You are on page 1of 100

Active Directory Active Directory is a centralized and standardized system, stores information about objects in a network and makes

this information available to users and network administrators. Domain Controller In an Active Directory forest, the domain controller is a server that contains a writable copy of the Active Directory database, participates in Active Directory replication, and controls access to network resources. Global catalog server A global catalog server is a domain controller that stores information about all objects in the forest. Like all domain controllers, a global catalog server stores full, writable replicas of the schema and configuration directory partitions and a full, writable replica of the domain directory partition for the domain that it is hosting. In addition, a global catalog server stores a partial, read-only replica of every other domain in the forest. Partial replicas are stored on Global Catalog servers so that searches of the entire directory can be achieved without requiring referrals from one domain controller to another. Partial information of other domains. Partial information nothing but classes and attributes (first name and last name and phones and addresses) attribute level security improvement in 2003…. OU: "Organizational Units", are administrative-level containers on a computer, it allows administrators to organize groups of users together so that any changes, security privileges or any other administrative tasks could be accomplished more efficiently. Domain: Windows Domain is a logical grouping of computers that share common security and user account information. Forest A Windows forest is a group of one or more trusted Windows trees. The trees do not need to have contiguous DNS names. A forest shares a schema and global catalog servers. A single tree can also be called a forest. Tree: A Windows tree is a group of one or more trusted Windows domains with contiguous DNS domains. “Trusted” means that an authenticated account from one domain isn’t rejected by another domain. “Contiguous DNS domains” means that they all have the same root DNS name.

Site: Sites are manually defined groupings of subnets. Objects in a site share the same global catalog servers, and can have a common set of group policies applied to them. Schema: The schema defines what attributes, objects, classes, and rules are available in the Active Directory.

SID (Security Identifier): The SID is a unique name (alphanumeric character string) that is used to identify an object, such as a user or a group of users.

Group Policy
Group policy Architecture:

Group Policy objects (GPO):

A GPO is a collection of Group Policy settings, stored at the domain level as a virtual object consisting of a Group Policy container (GPC) and a Group Policy template (GPT). password history will store
Computer Configuration\Windows Settings\Security Settings\Account Policies\Password Policy

Group Policy Container (GPC) The Group Policy container (GPC) is an Active Directory container that contains GPO properties, such as version information, GPO status, plus a list of other component settings. Group Policy Template (GPT) The Group Policy template (GPT) is a file system folder that includes policy data specified by .adm files, security settings, script files, and information about applications that are available for installation. The GPT is located in the system volume folder (SysVol) in the domain \Policies sub-folder. Filtering the Scope of a GPO By default, a GPO affects all users and computers that are contained in the linked site, domain, or organizational unit. The administrator can further specify the computers and users that are affected by a GPO by using membership in security groups. Starting with Windows 2000, the administrator can add both computers and users to security groups. Then the administrator can specify which security groups are affected by the GPO by using the Access Control List editor. Knowledge Consistency Checker (KCC) The Knowledge Consistency Checker (KCC) is a Windows component that automatically generates and maintains the intra-site and inter-site replication topology. Intrasite Replication Replication that happens between controllers inside one site. All of the subnets inside the site should be connected by high speed network wires. Intersite Replication Intersite replication is replication between sites and must be set up by an administrator. Simple Mail Transfer Protocol (SMTP) may be used for replication between sites. Active Directory Replication?

The ldapDisplayName of the attribute schema ms-Exch-Assistant-Name. When a DC creates a security principal object such as a user or group. Active Directory uses GUIDs internally to identify objects. and a relative ID (RID) that is unique for each security Principal SID created in a domain.exe will be able to detect the presence of the schema conflict and block the upgrade of the schema until the issue has been resolved. GUID: When a new domain user or group account is created. not just User and Group objects. USE: When Microsoft Exchange Server is deployed in an organization. It also assigns the new object a globally unique identifier (GUID). Exchange Server uses Active Directory as a data store and it extends the Windows 2000 Active Directory schema to enable it to store objects specific to Exchange Server. Lingering objects . SID: A security identifier (SID) is a data structure in binary format that contains a variable number of values. Active Directory stores the account's SID in the Object-SID (objectSID) property of a User or Group object.Replication must often occur both (intrasite) within sites and (Intersite) between sites to keep domain and forest data consistent among domain controllers that store the same directory partitions Adprep. When Windows Server 2003 Service Pack 1 is installed. it attaches a unique Security ID (SID) to the object. Adprep. This SID consists of a domain SID (the same for all SIDs created in a domain).exe is a command-line tool used to prepare a Microsoft Windows 2000 forest or a Windows 2000 domain for the installation of Windows Server 2003 domain controllers.exe Adprep. Each object's GUID is stored in its Object-GUID (objectGUID) property. which is a 128-bit value that is unique not only in the enterprise but also across the world. and ms-Exch-House-Identifier defined by Exchange Server conflicts with the iNetOrgPerson schema that Active Directory uses in Windows Server 2003. ms-ExchLabeledURI. GUIDs are assigned to every object created by Active Directory.

Myco. security settings. script files.When a domain controller is disconnected for a period that is longer than the TSL. Winlogon is the service in which the Group Policy engine runs. the SYSVOL share is used to authenticate users. one or more objects that are deleted from Active Directory on all other domain controllers may remain on the disconnected domain controller. This number is different on each domain controller. the USN is incremented. File Replication Service (FRS) In Windows 2000. USN provides the key to multimaster replication. Lightweight Directory Access Protocol (LDAP) It defines how clients and servers exchange information about a directory. File replication service (FRS) is used to replicate the SYSVOL share.DC=domain-controller USN Each object has an Update Sequence Number (USN). It is replicated using the File Replication Service (FRS). Such objects are called lingering objects. the domain controller never receives replication of the tombstone Sysvol Sysvol is a shared directory that stores the server copy of the domain’s public files.Com/CN=jamessmith.CN =Division. which includes Administrative Template-based Group Policy settings. An LDAP URL names the server holding Active Directory services and the Attributed Name of the object.DC=myco.CN=Product. Win logon A component of the Windows operating system that provides interactive logon support. For example: LDAP://SomeServer. Because the domain controller is offline during the time that the tombstone is alive. . LDAP version 2 and version 3 are used by Windows 2000 Server's Active Directory. which are replicated among all domain controllers in the domain.CN=Sys. The SYSVOL share includes group policy information which is replicated to all local domain controllers. and information regarding applications that are available for software installation. and if the object is modified. The Sysvol contains the data in a GPO: the GPT. The "Active Directory Users and Computers" tool is used to change the file replication service schedule.

) What is an ACE or access-control entry? ACE contains a set of access rights and a security identifier (SID) that identifies a trustee for whom the rights are allowed. An administrator determines which operations must be done on the master controller. There can be only one schema master in the whole forest. Universal groups couldn't be created in Mixed mode. denied. and the changes are replicated to all other domain controllers. These operations are all set up on the master controller by default and can be transferred later. it may not be practical to have a global catalog in smaller branch office locations. event. (An object can be a file. groups. By default. For these sites. or anything else having a security descriptor. . process. The day-to-day operations that are associated with managing users. Flexible Single Master Operations (FSMO) MultiMaster Operation: In Windows 2000 & 2003. which can store universal group membership information locally.Universal group membership caching Due to available network bandwidth and server hardware limitations. the universal group membership information contained in the cache of each domain controller will be refreshed every 8 hours. Up to 500 universal group memberships can be updated at once. you can deploy domain controllers running Windows Server 2003. There is a set of Flexible Single Master Operations (FSMO) which can only be done on a single controller. What is an ACL or access-control list? A list of security protections that applies to an object. FSMO operations types include: Schema Master: The schema master domain controller controls all updates and modifications to the schema. every domain controller can receive changes. or audited. and computers are typically multimaster operations.

If RID master is down (u can create security objects up to RID pools are available in DCs) else u can’t create any object one itSDs down When a DC creates a security principal object such as a user or group. PDC Emulator . Relative ID (RID) Master: It assigns RID and SID to the newly created object like Users and computers. This works when we are renaming any group member ship object this role takes care. the computer Active Directory is on acts as a Windows NT PDC. it attaches a unique Security ID (SID) to the object. If all the domain controllers in a domain also host the global catalog. Infrastructure Master: Synchronizes cross-domain group membership changes. The infrastructure master cannot run on a global catalog server (unless all DCs are also GCs. SAM directory replication requests. At any one time. The first server that becomes a Windows 2000 domain controller takes the role of PDC emulator by default. Note: The Infrastructure Master (IM) role should be held by a domain controller that is not a Global Catalog server (GC). all the domain controllers have the current data. .Domain naming master: The domain naming master domain controller controls the addition or removal of domains in the forest and responsibility of ensuring that domain names are unique in the forest. and a relative ID (RID) that is unique for each security principal SID created in a domain. There can be only one domain naming master in the whole forest.) The infrastructure is responsible for updating references from objects in its domain to objects in other domains. cross-domain object references in that domain will not be updated and a warning to that effect will be logged on that DC's event log.When Active Directory is in mixed mode. Functions performed by the PDC emulator: User account changes and password changes. This SID consists of a domain SID (the same for all SIDs created in a domain). there can be only one domain controller acting as the infrastructure master in each domain. This is because a Global Catalog server holds a partial replica of every object in the forest. and it is not important which domain controller holds the infrastructure master role. If the Infrastructure Master runs on a Global Catalog server it will stop updating object information because it does not contain any references to objects that it does not hold. Domain master browser requests Authentication requests. As a result.

Domain Administrators and Enterprise Windows Functional levels In Windows 2000 Active Directory domains is the concept of Mixed and Native Modes. The concept is rather similar to switching from Mixed to Native Mode in Windows 2000. • InetOrgPerson class.it cannot be reversed. you are only allowed to have Windows 2000 domain controllers in your domain. • Efficient search capabilities. • Universal group membership caching. Prevent the need to locate a global catalog across a WAN when logging on by storing universal group membership information on an authenticating domain controller.GPO Time synchronization New Active Directory features in Windows Server 2003 • Multiple selection of user objects. The userPassword attribute can also be used to set the account password. The conversion is a one-way conversion -. The inetOrgPerson class has been added to the base schema as a security principal and can be used in the same manner as the user class. or computer can own in a given directory partition. Once you convert to Native Mode. Search functionality is object-oriented and provides an efficient search that minimizes • Saved queries. • Active Directory quotas. Reduce the time it takes to add an additional domain controller in an existing domain by using backup media. Save commonly used search parameters for reuse in Active Directory Users and Computers • Active Directory command-line tools. Signing LDAP traffic guarantees that the packaged data comes from a known source and that it has not been tampered with. • Drag-and-drop functionality. The new functional levels give you additional capabilities that the previous functional levels didn’t have. Microsoft introduced forest and domain functional levels. • Secure LDAP traffic. Active Directory administrative tools sign and encrypt all LDAP traffic by default. In Windows Server 2003. Quotas can be specified in Active Directory to control the number of objects a user. group. . The default mixed mode allows both NT and Windows 2000 domain controllers to coexist. • Ability to add additional domain controllers using backup media.

Windows Windows Windows Windows 2000 Mixed (supports NT4/2000/2003 DCs) 2000 Native (supports 2000/2003 DCs) Server 2003 Interim (supports NT4/2003 DCs) Server 2003 (supports only 2003 DCs) And three forest functional levels: 1. Configuration partition It contains replication configuration information (and other information) for the forest. To raise the forest functional level you go to the properties of Active Directory Domains and Trusts at the root. Windows 2000 Interim (supports NT4/2003 DCs) 3. By default. Windows Server 2003 (supports only 2003 DCs) To raise the domain functional level. each domain controller has a replica of three partitions: the schema partition the Configuration partition and a Domain partition. is a contiguous Active Directory subtree replicated on one. Directory partition A directory partition. Windows 2000 domain controllers in a forest. There is one schema directory partition per forest. Application Directory Partition Application directory partitions are most often used to store dynamic data. There is one configuration directory partition per forest. you won’t be able to raise the forest functional level. 4. you go to the properties of your domain in Active Directory Domains and Trusts. An application partition can not contain security principles (users. 3. Domain partition It contains all objects that are stored by one domain.There are four domain functional levels: 1. There is one domain directory partition for each domain in the forest. groups. Of course. 2. or naming context. Schema partition It contains all class and attributes definitions for the forest. Windows 2000 (supports NT4/2000/2003 DCs) 2. and computers). if your domains are not at the correct level.The KCC generates and maintains the replication topology for an application directory partition . or more.

SMTP can be used only for inter-site. Dynamic Data: A dynamic entry is an object in the directory which has an associated time-to-live (TTL) value. configuration. Changing of ntds. The TTL for an entry is set when the entry is created. Security Principles . Type info. User Computer Group . The objects or data that applications and services store here can comprise of any object type excluding security principles. Security principles are Users. and Dynamic Host Configuration Protocol (DHCP). and global catalog partial replica replication. SMTP replication is used only for replication between sites. SMTP replication can be used only for schema. To move the database. SMTP replication observes the automatically generated replication schedule. 5. that site has mail-based connectivity only. To keep data secure while in transit.dit file from one Drive to another 1. You receive the following prompt: ntdsutil: 3.Application: The application partition is a new feature introduced in Windows Server 2003. At a command prompt. type ntdsutil. You also cannot use SMTP replication to replicate between domain controllers in the same domain—only inter-domain replication is supported over SMTP (that is. but that can be reached using the Simple Mail Transfer Protocol (SMTP). Boot the domain controller in Directory Services Restore mode and log on with the Directory Services Restore mode administrator account and password (this is the password you assigned during the Dcpromo process). Groups. The application partition typically contains DNS zone objects. type move db to %s (where %s is the target folder). RPC over IP replication uses both the Kerberos authentication protocol and data encryption. SMTP: If you have a site that has no physical connection to the rest of your network. 2. The following objects are security principles: o o o RPC: Active Directory uses RPC over IP to transfer both intersite and intrasite replication between domain controllers. Type files to receive the following prompt: file maintenance: 4. and Computers. Note the path of the database and log files.Objects that can have permissions assigned to them and each contain security identifiers.exe. inter-domain replication). This partition contains application specific objects. and dynamic data from other network services such as Remote Access Service (RAS).

Reverse lookup zone . _SRV).IP address to name map.Name to IP address map.which hold read only copies of the Primary Zones. Reboot the computer normally. DNS DNS (Domain Name system) Domain Name System (DNS) is a database system that translates a computer's fully qualified domain name into an IP address. Secondary Zones. Type quit twice to return to the command prompt. 7. type move logs to %s (where %s is the target folder). To move the log files. NS. The local DNS resolver The following graphic shows an overview of the complete DNS query process. . Primary Zones .6. 8. DNS Zones Forward lookup zone .It Holds Read and Write copies of all resource records (A.

Stub Zones Conceptually, stub zones are like secondary zones in that they have a read only copy of a primary zone. Stub zones are more efficient and create less replication traffic. Stub Zones only have 3 records, the SOA for the primary zone, NS record and a Host (A) record. The idea is that if a client queries a record in the Stub Zone, your DNS server can refer that query to the correct Name Server because it knows its Host (A) record.

Queries Query types are: Inverse - Getting the name from the IP address. These are used by servers as a security check. Iterative - Server gives its best answer. This type of inquiry is sent from one server to another. Recursive - Cannot refer the query to another name server. Conditional Forwarding Another classic use of forwards is where companies have subsidiaries, partners or people they know and contact regularly query. Instead of going the long-way around using the root hints, the network administrators configure Conditional Forwarders Purpose of Resource Records Without resource records DNS could not resolve queries. The mission of a DNS Query is to locate a server that is Authoritative for a particular domain. The easy part is for the Authoritative server to check the name in the query against its resource records.

SOA (start of authority) record each zone has one SOA record that identifies which DNS server is authoritative for domains and sub domains in the zone. NS (name server) record An NS record contains the FQDN and IP address of a DNS server authoritative for the zone. Each primary and secondary name server authoritative in the domain should have an NS record. A (address) record By far the most common type of resource record, an A record is used to resolve the FQDN of a particular host into its associated IP address.

CNAME (canonical name) record (alternate name) for a host.

A CNAME record contains an alias

PTR (pointer) record the opposite of an A record, a PTR record is used to resolve the IP address of a host into its FQDN. SRV (service) record An SRV record is used by DNS clients to locate a server that is running a particular service—for example, to find a domain controller so you can log on to the network. SRV records are key to the operation of Active Directory. MX (mail exchange) record An MX record points to one or more computers that process SMTP mail for an organization or site. Where DNS resource records will be stored: After running DCPROMO, A text file containing the appropriate DNS resource records for the domain controller is created. The file called Netlogon.dns is created in the %systemroot%\System32\config folder and contains all the records needed to register the resource records of the domain controller. Netlogon.dns is used by the Windows 2000 NetLogon service and to support Active Directory for non-Windows 2000 DNS servers.

Procedures for changing a Server’s IP Address Once DNS and replication are setup, it is generally a bad idea to change a servers IP address (at least according to Microsoft). Just be sure that is what you really want to do before starting the process. It is a bit kin to changing the Internal IPX number of A Novell server, but it can be done.

1. 2. 3. 4.

Change the Server’s IP address Stop the NETLOGON service. Rename or delete SYSTEM32\CONFIG\NETLOGON.DNS and NETLOGON.DNB Restart the NETLOGON service and run “IPconfig /registerDNS”

5. Go to one of the other DCs and verify that its DNS is now pointing to the new IP address of the server. If not, change the records manually and give it 15 minutes to replicate the DNS changes out. 6. Run REPLMON and make sure that replication is working now. You may have to wait a little while for things to straighten out. Give it an hour or two if necessary. If a server shows that it isn’t replicating with one of its partners, there are several issues to address:

A.

Check to see that the servers can ping each other.

B. Make sure that both servers’ DNS entries for each other point to the proper IP addresses C. If server A says it replicated fine, but server B says it couldn’t contact Server A, check the DNS setup on Server B. Chances are it has a record for Server A pointing to the wrong place. D. Run Netdiag and see if it reports any errors or problems.

Trust Relationship • • • • • • • • • • One way trust - When one domain allows access to users on another domain, but the other domain does not allow access to users on the first domain. Two way trust - When two domains allow access to users on the other domain. Trusting domain - The domain that allows access to users on another domain. Trusted domain - The domain that is trusted, whose users have access to the trusting domain. Transitive trust - A trust which can extend beyond two domains to other trusted domains in the tree. Intransitive trust - A one way trust that does not extend beyond two domains. Explicit trust - A trust that an administrator creates. It is not transitive and is one way only. Cross-link trust - An explicit trust between domains in different trees or in the same tree when a descendent/ancestor (child/parent) relationship does not exist between the two domains. Forest trust - When two forests have a functional level of Windows 2003, you can use a forest trust to join the forests at the root. Shortcut trust - When domains that authenticate users are logically distant from one another, the process of logging on to the network can take a long time. You can manually add a shortcut trust between two domains in the same forest to speed authentication. Shortcut trusts are transitive and can either be one way or two way.

