn hnh hin th Device Manager c b tr theo dng phn cp vi my tnh mc gc v cc loi phn cng khc nhau bn di mc gc. M rng mt trong cc thit b trong mn hnh ny bn s thu c mt danh sch tt c cc thnh phn c ci t trn my tnh. Cc thnh phn c cu hnh v hot ng tt s xut hin mt biu tng biu din chng loi ca thnh phn ny. Khi c li vi mt thit b, biu tng s c thay i theo cc cch di y (xem hnh v 11-10) Mt du cm thn mu vng ch th rng thit b cha c ci t, cha c cu hnh chnh xc hoc cha ci t trnh iu khin. Du hi mu vng Ch th rng kh ng th xc nh c thit b. Du X mu ch th rng thit b b v hiu ha

    Hnh 11-10: Cc biu tng trong Device Manager Device Manager c kh nng hin th th ng tin theo bn ch : Sp xp cc thit b theo chng loi Hin th mt danh sch cc loi thit b, cho php bn m rng hin th mt danh sch cc thit QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 503 QUN L CC TRNH IU KHIN THIT B b theo tng loi. Manager. y l mn hnh hin th mc nh ca Device

    Sp xp cc thit b theo kt ni Hin th mt danh sch cc kt ni m cc thit b phn cng s dng lin kt vi my tnh. M rng mt kt ni s hin th mt danh sch cc thit b s dng kt ni . V d, kt ni PCI Bus cha cc biu tng cho tt c cc card m rng v cc thit b khc kt ni ti PCI Bus ca h thng.

    Sp xp cc ti nguyn theo chng loi Hin th mt danh sch cc loi ti nguyn gm c Direct Memory Access (truy cp b nh trc tip), Input/Output (cng vo/ra), Interrupt Request (yu cu ngt) v Memory (b nh). y bn c th m rng hin th mt danh sch cc ti nguyn ring l ca mi loi v cc thit b ang s dng ch ng.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 504 QUN L CC TRNH IU KHIN THIT B

    Sp xp cc ti nguyn theo kt ni Hin th mt danh sch cc loi ti nguyn gm c Direct Memory Access (truy cp b nh trc

    tip), Input/Output (cng vo/ra), Interrupt Request (yu cu ngt) v Memory (b nh). y bn c th m rng hin th kt ni c kt hp vi mi ti nguyn ring l v thit b s dng mi kt ni .

    Bt k bn s dng ch hin th no ca Device Manager, bn cng c th la chn bt k mt trong cc thit b ca my tnh v lm vic vi phn cng cng nh trnh iu khin thit b ca n nh m t trong cc phn di y. CH Qun tr thit b t xa Cng ging nh cc snap-in MMC khc, Device Manager c th lm vic vi h thng cc b hoc vi h thng khc trn mng.Tuy nhin khi Device Maneger c kt ni ti mt my tnh khc trn mng, n ch hot ng ch read-only. Bn c th xem th ng tin v thit b phn cng trn my tnh xa v trnh iu khin ca n nhng bn kh ng th thay i ch ng. c th thay i, bn phi chy Device Manager t mn

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 505 QUN L CC TRNH IU KHIN THIT B hnh qun tr ca my tnh xa hoc s dng dch v Desktop hoc Terminal Services. CH Mc tiu ca k thi Cc mc tiu cho k thi 70-290 yu cu cc hc vin phi c kh nng gim st phn cng my ch. Cc c ng c gm c Device Manager, Hardware Troubleshooting Wizard v cc mc tng ng trong Control Panel . Cho php v v hiu ha cc thit b Bng cch la chn mt thit b trong Device Manager v chn Disable t thc n Action bn c th lm cho thit b kh ng hot ng cho n khi bn kch hot n bng tay. Cc thit b v hiu ha xut hin trong Device Manager vi ch X mu trn biu tng ca ch ng. V hiu ha mt thit b kh ng lm nh hng n thit b , ch c trnh iu khin b v hiu ha ngn kh ng h thng truy cp vo n. Mt s thit b nh b vi x l chng hn kh ng th v hiu ha v trong mt s trng Remote

    hp bn c h thng hng dn khi ng li my tnh c th v hiu ha hon ton thit b. Mt khi bn khi ng li my tnh sau khi v hiu ha thit b, cc ti nguyn h thng m n ang s dng s c gii phng ra khi h thng v c th c gn li cho cc thit b khc nu h thng thy cn thit. Khi bn kch hot thit b tr li (bng cch la chn Enable t thc n Action), n c th s dng cc ti nguyn phn cng kh ng ging vi nhng ti nguyn m trc n s dng. G b cc trnh iu khin thit b Bng cch la chn mt thit b v chn Uninstall t thc n Action, bn c th g b trnh iu khin thit b ra khi h thng. nh hng ca vic g b ny ph thuc vo thit b c ci t nh th no trong ln u tin: Nu thit b c ci t bng tin trnh PnP G b thit b kiu ny s loi b trnh iu khin thit b v xa hon ton thit b phn cng ra khi Device Manager. Tuy nhin, nu phn cng vn hin din v mt vt l trn my tnh th PnP s ci t li n ti ln khi ng k tip, hay khi bn chn Scan For Hardware Changes (qut nhng thay i phn cng) t thc n Action hoc chy Add Hardware Wizard. Nu bn ci t thit b bng tay th ng qua Add Hardware Wizard G b thit b s loi b trnh iu khin nhng bn thn thit b QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 506 QUN L CC TRNH IU KHIN THIT B vn hin din trong Device Manager. Biu tng ca thit b s xut hin vi du cm thn. CH Phng php khc g b cc trnh iu khin Bn cng c th g b mt trnh iu khin thit b bng cch nhp Uninstall trn trang Driver hp thoi Properties ca thit b. Qun l cc c tnh thit b Khi bn la chn mt thit b trong Device Manager t thc n Action v la chn Properties, hp thoi Properties xut hin. Hp thoi ny cha cc th vi cc n t iu khin c b tr cho php bn qun l v cu hnh thit b cng nh trnh iu khin ca n. Ni dung ca hp thoi Properties c th thay i t y thuc vo loi thit b v trnh iu khin nhng hu ht cc thit b c t nht bn th c m t trong danh sch di y. CH Mc tiu ca k thi Cc mc tiu cho k thi 70-290 yu cu hc vin c kh nng cu hnh cc c tnh v cc thit lp thit b General (cc c tnh th ng thng) hin th th ng tin v thit b gm c chng loi, hng sn xut, v tr v trng thi hot ng hin ti. N cng bao gm cc iu khin cho php, v hiu ha v x l s c i vi thit b.

    Advanced (nng cao) Cha cc iu khin theo thit b do trnh iu khin thc hin. Kh ng phi l c ny cng tn ti th ny d i khi gi n l cc thit lp nng cao.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 507 QUN L CC TRNH IU KHIN THIT B

    Driver (trnh iu khin) Hin th th ng tin v trnh iu khin thit b gm c tn nh cung cp, ngy sn xut, phin bn, tn file v cng cha cc iu khin cho qu trnh cp nht, phc hi phin bn trc v g b trnh iu khin.

    Resources (cc ti nguyn) Hin th cc ti nguyn phn cng hin ang c cc thit b s dng v trong cc iu kin c th n cung cp cc iu khin thay i cu hnh ti nguyn. Th ny kh ng phi l c no cng tn ti.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 508 QUN L CC TRNH IU KHIN THIT B

    Cp nht trnh iu khin cp nht trnh iu khin thit b, bn m hp thoi Properties ca thit b trong Device Manager, la chn th Driver v nhp vo Update Driver. ng tc ny s khi to Hardware Update Wizard cho php bn xc nh v tr cc trnh iu khin cp nht m bn mun ci t hoc tm kim n. cp nht mt trnh iu khin thit b, bn phi c quyn ging nh khi ci t n ln u tin nh thnh vin ca nhm Administrators hoc c quyn hn ngi s dng Load And Unload Device Drivers (ci t v g b cc trnh iu khin thit b) chng hn. CH Cc cp nht trnh iu khin kh ng cn quyn thch hp Mt trng hp ngoi l i vi nhng yu cu v quyn khi cp nht cc trnh iu khin thit b l khi bn nhn ch ng qua Windows Update Web site. Vi trng hp ny, bt k ngi s

    dng no cng c th ci t mt trnh iu khin thit b. Khi bn la chn Install From A List Or Specific Location (ci danh sch hoc mt v tr xc nh) trn trang Welcome dn, n s cung cp cho bn mt trang nh trong hnh v 11-11 th xc nh v tr m trnh hng dn s tm kim cc trnh iu cho php bn la chn mt trnh iu khin t mt danh sch. t t mt ca trnh hng bn c khin hoc

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 509 QUN L CC TRNH IU KHIN THIT B

    Hnh 11-11: Cc la chn cp nht trnh iu khin Thay v tm kim trnh iu khin, bn cng c th la chn Dont Search (kh ng tm kim) v bn s nhn c mt trang nh hnh v 11-12. Trang ny lit k tt c cc trnh iu khin sn c trn h iu hnh v tng thch vi phn cng la chn. Bn cng c th nhp vo n t Have Disk xc nh mt v tr khc cha trnh iu khin.

    Hnh 11-12: La chn mt trnh iu khin cp nht Khi trnh hng dn hon thnh tin trnh ci t trnh iu khin cp nht, bn c th nhn c yu cu khi ng li my tnh t y thuc vo loi thit b lin quan. Phc hi trnh iu khin thit b c Trong mt s trng hp, bn nhn thy rng trnh iu khin bn cp nht gn y kh ng hot ng nh mong mun v vy bn mun quay tr li phin bn m bn s dng trc y. Rt may mn, khi bn s dng

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 510 QUN L CC TRNH IU KHIN THIT B Device Manager cp nht mt trnh iu khin thit b, Windows Server 2003 t ng gi li mt phin bn ca cc file c thay th. quay tr li vi phin bn ci t trc ca trnh iu khin, bn m hp thoi Properties ca thit b v trn th Driver la chn Roll Back Driver. Qun l cc ti nguyn phn cng Mc d iu ny kh ng xy ra thng xuyn nhng bn c th cn cu hnh bng tay cc ti nguyn phn cng m mt thit b Windows Server 2003 s dng. iu ny ch thc s cn thit khi bn buc phi ci t mt phn cng c kh ng h tr chun PnP nh card m rng ISA chng hn. lm vic vi cc ti nguyn phn cng trn Device Manager, bn m hp thoi Properties ca mt thit b v la chn th Resources nh hnh v 11-13.

    Hnh 11-13: Th Resources trn hp thoi Properties ca mt thit b CH Mc tiu ca k thi Cc mc tiu cho k thi 70-290 yu cu cc hc vin c kh nng cu hnh cc thit lp ti nguyn cho thit b. Trn th ny, hp Resource Settings xc nh cc ti nguyn m thit b hin nay ang s dng theo loi v theo thit lp. Vi cc thit b ci t s dng

    PnP, th Resources ch mang tnh cht cung cp th ng tin. Bn kh ng th thay i cu hnh ti nguyn trn . Vi cc thit b cu hnh bng tay, bn c th thay i cc thit lp ti nguyn m trnh iu khin s dng. thay i cc thit lp ti nguyn ca mt thit b, bn phi xa hp kim tra Use Automatic Settings cho php cc iu khin khc trn th. K bn c th s dng danh sch th xu ng Settings Based On la chn mt

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 511 QUN L CC TRNH IU KHIN THIT B cu hnh phn cng c thit lp trc nu c bt k ci no c th. Bn cng c th thay i thit lp cho bt k ti nguyn no c lit k trong hp Resource Settings bng cch la chn n, nhp vo Change Settings v chn mt gi tr khc. Nu bn xc nh mt thit lp ti nguyn tr ng vi ci m mt thit b khc hin ang s dng th thit b s xut hin trong hp danh sch Conflicting Device. Bn phi la chn cc ti nguyn cha c s dng nhm ngn kh ng cho xy ra tnh trng cc thit b xung t hot ng kh ng ng chc nng. CNH BO Xc nh ti nguyn bng tay Mt khi bn cu hnh th c ng cc ti nguyn cho mt trnh iu khin thit b, cc ti nguyn ny c cp pht mt cch c nh. PnP kh ng th s dng cc thit lp ny khi cu hnh cho cc thit b khc thm ch gii phng cc ti nguyn xc nh do cc thit b khc s dng. S DNG CONTROL PANEL Device Manager cung cp mt c ng c truy cp ton din ti phn cng cng nh trnh iu khin thit b ca mt my tnh nhng kh ng phi l phng tin duy nht. Windows Server 2003 lu tr thc s th ng tin v phn cng v trnh iu khin trong Windows Registry v cc c ng c nh Device Manager chng hn ch l giao din mt trc cung cp truy cp n d liu registry. Mt c ng c khc trong Windows Server 2003 cng cho php truy cp n th ng tin registry thn thin hn l Control Panel. Mt s ng dng trong Control Panel cho php truy cp n phn cng v d liu cu hnh trnh iu khin i vi cc thnh phn h thng khc nhau. Giao din ny kh ng nht qun v y nh Device Manager nhng ngi s dng c th truy cp ti mt s cc trnh iu khin thit b quan trng hn trn h thng theo cch ny. Cc ng dng trong Control Panel cung cp kh nng truy cp ti cc trnh iu khin thit b nh sau: Add Hardware (thm thit b phn cng) Cho php ngi s dng truy cp ti Add Hardware Wizard (nh m t phn trn trong chng ny) ci t trnh iu khin thit b mi v x l s c i vi nhng ci sn c. Display (hin th) Cho php ngi s dng truy cp ti cc trnh iu khin thit b ca video card v mn hnh ca my tnh thay i cc c tnh nh phn gii mn hnh v su mu sc.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 512 QUN L CC TRNH IU KHIN THIT B Game Controllers (b iu khin tr chi) Cho php truy cp ti

    cc trnh iu khin thit b dnh cho bt k b iu khin tr chi no c ci t trn my tnh. Keyboard (bn phm) Cho php truy cp ti cc trnh iu khin thit b dnh cho bn phm c ci t trn my tnh. Mouse (chut) Cho php truy cp ti cc trnh iu khin thit b dnh cho chut hoc thit b con tr khc c ci t trn my tnh. Network Connections (cc kt ni mng) Cho php truy cp ti cc trnh iu khin thit b dnh cho cc card mng c ci t trn my tnh. Phone And Modem Options (cc la chn v in thoi v modem) Cho php truy cp ti cc trnh iu khin thit b dnh cho bt k modem no c ci t trn my tnh. Printers and Faxes (my in v my fax) Cho php truy cp ti cc trnh iu khin thit b dnh cho cc my in c ci t trn my tnh. Scanners and Cameras (my qut v my nh) Cho php truy cp ti cc trnh iu khin thit b dnh cho cc my qut v my nh c ci t trn my tnh. Soundss and Audio Devices (m thanh v cc thit b audio) Cho php truy cp ti cc trnh iu khin thit b dnh cho cc card m thanh v cc thnh phn lin quan ti m thanh khc c ci t trn my tnh. System Cho php truy cp ti hp thoi Properties gm c Device Manager, Add Hardware Wizard v cc iu khin v xc nhn trnh iu khin. Trong hu ht cc trng hp, Control Panel cng nh Device Manager Properties. Cc iu u cung cp kh nng truy cp ti c ng hp thoi khin ny cng b hn ch v mt truy cp nh Device Manager.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 513 QUN L CC TRNH IU KHIN THIT B X L S C CC THIT B V TRNH IU KHIN i khi, bn c th gp nhng rc ri vi cc thnh phn phn cng v trnh iu khin thit b c bit nu bn lm vic vi cc thit b kh ng tun theo chun PnP. Windows Server 2003 cung cp cho ngi s dng mt s c ng c bn c th x l nhng li ny. Mt s c ng c ni trn c m t trong cc phn di y. Cc m trng thi ca Device Manager Khi mt thit b hoc trnh iu khin ca n hot ng kh ng ng, Device Manager th ng thng s pht hin ra li v thay i biu tng thit b nhm th ng bo vi ngi s dng v tnh trng li ca thit b. Tuy nhin bn c th nhn c nhiu th ng tin hn v tnh trng li ca thit b nu bn m hp thoi Properties ca thit b. Trn th General, hp Status thng m t v li xy ra i vi thit b v km theo c th l mt

    Device

    m li. Bng 11-1 sau m t cc m li thng xy ra v phng php x l s c tng ng. Bng 11-1: Cc m li trong Device Manager

    3 M li Ch gii Thit b ny kh ng c cu hnh chnh xc

    Trnh iu khin thit b ny c th b hng hoc h thng ca bn ang trong tnh trng b nh hoc cc ti nguyn khc thp Phng php x l s c S dng Update Driver cp nht trnh iu khin thit b. Nu kh ng c sntrnh iu khin no c gng g b thit b ra khi Device Manager, sau khi ng li h thng v ci t li thit b. Trnh iu khin c th b hng. Nu bn c gng ti mt file b hng, h thng c th ngh rng n cn nhiu b nh hn. S dng c ng c Task Manager xc nhn rng h thng ca bn kh ng trong tnh trng b nh

    thp. Nu b nh vn , s dng Update Driver ci t mt bn sao khc ca trnh iu

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 514

    10 QUN L CC TRNH IU KHIN THIT B khin y. Thit b kh ng th khi ng Kim tra xc nhn rng phn cng c ci t chnh xc trn my tnh. Nu ng, chy Hardware Update Wizard v s dng n t Update Driver nhng kh ng cho php Windows Server 2003 t ng pht hin thit b. Thay vo la chn Install From A List Or Specific Location (ci t t mt danh sch hoc mt th mc xc nh) v tr trnh hng dn ti trnh iu khin tng ng. 12

    Cc li khc

    T y thuc vo tng trng hp La chn th Resources trn hp thoi Properties cha cc li. Windows Server 2003 s pht hin c cc thnh phn ang xung t vi thit b. Bn cn v hiu ha hoc g b thnh phn xung t ny. Sau bn c th ci t li thit b m bn va g b v xem h thng c gn ti nguyn khc cho n kh ng. Nu kh ng, bn phi gn ti nguyn cho n mt cch th c ng. Hu ht cc li khc u lin quan ti trnh iu khin kh ng tng thch hoc cu hnh trnh iu khin kh ng chnh xc. C gng s dng mt trnh iu khin khc hoc g b thit b ra khi Device Manager v ci t li n.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 515 QUN L CC TRNH IU KHIN THIT B S dng cc c ng c x l s c phn cng Trong cc phn trc ca chng ny, bn thy rng Add Hardware Wizard cho php bn la chn thnh phn c ci t trn my tnh bng cch

    Thit b ny kh ng th tm c ti nguyn trng s dng. Nu bn mun s dng thit b ny, bn cn v hiu mt trong cc thit b khc trn h thng ny.

    s dng mt giao din nh hnh v 11-14. Hp danh sch Installed Hardware hin th trong trnh hng dn lu n lu n bt u vi cc thit b c vn . V vy bn c th trnh hng dn ny x l mt thit b hot ng kh ng chnh xc. Khi bn la chn mt mc trong hp danh sch Installed Hardware, trnh hng dn s hin th trng thi hin ti ca n v cho php bn bt u tin trnh x l. i khi trnh hng dn gi p bn tm thy nguyn nhn ca li.

