MCSE Core Required Exams in a Nutshell By William R. Stanek ...............................................

  Publisher: O'Reilly Pub Date: May 2006 Print ISBN-10: 0-596-10228-3 Print ISBN-13: 978-0-59-610228-9 Pages: 736

  

Written by the premier author in Windows administration, William Stanek, and addressing

the needs of Windows 2003 administrators preparing for the Microsoft Certified Systems

Engineer (MCSE) exams, MCSE Core Required Exams in a Nutshell is invaluable. With the

recent revisions of the MCSE exams including simulations, success is even more difficult.

Not only does this book provide the resources administrators need to succeed on the

exams, but to succeed in the real world as well. They can think of this book as the notes

they would have highlighted and then recorded for every essential nugget of information

related to the skills measured in Exams 70-290, 70-291, 70-293, and 70-294 (and by association Exams 70-292 and 70-296). To begin with, MCSE Core Required Exams in a Nutshell allows readers to see all of the topics expected for mastery in each of the exams. Then, each exam is covered in three parts: Exam Overview, Study Guide, and Test Your Knowledge sections. This makes for easy reference and a great study aid. The Exams covered include:

  EXAM 70-290: Managing and Maintaining a Microsoft Windows Server 2003 Environment

EXAM 70-291: Implementing, Managing, and Maintaining a Microsoft Windows Server 2003 Network Infrastructure EXAM 70-293: Planning and Maintaining a Microsoft Windows Server 2003 Network Infrastructure EXAM 70-294: Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure a valuable reference to core Windows administration skills.

  MCSE Core Required Exams in a Nutshell By William R. Stanek ...............................................

  Publisher: O'Reilly Pub Date: May 2006 Print ISBN-10: 0-596-10228-3

Print ISBN-13: 978-0-59-610228-9

Pages: 736

  

  

  

  

  

  MCSE Core Required Exams in a Nutshell, Third Edition

  by William R. Stanek Copyright © 2006, 2000, 1998 O'Reilly Media, Inc. All rights reserved.

  Printed in the United States of America. Published by O'Reilly Media, Inc., 1005 Gravenstein Highway North, Sebastopol, CA 95472.

  O'Reilly books may be purchased for educational, business, or sales promotional use. Online editions are also available for most titles ( . For more information, contact our corporate/institutional sales department: (800) 998-9938 or

   .

  Editor: Jeff Pepper Production Editor: Mary Brady Copyeditor: Mary Brady Proofreaders: Laurel Ruma and Adam Witwer Indexer: Ellen Troutman-Zaig Cover Designer: Ellie Volckhausen Interior Designer: David Futato Illustrators: Robert Romano and Jessamyn Read Printing History:

  June 1998: First Edition. (Originally published as MCSE: The

  Core Exams in a Nutshell.)

  March 2000: Second Edition. (Originally published as MCSE:

  The Core Exams in a Nutshell.) May 2006: Third Edition.

  Nutshell Handbook, the Nutshell Handbook logo, and the O'Reilly logo are registered trademarks of O'Reilly Media, Inc. The In a Nutshell series designations, MCSE Core Required

  Exams, the image of an elephant, and related trade dress are trademarks of O'Reilly Media, Inc.

  Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks. Where those designations appear in this book, and O'Reilly Media, Inc. was aware of a trademark claim, the designations have been printed in caps or initial caps.

  While every precaution has been taken in the preparation of this book, the publisher and author assume no responsibility for errors or omissions, or for damages resulting from the use of the information contained herein.

  ISBN: 0-596-10228-3 [M]

  Preface

  Welcome to MCSE Core Required Exams in a Nutshell. As the author, I designed this book for IT professionals looking to complete their Microsoft Certification. Microsoft offers multiple certification tracks and as an administrator or engineer, the tracks you'll be most interested in are:

  Microsoft Certified Professional (MCP)

  Entry-level certification track. To become an MCP, you need to pass only one current Microsoft certification exam.

  Microsoft Certified Systems Administrator (MCSA)

  Intermediate certification track for experienced administrators. To become an MCSA, you must pass three core exams and one elective exam.