Windows 2000 only supports the following types of trusts: • • Two way transitive trusts One way non-transitive trusts.

Incremental .Saves files and folders without clearing the archive bit. "Programs".Saves files and folders that have been changed that day. Daily . Differential . Copy . "Accessories". The archive bit is not cleared.BACKUP Archive bit: The archive bit is used to determine what files have been backuped up previously on a Windows file system. It has these tabs: . Multiplexing: Multiplexing sends data from multiple sources to a single tape or disk device. which (at this point) is just about every tape device. select "Start". The bit is set if a file is modified Types of Backups: Normal . Differential or Incremental backup. from a single system to the backup server. The archive bit is cleared. or threads. This is useful if you have a tape or disk device that writes faster than a single system can send data. The Windows 2000 "Backup Utility" will start. This is useful if you have a large system with multiple I/O devices and large amounts of data that need backing up.A differential backup contains all files that have changed since the last FULL backup. and "Backup". "System Tools". To perform a backup.Incremental backup stores all files that have changed since the last Full. Multistreaming: Multistreaming establishes multiple connections.Saves files and folders and shows they were backed up by clearing the archive bit. The archive bit is not cleared.

SYSVOL folder (Windows 2000 & 2003 Servers only) Non authoritative Active Directory restores – Changes are accepted from other domain controllers after the backup is done. System startup files 3.. .12. Authoritative Restore Example E:\ntdsutil>ntdsutil ntdsutil: authoritative restore authoritative restore: restore sub tree OU=bosses. and mark objects in Active Directory as being authoritative with respect to their replication partners.System data: 1.25.DC=com Opening DIT database. Active Directory (Windows 2000 & 2003 Servers only) 5. The registry 2. To perform an authoritative restore. restore it to a specific point in time.DC=ourdom. You can authoritatively restore only objects from the configuration and domain-naming contexts. When you are restoring a domain controller by using backup and restore programs. Authoritative Active Directory restores: Changes are NOT accepted from other domain controllers after the backup is done. Authoritative restore has the ability to increment the version number of the attributes of all objects in an entire directory. the default mode for the restore is non authoritative.. This means that the restored server is brought up-to-date with its replicas through the normal replication mechanism. The current time is 06-17-05 12:34. Most recent database update occurred at 06-16-05 00:41. Certificate server database (Windows 2000 & 2003Servers only) 6. Authoritative restores of schema-naming contexts are not supported. Component services data class registration database 4. Done. Authoritative restore allows the administrator to recover a domain controller. you must start the domain controller in Directory Services Restore Mode.

log and Res2. .Increasing attribute version numbers by 100000. 6.chk is a checkpoint file which is use by database engine to track the data which is not yet written to the active directory database file. How to restore a domain controller system: 1. Press F8 while booting.log is the transaction log file. Counting records that need updating. Active Directory records each and every transaction log files that are associated with the Ntds. "Accessories". select "Directory Services Restore Mode". Records found: 0000000012 Directory Store Files that are backed up Database file . Log on as Administrator. where nnnnn is an increasing number starts from 1.dit is the Active Directory database which stores the entire active directory objects on the domain controller.log file is full. 5. Contains these tables: • Ntds. The checkpoint file act as a pointer that maintains the status between memory and database file on disk. it holds all AD objects and attributes..dit extension refers to the directory information tree. Edb*. Open Advanced Options Menu. 4. The default location is the %systemroot%\Ntds folder. It indicates the starting point in the log file from which the information must be recovered if a failure occurs. The amount of disk space that is reserved on a drive or folder for this log is 20 MB. 3. and "Backup". When Edb.Stored in SystemRoot\NTDS\ntds. During safe mode. Select "Start". • • • Recovery without Restore . active directory renames it to Edbnnnnn. press CTRL-ALT-DEL. Res1. The . This reserved disk space provides a sufficient space to shut down if all the other disk space is being used.log: These are reserved transaction log files. Edb.dit.log. "Programs". "System Tools". 7..dit file.Transaction logs are used to recover uncommitted AD changes after a system crash. This is done by the system automatically without using a restore from a tape backup. 2. Reboot the domain controller. Select the correct Windows 2000 Server operating system if more than one system is on the computer. Each transaction file is 10 megabytes (MB).

Right-click right-click the Active Directory Schema icon again and press Operation Masters. On any domain controller. Press OK. Transferring the FSMO Roles via Ntdsutil To transfer the FSMO roles from the Ntdsutil command: Caution: Using the Ntdsutil utility incorrectly may result in partial or complete loss of Active Directory functionality. 4. if an authoritative restore was done use the "ntdsutil" command line utility. 7. 6. type Ntdsutil in the Open box. Press Specify . Syntax for restoration of partial database format: restore subtree OU=OUname. Press the Change button. Select Active Directory Schema. Register the Schmmgmt. DC=rootdomain Type "restore database" to make the entire database authoritative. in the snap-in. You should receive a success confirmation.. 5.. 10. From the Run command open an MMC Console by typing MMC.dll library by pressing Start > RUN and typing: regsvr32 schmmgmt. On the Console menu. DC=domainname. Press Add. click Start. 9. right-click the Active Directory Schema icon in the Console Root and press Change Domain Controller. Press OK.. Press OK. Use the "Restore Wizard". click Run. and type the name of the new role holder. 3. 9. and then click OK. press Add/Remove Snap-in.dll 2. Reboot the Domain Controller. . If you are NOT logged onto the target domain controller. 8. Press OK all the way out. 1.8. After the restore. How to Transfer the FSMO Roles: To Transfer the Schema Master Role: 1. Type "authoritative restore". 11. Press Add and press Close. 10.

. and then press ENTER. server connections: q fsmo maintenance: 6. ntdsutil: roles fsmo maintenance: Note: To see a list of available commands at any of the prompts in the Ntdsutil tool. type q.Microsoft Window s [Version 5.3790] (C) Copyright 1985-2003 Microsoft Corp. 4. to transfer the RID Master role. type? And then press ENTER. server connections: connect to server ms-dc04 Binding to ms-dc04 . Connected ms-dc04 using credentials of locally logg server connections: 5. fsmo maintenance: connections server connections: Type connect to server ms-dc04 where ms-dc04 is the name of the server you want to use. you would type transfer rid master: Options are: . C:\WINDOWS>ntdsutil ntdsutil: 2. and then press ENTER. Type connections.2. At the server connections: prompt.. Type roles. 3. For example. and then press ENTER. where <role> is the role you want to transfer. and then press ENTER again. Type transfer <role>.

type Ntdsutil in the Open box. fsmo maintenance: connections server connections: Type connect to server ms-dc04. Type connections. and then press ENTER. Type roles. 4. Click on Yes. On any domain controller. 1.Transfer Transfer Transfer Transfer Transfer domain naming master infrastructure master PDC RID master schema master 7. After you transfer the roles. and then click OK. To seize the FSMO roles by using Ntdsutil.2. and then press ENTER. type ?. follow these steps: Caution: Using the Ntdsutil utility incorrectly may result in partial or complete loss of Active Directory functionality. and then press ENTER. 9. click Start. type q and press ENTER until you quit Ntdsutil. and then press ENTER. You will receive a warning window asking if you want to perform the transfer.exe. where ms-dc04 is the name of the server you want to use. C:\WINDOWS>ntdsutil ntdsutil: 2. 3. Restart the server and make sure you update your backup. ntdsutil: roles fsmo maintenance: Note: To see a list of available commands at any of the prompts in the Ntdsutil tool. Microsoft Window s [Version 5.3790] (C) Copyright 1985-2003 Microsoft Corp. click Run. 8. .

Connected to ms-dc04 using credentials of locally lo server connections: 5. type q.. 9. For example. Note: All five roles need to be in the forest. server connections: q fsmo maintenance: Type seize <role>. where <role> is the role you want to seize. and then press ENTER again. Determine which roles are to be on which remaining domain controllers so that all five roles are not on only one server. You will receive a warning window asking if you want to perform the seize. to seize the RID Master role. At the server connections: prompt. 8. Click on Yes.server connections: connect to server ms-dc04 Binding to ms-dc04. . Repeat steps 6 and 7 until you've seized all the required FSMO roles. type q. If the Infrastructure Master runs on a GC server it will stop updating object information because it does not contain any references to objects that it does not hold. If the first domain controller is out of the forest then seize all roles. Note: Do not put the Infrastructure Master (IM) role on the same domain controller as the Global Catalog server. Options are: Seize domain naming master Seize infrastructure master Seize PDC Seize RID master Seize schema master 7. and then press ENTER until you quit the Ntdsutil tool. After you seize or transfer the roles. you would type seize rid master: 6.. This is because a GC server holds a partial replica of every object in the forest.

DORA DHCP Lease Process DHCP leases are used to reduce DHCP network traffic by giving clients specific addresses for set periods of time.0 to 239. The DHCP server can assign these addresses to clients that are on several subnets. Multicast scope . Two ways for a computer to get its IP address: DHCP Scopes Scope .255. Super scope .A range of IP addresses that span several subnets.255. and DNS server. DHCP Lease Process . The Multicast Address Dynamic Client Allocation Protocol (MADCAP) is used to request a multicast address from a DHCP server.A range of IP addresses that the DHCP server can assign to clients that are on one subnet.255 that can be assigned to computers when they ask for them. default gateway. Multicasting can be used to send messages to a group of computers at the same time with only one copy of the message.0. A multicast group is assigned to one IP address.A range of class D addresses from 224.DHCP Dynamic host configuration protocol is used to automatically assign TCP/IP addresses to clients along with the correct subnet mask.0.

In rare cases. using any DHCP option information in the reply. the client network initialization fails. it configures its TCP/IP properties . and joins the network. the following are required for client reservation: 1) MAC (hardware) address 2) IP address . The client continues to resend DHCPDiscover messages in the background (four times. 5 Once the client receives acknowledgment. approving the lease. message. Client Reservation Client Reservation is used to be sure a computer gets the same IP address all the time. This can happen if a client requests an invalid or duplicate address. 2 The client is offered an address when a DHCP server responds with a DHCPOffer . replying to the server with a DHCPRequest message. the client self-configures an IP address for its interface. the client can proceed in two ways: • If it is a Windows 2000–based client. Other DHCP option information might be included in the message. If a client receives a negative acknowledgment (DHCPNak). message to the local subnet. If no DHCP server responds to the client request. The attempt is repeated every 5 minutes thereafter. it then waits one second for an offer. and 16 second intervals with additional 0 to 1000 milliseconds of randomness.1 The DHCP client requests an IP address by broadcasting a DHCPDiscover . and IP auto-configuration has not been disabled. Therefore since DHCP IP address assignments use MAC addresses to control assignments. or IP auto-configuration has been disabled. a DHCP server might return a negative acknowledgment to the client. When the client sends the lease request. message containing IP address and configuration information for lease to the client. 13. every 5 minutes) until it receives a DHCPOffer message from a DHCP server. • If the client is not a Windows 2000–based client. 3 The client indicates acceptance of the offer by selecting the offered address and . 4 The client is assigned the address and the DHCP server sends a DHCPAck . The client uses port 67 and the server uses port 68. If a response is not received. the client must begin the entire lease process again. the request is repeated at 9.

These addresses are not assigned by the DHCP server. APIPA If all else fails.MDB .USed to track the structure of the DHCP database.TMP . SYSTEM. BOOTP BOOTP or the bootstrap protocol can be used to boot diskless clients WINS WINS WINS stands for Windows Internet Name Service. such as servers may use the assigned addresses in this range.MDB .Transaction logs used to recover data.LOG . . WINS is a NetBIOS Name Server that registers your NetBIOS names and resolves into IP addresses. JET*.Temporary DHCP storage.x.Exclusion Range Exclusion range is used to reserve a bank of IP addresses so computers with static IP addresses. Database files: DCHP.254. DFS The Distributed File System (DFS) allows files and directories in various places to be combined into one directory tree. Only Windows 2000 & 2003Servers can contain DFS root directories and they can have only one. then clients give themselves an Automatic IP address in the range 169.The main database DHCP.y where x and y are two random numbers between 1 and 254.

Links are automatically replicated. can be replicated.A pointer to another shared directory. and can be on any Windows 2000 & 2003 Server. DFS links. Configure the domain DFS root.It is published in Active Directory. is an API developed to provide the application developers with a powerful way to extend the functionality of . files. What is ISAPI? Internet Server Application Programming Interface (ISAPI). cannot be replicated. and other DFS roots. This provides no fault tolerance with the DFS topology stored on one computer. One root is allowed per server.Not published in Active Directory. IIS Virtual Directory: A virtual directory is a directory that is not contained in the home directory but appears to client browsers as though it were.DFS Components DFS root . Files and directories must be manually replicated to other servers or Windows 2000 & 2003 must be configured to replicate files and directories.A shared directory that can contain other shared directories. then the replicas when configuring automatic replication. Domain DFS root directories can be accessed using the Syntax: \\domain\DFSname DFS link . There can be up to 1000 DFS links for a DFS root. and can be on any Windows 2000 & 2003 Server. Types of DFS roots: Stand alone DFS root . There may be up to 31 replicas. A DFS can be accessed using the Syntax: \\Server\DFSname Domain DFS root .

The default tombstone-lifetime of 60 days. Anonymous.CN=Windows NT.Internet Information Server (IIS). You can check your tombstone-lifetime using the following command which comes with Windows Server 2003: dsquery * "CN=Directory Service. Windows Server 2003 sp1 the new default tombstone-lifetime is 180 days.CN=Configuration. How many types of authentication securities are there in IIS? In IIS there are 4 types of authentication security . How IIS can host multiple websites To distinguish between websites. IIS looks at three attributes: • • • The host header name The IP number The port number What is a host header? . It provides a convenient way to administer a set of Web sites and applications and increase reliability.DC=yourdomain. What is application pool? Application Pools” that can house a single or multiple web sites. What is a COM component? Any VB6 DLL is a COM component.DC=com" -scope base -attr tombstonelifetime What is a session Object? A Session Object holds information relevant to a particular user’s session. they are extensively used in conjunction with MS-IIS.CN=Services.Basic. Digest & Integrated windows Authentication. Although ISAPI extensions by no means are limited to IIS. as is any Windows DLL or EXE that supports the COM interfaces. What is the Tombstone? What is the default tombstone life time? How to increase the tombstone life time? The number of days before a deleted object is removed from the directory services.

DSProxy provides both of the following services: 1. Although the name implies that this component provides only proxy services. 2. so the client can find the web server. DSProxy refers Outlook client queries to an Active Directory server. DSAccess The Exchange components that need to interact with Active Directory use DSAccess to retrieve Active Directory information rather than communicating directly with domain controllers and global catalog servers Forestprep When you use the /ForestPrep option. To verify that the setup /forestprep command completed successfully on a computer that is running Microsoft Windows 2000 Server in an Exchange 2000 environment. EXCHANGE SERVER DS PROXY DSProxy is the component in Microsoft Exchange Server 2003 that provides an address book service to Microsoft Outlook clients. the Exchange Setup program extends the Active Directory schema to add Exchange-specific classes and attributes. This means that configuring IIS to use host headers is only one step in the approach to host multiple websites using host headers to distinguish between the websites. A configuration of the DNS server (usually means that you need to add an (A) record for the domain) is also required. DSProxy emulates a MAPI address book service and sends proxy requests to an Active Directory server. use either of the following methods: • Look for event ID 1575 DomainPrep: .A host header is a string part of the request sent to the web server (it is in the HTTP header).

DomainPrep creates the groups and permissions necessary for Exchange servers to read and modify user attributes in Active Directory. You must run DomainPrep before installing your first Exchange server in a domain MAPI (Messaging Application Programming Interface) It is an extensive set of functions that developers can use to create mail-enabled applications. Enables an application to send and receive mail over a Microsoft Mail message system Recovery Storage Group: Recovery Storage Group is a new feature in Exchange 2003. The biggest advantage of this method is that it reduces the impact of restoring a single mailbox from backup. Exmerge tool: ExMerge is to recover the mailbox data from the Recovery Storage Group. Since ExMerge creates a .pst file. List the services of Exchange Server 2003? Microsoft Exchange Event Monitors folders and triggers events for server applications compatible with Exchange Server 5.5. Microsoft Exchange IMAP4
It is a method of accessing electronic mail that are kept on a mail server.

Microsoft Exchange Information Store The information store, which is the key component for database management in Exchange Server, is actually two separate databases. The private information store database, Priv.edb, manages data in user mailboxes. The public information store, Pub.edb, manages data in public folders. Microsoft Exchange Management Provides Exchange management information using Windows Management Instrumentation (WMI). If this service is stopped, WMI providers implemented to work in Microsoft Exchange Management, like message tracking and Directory Access, will not work. Microsoft Exchange MTA Stacks You use Exchange X.400 services to connect to Exchange 5.5 servers and other connectors (custom gateways).

Microsoft Exchange POP3 POP3 is a Client/Service protocol in which e-mail is received and held for you by your Internet server. Microsoft Exchange Routing Engine The Exchange Routing Engine uses Link State information for e-mail routing. The Routing Engine will forward this information to the Advanced Queuing Engine. The default size of routing table log file is 50 MB and default age is seven days. Microsoft Exchange Site Replication Service Provides directory interoperability between Exchange 5.5 and Exchange 2000 Server or Exchange 2003. Site Replication Service (SRS) acts as a directory replication bridgehead server for an Exchange site. SRS runs on Exchange 2000 and serves as a modified Exchange 5.5 directory. SRS uses Lightweight Directory Access Protocol (LDAP) to communicate to both the Active Directory® directory service and the Exchange 5.5 directory. To Exchange 5.5, SRS looks similar to another Exchange 5.5 configuration/recipients replication partner. Microsoft Exchange System Attendant Provides monitoring, maintenance, and Active Directory lookup services (for example, monitoring of services and connectors, proxy generation, Active Directory to metabase replication, publication of free/busy information, offline address book generation, mailbox maintenance, and forwarding Active Directory lookups to a global catalog server). If this service is stopped, monitoring, maintenance, and lookup services are unavailable. If this service is disabled, any services that explicitly depend on it cannot start.

