Shulou(Shulou.com)06/02 Report--

011. Introduction and installation

Four versions of windows server 2003: web, standard, enterprise, datacenter

Web version: suitable for building websites, supporting the latest web service specifications, such as XML, upgrading the version of IIS, and technical support for Microsoft NetAsp; provides management of web sites from remote clients through browsers. Web version of the computer cannot act as a domain controller. (DC); this version supports 2 CUP and 2G memory.

Standard (Standard Edition): build low-level network servers; suitable for networks of all sizes, providing a variety of network services, including file, print and database services; this version is upgraded from windows 2000 server version with simple hardware environment requirements; this version supports four CPU and 4G memory.

Enterprise (Enterprise Edition): contains all the features of the standard version, supports clustering, and is divided into 32-bit version and 64-bit version. The 32-bit version is used on Inter X86 PCs, supporting 8 CPU,32G memory and 8-node clusters. The 64-bit version, which is for Inter Itanium servers, supports 8 CPU,64G memory and supports 8-node clusters; this version is upgraded from windows 2000 adranced edition server.

Installation version selection: set up a web server; build a small network and design to the standard version for network management; build an enterprise version for medium-sized enterprise network; set up a large network server, mainly for data management data center version.

Advantages of windows server 2003: reliable, efficient and economical networking

Installation environment: DOS/WINDOWS

Installation media: CD-ROM/ hard disk / network

Installation type: upgrade installation / new installation

Installation method: interactive / unmanned

012, users and groups

Windows Network Test tool: ipconfig computer IP configuration Information

Ipconfig / all details

Name interpretation

Host name Hostnam

Ethernet adapter locally connected network card type and name

Connection-specific DNS suffix connection specified DNS suffix

Desription network card model

Physical address Nic physical address or MAC address

Whether dhcp enabled enables the DHCP feature

IP address IP address

Subnet mask subnet mask

Default gateway Gateway

DNS server DNS server

Ping test network connectivity network normal timeout host is unreachable

Tracert probe routing program, you can see that the data to the destination through the route hop default to 30 tracert followed by ip address.

Whoami / user / groups displays information about user groups

The at command is scheduled to run commands and programs at a specific time, and the scheduling service task scheduler must already be running. Example: at 9:28 c:\ 123bat command line at 9:24 / interctive ntbackup application

Local user account: the local account is stored in the SAM on the local computer; the local account can and only log in to the local computer; the local account can be managed by groups of local users in computer management; the local account is mainly used in the workgroup environment.

Use local groups: when a user joins a group, the user inherits all the permissions that the group has; a user account can join multiple groups at the same time; in some cases, groups can be added to other groups. or the group contains groups.

Built-in group: (1) administration members of this group have full control over the server and can assign user rights and access control rights to other users. The administrator account administrator is the default member of this group. (2) backup operation members who join the group can back up and restore all files on the server, regardless of whether these files are set with permissions or not. (3) guests members of this group have a temporary profile created when logging in, which will be deleted when logging out. The guest account (disabled by default) is also the default member of the group. (4) network configuration operators members of this group can change TCP/IP settings and update and publish TCP/IP addresses. (5) power users this group has the right to create user accounts and group accounts. Users can be deleted or deleted in power user group, users group and guests group, but administration group members can not be managed, and shared resources can be created and managed. (6) print operators members of this group can manage printers. (7) user members of this group can perform common tasks, such as running applications, using local and network printers, and locking down servers. Users cannot share directories or create local printers.

013 、 NTFS

File system introduction: the file system is used by the operating system to clarify the file method and data structure on the disk or partition, that is, the method of organizing files on the disk.

Disk structure: the sector is the smallest physical storage unit of the disk, with a size of 512B, but because the operating system cannot address a large number of sectors, the operating system combines the adjacent sectors together to form a cluster, and then manages the cluster. Each cluster can include 2, 4, 8, 16, 32, or 64 sectors. Cluster is the logical concept used by the operating system and the smallest storage unit.

Some common file systems: FAT (file allocation table file allocation table); NTFS (new techonlogy fiel system); EST2 EXT3 (used in linux systems).

NTFS Overview: permissions can be set; better scalability makes it possible to expand to large drives; compression saves disk space; file encryption greatly enhances security; disk quotas can be used to monitor the amount of disk space that can be controlled by a single user.

Obtain the NTFS file system: format the disk and select the NTFS file system when formatting; convert the FAT file system to the NTFS file system convert eVERV hand fsgroup NTFS; use third-party software, such as the partition master software.

NTFS permissions: a security tab is added to the file or folder properties, where there is an access control list and access control entry; only users or groups that have been granted permission can access it.

File permission type:

Read: displays the contents of the file; displays file properties, owners, and permission assignments.

Write: you can overwrite the file, change the properties of the file, view the owner and permissions of the file, etc., and have this permission to overwrite the entire file but not change the data of the file.

Read and run: have permission to file and to run the application.

Modify: you can change the data of the file, delete the file, and have write and read and run permissions.

Full control: have all NTFS permissions, modify permissions and take ownership rights

Folder permission type:

Read: displays files and subfolders in the folder; displays folder properties, permission assignments, and the owner of the folder.

Write: create files and subfolders in the folder; change folder properties; display the owner and permission assignment of the folder.

List folder directories: displays the names of files and subfolders in the folder, also known as traversal.

Read and run: this permission is basically the same as the permission to list folder directories, except that the permission is inherited. The permissions to list folder directories are inherited only by folders, while reading and running can inherit both folders and files.

Modify: modify the name of the file and delete the name of the file and delete the folder with write, read and execute permissions.

Full control: have all NTFS folder permissions. You can modify and take ownership of the folder.

