You are on page 1of 14

Major Differences between windows 2000 & 2003

OS Related
Windows 2003 supports 64 bit version OS
Windows 2003 supports SharePoint services
Windows 2003 supports Volume Shadow Copies
Windows 2003 supports increased security or !nternet connections
Windows 2003 has "utomated System #ecovery $"S#% eature
Windows 2003 has !nbuilt irewall&
Windows Server 2003 introduces the concept o a 'a(ority )ode Set& *his allows server clusters
to be built without usin+ the shared dis, or the -uorum& *his enables you to build and coni+ure
+eo+raphically dispersed clusters&
Windows 2000 supports !PV4 whereas 2003 supports both !PV4 . !PV6
Windows 2000 supports only / processors and 64 01 #"' whereas 2003 supports up to 64
processors and ma2 o 34201 #"'&
Windows 2000 supports 45node clusterin+ and 2003 supports /5node clusterin+
Windows 2000 5 !!S 3 and windows 2003 6 !!S 6
Windows 2000 doesn7t support 8ot net whereas 2003 Supports 'icrosot &)9* 4&4$2&0 in #2%
Windows 2000 has Server and "dvance Server editions whereas 2003 has Standard: 9nterprise:
8atacenter and Web server 9ditions&
Windows 2000 server +ives only ;0 days trial version o *erminal server& 1ut windows server
2003 +ives 420 days trial version&
Windows 2000 server has 40 user limit when accessin+ the shared older at the same time:
whereas there is no limit in windows 2003 server
*he deault permission or a shared older in Windows Server 2003 is the now only #9"8
permission +ranted to the <everyone= +roup&
!ntroduction o 8)S Stub >ones in windows 2003&
)O*9? 645bit systems oer direct access to more virtual and physical memory than 325bit systems
and process more data per cloc, cycle: enablin+ more scalable: hi+her perormin+ computin+
solutions&
Active Directory related
8omain #ename in Windows 2003
@niversal +roup cachin+ supported in Win2003 $8C7s can cache the 0lobal Catalo+ue thus
preventin+ user lo+on problems i no 0lobal Catalo+ue server is available&. *his eature allows
users to lo+ on to a domain at a remote site without havin+ a +lobal catalo+ server present in that
site%
8ra+5and5drop unctionality or movin+ "8 ob(ects in windows 2003 domain
Command line tools li,e 8S'O8: 8SA@9#B: 8S"88 +roup and 8S09* or modiyin+C-ueryin+
domain ob(ectsC mana+in+ +roup memberships
!n 2000 we don7t have end user policy mana+ement: whereas in 2003 we have a 9nd user policy
mana+ement which is done in 0P'C $0roup policy mana+ement console%&
0P@P8"*9 . 0P#9S@D*
!n windows 2003 server: "8 partition is 3 where as in 2, that is 3 the added partition is? 4% 0lobal
catalo+ 2% "pplication partition&
!n 2000 we have cross domain trust relation ship and 2003 we have Cross orest trust
relationship&
1etween parent and child: there is built in trust &!t is called as transitive trust&
!n 2, the 8omain operation #oles and only two mode o operation and in Win2,3 there are 4
modes o 8omain operation E2000 native mode: 2000 mi2ed mode: Windows 2003 interim mode
and windows 2003 modeF
!n 2000 we can create 4 million users and in 2003 we can create 4 billion users
Win 2003 has service called "8GS $"ctive 8irectory Gederation Services% which is used to
communicate between branches with sae authentication&
Windows 2003 R2 new features
#2 is not a service pac,: but rather a re5release o the Windows Server 2003 operatin+ system& #2 is
a roll up o the ori+inal Windows Server 2003 code: Service Pac, 4: and the various eature pac,s
that have been released or Windows Server 2003& Well: there are actually -uite a ew new eatures
that we will see or the irst time in #2
"ctive 8irectory Gederation Service 5 "ctive 8irectory Gederation Service e2tends the "ctive
8irectory to the Web&
Auota mana+ement 5 !n #2: -uotas can be applied at the older level: not (ust at the volume level&
Gurthermore: you can do thin+s li,e apply a -uota across a set o olders& Bou can even structure
the -uota so that Windows does not allow a older to +row beyond a certain si>e: re+ardless o
who owns the iles within the older& Bou can now restrict older content by ile type& Gor e2ample:
ima+ine that in the past you have had problems with users storin+ their collection o 'P3 iles on
your servers&
Hardware 'ana+ement 5 Bou can use Windows #emote 'ana+ement $Win#'% to mana+e
server hardware remotely across irewalls and monitor conditions on servers that are oline&
''C 3&0 6
SharePoint Central "dministration 6 Web browser interace or mana+in+ your server
Stora+e 'ana+ement or S")s 5 Stora+e 'ana+er or S")s is a new 'icrosot 'ana+ement
Console $''C% snap5in that helps you create and mana+e lo+ical unit numbers $D@)s% on ibre
channel and iSCS! dis, drive subsystems in your stora+e area networ, $S")%& Stora+e 'ana+er
or S")s can be used on stora+e subsystems that support Virtual 8is, Server $V8S%&
Wat is Windows Server 200! R"#
I#CI reers to I#elease Candidate&I *his means that it is a pre5release version: released a ew wee,s
or months beore the #*' release& #elease candidates usually have all the eatures o the inal
product: but may still have some minor bu+s that will be i2ed by the #*' release&
Windows 200! $eatures
Support or up to 2*1 'emory $on 64bit%
OS installation is completely 0@! and re-uires less @ser intervention
Combined SearchC#un command
1C8 $1oot coni+uration data% 6 replaces 1oot&ini& 1C8 editor is 1C898!*
Girewall enabled by deault
Auota 'ana+ement 6 Volume level as well as Golder level -uotas
Windows Server 1ac,up 6 replaces )*1"CJ@P and not bac,ward compatible with )*1"CJ@P