What are the Exchange Server 2003 - Troubleshooting Eseutil commands? Eseutil /mh Here is a simple switch to verify the state of an Exchange database. All that eseutil /mh does is to determine whether the last shutdown was clean or dirty. Eseutil /mh is ideal to practice getting to the right path and executing eseutil without doing any harm to the mailstore databases. Eseutil /ml Similar to the /mh, except this switch performs an integrity check on log files, for example, E00.log. Eseutil /mm Dumps metadata from the database file (not the logs). Specialist use only, I find the output fascinating but not very useful.

Eseutil /mk Provides information about the checkpoint file. Handy for troubleshooting backup / restore problems. Where /mh used priv1.edb, remember to substitute the name of the checkpoint file E00.chk with /mk. Eseutil /k to check for damaged headers Eseutil /cc for troubleshooting Eseutil /d to defrag the .edb database Example: eseutil /d e:\exchsrvr\mdbdata\priv1.edb (Or other path to your store) Eseutil /r to repair Exchange 2003 log files Eseutil /p will attempt to repair a corrupted store database Eseutil /y Copies a database, streaming file, or log file Eseutil /g Verifies the integrity of a database Eseutil /m Generates formatted output of various database file types. e.g. /mh Isinteg Utility (Information Store Integrity Checker) finds and eliminates errors from the public folder and mailbox databases at the application level. it can recover data that Eseutil cannot recover. Offline Storage Files (.OST) file Microsoft Exchange Server locally stores its data in OST file on your storage Device. An OST file is a component Of Microsoft Exchange Server and can’t be used with Microsoft Outlook. At the time of when exchange server crashes or when mailbox is deleted from the exchange server, OST file gets inaccessible and remains on the users computer holding large part of emails, calendar, journals, notes, contacts, tasks etc. Advanced Queuing Engine (AQE) The Advanced Queuing Engine (AQE) is responsible for creating and managing message queues for e-mail delivery. When AQE receives a Simple Mail Transfer Protocol (SMTP) mailmsg object, this object will be forwarded to the Message Categorizer. The Advanced Queuing Engine then queues the Mailmsg object for message delivery based on the Routing information provided by the Routing Engine process of Exchange Server 2003. Outbound Mail Flow in Exchange Server 2003

applies limits and restrictions. The Routing Engine determines the most efficient route for mail delivery. The MX record should point to the Exchange server and must be identified before messages can be sent or received. The following are the minimum requirements for outbound mail flow: • Exchange Server must have access to the Internet on port 25. The message categorizer validates the recipients of the message. Outlook Express. and the Exchange store receives the message from the Local Delivery queue.Outbound mail flows through an Exchange Server deployment in the following manner: 1. in turn. the Advanced Queuing Engine submits the message to the Local Delivery queue. 6. If for local delivery. Anonymous connections should be allowed. The messages are then sent via SMTP to a remote SMTP host or to the Internet. If for remote delivery. 2. The Exchange store submits the message to the Advanced Queuing Engine. or Outlook Web Access. For more information about the Advanced Queuing Engine. returns the message to the Advanced Queuing Engine. the Advanced Queuing Engine submits the message to the Routing Engine. flags the message for local or remote delivery. This access should not be blocked by firewalls or other network settings. 3. submits the messages for remote delivery. The public mail exchanger (MX) resource record configured on your public Domain Name System (DNS) service should be accessible to all other Internet domains. and. 5. The Advanced Queuing Engine submits the message to the message categorizer. • • The Exchange Server SMTP virtual server should be configured to use the default settings. . and then returns the message to the Advanced Queuing Engine. checks for proper recipient attributes. 4. for example) and are submitted to the local Exchange store. Mail messages are sent from a client (Microsoft Outlook.

You can change the frequency though How many scopes you can create As a general recommendation. If extra (spare) disks are available.000 clients per server. What is the DHCP automatic backup time? In fact.QUESTIONS What protocol and port does DHCP use? DHCP. 10. In Raid 5. However if two hard disks fail at same time. information all data are available in case one of the disks fails.if u r using 5 u will get only 4 because 1 goes for parity). suppose I have 5 HDD of 10-10 GB.000 scopes defined for use. limit each DHCP server to having no more than 1. In short RAID 5 can survive one disk failure. utilizing ports 67 and 68. then reconstruction will begin immediately after the device failure. at most. be aware that each scope creates a corresponding need for additional incremental increases to the amount of disk space used for the DHCP server registry and for the server paging file For the best possible DHCP server design in most networks. Repadmin to remove lingering objects repadmin /removelingeringobjects If there is set of 30 hard disk configured for raid 5 if two hard disk failed what about data Because of parity. it is recommended that you have. all data are LOST. -1 out of the total (eg. When adding a large number of scopes to the server. by default it's 60 minutes. after configuring the Raid how much space does I have for utilized. Advantage of LDP tool: Reanimating Active Directory Tombstone Objects we use LDP tool. like BOOTP runs over UDP. but not two or more. .

and then type the following command: mstsc -v:servername /F -console where mstsc is the Remote Desktop connection executable file. Domains and Organizational Units. where the policies are applied to Local machines. Sites. global and universal groups? Domain local groups assign access permissions to global domain groups for local domain resources. -v indicates a server to connect to. how to recover it? By deleting SAM files you can disable the passwords (C:\WINDOWS\system32\config\sam)But u have to connect the HDD to an system as a slave disk and perform the task. Where are group policies stored? %SystemRoot%System32\GroupPolicy Where is GPT stored? SystemRoot%\SYSVOL\sysvol\domainname\Policies\GUID How frequently is the client policy refreshed? 90 minutes give or take How many records can I create for my domain name? As many as you want! . /F indicates full screen mode. To connect from the remote Windows Server 2003-based computer. you are logged on just as if you were sitting at the physical console. Global groups provide access to resources in other trusted domains. Even if no one is logged on to the console. What is LSDOU? Its group policy inheritance model. no other user has to be already logged on to the console session. How to Connect to the Console Session When you connect to the console session of a Windows Server 2003-based server.If administrator forget password in 2003 server. and -console is the instruction to connect to the console session. Universal groups grant access to resources in all trusted domains. What’s the difference between local. open a command prompt.

Other computers look for these records to find Active Directory-related information. If it is set to 0. print$ and SYSVOL. What hashing algorithms are used in Windows 2003 Server? RSA Data Security’s Message Digest 5 (MD5). Only native NTFS provides extensive permission control on both remote and local files. Thus. Windows Server 2003 support passwords up to 127 characters in length. produces a 160-bit hash. the value of this setting can only be between 0 and 14. users are left with no link to the shared resources. Drive$. and _udp folders in the forward lookup zone that matches your domain name. users are allowed to have blank passwords. What hidden shares exist on Windows Server 2003 installation? Admin$. _tcp. Thus. and the Secure Hash Algorithm 1 (SHA-1). Minimum password length determines the minimum number of characters a password can have. Character limitation of email id is 64 Character limitation of Distribution list is 256 Character limitation of user id is 20 Where DNS Zone file will be stored? Backup of the zone file stored in %SystemRoot%\System32\DNS is created in the %SystemRoot%\System32\DNS\backup folder. What’s the difference between standalone and fault-tolerant DFS (Distributed File System) installations? The standalone server stores the Dfs directory tree structure or topology locally. What does a domain controller register in DNS? The Netlogon service registers all the SRV records for that domain controller. produces a 128-bit hash. WINS automatic backup time WINS files are in SystemRoot\System32\Wins. _sites. Character limitation of user id in windows 2003 is 20 characters. which is replicated to other domain controllers. Although Windows 2000. if a shared folder is inaccessible or if the Dfs root server is down. IPC$. WINS backup will occur 24 to 27 hours after the last backup occurred. These records are displayed as the _msdcs. A file names WINS. redundant root nodes may include multiple connections to the same data residing in different shared folders. so .What’s the major difference between FAT and NTFS on a local machine? F AT and FAT32 provide no security over locally logged-on users. NETLOGON. A fault-tolerant root node stores the Dfs topology in the Active Directory.

or 3 hours.67 & 68. DCPROMO/ADV When running the wizard from the command line. Global Catalog – 3268. IMAP4 – 143. NNTP – 119.you should not use a value of 0. How do you delete a lingering object? Windows Server 2003 provides a command called Repadmin that provides the ability to delete lingering objects in the Active Directory. HTTP – 80 RDP . If I delete a user and then create a new account with the same username and password. they replicate to one another within 5 minutes. It is stored in an NT4-style SAM file and is the only account available when the AD is corrupted.443. you can append the /adv switch to the dcpromo command to populate the directory using a backup of system state data from another domain controller in the same domain. If you delete a user account and attempt to recreate it with the same user name and password. This password is not stored in Active Directory. What is default time for replication between DC to DC? Domain controllers that exist in the same site will replicate to all other domain controllers within 15 minutes. SNMP – 161.69.exe to install Active Directory. Kerberos – 88 . Installing from backup . would the SID and permissions stay the same? No. it requested a password to be used for the Administrator password for Active Directory Restore Mode. POP3 – 110. What is default time for replication between sites to site? The default replication interval between two sites is 180 minutes.53 DHCP . FTP – 21. LDAP – 389. TFTP. LDAP – 389. Maximum default password age is 42. SSL. It is recommended that you set this value to 8 characters. RPC – 135.3389 DNS . Password storage location: When you ran Dcpromo. the SID will be different. Note: in win2k 15 mins. win2k3 5 mins What are the modes in Terminal services? Application server mode and Remote administration mode Ports What are the standard port numbers? SMTP – 25. If there are only two domain controllers.

What is the maximum amount of databases that can be hosted on Exchange 2003 Enterprise? – 20 databases. 4 SGs x 5 DBs. Some features that are new in Exchange 2003 are: M: Drive Mapping Removed Exchange Instant Messaging Removed Volume Shadow Copy Service for Database Backups/Recovery Mailbox Recovery Center Recovery Storage Group Front-end and back-end Kerberos authentication Distribution lists are restricted to authenticated users Real-time Safe and Block lists Inbound recipient filtering Attachment blocking in Microsoft Office Outlook Web Access HTTP access from Outlook 2003 Queues are centralized on a per-server basis Move log files and queue data using Exchange System Manager Multiple Mailbox Move tool Dynamic distribution lists .media reduces the amount of data that must be replicated over the network. thus reducing the time required to install Active Directory. What is the default life time period not deleting an unconnected mailbox? The timeline for not deleting an unconnected mailbox from the storage is 30 days by default and can be increased using a private storage system policy.

Routing Group Connector: Native Exchange method to transfer email to other servers.400 Connector: Little used method of transmitting email messages.5 versions? Circular Logging is turned on by default for Exchange Server 5. X. Summary Exchange Server 2003 Routing Groups: Folder holding a bunch of servers. If the feature is still needed. What happened to the M: drive? The EXIFS (M: drive) feature has been disabled by default.1. it can be assigned to an available drive letter with a registry setting. Bridgehead is a key concept where you have . What is the difference between Exchange 2003 Standard and Exchange 2003 Enterprise editions? Standard Edition • • • 16 GB database limit One mailbox store One public folder store Enterprise Edition • • • • Clustering Up to 20 databases per server X.5 and earlier.400 Connectors 16 TB database limit. Routing Group Master: Co-ordinates routing information to all servers in the group Bridgehead server In Windows 2000 Server. SMTP Connector: Internet connector. bridgehead servers are the contact point for the exchange of directory information between sites.700 Exchange-specific events using Microsoft Operations Manager (requires Microsoft Operations Manager) Deployment and migration tools Is circular logging enabled in Exchange 5. but circular logging is turned off by default for Exchange 2000 Server. Connectors: Configurable 'pipes' that join the servers in different routing groups.

By default. With native Windows commands only: NBTSTAT -a remotecomputer | FIND "<03>" | FIND /I /V "remotecomputer" . OR A domain controller that is used to send replication information to one or more other sites MS _ SQL Where do you think the user’s names and passwords will be stored in sql server? They get stored in master db in the sysxlogins table. like maybe when there is a performance degradation. with native commands only: NET SESSION | FIND /C "\\" Remotely. Let us say the SQL Server crashed and you are rebuilding the databases including the master database what procedure to you follow? . the Knowledge Consistency Checker (KCC). All the mail in one group is physically routed through the bridgehead server. Either you nominate one server on each side of the connector as a bridgehead.For restoring the master db we have to stop the SQL Server first and then from command line we can type SQLSERVER –m which will basically bring it into the maintenance mode after which we can restore the master db. or all servers can be bridgeheads. with the help of SysInternals' PSTools: PSEXEC \\servername NET SESSION | FIND /C "\\" Who is logged on to a computer? We often need to know who is currently logged on to a remote computer. automatically chooses servers to act as bridgehead servers. Windows Important commands How many users are logged on/connected to a server? Sometimes we may need to know how many users are logged on to a (file) server.more than one server in each routing group. At the server's console itself. Your bridgehead options are extremely flexible. the Active Directory replication topology generator.

PSLOGGEDON -L \\remotecomputer PSEXEC \\remotecomputer NET CONFIG WORKSTATION | FIND /I " name " What is this collegue's login name? My collegues often forget to mention their logon account name when calling the helpdesk. but the NBTSTAT command is much faster. when copied. except it will display the last logged on user if no one is currently logged on. that some Windows Server 2003 Active Directory functionality is not available in Windows 2000 Active Directories. because it requires neither Active Directory nor Windows Server 2003 commands. but it is language dependent! For non-English Windows you may need to modify FIND's search string. What is the full name for this login name? With the native NET command: NET USER loginname /DOMAIN | FIND /I " name " With (native) Windows Server 2003 commands: DSQUERY USER -samid *loginname* | DSGET USER -samid -display Note: The NET command may seem more universal. Keep in mind. The others all show more or less the same results.The first name in the list usually is the logged on user (try playing with the NET NAME command to learn more about the names displayed by NBTSTAT). With (native) Windows Server 2003 commands only: DSQUERY USER -name *lastname* | DSGET USER -samid -display Note: Windows Server 2003's "DSTools" will work fine in Windows 2000 and XP too. and the helpdesk doesn't always ask either. I suppose they expect me to know all 1500+ accounts by heart. With the help of SysInternals' PSTools: or: or: PSEXEC \\remotecomputer NET NAME PSLOGGEDON is the most accurate solution. however. .

What groups is this user a member of? In Windows NT 4 and later. Is someone's account locked? With the native NET command: NET USER loginname /DOMAIN | FIND /I "Account active" . you will then be prompted (twice) to type the new password "blindly". users usually are members of global groups. These global groups in turn are members of (domain) local groups. To check if a user has access to a resource. we need to check group membership recursively. However. sometimes SHOWACLS from the Window Server 2003 Resource Kit Tools is a better alternative: CD /D d:\directory2check SHOWACLS /U:domain\userid When did someone last change his password? With the native NET command: NET USER loginname /DOMAIN | FIND /I "Password last set" How do I reset someone's password? With the native NET command: NET USER loginname newpassword /DOMAIN With (native) Windows Server 2003 commands: DSQUERY USER -samid loginname | DSMOD USER -pwd newpassword Note: To prevent the new password from being displayed on screen replace it with an asterisk (*). With (native) Windows Server 2003 commands: DSQUERY USER -samid loginname | DSGET USER -memberof -expand What permissions does a user have on this directory? One could use the previous command to check what permissions a user has on a certain directory. Access permissions are given to (domain) local groups.

CSV ) The only prerequisites are: 1.EXE. a list of server names in a file named SERVERS. which is native in Windows XP Professional.FileSystem. if the password needs to be reset as well: NET USER loginname newpassword /DOMAIN /ACTIVE:YES List all domains and workgroups in the network With the native NET command: NET VIEW /DOMAIN List all domains controllers With (native) Windows Server 2003 commands: DSQUERY Server or.DeviceID. one server name on each line.TXT. 3.CSV should not exist or be empty.FreeSpace. 2.FreeSpace.%%A "I need an up-to-date list of disk space usage for all servers.Size (one line for each harddisk partition on each server)." %%A IN ('DSQUERY Server') DO @ECHO. on my desk in 5 minutes" Sounds familiar? With (native) Windows XP Professional or Windows Server 2003 commands: FOR /F %%A IN (servers. and WMIC.txt) DO ( WMIC /Node:%%A LogicalDisk Where DriveType="3" Get DeviceID.FileSystem. .Size /Format:csv | MORE /E +2 >> SRVSPACE. SRVSPACE. Windows Server 2003 and Vista. if you prefer host names only: FOR /F "tokens=2 delims==. How to unlock a locked account With the native NET command: NET USER loginname /DOMAIN /ACTIVE:YES or.The account is either locked ("Locked") or active ("Yes"). The CSV file format is ServerName.

csv .TXT itself can be generated with the NET command: FOR /F "delims=\ " %%A IN ('NET VIEW ^| FIND "\\SRV-"') DO (>>SERVERS. SERVERS. followed by a tab and a space.csv Or. (2) delims is a backslash.If you have a strict server naming convention.TXT ECHO.%%A) Notes: (1) assuming server names start with "SRV-". Inventory drivers on any PC With (native) Windows XP Professional or Windows Server 2003 commands: DRIVERQUERY /V /FO CSV > %ComputerName%. for remote computers: DRIVERQUERY /S remote_PC /V /FO CSV > remote_PC. modify to match your own naming convention.

com. The categorizer also expands distribution lists and applies per-user limits to messages The architecture of the Exchange categorizer What queues should I monitor? . from an SMTP address such as Ted@contoso. the categorizer uses the header information on the message to query Active Directory for information about how and where the message must be delivered. the categorizer identifies the Exchange Server 2003 server that contains the user's mailbox and determines how to route the message to that server. When a message is submitted to the transport process.SMTP Categorizer The SMTP categorizer (also referred to as the categorizer) is a component of the Exchange Server 2003 transport engine. For example.

messages may not be delivered. This queue contains messages that have passed through the presubmission queue and are waiting to be processed by the message categorizer. the required mailbox store may be disabled on a front-end server. Messages in this queue have not yet been processed by the message categorizer. it may indicate a performance problem on the Exchange server. Messages can accumulate in this queue if problems exist with routing. Reasons the message categorizer may be unable to process messages include the following: o The message categorizer may not be able to access the global catalog to attain recipient information. o o The global catalog lookup may be performing slowly. If this queue is in a Retry state (that is. If this is a front-end server. Messages Awaiting Directory Lookup Also called the pre-categorization queue. Remote Delivery Contains messages that are destined for remote delivery. . This queue contains messages accepted by the SMTP service. Messages will accumulate in this queue when the message categorizer is unable to process messages. If messages are accumulating in this queue. Consider using Queue Viewer in Exchange System Manager to monitor the status and state of the following queues: Messages Pending Submission Also called the pre-submission queue. use Telnet. Messages can accumulate in this queue if the Microsoft Exchange Information Store service is not accepting messages or if it has a performance problem.exe to try to connect to the intended destination host.Messages will pass through the following queues during outbound mail flow. If problems exist with the queues. Local Delivery Contains messages destined for recipient mailboxes that reside on the local Exchange 2003 server. Messages Waiting to be Routed Contains messages destined for remote delivery. or it may indicate a problem with an event sink (such as custom SMTP processing code for anti-virus screening). Restart the SMTP virtual server to immediately retry sending queued messages. the connection has failed).