  Microsoft Certified Systems Engineer (MCSE)

  Advanced certification track for experienced administrators with strong engineering backgrounds. To become an MCSE, you must pass six core exams and one elective exam. Taken appropriately, the certification tracks can measure the progress of your IT career from beginner to pro. Or, for those already experienced, the certification tracks can be a measure of your progress through the process of getting your professional credentials. Regardless of your certification plans, the exam I recommend studying for and taking first is Exam

  

70-290: Managing and Maintaining a Microsoft Windows Server

2003 Environment. When you pass this exam, you will get your

  MCP credentials. The next exam I recommend studying for and taking is Exam

  70-291: Implementing, Managing, and Maintaining a Microsoft Windows Server 2003 Network Infrastructure. When you pass

  this exam, you will have completed the two required networking systems exams for MCSA certification. To complete MCSA certification, you will need to complete a client operating system exam and an elective exam.

  Exams 70-290 and 70-291 are also two of the four required networking system exams for MCSE certification. The other two required networking system exams are Exam 70-293: Planning

  and Maintaining a Microsoft Windows Server 2003 Network Infrastructure and Exam 70-294: Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

  Exams 70-290, 70-291, 70-293, and 70-294 are covered in this book. This book also covers Exam 70-292: Managing and

  Maintaining a Microsoft Server 2003 Environment for an MCSA Certified on Windows 2000 and Exam 70-296: Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Environment for an MCSE Certified on Windows 2000.

  If you are a current MCSA on Windows 2000, you need to pass Exam 70-292 to upgrade your certification to Windows Server 2003. If you are a current MCSE on Windows 2000, you need to pass Exam 70-292 and Exam 70-296 to upgrade your certification to Windows Server 2003. These exams are designed to cover the delta (changes) between Windows 2000 and Windows Server 2003. As such, Exam 70-292 covers a subset of the objectives on Exam 70-290 and Exam 70-291.

  Exam 70-296 covers a subset of the objectives on Exam 70-293 and Exam 70-294.

  The focus of this book is on providing the core knowledge to prepare you for the current certification exams, which include performance-based testing through simulation. This book is meant to be used as part of your final preparationand not as your only preparationfor the exams. Think of this book as the notes you'd have written down if you were to highlight and then record every essential nugget of information related to the skills being measured in Exams 70-290, 70-291, 70-293, and 70-294 (and by association, Exams 70-292 and 70-296). Basically, what I've done is boil down the required knowledge to its finest core. So, rather than having 500700 pages covering each exam, there's approximately 150 pages for each. With this in mind, the best way to use this book is as part of your final review. So, after you've built sufficient hands-on expertise and studied all the relevant texts, grab this book and study it cover to cover as part of your final exam cram.

  Tip: Unless you have access to a very complete test environment, I recommend employing some type of virtual

machine technology as part of your exam preparation. Microsoft

offers Virtual PC and Virtual Server. Virtual PC lets you configure desktops and servers and run them in a virtual network environment. Virtual Server builds on Virtual PC and offers better resource use and extended APIs for automated deployment and management. Because Virtual Server 2005 supports two-node clustering between virtual machines on the same Virtual Server host computer and uses a virtual shared

SCSI bus to implement the quorum device, you can implement

and test software failover between clustered virtual machines. Clustering is a skill measured in Exam 70-293.

  Conventions Used in This Book

  Each part in this book corresponds to a single Microsoft exam and consists of the following sections:

  Exam Overview

  Provides a brief introduction to the exam's topic, a list of objectives, and a cross reference to where the objectives are covered. For those studying for Exams 70-292 or 70- 296, callouts are provided to point out the related objectives.

  Study Guide

  Provides a comprehensive study guide for the skills being measured on the exam. This section should be read through and studied extensively. If you encounter topics you haven't practiced and studied enough prior to reading this text, you should do more hands-on work with the related area of study and refer to an expanded discussion in a relevant text. Once you've built the real-world know-how and developed the essential background needed to succeed, you can resume your studies and move forward.

  Prep and Practice

  Provides exercises and practice questions to help test your knowledge of the areas studied. Sample solutions and answers are provided with explanations where necessary. The following font conventions are used in this book: Constant width

  Used for code terms, command-line text, command-line options, and values that should be typed literally.

  Constant width italic

  Indicates text that should be replaced with user-supplied values.

  Italics

  Used for URLs, variables, filenames, and to introduce new terms.

  Tip: Notes are used to provide additional information or highlight a specific point.

  Warning: Warnings are used to provide details on potential problems.