Windows 8eployment Services 5 replaces "utomated 8eployment Services and #!S
Gine 0rained Password and account loc,out policies 6 ability to have multiple password and
account policies in a sin+le domain&
)etwor, "ccess Protection $)"P% 6 )"P is a -uarantine technolo+y which identiyin+ machines
that doesn=t have the latest virus si+natures: service pac,s or security patches& @ses SHV
$System Health Validator%: SH" $System Health "+ent% . a SoH $Statement o Health% to validate
the health o client beore +rantin+ access to )etwor, #esources&
)etwor, Policy Server $)PS% 6
8)S 5 Gull support or !Pv6& #eco+nition and support or #O8C $#ead5only 8omain Controllers%&
Creation o a new 8)S >one called 0lobal)ames Kone $0)K% a way o incorporatin+ W!)S
resolution within 8)S
8HCP 6 Gull support or !Pv6
#e5startable "8 5 is implemented as a normal Windows service that can be stopped and started
as re-uired& )ot only will this reduces the need or reboots: but it also it simpliies oline actions
such as dera++in+ the "8 database&
"8 8S $"ctive 8irectory 8omain Services% 6 replaces "8S $"ctive 8irectory Services% with more
eatures& #emember 8CP#O'O can be run only ater installin+ "8 8S #ole to create a 8C&
"8 D8S $"ctive 8irectoryL Di+htwei+ht 8irectory Services% 5 provides directory services or
directory5enabled application $unctionality that was provided by "ctive 8irectory "pplication
'ode $"8"'%: does not re-uire 8)S& "n instance o "8 D8S is a sin+le runnin+ copy o "8 D8S&
'ultiple copies o "8 D8S can run simultaneously on the same computer& *his is not true or
"8 8S: the ull service& )o Jerberos: no 0roup policies: re-uired& *his is more o particular
interest to "pplication 8evelopment not Server "dministrators&
"8 GS $"ctive 8irectoryL Gederation Services% 5 "8GS is a sin+le5si+n5on technolo+y that uses
claims5based authentication to validate a user7s identity across domains& )ormally when the
user7s account is in one domain and the resource is in another: the resource will prompt the user
or local credentials& "8GS eliminates the secondary credential re-uestM the user7s identity is
validated: and access provided: based on inormation in the user7s home directory&
"8 #'S $"ctive 8irectory #i+hts 'ana+ement Services% 5 used or restrictin+ access to ri+hts5
protected content to authori>ed users only& Companies can use this technolo+y to encrypt
inormation stored in such document ormats: and throu+h policies embedded in the documents:
prevent the protected content rom bein+ decrypted e2cept by speciied people or +roups: in
certain environments: under certain conditions: and or certain periods o time

"8 CS $"ctive 8irectory Certiicate Services #ole% 5 is a low cost method o issuin+ di+ital
certiicates internally and maintainin+ a Certiicate "uthority $C"% inrastructure&
GS#' $Gile Server #esource 'ana+er% 5 Auota mana+ement: Gile screenin+ mana+ement .
Stora+e reports mana+ement
Gailover Clusters 5 2645based ailover clusters support up to 46 nodes in a sin+le cluster .
Clusters nodes can have their !P addresses assi+ned by 8HCP&
#ead5Only 8omain Controllers 5 these domain controllers will be used in environments where you
need a domain controller but you cannot +uarantee the physical security o the server&
Server Core !nstallation 5 a new type o install o Windows Server 200/ that will allow you to only
install the typical Windows networ, inrastructure services 6 8HCP: 8)S: ile sharin+: and domain
controller unctions& *here will be no local 0@! interace to the OS& Provides beneits such as
#educed maintenance: #educed attac, surace: #educed mana+ement . Dess dis, space
re-uired
Windows Server Virtuali>ation 5 Hyper5V virtuali>es the system resources o a physical computer&
Computer virtuali>ation allows you to provide a virtuali>ed environment or operatin+ systems and
applications& When used alone: Hyper5VN is typically used or server computer virtuali>ation&
When Hyper5V is used in con(unction with Virtual 8es,top !nrastructure $V8!%: Hyper5V is used
or client computer virtuali>ation& Hyper5V supported only on 64bit OS . re-uires Hardware V*
Windows 1itDoc,er 8rive 9ncryption 5 allows you to encrypt all o the hard drives on a server&
*his will prevent the data rom bein+ viewed i a hard drive or the server is stolen&
Server 'ana+er 5 new console that will put all the snap5ins you need to mana+e your server in a
sin+le place: ma,in+ it easier and aster to or administrators to mana+e Windows 200/ Servers&
'icrosot &)9* 3&0
!!S O&0 5 has been redesi+ned with new administration interace& )ow !!S O is module based so
not necessary modules can be turned o to enhance perormance and new modules can be
added to e2tend the eatures&
#emote 8es,top Services 6 replaces *erminal Services and supports Web "ccess
*ransactional )*GS ile systems so it is possible to tie up *ransactional ile commands& Gor
instance in a transactional ile system environment you can copy a +roup o ile in a transaction
mode so either all o the ile will be copied to the destination or none o them will be copied& *his
,ind o eatures you mi+ht have seen in SAD Server platorms&
Sel5#epairable )*GS ile system 5 it ensures while the server is runnin+ another service can
chec, or dis, problems and i2 it automatically without interruptin+ the server operations&
'ultiple parallel sessions 5 the new session model in both Vista and Windows Server 200/ can
initiate at least our sessions in parallel: or even more i a server has more than our processors&