Reasons that messages will accumulate in this queue include the following: o The Microsoft Exchange Information Store service is unavailable or not running o o A mailbox store is not mounted. NDRs are delivery status notifications. including if the message is corrupted or if system resources are low. Issues exist with the IMAIL Exchange store component. For example. Reasons that messages may not be able to The route cannot be determined The routes are unavailable A connector is down Contains messages that are queued Messages Queued for Deferred Delivery following: o for later delivery. review your server configuration to determine whether you have non-Microsoft programs or event sinks installed (such as virus scanners) that can interfere with message queuing. If the system is responding slowly. If messages appear in this queue. Contains messages that failed queue submission.Messages with an Unreachable Destination reach their destinations include the following: o o o Contains messages that cannot reach their final destination server. use Windows Task Manager to identify processes . Reasons that messages will be placed in this queue include the Messages are sent by previous versions of Microsoft Outlook (such as Outlook 2000) o A message is sent to a user's mailbox while the mailbox is being moved o The user does not yet have a mailbox and no master account security ID (SID) exists for the user o SMTP message routing is configured in a way that causes a message to loop (looping messages are moved to this queue) DSN Messages Pending Submission Contains delivery status notifications that are waiting to be rendered by Exchange Server. Failed Message Retry Messages can fail for several reasons.

Version .with system resources. even if the server is shut down) take over the screen mount remote physical CD/DVD drive or image. The iLO card has a separate network connection (and its own IP address) to which one can connect via HTTPS.5i Hp or Dell Management: If you talk about HP Management tool through this tool we can find out the problems like HDD. Possible options are: reset the server (in case the server doesn't respond anymore via the normal network card) power-up the server (possible to do this from a remote location. HDD Model and Array Configuration and ILO concepts ILO makes it possible to perform activities on a HP server from a remote location. Firm ware up gradation HP Management server tool: .we can take down the error number log call to Vendor. then Vendor will come to our site resolve the problem. Restarting Internet Information Services (IIS) may solve the problem temporarily and allow you more time to identify the root cause of the problem. there like port0 by 1 …. 2950 While installation of os Putting that server cd given by hp or dell We can configure raid Or go to the bios we can do that Note: Array ante RAID 5 Configuration Array configuration: To create or implement to RAID Controller concepts we need to configure array. access the server's IML (Integrated Management Log) remote console (in some cases however an 'Advanced license' maybe required for some of the utilities to work) Hardware Models DL 380 Rack mountable servers Dell Power Edge 2850.

Service Pack 2.The SMS Inventory Tool for HP ProLiant and Integrity Update enables the use of Microsoft Systems Management Server 2003 with Service Pack 1. utilities.9 for ProLiant servers Support of the Collect Utility to ISP 5.6 and later for Windows Server 2003. The version 1.SP2. This product expands on existing integration tools for ProLiant with SMS 2000 and SMS 2003. or Service Pack 3 (SMS 2003 SP1 .3 release provides support for Collect Utility to the newer PSP's and ISP's • • ProLiant Support Packs (PSP) represent operating system (OS) specific bundles of ProLiant optimized drivers.6 and Integrity Support Pack 4. The SMS Inventory Tool allows customers that have chosen SMS 2003 to manage HP server inventory and software with the tool they also use to manage operating system software updates.2 supported for Windows Server 2000 " Supports ProLiant Support Pack 7.2 for Integrity servers Usability • • • • Simplified distribution of ProLiant and Integrity support packs directly from HP. firmware.2 and later for Windows Server 2003 HP array configuration utility (RAID5) Overview .for management and distribution of HP ProLiant and Integrity server system software. and management agents The SMS Inventory Tool for HP ProLiant and Integrity Update enhances previous SMS integration tools provided by HP. such as filtering by server model or Windows version. All data is presented through the SMS interface What ‘s New : The SMS Inventory Tool for HP ProLiant and Integrity Servers Updates has been updated. ROM. The tool also enables management and distribution of complete Support Packs or individual components (drivers. and software agents) to defined collections of servers. Customers using SMS will appreciate the obvious integration of the HP server software catalog within the SMS management structure. PSP 7. or SP3) . It allows remote scanning of HP server software configurations and reporting of the results via standard template reports. including server inventory with adjustable scope. The Inventory tool supports all SMS features. The Inventory tool adds the following features: Management • • Support of the Collect Utility to PSP 7. utilities. and management agents Integrity Support Packs (PSP) represent operating system (OS) specific bundles of Integrity optimized drivers.com through the SMS user interface Complete installation documentation and an interactive Troubleshooting Assistant to allow simple resolution of common installation and configuration questions Supports ProLiant Support Pack 7.9 and Integrity Support Pack 5. and complete support packs.

ATA. Take Control with Dell Systems Management. change management and more. printers and network platforms interface seamlessly with most standards-based management tools and consoles.0 Dell OpenManage™ Server Administrator Storage Management provides enhanced features for configuring a system's locally-attached RAID and non-RAID disk storage. storage. Array Diagnostic Utility (ADU). If you have an Array Manager installation and need information on how to migrate from Array Manager to Storage Management. servers. storage. Dell server. Dell's approach to systems management is to provide inherently manageable. or rebuilding failed physical disks. services and standardized components to provide customers with costeffective broad-based systems management functionality. Dell systems management solutions and platforms provide the pro-active management information and control functions you need to optimize deployment. The advantages of our interoperable management solutions derive from Dell's commitment to: • • Open manageability —Dell's instrumented clients. Dell Management Tool (OMSA) . These tools lower the total cost of ownership by reducing training and technical expertise necessary to install and maintain HP server storage. You can also perform data-destructive tasks. health status monitoring. Industry standards —Dell champions open standards within the industry because they are the foundation for management systems that can deploy. Storage Management enables you to perform controller and enclosure functions for all supported RAID and nonRAID controllers and enclosures from a single graphical or command-line interface without requiring use of the controller BIOS utilities. and client solutions are designed to help simplify and automate the administration of your technology resources-and to help you control your IT investment. you can protect your data by configuring data-redundancy. Standards also give you greater choice in the selection of your systems management solution. refer to the product documentation prior to Storage Management 2. Array Manager is no longer an installable option. networking. Using Storage Management. "bestin-class" technologies. and SAS but not fibre channel. providing more flexibility to better meet your specific requirements.All Smart Array products share a common set of configuration. Storage Management supports SCSI. • . The command-line interface is fully-featured and scriptable. fault recovery. The graphical interface is wizard-driven with features for novice and advanced users and detailed online help. This software consistency of tools reduces the cost of training for each successive generation of product and takes much of the guesswork out of troubleshooting field problems.1 or Dell OpenManage 5.1. All users of Storage Management should be familiar with their storage environment and storage management. assigning hot spares. monitor and upgrade heterogeneous computing environments. Strong partnerships —Dell partners with industry-leading companies to deliver integrated. NOTE: Starting with Dell OpenManage 5. standards-based platforms along with a comprehensive set of standards-based tools for proactive management throughout the computing life cycle. and Systems Insight Manager. including Array Configuration Utility (ACU).open manage server administrator 7.0. management and diagnostic tools. SATA.

NOTE: This release of Storage Management only supports hardware RAID. These techniques enable RAID to provide data redundancy or better performance. commercial implementation of RAID levels by different vendors may vary from the actual RAID specifications. Although the RAID Advisory Board (RAB) defines the RAID levels. You can. you can mirror a pair of hardware RAID 5 volumes across two RAID controllers to provide RAID controller redundancy. NOTE: The RAID Advisory Board (RAB) defines the specifications used to implement RAID. the system can continue to operate using the unaffected disk. the operating system must implement the RAID levels. extended chunk of disk space. such as striping. Hardware and Software RAID RAID can be implemented with either hardware or software. There are different RAID levels that use different methods for storing and reconstructing data. and storage capacity. which means for some RAID levels lost data cannot be restored. RAID Concepts RAID uses particular techniques for writing data to disks. using software RAID by itself can slow system performance. Not all RAID levels maintain redundant data. The RAID levels have different characteristics in terms of read/write performance. to store and reconstruct data. use software RAID on top of hardware RAID volumes to provide greater performance and variety in the configuration of RAID volumes. When using software RAID. RAID uses different techniques. Both sides of the mirror contain the .RAID? While installation of os Putting that server cd given by hp or dell We can configure raid Or go to the bios we can do that RAID (Redundant Array of Independent Disks) is a technology for managing how data is stored on the physical disks that reside in your system or are attached to it. protection. A key aspect of RAID is the ability to span physical disks so that the combined storage capacity of multiple physical disks can be treated as a single. however. If one of the disks in the mirror fails. Which RAID level you choose depends on whether your priority is performance. mirroring. Mirroring provides data redundancy by maintaining two copies of the same data on different physical disks. For this reason. These techniques include: • Mirroring (RAID 1)— Duplicating data from one physical disk to another physical disk. A system using hardware RAID has a RAID controller that implements the RAID levels and processes data reads and writes to the physical disks. An implementation used by a particular vendor may affect the read and write performance and the degree of data redundancy. or storage capacity. data protection. For example. and parity. Another key aspect of RAID is the ability to maintain redundant data which can be used to restore data in the event of a disk failure.

• Striping (RAID 10) — Disk striping writes data across all physical disks in a virtual disk. When one of the striped disks fails. Each stripe consists of consecutive virtual disk data addresses that are mapped in fixed-size units to each physical disk in the virtual disk using a sequential pattern. consider a stripe that contains 64KB of disk space and has 16KB of data residing on each disk in the stripe. the stripe size is 64KB and the stripe element size is 16KB. For specific information on each RAID level. the stripe writes data to physical disks one through five without repeating any of the physical disks. A mirrored RAID disk group is comparable in performance to a RAID 5 disk group in read operations but faster in write operations. Striping in combination with parity does provide data redundancy. For example. striping. consider a stripe that contains 64KB of disk space and has 16KB of data residing on each disk in the stripe. Maintaining redundant data requires the use of additional physical disks. Stripe element — A stripe element is the portion of a stripe that resides on a single physical disk. The amount of space consumed by a stripe is the same on each physical disk." Organizing Data Storage for Availability and Performance RAID provides different methods or RAID levels for organizing the disk storage. Some RAID levels maintain redundant data so that you can restore data after a disk failure. For example. and parity to provide data redundancy or improved read and write performance. one RAID level may be more appropriate than another based on the applications in the operating environment and the nature of the data being stored. if the virtual disk includes five physical disks. Parity — Parity refers to redundant data that is maintained using an algorithm in combination with striping. the data can be reconstructed from the parity information using the algorithm. the likelihood of a disk failure increases. The portion of a stripe that resides on a physical disk is a stripe element. see "Choosing RAID Levels and Concatenation. As more disks become involved. Striping by itself does not provide data redundancy. . Stripe element size — The amount of disk space consumed by a stripe element. Span — A span is a RAID technique used to combine storage space from groups of physical disks into a RAID 10 or 50 virtual disk. Either side of the mirror can act as the operational side. In this case. • • • • • RAID Levels Each RAID level uses some combination of mirroring. For example. Different RAID levels may also entail an increase or decrease in the system's I/O (read and write) performance. Because of the differences in I/O performance and redundancy.same data at all times. Stripe size — The total disk space consumed by a stripe not including a parity disk. In this case. the stripe element size is 16KB and the stripe size is 64KB.

In situations where the data is temporary. Each RAID level or concatenation has different performance and data protection characteristics.When choosing concatenation or a RAID level. it does have implications for the workload of your organization's system support staff." Choosing RAID Levels and Concatenation You can use RAID or concatenation to control data storage on multiple disks. Using additional disks to maintain data redundancy also increases the chance of disk failure at any given moment. The following sections provide specific information on how each RAID level or concatenation store data as well as their performance and protection characteristics. the increased cost of data redundancy may not be justified. the following performance and cost considerations apply: • Availability or fault-tolerance. Although this cannot be avoided in situations where redundant data is a requirement. Mean Time Between Failure (MBTF). Performance. Redundant data includes mirrors (duplicate data) and parity information (reconstructing data using an algorithm). see "Choosing RAID Levels and Concatenation. Availability or fault-tolerance refers to a system's ability to maintain operations and provide access to data even when one of its components has failed. In RAID volumes. Read and write performance can be increased or decreased depending on the RAID level you choose. • • • • • • • • RAID "Concatenation" "RAID Level 0 (Striping)" "RAID Level 1 (Mirroring)" "RAID Levels 5 (Striping with distributed parity)" "RAID Level 50 (Striping over RAID 5 sets)" "RAID Level 10 (Striping over mirror sets)" "RAID Level 1-Concatenated (Concatenated mirror)" "Comparing RAID Level and Concatenation Performance" . easily reproduced. Maintaining the redundant data or parity information associated with RAID volumes requires additional disk space. • • • For more information. or non-essential. Cost efficiency. availability or fault-tolerance is achieved by maintaining redundant data. Some RAID levels may be more appropriate for particular applications.

RAID 1. While it is not mandatory to have identical hard disks it is very highly recommended not just that you have similar sized disks but also exactly the same make and model. and going up to RAID 5 and RAID 10. You do not need to have your operating system on the RAID drives. It is similar to RAID 4 except that it exchanges the dedicated parity drive for a distributed parity algorithm. RAID 0 + 1 You could have a combination of RAID 0 and RAID 1 to provide both the speed and the security. RAID 1. RAID-1. Offers the best performance but no fault-tolerance. Also known as disk mirroring and consists of at least two drives that duplicate the storage of data. Check that the RAID facility it offers covers the type of hard disk you want to use (IDE/SATA/SCSI). This removes the "bottleneck" that the dedicated parity drive represents. Should the first hard disk fail you simply remove it. If the motherboard does not have a RAID controller you will need to add a PCI RAID controller card. Description: One of the most popular RAID levels. of course. RAID 5.comes in different flavours from RAID 0 and RAID 1 to combination of those two. Technique(s) Used: Block-level striping with distributed parity. The performance of a RAID 5 array can be "adjusted" by trying different stripe sizes until one is found that is well-matched to the application being used. Fault tolerance is maintained by ensuring that the parity information for any given block of data is placed on a drive separate from those used to store the data itself. You will. is setting up the two disks such that the second one mirrors the first providing you an up to the minute backup if something ever goes wrong with the first disk.5 A new concept but the jury is still out on this one. though the overhead necessary in dealing with the parity continues to bog down writes.or Redundant Array of Independent Disks . Tips: RAID 0 + 1 will give you the best of both worlds. RAID-0. need several hard disks for this.RAID . What you need to setup RAID 0 or RAID 1 you need to have a motherboard that has a RAID controller on it. put the second disk in it's place and carry on where you left off. also called mirroring. If there is set of 30 hard disk configured for raid 5 if two hard disk failed what about data . RAID 5 stripes both data and parity information across three or more drives. It may give you slightly higher read speeds but write speeds don't benefit. Has striping but no redundancy of data. writing data and parity blocks across all the drives in the array. improving write performance slightly and allowing somewhat better parallelism in a multiple-transaction environment.

database servers. which affect application software and essential services. memory. and scalability than can be obtained by using a single computer. . and working together as a single system to provide high availability of services for clients. drives. In short RAID 5 can survive one disk failure. all data are LOST. Enterprise Edition. then reconstruction will begin immediately after the device failure. network adapters. and power supplies. information all data are available in case one of the disks fails. Typical uses for server clusters include file servers.Because of parity. Dependencies on Other Technologies Server clusters require network technologies that use IP-based protocols and depend on the following basic elements of network infrastructure: • The Active Directory directory service (although server clusters can run on Windows NT. power outages.if u r using 5 u will get only 4 because 1 goes for parity). which does not use Active Directory). and messaging servers. Server Cluster Tools The following tools are associated with server clusters. or connectivity outages. Introduction to Server Clusters A cluster consists of two or more computers working together to provide a higher level of availability. Clustering A server cluster is a group of independent servers running Windows Server 2003. -1 out of the total (eg. but not two or more. • Application and service failures. print servers. after configuring the Raid how much space does I have for utilized. • System and hardware failures. suppose I have 5 HDD of 10-10 GB. or Windows Server 2003. which can be caused by natural disasters. If extra (spare) disks are available. • Site failures in multisite organizations. When a failure occurs on one computer in a cluster. resources are redirected and the workload is redistributed to another computer in the cluster. Datacenter Edition. You can use server clusters to ensure that users have constant access to important server-based resources. In Raid 5. which affect hardware components such as CPUs. reliability. However if two hard disks fail at same time.