  Other Study Resources

  There is no single magic bullet for passing the Microsoft Certification exams. Your current knowledge will largely determine your success with this study guide and on the exams. If you encounter topics you haven't practiced and studied extensively prior to reading this text, you need further preparation. Get the practical hands-on know-how and knowledge before continuing.

  Throughout your preparations for certification, I recommend that you regularly visit the Microsoft Certifications page ( . The related pages will help you keep up-to-date with the certification process and any changes that may occur. There are a wide variety of Microsoft Certification study guides, training classes, and learning resources available. Regardless of whether these materials say they are for MCPs, MCSAs, or MCSEs, the materials should relate to specific exams. The exams are the same regardless of the certification track.

  Also, a large number of practice tests and exam simulations are available for purchase and for free on the Web. These tests, like this book, are useful as part of your exam preparation.

  How to Contact Us

  The good folks at O'Reilly and I tested and verified the information in this book to the best of our ability, but you may find that features have changed (or even that we have madegasp!mistakes). To make this book better, please let us know about any errors you find, as well as your suggestions for future editions, by writing to:

  O'Reilly Media, Inc. 1005 Gravenstein Highway North Sebastopol, CA 95472 800-998-9938 (in the United States or Canada) 707-829-0515 (international or local) 707-829-0104 (fax) O'Reilly has a web page for this book, where errata, examples, and any additional information is listed. You can access this page at:

  

  To comment or ask technical questions about this book, send email to:

  

  For more information about our books, conferences, Resource Centers, and the O'Reilly Network, see our web site at:

  

  For more information about the author, please visit:

   Safari® Enabled

  When you see a Safari® Enabled icon on the cover of your favorite technology book, it means the book is available online through the O'Reilly Network Safari Bookshelf. Safari offers a solution that's better than e-books. It's a virtual library that lets you easily search thousands of top tech books, cut and paste code samples, download chapters, and find quick answers when you need the most accurate, current information. Try it for free at

  Acknowledgments

  Increasingly, I find myself trying to do things in fundamentally different ways than they've been done before. For this book, I had this crazy idea that I could get every essential nugget of information necessary for Exams 70-290, 70-291, 70-293, and 70-294 (and by association Exams 70-292 and 70-296) into one book and do so in a way that would give you, the reader, maximum value and learning potential. With that in mind, I started from scratch and addressed the book in an entirely different way from its predecessors. I organized the book into 4 parts and 12 chapters, creating a new approach that divides each exam study guide into three major components: an overview and a study guide followed by "prep and practice." In the overview, I tied the exam objectives directly to the sections in which those objectives are discussed and added details on the upgrade certification path for those taking the upgrade exams. In the study guide, I delved as deep as possible into every exam objective. In the "prep and practice," I created a single chapter that contains everything you need for additional review, including notes on preparing for the exam, suggested exercises, highlights from the study guide, and practice questions. I hope the result of all the hard work is that the book you hold in your hands is something unique. This isn't a 400-page cram guide or a 600-page study guide for a single exam. This is a comprehensive 750-page guide to Exams 70-290, 70-291, 70- 293, and 70-294 (and, by association, Exams 70-292 and 70- 296) that contains the core knowledge to prepare you for certification.

  During the many longs months of writing this book, I've worked with many different people at O'Reilly. I've enjoyed getting to know Jeff Pepper, Mary Brady, and everyone else at O'Reilly. Jeff Pepper was instrumental throughout the writing process. He was supportive of my ideas. He believed in the book and my unique approach and was really great to work with. Mary Brady headed up the production process for O'Reilly. She is a terrific person to work with, conscientious and dedicated. Her attention to detail through every step of the editing is much appreciated. O'Reilly has an extensive editing and review process. Rodney Buike, Chris Buechler, and Pawan K. Bhardwaj were the technical reviewers of the book. Each reviewed the book from start to finish, and it was a great pleasure working with them. Of particular note is the effort Pawan put into the project to ensure the book was as accurate as it could be. In the final editing stages, the book was sent out for final comments to Ben Miller, Microsoft MVP Lead, Michael Dennis, Lead Program Manager for Group Policy at Microsoft, and others. Al Valvano, Rob Linsky, and Lucinda Rowley of Microsoft provided extremely helpful information and support for this project. Thank you for all your help! Thanks also to Studio B literary agency and my agents, David Rogelberg and Neil Salkind. David and Neil are great to work with. Hopefully, I haven't forgotten anyone but if I have, it was an oversight. Honest.;-)