Clean Service Shutdowns 5 usually in windows servers or window wor,stations: while shuttin+
down the system it uses a typical 20 second timer that will +ive 20 second time to all the services
to shutdown& !n this scenario: some services will e2it with error because that service was wor,in+
with the dis, which re-uires a lon+er time to inish the wor,& )ow in Windows 200/ Server: that
205second countdown has been replaced with a service that will ,eep applications +iven the
si+nal all the time they need to shut down: as lon+ as they continually si+nal bac, that they7re
indeed shuttin+ down&
Jernel *ransaction 'ana+er 5 *his is a eature which developers can ta,e advanta+e o: which
could +reatly reduce and mi+ht eliminate: one o the most re-uent causes o System #e+istry
and ile system corruption? multiple threads see,in+ access to the same resource&
"ddress Space Doad #andomi>ation $"SD#% 5 Perhaps one o the most controversial added
eatures already: especially since its debut in Vista: "SD# ma,es certain that no two subse-uent
instances o an operatin+ system load the same system drivers in the same place in memory
each time
Windows Hardware 9rror "rchitecture $WH9"% 5 'icrosot has actually standardi>ed the error 6
more accurately: the protocol by which applications report to the system what errors they have
uncovered&
Powershell 5 )ow we ,now it7s a part o the shippin+ operatin+ system? the radically new
command line tool that can either supplement or completely replace 0@!5based administration&
Windows 9vents has been up+raded to version 6&0 with a lot o eatures or the developers to
trac, their errors on windows applications&
Windows 200! R2 $eatures
Windows Server 200/ #2 is a pure 645bit OS
'icrosot &)9* 3&3
!!S O&3
Scalability o up to 236 lo+ical processors $up to 64 264C645bit processors in 200/ #2 8atacenter%
Hot "ddC#eplace 'emory and Processors with supportin+ hardware $in 200/ #2 8atacenter%
Support or 2 terabytes o #"' $in 200/ #2 8atacenter%
Support or a 465node ailover cluster $in 200/ #2 8atacenter%
Hyper5V6based unlimited virtuali>ation $in 200/ #2 8atacenter%
@nlimited virtual ima+e use ri+hts $in 200/ #2 8atacenter%
Windows Powershell 2&0
Different editions of Windows Server 200!
Standard 9dition
9nterprise 9dition
8ataCenter 9dition
Web Server 9dition
HPC Server 9dition
Standard: 9nterprise: 8ataCenter 9dition or !tanium systems
Standard: 9nterprise: 8ataCenter 9dition or 645bit with and without Hyper
Were is te i3!% folder for Windows Server 200! after te installation#
*here is no i3/6 older on server 200/& !t is replaced by SO@#C9S older
&ac'u( S)W*s & versions
1uilt5in )*1"CJ@P
V9#!*"S )etbac,up 6&0 'P4C6&3&3C6&3&4
Me+ory Du+(s
,y(es- confi.ure- & troublesoot if not created
Complete memory dump$!t contains all inormation rom ,ernel and user mode address spaces
that was in physical memory at the time o the dump$pa+in+ ile on boot volume suicient to hold
all the physical #"' plus 4 me+abyte: previous ile overwritten i 2nd time dump occurs%%
Jernel memory dump$records only the ,ernel memory . must have between 430'15201 o PG
space: previous ile overwritten i 2nd time dump occurs%
Small memory dump $64 J1% 5 records the smallest set o useul inormation . re-uires PG si>e o
about 2'1: new iles are created each time dump occurs and are stored in PSystem #ootPQ
'inidump&
Jernel and Complete 'emory 8umps are written to PSystem#ootPQ'emory&dmp by deault&
Complete memory dump option: can also be enabled by manually settin+ the re+istry entry under the
ollowin+ re+istry sub,ey to 4
IHJ9BRDOC"DR'"CH!)9QSBS*9'QCurrent Control SetQ ControlQCrash
ControlQCrash8ump9nabledI
'ethods to +enerate a manual ,ernel dump ile or a complete memory dump ile 5 @sin+ Jeyboard:
hold ri+ht C*#D ,ey and pressin+ the SC#ODD DOCJ ,ey two times or 0enerate )'! option usin+
!DO
)O*9? 1y deault: <complete memory dump= is disabled& Bou can enable the option i the computer
has more than 2 01 o physical #"'
)O*9? Windows 200/ has dierent process o enablin+ Complete 'emory 8ump& "dditional 'S
hoti2es need to be installed to eectively enable the dump option
Windows does not save +e+ory du+( file after a cras
*he 'emory&dmp ile already e2ists and the option Overwrite "ny 92istin+ Gile $ound in Control
Panel System% is not selected&
*he pa+in+ ile on the boot drive is not lar+e enou+h
*he pa+in+ ile is not on the PsystemrootP partition
! you speciy a non5e2istent path: a dump ile will not be written&
*here is not room or the 'emory&dmp ile in the path speciied in Control Panel or writin+ the
memory dump&
! you have problems obtainin+ a manual memory dump ile: you may have to update the SCS!
controller irmware and driver rom the hardware vendor
Windebu. / 0ow to confi.ure & analy1e DM2 file#
Create older Ic?QsymbolsI . Open Windb+: clic, GileCSymbol path: copyCpaste the ollowin+?
S#VSc?QsymbolsShttp?CCmsdl&microsot&comCdownloadCsymbols
Save Wor,space so that you need not a+ain enter the symbols paths rom ne2t time& #un ITanaly>e
5vI to debu+ the 8'P ile
"lient not .ettin. D0"2 32 / Wy#
9nsure )!C set to obtain !P automatically
try ipconi+Crelease . renew
Chec, 8rivers o )!CCspeedCduple2 settin+s
Chec, 8HCP scope . i it is authori>ed or not
Chec, )!C: Cable . Switch
9nsure that host is in correct VD") o the switch
3s RD2 enabled by default wen Windows 2003)200! R2 is installed#
#8P is not enabled by deault when 2003C200/ is installed& Bou need to manually enable it&
Re+ote +eans to connect to a server
#8P
#8P Console
#"8'!)