Enterprise Edition. Cluster. Datacenter Edition. Datacenter Edition. Standard Edition. Enterprise Edition. the graphical user interface (GUI). plus several additional functions: VM Ware VM ware is a application software. .exe: Cluster Administrator Category Tool included in Windows Server 2003. and Windows Server 2003. Enterprise Edition. Cluster.0 This software layer creates virtual machines and contains a virtual machine monitor or “hypervisor” that allocates hardware resources dynamically and transparently so that multiple operating systems can run concurrently on a single physical computer without even knowing it. operating systems.exe provides all the functionality of Cluster Administrator. Since VMware emulates the same set of virtual devices on any machine. we will install the VM Ware software into one Server and we can create the servers.exe can target server cluster nodes that are running Windows Server 2003. and Windows Server 2003. The tool is also included in the Windows Server 2003 Administration Tools Pack. a single operating system image can be used. VMware Virtual Infrastructure Client 2. and Windows NT Server 4.exe is the command-line interface for server clusters. Datacenter Edition. Enterprise Edition. • Cluster. Windows Server 2003. Cluster. Standard Edition. Windows 2000 Advanced Server. This means that the same installation can not be used for another machine which usually has different hardware.exe Category Tool included in Windows Server 2003. operating systems. Windows Server 2003. Windows Server 2003.0. The tool is also included in the Windows Server 2003 Administration Tools Pack. . Some Advantages of VMware A normal installation of a Microsoft operating system requires a long manual process to configure the system to the specific hardware of the machine. Windows 2000 Datacenter Server.Cluadmin.

installing and supporting applications. This allows a single disk image to be used without any fear of it being corrupted. Citrix Citrix ( Citrix ICA Protocol. Application Streaming enables IT to: 1 Eliminate application conflicts and operating system instability resulting from desktop application installation 2.It is also possible to configure VMware virtual disks in a read-only mode. This has many of the same benefits of client-side virtualization and also helps reduce application silos and greatly improves management of Presentation Server farms. and deprovisioning for applications being run locally on users' machines 3. The Application Streaming feature of Presentation Server offers a compelling virtualization solution for centrally delivering all Windows-based applications to both Presentation Server environments and to desktops. Applications are streamed to a protected isolation environment on the server as opposed to the local device. Key Benefits As a key component of both client-side and server-side Application Virtualization. virtual environment. the server acts as the client. The Challenge The reality today is that many companies are hitting a wall of complexity when it comes to managing their ever-growing number of desktop applications and diverse access scenarios. so that changes to the filesystem are written to a separate log file. maintenance. deployment. rather than being written back to the disk image. Applications are managed in a centralized Application Hub. updates. Application Streaming benefits Client-side application virtualization reduces the cost of testing. Enable IT to offer applications as an on-demand service . This complexity translates into a huge amount of time and money spent providing what amounts to a patchwork solution. With server-side application virtualization.5 enables applications to be delivered to client devices and run in a protected. When the virtual machine is shut down. It also allows software to be installed experimentally with the installation only being committed if it is successful. the changes can either be discarded or committed back into the disk image. Together with application isolation technology. but are streamed to the client device and run in an isolation environment. Reduce the costs associated with regression testing. Applications become an on-demand service that is always available and up to date. port no : 1494) Citrix Presentation Server Application Streaming The application streaming feature of Presentation Server 4.

without interfering with other applications on the same device. The resulting package is a standard cabinet (.CAB) file that is transparent and is easy to work with and debug. It runs in isolation. but it is not installed. Applications are managed in a centralized Application Hub. Authorized users can start streaming the application simply by clicking on their desktop icon. • The only solution that automatically changes your password every 60 seconds MS Resource Kit Table 6 Active Directory-related command-line tools Tool Description MoveTree Move objects from one domain to another. SIDWalker Set the access control lists on objects previously owned by accounts that were . • Play – Applications behave just like they were installed locally. · Download – The application package is published to a regular network file share.4. just like with Presentation Server. but without any of the problems of installation. but can be used when it is disconnected from the network. The application is cached locally. but are streamed to the user's machine and run in an isolation environment. which determines the components and the system resources the application requires and then defines a set of rules for running the application in isolation on the endpoint device. No proprietary tools or storage systems are required. Lower application support costs by automatically updating and repairing applications every time they are used 5. · Record – Applications are packaged using the Profiler. Files are saved locally and individual settings are preserved. The application is managed centrally. Applications become an ondemand service that is always available and up to date. Speed regulatory compliance by eliminating the need for extensive testing to certify applications 6. it checks for errors or updates and delivers them automatically. Caching technology makes the application available even when not connected to the network. RSA (RAID Storage Adapter) RSA SecurID® two-factor authentication is based on something you know (a password or PIN) and something you have (an authenticator)—providing a much more reliable level of user authentication than reusable passwords. virtual environment. Every time the application is run. Enhance security by giving IT administrators complete control over applications delivered to desktops. even those of unmanaged partners and users Client side Client-Side Application Virtualization enables applications to be delivered to client devices and run in a protected.

DSACLS View or modify the access control lists of directory objects. an enterprise monitoring solution that provides comprehensive event management. as well as deregistration of resource records. A Microsoft Management Console (MMC) snap-in used to view all objects in the directory (including schema and configuration information). and displaying the Dfs topology. A primary requirement of monitoring tools is that they be easy to deploy and manage so that using them consumes minimal IT resources. verifying trusts and secure channels. It can also be used to reset access control lists to their default state. This tool enables an administrator to determine if access control lists are being inherited correctly and if access control list changes are being replicated from one domain controller to another. monitor replication status. LDP Allows LDAP operations to be performed against Active Directory. we have some suggestions that will help smooth your MOM implementation. Microsoft announced Microsoft Operations Manager (MOM) 2000. modify objects and set access control lists on objects. Check access control list propagation and replication for specified objects in the directory. DNSCMD Check dynamic registration of DNS resource records. NETDIAG Check end-to-end network and distributed services functions. orphaned. force replication events and knowledge consistency checker recalculation. display replication metadata. MOM An efficient IT enterprise requires a proactive approach to monitoring and managing Windows servers and applications to avoid service outages and downtime. or deleted. Determine whether a user has been granted or denied access to a directory object. reporting. and trend-analysis capabilities.moved. SDCheck ACLDiag DFSCheck Command-line utility for managing all aspects of Distributed File System (Dfs). . Intelligent monitoring tools can help you keep your organization's infrastructure running at acceptable service levels. including Secure DNS update. REPAdmin Check replication consistency between replication partners. proactive monitoring and alerting. NLTest Check that the locator and secure channel are functioning. force replication events and knowledge consistency checker (KCC) recalculation. DSAStat ADSIEdit Compare directory information on domain controllers and detect differences. REPLMon Display replication topology. This tool has a graphical user interface. joining computers to domains. checking the configuration concurrency of Dfs servers. a built-in knowledge base. After working with many customers to deploy MOM. To address these requirements. This tool has a graphical user interface. NETDOM Batch management of trusts. monitor replication status (including group policies).

SMS provides remote control. PS-SKILL – Kill the process through remotely PsExec is a light-weight telnet-replacement that lets you execute processes on other systems. but the kit's utility can only terminate processes on the local computer. SMS Microsoft Systems Management Server (SMS) is a systems management software product by Microsoft for managing large groups of Windows-based computer systems. Systems Management Server 2003 SP1 Product Overview Systems Management Server (SMS) 2003 with Service Pack 1 (SP1) provides a comprehensive solution for change and configuration management for the Microsoft platform. . SMS 2003 SP1 provides the following key capabilities: Application Deployment Deliver critical business productivity applications reliably and easily to users in the right place at the right time. . An optional feature is operating system deployment which requires the installation of the SMS 2003 OS Deployment Feature Pack. patch management. enabling organizations to provide relevant software and updates to users quickly and cost-effectively. You don't even have to install a client on the target computer to use PsKill to terminate a remote process. PS-EXEC – Remote Control tool 11. without having to manually install client software. You can't install the MOM server on a domain controller (DC). and hardware and software inventory. . .Installation Prerequisites Before starting a MOM implementation. PsExec's most powerful uses include launching interactive command-prompts on remote systems and remote-enabling tools like IpConfig that otherwise do not have the ability to show information about remote systems. but can also kill processes on remote systems. 10. software distribution. PsKill: Windows NT/2000 does not come with a command-line 'kill' utility. complete with full interactivity for console applications. You can get one in the Windows NT or Win2K Resource Kit. The current version is 2003 SP3 R2. verify that your environment meets all the prerequisites. you must install it on a dedicated member server that's running Windows 2000 Advanced Server Service Pack 2 (SP2) and that has access to a DC. PsKill is a kill utility that not only does what the Resource Kit's version does.

Integrating Operations and Technology Microsoft Solutions for Management Solution Accelerators provide a blueprint for addressing key management issues by combining people. Windows Management Services Integration Reduce operational costs by fully utilizing the management capabilities built into the Windows platform. customer-approved Microsoft best practices that are intended to be used by Microsoft Consulting Services or Microsoft partners to help customers achieve optimal solutions. but also introduces some changes to the supported configurations and broadens the configurations allowed. Security Patch Management Improve security of the Microsoft Windows environment through increased vulnerability awareness and reliable targeted delivery of updates. For more information. Software distribution and other management tasks can be specifically targeted to machines and users using a wide . Improvements in these areas enable enterprises to effectively manage software.Asset Management Reduce software costs and stay compliant by understanding the installed application base and its usage. Mobility Deliver enterprise management to the growing mobile workforce through industry standards independent of connection or location. processes. it is easy to obtain the target group's current hardware base. Solution Accelerators are lab-tested. Detailed reports available in SMS 2003 ease the application deployment process. read the product overview datasheet. on the Windows Server System platform. Features at a Glance Capability Application deployment Description • Detailed application deployment planning. and technology to help solve specific customer scenarios. existing applications. and version information. from devices to data centers. as well as the current service pack and hotfix levels of the system. • Rich distribution targeting. For a planned deployment. SMS 2003 SP1 Updates SMS 2003 SP1 is primarily a rollup of a number of hotfixes for SMS 2003.

Security patch management covering hardware and software inventory as well as computer status and • Vulnerability identification. After missing are then posted to the central database for reporting and targeting security patches have been identified. Applications can be easily published to of installing applications. software deployment progress. • Delta distribution between site servers and distribution points. • Vulnerability assessment and mitigation reporting. When changes are made to previously deployed software package sources. Usage can be concurrent usage data to current license ownership (compliance reports).Capability Description variety of properties including network and hardware configuration. Now you can what you need. Summary and detail reports can be tracked by user or computer. and on which managed systems they were used. A simple console wizard is provided to assist administrators in deploying required patches to managed devices. • Patch deployment wizard. rather than the entire application image. and only • Detailed hardware inventory. Standard Microsoft security tools like the Microsoft Baseline Security Inventory Analyzer and the Microsoft Office Inventory Tool for Updates enable you to inventory your systems for applicable patches and vulnerabilities. supports the Windows Installer service (. how long they were used. Asset management the Add/Remove Programs interface to provide users with a consistent way • Application usage monitoring. As missing patches are deployed. the results of these individual scans purposes. • Granular software inventory file level searching. Active Directory® organizational unit. it is able to switch user account contexts during a package installation allowing for self-healing • Add/Remove Programs support. More than 120 pre-built reports are included.msi). Windows Management Instrumentation (WMI) enhancements allow improved client-side performance during and chassis enclosure data. and distribution points. inventory scans and provide a richer set of inventory data. including BIOS • Web-enabled reporting. Because SMS 2003 application installation on "locked-down" systems. this data may be optionally . configure SMS 2003 to get you all the asset discovery you need. only the source changes are propagated between SMS 2003 site servers • Elevated rights Windows Installer Service. and group membership and software installation status. and reports can be created comparing generated specifying which applications were used by users.

Software packages can then be targeted based on these Active Directory attributes. dramatically simplifying the management of accounts and passwords within SMS 2003 • Improved status tools. Checkpoint/restart works at the byte level. when it is then executed. including organizational unit container and group level membership. • Download and execute. Windows Management Services integration • Active Directory discovery. any partial downloads to client computers will continue where they left off. The status data provides real-time information about the current state of SMS 2003 processes. The new Advanced Client uses the Background Intelligent Transfer Service (BITS) technology to automatically detect the capacity of the client network connection and adjust transfer rates efficiently. SMS 2003 can automatically discover the Active Directory properties of both users and systems. As mobile users move through geographic locations. Built-in computer and local system accounts and making the enterprise more secure by not creating extra high-rights accounts. Upon reconnection. successfully downloaded to a client. requiring only the download of those bytes in a package that haven't already been transferred. • Active Directory-based site boundaries. based on Active Directory site names. • Windows XP Remote Assistance support. Site boundaries can now be subnets. The high-performance Windows XP Remote Assistance feature is now an option for a user is present at the remote machine. After a new software package has been system until the scheduled install time. and are not required to install software across the enterprise wide area network (WAN). flexible site boundaries ensure that they receive software packages and updates from the nearest appropriate installation source. Mobility • Bandwidth-aware clients. both on servers and clients. it remains in the cache of the client • Location awareness. rather than on Internet Protocol (IP) • Advanced Security Mode. there is no need to restart transmissions because of a disconnected session. can be used for all server functions (such as database access).Capability Description updated in real time. • Checkpoint/restart. troubleshooting clients remotely from the SMS Administrator Console when When do I need to set up SMS secondary site servers? .

Active Directory services management support. You'll first want to identify any distribution options (i. Member of Team Engineers to provide Information Systems Support. At what number of workstations per remote site should I consider setting up SMS secondary site servers?Even though you may have Distribution Points sitting at the remote locations.msi you have created and create the SMS package using those options. I was planning on using each site's existing file server as a distribution point to save on bandwidth during software distribution. WSH (Windows Scrip Host). SMS's software distribution feature basically does what you tell it to do. user id creation in AD Set objNetwork = Wscript.. Can I distribute any Windows Installer (. Scripting Already default scripts are there. "\\atl-fs-01\Sales" objNetwork.msi.e. Each location has 5-7 workstations. Windows XP and PreWindows 2000 Operating systems on Desktops/Servers.WMI (windows media interface) Map network driver.msi) application using SMS? have a customized Citrix 8 client installation in the form of a . How can I use SMS 2.. command line options) for the . Networking Connectivity Issues (TCP/IP) and other Software Problems.msi) application using SMS. you still need to modify some settings on the clients to force .CreateObject("WScript..MapNetworkDrive "H:". Windows XP/2000 and Microsoft Office Suite.. PC Hardware.MapNetworkDrive "G:".Network") objNetwork.0 SP2 to distribute this? You can distribute any Windows Installer (.. • • Responsabilities2: .I have 20 remote branch locations connected back to the operations center by T1 lines. configuration and trouble shooting of Windows Operating Systems include Windows 2000 Professional.. "\\atl-fs-01\Users$\lewjudy" Responsabilities1: • • Installation.

Managing and troubleshooting Group Policy objects Considerable Knowledge on Exchange 2003 server. Creating. In backup I am taking 5 day differential and 2 day full backup. Configuring. Dail tone recovery Maintains hyd. I am managing Active Directory and Exchange servers and MOM servers and BrightStor ArcServe backup server. the mail box store has gone down. Configuration & Administration of Brightstor Arc serve 11. Disaster Recovery Plan for Active Directory servers. • Data Center Maintain ace • Vendor coordination RIS server In Hyderabad we have 44 servers and in Hyderabad we have 22 servers including all platforms. Checking the group policies and applying the group policies in active directory. Managing. Expertise in Microsoft Services like WINS. We are using McAfee anti virus group shield in the exchange server and it has deleted the recently created log file due to that the mailbox store has gone down. DL creations.• • • • Experience on windows 2003 and windows 2000 Active Directory Support and Implementation. Taking care of user creations and user deletions mailbox transfers. From Sunday to Thursday differential and Friday and Saturday full backup. In active directory checking the replication between the two sites. Installing.5 Backup server. We made it up with in an hour. Exchange Server 2003 Managing users and applying group policies. I have only considerable knowledge on Exchange mail box creation and mailbox deletions and taking care of mail box movements. DHCP and DNS. We have restored it from the backup. configuring. Which is the difficult situation u have faced in your organization? Recently we had faced an issue with our Hyderabad mail server. chenn replication of servers. and maintain the Data Centre Win 2003 Active Directory Support Disaster Recovery Active Directory Plans for Servers 2003 Exchange Administrator • • • • .

win32 time synchronize) . internal and applications servers Server Configurations HP DL 380’s 4 GB. restoration (Daily (Incremental) and Full Backup (weekly)) How many Servers (30) DC’s and file. Configuring and managing and troubleshooting group policies Configuring and troubleshooting Antivirus like MacAfee DHCP Scopes creations. 5+1 (Raid + Mirroring) total 5 HDD’s Intel Genuine 3G (Dual Core Process) all are rack mountable servers DL 380 proline HP series Dell 2950 power edge Mirror and raid for both the servers Total 5 HDD's 2 for mirror 3 for raid only we have virtusa domain single domain architecture only one we have( cross domains. mail. two sites) only one domain naming masters PDC Emulators 5 we have ( password resetting .Creating. IP Addresses Creations Terminal Services Monitoring File permissions and quotas implementation Taking the backup.

Once we get the approval from the manager. once we get the approval from the manger. Main article: Service Desk (ITSM) Tasks include handling incidents and requests. and the replication topology between sites.mdb DNS dns. In systems meeting we need to discuss what are the changes we are going to implement how much its use for organization. Then you can go ahead Suppose if you want to restart the server for that also we need to raise request in change gear. If you want to do any change you have to raise a change request through the change gear software. In Chennai we have 2 domain controllers and in Hyderabad we have 6 domain controllers One exchange server in Chennai and one more in Hyderabad One backup server in Chennai and one more backup server in Hyderabad Checking the Replication traffic between the Chennai and Hyderabad.back what is the ntds. check My responsibilities in Chennai are Managing two locations i.database. We will restart the server. I am going to do like patch management. . I have to give the explanation like I have installed the patches so its required restart to update the all the patches please approve it.DHCP: dhcp. please approve. Hyderabad and Chennai. Folder.. Service Desk This function is the single point of contact between users and IT Service Management. and providing an interface for other ITSM processes.e. then you can send it to your manager for approval. transaction logs. ITIL Every week we have systems and networking meetings.

Service Level Management. Problem management 3. maintenance contracts. software licenses. Incident management 2. Availability Management. problems and questions but also provides an interface for other activities such as change requests.can be situated and accessed from anywhere in the world due to advances in network performance and telecommunications. co-ordinate and resolve incidents as quickly as possible Service Desk: not only handles incidents.• • • • • Single Point of Contact (SPOC) and not necessarily the First Point of Contact (FPOC) There is a single point of entry and exit Easier for Customers Data Integrity Communication channel is streamlined The primary functions of the Service Desk are: Incident Control: life cycle management of all Service Requests Communication: keeping the customer informed of progress and advising on workarounds The Service Desk function is known under various names : Call Centre: main emphasis on professionally handling large call volumes of telephone-based transactions Help Desk: manage. Change management . reducing operational costs and improving usage of available resources Service Desk 1.reduces operational costs and improves usage of available resources Virtual Service Desk: for organizations having multi-country locations . Financial Management and IT Services Continuity Management The three types of structure that can be considered are: Local Service Desk: to meet local business needs . Configuration Management.is practical only until multiple locations requiring support services are involved Central Service Desk: for organizations having multiple locations .