  Part PART I: Exam 70-290

Chapter 1. Exam 70-290 Overview Exam 70-290: Managing and Maintaining a Microsoft Windows Server 2003 Environment is designed to cover the skills necessary to perform most day-to-day administration tasks. Before you begin studying for this exam, you should have

  extensive hands-on experience with general Windows Server 2003 administration, including management of disks, hardware devices, shared folders, and printers. You should also have a detailed understanding of configuring local, roaming, and mandatory user profiles; managing users, computers, and groups; and working with filesystem permissions and changing file ownership. Troubleshooting and monitoring are major parts of the exam. Many troubleshooting skills are tested, including the ability to solve user and computer account issues, user authentication problems, and remote access issues. You'll need to be able to monitor server hardware using Device Manager and Control Panel utilities, and the Hardware Troubleshooting wizard. You'll also need to demonstrate skill with regard to monitoring system and application performance, server optimization, and disaster recovery.

  The exam covers some not-so-routine tasks as well. For example, you'll need to be able to manage software site licensing and software update infrastructure. You'll also need to be able to resolve Terminal Services security and Terminal Services client access issues. In many large enterprises, these tasks are handled by dedicated help desk staff rather than by individual administrators. Some of the most common problem areas for people taking the exam have to do with:

  Automation

  Microsoft really wants administrators to do more with the command line. You are expected to know key command-line tools as thoroughly as you know key GUI tools.

  Optimization

  The ability to optimize server and application performance is a skill that's best learned through real-world practice. You need a strong understanding of the performance objects used in optimization and how to use them to resolve bottlenecks.

  Access/Authentication

  Many things can go wrong with user authentication and resource access, especially when Terminal Services is involved. If your organization doesn't use Terminal Services, take the time to create a test environment and work with this technology extensively. To be prepared for Exam 70-290, you should have 12 to 18 months experience as a Windows Server 2003 administrator. You should have recently studied a Windows Server 2003 administrator's book, taken a training course, or completed a self-paced training kit that covers the related areas of study. You will then be ready to use the Exam 70-290 Study Guide in this book as your final exam preparation.

  Tip: Exam 70-290 is a required exam for both MCSAs and

MCSEs. If you take and pass this exam as your first exam, you will receive your MCP credentials. MCP is an entry-level certification program that requires taking and passing one Microsoft Certification exam. If you are a current MCSA on

Windows 2000, you need to pass Exam 70-292 to upgrade your

certification to Windows Server 2003. If you are a current MCSE on Windows 2000, you need to pass Exam 70-292 and Exam 70-296 to upgrade your certification to Windows Server 2003. Skills measured by Exam 70-292, representing a subset of Exams 70-290 and 70-291, are indicated in exam overview

  X sections with the symbol.

1.1. Areas of Study for Exam 70-290

  1.1.1. Managing and Maintaining Physical and Logical Devices Manage basic disks and dynamic disks.

  Monitor server hardware. Tools might include Device Manager, the Hardware Troubleshooting Wizard, and appropriate Control Panel items.

  Optimize server disk performance.

  Implement a RAID solution. Defragment volumes and partitions.

  Install and configure server hardware devices.

  Configure driver signing options. Configure resource settings for a device. Configure device properties and settings. See " " on page 12.

  1.1.2. Managing Users, Computers, and Groups

  Manage local, roaming, and mandatory user profiles. Create and manage computer accounts in an Active Directory environment.

  Create and manage groups. X Identify and modify the scope of a group. X Find domain groups in which a user is a member. X Manage group membership. X Create and modify groups by using the Active Directory Users and Computers Microsoft Management Console (MMC) snap-in. X Create and modify groups by using automation. X

  Create and manage user accounts. X Create and modify user accounts by using the Active Directory Users and Computers MMC snap-in. X Create and modify user accounts by using automation.

  X Import user accounts. X Troubleshoot computer accounts.

  Diagnose and resolve issues related to computer accounts by using the Active Directory Users and Computers MMC snap-in. Reset computer accounts.

  Troubleshoot user accounts.

  Diagnose and resolve account lockouts. Diagnose and resolve issues related to user account properties.

  Troubleshoot user authentication issues. X See " " on page 32.

1.1.3. Managing and Maintaining Access to Network Resources Configure access to shared folders.

  Manage shared folder permissions. Troubleshoot Terminal Services. X

  Diagnose and resolve issues related to Terminal Services security. X Diagnose and resolve issues related to client access to Terminal Services. X Configure filesystem permissions.