!DOC8#"CC!1' Console
"VOC9)*
*9D)9*
Wic default MS tool is used to connect to a server in te absence of 34O)3rd (arty tool#
Bou can use Windows #emote 'ana+ement $Win#'% to mana+e server hardware remotely across
irewalls and monitor conditions on servers that are oline& *his was introduced with Windows 2003
#2& Win#' provides a command5line interace or common mana+ement tas,s and a scriptin+
application pro+rammin+ interace $"P!% or writin+ Windows Script Host5based system administration
scripts&
@sin+ Win#': you can write scripts to monitor and control the state o server hardware by
communicatin+ with a 1aseboard 'ana+ement Controller $1'C%& " 1'C is a separate micro5
controller with its own networ, adapter that is connected to the processor board o a server and can
monitor conditions even when the server is o or malunctionin+& " new Windows 'ana+ement
!nterace $W'!% provider or !ntelli+ent Platorm 'ana+ement !nterace $!P'!% e2poses si2 new W'!
classes or accessin+ 1'C inormation with scripts&
Win#' is not installed by deault with Windows Server 2003 #2& *o install it: open "dd or #emove
Pro+rams rom Control Panel: and clic, "ddC#emove Windows Components&
2OS, 5Power5On Sel5*est%
*he irst thin+ that the 1!OS does when it boots the PC is to perorm what is called the Power-On
Self-Test: or POST or short& *he POS* is a built5in dia+nostic pro+ram that chec,s your hardware to
ensure that everythin+ is present and unctionin+ properly: beore the 1!OS be+ins the actual boot& !t
later continues with additional tests $such as the memory test that you see printed on the screen% as
the boot process is proceedin+&
&ee(s Meanin.
Steady: short beeps Power supply may be bad
Don+ continuous
beep tone
'emory ailure
Steady: lon+ beeps Power supply bad
)o beep Power supply bad: system not plu++ed in: or power not turned on
)o beep
! everythin+ seems to be unctionin+ correctly there may be a problem with the
7beeper7 itsel& *he system will normally beep one short beep&
One lon+: two short
beeps
Video card ailure
&oot (rocess of Windows 2003
1!OS? perorms Power On Sel *est $POS*%
1!OS? loads '1# rom the boot device speciiedCselected by the 1!OS
'1#? contains a small amount o code that reads the partition table: the irst partition mar,ed as
active is determined to be the system volume
'1#? loads the boot sector rom the system volume
1OO* S9C*O#? reads the root directory o the system volume at loads )*D8#
)*D8#? reads 1OO*&!)! rom the system volume to determine the boot drive $presentin+ a menu i
more than 4 entry is deined%
)*D8#? loads and e2ecutes )*89*9C*&CO' rom the system volume to perorm 1!OS hardware
detection
)*D8#? loads )*OSJ#)D&9U9: H"D&8DD: 1OO*V!8&8DD $and J8CO'&8DD or UP upwards% rom
the boot $Windows% volume
)*D8#? loads QW!)8OWSQSBS*9'32QCO)G!0QSBS*9' which becomes the system hive
HJ9BRDOC"DR'"CH!)9QSystem
)*D8#? loads drivers la++ed as IbootI deined in the system hive: then passes control to
)*OSJ#)D&9U9
)*OSJ#)D&9U9? brin+s up the loadin+ splash screen and initiali>es the ,ernel subsystem
)*OSJ#)D&9U9? starts the boot5start drivers and then loads . starts the system5start drivers
)*OSJ#)D&9U9? creates the Session 'ana+er process $S'SS&9U9%
S'SS&9U9? runs any pro+rams speciied in 1oot92ecute $e&+& "@*OCHJ: the native "P! version o
CHJ8SJ%
S'SS&9U9? processes any delayed moveCrename operations rom hoti2esCservice pac,s replacin+
in5use system iles
S'SS&9U9? initiali>es the pa+in+ ile$s% and the remainin+ re+istry hives
** before this step completes, bugchecks will not result in a memory dump as we need a working
page file on the boot (Windows !olume **
S'SS&9U9? starts the ,ernel5mode portion o the Win32 subsystem $W!)32J&SBS%
S'SS&9U9? starts the user5mode portion o the Win32 subsystem $CS#SS&9U9%
S'SS&9U9? starts W!)DO0O)&9U9
W!)DO0O)&9U9? starts the Docal Security "uthority $DS"SS&9U9%
W!)DO0O)&9U9? loads the 0raphical @ser !dentiication and "uthentication 8DD $'S0!)"&8DD by
deault%
W!)DO0O)&9U9? displays the lo+on window
W!)DO0O)&9U9? starts the services controller $S9#V!C9S&9U9%
** at this point users can logon **
S9#V!C9S&9U9? starts all services mar,ed as automatic
)O*9S?
*he S"ST#$ volume is the partition rom which the boot process starts: containin+ the '1#: boot
sector: )*D8#: )*89*9C*&CO' . 1OO*&!)!
*he %OOT volume is the partition which contains the Windows older 5 this can be a lo+ical partition
&oot (rocess of Windows 200!