    Hnh 11-14: Danh sch phn cng ci t trong Add Hardware Wizard Cc c ng c x l s c trn Windows Server 2003 c thc hin trong Help And Support Center nh hnh v 11-15. Mn hnh xut hin t y thuc vo li trn thit b v trng thi hin ti ca phn cng. V d, mt c ng c x l s c th ng thng s hi bn xc nhn rng thit b c nm trong HCL (danh sch phn cng tng thch) trn Windows Server 2003 v tip theo hi bn gn y c ci t trnh iu khin thit b mi kh ng. Tip theo c ng c x l c th cung cp cc hng dn gi p bn x l nhng rc ri trn thit b nh s dng li trnh iu khin c hoc ci t li thit b chng hn.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 516 QUN L CC TRNH IU KHIN THIT B

    Hnh 11-15: Mn hnh x l s c phn cng trn Windows Server 2003 Phc hi trng thi t Device Disaster (thm ha thit b) i khi, vic ci t hoc nng cp mt trnh iu khin thit b c th gy ra nhng li nghim trng trn h thng ca bn. T y thuc vo s quan trng ca thit b m nh hng ca n c th l t mc kh ng ng k n mc cc k nguy him. iu ny c bit ng i vi cc thnh phn h thng li nh cc trnh iu khin mn hnh chng hn bi v cu hnh li c th lm cho my tnh ca bn kh ng th s dng c. Quay tr li trnh iu khin c rt kh khn do bn kh ng th nhn thy mn hnh. Windows Server 2003 cung cp nhiu phng php cho php bn phc hi h thng do nhng li lin quan n trnh iu khin. Cc c ng c c thit k cho cc mc ch khc nhau. Bn c th s dng cc c ng c sau phc hi li do qu trnh ci t trnh iu khin: Driver Rollback (s dng li trnh iu khin c) Nh cp trn, s dng li phin bn trnh iu khin c l phng php d dng gii quyt li do trnh iu khin sai. Tt nhin bn phi c quyn h thng s dng Device Manager v thc hin chc nng ny. Last Known Good Configuration (cu hnh tt nht m bn s dng trong ln gn y nht) c s dng khi mt thit b cp nht trnh iu khin yu cu khi ng li v my tnh kh ng th khi ng n im cho php bn ng nhp vo h iu hnh. Khi bn thay i cc trnh iu khin, h thng yu cu khi ng li nhng li nm trong tin trnh khi ng, bn c th nhn phm F8 khi h thng khi ng li v la chn Last Know Good QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 517

    Configuration QUN L CC TRNH IU KHIN THIT B phc hi kha registry:

    HKLM\System\CurrentControlSet tr v gi tr bn u cha thng tin v trnh iu khin c. Nu li trnh iu khin kh ng t xy ra cho n khi bn ng nhp thnh c ng vo h thng (iu ny thng xy ra i vi nhng cp nht trnh iu khin mn hnh) th la chn ny t khi c s dng. Bi v, mt khi bn ng nhp thnh c ng vo h thng th cu hnh ln cui c ng tt s b ghi ln ngay. Safe Mode (ch an ton) Nu mt tin trnh ci t trnh iu

    khin thit b lm cho my tnh hot ng kh ng chnh xc, nhp F8 khi h thng khi ng li v chn ch Safe Made. Ch ny lm cho Windows Server 2003 khi ng vi mt cu hnh ti thiu v ch c cc trnh iu khin thit b cn cho tin trnh khi ng v ng nhp. Mt khi h thng ang chy trong ch Safe Mode bn c th s dng Device Manager v hiu ha thit b gy ra li. Recovery Console (mn hnh phc hi h thng) Khi c Last Know Good Configuration ln Safe Mode u kh ng th gi p bn ng nhp vo h thng th Recovery Console s gi p bn ng nhp v truy cp ti mt phn hn ch cc file h thng t ch dng lnh. T Recovery Console, bn c th v hiu ha li nhng lm c iu bn phi bit chnh xc tn cu thit b hoc trnh iu khin (hoc c hai).

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 518

    TNG KT QUN L CC TRNH IU KHIN THIT B Cc trnh iu khin thit b l cc phn mm cho php cc ng dng v h iu hnh lin kt vi cc thit b phn cng xc nh. Mi thit b phn cng m bn ci t trn my tnh u phi c mt trnh iu khin tng ng c thit k cho h iu hnh m my tnh ca bn ang s dng. Plug and Play (PnP) l mt chun cho php cc my tnh pht hin v nhn din cc thit b phn cng v tip theo ci t, cu hnh

    trnh iu khin cho ch ng. PnP t ng gn cc ti nguyn phn cng cho mi thit b v bn c th cu hnh li cc thit b khc ph hp vi nhng nhu cu c bit ca mi thnh phn. Windows Server 2003 cha mt th vin ln cc trnh iu khin dnh cho nhiu thit b phn cng khc nhau. Nu Windows kh ng cha trnh iu khin cho thit b trn my tnh ca bn th bn phi ly ch ng t nh sn xut thit b (th ng thng ch ng i km theo thit b v c cha trong a CD ci t hoc a mm) Cc trnh iu khin sn c trn Windows Server 2003 tt c u c kim chng v m bo rng ch ng tng thch hon ton vi h iu hnh. Bn c th cu hnh cch thc x l ca h iu hnh khi bn thc hin ci t mt trnh iu khin cha qua kim chng bng cch s dng hp thoi Driver Signing Options. lin lc vi my tnh, cc thit b phn cng s dng cc ti nguyn phn cng nh cc yu cu ngt (IRQ), cc a ch vo/ra (I/O), cc knh DMA (truy cp trc tip b nh) v cc a ch b nh chng hn. Device Manager l mt mn hnh qun tr lit k tt c cc thit b phn cng trn my tnh ca bn v ch r nhng li lin quan n thit b hoc trnh iu khin. S dng Device Manager, bn c th cho php hoc v hiu ha cc thit b, cp nht hoc s dng li cc trnh iu khin, qun l thit b v cc c tnh trnh iu khin ca ch ng v gii quyt nhng li xung t ti nguyn phn cng. Ngi s dng phi c quyn qun tr mi c th ci t v qun l cc thit b phn cng cng nh cc trnh iu khin ca ch ng. Mt ngoi l i vi trng hp ny l ngi s dng kh ng c quyn qun tr vn c th ci t cc thit b PnP khi thit b QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 519 QUN L CC TRNH IU KHIN THIT B kh ng yu cu bn cp trnh iu khin hoc yu cu s can thip ca ngi s dng. Nhiu nh sn xut thit b phn cng a ra cc cp nht cho trnh iu khin mt cch nh k. iu ny buc ngi qun tr h thng phi quyt nh c nn ci t ch ng kh ng v ai l ngi ci t ch ng, khi no th ci t. La chn Last Known Good Configuration rt hu dng cho bn quay tr li trnh iu khin c s dng trc nhng ch khi no bn cha ng nhp thnh c ng vo h thng. Khi ng my tnh trong ch Safe Mode s ch ti mt phn ti thiu cc trnh iu khin, cho php bn truy cp vo Device Manager v c th v hiu ha, g b hoc quay tr li trnh iu khin c nhm ngn kh ng cho h thng ri vo tnh trng hot ng thiu n nh.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 520 QUN L CC TRNH IU KHIN THIT B BI TP THC HNH =============================================== Bi tp thc hnh thc hnh 11-1: Hin th cc ti nguyn phn cng Trong bi thc hnh ny, bn s s dng Device Manager hin th cc ti nguyn phn cng trn my tnh ca bn v cc thit b ang s dng ch ng. 1. Truy cp vo h iu hnh Windows Server 2003 bng ti khon Administrator. 2. Nhp Start, tr ti Control Panel v chn System Properties xut hin. System. Hp thoi

    3. La chn th Hardware v tip theo nhp vo Device Manager. Ca s Device Manager xut hin. 4. Trn thc n View chn Resources By Type.

    5. M rng tiu Interrupt Request (IRQ) v ch cc thit b s dng cc chui IRQ ca h thng. =============================================== Bi tp thc hnh thc hnh 11-2: Cu hnh cc la chn ch k trnh iu khin

    Trong bi thc hnh ny, bn s cu hnh cc la chn v trnh iu khin c xc thc trn my tnh. 1. Truy cp vo h iu hnh Windows Server 2003 bng ti khon Administrator. 2. Nhp Start, tr ti Control Panel v chn System Properties xut hin. System. Hp thoi

    3. La chn th Hardware ri nhp vo Driver Signing. Hp thoi Driver Signing Options xut hin. 4. La chn Block v nhp OK. Bn s kh ng c php ci t cc trnh iu khin cha c hng Microsoft k xc nhn. QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 521 QUN L CC TRNH IU KHIN THIT B =============================================== Bi tp thc hnh thc hnh 11-3: Ci t trnh iu khin thit b Trong bi thc hnh ny, bn s ci t trnh iu khin thit b cho mt card mng kh ng c thc trn my tnh ca bn. 1. Truy cp vo h iu hnh Windows Server 2003 bng ti khon Administrator. 2. Nhp Start, tr ti Control Panel v chn System. Hp thoi System Properties xut hin. 3. La chn th Hardware ri nhp vo Add Hardware Wizard. tm ra

    4. Nhp Next v i trnh hng dn qut my tnh ca bn thit b mi. Nu bn kh ng thm bt k thit b no, trnh hng dn s hi bn xem thit b mi c kt ni cha. 5. Next. La chn

    Yes, I Have Already Connected The Hardware v nhp t

    6. Cun ti phn cui trong danh sch thit b phn cng ci Installed Hardware, la chn Add A New Hardware Device v k nhp Next. 7. La chn Install The Hardware That I Manually Select From A List (Advanced) v nhp Next. 8. Trong danh sch Common Hardware Types, la chn Network Adapters ri nhp Next. 9. La chn Microsoft l nh sn xut v Microsoft Loopback Adapter l card mng ri nhp Next. 10.Nhp Next ci t card v tip theo nhp hng dn li. Finish

    ng trnh

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 522 QUN L CC TRNH IU KHIN THIT B 11.Windows Server 2003 s ti trnh iu khin v ci t thit b. Mt card mng mi c tn Microsoft Loopback Adapter s xut hin trong Device Manager bn di nhm Network Adapters.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 523 QUN L CC TRNH IU KHIN THIT B

    CC CU HI N TP 1. Mt ngi s dng l thnh vin ca nhm Users mun ci mt my in USB c kt ni ti my in ca bn. Trnh iu khin my in c sn trong Windows Server 2003. Ngi s dng c th ci t my in m kh ng cn ti s tr gi p ca ngi qun tr kh ng? Ti sao c v ti sao kh ng?

    2. Mt ngi s dng l thnh vin ca nhm Users mun ci t mt my in USB c kt ni ti my in ca bn. Trnh iu khin my in c sn trong Windows Server 2003 nhng nh sn xut cung cp mt trnh iu khin c xc thc trn a CD-ROM. Ngi s dng c th ci t my in m kh ng cn ti s tr gi p ca ngi qun tr kh ng? Ti sao c v ti sao kh ng? 3. Trong tnh hung no bn phi thay phn cng cho mt thit b? i cc thit lp ti nguyn

    4. Bn cn g b tm thi v mt logic ch kh ng phi v mt l mt thit b PnP ra khi cu hnh phn cng ca mt my tnh. Bn mun ti u ha thi gian kh i phc li thit b sau ny. Cc la chn di y, u l la chn ti u nht bn hon thnh mc tiu ni trn? a. b. c. S dng Device Manager g b thit b G b vt l thit b phn cng ra khi my tnh

    d. Di chuyn file cha trnh khc trn a cc b.

    5. Nh sn xut card mng kh ng dy c ci t trn my tnh ca bn va a ra trnh iu khin mi. Bn mun th trnh iu

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 524 QUN L CC TRNH IU KHIN THIT B khin nhm kim tra qu trnh hot ng ca n. Bn s s dng la chn no trong Device Manager th trnh iu khin mi?

    S dng Device Manager v

    hiu ha thit b iu khin thit b ti mt th mc

    6. Bn mun hin th danh sch cc thit b c kt ni ti h thng Windows Server 2003 ca bn theo IRQ. Bn s s dng cc phng php no di y thc hin c ng vic ny? (La chn tt c cc cu tr li ng) a. S dng Device Manager, t thc n Resources By Connection. b. S dng Resources By Type. Device Manager, t thc n n

    c. S dng Device Manager, t thc By Connection.

    d. S dng Device Manager, t thc n View la chn Devices By Type. 7. Gn y bn c ci t ba card mng c trn mt my ch thnh vin Windows Server 2003. Hai card lm vic tt nhng ci th ba b xung t vi cc thit b khc trn h thng ca bn. Bn phi lm g c th xc nh thit b no trn h thng ang xung t vi card mng th ba ny? a. S dng Device Manager v tm kim thit b khc c k hiu mu vng v du cm thn mu en bn cnh n.

    c. S dng Device Manager v tm kim thit b khc c k hiu mu vng v du cm thn mu en bn cnh n. Trn thc n Action, la chn Properties. Trn th Resources, mt danh sch cc thit b xung t s hin th cc ti nguyn xung t.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 525 QUN L CC TRNH IU KHIN THIT B d. Chy Hardware Troubleshooting Trnh hng dn v la chn Resolve All Device Conflicts. CC KCH BN TNH HUNG =============================================== Kch bn 11-1: X l cc s c lin quan video Bn va hon thnh cu hnh mt trnh iu nhn c th ng bo nhc nh bn khi nhng thay i c tc dng. Ngay sau khi hnh xut hin mt mu en. K thut x php bn phc hi li v trnh iu khin nht? a. Last Known Good Configuration n trnh iu khin khin mi cho card mn hnh v ng li my tnh nhm lm cho bn khi ng li my tnh, mn l s c hoc c ng c no cho mn hnh ny mt cch d dng

    b. Xem nht k s kin ng dng v tm kim bn ghi m b ang xung t vi card mng ny.

    View la chn View la chn View la chn Device

    t thit

    b. c. d.

    Driver Rollback Safe Made Recovery Console ===============================================

    Kch bn 11-2: Thay i cc thit lp ti nguyn phn cng Bn l nh qun tr h thng bn thi gian cho mt doanh nghip nh. Doanh nghip ny hin ang c mt my ch c lp chy Windows Server 2003. Gn y bn nhn c mt bo mch fax c y l mt thit b cho php nhn v gi nhiu bn fax ti c ng mt thi im. Bn ci t bo mch ny trn my ch Windows Server 2003 nhng n kh ng lm vic. Bn m Device Manager v thy rng biu tng ca bo mch fax c mt cnh bo mu vng vi du cm thn mu en. Bn pht hin ra rng c mt s xung t v IRQ vi mt thit b khc trn h thng, l mt b iu khin RAID c. Trong cc phng php di y, u l phng php ng cho php thay i cu hnh bo mch kh ng xy ra xung t gia n vi b iu khin RAID? a. Trn mn hnh Device Manger, la chn b iu khin RAID. Trn thc n Action, la chn Properties. La chn th

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 526 QUN L CC TRNH IU KHIN THIT B Resources v k xa hp kim tra Use Automatic Settings. La chn IRQ v nhp vo Change Settings. Cun mn hnh cha IRQ cho n khi bn nhn thy mt ci kh ng xung t vi bt k mt thit b khc. Nhp OK v khi ng li my ch. b. La chn bn mch fax trong Device Manager. Trn thc Action, la chn Properties. La chn th Resources v k xa hp kim tra Use Automatic Settings. La chn IRQ v nhp vo Change Settings. Cun mn hnh cha IRQ cho n khi bn nhn thy mt ci kh ng xung t vi bt k mt thit b khc. Nhp OK v khi ng li my ch.

    c. Trn mn hnh Device Manger, la chn b iu khin RAID. Trn thc n Action, la chn Properties. La chn th Resources v k xa hp kim tra Use Automatic Settings. La chn I/O Range v nhp vo Change Settings. Cun mn hnh I/O Range cho n khi bn nhn thy mt ci kh ng xung t vi bt k mt thit b khc. Nhp OK v khi ng li my ch. d. Trn mn hnh Device Manger, la chn b iu khin RAID. Trn thc n Action, la chn Properties. Trong danh sch th xung Device Usage trn th General la chn Do Not Use This Device (Disable).