  Verify effective permissions when granting permissions.

  Change ownership of files and folders. Troubleshoot access to files and shared folders. See " on page 62.

1.1.4. Managing and Maintaining a Server Environment

  Monitor and analyze events. Tools might include Event Viewer and System Monitor.

  Install and configure software update infrastructure. X Install and configure software update services. X Install and configure automatic client update settings.

  X Configure software updates on earlier operating systems. X Manage software update infrastructure. X Manage software site licensing. Manage servers remotely. X Manage a server by using Remote Assistance. X Manage a server by using Terminal Services remote administration mode. X Manage a server by using available support tools. X Troubleshoot print queues.

  Monitor system performance. Monitor file and print servers. Tools might include Task Manager, Event Viewer, and System Monitor.

  Monitor disk quotas. Monitor print queues. Monitor server hardware for bottlenecks.

  Monitor and optimize a server environment for application performance.

  Monitor memory performance objects. Monitor network performance objects. Monitor process performance objects. Monitor disk performance objects. Manage a Web server. X Manage Internet Information Services (IIS). X Manage security for IIS. X

  See " on page 84.

1.1.5. Managing and Implementing Disaster Recovery Perform system recovery for a server.

  Implement Automated System Recovery (ASR). Restore data from shadow copy volumes. Back up files and System State data to media. Configure security for backup operations.

  Manage backup procedures.

  Verify the successful completion of backup jobs. Manage backup storage media. Recover from server hardware failure. Restore backup data. Schedule backup jobs. See " " on page 126.

Chapter 2. Exam 70-290 Study Guide This chapter provides a study guide for Exam 70-290:Managing and Maintaining a Microsoft Windows Server 2003 Environment. Sections within the chapter are organized according to the

  exam objective they cover. Each section identifies the related exam objective, provides an overview of why the objective is important, and then discusses the key details you should know to both succeed on the test and master the objective in the real world. The major topics covered on Exam 70-290 are:

  Managing and Maintaining Physical and Logical Devices

  Designed to test your knowledge of standard disk configurations involving both basic disks and dynamic disks. Also covers hardware devices and monitoring hardware devices.

  Managing Users, Computers, and Groups

  Designed to test your knowledge of the many types of accounts used on Windows networks, including user accounts, computer accounts and group accounts. Also covers user authentication and user profiles.

  Managing and Maintaining Access to Network Resources

  Designed to test your knowledge of access permissions and shared folders. Also covers Terminal Services security and client access.

  Managing and Maintaining a Server Environment

  Designed to test your knowledge of general administration, it is very much a catch-all objective for routine administration tasks. Also covers Internet Information Services (IIS) management and security.

  Managing and Implementing Disaster Recovery

  Designed to test your knowledge of both disaster preparedness and disaster recovery procedures. Also covers shadow copies. The sections of this chapter are designed to reinforce your knowledge of these topics. Ideally, you will review this chapter as thoroughly as you would your course notes in preparation for a college professor's final exam. That means multiple readings of the chapter, committing to memory key concepts, and performing any necessary outside readings if there are topics you have difficulty with. As part of your preparation, I recommend installing a two- system test network, with one system acting as a workstation and the other system acting as a server. The workstation should run Windows XP Professional or later and be your primary system for management. That means you will work remotely and use the workstation to perform administration of the server as much as possible. The server should be configured to run Windows Server 2003. Both systems can be virtual machines installed as part of a virtual test environment.

2.1. Essential Administration Tools

  The essential administration tools every administrator must master are: AdminPak Support Tools Microsoft Management Console (MMC) Remote Desktop for Administration Remote Assistance

2.1.1. AdminPak

  The administrative tools available on your system depends on its configuration. As services are added to a system, the tools needed to manage those services are installed. If you manage systems remotely, these same tools might not be available. To ensure you have a consistent tool set, you should install the Windows Server 2003 Administration Tools (AdminPak) on systems you use for administration by completing the following steps:

  1. After you log on to the system using an account with

  administrator privileges, insert the Windows Server 2003 CD-ROM into the CD-ROM drive.

  

2. When the Autorun screen appears, click Perform Additional

  Tasks, and then click Browse This CD to start Windows

3. Double-click I386, and then double-click Adminpak.msi to

  install the complete set of Windows Server 2003 management tools. The AdminPak tools can be accessed from the command line and from the Administrative Tools menu.