System is powered on
*he C'OS loads the 1!OS and then runs POS*
Doo,s or the '1# on the bootable device
*hrou+h the '1# the boot sector is located and the 1OO*'0# is loaded
1OO*'0# loo,s or active partition
1OO*'0# reads the 1C8 ile rom the Qboot directory on the active partition
*he 1C8 $boot coni+uration database% contains various coni+uration parameters$ this inormation
was previously stored in the boot&ini%
1OO*'0# transer control to the Windows Doader $winload&e2e% or winresume&e2e in case the
system was hibernated&
Winloader loads drivers that are set to start at boot and then transers the control to the windows
,ernel&
*he Windows boot environment also includes the Windows 'emory *ester $'emdia+&e2e or
'emdia+&ei%& Bou can start this dia+nostic tool rom the boot mana+er to veriy that #"' is wor,in+
correctly&
6ew data store tat re(laces &oot.ini
*he 1oot Coni+uration 8ata $1C8% store replaces the te2t5based 1oot&ini ile& !n the 1C8 store: the
Windows boot mana+er: the Windows boot loader: and other boot applications are represented as
pro+ram ob(ects $0@!8s% instead o te2t items& " new tool: 1C89dit&e2e: enables you to use basic
and e2tended commands to modiy these ob(ects in order to control all aspects o the boot process&
"lthou+h the data store represents each ob(ect with a 0@!8: some ob(ects have alias names or
common use: such as Vbootm+rW $which reers to boot mana+er% and VdeaultW $which reers to the
deault Windows boot loader%& "pplications can modiy boot coni+uration data by usin+ a new 1C8
Windows 'ana+ement !nstrumentation $W'!% provider&
Bou can use the standard system application 'sconi+&e2e to provide a +raphical interace or viewin+
and modiyin+ a subset o the boot coni+uration settin+s& Bou must run 'sconi+&e2e with
administrative ri+hts&
2ool+on
'emory Pool 'onitor $Poolmon&e2e% displays data that the operatin+ system collects about memory
allocations rom the system pa+ed and nonpa+ed ,ernel pools and about the memory pools used or
*erminal Services sessions& *he data is +rouped by pool allocation ta+& *his inormation can be used
by 'icrosot *echnical Support to ind ,ernel mode memory lea,s&
" memory lea, is caused by an application or by a process that allocates memory or use but that
does not ree the memory when the application or process inishes& *hereore: available memory is
completely used over time& Gre-uently: this condition causes the system to stop unctionin+ correctly&
1elow !8=s will be lo++ed:
9vent !8? 2020
Source? Srv
8escription? *he server was unable to allocate rom the system pa+ed pool because the pool was
empty&
9vent !8? 204;
Source? Srv
8escription? *he server was unable to allocate rom the system nonpa+ed pool because the pool was
empty&
Wat is event 3D %00! and 7007#
9vent 4004 Source? Save 8ump 6 When 1SO1 occurs
9vent 6003 is lo++ed at boot time notin+ that the 9vent Do+ service was started&
9vent 6006 is lo++ed as a clean shutdown&
9vent 600/ is lo++ed as a dirty shutdown $une2pected shutdown%
9vent 600; is lo++ed durin+ every boot and indicates the operatin+ system version: build number:
service pac, level: and other pertinent inormation about the system& 8ependin+ on your current
coni+uration: it +ives a messa+e similar to? I'icrosot $#% Windows )* 4&0 43/4 Service Pac, 6
'ultiprocessor reeI&
Wat*s an a((lication (ool is 33S#
!t7s an area that processes re-uests rom website$s%& ! there7s a crash: this area is normally IrecycledI
$reset% in order or it to wor, a+ain& *he recycle happens ater a deined time 5 meanin+ your website
is eectively down until the recycle occurs& When addin+ websites to your server: ma,e sure to +ive
each one its own application pool& *his eectively isolates each website rom an application crash&
*his is +ood or two reasons?5
! one application pool crashes: it doesn7t aect the others
!t7s much easier to identiy the site that is havin+ the problem when all sites are in their own
application pool 5 i&e& it7s the O)DB site havin+ issues
Default settin.s in 33S
When you add a website to your server: it7s automatically added to the 8eault "pplication Pool
$8eault"ppPool: ound in !!S X "pplication Pools%& *his means that unless you intervene: all your
sites are runnin+ in the same application pool& )ot 0ood&
Sy+(to+s of an a((lication (ool cras
When you +et an application pool crash: your website$s% in that pool stop respondin+& Bou will see no
error 5 (ust they will ree>e and nothin+ happens when you try to load the website in a browser& *his
will appear to be intermittant because in reality the application pool is recyclin+ $resettin+% ater a
crash& ! it7s the irst time you e2perience this: it can be very pu>>lin+ and ultimately rustratin+
because there7s no apparent clue as to what is happenin+&
Wat to do if your sites ave tese sy+(to+s
0o to !!S: then ri+ht clic, on 8eault"ppPool $under "pplication Pools% and select #ecycle&
Wat is resource 'it# 6a+e of te (art of resource 'it#
*he 'icrosot Windows Server #esource Jit *ools are a set o tools to help administrators streamline
mana+ement tas,s such as troubleshootin+ operatin+ system issues: mana+in+ "ctive 8irectoryL:
coni+urin+ networ,in+ and security eatures: and automatin+ application deployment&
Wat is R3S and ste(s to initiate it
Bou can use #!S $#emote !nstallation Services% to create installation ima+es o operatin+ systems or
o complete computer coni+urations: includin+ des,top settin+s and applications& Bou can then ma,e
these installation ima+es available to users at client computers& Bou can also speciy which #!S
server will provide installations to a +iven client computer: or you can allow any #!S server to provide
the installation&
When you use #!S: a C85#O' is not re-uired or installation o an operatin+ system on a client
computer& *he client computers must support remote bootin+ with the Pre51oot eUecution
9nvironment $PU9% #O': or they must be started with a remote5startup loppy dis, and contain a
networ, adapter that is supported by that dis,&
#!S can be used only or clean installations and can7t be used to up+rade a previous version o
Windows& On Windows 2003: two services are re-uired to provide #emote !nstallation Services?