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 527 QUN L LU TR D LIU TRN A

    CHNG 12: QUN L LU TR D LIU TRN A Nu c mt chn l v k thut th ng tin th chnh l: cho d ngy h m nay bn c bao nhiu kh ng gian lu tr d liu th ngy mai kh ng gian s tr nn cht hp. Ch cch y mt thp k, cc a cng hu ht cn c tnh theo n v megabyte. Mt a cng vi dung lng 1GB c kch thc mt hp ng i giy v c gi tr hng ngn la. Nhiu t chc gi y o dung lng lu tr ca h theo n v terabyte v vic qun l tt c d liu c th to mt sc p khng khip ln h thng lu tr trn cc my ch ca bn. Mt s t chc ln ang chuyn hng sang cc mng lu tr (SANStorage Area Network) vi kt ni quang, cc dy a c kh nng chng li nhng nhn chung bn vn thy cc my ch vi lng lu tr ln v mt vn rt quan trng trong cu hnh kh nng lu tr my ch l cung cp s cn bng ti u gia dung lng lu tr, hiu nng v kh nng chng li. Microsoft Windows Server 2003 cung cp cc c ng c cho php bn m rng dung lng lu tr ca h thng, cung cp kh nng chng li v nng cao hiu nng ca h thng lu tr. Cc nh qun tr h thng s cn phi hiu mt cch tng tn v cc c ng c ny nhm m bo cho cc a cng hot ng trn tru v trnh c tnh trng cn kit kh ng gian lu tr. Hon thnh chng ny bn c kh nng: Hiu c cc khi nim v thut ng v lu tr trn a. Phn bit lu tr c bn vi lu tr ng. Xc nh cc loi volume lu tr c Windows Server 2003 h tr. Xc nh m hnh RAID trin khai nhm tha mn mt yu cu lu tr c th v mt mc s dng, kh nng chng li v hiu nng. Thm kh ng gian lu tr cho mt my tnh s dng Windows Server 2003. Qun l cc a bng cch s dng Check Disk, Disk Defragmenter v hn ngch a.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003

    528 QUN L LU TR D LIU TRN A TNG QUAN V LU TR D LIU TRN A TRONG WINDOWS SERVER 2003 Trc khi bn c th hiu mt cch y v kh nng lu tr d liu trn a cng ca h iu hnh Windows Server 2003, bn cn nm c mt vi khi nim c bn. Cc phn di y s im qua mt vi phng php t tn m Windows Server 2003 s dng khi cp n vn lu tr d liu trn a v cc cu tr c c bn bn c th s dng to ra mt chnh sch lu tr d liu. Mc d ban u s khc bit c v nh l r rng nhng khi lm vic vi h thng lu tr trong Windows Server 2003 th vic duy tr kh nng nhn bit s khc bit gia cc thit b lu tr vt l vi nhng phn v ng logic m bn c th to ra trn ch ng (thit b vt l) l mt iu ht sc quan trng. Mt a vt l, ng nh tn gi ca n l mt n v a n, c lp v thng l mt a cng. V mt k thut, khi nim disk cp ti cc a c hnh dng trn c trng t trng bn trong mt a. Mt a c th c mt a n hoc c th l mt chng cc a, tt c ch ng c xem nh a cng bn trong a. lu tr d liu trn mt a vt l, trc ht bn phi phn v ng cho n. Cu hnh n gin nht c th c l mt a vt l c mt phn v ng n c hin th trong h iu hnh bi mt k t a. Tuy nhin bn cng c th to c nhiu phn v ng trn mt mt a vt l n. Mt phn v ng l mt kh ng gian a c chc nng nh mt thnh phn lu tr d liu vt l ring bit. Khi mt a vt l c nhiu hn mt phn v ng, mi phn v ng c th c hin th bi cc k t a khc nhau trn h iu hnh. CH Cc k t a v cc a vt l Trong thc t c th bn nhn thy nhiu k t a trn h iu hnh th iu kh ng c ngha l c nhiu a trn my tnh. Mt vi ng dng khuyn co rng cu tr c d liu xc nh nn lu tr trn cc a tch ri nhm mang li hiu qu cao nht cho cc hot ng lu tr ca ng dng. V d, Active Directory Installation Wizard khuyn co rng c s d liu ca Active Directory v cc file nht k nn c lu tr trn cc a tch ri. Tuy nhin vic xc nh cc k t a khc nhau cho cc cu tr c d liu ny l kh ng ng ngha vi vic ch ng c lu tr trn cc a vt l khc nhau. Bn phi nm r v cu tr c thc t ca a vt l bit xem thc t cc k t a no tr n cc a vt l khc nhau.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 529 QUN L LU TR D LIU TRN A Kh ng ging nh cc a (Disk) v cc phn v ng (Partition), lu n c t ti gc trong cu hnh vt l ca phn h thng lu tr, volume ( i khi cn gi l mt a logic) l mt n v lu tr logic m bn c th to ra v qun l ch ng nh cc c ng c lu tr trong Windows Server 2003. Mt volume c th cha tt c hoc mt phn ca mt hoc ca nhiu cc phn v ng a vt l. y mt ln na, cu hnh n gin nht c th l mt cu hnh m mt volume n cha ton b mt phn v ng, phn v ng ny li bao gm ton b mt a vt l. Tuy nhin, bn cng c th to ra nhiu volume t mt phn v ng n hoc mt volume t nhiu phn v ng. C nhiu l do s dng c hai phng

    thc ni trn qun l a. Vic to ra nhiu volume t mt phn v ng n cho php bn tch ring mt cch logic cc loi d liu khc nhau. V d, bn c th s dng mt volume ci t cc ng dng v ci khc lu tr cc file d liu. N lm n gin ho qu trnh iu khin truy cp cho ngi qun tr v ngn kh ng cho cc loi d liu b trn ln vi nhau. Vic phi hp cc phn v ng t nhiu a vt l vo trong mt volume cho php bn hp nht tt c cc kh ng gian a vo trong mt t hp a c hin th bi mt k t a. K thut ny cng cho php bn thc hin cc k thut lu tr cao cp nhm nng cao hiu nng v cung cp thm kh nng chng li nh disk mirroring (nh x a), disk striping (ghi a theo tng dc) v redundant array of independent disks (RAID_ dy cc a c lp c kh nng chng li) chng hn. CH : Cc volume v cc k t a Trong hu ht cc trng hp, mt volume c hin th bi mt k t a, thm ch khi volume bao gm nhiu phn v ng trn cc a vt l khc nhau. Tuy nhin, mt volume kh ng nht thit phi c mt k t a. Bn c th gn mt volume nh mt th mc trn mt volume khc kt hp mt cch hiu qu hai volume vo trong mt k t a logic. S lng v tnh cht ca cc phn v ng v cc volume bn c th to ra t kh ng gian trn a vt l ph thuc vo kiu lu tr ang s dng trn Windows Server 2003: lu tr c bn hay lu tr ng. Cc loi hnh lu tr ny s c nu chi tit trong cc phn di y. LU S nhm ln thut ng Nu bn c kh khn trong vic phn bit gia cc a vt l, cc phn v ng v cc volume th bn cng ng qu lo lng. Nhiu ti liu tham kho v thm ch l mt s ti liu ca Microsoft cng s dng sai cc khi nim ny. Tuy nhin khi bn tm hiu v cc kh nng ca cc h thng lu tr

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 530 QUN L LU TR D LIU TRN A ng v c bn trn Windows Server 2003 th s khc bit gia cc khi nim lu tr ny s tr nn r rng hn. S dng c ch lu tr c bn Lu tr c bn l chun c ng nghip cho c ng vic qun l a cng v l ch lu tr mc nh trong Windows Server 2003. Tt c cc phin bn ca Windows cng nh MS-DOS, u h tr lu tr c bn v c th truy nhp ti cc a c bn (Basic Disk). Trong Windows Server 2003, tt c cc a l a c bn cho ti khi bn chuyn i ch ng thnh a (Dynamic Disk). Trong ch lu tr c bn, mt a vt l c chia thnh cc phn v ng v mi phn v ng hot ng nh mt n v lu tr vt l ring bit. Th ng tin v v tr v kch thc ca mi phn v ng c lu li trong bng phn v ng ca Master Boot Record (MBR) trn a. to nhiu volume trn mt a vt l duy nht, bn phi to ra nhiu phn v ng. Windows Server 2003 h tr ti a 4 phn v ng trn mt a c bn v c hai kiu phn v ng: Phn v ng chnh (Primary Partition) Mt a c bn c th c ti a 04 phn v ng chnh vi mi phn v ng hot ng nh mt volume ring bit. Mt trong cc phn v ng ny c th c ch nh lm phn v ng khi ng (Boot Partition). My tnh s tm kim trn phn v ng khi ng cc file khi ng cn thit np h iu hnh. Sau khi to ra mt phn v ng chnh, bn phi nh

    ng

    dng n vi mt kiu h thng tp tin trc khi lu tr d liu ln . Phn v ng m rng Mt a c bn c th c mt phn v ng m rng s dng kh ng gian cn li sau tin trnh to cc phn v ng chnh. Do mt a c bn ch c ti a 04 phn v ng nn khi c mt phn v ng m rng th s phn v ng chnh ti a l 3. s dng kh ng gian trn mt phn v ng m rng, bn phi to ra mt hoc nhiu a logic trn phn v ng trc, k nh dng ch ng mt cch ring r. Bn c th to ra mt s lng cc a logic t y trn kh ng gian phn v ng m rng. CH S dng cc phn v ng m rng Trong cc phin bn trc ca h iu hnh Microsoft gm c Windows 95, Windows 98 v MS-DOS , mt a vt l ch c th c mt phn v ng chnh. Nu bn mun to nhiu volume trn mt a vt l duy nht th bn phi to mt phn v ng m rng v chia n thnh mt hoc nhiu a QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 531 QUN L LU TR D LIU TRN A logic. Bi v Windows NT, Windows 2000, Windows XP v Windows Server 2003 u h tr vic s dng nhiu phn v ng chnh nn l do duy nht gii thch vic to mt phn v ng m rng l nu bn mun c nhiu hn 4 volume logic trn mt a c bn. CH Cc a c bn v thit b lu tr gn ngoi Cc thit b lu tr gn ngoi ch c th cha cc phn v ng chnh. Bn kh ng th to ra cc phn v ng m rng hoc cc a logic trn ch ng. Bn cng kh ng th c mt phn v ng c kch hot (Active Partition) trn . Tuy nhin, cn lu rng, cc cng gn ngoi s dng kt ni USB2.0 hoc IEEE 1394 s kh ng c xem nh l cc a gn ngoi. S dng c ch lu tr ng (Dynamic Storage) Ngoi c ch lu tr c bn, Windows 2000, Windows XP v Windows Server 2003 cn h tr c ch lu tr ng. Trong lu tr ng, cc phn v ng v a logic c gp li thnh cc volume v ch ng c s dng mt cc linh ng hn. Tt c cc a ng u ch cha mt phn v ng cha kh ng gian lu tr c th s dng ca n. Cc n v lu tr ring trn phn v ng c gi l cc volume. Vi cc a c bn, phn v ng n trn mt a ng c xc nh bi th ng tin lu tr trn MBR ca a. Tuy nhin, th ng tin v volume kh ng c lu trn bng phn v ng ca a m c lu trong mt c s d liu c iu kin bi dch v Logical Disk Manager (LDM Trnh Qun l a Logic) ca h iu hnh. Do c s d liu ca volume kh ng b hn ch bi kch thc v cu tr c MBR ca a nn bn c th to ra mt s cc volume kh ng hn ch trn mt a ng. Cc volume c kh nng linh hot hn so vi cc phn v ng. Cc a ng h tr cc kiu volume sau: Simple volume ( a logic n gin) Hot ng nh mt phn v ng chnh trn a c bn. Simple volume s dng kh ng gian trn mt a vt l v tng ng vi mt volume logic. Khi mt my tnh ch c mt a ng, tt c cc volume phi l cc simple volume. Sau khi to ra mt simple volume vi kch thc xc nh, bn c th m rng n bng vic gn thm cc kh ng gian cha s d ng t cc v ng khc trn c ng mt a m kh ng cn phi xo ni dung trn volume ny. Do simple volume ch tn ti trn mt a vt l nn ch ng kh ng cung cp kh nng chng li. Span volume ( a logic m rng) Mt span volume bao gm

    cc kh ng gian lu tr trn nhiu a cng vt l. Bn c th to QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 532 QUN L LU TR D LIU TRN A mt span volume s dng kh ng gian lu tr ln ti 32 a vt l v cc kch thc s dng trn mi a c th khc nhau. Khi h thng thc hin ghi d liu ln mt span volume, n s bt u bng cch ghi y mt a vt l ri khi tip ln ln lt cc tip theo. Do m span volume kh ng em li kh nng chng li . Bn c th m rng mt span volume m kh ng lm mt d liu bng vic b sung kh ng gian t bt c a vt l no ca h thng. Nhc im ln nht ca cc span volume l kh nng mt mt tim n ca ch ng c nhn ln c ng vi s cc a cng c s dng cung cp kh ng gian lu tr cho volume. Nu mt a b hng th c volume cng s mt. Striped Volume ( a logic ghi theo vch) Mt striped volume (cn gi l RAID 0) l s kt hp ca cc v ng kh ng gian trn cc a cng vt l khc nhau (ti a 32 a cng). Tuy nhin, kh ng ging nh span volume, Windows Server 2003 ghi d liu ln tt c cc a vt l trong volume (gi l stripe set Tp cc vch) vi c ng mt tc . H thng s thc hin tin trnh ghi ln lt cc khi (block) d liu ln mi a vt l v do c nhiu u c c s dng c ng mt l c nn hiu sut c/ghi t l thun vi s lng a cng trn volume. Nhng cng ging nh span volume, nu mt a b hng th tt c d liu trn volume cng b mt . CH Stripping v hiu nng Bn s kh ng ci thin c hiu sut trn mt striped volume khi s dng cc a IDE tr phi bn s dng cc knh giao tip IDE ring bit cho mi a cng vt l. iu ny xy ra v hai a s dng chung mt knh s kh ng nhn v thc thi cc mnh lnh mt cch ng thi . Cc knh giao tip ring bit s ci thin hiu sut bng cch phn phi cc yu cu I/O gia cc b iu khin cng nh gia cc a. t hiu sut cao nht, bn nn s dng cc a SCSI. Cc giao tip SCSI c th gi cc cu lnh ti mi a trn c ng knh (bus) v cc a c th thc thi ch ng mt cch ng thi. Mirrored volume ( logic nh x) Mt mirrored volume (cn gi l RAID 1) bao gm hai bn sao y ht ca c ng mt simple volume v mi bn sao nm trn mt a vt l ring bit . Tt c d liu lu tr trn volume c ghi ln c hai a mt cch ng thi. Cc mirrored volume cung cp kh nng chng li cho bn: nu mt a vt l b hng th a cn li vn hot ng nh

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 533 QUN L LU TR D LIU TRN A thng. Nhc im ca phng php ny l dung lng ca volume ch bng mt na kh ng gian lu tr ca a vt l . RAID-5 volume RAID-5 l k thut lu tr d liu cung cp kh nng chng li d liu c ghi ln cc a cng vt l khc nhau v c xem nh mt volume duy nht. Cng tng t nh

    striped volume, trn RAID-5 volume h thng s thc hin ghi d liu ln tt c cc a cng vt l vi c ng mt tc nhng km theo c d liu kim tra gi l chn l (Parity). Mc d d liu chn l c phn phi cho tt cc a trong dy a nhng tng dung lng s dng cho d liu ny kh ng ln hn dung lng ca mt a. Nu mt a trong volume b hng, cc a cn li s ti to d liu b mt bng vic s dng d liu chn l. Qu trnh tnh ton s dng bit chn l trong tin trnh ghi d liu s to nn mt ti thm vo ln b vi x l ca h thng. Tuy nhin, RAID-5 li gia tng hiu sut c v d liu c c ng thi t nhiu u c . CH Cc hn ch ca volume h thng Do tnh cht quan trng ca volume h thng i vi s hot ng ca h thng nn Windows Server 2003 a ra nhng gii hn c bit i vi volume ny. Bn kh ng th ci t h iu hnh trn mt span, stripe hay RAID-5 volume v cng kh ng th m rng volume h thng sau khi ci t. Tuy nhin bn vn c th trin khai mirror volume trn volume h thng. So snh cc a c bn vi cc a ng Cu hi t ra l bn nn s dng c ch lu tr c bn hay ng trn my tnh Windows Server 2003 i hi s cn nhc cn thn. Nh nhc n trn, mc nh ban u tt c cc a Windows Server 2003 u l a c bn cho ti khi bn cn chuyn i ch ng thnh cc a ng. Qu trnh chuyn i gia a c bn v a ng rt n gin, nhanh chng v c th thc hin c ti bt k thi im no m kh ng lo s mt d liu. Tuy nhin, vic chuyn i mt a ng thnh mt a c bn li kh hn rt nhiu v tt c d liu trn a ca bn s b mt v phi phc hi ch ng t mt bn sao lu. Do bn cn phi m bo rng bn thc s cn c ch lu tr ng trc khi thc hin s chuyn i. Cc a ng cho php bn thc hin vic chuyn i ch ng gia cc my ch mt cch d dng (ngoi tr cc a h thng). Tnh nng ny cho php bn di chuyn mt a t my ch li sang mt my ch hot ng vi thi