2.1.2. Support Tools

  In addition to the AdminPak, you'll want to install the Windows Server 2003 Support Tools on systems you use for administration. The Windows Server 2003 Support Tools extend the core set of administration tools to include additional useful utilities and commands that can be used for administration.

  To install the support tools, complete these steps:

  1. Log on to the system using an account with administrator

  privileges and insert the Windows Server 2003 CD-ROM into the CD-ROM drive.

  

2. When the Autorun screen appears, click Perform Additional

  Tasks, and then click Browse This CD to start Windows Explorer.

  3. Double-click Support, and then double-click Tools.

  4. Double-click Suptools.msi to start the Windows Support Tools Setup Wizard.

  5. Click Next. Read the End User License Agreement. Click I Agree, and then click Next.

  6. Enter your user information, and then click Next.

  7. Accept the default install location (%ProgramFiles%\Support Tools).

8. Click Install Now. Click Finish.

  The Support Tools can be accessed through the Tools Management Console. To start the console, click Start Programs Windows Support Tools Support Tools Help.

2.1.3. Microsoft Management Console

  In Windows Server 2003, the primary administration tools are built using the MMC framework. At its heart are consoles and snap-ins. A console is a container window to which you can add functional components called snap-ins. You create custom administration tools by adding snap-ins to an empty console. Consoles can also include taskpads to create custom view tabs in the console. The custom view tabs can include shortcut links to menu items, shell commands, and Favorites links. All consoles, including the standard administration consoles, have two basic modes:

  Author

  In Author mode, administrators can make changes to the console by adding or removing snap-ins, and creating task pads. Most MMCs can be put in Author mode by right- clicking the menu option and selecting Author, or by starting the console from the command prompt using the /a parameter. This opens the console for authoring.

  User

  In User mode, administrators can access the snap-in functions but cannot make changes to the console. All administrator consoles are in user mode by default. To switch from author mode to user mode in a console, click File Options, select the desired console mode, clear Do Not Save Changes To This Console, and then click OK. You can then save the updated console to its original location by clicking File Save or to a new location by clicking File Save As.

  By default, consoles are set to work with the local computer when started. To work with a remote computer via the console, you'll need to right-click the console root node in the left pane and then select Connect To Another Computer. This displays the Select Computer dialog box, which you can use to specify the name or IP address of the remote computer.

2.1.4. Remote Desktop for Administration

  Windows Server 2003 Terminal Services has two operating modes: Remote Desktop for Administration and Terminal

  Server. One way to think of the Remote Desktop for

  Administration is as a limited Terminal Server mode that enables administrators to establish remote connections. Each server configured with Remote Desktop for Administration can have up to two concurrent connections.

  Remote Desktop for Administration can be enabled or disabled on a per computer basis on the Remote tab of the System utility under Control Panel. To enable this feature, access the System utility's Remote tab, select Enable Remote Desktop On This Computer, and then click Select Remote Users to specify users granted remote access permission via Remote Desktop. By default, any user that is a member of the Administrators group is granted this permission. If the computer is running a firewall, TCP port 3389 must be opened to allow remote access. Remote Desktop connections can be established using the

  Remote Desktop Connection client found under Programs Accessories Communications or by using the Remote Desktops console found on the Administrative Tools menu. Use the Remote Desktop Connection client to manage one computer remotely. Use the Remote Desktops console to manage multiple computers remotely. Both Windows XP and Windows Server 2003 support remote desktop.

  With Remote Desktop Connection, establish remote connections as follows:

  

1. Open the Remote Desktop Connection client and then click

Options.

  2. In the Computer field, type the name or IP address of the remote computer.

  3. Enter your username, password, and domain information.

  4. Enter display, resource, and other options using the other tabs as necessary.

  5. Click Connect.

  

Tip: Troubleshooting Remote Desktop connectivity is discussed

in " later in this chapter.

  With Remote Desktops, establish remote connections as follows:

  1. Open the Remote Desktops console.

  

2. Right-click Remote Desktops in the console tree and select

Add New Connection.

  

3. Type the name or IP address of the remote computer in the

field provided.

  4. Enter an optional Connection Name.

  5. Enter your username, password, and domain information.

  6. Click OK to close the Add New Connection dialog box.

  

7. In the left pane, expand the Remote Desktops node to show

the defined connections.