8HCP and #emote !nstallation Service& *he #emote !nstallation Server doubles as a pro2y 8HCP
server to provide 1oot Server and Gilename instructions to clients& #emote !nstallation Service utili>es
@8P port 4044 to provide clients the contents o each pa+e the OS Chooser displays& "dditionally:
this service can provide drivers to clientsM it is oten used to provide the wor,station7s networ, card
driver: which is re-uired to launch the OS Chooser and mount the share where ima+es are stored&
R3S 2re/re8uisites and De(endencies
"ctive 8irectory and 8)S in particular
8HCP
*he #!S partition on #!S server that stores the ima+e or deployment should be on )*GS
partition& Store the ima+e away rom the system iles&
Client machines with PU9 networ, cards&
"49S,:R36;
Wat is clusterin. and ty(es of clusterin.#
" cluster is a +roup o computers: called nodes that unction as a sin+le computerCsystem to provide
hi+h availability and hi+h ault tolerance or applications or services& ! one member o the cluster $the
node% is unavailable: the other computers carry the load so that applications or services are always
$with a small interruption% available& *ypical uses or server clusters include ile servers: print servers:
database servers: and messa+in+ servers&
"luster cate.ori1ations
*here are our orms o clusterin+ wherein each orm caters to a speciic need& *hey areM Doad
1alancin+: Hi+h "vailability: 0rid Computin+ and Compute Clusters&
0i./availability 50A< clusters 5$ailover "lusters<
Hi+h availability ocuses on the nodes ability to be ully available under any circumstances& *he
unctions could be implemented by each node wherein each node becomes a bac,5up to another
node in case somethin+ wron+ happens& Hi+h availability is also reerred to as ailover clusters or
clusters with hi+h redundancy level& *he advanta+e is: o course: on its promise o stability& However:
this type o clusterin+ mi+ht not use the ull potential o nodes as some could be used only as a bac,5
up& 1oth nodes should be o same HW coni+uration& 9ach component or node has the ability to
provide the needed unction so that it can easily ta,e over when one o the nodes ails
H" Clusterin+ could be dierentiated based on the behavior o the nodes
"ctiveCactive coni+uration 5 !n this type o H" clusterin+ the nodes are pro+rammed to share the
wor,load& However: when one node ails to unction: the wor,load o the ailed node will be distributed
to other nodes until the ailed node is i2ed&
"ctiveCpassive coni+uration 5 *he nodes in this coni+uration all have redundant unctions wherein
they will ta,e over the primary node in case any problem arises&
4oad/balancin. clusters
Doad balancin+ allows you to combine two or more computers into a cluster& Bou can use )D1 to
distribute wor,loads $*CPC!P re-uests% across the cluster nodes in order to support a lar+er number
o simultaneous users&Doad balancin+ enhances the perormance o the servers: leads to their optimal
utili>ation and ensures that no sin+le server is overwhelmed& Doad balancin+ is particularly important
or busy networ,s: where it is diicult to predict the number o re-uests that will be issued to a server&
#e-uests initiated rom the user are mana+ed by: and distribute the load amon+ the +roup o servers:
which is also ,nown as a server cluster& "ll the application coni+urations across these servers should
be the same&
One o the most common applications o load balancin+ is to provide a sin+le !nternet service rom
multiple servers: sometimes ,nown as a server arm& Commonly: load5balanced systems include
popular web sites: lar+e !nternet #elay Chat networ,s: hi+h5bandwidth Gile *ranser Protocol sites:
)etwor, )ews *ranser Protocol $))*P% servers and 8omain )ame System $8)S% servers&
"o+(ute clusters
Compute cluster is basically a type o clusterin+ wherein the nodes are connected to+ether or have an
active relationship so that it could achieve the desired computation& *he advanta+e o compute cluster
is based on the act that it utili>es each node to reach the ri+ht computation& Compute clusters are
oten used in hi+hly complicated computations wherein a sin+le computer will not have the ability to
provide the ri+ht output& *hese types o computer clusters are usually used or scientiic and
mathematical purposes as these ields re-uire heavy calculations&
On the other hand: compute cluster mi+ht run into the problem o stability& Since each node will be
re-uired to compute separately: each node mi+ht not be wor,in+ well which could (eopardi>e the
entire operation& *hat means maintenance is always a priority in each node since the nodes has an
important unctions to do to ensure success o the computation&
;rid "o+(utin.
0rid computin+ is a type o computer clusterin+ wherein the nodes have dierent unctions but they
do not communicate with each other& Compared to compute clusterin+: +rid computin+ is more
versatile as each node could have a completely dierent set o unctions& 'aintenance on +rid
computin+ is relatively easy since troubleshootin+ is only based per node& Other unctions mi+ht
continue wor,in+ while the ailed node could be replaced or i2ed&
On the other hand: +rid computin+ mi+ht not provide the speed o computin+ when compared to
compute clusters& Since each node is independent: it will ta,e a lot o time beore the speciic
calculation is achieved& !t mi+ht even have the same problem with compute clusterin+ wherein one
node could (eopardi>e the whole computation because o its inability to unction on time&
!n Windows we can coni+ure two types o clusters
64& 5networ' load balancin.< cluster or balancin+ load between servers& *his cluster will not
provide any hi+h availability& @sually preerable at ed+e servers li,e web or pro2y&
Server "luster 5 *his provides Hi+h availability by coni+urin+ active5active or active5passive cluster&
!n 2 node active5passive cluster one node will be active and one node will be stand by& When active
server ails the application will G"!DOV9# to stand by server automatically& When the ori+inal server
bac,s we need to G"!D1"CJ the application
=uoru+? " shared stora+e need to provide or all servers which ,eeps inormation about clustered
application and session state and is useul in G"!DOV9# situation& *his is very important i Auorum
dis, ails entire cluster will ails&
0eartbeat? Heartbeat is a private connectivity between the servers in the cluster: which is used to
identiy the status o other servers in cluster&
A((lication "lusterin.