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 534 QUN L LU TR D LIU TRN A gian gin on l nh nht. Mi mt my tnh Window 20000, Windows XP, Windows Server 2003 c th h tr mt nhm a m bn thn n c th bao gm nhiu a ng. C s d liu LDM c nhn bn gia cc a trong c ng mt nhm lm tng kh nng phc hi th ng tin cu hnh cho tt c cc a trong nhm. Tuy nhin, nu my tnh ca bn ch c mt cng duy nht th lu tr ng s kh ng em li bt c u im no r rt ngoi tr bn cn hn 4 phn v ng trn a cng . Ch khi no bn c t 2 a cng ng tr ln th bn mi c th tn dng nhng li ch ca cc kiu volume nh span hay stripe. Mc d a ng vi nhiu u im ca n nhng bn vn c l do dng a c bn chng hn nh: Do cch thc hot ng ca c s d liu LDM nn bn s rt kh khn khi chuyn mt a ng c s dng khi ng h iu hnh sang mt my tnh khc khi h thng gc b li. a ng kh ng h tr cho cc thit b ngoi vi v cng kh ng h tr trn my tnh xch tay. Lu tr c bn l chun c ng nghip v vy cc a loi ny c th truy cp c bi cc h iu hnh khc nhau bao gm MSDOS, tt c cc phin bn Windows v hu ht cc h iu hnh

    khc. Do bn s kh ng th truy nhp c ti cc a ng nu bn khi ng h thng t mt h iu hnh kh ng phi l Windows Server 2003, Windows XP hay Windows 2000. CH Mc tiu ca k thi Cc mc tiu cho k thi 70-290 yu cu cc hc vin c kh nng qun tr cc a c bn v a ng. S DNG CNG C QUN TR A (DISK MANAGEMENT) Disk Management l c ng c chnh trn Windows Server 2003 d ng to, qun tr cc a c bn v a ng. Disk Management l mt phn trong mn hnh qun tr Computer Management y l mn hnh m bn c th truy cp t Administrative Tools trn thanh c ng c Start hoc bn c th thm snap-in ny t mt mn hnh MMC t y bin. LI KHUYN S dng mn hnh qun tr Disk Management Windows Server 2003 cng cung cp mt mn hnh qun tr Disk Management c lp nhng kh ng c shortcut cho n t thanh c ng c Start. m mn hnh qun tr ny nhp Start, la chn Run v g diskmgmt.msc trn hp thoi Open v nhp OK. QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 535 QUN L LU TR D LIU TRN A Giao din Disk Management khc vi hu ht cc MMC snap-in khc. N kh ng c mt ca s qun tr tp trung, tt c cc iu khin u c t trong ca s chi tit. Bn thn ca s chi tit ny c chia thnh hai ca s: ca s pha trn v ca s bn di nh hnh v 12-1. Mc nh, ca s pha trn cha mt danh sch cc volume hin th cc volume trn tt c cc a cng vt l. Danh sch ny ch hin th cc volume i vi cc a ng cn vi a c bn ca s ny cha mt danh sch cc phn v ng chnh v cc a logic.

    Hnh 12-1: Mn hnh qun tr Disk Management Mi bn ghi trong danh sch volume cha th ng tin sau: Volume Xc nh k t a v/hoc tn volume

    Layout Xc nh kiu volume nh simple, spanned hoc striped i vi cc volume trn a ng hoc phn v ng i vi cc a logic trn a c bn. Type Xc nh loi a cng m volume c to ra trn : c bn hoc ng. File System Xc nh kiu h thng file m volume s dng Status Xc nh trng thi hin ti ca volume bng vic s dng mt trong cc gi tr sau: Failed (hng) xc nhn rng volume kh ng th khi ng c

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 536 QUN L LU TR D LIU TRN A Failed Redundancy (d phng hng) xc nhn rng mt mirrored volume hoc RAID-5 volume kh ng c kh nng chng li do c mt a b li. Formatting (ang inh dng) xc nhn rng volume ny ang trong tin trnh nh dng. Healthy (Khe mnh) xc nhn rng volume hot ng bnh thng. Regenerating (Ti to li) xc nhn rng mt RAID-5 volume ang trong tin trnh to li d liu trn mt a phc hi mi. Resynching (ang ng b li) xc nhn rng mt mirrored volume ang trong tin trnh to li d liu trn mt a phc hi mi. Unknown (kh ng bit) xc nhn rng sector khi ng (Boot sector) ca volume b hng. Capacity Xc nh dung lng tng cng ca volume theo n v MB hoc GB. Free Space Xc nh dung lng ca kh ng gian trng trn volume theo n v MB hoc GB. %Free Xc nh phn trm dung lng ca volume cn trng. Fault Tolerance Xc nh xem kiu volume c cung cp kh nng chng li kh ng. Overhead Xc nh phn trm dung lng volume dnh cho vic lu tr d liu d phng. Ca s bn di ca mn hnh qun tr Disk Management cha mt mn hnh hin th dng ha cc a vt l trn my tnh. Vi mi a, mn hnh hin th xc nh th ng tin sau: Disk Identifier (m nhn din a) xc nh s hiu m h thng gn cho a. M nhn din a cng c bt u vi Disk0 v cc a CD-ROM vi CD-ROM 0. Disk Type (chng loi a) xc nh xem a l mt a c bn hay a ng, l CD-ROM hay DVD-ROM. Disk Size (dung lng a cng) xc nh dung lng tng cng ca a.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 537 QUN L LU TR D LIU TRN A

    Disk Status (trng thi ca a) Xc nh trng thi hin ti ca a bng cch s dng mt trong cc gi tr sau: Audio CD xc nhn rng mt a CD-ROM hoc DVD-ROM c cha mt a audio CD. Foreign xc nhn rng c mt a ng c di chuyn t mt my tnh khc nhng cha c a vo cu hnh ca h thng hin ti. Chy lnh Import Foreign Disks truy cp n a. Initializing xc nhn rng a ang trong tin trnh chuyn i t mt a c bn thnh mt a ng. Missing xc nhn rng mt a ng b loi b ra khi my tnh hoc b t kt ni hoc b hng hc. S dng cu lnh Reactive Disk truy cp vo a b ngt kt ni trc kia. No Media xc nhn rng mt a CD-ROM, DVD-ROM hoc mt a di ng hin ti ang trng. Not Initialized xc nhn rng a kh ng c mt ch k s hp l. S dng Initialize Disk kch hot a. Online xc nhn a c kh nng truy cp v hot ng bnh thng. Online (Errors) xc nhn rng pht hin thy cc li I/O trn khu vc ca a ng. Offline xc nhn rng kh ng th truy cp c n a ng. Unreadable xc nhn rng a kh ng th truy cp, nguyn nhn c th do li phn cng, li I/O hoc c s d liu LDM b hng. Cc thanh (bar) c hin th theo chiu ngang biu din mi a c chia thnh cc phn on m t cc volume hoc cc phn v ng khc nhau trn a cng . Mi phn on c c trng bi cc mu khc nhau bn c th d dng xc nh ch ng l mt volume c bn hay l mt volume ng hoc c th l kh ng gian cha c s dng. Cc phn on cng cha cc th ng tin m bn nhn thy trong danh sch volume nh tn volume, dung lng, h thng file v trng thi hin ti. Disk Management cho php bn t y bin nhng g s xut hin trong cc ca s trn v di bng vic s dng cc cu lnh trong thc n View. Bn c th o ngc danh sch volume v mn hnh hin th ha hoc bn c th thay th bng mt danh sch a nh hnh v 12-2. Danh sch a cng c cc th ng tin nh trn mn hnh ha ngoi ra cn c Device Type

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 538 QUN L LU TR D LIU TRN A

    (chng phn v phn v nn b

    loi thit b) nh IDE hay SCSI chng hn v Partition Style (kiu ng) nh MBR hoc GPT (GUID Partition Table y l mt bng ng c giao din ha, c s dng cho cc my tnh chy trn vi x l Itanium ca hng Intel).

    Hnh 12-2: Mn hnh Disk Management hin th danh sch a Disk Management cho php bn qun l cc b hoc t xa kh nng lu tr ca mt h thng. N kh ng tng tc trc tip vi cu hnh a m lm vic vi dch v qun tr Logical Disk Manager, mt dch v c khi ng trn my tnh bn qun l khi khi to mn hnh qun tr Disk Management. Khi bn la chn mt trong cc thnh phn trn giao din Disk Management, bn c th truy cp n mt lot cc chc nng t thc n Action v t thc n ng cnh ca cc thnh phn . Cc chc nng c th gi p bn xc nh xem bn ang la chn mt a hay mt phn v ng trn mt a c bn hay mt volume trn mt a ng. Vi mi thnh phn, bn cng c th m hp thoi Properties truy cp n cc chc nng ngoi vi. Cc chc nng m bn c th thc hin s c m t trong cc phn di. CH S dng Diskpart.exe Tt c cc c ng vic bn thc hin trn mn hnh qun tr Disk Management u c th thc hin c vi c ng c Diskpart.exe ch dng lnh. y l mt chng trnh m bn c th s dng trc tip hoc trong cc kch bn nhm t ng ha cc c ng vic qun tr a. bit thm th ng tin v vic s dng c ng c ny, bn c th tham kho trong phn help trc tuyn trong Windows Server 2003.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 539

    Tng kh nng lu tr QUN L LU TR D LIU TRN A Tin trnh tng thm kh nng lu tr cho mt my tnh Windows Server 2003 bao gm cc bc sau: Ci t v mt vt l cc a Khi to a Trn a c bn, to cc phn v ng v (nu l mt phn v ng m rng) cc a logic hoc to cc volume trn mt a ng. nh dng cc volume. Gn cc k t a cho cc volume hoc gn cc volume n cc th mc rng trn cc volume NTFS sn c. Bn phi l thnh vin nhm Administrators hoc Backup Operators hoc bn c y nhim quyn qun tr, bn mi c th thc hin hu ht cc nhim v ny. Ch duy nht c cc thnh vin nhm Administrators mi nh dng c mt volume. Cc bc ny c m t chi tit trong cc phn k tip. Hu ht cc bc m bn thc hin trn cc volume hoc a sn c cng nh cc trn cc cu tr c mi. Ci t a cng

    thm a cng mi vo my tnh, trc ht bn phi ci t n. K , m mn hnh qun tr Disk Management v nu h thng kh ng t ng pht hin a cng, chn Rescan Disks t thc nUActionU. Nu h thng yu cu bn khi ng my tnh hon thnh tin trnh ci t a mi, bn hy thc hin v m Disk Management li mt ln na. Khi to a cng Khi bn thm a cng vo my tnh Windows Server 2003, bn phi khi to a trc khi bt tay vo vic nh v kh ng gian cho cc phn v ng, cc a logic v cc volume. Khi to a cho php h iu hnh ghi ch k a, du kt th c sector (cn c gi l t k) v mt MBR hoc GPT ln a cng . Nu bn khi to Disk Management sau khi ci t a mi, Trnh hng dn Initialize And Convert Disk s t ng xut hin. Trnh hng dn cho

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 540 QUN L LU TR D LIU TRN A php bn to ch k trn a mi v chuyn i a t c ch lu tr c bn mc nh sang c ch lu tr ng. khi to a mt cch th c ng t Disk Management, nhp chut phi vo hp trng thi ca a trn mn hnh ha v t thc n Action, tr ti All Tasks ri la chn Initialize Disk. CH Chuyn i cc a cng mi Mc nh, Trnh hng dn Initialize And Convert Disk s kh ng chuyn i cc a cng mi, bn phi thc hin iu ny mt cch th c ng. To cc phn v ng trn a c bn Sau qu trnh khi to a cng mi, gi y bn c th bt u thc hin mt cu tr c lu tr ca cc phn v ng, cc a logic hoc cc volume. Nh cp trn, mc nh cc a mi khi to trong Windows Server 2003 u l a c bn. Nu bn mun gi nguyn c ch lu tr ny, bn c th to cc phn v ng bng cch la chn kh ng gian cha c s dng trn mn hnh ha v trn thc n Action, tr ti All Tasks v chn New Partition. Trnh hng dn New Partition s xut hin, bn s xc nh xem bn mun to mt phn v ng chnh hay phn v ng m rng (xem hnh v 12-3) v kch thc ca n.

    Hnh 12-3: Trnh hng dn New Partition Nu bn to mt phn v ng chnh, Trnh hng dn s hng dn bn t vic gn k t a cho phn v ng n nh dng ch ng hoc bn c th la chn thc hin cc c ng vic ny sau. Nu to mt phn v ng m rng, bn phi la chn kh ng gian a cng trng m bn va to v chy Trnh hng dn New Partition li mt ln na, ln ny Trnh hng dn s cho

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 541 QUN L LU TR D LIU TRN A php bn to a logic. Bn c th to s lng a logic t y theo nhu cu ca bn cho n khi bn s dng ht kh ng gian a cng trn phn v ng m rng. V mt ln na, Trnh hng dn d cho php bn nh dng cc a logic khi bn to ch ng hoc bn c th nh dng ch ng sau . THNG TIN THM bit thm th ng tin v vic gn cc k t a cho cc phn v ng v nh dng ch ng, xem Gn cc k t a v nh dng cc volume phn sau trong chng ny. Chuyn i mt a c bn thnh mt a ng Nu bn mun s dng lu tr ng, bn phi chuyn i a c bn thnh a ng trc khi bn to cc volume mi. thc hin iu ny, la chn hp trng thi ca a trong mn hnh ha, trn thc n Action tr ti All Tasks v la chn Convert To Dynamic Disk. Sau khi tin trnh chuyn i hon thnh, hp trng thi ca a s hin th th ng bo a hin l mt a ng v v bn c th tin trnh to cc volume. CH Chuyn i a h thng Trong hu ht cc trng hp, bn c th bt u s dng a ng ngay lp tc sau khi bn hon thnh qu trnh chuyn i t a c bn. Tuy nhin, khi bn chuyn i a h thng thnh a ng, bn phi khi ng li h thng trc khi bn c th thc hin bt k c ng vic no trn a. Bn c th chuyn i mt a c bn thnh a ng ti bt k thi im no thm ch khi bn lu tr d liu trn . Cu tr c d liu trn a s kh ng b thay i v vy d liu s kh ng b mt mt. Tuy nhin, phng php tt nht trc khi thc hin bt k mt s thay i quan trng no trn a l sao lu d liu. Khi bn chuyn i mt a c bn c cc phn v ng v cc a logic thnh mt a ng, nhng thnh phn ny s c chuyn i thnh cc thnh phn tng ng trn a ng. Trong hu ht cc trng hp, cc phn v ng v cc a logic trn a c bn c chuyn i thnh cc simple volume. Cc tp volume v stripe trn Windows NT s c chuyn i tng ng thnh cc spanned volume v striped volume. CH Chuyn i mt a ng thnh a c bn Vic chuyn i mt a ng thnh mt a c bn s lm mt tt c d liu trn a. V vy, trc tin bn phi sao lu tt c d liu trn a. K bn phi xa tt c cc volume trn a ng. Tip theo bn la chn a v chn Convert To Basic Disk t thc n Action/All

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 542

    QUN L LU TR D LIU TRN A Tasks. Sau khi to cc phn v ng c bn v cc a logic, bn c th phc hi d liu ngc tr li a. To cc volume trn a ng Mt khi bn chuyn i a cng sang c ch lu tr ng, bn c th tin hnh to cc volume trn . La chn mt v ng kh ng gian cha s dng trn a trong mn hnh ha ri chn New Volume t thc n Action/All Tasks. Trnh hng dn New Volume s xut hin. Trong Trnh hng dn ny, bn phi xc nh kiu volume bn mun to trong trang Select Volume Type nh hnh v 12-4.