  8. Click a connection.

2.1.5. Remote Assistance

  Remote Assistance allows a user to send an invitation to a more experienced user or administrator asking for troubleshooting help with a computer problem. The helper accepting the request can view the user's desktop, transfer files, and chat with the user needing help through a single interface. Both Windows XP and Windows Server 2003 support Remote Assistance, which can be enabled or disabled using the Remote tab of the System utility under Control Panel. To enable Remote Assistance, access the System utility's Remote tab, select Turn On Remote Assistance, and then click OK. You can click the Advanced tab to set the maximum amount of time the invitations can remain open.

  By default, the user or administrator accepting a remote invitation can remotely control the computer from which the invitation was sent during the remote assistance session. Typically, this is the desired behavior. The easiest way to make a remote assistance request is to use Windows Messenger. In Windows Messenger, click Actions Ask for Remote Assistance, and then select the helper's Windows Messenger account when prompted. The helper then remote assistance invitation. The user seeking assistance then confirms it is OK to start the remote assistance session by clicking Yes. Another way to send a remote assistance invitation is to use Help And Support Center. Click Support on the toolbar. Under the Support heading, click Get Remote Assistance, then in the right pane, click Invite Someone To Help You.

2.2. Managing and Maintaining Physical and Logical Devices

  Server systems have both physical and logical devices. Physical devices include all hardware devices connected to or configured within the server system, and include sound cards, video cards, memory, system bus, disk controllers, and physical disks. Logical devices are used to abstract the physical components of hardware devices and represent them in a way that is more manageable. The primary logical devices you'll work with are logical volumes, which are the basic unit of disk storage that you can configure and manage.

2.2.1. Installing and Configuring Server Hardware Devices

  Hardware devices installed on a computer communicate with Windows Server 2003 using software device drivers. For a hardware device driver to work properly, the appropriate device driver variant must be installed, the resource settings for the device must be configured appropriately, and the device properties must be set correctly. In most cases, hardware manufacturers will provide a device driver for the hardware device. Windows Server 2003 includes an extensive library of device drivers.

2.2.1.1. Understanding Plug-and-Play and Non-Plug-and- Play devices

  Two basic types of hardware drivers are used on Windows systems:

  Plug-and-Play (PnP) Non-Plug-and-Play (Non-PnP)

  Most Windows-compatible devices support PnP. PnP allows Windows to detect and install a hardware device automatically either from the library of device drivers maintained by Windows or from a manufacturer-supplied device driver. If a device is detected and there is no device driver, Windows will prompt you to specify the location of the device driver.

  In most cases, non-PnP devices are not detected automatically after installation and must be manually installed using the Add Hardware Wizard, which is accessible in the Control Panel and from the Hardware tab of the System utility.

2.2.1.2. Understanding signed and unsigned drivers

  On Windows 2000 and later computers, all hardware device drivers are either signed or unsigned. If a device driver is signed, then the driver has a digital signature. The digital signature means that a driver has been authenticated by the digital signer, which typically is Microsoft Windows Publisher, and has not been altered or overwritten by other installation programs or by virus programs. If a device driver is signed by Microsoft Windows Publisher, then the device driver was included with the operating system. If a device driver is signed by Microsoft Windows Hardware Compatibility Publisher, it means the device driver has been tested in the Windows Hardware Quality Labs (WHQL) (and was probably released after the release of the operating system).

  

Tip: Generally speaking, you should always use a signed driver

if one is available for the hardware device. Before you install

  

hardware using an unsigned (and potentially dangerous) driver,

you should test the driver on a similarly configured computer in

a development or test environment.

  By default, Windows Server 2003 warns you if you try to install an unsigned device driver. Windows can also be configured to allow all device drivers to be installed or prevent unsigned device drivers from being installed. These settings can be made for individual computers using Control Panel, and for all computers in a domain, site, or organizational unit (OU) through Group Policy. Group Policy can also be used to prohibit users from changing driver installation settings.

  As long as you are not prohibited from doing so, you can change driver settings for individual computers by clicking the Driver Signing button on the Hardware tab of the System utility. This displays the Driver Signing Options dialog box. In this dialog box, you can choose the action you want Windows to take whenever someone tries to install an unsigned device driver. As shows, the options are:

  

Figure 2-1. Settings in the Driver Signing Options

dialog box can be used to change the way

Windows handles unsigned drivers.