Release management I am working on incident management. thus ensuring that the best possible levels of service quality and availability are maintained. 'Normal service operation' is defined here as service operation within Service Level Agreement (SLA) limits. A known error is a condition identified by successful diagnosis of the root cause of a problem. OLA (Operation Leave Agreements): whatever the agreements we are having with in the organization support teams. indicative of a single error. The client to owner the ticket and resolving with time stamp. Problem Management The goal of 'Problem Management' is to resolve the root cause of incidents and thus to minimize the adverse impact of incidents and problems on business that are caused by errors within the IT infrastructure. for which the cause is unknown. Incident management The goal of Incident Management is to restore normal service operation as quickly as possible and minimize the adverse effect on business operations.4. Configuration management 5. Problems can also be identified from a single significant Incident. with smallest possible business impact. The CCTA defines problems and known errors as follows: A problem is a condition often identified as a result of multiple Incidents that exhibit common symptoms. OC (Under pendent contract): Which the levels of service boundary we are having with the Vendors. Problem management is different from incident management. the purpose of incident management is to return the service to normal level as soon as possible. but for which the impact is significant. and a `known error' is a problem that is successfully diagnosed and for which a work-around has been identified. . The principal purpose of problem management is finding and resolves the root cause of a problem and prevention of incidents. SLA: while running a ticket we have an agreement with the client. and the subsequent development of a Work-around. and to prevent recurrence of incidents related to these errors. A `problem' is an unknown underlying cause of one or more incidents.

Quality control during the development and implementation of new hardware and software is also the responsibility of Release Management. in order to minimize the impact of change-related incidents and to improve day-to-day operations.Configuration Management Configuration Management is a process that tracks all of the individual Configuration Items (CI) in a system. Proper software and hardware control ensures the availability of licensed. . and version-certified software and hardware. This guarantees that all software meets the demands of the business processes. The goals of release management are: • • • • Plan the rollout of software Design and implement procedures for the distribution and installation of changes to IT systems Effectively communicate and manage expectations of the customer during the planning and rollout of new releases Control the distribution and installation of changes to IT systems The focus of release management is the protection of the live environment and its services through the use of formal procedures and checks. including license controls across the entire IT infrastructure. Change management The goal of Change Management is to ensure that standardized methods and procedures are used for efficient handling of all changes. which will function as intended when introduced into the existing infrastructure. tested. Release Management Release Management is used for platform-independent and automated distribution of software and hardware.

Another two tapes. Full backup is 6 months…. so we can only write single tape at once. We have only single head tape library. Configuration Card 5i RAID. Total 7 takes will come out in a week In tape library 32 tapes are there…. Like MOM I mean alerts Service Call: People who are generated raise a call. Differential tapes in 3 months. One goes to HDFC bank and other send it to other site. And year end last backup also Dell LT O 3 tape library 400 native mode/ 800 compressive Tape library model no is power old 132 T Dell.and year end and month end backups are going to keep preeminently.. Through bar code only it recognizes the tapes. 31st is storage drive. . HW long Ur going to keep in fire proof.every day 1st tape.By words: ITIL: Incident: automatically triggered by the server itself. After finishing the backup we have to remove from the tape library. one is IO (IO Box). We have to keep it into fire proof. Backup: Policy: 5 day differential (sun – thu) 2 day full backup (Friday – Sat) 5 tapes we are keeping into fire proof.SCSI Card Through that card only we are connecting the backup tape library to the server.

They are authenticating to the web page to the citrix server. 5i Few server details 1. availability and adaptability in a highly serviceable 4U chassis Latest servers in HP: in ML series HP ProLiant ML570 G4 Latest servers in HP: in BL series PowerEdgeTM R900 4-Socket. HP. Through this only array will recognize and we will configure RAID Array version Citrix: with the help of the RSA FOB virtually. version 9. they are connecting to the client network. Login to the remote sessions the major advantage is we can take the multiple session at the single time. Quad-Core 4U Rack Server PowerEdgeTM 6950 4-Socket.Array Configuration: to create or implement a RAID control concept. Port no : 1495. It applies during user logins. We need to configure array configuration.0----------. Dell and IBM – latest models Latest servers in HP: in DL series HP ProLiant DL585 G2 HP Proliant DL580 G4 • Scalability. Dual-Core 4U Rack Server HP BLc3000 Enclosure 2 AC Power Supplies 4 Fan Full ICE License .ICA Protocol SMS: They are extracting the batch files.

231.IBM IBM System Storage™ DS4800 processed 4. even if the server is shut down) take over the screen mount remote physical CD/DVD drive or image. providing confidence in your IT solution deployments. enterprise applications and server consolidation through virtualization services. Hp(ILO) and IBM(RSA) HP: ILO makes it possible to perform activities on a HP server from a remote location.016. the x3850 M2 delivers unrivaled reliability.98/tpmC [1]. Administrators also achieve full control of the server hardware and operating system from any client system running a Web browser. versus the HP Integrity Superdome's performance of 1. 2. Featuring an unmatched combination of x86 performance and scalability with a balanced design. power outage. Possible options are: reset the server (in case the server doesn't respond anymore via the normal network card) power-up the server (possible to do this from a remote location. The iLO card has a separate network connection (and its own IP address) to which one can connect via HTTPS.433 tpmC at $4. or loss of a network connection (using a network interface card (NIC) or modem) Remotely view a server's internal event logs and power-on self test (POST) codes for diagnostic purposes . even if the server is down or hung. access the server's IML (Integrated Management Log) remote console (in some cases however an 'Advanced license' maybe required for some of the utilities to work) Dell: Dell DRAC: The DellTM Remote Assistant Card II (DRAC II) and Dell Remote Access Card III (DRAC III) provide IT administrators with continuous access to servers. An easy upgrade path provides the necessary flexibility to deliver an optimized solution for scaleup database.222 transactions per minute (tpmC) with a price/performance of $2. efficiency and reliability to the next level. Remote management cards in Dell(Rack and D-Rack). The Dell remote-access architecture consists of hardware and software components that allow administrators to do the following: • • Access a server after a server failure.82/tpmC [1] IBM System x3850 M2 takes performance.

run applications and receive system alerts in whatever form you choose. The IBM RSA II is a PCI card service processor and it is standard in some servers and an option in others. e-mail. disks. As shown in the table below. or Simple Network Management Protocol (SNMP) trap when a server detects an error IBM RSA However it is IBM's Remote Supervisor Adapter (and the popular RSA II) that represents the next generation of comprehensive server management. Remote power control. The Virtual KVM feature for example provides full graphic console redirection.• • • • • Manage servers in multiple locations from a remote console Manage servers by redirecting the console output to a remote console (graphic and text) Perform an orderly shutdown of a server for maintenance tasks Diagnose a server failure and restart the server Alert the administrator using alphanumeric page. Another model is the RSA SlimLine which is an internal card that includes the BMC and uses a dedicated Ethernet connector on the server for communication. and augments the BMC capability so you can perform systems management functions whether your server is operational or not. So no longer is there a need for any external KVMoIP appliances at the remote site. Local logs & alerts. Vendor IBM Service Processor RSA (Remote Supervisor Adapter) IBM Director RSA II. IBM Director extends the basic RSA II software by providing a central platform for monitoring and managing all the IBM hardware resources. And the IBM + Opengear service management can be extended even further as Director also will seamlessly integrate with higher-level systems management . The BladeCenter’s management module also uses a modified version of the RSA with an integrated KVM switch to provide access to individual server blades. the RSA II provides an extensive range of remote server management features. Virtual KVM (with logging of last screen before failure). management Tools IBM Director IBM's service processors can accessed with the IM/IMG then managed using IBM Director. UDP/TCP Ethernet connection. an integrated suite of system management tools that enables administrators to locally or remotely track the usage and performance of their server's processors. Secure SSH. Virtual media access. numeric page. It manages the BMC located on the server motherboard. and memory. SlimLine RSA PCI Card Command line & Web interface. SSL & LDAP access Software Model Type Features 3. You can use a local desktop to access and control a remote server.

4. Dell's approach to systems management is to provide inherently manageable. storage.1. networking. Industry standards —Dell champions open standards within the industry because they are the foundation for management systems that can deploy. you can protect your data by configuring data-redundancy. If you have an Array Manager installation and need information on how to migrate from Array Manager to Storage Management. health status monitoring. BMC and Altiris. monitor and upgrade heterogeneous computing environments.0. storage.1 or Dell OpenManage 5. standards-based platforms along with a comprehensive set of standards-based tools for proactive management throughout the computing life cycle. CA Unicenter. Storage Management supports SCSI. change management and more.0 Dell OpenManage™ Server Administrator Storage Management provides enhanced features for configuring a system's locally-attached RAID and non-RAID disk storage. All users of Storage Management should be familiar with their storage environment and storage management. ATA.open manage server administrator 7. Dell systems management solutions and platforms provide the pro-active management information and control functions you need to optimize deployment. Array controller Models . Using Storage Management. You can also perform data-destructive tasks. SATA. • HP. Take Control with Dell Systems Management. fault recovery. The command-line interface is fully-featured and scriptable. Standards also give you greater choice in the selection of your systems management solution. refer to the product documentation prior to Storage Management 2. Dell server. assigning hot spares. Array Manager is no longer an installable option.offerings such as Tivoli. Microsoft SMS and MOM.HP Integrated. "bestin-class" technologies. services and standardized components to provide customers with costeffective broad-based systems management functionality. Storage Management enables you to perform controller and enclosure functions for all supported RAID and nonRAID controllers and enclosures from a single graphical or command-line interface without requiring use of the controller BIOS utilities. and client solutions are designed to help simplify and automate the administration of your technology resources-and to help you control your IT investment. Strong partnerships —Dell partners with industry-leading companies to deliver integrated. The advantages of our interoperable management solutions derive from Dell's commitment to: • • Open manageability —Dell's instrumented clients. providing more flexibility to better meet your specific requirements. printers and network platforms interface seamlessly with most standards-based management tools and consoles. NOTE: Starting with Dell OpenManage 5. or rebuilding failed physical disks. and SAS but not fibre channel. HP OpenView. servers. The graphical interface is wizard-driven with features for novice and advanced users and detailed online help. Dell OSMA: Dell Management Tool (OMSA) .

until now.4. or performance gains. Models Smart Array 6i Controller Battery Backed Write Cache Enabler Smart Array 6i Controller 128MB Battery Backed Write Cache Enabler Option Kit N 346914-B Target Environments The Smart Array 6i Controller offers superior investment protection to the following environments: Non-RAID Current storage operations where. NAS . and performance increases available with entry-level hardware RAID. It can also manage multiple controllers. and initialize the drives attached to the controller. hardware-based fault toleran for protection of OS. The Smart Array 6i controller provides one of th most cost effective alternatives to software-based RAID in the market today. security. manage spares. SAN – Latest Models and how does it work HP Proliant DL585 Storage server 5. 5. and logs. the Smart Array 6i controller and 128MB BBWC Enabler bundle provide increased performance and worry-free transportable battery back write cache data protection for all server internal storage needs. which . the hardware typically has high inter-connection rates between the various storage devices and the software manages monitors and configures the SAN. ACU provides a means to reate /delete Arrays. The DL380 G4 has a second channel for optional duplex backplane support or external tape support. It is generally used to connect all the storage resources connected to various servers.Array 6i HP: HP Smart Array 6i Controller The new Smart Array 6i controller is an Ultra320 intelligent array controller for entry-level. but only one controller at a time. Designed as an integrated component on the system board on select ProLiant DL and BL servers. Dell – 4DC Array controls on HP( Array 6i). Most models have one internal-only channel. there has not been a perceived need for data protection. if present in the System. Dell (4DC) and IBM (ACU) ACU: Array Configuration Utility (ACU) is a DOS-based application for Configuring and managing arrays. without consuming a PCI slot.like ordinary servers . applications. It consists of a collection of SAN Hardware and SAN software. SANs originated to overcome the problems with network attached storage (NAS) devices. efficiency.are difficult to manage and difficult to expand the capacity on.0 SAN A SAN is a dedicated network that is separate from LANs and WANs. Software RAID Current storage operations using software RAID where growing data storage requirements demand the robustness.

Alternatively ISCSI could be used with IP switches. this system now includes a 3-inch LCD Insight Display for readability. 6. It can be used as part of SAN solutions from simple single-switch configurations to larger multi-switch configurations in support of fabric connectivity and advanced business continuity capabilities. cooling and I/O infrastructure needed for today and future tech center environments. upgrades and parts. HP Blade Servers………How it designed HP Blade C7000 servers. Vibrant carries a wide array of Used HP BladeSystems. Used HP Blade C7000 Features Specifications Description Up 16 Half-Height Blades Up to 8 Full Height Blades Device Bays Mixed configurations supported Power Supply Height Single-Phase Model Power Up to 6 x 2250W 10U 6 x IEC-320 C20 2 PCI and 4 shared PCI/EISA slots HP 1Gb Ethernet Pass-Thru Module CISCO Catalyst Blade Switch 3020 GbE2c Ethernet Blade Switch HP 16 port 4Gb FC Pass-Thru Module Brocade 4Gb SAN Switch Ethernet Fibre Channel . The most common form of SAN uses the Fibre Channel fabric protocol (with Fibre Channel switches). The HP Blade System C7000 provides power. A SAN is made up of a number of fabric switches connected in a network.devices also add to the traffic on the network and suffer from the delays introduced by the operating systems' network stacks.and medium-sized businesses with a wide range of SAN capabilities. Designed for easy set-up. IBM Express Model SAN switches Cisco MDS 9124 Express for System Storage The Cisco MDS 9124 Express for System Storage is designed to address the needs of small.

vbs. Scripts – VB Scripts and GPO Scripts – WMS. If that is not possible. onsite 7. objNewUser strUser = "DomGuy2" ' Bind to Active Directory. Even though I am experienced at creating VBScripts. You should run this VBScript on a Windows Active Directory domain. DomGuy2 is not a particularly attractive name. for example: Users . Remote Desktop would be a suitable alternative. However. . 3. Double click Users . Script to Create a User in a Named OU (Organizational Unit) ' Users . WSH scripts Using a LDAP query retrieve the information.3 . Copy and paste the example script below into notepad or a VBScript editor. Instructions for Creating a User Account in Active Directory 1. Decide whether to change the value for strUser. the menus actions help me to rehearse the stages in my scripts.Create("User"). Users container. Based on your requirement you will edit it.co. Example 1 . 5.uk/ ' Version 1. I still run manually through creating the object in Active Directory Users and Computers.vbs ' Sample VBScript to create a User in Users .September 2005 ' ------------------------------------------------------' Option Explicit Dim strUser Dim objRootLDAP. Save the file with a . why introduce extra complications? Especially at the beginning.vbs and check the Users container for strUser. 2. with fewest obstacles. For example. objContainer. If you are a long way from the server. GetObject("LDAP://rootDSE") and .Script to Create a User in Active Directory On this page we concentrate on the essential VBscript commands necessary to build a User account in Active Directory Users and Computers. you could get these scripts to work from an XP machine as a non-administrator. ' Author Guy Thomas http://Computerperformance. you want easy success.Warranty 3-year limited. 4. Prerequisites I recommend that you logon at a Windows Server 2003 domain controller.vbs extension.

understand each component. VBScript Tutorial . My desire is to get you started. then add another section.. for example givenName.Create("User". logon sequence. Note 4: . but clever command. Note 5: When creating or modifying users.SetInfo. in this example sAMAccountName sets the correct property and .Quit ' End of free sample Create Users VBScript. add several other properties. strUser objNewUser. Note 3: sAMAccountName controls the logon name." & _ objRootLDAP. for example OU=Accounts. See how we use "User" not "Computer" or "OU".put method is the equivalent of selecting a box in Active Directory Uses and Computers. this is the name that users should enter in the dialog box after they press the Ctrl Alt Delete. what name will your choose? Instructions for Creating a User Account in a Named OU . Note 6: This script represents 'work in progress'. and most likely. Crucial. Note 2: The simple. the correct syntax is cn=users. I called my OU Accounts. this statement binds WSH / VBScript to Active directory.Put "sAMAccountName". Set objNewUser = objContainer. "cn=" & strUser) objNewUser.Set objRootLDAP = GetObject("LDAP://rootDSE") Set objContainer = GetObject("LDAP://cn=Users. Incidentally.put and . which allows the script to work with any domain is: GetObject("LDAP://rootDSE").SetInfo WScript. . In both cases it represents the final act of creating or modifying the User object.put unloads the value set by strUser.Learning Points Note 1: The first 10 lines explain the purpose of the script and declare the variables.Get("defaultNamingContext")) ' Build the actual User. The next line puts the focus on the Users container. Build the script in stages. whereas OUs that you create need the OU= prefix. invariably you need . The .Create is a method to build an object. Example 2: Script to Create a User in a Named OU (Organizational Unit) Prerequisites Create a new OU.SetInfo is the VBScript equivalent of pressing the OK button in the GUI. as that is where the user will be born. For a real production script you would need to enable the account.

1.Put "givenName".vbs. 4. Users container. My other reason for adding this code is show that the script has executed successfully. and then change to the name of your OU. Set objUser = objContainer. otherwise I just sit and wonder if it has finished yet. Set objRootLDAP = GetObject("LDAP://rootDSE") Set objContainer = GetObject("LDAP://" & strContainer & _ objRootLDAP.Put "sAMAccountName". What this section does is open the Active Directory Users and Users MMC ready for you to inspect the new User account. VBScript Tutorial .Quit ' End of Sample UserOU VBScript. Decide whether to change the value for strUser.vbs extension.Learning Points Note 1: The key difference between the two scripts is: strContainer = "OU=Accounts . 3. However it took me ages to get the speech marks and ampersands (&) just right.September 2005 ' ------------------------------------------------------' Option Explicit Dim objRootLDAP. objShell Dim strUser. "cn=" & strUser) objUser. Note 2: This command looks easy to script: GetObject("LDAP://" & strContainer & _." ' Note the comma ' Bind to Active Directory.". Find the strContainer. strContainer strUser = "BookKeeper21" strName = "Bookie" strContainer = "OU=Accounts .Run "%systemroot%\system32\dsa. objContainer.uk/ ' Version 2. Trace how VBScript applies this variable to set the Organizational Unit. strName. ' Author Guy Thomas http://Userperformance. This optional section is just me having a little fun.vbs and check the Computers container for strComputer.run. . ' UserOU.msc" WScript.Get("defaultNamingContext")) ' Build the actual User. objUser. Save the file with a . Double click ComputerOU. 5. strUser objUser. Copy and paste the example script below into notepad or a VBScript editor.Shell") objShell. Note 3: objShell.vbs ' Sample VBScript to create a User in a named OU.co.Create("User".4 .SetInfo ' Optional section to launch Active Directory Uses and Users Set objShell=CreateObject("WScript. for example: ComputerOU. 2. strName objUser.