    Hnh 12-4: Trang Select Volume Type ca New Volume Wizard Cc kiu volume bn c th to t y thuc vo s lng a ng vi kh ng gian cha s dng trn my tnh. To cc simple volume Nu bn ch c mt a cng trn my tnh, bn ch c th to c duy nht cc simple volume. Tt c cc c ng vic bn cn lm l to mt simple volume vi kch thc xc nh. Tip theo, Trnh hng dn New Volume s gi p bn gn k t a cho volume v nh dng n. Chi tit qu trnh ny s c m t trong phn sau ca chng ny. To cc loi volume khc to cc volume spanned, striped hoc mirrored, bn phi c t nht hai a ng vi cc kh ng gian a cha s dng. to mt RAID-5 volume bn phi c t nht ba a ng. Khi bn la chn bt k loi volume no trong s cc kiu trn, Trnh hng dn New Volume s hin th trang Select QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 543 QUN L LU TR D LIU TRN A Disks (xem hnh v 12-5), dng to volume. bn s la chn cc a m bn mun s

    Hnh 12-5: Trang Select Disks ca New Volume Wizard Mc nh, a bn la chn khi to volume s xut hin trong danh sch Selected. Tt c cc a ng khc trn my tnh s xut hin trong danh sch Available. thm mt a vo volume, bn chn mt a trong danh sch Available v nhp Add. Bn c th thm ti 32 a cho cc spanned, striped hoc RAID-5 volume. Cc mirrored volume ch s dng duy nht hai a. Mt khi bn la chn cc a s dng cho vic to volume, bn phi xc nh kch thc ca volume. Tin trnh ny cng thay i ch t t t y thuc vo kiu volume bn to: Cc spanned volume c th s dng bt k khong kh ng gian no trn mi a cng. Vi mi a trong danh sch Selected, bn xc nh dung lng kh ng gian (tnh theo MB) m bn mun a vo spanned volume. Trng Total Volume Size In Megabytes (MB) (kch thc tng ca volume tnh theo n v MB) s hin th kh ng gian kt hp t tt c cc a c la chn. Cc stripped, mirrored v RAID-5 volume phi s dng c ng mt khong kh ng gian a trn mi a cng c la chn. Sau khi la chn cc a m bn mun s dng to volume, hp kim sot Select The Amount Of Space in MB s xc nh dung lng ln nht m mi a c th ng gp. Gi tr ny c xc nh theo khong kh ng gian cn trng trn a cn trng t nht. Khi bn thay i khong kh ng gian trn mt a, Trnh hng dn cng thay i dung lng m cc a khc c th ng gp. QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 544 QUN L LU TR D LIU TRN A Kch thc tng cng ca volume cng c tnh ton khc nhau t y thuc vo kiu volume khc nhau: Vi mt spanned volume, kch thc tng ca volume l tng cng s MB bn xc nh vi mi a la chn. Vi mt stripped volume, kch thc tng cng ca volume l s MB bn xc nh nhn vi s lng a bn la chn. Vi mt mirrored volume, kch thc tng cng ca volume l s MB m bn xc nh. l do mi a cha mt phin bn d liu ca a cn li. Vi mt RAID-5 volume, kch thc tng cng ca volume l s MB m bn xc nh, nhn vi s lng a bn la chn tr i 1. l do RAID-5 volume s dng kh ng gian trn mt a lu tr d liu chn l. Sau khi bn cu hnh cc tham s ny, Trnh hng dn cho php bn gn k t a cho volume v nh dng n. Chi tit qu trnh ny s c m t

    trong phn sau ca chng ny. Lm vic vi cc mirrored volume Mt mirrorred volume cung cp hiu nng cao vi kh nng chng li tt. Hai a tham gia trong mt mirrorred volume v tt c d liu s c ghi vo c hai volume ng thi. Nhm t c kh nng chng li tt nht c th, bn s s dng cc a c kt ni ti cc card giao tip ring bit. iu ny s to ra mt cu hnh c gi l cu hnh kp nhm cung cp hiu nng tt hn v cho php cc volume vn tn ti trong trng hp card giao tip li cng nh mt a li. Chuyn i mt simple volume thnh mt mirrorred volume Ngoi vic to mt mirrorred volume mi, bn cng c th chuyn i mt simple volume thnh mt mirrorred volume bng cch la chn simple volume , chn Add Mirror t thc n Action/All Tasks. Bn phi c mt a ng khc trn my tnh vi kh ng gian cha s dng gi mt phin bn ca simple volume bn la chn. Mt khi bn to mirrorred volume, h thng bt u chp d liu theo tng cung (sector) mt ti a mi c thm vo. Trong sut thi gian ny, trng thi ca volume s c th ng bo l Resynching. Phc hi t a nh x b li Tin trnh phc hi mt a li trn mt mirrorred volume t y thuc vo kiu li. Nu mt a c li tm thi v cc cng vo/ra I/O, volume trn c hai a s hin th trng thi Failed QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 545 QUN L LU TR D LIU TRN A

    Hnh 12-6: Mt mirrorred volume hin th trng thi Failed Redundancy (hng th ng tin d phng) Sau khi bn sa li do I/O gy ra c th l do cp kt ni b hng hoc ngun in cung cp la chn volume trn a li v trn thc n Action tr ti All Tasks v la chn Reactive Volume. Hoc bn c th la chn a v la chn Reactive Disk. Tin trnh kch hot li (reactive) s lm cho a hoc volume quay tr li trng thi online. K tip, h thng s ti ng b li cc a. Nu bn mun dng nh x, bn c ba s la chn t y thuc vo bn mun kt qu l g: Xa volume (Delete the volume) Nu bn xa volume, volume v tt c th ng tin cha trn u b xa. Kt qu l mt kh ng gian

    Redundancy. hnh v 12-6.

    a c li s th ng bo trng thi Offline hoc Missing nh

    cha s dng s c s dng cho cc volume mi. G b nh x (remove the mirror) Nu bn g b nh x, mirrorred volume s b xa v kh ng gian trn mt trong hai a s tr thnh cha c s dng. a cn li vn duy tr mt phin bn d liu nhng d nhin d liu ny kh ng cn tnh nng chng li. Dng nh x (Break the mirror) Nu bn dng nh x, mirrorred volume s b dng hot ng nhng c hai a vn duy tr hai phin bn d liu c lp. Phn nh x m bn la chn Break Mirror s duy tr k t a ca volume nh x gc, cc th mc chia s, file phn trang (paging) v cc im phn tch li. a th hai s c gn k t a k tip cn trng.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 546 QUN L LU TR D LIU TRN A Nu bn c mt mirrorred volume m mt a vt l b li hon ton v cn c thay th, bn kh ng th n gin nh x li mirrorred volume thm ch nu mt trong cc a trong tp nh x kh ng cn tn ti na. Trc ht, bn phi g b a li ra khi tp nh x dng nh x. La chn volume v trn thc n Action tr ti All Tasks v la chn Remove Mirror. Trong hp thoi Remove Mirror, mt iu rt quan trng l la chn a b li. a bn la chn s b xa khi bn nhp vo Remove Mirror v a cn li tr thnh mt simple volume. Mt khi tin trnh ny hon thnh, bn c th la chn simple volume v s dng cu lnh Add Mirror s dng a thay th nhm to mt mirror volume mi. LI KHUYN CHO K THI Kh nng chng li cho cc volume h thng v volume khi ng Do bn c th to mt mirror volume t mt simple volume sn c, nn nh x l k thut t nhin duy nht trn Windows Server 2003 m bn c th s dng nhm cung cp kh nng chng li cho cc volume h thng v khi ng trn my tnh. Bn kh ng th s dng kh nng RAID-5 trn Windows Server 2003 dnh cho cc volume ny bi v bn phi chuyn i cc a thnh lu tr ng v to volume trc khi c bt k d liu no c ghi ln ch ng. R rng bn kh ng th thc hin iu ny khi m h iu hnh c ci t. Tuy nhin, vic s dng RAID cng cho php bn ci t h iu hnh trn mt volume RAID-5. Lm vic vi RAID Nh cp trong chng trc, RAID l mt lot cc k thut chng li cho php my tnh hoc h iu hnh x l cc li nh mt li phn cng chng hn v vy d liu s kh ng b mt i v tin trnh hot ng s kh ng b ngng. Bn c th thc thi kh nng chng li RAID nh gii php phn cng hoc phn mm. Trong gii php phn cng, mt card RAID s iu khin qu trnh to v phc hi th ng tin d phng. Mt s nh sn xut thc hin qu trnh bo v d liu RAID trc tip trn phn cng bng card giao tip vi dy a. Do cc phng php ny c thc hin theo nh sn xut v b qua kh nng chng li ca h iu hnh, ch ng ci thin hiu nng so vi trin khai RAID mm. Cn nhc cc vn sau khi bn quyt nh xem s dng RAID cng hay RAID mm:

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 547 QUN L LU TR D LIU TRN A Trin khai RAID cng s t tin hn so vi RAID mm v c th gp phi hn ch trong vic la chn thit b ch t mt nh sn xut. Trin khai RAID cng th ng thng cung cp cc tc v vo/ra (I/O) trn a nhanh hn so vi RAID mm. Trin khai RAID cng c th bao gm cc c tnh nh thay nng cc a cng, cho php thay th mt a cng li m kh ng cn phi tt h thng v d phng nng cho php mt a b li c thay th t ng bi mt a d phng thng trc (online). Windows Server 2003 h tr ba loi RAID di y: RAID-0 l cc stripped volume nhng kh ng cung cp tnh nng chng li. Ch ng c xem xt nh mt tin trnh thc thi RAID. RAID-1 Cc mirrorred volume l kiu RAID chng li c bn nht nhng n kh ng mang li hiu qu lm. 50% kh ng gian a c dnh cho vic lu tr cc d liu d phng. RAID-5 l cc stripped volume vi bit chn l nhm cung cp tnh nng chng li vi hiu nng gia tng v mc s dng hiu qu hn so vi RAID-1. Cc i, ch c 33% kh ng gian ca dy a c s dng lu tr th ng tin chn l d phng. Vi vic trin khai RAID-1 v RAID-5 trn Windows Server 2003, kh nng chng li ch p dng cho mt a n b li. Nu mt li th hai xy ra trc khi d liu b mt t li u tin c ti to li th d liu s b mt v ch c th phc hi ch ng t c ch sao lu. CH RAID v qu trnh sao lu K thut RAID kh ng c thit k vi mc ch nhm thay th cc tin trnh sao lu h thng thng nht. Kh ng cn bit gii php lu tr ca bn c kh nng chng li ra sao, bn vn phi sao lu d liu mt cch nh k. Do cc RAID-5 volume c to ra nh cc volume ng thun cht t kh ng gian cha nh v nn bn kh ng th chuyn i mt loi volume no khc thnh RAID-5 volume m kh ng cn sao lu d liu trn v phc hi ch ng trn RAID-5 volume mi c to ra. Nu c mt a b li trong RAID-5 volume, cc d liu lu tr trn vn c th truy cp c. Trong sut tin trnh c d liu, bt k d liu no b li u c th c ti to li nh d liu cn li v d liu chn l. Hiu nng s b gim trong sut thi gian ny v nu mt a th hai b li th d QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 548 QUN L LU TR D LIU TRN A liu s b mt hon ton. Mt khi a li hot ng tr li, bn cn s dng cu lnh Rescan Disks trong mn hnh qun tr Disk Management ri kch hot volume trn a phc hi mi. Tip theo h thng s xy dng li d liu li t bit chn l, thc hin phc hi a v a volume quay tr li trng thi ban u. La chn k thut RAID Cc mirrorred volume (RAID-1) v cc RAID-5 volume cung cp cc kh

    nng chng li v hiu nng khc nhau. La chn ca bn s ph thuc vo mc bo v m bn yu cu v ti chnh dnh cho vic mua thit b phn cng ca bn. S khc bit chnh gia cc mirrorred volume v cc RAID-5 volume c tng kt trong bng 12-1 di y. Bng 12-1 So snh RAID-1 v RAID-5 Cc Mirrorred Volume (RAID-1) C th bo v phn v ng h thng hoc phn v ng khi ng Yu cu hai a cng Cc Striped Volume vi bit chn l (RAID-5) Kh ng th bo v phn v ng h thng hoc phn v ng khi ng Yu cu c ti thiu ba a cng v cho php ti a 32 a cng C mt gi tr cao hn trn mi MB 50% d phng Hiu nng c v ghi tt S dng t b nh h thng Cc i 33% d phng Hiu nng c tuyt vi v hiu nng ghi va phi Yu cu nhiu b nh h thng C mt gi tr thp hn trn mi MB

    CH Mc tiu ca k thi Cc mc tiu cho k thi 70-290 yu cu cc hc vin c kh nng thc thi gii php RAID

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 549

    Gn Khi a gn

    cc k t a bn to mt phn v ng trn mt a c bn hoc mt volume trn mt ng, New Partition Wizard v New Volume Wizard s cho php bn k t a cho phn v ng hoc volume bng cch s dng giao din

    QUN L LU TR D LIU TRN A trn trang Assign Drive Letter Or Path (gn k t a hoc nh hnh v 12-7. Mc nh, trnh hng dn s gn k t a k tip cn trng (ngoi tr A v B) cho phn v ng hoc volume mi. Bn cng c th la chn bt k mt k t a no cn cha s dng. ng dn)

    Hnh 12-7 Trang Assign Drive Letter Or Path ca New Volume Wizard Thay cho vic gn k t a cho mt volume, bn cng c th gn volume cho mt th mc rng trn mt a NTFS sn c. Bng cch ny, s lm cho ni dung thc s ca volume s xut hin nh mt th mc nm trn a khc. Kh nng cho php m rng mt h thng con lu tr trn Windows Server 2003 do nhng hn ch ca 24 k t a sn c v cho php m rng kh ng gian a trn mt volume sn c. Khi bn la chn Mount In The Following Empty NTFS Folder (gn vo mt th mc NTFS rng) bn phi tr ti th mc rng nm trn bt k a NTFS cn li trn h thng bng cch g trc tip ng dn hoc s dng n t Browse. a NTFS c th l a c bn hoc a ng v kh ng c hn ch v kiu volume m bn c th gn. V d, bn c th gn mt striped volume vi mt th mc rng nm trn mt mirrorred volume hoc bn c th gn mt phn v ng trn a c bn vi mt th mc nm trn RAID-5 volume. Mi volume s duy tr hiu nng v cc tnh nng chng li ca ring n. Cng kh ng c hn ch v h thng file ca volume bn gn. Volume c gn c th s dng FAT hoc NTFS, ch c a cha th mc rng m bn gn volume ti th phi s dng h thng file NTFS. Hnh v 12-8 biu din mt my tnh c mt th mc trn mt a c gn vi mt volume khc. Ch rng th mc s xut hin trong kin tr c phn

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 550 QUN L LU TR D LIU TRN A cp ca Explorer mt cch chnh xc theo ng v tr ca n trn nhng vi mt biu tng ca mt a. Khi ngi s dng truy cp n th mc, ch ng s c nh hng mt cch trong sut n volume c gn. a

    Hnh 12-8 Mt volume c gn vi th mc Bn cng c th thay i k t a v cc volume c gn sau khi to ra ch ng. thc hin iu ny, la chn mt a trong mn hnh qun tr Disk Management v t thc n Action tr ti All Tasks v chn Change Drive Letter And Paths. Hp thoi Change Drive Letter And Paths xut hin hin th k t a hin ti v qu trnh gn ng dn cho a nh hnh v 12-9.

    Hnh 12-9 Hp thoi Change Drive Letter And Paths Bng cch nhp vo n t Change, bn c th thay i vic gn k t a sn c hoc ng dn gn v bng cch nhp Add bn c th to ra mt ci mi. Thm ch bn c th lm c hai, gn mt k t a cho mt volume hoc phn v ng v gn n ti mt th mc NTFS ti c ng thi im. CH Thay i cc k t a Bn kh ng th thay i k t a ca volume l mt phn v ng h thng hoc phn v ng khi ng.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 551 QUN L LU TR D LIU TRN A Nu volume m bn mun thay i hin ang s dng nh mt ng dng c cc file nm trn volume ang m, h thng c th to ra mt tin trnh gn k t a mi cho volume nhng n vn gi nguyn k t a c cho n khi bn khi ng li h thng. nh dng cc volume Bc cui c ng trong New Partition Wizard v New Volume Wizard s gi p bn nh dng phn v ng hoc volume mi m bn va to bng giao

    din nh hnh v 12-10.