1eore you can install any applications into clusterin+: you must irst install Windows Server clusterin+
services&
"luster confi.uration
Steps to coni+ure prior to actual cluster installation
8ouble chec, to ensure that all the nodes are wor,in+ properly and are coni+ured identically
$hardware: sotware: drivers: etc&%&
Chec, to see that each node can see the data and Auorum drives on the shared array or S")&
#emember: only one node can be on at a time until Windows 2003 clusterin+ is installed&
Veriy that none o the nodes has been coni+ured as a 8omain Controller&
Chec, to veriy that all drives are )*GS and are not compressed&
9nsure that the public and private networ,s are properly installed and coni+ured&
Pin+ each node in the public and private networ,s to ensure that you have +ood networ,
connections& "lso pin+ the 8omain Controller and 8)S server to veriy that they are available&
Veriy that you have disabled )et1!OS or all private networ, cards&
Veriy that there are no networ, shares on any o the shared drives&
Chec, all o the error lo+s to ensure there are no nasty surprises& ! there are: resolve them beore
proceedin+ with the cluster installation&
Chec, to veriy that no antivirus sotware has been installed on the nodes& "ntivirus sotware can
reduce the availability o clusters and must not be installed on them& ! you want to chec, or
possible viruses on a cluster: you can always install the sotware on a non5node and then run
scans on the cluster nodes remotely&
Chec, to veriy that the Windows Crypto+raphic Service Provider is enabled on each o the
nodes&
Chec, to veriy that the Windows *as, Scheduler service is runnin+ on each o the nodes&
! you intend to run SAD Server 2003 #eportin+ Services: you must then install !!S 6&0 and
"SP &)9* 2&0 on each node o the cluster
! you intend to use SAD Server encryption: install the server certiicate with the ully -ualiied
8)S name o the virtual server on all nodes in the cluster&
"dd the SAD Server and Clusterin+ service accounts to the Docal "dministrators +roup o all the
nodes in the cluster&
3nstallin. "luster
0ow to recover a crased 8uoru+ dis'#
To recover from a corrupted quorum log or quorum disk
1. If the Cluster service is running, open Computer Management.
2.
In the console tree, double-click Services and Applications, and then click Services.
3.
In the details pane, click Cluster Service.
4.
On the Action menu, click Stop.
5. Repeat steps 1, , !, and " for all nodes.
#. If $ou have a backup of the %uorum log, restore the log b$ follo&ing the instructions in '(acking up
and restoring server clusters' in Related )opics.
7.
If $ou do not have a backup, select an$ given node. Make sure that Cluster Service is highlighted in
the details pane, and then on the Action menu, click Properties.
*nder Service status, in Start parameters, specif$ /fixquorum, and then click Start.
+. ,&itch from the problematic %uorum disk to another %uorum resource.
-or more information, see ')o use a different disk for the %uorum resource' in Related )opics.
.. In Cluster /dministrator, bring the ne& %uorum resource disk online.
-or information about ho& to do this, see ')o bring a resource online' in Related )opics.
10.
Click Start, click Run, and t$pe a command &ith the follo&ing s$nta01
cluster 2ClusterName3 res QuorumDiskResourceName /maint:on
11.
Run Chkdsk, using the s&itches /f and /r, on the %uorum resource disk to determine &hether the
disk is corrupted.
-or more information on running Chkdsk, see 'Chkdsk' in Related )opics.
12.
Click Start, click Run, and t$pe a command &ith the follo&ing s$nta01
cluster 2ClusterName3 res QuorumDiskResourceName /maint:off
1!. If no corruption is detected b$ Chkdsk, it is likel$ that the log &as corrupted. 4roceed to step 15.
If corruption is detected on the disk, check the s$stem log in 5vent 6ie&er for possible hard&are
errors.
Resolve an$ hard&are errors before continuing.
1". ,top the Cluster service after Chkdsk is complete, follo&ing the instructions in steps 1-".
15.
Make sure that Cluster Service is highlighted in the details pane. On the Action menu, click
Properties.
*nder Service status, in Start parameters, specif$ /resetquorumlog, and then click Start.
)his restores the %uorum log from the node7s local database.
Important

)he Cluster service must be started b$ clicking Start on the service control panel. 8ou cannot
click OK or Apply to commit these changes as this does not preserve the /resetquorumlog
parameter.
1#. Restart the Cluster service on all other nodes.
otes

)o perform this procedure, $ou must be a member of the /dministrators group on the local computer,
or $ou must have been delegated the appropriate authorit$. If the computer is 9oined to a domain,
members of the :omain /dmins group might be able to perform this procedure. /s a securit$ best
practice, consider using Run as to perform this procedure.

)o open Computer Management, click Start, click Control Panel, double-click Administrative
!ools, and then double-click Computer "anagement.

)he %uorum disk must be formatted &ith the ;)-, file s$stem.

If none of the nodes are running, or one node fails &hile $ou are changing the %uorum resource, onl$
the running nodes are able to form the cluster, and the offline node is onl$ able to 9oin the cluster.
/fter the offline node has 9oined the cluster, all nodes are again able to form or 9oin the cluster. )his
design prevents the offline node from forming the cluster using the old %uorum resource.