The private NIC is used for the Heartbeat communication (Cluster communication). All nodes of the cluster use a Shared Disk – an external disk or disk subsystem which is accessible for all nodes through SCSI (2 Nodes) or Fiber Channel (more than 2 nodes). trace how I added givenName through strName.Note 4: I suggested in Example 1 that you could add other attributes. the Failover process occurs Quorum Drive Configuration Information This article provides information about configuring the quorum drive. Windows 2003 Servers can participate in a cluster configuration through the use of Cluster Services. A cluster can be … • • Active/Active or Active/Passive Microsoft recommends only Active/Passive clusters – I will give you the reason later. . An EVS contains an IP address.If one node in the cluster fails. the active cluster failover to another node which becomes Active. called nodes that function as a single computer/system to provide high availability and high fault tolerance for applications or services. In an Active/Passive cluster . the other computers carry the load so that applications or services are always (with a small interruption) available. Every node has a local Exchange 2003 installation with a unique configuration for every cluster node. One network interface for the cluster communication called the private LAN and one network interface called the public LAN. network name. If the heartbeat fails. If more than two nodes exist in the cluster you have to use a dedicated switch / hub. a Failback can be manually initiated or automatically configured in the Cluster Group properties. The number of cluster nodes supported by Windows 2003 Enterprise and Datacenter is 8 nodes. I suggest that you alter the value from "Bookie" to a more realistic name. Windows Server 2003 Standard and Web Editon doesn’t support a Cluster. An EVS is the logical node that will be used for all cluster operations. This is called Failover. Each Cluster with Exchange 2003 has at a minimum one Exchange Virtual Server (EVS). 8. Clusters – how to connect two nodes Cluster is a group of computers. To see what I mean. You can link a cluster with two nodes with a simple cross link cable. A Heartbeat is much like a ping which can be used to test if the other cluster node is still available. physical disk and an application. All data will be stored on the shared disk or an external disk subsystem (for example Exchange databases). If the failed node is back online. Every cluster node must have two network interfaces. If one member of the cluster (the node) is unavailable.

this size is the minimum required for an efficient NTFS partition. a single resource is designated as the quorum resource. The quorum resource plays a crucial role in the operation of the cluster. and include steps to recover the cluster quorum as well. It is also recommended that you configure some form of fault tolerance at the hardware level to be used for the quorum drive. • It provides physical storage that can be accessed by any node in the cluster. Heavy input/output traffic from another source could interfere with the cluster's ability to write to the disk. Small Computer System Interface (SCSI) disks can use Reserve and Release commands for persistent arbitration. . the cluster may not be available. after System State is restored and the node has been rebooted. Each drive must be formatted as NTFS. Windows 2003 introduces a new quorum resource type called Majority Node Set (MNS). Larger disk sizes are allowable but are not currently needed. How to restore the cluster quorum to a Windows 2000 or Windows 2003 node running Active Directory Details: To restore the quorum to a node that is a domain controller and is running Active Directory. you must configure storage at the hardware level so that the operating system and Cluster service have two separate physical devices for cluster usage. The quorum resource stores data that is critical to recovery after there is a communication failure between cluster nodes. If the quorum resource fails. so the cluster quorum must be restored separately. however.0 4454 (and later) is capable of fully protecting Windows 2003 servers.MORE INFORMATION When you install Microsoft Cluster service. For example. This functionality enables the file system to efficiently locate files that match certain criteria so that sorting and searching processes function faster. It is recommended that you configure the quorum disk size to be 500 MB. However.0 4454. the entire cluster may fail as well.6 or 9. The following steps will allow for restoration of System State. the following disks should be displayed: • Disk 0 (usually drive C) • Disk 1 (quorum) • Disk 2 (data drive) At a minimum. which may cause the quorum resource to fail. Cluster services cannot be running in this mode. A quorum resource can be any resource with the following functionality: • It offers a means of persistent arbitration. only Backup Exec 9. the node must be in Directory Services Restore Mode. in Disk Administrator or Disk Management. In every cluster. such as hardware mirroring or hardware RAID. MNS is tailored for geographically dispersed clusters. you must create at least one physical drive for the quorum disk and a separate physical drive for data. For example. NTFS architecture is structured to enable file attribute indexing on a disk volume. you should not place any input/output (I/O) intensive programs on your quorum drive. Persistent arbitration means that the quorum resource must allow a single node to gain physical control of the node and defend its control. If the quorum drive is lost. Note: The steps outlined below will work for clusters whether using VERITAS Backup Exec (tm) 8.

and then select Directory Services Restore Mode. run clrest. Otherwise. If this is a local restore. 7. under Settings. 1. When the restore has completed. you should use the -f option with the clrest. the pathname is %SystemRoot%\cluster\BackupExec (for Windows 2000) and \windows\repair\bootablesystemstate\clusterdatabase (for Windows 2003). click System State 4. [drive letter] specifies another drive letter for the quorum disk.To restore the cluster quorum to a node running Active Directory: Note: If possible. take the other nodes in the cluster offline before restoring the cluster quorum. On the Backup Exec navigation bar. . Clrest is located in the {drive letter}:\Program Files\Veritas\Backup Exec\NT directory in 9. In the Properties pane.exe command. the drive letter on which the cluster quorum resides will stay the same as it was previously. and/or if the disk signatures do not match and to specify another disk as the quorum disk: clrest path [-f] {drive letter]where [-f] forces the restore to proceed even if other cluster nodes are online and/or the disk signatures do not match. If the nodes cannot be taken offline. Clear the Restore cluster quorum option. explained in step 8. start the computer in safe (repair) mode (restart the computer and then press <F8> when prompted to select an operating system). reboot the target node 8. 2. You can include other options on the command line to force the restore to proceed even if other cluster nodes are online. When this option is selected. To restore System State. Note: Make sure to select in Folder Options to Show Hidden Files if attempting to view the quorum files.0 by default. In the Restore Selections pane. you must also start the Backup Exec services before you restore System State data. Typically. to remain the same. 6. Start the restore operation. even if the configuration has changed and the disk signatures contained in the restore media do not match the disk signatures contained in the cluster quorum. During the restore. If you use this option. the cluster quorum files are copied to the default location %SystemRoot%\cluster\BackupExec.exe from the command line to restore the cluster quorum from the default location to the quorum disk: clrest <path> where path is the complete path to the cluster quorum. click Advanced 5. click Restore 3. the cluster service for any nodes that are online is stopped. A path is required for the clrest command. This option must not be selected. the drive letter on which the cluster quorum resides will be changed to the same drive letter as previously specified. After the reboot is complete. This option also allows the drive letter of the disk that the cluster quorum was on.

thin client computer or mobile device to gain access to desktop applications running on the Citrix MetaFrame Presentation Server. And some corporations use Citrix for disaster-recovery back-up. and complete transaction integrity. Citrix claims to have 120.using this approach in some fashion. continuous service availability. Citrix spares the IT department from having to distribute desktop software on the actual desktop. automated. VMotion allows IT organizations Advantages: • Continuously and automatically allocate virtual machines within resource pools. use the cluster administrator to bring the other cluster nodes online 9. 10. • Improve availability by conducting maintenance without disrupting business operations VMotion is a key enabling technology for creating the dynamic. VMware’s clustered Virtual Machine File System (VMFS) . First. and self-optimizing data center. IT managers said it's not only easier to upgrade desktop applications when they're located on the centralized Citirx server than on the actual desktop. if not for their entire user base. It's done by installing the Citrix "ICA client" on the user's PC.for a total of 50 million ICA clients -. Once the restore of the cluster quorum is completed. Citrix and Meta ware versions CITRIX: Latest version is 4. which is the Citrix specialty.0 The corporate and government IT managers in attendance shared their experiences in running desktop applications on a server. How does it work? Live migration of a virtual machine from one physical server to another with VMotion is enabled by three underlying technologies. Vmware (vmotion) VMware® VMotion™ enables the live migration of running virtual machines from one physical server to another with zero downtime.000 corporations and government customers -. At the Citrix conference.9. the entire state of a virtual machine is encapsulated by a set of files stored on shared storage such as Fibre Channel or iSCSI Storage Area Network (SAN) or Network Attached Storage (NAS). but they see some security advantages in it as well.

has been copied over to the target ESX Server. VMotion suspends the source virtual machine. be quite time consuming. and resumes the virtual machine on the target ESX Server. Exchange If you one day are faced with a relatively large corrupt Mailbox Store. backup application and network speed. the active memory and precise execution state of the virtual machine is rapidly transferred over a high speed network.allows multiple installations of ESX Server to access the same virtual machine files concurrently. allowing the virtual machine to instantaneously switch from running on the source ESX Server to the destination ESX Server. copies the bitmap to the target ESX Server. This entire process takes less than two seconds on a Gigabit Ethernet network. restoring it can. Second. Now the last thing you want to deal with in such a situation is frustrated users (or even worse a yelling CEO!). running virtual machines from one host to another while maintaining continuous service availability. . Once the entire memory and system state ESX Server Hardware ESX Server Hardware VMotion Technology OS OSOSOS App App App VMware VMotion moves live. VMotion keeps the transfer period imperceptible to users by keeping track of on-going memory transactions in a bitmap. depending on things such as backup hardware.

Note: If you’re not familiar with the Recovery Storage Group (RSG) feature. have users connect to a new empty or blank Mailbox Store. instead you can simply restore the Mailbox Store(s) directly to the Recovery Storage Group (RSG) on the respective Exchange Server or any other Exchange 2003 Server in the same Administrative Group. while restoring one or more corrupted Mailbox Stores from the most recent backup. they can even go check out old messages that existed in their mailbox on the Exchange server (if their Outlook client has been configured to use cached mode that is). you can create a dial-tone database and thereby get message flow and mailbox access recovered almost instantly. then merge data from the dial-tone database to the restored Mailbox Store. bear in mind though they have to switch between Online and Offline mode when prompted with the Outlook 2003 Exchange Recovery Mode dialog box.So how can you get your users to calm down (and your CEO to s… up) and get back to work while you concentrate on getting the Mailbox Store back to life? There’s one simple answer and that is. it’s been used with previous versions of Exchange as well. could add several hours to the total recovery time. but now that we have the Exchange Server 2003 Recovery Storage Group (RSG) feature. Creating the Dial-tone Database Alright we’re ready to have the dial-tone database created. Using the Recovery Storage Group feature makes it possible to restore Mailbox Stores without the need to build and use a separate Exchange Recovery Server. I recommend you checkout MS KB article: 824126 . or swap the restored database from the Recovery Storage Group (RSG) to the dial-tone database in the original Storage Group. the method becomes even more attractive when restoring Mailbox Stores within your Exchange messaging environment. This makes it an easy and painless process to merge data from the restored Mailbox Store(s) to the dial-tone database. Using the dial-tone database restore method means that you. By using a dial-tone database your users can start to receive and send mail again. so if it’s not already the case you first need Roles: . Using a separate Exchange recovery Server meant you first had to restore the required Mailbox Store(s) or database to the recovery server. Note: With previous versions of Exchange a dedicated Exchange recovery server was required. then either export the data from the restored database(s) to PST files using Exchange Server Mailbox Merge Wizard (ExMerge) or copy the whole Exchange database from the recovery server to the production server.How to use Recovery Storage Groups in Exchange Server 2003 which does a great job explaining how you can recover Mailbox Stores or individual mailboxes using by restoring a Mailbox Store to the RSG. As an Exchange database often is several gigabytes in size. I’ll also talk more about swapping databases in “Demystifying The Exchange Dial-tone Restore Method (Part 2)”. this meant you typically had to copy large amounts of data over the wire which. The dial-tone restore method is by no means new. I’ll talk more about Outlook 2003 Recovery mode in “Demystifying The Exchange Dial-tone Restore Method (Part 2)”. depending on the network.

Now since RAID10. Technique(s) Used: Block-level striping with distributed parity. which is why RAID5 is so popular. Server Health check. We have a MOM Team. improving write performance slightly and allowing somewhat better parallelism in a multiple-transaction environment. CPU Utilization. though the overhead necessary in dealing with the parity continues to bog down writes. automated services. Like Disk space low issues. Server Availability. Description: One of the most popular RAID levels. like mirroring (RAID1). What is RAID5? OK here is the deal. it will generate the alerts in respective to MOM. DL Creations. All these issues. Fault tolerance is maintained by ensuring that the parity information for any given block of data is placed on a drive separate from those used to store the data itself. Mail Box moments and I am in a part of taking care about the Anti virus bad clients. If you have 10 drives or say 20GB each for 200GB RAID5 will use 20% for parity (assuming you set it up as two 5 drive arrays) so you will have 160GB of storage. RAID 5 and 10? Common Name(s): RAID 5. writing data and parity blocks across all the drives in the array. I am taking care of AD Alert’s and backups. I need to check the backup logs. This intro is just to put things into perspective. RAID 5 stripes both data and parity information across three or more drives. We are using HP OVSD tool to monitor the Queue. Hardware Failures and DNS issues and moreover I can say user creations. backing is completed successfully.Here I am playing a key role Active Directory and Backup Administration. RAID5 uses ONLY ONE parity drive per stripe and many RAID5 arrays are 5 (if your counts are different adjust the calculations appropriately) drives (4 data and 1 parity though it is not a single drive that is holding all of the parity as in RAID 3 & 4 but read on). The performance of a RAID 5 array can be "adjusted" by trying different stripe sizes until one is found that is well-matched to the application being used. uses 1 (or more) mirror drive for each primary drive you are using 50% for redundancy so to get the same 160GB of storage you will need 8 pairs or 16 . It is similar to RAID 4 except that it exchanges the dedicated parity drive for a distributed parity algorithm. . This removes the "bottleneck" that the dedicated parity drive represents. RAID5 versus RAID10 (or even RAID3 or RAID4) First let's get on the same page so we're all talking about apples.20GB drives.

for safety. (Some software RAID5's avoid the re-read by keeping an unmodified copy of the original block in memory.4. To do this it must first read the parity block from whichever drive contains the parity for that stripe block and reread the unmodified data for the updated block from the original drive. Now if a drive in the RAID5 array dies.2. RAID5 reserves one disk block out of each stripe block for parity data. This is why RAID5 became more popular than RAID3 & RAID4 which must synchronously read the same block from all drives together. so writing to RAID5 is up to 50% slower than RAID0 for an array of the same capacity. There used to be confusion about what RAID01 or RAID10 meant and different RAID vendors defined them differently. this is known as RAID01 (because the RAID0 is applied first).5. assuming the defunct drive is not the parity block drive for that RAID block. The difference comes in during recovery where RAID01 suffers from some of the same problems I will describe affecting RAID5 while RAID10 does not. or is shut off data is returned by reading the blocks from the remaining drives and calculating the missing data using the parity. Likewise the parity on Drive1 will be used to repair block 2 and the parity on Drive3 will repair block4. It returns the data block. if Drive2 fails blocks 1. is removed. Performance is degraded further during recovery because all . etc.RAID5 is physically a stripe set like RAID0 but with data recovery included.6 & 7 are data blocks on this drive and blocks 3 and 8 are parity blocks on this drive. So. in effect it is used in combination with the remaining data blocks to recreate any single missing block. which drive the disk block is on and which drive contains the parity block for that RAID block and reads ONLY the one data drive.) Now what is RAID10? RAID10 is one of the combinations of RAID1 (mirroring) and RAID0 (striping) which are possible. For block 2 all the data is safely on the remaining drives but during the rebuilding of Drive2's replacement a new parity block will be calculated from the block 2 data and will be written to Drive 2. If you later modify the data block it recalculates the parity by subtracting the old block and adding in the new version then in two separate operations it writes the data block followed by the new parity block. Note that it takes 4 physical reads to replace the missing disk block (for a 5 drive array) for four out of every five disk blocks leading to a 64% performance degradation until the problem is discovered and a new drive can be mapped in to begin recovery. The innovation of RAID5 over RAID3 & RAID4 is that the parity is distributed on a round robin basis so that There can be independent reading of different blocks from the several drives. gone missing because a drive has failed. In either a RAID01 or RAID10 system each and every disk block is completely duplicated on its drive's mirror. The other option is to create two stripe Sets and mirror them one to the other. About five years or so ago I proposed the following standard language which seems to have taken hold. The parity block contains an error correction code which can correct any error in the RAID5 block. This read-read-write-write is known as the RAID5 write penalty since these two writes are sequential and synchronous the write system call cannot return until the reread and both writes complete. Performance-wise both RAID01 and RAID10 are functionally equivalent. Now when a disk block is read from the array the RAID software/firmware calculates which RAID block contains the disk block. So that means that the parity on Drive5 will be used to recreate the data block from Disk2 if block 1 is requested before a new drive replaces Drive2 or during the rebuilding of the new Drive2 replacement. When N mirrored pairs are striped together this is called RAID10 because the mirroring (RAID1) is applied before striping (RAID0).