Combination of permissions:

Permission accumulation: if uesr belongs to two groups A (read permission) B (write permission), then user has read and write permissions.

Deny permission first: if user belongs to two groups A (read permission) B (deny permission), then user will be denied.

The permissions of the file override the permissions of its parent folder: if user has read permission to folder an and full control over its child file b, then user has complete control over the file b.

Special permissions (permissions that have nothing to do with the file or folder data itself): read permissions; change permissions; take ownership.

Get the ownership of the asking price or folder: if you refuse the administrator to manage the folder established by other users, you can take ownership and then manage it.

Permission inheritance: the newly created group folders and files inherit the permissions of the higher-level directory; the files or files under the root directory inherit the permissions of the drive; you can refuse to inherit the superior permissions; you can force the permissions to inherit downward.

Denial of permission:

Deny users: users will not be able to access

Deny group: none of the members of the group can access

The impact of the move and copy operation queue on file permissions: when you copy files and folders, inherit the permission settings of the destination folder; when the same partition moves or files, the permissions remain the same; when different partitions move files or folders, inherit the permission settings of the destination folder.

Compression of files and folders: NTFS file system files and folders are compressed; compressed files can save disk space; compression and encryption can only choose one; use color to distinguish compressed files (folders) blue; reduce performance.

Copy the impact of movement on compression: move the compressed file or folder to another folder, and keep the file compressed after the same partition is moved, otherwise follow the compressed state of the target folder. When you copy a file to another folder, the file follows the compression properties of the destination folder. If you copy the compression question to the FAT file system, it will be decompressed automatically.

Encryption of files and folders

1. EFS introduction: file-level or folder-level protection based on public key; provide encryption for NTFS partitions; and enable file recovery by the designated EFS recovery agent.

2, features: run in the background, only allow authorized user access, automatic decryption, save encryption; the administrator can be used as a recovery agent to access data; provide built-in data recovery support function; at least one recovery agent, you can specify multiple agents, the agent requires EFS recovery agent certificate.

3. Encrypt and decrypt folders or files: the files encrypted with the public key can only be accessed by authorized users, and the recovery agent can decrypt them; with other users, they cannot be decrypted even if the ownership relationship is changed; only files or folders on NTFS volumes can be encrypted; if the encrypted price is copied or moved to a non-NTFS file system, the file will be decrypted automatically Encrypted folders or files do not prevent files from being deleted or listed or files and directories are listed; colors distinguish between green.

Disk quotas: disk quotas can be used to limit users' use of disk space; they must be implemented on the NTFS file system; administrator group members are not restricted.

014. Advanced sharing

Shared folder: a file share that will be stored on the local computer so that other users on the network can access it.

Advantages: convenient and fast; not limited by the number and size of files; update synchronization.

Condition: administrator group or power uwer group

Create a shared folder net share abc=c:\ an abc share name an original file name

Delete shared folder net share abc / del

Connect to a shared folder-use a network neighbor: a network neighbor can access a shared folder on the server; by browsing; a network neighbor automatically creates a shortcut.

Map drives: for frequently used shared folders, you can map them to network drives; when mapping drives, you can enter a user name and password to access the shared folder.

UNC path: you can quickly access the shared folder through the UNC path; use\\ server name\ share name\ IP address; you can also enter the UNC path in the explorer's address bar.

Create a hidden shared folder: as long as the share name is followed by a special symbol $, it becomes a hidden share

Ways to access hidden shared folders: map network drives; use UNC paths.

Administrative shared folders are shared folders automatically established by the operating system for special purposes.

Every disk drive

Directory where the operating system is located

IPC sharing

Printer driver sharing

Overview of share permissions

Read: view file contents and properties; view file name and folder name; run the program.

Change: create files and folders; modify file contents; delete files and folders.

Full control: including read and change permissions; allows NTFS permissions for files and folders to be modified.

Configure shared file permissions

Configure share permissions

Default is everyone read

You can add other users and groups

Share permissions and NTFS permissions

Share permissions are valid only for users who access through the network

NTFS permissions are valid for both local and network users

If the shared folder exists on the NTFS file system, also consider NTFS permissions

If both permissions exist, the strictest permissions are valid

The concept of offline folders

With offline files, you can continue to use network files and programs even if you are not connected to the network.

If you disconnect from the network or remove the laptop, the view of the shared network resources designated as available offline is exactly the same as the previous connection to the network.

Shadow copy concept

Shadow copies of shared folders provide point-in-time copies of files in shared resources.

Through the shadow copy of the shared folder, you can view the shared files that existed in the past

Apply a shadow copy

When the storage area limit is reached, the earliest shadow copy will be deleted and cannot be retrieved.

A maximum of 64 shadow copies are stored per volume. When this limit is reached, the earliest shadow copy is deleted and cannot be restored.

The shadow copy is read-only and cannot be edited.

Shadow copies of shared folders can only be enabled on one volume at a time.

Distributed file system (DFS)

DFS is not a file system, it is a client / server mode network service on windows 2003 servers. It can organize different file shares on different computers in the local area network into a logical hierarchical directory structure according to its functional mode. System administrators can take advantage of distributed file systems (DFS) to make it easier for users to access and manage files that are physically distributed across the network. With DFS, you can make files distributed on multiple servers appear in front of users as if they were in a location on the network. Users no longer need to know and their actual physical location when accessing files.

Server load balancing function

You can put the pages of a website into multiple servers at the same time. When multiple users want to browse the pages within the site, DFS will avoid reading pages from the same server centrally. He will read pages from different servers to different users, so he can spread the burden to different servers.

Ensure that the user can read the file

When a user wants to browse the web page of a website, even if one server fails, DFS can still read the web page that the user needs from other normal servers. So it can be said that DFS provides fault tolerance.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.