Optionall$, after step 1! above, $ou can use the ClusterRecover$ tool, available in the Microsoft
Windows Server 2003 Resource Kit, to restore the registr$ checkpoint files.
0ow +any servers can 3 load balance#
WD1S and )D1 support a ma2imum o 32 nodes&
Wat is te +a>i+u+ nu+ber of osts tat can be included in one 64& cluster#
32 is the ma2imum number o supported nodes& However: studies have shown that the !deal number
o nodes is /& *his is because the networ, traic is broadcasted to every node: yet only one )D1
node accepts the connection: so scalin+ beyond / nodes can cause a sli+ht perormance hit&
! you need a lar+er cluster you can you can create multiple )D1 clusters: and use round robin 8)S to
load balance between each cluster&
"an 64& function wit a sin.le 63" (er server#
Bes& @nli,e previous versions: )etwor, Doad 1alancin+ in Windows Server 200/ #2 can be
coni+ured on servers with a sin+le networ, adaptor&
"an 3 run +i>ed clusters containin. bot (ysical servers and ?Ms as 64& nodes#
Bes& However: all servers and Virtual 'achines $V's% must be on the same VD") and !P subnet&
2atc de(loy+ent
We use Patchlin, rom Dumension to deploy the patches& "ll the patches are irst downloaded to the
Patchlin, server and a Patchlin, client is installed on all clients so that they can communicate with the
Patchlin, server& We push the patches rom the server to the clients&
On 2
nd
*uesday each month 'S releases the critical patches&
We irst deploy the same on test servers $hostin+ various applications li,e citri2: SAD: 'S592chan+e:
8C etc% and monitor or ew days or any issues arisin+ rom the deployment&
We then schedule the same on 8ev servers $ater raisin+ a chan+e and inormin+ the bo2 owners%
"ter this we tar+et the Prod servers
"ter each deployment we do a chec,out rom OS perspective and as, the application owners to
chec,out rom app perspective&
! any issues are observed ater the deployment: urther troubleshootin+ is done to identiy the
problematic patch by uninstallin+ them one by one&
OS is not accessible & fro+ console we can see it is blue screened. Wat is te first ste( you
ta'e#
! it is blue screened chec, i it is +eneratin+ a memory dump and i so: allow it to inish completin+ the
dump& Dater i we are unable to +et any lo+s or cause o 1SO8: we can use this memory dump to
analy>e and ind the root cause o the 1SO8&
! there is no memory dump +ettin+ +enerated and host stuc,: power cycle it to +et it bac, online&
3rd (arty tools for +onitorin.
)etcool . 'O'
1'C
Were are te docu+ents and settin.s for te roa+in. (rofile stored#
"ll the documents and environmental settin+s or the roamin+ user are stored locally on the system:
and: when the user lo+s o: all chan+es to the locally stored proile are copied to the shared server
older& *hereore: the irst time a roamin+ user lo+s on to a new system the lo+on process may ta,e
some time: dependin+ on how lar+e his proile older is&
Were are te settin.s for all te users stored on a .iven +acine#
Q8ocument and Settin+sQ"ll @sers
3 ave a file to wic te user as access- but e as no folder (er+ission to read it. "an e
access it#
!t is possible or a user to navi+ate to a ile or which he does not have older permission& *his involves
simply ,nowin+ the path o the ile ob(ect& 9ven i the user can=t drill down the ileColder tree usin+ 'y
Computer: he can still +ain access to the ile usin+ the @niversal )amin+ Convention $@)C%& *he best
way to start would be to type the ull path o a ile into #unY window&
Wat idden sares e>ist on Windows Server 2003 installation#
"dminZ: 8riveZ: !PCZ: )9*DO0O): printZ and SBSVOD&
What=s the number o permitted unsuccessul lo+ons on "dministrator account[
@nlimited& #emember: thou+h: that it=s the "dministrator account: not any account that=s part o the
"dministrators +roup&
@ou need to auto+atically install an a((- but MS3 file is not available. Wat do you do#
" &>ap te2t ile can be used to add applications usin+ the Sotware !nstaller: rather than the Windows
!nstaller&
WatAs te difference between Software 3nstaller and Windows 3nstaller#
*he ormer has ewer privile+es and will probably re-uire user intervention& Plus: it uses &>ap iles&
what is symbols in windb+
!dentiy HCW issues[
what is the trouble shootin+ steps or server perormance&
Others
service des, tools&&
"bout !*!D and service des, tools&&&
The Information Technology Infrastructure Library (ITIL) is a set of concepts and
practices for Information Technology Services Management (ITSM), Information
Technology (IT) development and IT operations.
itsm
Servicenow
Problem mana+ement in !*!D
issue:inc:prb:rca:chan+e
Incident Management is a process for managing incidents
that can interrupt the functioning of IT services. These
incidents can include events such as error in printing,
hard dis failure, and net!or server failure.
"hange Management is a process that helps introduce changes
in the IT services provided #$ a compan$, such as changes
in #usiness needs and introduction of ne! technologies.
%ro#lem Management is a process of resolving pro#lems that
can occur in IT services due to the incidents, !hich are
not resolved #$ Incident Management. %ro#lem Management is
of t!o t$pes,reactive and proactive. The reactive %ro#lem
Management helps resolve the pro#lems that have occurred in
an IT service. The proactive %ro#lem Management identifies
pro#lems that are liel$ to occur.
SeverityCSD"$service level agreements& levels
P4 6
P2 6
P3 6
P4 6
What is the tic,in+ system you use&&&
!*!D process 6 C#: C"1
8aily "ctivities
Shit Dead
Aueue 'ana+er
"lerts
9scalation rom shit members
!nstallin+ iis certiicatyes