Cross realm uses for ticket granting service for cross domain authentication. it is ready to use if the first one fails. . For this reason.Drives are being actively accessed in order to rebuild the replacement drive (see below). Performance is also not as good as some RAID levels. It involves the use of parity information. While mirroring has some advantages and is well-suited for certain RAID implementations. The chief advantage of mirroring is that it provides not only complete redundancy of data. Mirroring setups always require an even number of drives for obvious reasons.25% on average for a 4 pair array as a whole) performance reduction when two non-contiguous blocks are needed from the damaged pair (since the two blocks cannot be read in parallel from both drives) and none otherwise. to provide data protection on a RAID array. Since all the data is on the second drive. because fully 50% of the drives in the array are reserved for duplicate data. Mirroring? Mirroring is one of the two data redundancy techniques used in RAID (the other being parity). Kerberos Authentication: After giving the password at client end checks the time stamp with domain controller of Global catalogue with the use of NTP protocol ( port number 123 ) If the time difference between the DC and client should not be exceed more than 5 mins. and it doesn't improve performance as much as data striping does for many applications. The principle behind mirroring is that this 100% data redundancy provides full protection against the failure of either of the disks containing the duplicated data. all data in the system is written simultaneously to two hard disks instead of one. a different way of protecting data is provided as an alternate to mirroring. which is redundancy information calculated from the actual data values. Mirroring also improves some forms of read performance (though it actually hurts write performance.) The chief disadvantage of RAID 1 is expense: that data duplication means half the space in the RAID is "wasted" so you must buy twice the capacity that you want to end up with in the array. In a RAID system using mirroring. Parity Mirroring is a data redundancy technique used by some RAID levels. it also has some limitations. If a drive in the RAID10 array dies data is returned from its mirror drive in a single read with only minor (6. but also reasonably fast recovery from a disk failure. in particular RAID level 1. It has a high overhead cost. thus the "mirror" concept.

exe: Active Directory Replication Monitor This GUI tool enables administrators to view the low-level status of Active Directory replication. Create your own applications or scripts written in Microsoft Visual Basic Scripting Edition (VBScript) to extract specific data from Active Directory. Display a list of the trust relationships maintained by the domain controller being monitored. 12. view the topology in a graphical format. 4. . After providing the authentication from Kerberos LDAP finishes the logon process with port number 389 Kerberos uses to protocols UDP and TCP with same port number 88. Replmon Replmon. See when a replication partner fails. Force replication. Display replication topology. and detail a record of changes. Poll replication partners and generate individual histories of successful and failed replication events. 3. One is for sends the request to logon and another one sends the permission whether accepting or not. and monitor the status and performance of domain controller replication. force synchronization between domain controllers. 5. and the registry configuration of the server. After that it checks for password which is maintaining in DC if it matches it will start authenticating with domain. 8. 6.After finishing the time stamp matching session ticket with encrypted password and it releases the two tickets with help of KDC ( Key distribution Centre ). View the history of successful and failed replication changes for troubleshooting purposes. 7. Display changes that have not yet replicated from a given replication partner. 2. Trigger the Knowledge Consistency Checker (KCC) to recalculate the replication topology. 11. Find all direct and transitive replication partners on the network. View a snapshot of the performance counters on the computer. Generate status reports that include direct and transitive replication partners. 9. You can use ReplMon to do the following: 1. 10.

can u just give the steps hw do deploy patch in enterprise environment hw to un-install a package if Kerberos fail. the Knowledge Consistency Checker (KCC) manages the replication topology for each naming context held on domain controllers. The primary use of this tool is to monitor replication so that problems such as offline servers or unavailable LAN/WAN connections can be identified. The operations replsummary. Important: During the normal course of operations. showrepl. and to view both the replication metadata and up-to-dateness vectors. is there any other authentication when you need to install DNS server in member servers. Display the metadata of an Active Directory object's attributes. Usually. In addition. 8. and showvector /latency can be used to check for replication problems. Repadmin. Has got 2. which reflect while replication happening how do u see the by using GPO …which software has been installed in the machines hw to install the software package for 500 machines……. what is the use of it Active directory integrated DNS in member server install? 4. 7. in other DC the same OU is getting updated in admin 2 (Lost and found object) what are the two attributes. 6. . 10.13. 1. 9. there is no need to create the replication topology manually. How to conform if the software package deployed using group policy. in one DC one user has been deleted the OU by admin1 ……delete by one administrator.exe: Replication Diagnostics Tool This command-line tool assists administrators in diagnosing replication problems between Windows domain controllers.exe can also be used for monitoring the relative health of an Active Directory forest. Repadmin can be used to manually create the replication topology (although in normal practice this should not be necessary). Incorrect use of this tool can adversely impact the replication topology. 3. Monitor replication status of domain controllers from multiple forests. installed in the user PC. Administrators can use Repadmin to view the replication topology (sometimes referred to as RepsFrom and RepsTo) as seen from the perspective of each domain controller. what will happen. to force replication events between domain controllers. showrepl /csv. 14. 5. Repadmin.

1 offers customers improved Windows component support.0 in the MBSA TechNet pages also apply to MBSA 2.. expanded platform support for XP Embedded and 64-bit Windows.. only one OU you can create and delete …hw the same OU name will come in other machines 3. what the log files and what is the use of log files Answers: 1...gpo is one object in in group policy 4. Legacy Product Support: For customers using legacy products not supported by MBSA 2. The synchronization validates the digital certificates on any downloads to the update server.0. hirarchichy……site and domain and OU….the enterprise environement…. 500……Distribution point(SMS)……. SUS: Microsoft SUS is a free patch management tool provided by Microsoft to help network administrators deploy security patches more easily. Unless specifically noted.hw u will apply……where u will apply 5.0. and WSUS. all references to MBSA 2.1. Microsoft Update.1..password policy……….11. The administrative pages are restricted to local administrators on the computer that hosts the updates..0.1 companion tool called Shavlik NetChk Limited.Package……how to MBSA 2. . and allows information technology professionals to configure a server that contains content from the live Windows Update site in their own Windows-based intranets to service corporate servers and clients. 6.0. If the certificates are not from Microsoft. whats is the GPMC……. diploye…. hw to deployed …. Microsoft SUS is a version of Windows Update that you can run on your network. 7.1 is compatible with Microsoft Update and Windows Server Update Services and the SMS Inventory Tool for Microsoft Update (ITMU). as well as more consistent and less complex security update management experience. In simple terms.0. MBSA 2. the packages are deleted. Software deployment tools are there …SMS …. Shavlik Technologies provides a free MBSA 2. Software Update Services The server features include: • Built-in security.SMs or some other tool…… 2. Software Update Services leverages the successful Windows Automatic Updates service first available in Windows XP. GPMC……….

These are the actual Windows Update download servers. Large networks spread over geographically disparate sites might find it more beneficial to use the Microsoft maintained download servers. you need a separate solution for that. The server is synchronized with the public Windows Update service either manually or automatically. Microsoft maintains a worldwide network of these type servers. • Content synchronization. then point computers requiring updates to one of the Windows Update download servers.0 with Service Pack 1 HERE (33mb) Microsoft SUS Server limitations Though very good as what it does. Although the Software Update Services administrative interface is available only in English or Japanese. In a scenario like this. or pointing computers to a worldwide network of download servers maintained by Microsoft. allowing these critical software updates to be distributed around your enterprise. The administrative interface is Web-based and therefore allows for remote (internal) administration using Internet Explorer 5. The administrator approves the updates before they are made available for download. • Update status logging. • Remote administration via HTTP or HTTPS. Microsoft SUS will allow you to point to another server running Microsoft SUS instead of Windows Update. Download Software Update Services Server 1. Because you may need multiple servers running Microsoft SUS inside your corporation in order to bring the updates closer to your desktops and servers for downloading. an administrator would download and test updates at a central site. and whether the updates have been installed. Alternatively.• Selective content approval. Updates synchronized to your server running Software Update Services are not made automatically available to the computers that have been configured to get updates from that server. • Server-to-server synchronization. the server supports the publishing of updates to multiple operating-system language versions. These statistics are sent using the HTTP protocol and appear in the log file of the Web server. This allows the administrator to test the packages being deploying them. • Multi-language support. the administrator can use the Synchronize Now button to manually synchronize. You can specify the address of a Web server where the Automatic Updates client should send statistics about updates that have been downloaded. Downloading updates might appeal to an administrator with a network closed to the Internet. Microsoft’s patch management tool does have a few limitations: • It does not push out service packs. • Update package hosting flexibility. .5 or higher. Administrators have the flexibility of downloading the actual updates to their intranet. Administrators can configure the list of languages for which they want updates downloaded. The administrator can set a schedule or have the synchronization component of the server do it automatically at preset times.

Microsoft SUS server is ideal for operating system patches if used in conjunction with a patch management tool. so you cannot check if everything has been installed correctly. etc. to download updates to the computer. If multiple updates are being installed and one of them requires a restart. but not application patches such as Microsoft Office. • It requires Windows 2000 and up. Automatic Updates is a proactive pull service that enables users with administrative privileges to automatically download and install Windows updates such as critical operating-system fixes and Windows security patches. Before installing a downloaded update. so it cannot patch Windows NT 4 systems. an innovative bandwidth-throttling technology built into Windows XP and newer operating systems. Microsoft Exchange Server. Read more on how to overcome SUS's limitations by using a 3rd party tool called GFI LANguard Network Security Scanner. This prevents unauthorized users from tampering with the installation of critical updates. This bandwidth-throttling technology uses only idle bandwidth so that downloads do not interfere with or slow down other network activity. Microsoft does not plan to add the above features. • • • . • It cannot deploy custom patches for third party software. Chained installation: Automatic Updates uses the Windows Update technologies to install downloaded updates. The client is based on the Windows Automatic Updates technology that was significantly updated for Windows XP.• It only handles patches at operating system level (including Internet Explorer and IIS). Windows Automatic Update Client To use SUS on your network you will need to use the Windows Automatic Update Client. Automatic Updates installs them all together and then requests a single restart. Automatic Updates verifies that Microsoft has digitally signed the files. Microsoft SQL Server. The features include: • Built-in security: Only users with local administrative privileges can interact with Automatic Updates. such as Internet browsing. since it promotes Microsoft SMS server as a tool for that. Background downloads: Automatic Updates uses the Background Intelligent Transfer Service (BITS). This means that you still require a patch management solution to perform the above tasks. There is no easy reporting system for this. So. Just-in-time validation: Automatic Updates uses the Windows Update service technologies to scan the system and determine which updates are applicable to a particular computer. • It does not allow you to scan your network for missing patches.

Download Windows automatic updating (SUS Client) HERE (1mb) Administrator Control via Policies The Automatic Updates behavior can be driven by configuring Group Policy settings in an Active Directory environment. Administrators can use Group Policy in an Active Directory environment or can configure registry keys to specify a server running Software Update Services. Otherwise. termed a key distribution center (KDC). The Software Update Services installation package includes a policy template file. which contains the Group Policy settings described earlier in this paper. which means that it displays different UI depending on which administrative user is logged on. which consists of two logically separate parts: an Authentication Server (AS) and a Ticket Granting Server (TGS). It makes use of a trusted third party.• • • Multi-user awareness: Automatic Updates is multi-user aware. Manageability: In an Active Directory environment. an administrator can configure the behavior of Automatic Updates using Group Policy. Kerberos works on the basis of "tickets" which serve to prove the identity of users. an administrator can remotely configure Automatic Updates using registry keys through the use of a logon script or similar mechanism. WUAU. 8. Computers running Automatic Updates then use this specified server to get updates. These settings can be loaded into Group Policy Editor for deployment. and will be included in the Windows Server 2003 family. . eliminating the need to download the client component separately. This update applies to the following operating systems: • • • • • Windows Windows Windows Windows Windows 2000 Professional with Service Pack 2 2000 Server with Service Pack 2 2000 Advanced Server with Service Pack 2 XP Professional XP Home Edition Note: Windows 2000 Service Pack 3 (SP3) and Windows XP Service Pack 1 (SP1) include the Automatic Updates component. and in Windows XP Service Pack 1.ADM. Multi-language support: The client is supported on localized versions of Windows. NTLM System Login Process: Kerberos uses as its basis the Needham-Schroeder protocol. These policies are also included in the System.adm file in Windows 2000 Service Pack 3.

and this becomes the secret key of the client. Client Authentication Steps: 1. the KDC generates a session key which they can use to secure their interactions The security of the protocol relies heavily on participants maintaining loosely synchronized time and on short lived assertions of authenticity called Kerberos tickets. Note: Neither the secret key nor the password is sent to the AS. TGT = Ticket Granting Ticket Briefly. In more detail: User Client-based Logon Steps: 1. If it is. the client authenticates to AS using a long-term shared secret and receives a ticket from the AS. each entity on the network — whether a client or a server — shares a secret key known only to itself and to the KDC. client network address. Later the client can use this ticket to get additional tickets for SS without resorting to using the shared secret. Knowledge of this key serves to prove an entity's identity. o Message B: Ticket-Granting Ticket (which includes the client ID. The client performs a one-way function on the entered password. What follows is a simplified description of the protocol.The KDC maintains a database of secret keys. Sample message: "User XYZ would like to request services". ticket validity period. For communication between two entities. 2. The AS checks to see if the client is in its database. the AS sends back the following two messages to the client: o Message A: Client/TGS session key encrypted using the secret key of the user. The following abbreviations will be used: • • • • AS = Authentication Server TGS = Ticket Granting Server SS = Service Server. These tickets can be used to prove authentication to SS. and the client/TGS session key) . 2. The client sends a cleartext message to the AS requesting services on behalf of the user. A user enters a username and password on the client.

It decrypts message B using the TGS secret key. o Message G: a new Authenticator. o Message F: Client/server session key encrypted with the client/TGS session key. o Message D: Authenticator (which is composed of the client ID and the timestamp). encrypted using the client/TGS session key. which includes the client ID. client network address. This gives it the "client/TGS session key". Client Service Request Steps: 1. This session key is used for further communications with TGS. Upon receiving messages C and D. Upon receiving messages E and F from TGS. it decrypts message A to obtain the client/TGS session key.) At this point. When requesting services. the client has enough information to authenticate itself to the TGS. as it is encrypted using TGS's secret key. the TGS retrieves message B out of message C. Once the client receives messages A and B. the TGS decrypts message D (Authenticator) and sends the following two messages to the client: o Message E: Client-to-server ticket (which includes the client ID. The client connects to the SS and sends the following two messages: o Message E from the previous step (the client-to-server ticket. . 2. encrypted using service's secret key). timestamp and is encrypted using client/server session key. the client has enough information to authenticate itself to the SS. validity period and Client/server session key) encrypted using the service's secret key. Client Service Authorization Steps: 1. (Note: The client cannot decrypt Message B.encrypted using the secret key of the TGS. the client sends the following two messages to the TGS: o Message C: Composed of the Ticket-Granting Ticket from message B and the ID of the requested service. Using this key. 3.

3.1502 and 1503 For SMB erros event id:1058 and in 2000 id 1000 solution: 1. encrypted using the client/server session key. This can be mitigated by using multiple Kerberos servers. If so. then the client can trust the server and can start issuing service requests to the server. When the Kerberos server is down. no one can log in. The client decrypts the confirmation using the client/server session key and checks whether the timestamp is correctly updated. a compromise of that server will compromise all users' secret keys. 2. and then click OK. In practice. type regedit. Network Time Protocol daemons are usually used to keep the host clocks synchronized. On the domain controller. Since the secret keys for all users are stored on the central server. The administration protocol is not standardized. Locate and then click the following registry subkey: . Drawbacks • • Single point of failure: It requires continuous availability of a central server.1501. The SS decrypts the ticket using its own secret key and sends the following message to the client to confirm its true identity and willingness to serve the client: o Message H: the timestamp found in client's recent Authenticator plus 1. The tickets have time availability period and. Kerberos requires the clocks of the involved hosts to be synchronized. if the host clock is not synchronized with the clock of Kerberos server. • • Group policies successive event id 1704 For GPUpdate events: 1500.2. 4. and differs between server implementations. Password changes are described in RFC 3244. the authentication will fail. The server provides the requested services to the client. The default configuration requires that clock times are no more than 10 minutes apart. click Run. click Start.

8. Note In Windows 2000 Server. 11. If the Sysvol share does not open. and then click OK. Do not restart the domain controller. 10. In the right pane. type 1 in the Value data box. c. Double-click requiresecuritysignature. 7. double-click enablesecuritysignature. Locate and then click the following registry subkey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanworkstation\ parameters 6. To do this. and then configure the SMB signing policy settings. 9. To do this. and then click OK. type 0 in the Value data box. After you change these registry values. . double-click Microsoft network server: Digitally sign communications (always). and then click Security Options. After you connect to the Sysvol share on each domain controller.HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanserver\param eters 3. restart the Server and Workstation services. type \\Server_Name\Sysvol. In the left pane. click Run. double-click enablesecuritysignature. and then press ENTER. and then click OK. and then click Domain Controller Security Policy. Open the domain controller’s Sysvol share. type 1 in the Value data box. repeat steps 1 through 8. 4. click Start. point to Administrative Tools. expand Local Policies. type 1 in the Value data box. In the right pane. and then click OK. the equivalent policy setting is Digitally sign server communication (always). In the right pane. Click Start. 5. Double-click requiresecuritysignature. b. open the Domain Controller Security Policy snap-in. follow these steps:a. because this action may cause Group Policy to change the registry values back to the earlier values. point to Programs. Repeat steps 1 through 9 on each affected domain controller to make sure that each domain controller can access its own Sysvol share.

j.Important If you have client computers on the network that do not support SMB signing. Click to clear the Define this policy setting check box. Click to select the Define this policy setting check box.microsoft. f. g. i. follow these steps:a. To do this. If you enable this setting. and then click OK. e. and then click OK. and then click Enabled. Double-click Microsoft network server: Digitally sign communications (if client agrees). h. Run the Group Policy Update utility (Gpupdate. For example. Click Start. set this policy to disabled. Click to clear the Define this policy setting check box. Note For Windows 2000 Server. Click OK. and then click OK.com/kb/298444/) A description of the Group Policy Update utility . you must not enable the Microsoft network server: Digitally sign communications (always) policy setting. and then press ENTER. 12. For more information about the Group Policy Update utility. k. type cmd. and then click OK. At the command prompt. Click to select the Define this policy setting check box. click the following article number to view the article in the Microsoft Knowledge Base: 298444 (http://support.exe) with the force switch. b. Double-click Microsoft network client: Digitally sign communications (if server agrees). and client computers that do not support SMB signing will not be able to connect to other computers. you require SMB signing for all client communication. type gpupdate /force. d. clients that are running Apple Macintosh OS X or Microsoft Windows 95 do not support SMB signing. Double-click Microsoft network client: Digitally sign communications (always). the equivalent policy setting is Digitally sign server communication (when possible). click Enabled. click Run. If your network includes clients that do not support SMB signing.

For example. and then type the following at the commmand prompt: gpresult /scope computer /v . the domain controller logs Event ID 1704. open the Resultant Set of Policy (RSoP) snap-in in Windows Server 2003. For more information about using the Secedit command in Windows 2000. if the Microsoft network client: Digitally sign communications (if server agrees) policy is configured as "Not Defined" in Domain Controller Security Policy. To start the RSoP snap-in. the SMB signing settings are located in the following path: Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options Note If you are running Windows 2000 Server. check the application event log to make sure that the Group Policy settings were updated successfully. In Windows 2000. After you run the Group Policy Update utility. click Start. 15. If the registry values have changed after you run the Group Policy Update utility. and then click OK. 14. In the RSoP snap-in.com/kb/227302/) Using SECEDIT to force a Group Policy refresh immediately 13. After a successful Group Policy update. SMB signing will be disabled for the Workstation service. click Run. click the following article number to view the article in the Microsoft Knowledge Base: 227302 (http://support. Note This step makes sure that a conflicting policy setting is not applied at another group or organizational unit (OU) level.msc in the Open box. install the Group Policy Update utility from the Windows 2000 Resource Kit. type rsop. the equivalent command is secedit /refreshpolicy machine_policy /enforce. This event appears in the Application Log in Event Viewer. The source of the event is SceCli.Note The Group Policy Update utility does not exist in Windows 2000 Server. but this same policy is configured as disabled in Domain Security Policy. Check the registry values that you changed in steps 1 through 7 to make sure that the registry values have not changed.microsoft.

the Applied Group Policy Objects list appears. Check the SMB signing policy settings for all these Group Policy objects. . This list shows all Group Policy objects that are applied to the computer account.After you run this command.