    Hnh 12-10 Trang Format Volume ca New Volume Wizard Cc iu khin trn trang ny gm c: File System (h thng file) Windows Server 2003 h tr ba h thng file: FAT, FAT32 v NTFS. FAT v FAT32 sn c trn h iu hnh vi mc ch duy nht l tng thch vi cc h iu hnh c. FAT nguyn gc l h thng file MS-DOS v FAT32 l mt phin bn nng cp ca FAT v c gii thiu ln u tin trn h iu hnh Windows 95. C hai h thng file ny kh ng a ra c nhng u im no khc ngoi vic tng thch vi cc h iu hnh c. V d, nu bn bt u vi mt my tnh Windows Server 2003 vi mt a MS-DOS th ch cc a c nh dng theo chun FAT v FAT32 mi c th truy cp c. Ni cch khc, NTFS bao gm nhiu tnh nn tin tin hn nh iu khin truy cp, nn d liu v hn ngch a. Nh vy, c th thy rng tr phi bn c mt l do xc ng cho vic s dng FAT hoc FAT32 bn nn nh dng cc phn v ng v volume ca bn bng cch s dng h thng file NTFS. QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 552 QUN L LU TR D LIU TRN A CH nh dng cc volume mt volume trn mt a ng sn sng. V vy nh dng FAT32 bn phi s dng c ng lnh. trn a ng Khi bn nh dng th ch c duy nht la chn NTFS cc a ng vi h thng file FAT v c format.exe trong ch dng

    Allocation Unit Size (kch thc mt n v lu tr) Xc nh kch thc ca cc lin cung m h thng file s dng xc nh kh ng gian a. Kch thc ca lin cung cng ln cho php a truy cp cc file vi kh nng c v ghi thp hn nhng cng tn nhiu kh ng gian a hn khi m cc khi ch lm y theo tng phn. Kch thc ca lin cung cng nh s tn kh ng gian a t hn nhng li gia tng thi gian c/ghi trn a. Trong hu ht cc trng hp, la chn gi tr mc nh (4KB i vi cc a cng c dung lng t 2GB tr ln) l . Nu bn c nh s dng volume ch lu tr cc file c kch thc ln, bn c th s dng

    mt gi tr cao hn. Cn i vi cc file nh, mt gi tr nh hn l ph hp. Volume Lable (nhn ca volume) xc nh tn cho volume vi chiu di ti 32 k t. Perform a Quick Format (thc hin nh dng nhanh) La chn ny cho php trnh hng dn nh dng volume m kh ng cn qut a cng d tm cc cung (sector) hng. Nu trc a c nh dng v bn chc chn rng n kh ng c li th la chn ny s lm gim ng k thi gian yu cu cho vic nh dng. Enable File and Folder Compression (cho php nn file v th mc) La chn ny lm cho tt c cc d liu c lu trn volume ny u c nn. s dng tnh nng ny, volume phi c nh dng theo chun NTFS vi kch thc n v lu tr l 4 KB hoc nh hn. Bn cng c th nh dng mt a ti bt k thi im no bng cch la chn n, trn thc n Action tr ti All Tasks v la chn Format. M rng cc volume ng Kh ng ging nh cc phn v ng trn cc a c bn, ch ng b kha vi kch thc xc nh khi bn to ch ng, bn hon ton c th m rng mt volume trn a ng vi cc kh ng gian cha s dng trn a. iu ny cho php

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 553 QUN L LU TR D LIU TRN A bn m rng mt volume khi kh ng gian lu tr ca n ti ngng m kh ng cn phi ngt kt ni volume cng nh ngt qung vic truy cp ca ngi s dng. Bn c th m rng cc simple volume v spanned volume trn mt a ng khi ch ng c nh dng theo chun NTFS v kh ng phi l cc volume h thng hoc khi ng. m rng volume, la chn n trong Disk Management, trn thc n Action tr ti All Tasks v chn Extend Volume. Extend Volume Wizard xut hin, bn c th xc nh kch thc mi ca volume cng nh thm kh ng gian t cc a khc to ra mt spanned volume. QUN TR LU TR D LIU TRN A Cc volume trn Windows Server 2003 s hiu qu v n nh hn nu bn nh dng ch ng theo chun NTFS nhng i khi bn vn cn nh dng ch ng theo chun FAT v FAT32. H thng file NTFS ghi li tt c cc phin lm vic ca file, thay th t ng cc lin cung hng v lu tr cc kha b mt ca tt c cc file trn volume NTFS. Vi c ch ny, NTFS bo v tnh ton vn ca cu tr c volume v siu d liu h thng (y l d liu lin quan n chnh bn thn h thng file). Tuy nhin d liu ngi s dng vn c th b h hng v phn mnh. Ngi s dng cng c mt thi quen l lu tr mt lng ln d liu trn cc volume m h truy cp. Cc phn di y s gii thch lm sao duy tr tnh ton vn ca cc volume, ti u ha volume qua tin trnh chng phn mnh v t cc gii hn lu tr bng cch s dng tnh nng hn ngch a. CH Mc tiu ca k thi Cc mc tiu cho k thi 70-290 yu cu cc hc vin c kh nng ti u ha hiu nng a trn my ch S dng Check Disk Check Disk (hay Chkdsk.exe) l mt c ng c trn h iu hnh Windows Server 2003 cho php bn qut mt volume trn a nhm pht hin cc li

    trn h thng file v bn cnh c th kim tra v phc hi cc cung (sector) hng trn a cng. C mt vi phng php s dng c ng c ny: M Windows Explorer, la chn mt a cc b trong Computer v chn Properties t thc n File. Trn hp thoi Properties, la chn th Tools v nhp vo Check Now.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 554 QUN L LU TR D LIU TRN A M mn hnh qun tr Disk Management, la chn mt volume, trn thc n Action tr ti All Tasks v chn Properties. Trn hp thoi Properties chn th Tools v nhp vo Check Now. M ca s mn hnh ch dng lnh, g chkdsk x: /f /r trong x: l k t a. K nhn Enter. Khi mt phn v ng c gn trn a khc v kh ng c mt k t a no, m hp thoi Properties ca im gn kt trong Windows Explorer, chn th General v nhp vo Properties m hp thoi Properties ca phn v ng thc s. Tip theo la chn th Tools v nhp vo Check Now. Khi bn chy Check Disk t hp thoi Properties ca a, bn s thy hp thoi Check Disk nh hnh v 12-11. bn c th la chn cc c ng vic m bn mun thc hin.

    Hnh 12-11 Hp thoi Check Disk Khi bn la chn Automatically Fix File System Errors (t ng sa cc li h thng file) hoc thm la chn /f trong cu lnh chkdsk.exe. Check Disk s c gng sa nhng phn kh ng tng thch trong danh mc h thng file nh cc file xut hin trong danh mc nhng kh ng xut hin trong th mc trn volume. Check Disk to ra ba bc kim tra trn a nhm kim tra siu d liu y l d liu m t xem cc file c t chc nh th no trn a. Ba bc ny c gng m bo rng tt c cc file trn volume ph hp vi bng qun l file MFT, rng cu tr c th mc l chnh xc v cc m t bo mt l ph hp. Nu bn la chn Scan For And Attempt Recovery Of Bad Sectors (qut v c gng phc hi cc sector hng) hoc thm la chn /r vo dng lnh chkdsk.exe, Check Disk s to ra bn bc kim tra nhm kim tra xem nhng cung no trn volume c dnh cho d liu ngi s dng (n i lp vi siu d liu h thng, y l d liu lu n lu n c kim tra). Nu chng trnh tm thy mt cung hng, n s phc hi d liu v di chuyn n n mt cung hot ng tt nu volume c kh nng chng li. Nu volume kh ng c tnh nng chng li, d liu kh ng th phc hi t Check

    My

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 555 QUN L LU TR D LIU TRN A Disk m bn phi phc hi t sao lu. K cung hng s b g ra khi v ng hot ng. Tt c cc file ang m phi c ng li trc khi Check Disk c th chy. Nu tt c iu khin file kh ng c gii phng (y l trng hp bn chy Check Disk trn volume h thng), bn s c nhc nh lp lch Check Disk chy ti ln k tip khi h thng khi ng li. Khi Check Disk ang chy, cc tin trnh khc kh ng th truy cp n volume. T y thuc vo kch thc ca volume, cc la chn bn chn v cc tin trnh khc ang chy trn my tnh m Check Disk mt mt khong thi gian ng k c th hon thnh cc tc v ca n. N cng i hi nhiu ti nguyn trn b vi x l v a trong qu trnh hot ng. S dng Disk Defragmenter Cc file c lu tr trn mt volume theo cc n v gi l cc cluster (lin cung). Nh cp trn, bn cn cu hnh kch thc ca lin cung khi nh dng mt a. Nhiu volume NTFS s dng kch thc lin cung mc nh l 4KB. Mi lin cung ch c th cha mt file thm ch nu kch thc ca file nh hn kch thc ca lin cung. Nu mt file c kch thc ln hn kch thc lin cung, file s c lu trn nhiu lin cung khc nhau v mi lin cung cha mt con tr ch n phn on k tip ca file. Khi c mt a mi, tt c cc lin cung l trng v khi cc file c ghi vo a n s c xu hng chim dng cc lin cung k tip nhau v mt vt l. Nhng khi cc file b xa hoc m rng v thu nh li kch thc, cc lin cung trng gi y kh ng cn gn nhau v mt vt l na. Hin tng phn mnh cc file s lm gim hiu nng c v ghi do u c a cng phi di chuyn ti nhiu v tr khc nhau trn a cng. Windows Server 2003 cung cp mt c ng c chng phn mnh a gi p bn phn tch cc volume v sp xp li cc lin cung sao cho cc file c t trn cc kh ng gian lin k nhau. C ng c chng phn mnh c ci thin mt cch ng k trong phin bn Windows 2000. Gi y n c th chng phn mnh cc volume c kch thc lin cung ln hn 4KB v c th chng phn mnh bng iu khin file MFT (Master File Table). Bn c th s dng c ng c ny chng phn mnh bt k volume no trn a cng cc b. s dng c ng c Disk Defragmenter nh hnh v 12-12 m hp thoi Properties ca mt volume bng cch s dng Windows Explorer hoc Disk Management, trong th Tools nhp vo Defragment Now. Bn cng c th m Disk Defragmenter trong mn hnh Computer Management hoc trong

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 556 QUN L LU TR D LIU TRN A mt mn hnh MMC t y bin, la chn volume v nhp vo Analyze. C ng c s hin th mt khuyn ngh da trn lng phn mnh m n pht hin ra. C ng c ny cng khuyn bn chy Check Disk trn volume trc khi thc hin chng phn mnh (y lu n l mt tng tt).

    Hnh 12-12 Mn hnh Disk Defragmenter Nu c khuyn ngh chng phn mnh nhp vo Defragment. Bn c th chng phn mnh bt k kiu volume no: FAT32 hoc NTFS, c bn hoc ng. Volume c th c cc file ang m trong tin trnh chng phn mnh nhng cc file m c th kh ng c chng phn mnh mt cch hiu qu v lm chm c tin trnh. V vy bn nn ng tt c cc file ang m trc khi thc hin tin trnh chng phn mnh. Disk Defragmenter s di chuyn cc file xung quanh a vi mc tiu thu thp tt c cc lin cung ca tng file vo mt khu vc k nhau trn kh ng gian a cng. hon thnh chng phn mnh cho mt volume, volume phi c t nht 15% kh ng gian trng. C ng c ny s dng kh ng gian ny sp xp cc file trong khi n chng phn mnh ch ng. Nu volume cha nhiu file ln cn phn mnh th kh ng gian trng ny cn phi ln hn th tin trnh chng phn mnh mi t hiu qu. Nu volume c t hn 15% kh ng gian trng th volume s ch c th chng phn mnh tng phn. CH Mc tiu ca k thi Cc mc tiu cho k thi 70-290 yu cu cc hc vin c kh nng chng phn mnh cc volume v cc phn v ng Trin khai cc hn ngch a Mt trong nhng thch thc ln nht trong qu trnh qun tr lu tr l theo di bit c mi ngi s dng chim dng bao nhiu kh ng gian

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 557 QUN L LU TR D LIU TRN A a cng trn my ch. Cho n phin bn h iu hnh Windows 2000, c mt phng php cho php bit c mc s dng kh ng gian a i vi tng ngi s dng. Windows 2000 gii thiu tnh nng qun tr hn ngch da trn NTFS nh mt c tnh nh km, cho php cc nh qun tr thit lp cc gii hn v kh ng gian lu tr i vi mi ngi s dng v Windows Server 2003 cng cung cp chc nng tng t. Khi tnh nng hn ngch a c kch hot, trnh qun l hn ngch s theo di cc file trn volume do mt ngi s dng c th no lm ch. K n s so snh mc s dng a tng cng ca tng ngi s dng vi gii hn do qun tr vin thit lp. Khi ngi s dng t ti ngng ca h, trnh qun l hn ngch s th ng bo cho h hoc ngn kh ng cho h ghi d liu ln a hoc c hai. Trnh qun tr hn ngch Windows Server 2003 th ng bo dung lng a trng trn mt volume da trn hn ngch ca mi ngi s dng. V vy nu mt ngi s dng c hn ngch 50MB trn mt RAID volume c dung lng 500 GB th l c u ngi s dng s nhn thy dung lng a trng l 50MB. Khi anh ta t ti gii hn ngch, mt th ng bo xut hin tng

    t nh nhng ch th rng volume y; h thng cnh bo kh ng gian a cng cn t v ngh xa nhng file kh ng cn thit. Mc d trong thc t kh ng gian a vn cn trng rt nhiu nhng ngi s dng kh ng th bit iu . Tin trnh cu hnh cc hn ngch bao gm cc bc sau: 1. Kch hot tnh nng hn ngch trn volume 2. 3. Cu hnh cc thit lp hn ngch mc nh To cc mc vo hn ngch cho cc ngi s dng c th

    Kch hot hn ngch Mc nh, trn Windows Server 2003 cc hn ngch a cha c kch hot. Bn phi kch hot ch ng trn tng volume mt. cho php hn ngch, m hp thoi Properties ca mt volume bng cch s dng Windows Explorer hoc Disk Management v la chn th Quota nh hnh v 12-13. K la chn hp kim tra Enable Quota Management. LI KHUYN M hp thoi Properties ca mt volume Hu ht cc ti liu u khuyn m cc c tnh ca volume t Windows Explorer bng cch kch chut phi vo mt a v la chn Properties. Tht kh ng may, tin trnh ny hn ch ch cho php bn

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 558 QUN L LU TR D LIU TRN A cu hnh cc hn ngch vi cc c k t a cn Windows Explorer s kh ng hin th th Quota vi volume gn vi mt th mc. V vy, bn nn cu hnh cc hn ngch bng cch s dng Disk Management. Mn hnh qun tr ny cho php bn m hp thoi Properties ca bt k volume no v truy cp th Quota ca n.

    Hnh 12-13 Th Quota trn hp thoi Properties ca mt volume Nu bn la chn hp kim tra Deny Disk Space To Users Exceeding Quota Limit (ngn cm kh ng cho ngi s dng chim dng kh ng gian a cng vt qu ngng hn ngch), ngi s dng no chm ti ngng lu tr s b cm a thm d liu ln volume. Bt k mt c gng no nhm ghi d liu ln volume u tht bi. Nu bn kh ng la chn hp kim tra ny th ngi s dng ch nhn c th ng bo khi h chm ngng

    nhng h thng s kh ng ngn cn vic h ghi tip d liu ln volume. Cu hnh hn ngch mc nh Bn c th qun tr hn ngch a theo hai cch : t mt hn ch lu tr mc nh p dng cho tt c mi ngi v to cc mc vo hn ngch nhm nh ngha cc gii hn cho tng ngi s dng c th. cu hnh hn ch lu tr mc nh, bn la chn Limit Disk Space To trn th Quota v xc nh dung lng lu tr ln nht dnh cho mi ngi s dng. Bn cng c th xc nh xem ngi s dng s nhn c cnh bo hay kh ng khi h gn chm ngng gii hn. Cui c ng, bn c th xc nh cc la chn v file nht k cho php trnh qun l hn ngch ng k cc s kin vo nht k h thng trong trnh xem cc s kin (Event Viewer). Cc s kin s c ghi li nhm xc nh ngi s dng theo tn v xc nh h vt qu mc cnh bo hay mc QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 559 QUN L LU TR D LIU TRN A gii hn. Cc nh qun tr c th xem cc mc vo ny trong mn hnh Event Viewer. To cc mc vo hn ngch V mt c bn, cc mc vo hn ngch l nhng ngoi l vi lut m bn nh ngha trong hn ngch mc nh. Khi bn to mt mc vo hn ngch cho mt ngi s dng c th, cc thit lp hn ngch mc nh s kh ng p dng cho ngi s dng . Cc thit lp trn cc mc vo s c p dng thay th cho php ngi s dng nhn mt ngng cao hn hoc thp hn. to cc mc vo hn ngch, nhp vo n t Quota Entries m ca s Quota Entries nh hnh v 12-14.

    Hnh 12-14 Ca s Quota Entries CH Mc vo hn ngch Mc nh, mt mc vo hn ngch xut hin trong ca s s gn cho nhm Administrators quyn kh ng hn ch v mt lu tr trn volume. iu ny cho php cc nh qun tr ci t h iu hnh, cc dch v, cc ng dng v d liu m kh ng cn quan tm n vic c vt qu hn ngch hay kh ng. Ch rng y l nhm duy nht c php gn cc mc vo hn ngch. Khi to cc mc vo hn ngch ring, bn ch c th la chn ngi

    s dng; bn c th to cc mc vo hn ngch mi cho cc nhm. Nhp vo n t New Quota Entry trn thanh tc v hoc la chn New Quota Entry t thc n Quota v bn c th la chn mt hoc nhiu ngi s dng to mt mc vo hn ngch. Mt khi bn la chn ngi s dng, hp thoi Add New Quota Entry xut hin nh hnh v 12-15 bn xc nh cc ngng lu tr v ngng cnh bo i vi ngi s dng

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 560 QUN L LU TR D LIU TRN A la chn. Khi bn to mt bn ghi cho nhiu ngi s dng, mi ngi s dng nhn ngng xc nh ring r.