  Ignore

  Allows all device drivers to be installed without having to see and respond to a warning prompt.

  Warn

  Prompts with a warning message prior to installing a hardware device with an unsigned driver. The user can then continue or cancel the installation (the default).

  Block

  Prevents installing unsigned drivers. Windows will not install any unsigned device driver and will not display a warning prompt.

  Make This Action The System Default Select this checkbox to make this the default for all users.

  Clear this option to apply these options only to the current user.

  Tip: Windows Server 2003 will not install drivers with known

problems. If you try to install a driver with known problems, the

Windows Driver Protection facility will block the installation.

2.2.1.3. Installing hardware devices

  Administrators can install any hardware device and its drivers, including both PnP and non-PnP devices. Users can only install PnP devices that are detected and installed automatically using signed drivers stored in Windows device driver library. If the device requires the operating system to prompt for any reason, including to specify manufacturer supplied drivers or designate configuration options, users will not be able to complete the installation. The only exception is for users who have been designated specific permission to install such devices.

  Tip: For the exam, you'll definitely want to have a strong understanding of how device installation works for both administrators and users.

  If a device isn't automatically installed and you have a manufacturer's installation disk, you should install the device using the disk. If this doesn't work or an installation disk isn't available, you can install it using the Add Hardware Wizard by following through these steps:

  1. Open Add Hardware in Control Panel. When the wizards

  starts, it scans the computer for PnP devices and installs drivers for any that are found.

  

2. If no devices are found in Step 1, continue with the manual

  installation by clicking Next. Then select Yes, I Have Already Connected The Hardware, and then click Next.

  

3. The wizard then displays a list of all installed devices. If you

  select one of these devices and click Next, the wizard will quit. If you scroll down to the bottom of the installed hardware list and select Add A New Hardware Device and then click Next, you'll be able to continue with the installation.

  

4. Next, you can choose whether to search for and install the

  new hardware device, or have it presented in a list from which you can manually select a driver. If you don't already have a driver, select the search option. If you do have a driver, select the install option, and then click Next.

  

5. If the wizard searches and fails, or if you elect to install the

  hardware, you can select the hardware category of the device you are trying to install or simply accept the default to show all devices. Click Next.

  6. If you have the drivers for the device, click Have Disk to

  specify the location of the drivers on your hard disk, floppy, or CD. Otherwise, choose the device manufacturer and device model to use a driver already available in Windows. If the device model isn't listed, the driver isn't included with the operating system.

  

7. Follow the remaining prompts to complete the installation.

  In some cases, you might be prompted to restart the computer as well.

2.2.1.4. Using Device Manager

  All detected devices are listed in the Device Manager snap-in, which is installed by default in the Device Manager console (devmgmt.msc) and in the Computer Management console (compmgmt.msc) (see ). Devices that have been detected but are not installed or properly configured are shown with a yellow warning icon. Devices that have been disabled have a red warning icon.

  

Figure 2-2. Device Manager is used to view and

manage installed hardware devices. Device Manager can be used to manage devices on local computers only. On remote computers, Device Manager has Read Only access. You can use Device Manager anytime you have a question as to whether hardware devices on a computer are working properly. Common tasks include:

  Viewing hardware device status

  Using options of the View menu, you can view devices by type or by connection. A yellow warning icon indicates improper installation or configuration, and, as such, can indicate that a device is detected but not installed or that a device has a resource conflict with another device.

  Scanning for hardware changes

  If you've made hardware configuration changes that aren't shown in Device Manager, you can select Action Scan For Hardware Changes.

  Changing hardware configuration settings

  Right-click the device and select Properties. You can then view the properties and settings for the device. If the device allows manual configuration through Windows, you'll be able to change resource usage on the Resources tab.

  Printing summaries of installed devices

  Select Action Print. In the Print dialog box, you can then select the report type as "System summary," "Selected class or device," or "All devices and system summary." Similar reports can be obtained from the command line

  Driverquery Driverquery /? using . Type for details.

2.2.1.5. Configuring hardware devices

  In Device Manager, you can view and configure hardware devices by right-clicking a device and selecting Properties. Most devices have a dialog box with General, Driver, Details, and Resources tabs. Depending on device type, some devices have fewer or additional tabs.

  shows the three most common tabs you'll refer to

  when working with devices:

  

Figure 2-3. The General, Driver, and Resource