    Hnh 12-15 Hp thoi Add New Quota Entry Lu tr cc mc vo hn ngch Nu bn mun p dng cc mc vo hn ngch t cho mt volume NTFS khc, bn c th xut cc v nhp ch ng vo volume kia. La chn mt hn ngch, trn thc n Quota nhp volume kia, la chn Import ri chn file mun nhp. mt volume NTFS ny mc vo ra mt file no hoc nhiu cc mc vo Export v xc nh tn file. Trn c cha cc mc vo m bn

    Gim st cc hn ngch v kh nng lu tr Hp thoi Quota Entries hin th mc s dng dung lng a vi mi ngi s dng v xc nh xem dung lng lu tr ny bng hoc trn mc cnh bo hoc mc ngng. Kh ng c c ch to ra cc cnh bo cho ngi qun tr v vic ngi s dng t ti cc ngng hn ngch ca h. V vy bn phi gim st hp thoi Quota Entries hoc cc nht k nm trong phn System ca Event Viewer. CH Mc tiu ca k thi Cc mc tiu cho k thi 70-290 yu cu cc hc vin c kh nng gim st cc hn ngch a

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 561

    TNG KT QUN L LU TR D LIU TRN A Windows Server 2003 h tr hai loi lu tr: c bn v ng c ng vi ba h thng file: FAT, FAT32 v NTFS. Hu ht cc c tnh qun tr lu tr tin tin ch sn sng trn cc volume trn a ng v c nh dng theo chun NTFS. Cc a c bn v h thng file FAT cung cp tinh tng thch vi cc h iu hnh Windows c nhng b hn ch bi dung lng ca ch ng. Mt a c bn c th cu hnh ln ti bn phn v ng ca c hai loi: chnh v m rng. Ch c mt phn v ng m rng duy nht trn a nhng bn c th to nhiu a logic khc nhau t y theo nhu cu ca bn. Cc a ng cung cp cc la chn linh hot v mnh m trong cc cu hnh vi yu cu nhiu hn mt a. Mt a ng ch c duy nht mt phn v ng nhng bn c th c t y thch bao nhiu volume trn phn v ng . Cc a c bn c th chuyn i thnh cc a ng m kh ng mt mt d liu nhng bn s mt tt c d liu v cc volume s b xa khi thc hin chuyn i mt a ng thnh mt a c bn. Cc a ng h tr cc loi volume sau: simple, spanned, striped, mirrored v RAID-5 cung cp kh nng lu tr t y thuc vo dung lng, hiu nng v kh nng chng li. Mirrored volume (RAID-1) cung cp kh nng chng li, n duy tr mt phin bn sao lu trn c hai a. Cc striped volume vi bit chn l (RAID-5) s a d liu ln trn nhiu a v s dng d liu chn l. Cc d liu ny c duy tr vi mc ch tnh ton d liu b li khi c mt a b h hng. Cc simple volume, spanned volume, striped volume (RAID-0) v tt c cc a logic trn cc a c bn u kh ng c tnh nng chng li. Tt c d liu s b mt i nu c bt k a no b li. Cc volume ny cng ln hoc nhiu a vt l h tr cho ch ng th kh nng b li cng cao. to v qun tr cc a c bm v a ng, bn s dng Disk Management. Cc c ng vic qun l a th ng dng gm c to v xa cc phn v ng, cc volume v gn cc k t a, cc im gn kt.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 562 QUN L LU TR D LIU TRN A

    Cc volume c th b hng hoc phn mnh v thng xuyn b y. Cc c ng c nh Check Disk, Disk Defragmenter v Quota Manager s gi p bn qun tr cc volume sn c. Cc hn ngch a cho php bn thit lp v gim st cc ngng lu tr v ngn cn ngi s dng ghi d liu ln a mt khi anh ta vt qu mc ngng. Cc hn ngch c th c cu hnh cho tng ngi s dng, trn tng volume. BI TP THC HNH =============================================== Bi tp thc hnh 12-1: S dng Check Disk Trong bi thc hnh ny, bn s s dng c ng c Check Disk kim tra iu kin trn C: my tnh ca bn. 1. Truy cp vo h iu hnh Windows Server 2003 bng ti khon Administrator. 2. Nhp Start, sau nhp vo Windows Explorer.

    3. La chn a C trong Windows Explorer v t thc n File la chn Properties. Hp thoi Local Disk (C:) Properties xut hin. 4. La chn th Tools v nhp vo Check Now. H p thoi Check Disk Local Disk (C:) xut hin. 5. La chn cc hp kim tra Automatically Fix File System Errors v Scan For And Attempt Recovery Of Bad Sector v nhp Start. Mt hp th ng bo Checking Disk Local Disk (C:) xut hin ng rng Check Disk yu cu truy cp hon ton n a. 6. Nhp Yes lp lch cho tin trnh kim tra a ti ln k tip khi bn khi ng li my tnh. 7. Khi ng li my tnh v theo di tin trnh kim tra a xy ra. ===============================================

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 563 QUN L LU TR D LIU TRN A Bi tp thc hnh 12-2: Chng phn mnh mt a cng Trong bi thc hnh ny, bn s s dng c ng c Disk Defragmenter chng phn mnh cho a C my tnh ca bn. 1. Truy cp vo h iu hnh Windows Server 2003 bng ti khon Administrator. 2. Nhp Start v nhp Windows Explorer.

    3. La chn a C trong Windows Explorer v t thc n File la chn Properties. Hp thoi Local Disk (C:) Properties xut hin.

    4. La chn th Tools v nhp vo Defragment Now. Mn hnh Disk Defragmenter xut hin. 5. Nhp Analyze. Sau qu trnh phn tch, mt hp th ng bo Disk Defragmenter xut hin xc nh xem bn c nn chng phn mnh a ny kh ng. 6. Bt k nhng khuyn ngh ca chng trnh, nhp Defragment bt u tin trnh chng phn mnh a. Khi tin trnh ny kt th c, mt th ng bo khc xut hin cho php bn xem li bo co v qu trnh hot ng ca qu trnh. =============================================== Bi tp thc hnh 12-3: Cu hnh cc hn ngch a mc nh Trong bi thc hnh ny, bn s cu hnh cc hn ngch a mc nh cho a C my tnh ca bn. 1. Truy cp vo h iu hnh Windows Server 2003 bng ti khon Administrator. 2. Nhp Start v nhp Windows Explorer.

    3. La chn a C trong Windows Explorer v t thc n File la chn Properties. Hp thoi Local Disk (C:) Properties xut hin.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 564 QUN L LU TR D LIU TRN A 4. La chn th Management. Quota ri la chn hp kim tra Enable Quota

    5. La chn Limit Disk Space To v xc nh mt dung lng ti a l 5000MB. 6. Trong iu khin cnh bo l 450MB. Set Warning Level To xc nh mt mc

    7. La chn c hai hp kim tra v tin trnh ghi li nht k i vi hn ngch v nhp OK. Mt hp th ng bo Disk Quota xut hin.

    8. Nhp ngch.

    OK

    ng hp th ng bo v kch hot h thng hn

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 565

    CU HI N TP QUN L LU TR D LIU TRN A 1. Nhng p n no di y cung cp kh nng phc hi nu c li xy ra i vi mt a cng n? a. b. c. d. e. f. g. h. a logic Simple volume Mirrored volume Striped volume Phn v ng m rng Spanned volume RAID-5 volume Phn v ng chnh

    2. Bn c mt my tnh c ci t hai h iu hnh trong phng lab. My tnh ci t Windows NT4 trn phn v ng chnh u tin v Windows Server 2003 c ci t trn phn v ng th hai. My tnh ang trong tnh trng thiu kh ng gian a cng v vy bn cn thm mt

    a cng mi. Bn khi ng my tnh vi h iu hnh Windows Server 2003 v cu hnh a ny l mt a ng. Sau bn khi ng vi Windows NT4 v bn kh ng th nhn thy a ny. Ti sao? 3. Nhm cung cp tnh nng chng li, hiu nng cao nht v kh nng thay th nng mt a li bn mua mt RAID cng vi 7 a. Sau khi ci t nhm a ny, bn ch nhn thy duy nht mt a mi trn Windows Server 2003. Ti sao? 4. a. b. c. Nhng p n no di y cho php bn to cc a logic? Cc phn v ng chnh Cc simple volume Cc spanned volume

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 566 QUN L LU TR D LIU TRN A

    5. Gn y bn c thm mt a cng cho my tnh ca bn. Trc kia a ny c s dng trn mt my tnh ci t Windows 2000 Server. a xut hin trong Device Manager nhng li kh ng hin th chnh xc trong Disk Management. Mc thc n no bn phi la chn? a. b. c. Import Foreign Disk (nhp mt a bn ngoi) Format (nh dng) Rescan Disks (qut li cc a)

    d. Change Drive Letter And Paths (thay i k t a v ng dn) e. Convert To Dynamic Disk (chuyn i thnh a ng)

    6. Bn c gng chuyn i mt a FireWire ngoi vi t c ch lu tr c bn thnh lu tr ng nhng la chn Convert (chuyn i) kh ng sn sng. L do v sao? 7. Bn l nh qun tr ca mt my tnh Windows Server 2003. Bn mun sa bt k mt li no xy ra vi h thng file v phc hi cc cung hng trn a cng ca my tnh. C ng c no cho php bn thc hin c ng vic ny? a. b. c. Check Disk Disk Defragmenter Diskpart.exe

    e.

    Kh ng gian a cha s dng

    d.

    Cc phn v ng m rng

    d.

    Disk quotas

    8. Dung lng kh ng gian a trng yu cu trn mt volume c th hon thnh mt tin trnh chng phn mnh l bao nhiu?

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 567

    a. b. c. d. e.

    5% 10% 15% 25% 50%

    QUN L LU TR D LIU TRN A 9. Bn ang trin khai gii php RAID mm trn my tnh Windows Server 2003 ca bn. Bn mun cung cp tnh nng chng li cho cc phn v ng h thng v khi ng. Bn s s dng phin bn no ca RAID? a. b. c.

    RAID-0 RAID-1 RAID-5 bo v phn v ng

    10.Bn ang ci t bo v d liu trn cung cp a vo/ra cng. Gii php ca a. b. c. d. RAID-0 RAID-1 RAID-5 RAID cng

    mt my tnh Windows Server 2003 v bn mun a cng. Bn mun trin khai mt gii php nhm nhanh nht c th v h tr thay th nng cc a bn l g?

    11.Bn ang ci t RAID-5 trn my tnh Windows Server 2003. Bn lp k hoch s dng 5 a cng mi ci c dung lng 20GB. Phn trm dung lng d phng bn c th d on trong cu hnh? a. 20

    d. Kh ng th s dng RAID mm khi ng

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 568

    b. c. d.

    25 33 50

    QUN L LU TR D LIU TRN A 12.Bn ang ci t RAID mm trn my tnh Windows Server 2003 nhm cung cp tnh nng chng li cho d liu lu tr trn . My tnh ny c vai tr l my ch c s d liu trn mng. My ch ny thng thc hin nhiu chc nng c nhng li kh t chc nng ghi. Bn mun c mt gii php chng li nhm cung cp hiu nng cao nht. Bn s s dng gii php RAID no? a. b. c. RAID-0 RAID-1 RAID-5

    13.Trn mt my tnh bn mun trin khai RAID-5 c ba a cng mi a c 2GB kh ng gian cha s dng. S dng mn hnh Disk Management, bn khi to New Volume Wizard bng cch nhp vo mt trong cc v ng kh ng gian a cng cha s dng. Khi bn ti mn hnh Select Volume Type, la chn RAID-5 kh ng c kch hot. L do v sao? a. b. bn c. d. e. trin khai RAID-5 cng Mt hoc hai a cng c cu hnh c ch lu tr c C ba a cng c cu hnh c ch lu tr ng C ba a cng c cu hnh c ch lu tr c bn trin khai RAID-5 mm

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 569

    QUN L LU TR D LIU TRN A

    CC KCH BN TNH HUNG =============================================== Kch bn 12-1: S dng RAID Minh c hai a cng 100-GB SCSI trn mt my ch Windows Server 2003 do anh ta qun tr. My ch ny cng c mt b iu khin RAID cng h tr RAID-0,1,5. Hin ti trn a cng th nht s dng 70 GB v a th hai ang trng. Minh s rng a th nht c th b hng gy ra mt mt d liu trn . Minh ang cn nhc gii php sao lu nh k nhng kh ng c thit b no cho php sao lu dung lng d liu nh vy. Anh ta mun trin khai mt gii php cung cp tnh nng chng li cho a th nht. Trong cc gii php di y, u l gii php cho php anh ta thc hin vi cu hnh hin ti ca my ch Windows Server 2003? 1. Cu hnh dch v shadow copy trn volume nm trn a cng th nht. 2. Cu hnh cc a trong cu hnh RAID-5 s dng c ng c cu hnh ca b iu khin RAID cng. 3. Cu hnh cc a trong cu hnh RAID-0 s dng c ng c cu hnh ca b iu khin RAID cng. 4. Cu hnh cc a trong cu hnh RAID-1 s dng c ng c cu hnh ca b iu khin RAID cng. =============================================== Kch bn 12-2: Tng kh nng lu tr Minh l nh qun tr h thng ca my ch file Windows Server 2003. My ch ny hin ti c hai a cng. a th nht c dung lng 30 GB nm gi cc file ca h iu hnh. a th hai c dung lng 80 GB nm gi d liu ngi s dng trn 05 th mc chia s ring bit. Mi th mc chia s tng ng vi mt phng trong c ng ty v ch ng li c chia thnh 03 th mc ring bit. Th mc th nht l cha cc ti liu phng, th mc th hai cha cc ti liu lm vic nhm v th mc th ba cha d liu ca tng c nhn.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 570 QUN L LU TR D LIU TRN A Tt c ngi s dng u c quyn Read i vi th mc ca phng v c quyn Read/Write i vi th mc cha ti liu lm vic nhm. Ngoi ra, mi ngi s dng c ton quyn i vi th mc d liu c nhn ca mnh. Duy nht ch c mnh anh ta mi c quyn trn th mc ca mnh, nhng ngi s dng khc kh ng c bt k quyn no trn . H thng 05 th mc chia s ny lm vic tt v tt c cc nhn vin trong c ng ty u hiu cu tr c lu tr v tm kim ti liu. C mt vn trong tin trnh pht trin l d liu ngi s dng trn 05 th mc chia s ca cc phng pht trin qu nhanh lm cho a lu tr d

    liu ny hu nh y. Vn ny buc Minh phi trin khai mt gii php nhm gii quyt li ny. Mc tiu chnh ca anh ta l thm kh ng gian cho mi chia s m bo rng a lu tr cc th mc chia s ny kh ng b y. Anh ta cng nhn c yu cu t pha gim c, nh l mt mc tiu th yu, cn phi m bo cc vn sau: Ch gi 05 th mc chia s v m bo th mc d liu ngi s dng l ngoi mi chia s mc phng. Cung cp tnh nng chng li cho cc file c chia s Gi nguyn c ch bo mt hin ti ang s dng v vy nhng ngi s dng ring l c ton quyn iu khin vi th mc ca h v nhng ngi s dng khc kh ng th truy cp c. t c mc tiu ny, Minh tin hnh cc c ng vic sau. Trong qung thi gian lp lch sau na m, khi kh ng c ngi s dng no kt ni ti my ch anh ta tin hnh tt my ch v ci t nm a cng mi c dung lng 100 GB trn . K anh ta nh dng mi a nh mt volume vi h thng file NTFS v to ra mt th mc mi c tn Temp trn mi th mc lu tr cc chia s ca tng phng. Ln lt tng ci mt, anh ta gn kt nm a cng vi mi th mc Temp sao cho mi th mc ny tr ti mt a cng ca ring ch ng. Sau anh ta chp d liu ca th mc d liu ngi s dng vo th mc Temp trn mi chia s v k anh ta xa th mc d liu gc. Cui c ng, Minh i tn th mc Temp thnh tn ca th mc d liu ngi s dng. Vi gii php ni trn, theo bn Minh c th t c nhng mc tiu no? a. Anh ta kh ng t c bt k mc tiu chnh no nhng li t c tt c cc mc tiu do gim c a ra. b. Anh ta t c mc tiu chnh v mt mc tiu th yu.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 571 QUN L LU TR D LIU TRN A c. d. e. Anh ta t c mc tiu chnh v hai mc tiu th yu. Anh ta t c tt c cc mc tiu chnh v mc tiu th yu. Anh ta kh ng t c mc tiu no c.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 572

    THUT NG access control entry (ACE) Mc vo Kim sot Truy nhp: mt mc vo (dng) trong Danh sch Kim sot Truy nhp (access control list ACL) xc nh cc cp php c trao cho mt Ch th Bo mt c th no .. access control list (ACL) Danh sch Kim sot Truy nhp Mt tp hp cc Mc vo Kim sot Truy nhp lin quan ti file, folder, i tng Active Directory hay cc ti nguyn khc xc nh cc cp php m

    cc Ch th Bo mt (nh ngi d ng, my tnh) c khi truy nhp cc ti nguyn. ACE Xem access control entry (ACE). ACL Xem access control list (ACL). active partition Phn v ng c tch cc Phn v ng c cha cc file khi ng ca h thng. archive bit Bit l tr C 1 bit c cha trong tt c cc file gi p cho cc chng trnh sao lu xc nh c file no cn lu tr. Cc file mi to c bit lu tr c kch hot v vic thc hin sao lu ton phn s xa bt ny. Bit lu tr ny li THUT NG c kch hot li khi ta tin hnh sa i file, gi p cho cc ch sao lu tng ln hay sai khc c th sao lu cc file c sa i.. attribute thuc tnh Mt thnh phn nguyn t ca i tng Active Directory cung cp cc th ng tin v i tng, v d i tng ngi d ng c cc thuc tnh tn goi, tn h, a ch E-mail ca ngi d ng. Autochanger B np t ng Mt loi thit b phn cng bao gm mt hay nhiu bng t, mt dy cc bng t v c cu t ng a cc bng t nht nh vo bng. B np t ng gi p cc Qun tr h thng thc hin cc chin lc sao lu t ng. Baseline ng c s Mt tp hp cc mc hiu nng thu c trong iu kin hot ng bnh thng. c d ng so snh vi cc mc hiu nng thu c sau ny, khi h thng gp vn khi hot ng. Bottleneck N t c chai Mt thnh phn no trong h thng kh ng cung cp c ng mc hiu nng nh cc thnh phn khc, gy nn vic hot ng chm ch ca ton h thng. CAL Xem Client Access License (CAL).

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 573

    Client Access License (CAL) Giy php Truy nhp t My khch Mt loi giy php cho php ngi d ng hay thit b kt ni ti sn phm my ch thc hin cc chc nng s dng cc thnh phn my ch, bao gm cc dch v file, in n, xc thc. Cc truy nhp kh ng xc thc th ng qua Internet kh ng yu cu c giy php ny. commit memory B nh cam kt Lng b nh c t sn cho cc chng trnh ngi d ng v h thng. computer object i tng My tnh Mt kiu i tng Active Directory i din cho mt my tnh c th trong Min. i tng ny bao gm Ti khon My tnh, gi p h thng c th thit lp knh bo mt gia My tnh v My ch iu khin Min, v cc th ng tin v my tnh. container object i tng cha Mt loi i tng Active Directory c th cha trong n cc i tng khc. details pane Khung chi tit Khung pha bn phi trong Bng iu khin Qun tr Microsoft (MMC), hin th cc th ng tin chi tit v cc thnh phn c la chn trn khung THUT NG Phm vi bn tri ca s MMC. device driver Trnh iu khin Thit b Mt tp cc thng trnh thc hin cc chc nng chuyn bit ca thit b tr gi p cho cc hot ng vo/ra ca n. differential backup Sao lu Sai khc (vi sai) Mt kiu sao lu c s dng b lc sao cho

    ch cc file thay i sau ln sao lu ton phn gn nht c sao lu. Kiu sao lu ny ch sao lu cc file c bit lu tr c kch hot v kh ng thay i gi tr bit sao lu ca file. Sao lu Sai khc yu cu nhiu kh ng gian lu tr hn so vi kiu Sao lu Tng ln do cc file c thay i s c sao lu trong tt c cc ln thc hin kiu sao lu ny cho n ln thc hin Sao lu Ton phn k tip. Tuy nhin, kiu sao lu ny gi p thc hin vic phc hi d dng v nhanh chng hn do ch cn mt bn sao lu ton phn v mt bn sao lu sai khc gn nht l . Xem thm incremental backup. direct memory access (DMA) channel Knh Truy nhp B nh Trc tip Mt knh dn c cc thit b phn cng s dng truyn trc tip d liu QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 574

    vo/ra b nh h thng (kh ng th ng qua CPU). directory service Dch v th mc Mt c s d liu bao gm cc th ng tin v cc thc th v ti nguyn mng, dc cc ngi d ng s dng nh l mt hng dn truy nhp cc ti nguyn mng v nh l mt ngun xc thc. Cc h iu hnh mng trc y s dng Dch v th mc dng cc file bng c bn, nh Windows NT v Novell NetWare. Ngy nay, cc Dch v th mc, nh Active Directory ca Microsoft v eDirectory ca Novell, c xy dng c tnh cu tr c trt t v h tr cho cc mng doanh nghip ln. distribution group Nhm Phn phi Mt kiu nhm

    Active Directory kh ng th thc hin cc chc nng nh cc Ch th Bo mt, dc s dng chnh to ra cc dan sch E-mail. DMA channel Knh DMA Xem direct memory access (DMA) channel. Domain Min Mt tp hp ca cc ngi d ng, my tnh, ti nguyn c cc th ng tin ca ch ng c lu tr trong Dch v Th mc trn my ch (gi l My ch Qun tr Min hay DC). THUT NG domain controller My ch Qun tr Min Mt my tnh chy h iu hnh Windows Server 2003, Windows 2000, hay Windows NT c ch nh lu tr v x l cc th ng tin Dch v Th mc. Min Windows NT v dch v Active Directory lu CSDL dch v th mc trn my tnh ny, ng thi ch ng cng lm nhim v xc thc cc ngi d ng mun truy nhp cc ti nguyn mng.. domain functional level Cp Chc nng Min Mt thit lp ch nh cc chc nng no ca Active Directory l c th thc hin trong Min. Vic thc thi Active Directory trong cc phin bn khc nhau ca Windows c khc nhau i ch t trong cc tnh nng ca n v Cp Chc nng Min kim sot cc t hp nhm hay cc s chuyn i nhm no l c th thc hin c. domain local group Nhm Cc b Min Mt loi phm vi nhm Active Directory c s dng chnh cung cp truy nhp ti cc ngun ti nguyn trong mt Min n. Duplexing Nhn bn Vic ci t theo kiu nh x a, trong mi a vt l s c kt ni ti mt knh/card iu khin khc nhau. K thut ny QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003

    575

    cho hiu nng tt v kh nng chng li c i vi cc hng hc ca a cng nh ca knh/card iu khin. effective permissions Cc Cp php Hiu dng l s kt hp ca cc cp php Cho php, T chi, Tha k, v Trc tip i vi Ch th Bo mt. N cho php xem trc tip cc cp php c hiu lc i vi Ch th Bo mt khi thc hin chc nng truy cp n ti nguyn. Forest Rng mt nhm cc cy Active Directory s dng cc khong kh ng gian tn khc nhau. forest functional level Cp Chc nng Rng Mt thit lp xc nh cc chc nng Active Directory no l c th thc hin trong rng. nng cp chc nng rng kh ng nh hng n cc hot ng ca nhm Active Director. Fragmentation Phn mnh Mt trng thi ca a c cha cc file c lu tr trn nhiu lin cung cch xa nhau. Do u c phi di chuyn trn ton b a c cc th ng tin ca mt file nn hiu nng chung s gim. global group Nhm Ton cc Mt loi phm vi nhm Active Directory c s dng th ng dng nht cho vic cp php THUT NG cho cc i tng th mc c yu cu thng xuyn bo tr, nh ti khon ngi d ng, my tnh. GPO Xem group policy object (GPO). group policy object (GPO) i tng Chnh sch Nhm Mt tp hp ca cc thit lp chnh sch nhm p dng trn Min, Site, hay i tng OU (organizational unit).

    host header Tiu My ch Mt phng php d ng phn bit cc Web Site chy trn mt my ch khi n ch s dng mt a ch IP v mt s hiu cng. Bng vic xc nh tn ca my ch Web (Tiu My ch) trong yu cu HTTP, my ch Web c th chuyn tip mi yu cu trn ti mt Web Ste tng ng. hotfix Bn sa li nng Mt ming v hay bn cp nht cho cc sn phm ca Microsoft khc phc mt vn nu trong mt bi lin quan ti Microsoft Knowledge Base (mt dng tp san cc kin thc t Microsoft). Bn sa li nng uc p dng cho cc my tnh c thc hin mt s tc v nht nh hay gp phi cc vn tng t nh bi bo ch ra.. QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 576

    incremental backup Sao lu Tng ln Mt kiu sao lu c s dng b lc sao cho ch thc hin sao lu vi cc file b thay i t ln sao lu trc. B lc s nh gi bt lu tr ca mi file v ch sao lu cc file no c bt lu tr c kch hot. Sao lu Tng ln s sa li gi tr bit lu tr sau mi ln sao lu (kh ng ging nh Sao lu Sai khc, ch ng kh ng sa bit lu tr). Kiu sao lu ny chng s dng t bng/a sao lu hn do ch ng kh ng tin hnh sao lu li cc file c sao lu t ln sao lu trc m kh ng c thay i g. Nhng vic phc hi cc d liu sao lu ny l kh khn hn do phi phc hi ln lt theo ng th t tt c cc bn sao lu c k t ln sao lu ton phn gn nht. interrupt request (IRQ) Yu cu ngt mt tn hiu c gi

    t thnh phn ny n thnh phn khc ca h thng (th ng thng c gi t thit b ngoi vi n b vi x l) bo hiu rng thit b gi i hi s ch ca thit b nhn. I/O address a ch Vo/Ra v tr trong b nh nh cho mt thit b phn cng no s dng, d ng trao i th ng tin vi h thng. THUT NG IRQ Xem interrupt request (IRQ) leaf object i tng L Mt loi i tng Active Directory kh ng th cha bt c mt i tng khc no trong n. license group Nhm Giy php Do Dch v Nht k Giy php (License Logging Service) phn phi cc giy php theo tn ngi d ng ch kh ng phi tn thit b nn cc giy php truy nhp t my trm cp cho thit b (Device Client Access Licenses) c trao cho Nhm Giy php. Mt Nhm Giy php c th c mt hay nhiu ngi d ng c trao cho mt s giy php ng bng s cc thit b m h d ng truy nhp cc sn phm my ch. local group Nhm Cc b L nhm ca cc ti khon trn cc my ch c lp hay cc my ch thnh vin chy Windows Server 2003. Nhm Cc b c th c cc ngi d ng cc b v cc nhm ton cc min l thnh vin ca n nhng ch cung cp vic truy nhp n cc ti nguyn c trn h thng cc b c cha nhm ny. locally attached printer My in Kt ni Cc b Mt my in vt l c kt ni trc tip ti my tnh, th ng thng s dng cc cng song song hay USB. QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 577

    local user profile Khi lc Ngi d ng Cc b L tp hp ca cc file v folder xy dng nn m i trng mn hnh nn dnh cho mt ngi d ng xc nh, c lu tr trn a cc b. logical printer My in Logic L i din ca my in vt l trn my tnh, n gi cc tc v in n my in vt l th ng qua cng xc nh. My in logic bao gm hng i in, trnh iu khin my in, cc thit lp, cp php v cc thit lp mc nh in qun l vic to ra cc tc v in cho my in vt l. mandatory user profile Khi lc Ngi d ng Bt buc Mt loi khi lc ngi d ng dng ch c, n kh ng duy tr c cc thay i khi lc gia cc phin lm vic. Ngi d ng c th thay i khi lc ca h, nhng cc thay i ny s kh ng c lu li khi h ng xut. memory leak R r b nh L kt qu ca vic cc chng trnh dnh b nh cho mnh hot ng nhng sau kh ng gii phng ch ng khi kh ng d ng na.. mirrored volume a logic nh x Hai a c ng duy tr bn sao ging ht nhau ca d liu. y l dng RAID mm duy THUT NG nht c th p dng trn cc h thng. N cung cp hiu nng tt trong vic c v ghi, kh nng chng li rt tt nhng gi thnh cao do phi dnh 50% tng dung lng a lu cc th ng tin d phng. network-attached printer My in cm trc tip vo mng Mt loai my in c cm trc tip vo mng thay cho cm vo my tnh. Cc my tnh thng giao tip vi my in ny bng cch s dng a ch IP. network printer My in mng trong khi nim ca Windows,

    My in logic trn my trm l khch ca my in logic nm trn my tnh khc c chia s trn mng. My in logic c chia s trn mng ny c gi l My in mng. object i tng Mt khi c bn ca dc v th mc Active Directory. Cc i tng l cc thnh phn ddaij din cho cc ti nguyn nh ngi d ng, my tnh Min hay nhm. Mi i tng c mttp hp cc thuc tnh cha cc th ng tin v bn thn i tng. V d, cc thuc tnh ca i tng ngi d ng bao gm tn goi, tn h, v a ch E-mail ca ngi d ng. QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 578

    organizational unit (OU) n v T chc Mt loi i tng cha Active Directory c s dng trong ni b min. OU l i tng cha logic trong ta c th b tr ngi d ng, my tnh v cc OU khc. OU ch c th cha trong n cc i tng c ng min. OU l phm vi nh nht bn c th p dng chnh sch nhm hay y quyn qun tr. OU Xem organizational unit (OU). Per Device or Per User licensing mode Ch giy php theo ngi d ng hay theo thit b Mt yu cu giy php cho php trao quyn cho mt ngi d ng (c th s dng nhiu thit b) hoc cho mt thit b (c th c nhiu ngi d ng) c truy cp n bt c sn phm my ch no. performance counter Bin m Hiu nng mt loi bo co d liu lin quan n i tng hiu nng. performance instance Trng

    hp ring hiu nng Mt s kin ring ca bin m hiu nng. Nu my ch c bn b vi x l, ch ng ta s c bn trng hp ring cho mi bin m hiu nng ca i tng b vi x l, c nh s t 0 n 3. THUT NG performance object i tng Hiu nng Mt tp hp logic ca cc mc d liu bo co hoc cc bin m lin kt vi ti nguyn, dch v hay ng dng c theo di. Per Server licensing mode Ch giy php theo my ch Yu cu giy php s c cp khi ngi d ng hay thit b kt ni ti my ch hay cc sn phm my ch. Khi ngi d ng ngt kt ni, giy php li c tr li vo nhm giy php c th cp, sn sng cp cho cc ngi d ng hay thit b khc. Ch ny yu cu mt s lng giy php h tr cho s lng ngi d ng ln nht c ng kt ni ti mi my ch ti mt thi im.. Plug and Play (PnP) Cm v Chy Mt tiu chun xc nh cc c tnh ca cc thnh phn my tnh cho php vic t ng pht hin v cu hnh cc thnh phn phn cng ny. PnP Xem Plug and Play (PnP). print queue Hng i in Mt danh sch cc tc v in ang i c chuyn sang my in vt l. print server My ch in n My tnh c cu hnh chia s my in vi cc my trm trn mng. My ch in n sp xp QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 579

    cc tc v in n nhn c t

    my khch v ln lt chuyn cc tc v ny ti my in vt l. RAID-5 volume logic RAID-5 a logic trn d liu c ghi c ng l c trn nhiu cng vt l (t 3 n 32 ) vi c ng tc km theo th ng tin chn l nhm cung cp kh nng chng li khi logic b hng mt n. Cu hnh ni trn cung cp hiu nng c tt v s dng tit kim dung lng a, nhng tc ghi kh ng tt v tiu tn ti nguyn b vi x l nhiu hn do vic phi tnh ton th ng tin chn l trong qu trnh ghi. roaming user profile Khi lc Ngi d ng Di tr Mt loi khi lc ngi d ng da trn my ch, c lu trn a chia s trn mng m ngi d ng c th truy nhp t bt c my tnh no. scope pane Khung phm vi khung bn tri trong ca s MMC, hin th cc snap-in c ci t trong bng iu khin. security group Nhm Bo mt Mt kiu nhm Active Directory c s dng nh cc ch th bo mt trong cc Danh sch Kim sat Truy nhp (ACL). THUT NG security identifier (SID) m nhn dng bo mt Mt gi tr duy nht c gn cho mi i tong Active Directory khi ch ng c to ra. security principal Ch th Bo mt Ngi/i tng s hu tai khon c gn m nhn dng bo mt mt cch t ng c th truy cp n cc ti nguyn. Ch th bo mt c th l ngi d ng, nhm, my tnh hay dch v service pack Gi dch v mt tp hp cc ming v v cc bn cp nht cho mt sn phm ca Microsoft c th nghim c ng nhau v c khuyn co ci t ln tt c cc my tnh chy sn phm ni trn. SID Xem security identifier

    (SID). simple volume logic n gin Tng dng vi khi nim phn v ng trong a c bn. ny ch nm trn mt cng vt l do vy kh ng c kh nng chu li. slipstreaming Qu trnh tch hp cc service pack v/hoc cc bn sa li nng vo b ci t h iu hnh Windows. snap-in Mt module ng dng c mc dch c bit d ng chy trong cc MMC. C hai loi snap-in, c lp QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 580

    (standalone) c th thm trc tip vo MMC v m rng (extension) nht thit phi gn vi mt Snap-in c lp. spanned volume logic m rng Mt a logic bao gm cc khong kh ng gian trn nhiu a cng. do dung lng ln cng nh gm nhiu a cng nn loi ny rt d hng v l kh ng chu li. special permission Cp php c bit thnh phn cung cp cho cc ch th bo mt cc mc truy cp chi tit hn n cc ti nguyn. standard permission Cp php tiu chun Mt tp hp cc cp php xc nh c s dng cung cp cho cc ch th bo mt vi mc s dng thng xuyn truy nhp vo ti nguyn. striped volume logic c chia vch Mt loi Logic trong d liu c ghi trn nhiu vt l vi c ng tc theo tng khi (vch). N cung cp mt hiu nng dung lng tt nht so vi cc loi khc nhng kh ng c kh nng chu li. tree Cy Mt nhm cc min Active Directory cng chia s

    mt khong kh ng gian tn lin tc. V d, sales.microsoft.com v developers.microsoft.com l THUT NG cc min Active Directory trong c ng mt cy. UNC Xem Universal Naming Convention (UNC). Uniform Resource Locator (URL) Mt kiu k hiu/ng dn chun inh v ti nguyn trn Internet, v d http://www.adatum.com. universal group Nhm tng hp Mt loi phm vi nhm thng c s dng truy nhp ti cc ti nguyn trn nhiu min. Universal Naming Convention (UNC) Mt kiu k hiu/ng dn chun c s dng truy cp cc ti nguyn trn mng, UNC s dng nh dng: \\TnMyCh\TnChiaS. URL Xem Uniform Resource Locator (URL). virtual directory Th mc o mt i tng IIS cho php mt th mc bt k trn my cc b hay cc a chia s trn my khc xut hin nh l mt th mc con trong Web Site. volume shadow copy Sao chp bng ca mt tnh nng ca Windows Server 2003 v Windows XP duy tr mt th vin bao gm nhiu phin bn khc nhau ca cc file c la chn. Ngi d ng c th la QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 581

    chn mt phin bn nht nh phc hi khi cn v cc chng trnh sao lu s s dng THUT NG cc phin bn ny sao lu

    cc file ang m.

    QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003

    582

    You might also like