Professional Documents
Culture Documents
Active Directory
Domain Controller
A global catalog server is a domain controller that stores information about all
objects in the forest. Like all domain controllers, a global catalog server stores full,
writable replicas of the schema and configuration directory partitions and a full,
writable replica of the domain directory partition for the domain that it is hosting. In
addition, a global catalog server stores a partial, read-only replica of every other
domain in the forest. Partial replicas are stored on Global Catalog servers so that
searches of the entire directory can be achieved without requiring referrals from one
domain controller to another.
Partial information of other domains. Partial information nothing but classes and
attributes (first name and last name and phones and addresses) attribute level
security improvement in 2003….
OU:
Domain:
Windows Domain is a logical grouping of computers that share common security and
user account information.
Forest
A Windows forest is a group of 1 or more trusted Windows trees. The trees do not need to have
contiguous DNS names. A forest shares a schema and global catalog servers. A single tree can
also be called a forest.
Tree:
A Windows tree is a group of one or more trusted Windows domains with contiguous
DNS domains. “Trusted” means that an authenticated account from one domain isn’t
rejected by another domain. “Contiguous DNS domains” means that they all have
the same root DNS name.
Site:
Sites are manually defined groupings of subnets. Objects in a site share the same global catalog
servers, and can have a common set of group policies applied to them.
Schema:
The schema defines what attributes, objects, classes, and rules are available in the Active
Directory.
The SID is a unique name (alphanumeric character string) that is used to identify an object,
such as a user or a group of users.
Group Policy
The Group Policy container (GPC) is an Active Directory container that contains GPO
properties, such as version information, GPO status, plus a list of other component
settings.
Starting with Windows 2000, the administrator can add both computers and users to
security groups. Then the administrator can specify which security groups are
affected by the GPO by using the Access Control List editor.
Intrasite Replication
Replication that happens between controllers inside one site. All of the subnets inside
the site should be connected by high speed network wires.
Intersite Replication
Replication must often occur both (intrasite) within sites and (Intersite) between
sites to keep domain and forest data consistent among domain controllers that store
the same directory partitions
Adprep.exe
USE:
When Microsoft Exchange Server is deployed in an organization, Exchange Server
uses Active Directory as a data store and it extends the Windows 2000 Active
Directory schema to enable it to store objects specific to Exchange Server. The
ldapDisplayName of the attribute schema ms-Exch-Assistant-Name, ms-Exch-
LabeledURI, and ms-Exch-House-Identifier defined by Exchange Server conflicts with
the iNetOrgPerson schema that Active Directory uses in Windows Server 2003. When
Windows Server 2003 Service Pack 1 is installed, Adprep.exe will be able to detect
the presence of the schema conflict and block the upgrade of the schema until the
issue has been resolved.
GUID:
When a new domain user or group account is created, Active Directory stores the
account's SID in the Object-SID (objectSID) property of a User or Group object. It
also assigns the new object a globally unique identifier (GUID), which is a 128-bit
value that is unique not only in the enterprise but also across the world. GUIDs are
assigned to every object created by Active Directory, not just User and Group
objects. Each object's GUID is stored in its Object-GUID (objectGUID) property.
Active Directory uses GUIDs internally to identify objects.
SID:
A security identifier (SID) is a data structure in binary format that contains a variable
number of values. When a DC creates a security principal object such as a user or
group, it attaches a unique Security ID (SID) to the object. This SID consists of a
domain SID (the same for all SIDs created in a domain), and a relative ID (RID) that
is unique for each security Principal SID created in a domain.
Lingering objects
When a domain controller is disconnected for a period that is longer than the TSL,
one or more objects that are deleted from Active Directory on all other domain
controllers may remain on the disconnected domain controller. Such objects are
called lingering objects. Because the domain controller is offline during the time that
the tombstone is alive, the domain controller never receives replication of the
tombstone
Sysvol
Sysvol is a shared directory that stores the server copy of the domain’s public files,
which are replicated among all domain controllers in the domain. The Sysvol contains
the data in a GPO: the GPT, which includes Administrative Template-based Group
Policy settings, security settings, script files, and information regarding applications
that are available for software installation. It is replicated using the File Replication
Service (FRS).
Win logon
It defines how clients and servers exchange information about a directory. LDAP
version 2 and version 3 are used by Windows 2000 Server's Active Directory.
An LDAP URL names the server holding Active Directory services and the Attributed Name of the
object. For example:
LDAP://SomeServer.Myco.Com/CN=jamessmith,CN=Sys,CN=Product,CN
=Division,DC=myco,DC=domain-controller
USN
Each object has an Update Sequence Number (USN), and if the object is modified,
the USN is incremented. This number is different on each domain controller. USN
provides the key to multimaster replication.
Universal group membership caching
Due to available network bandwidth and server hardware limitations, it may not be
practical to have a global catalog in smaller branch office locations. For these sites,
you can deploy domain controllers running Windows Server 2003, which can store
universal group membership information locally.
A list of security protections that applies to an object. (An object can be a file, process, event, or
anything else having a security descriptor.)
ACE contains a set of access rights and a security identifier (SID) that identifies a trustee for
whom the rights are allowed, denied, or audited.
MultiMaster Operation:
In Windows 2000 & 2003, every domain controller can receive changes, and the
changes are replicated to all other domain controllers. The day-to-day operations
that are associated with managing users, groups, and computers are typically
multimaster operations.
There is a set of Flexible Single Master Operations (FSMO) which can only be done on
a single controller. An administrator determines which operations must be done on
the master controller. These operations are all set up on the master controller by
default and can be transferred later. FSMO operations types include:
Schema Master: The schema master domain controller controls all updates and
modifications to the schema. There can be only one schema master in the whole
forest.
Domain naming master: The domain naming master domain controller controls
the addition or removal of domains in the forest and responsibility of ensuring that
domain names are unique in the forest. There can be only one domain naming
master in the whole forest.
Infrastructure Master:
The infrastructure is responsible for updating references from objects in its domain
to objects in other domains. At any one time, there can be only one domain
controller acting as the infrastructure master in each domain.
This works when we are renaming any group member ship object this role takes
care.
Note: The Infrastructure Master (IM) role should be held by a domain controller
that is not a Global Catalog server (GC). If the Infrastructure Master runs on a
Global Catalog server it will stop updating object information because it does not
contain any references to objects that it does not hold. This is because a Global
Catalog server holds a partial replica of every object in the forest. As a result,
cross-domain object references in that domain will not be updated and a
warning to that effect will be logged on that DC's event log. If all the domain
controllers in a domain also host the global catalog, all the domain controllers
have the current data, and it is not important which domain controller holds the
infrastructure master role.
It assigns RID and SID to the newly created object like Users and computers. If RID
master is down (u can create security objects up to RID pools are available in DCs)
else u can’t create any object one itSDs down
PDC Emulator - When Active Directory is in mixed mode, the computer Active
Directory is on acts as a Windows NT PDC. The first server that becomes a Windows
2000 domain controller takes the role of PDC emulator by default.
Functions performed by the PDC emulator:
User account changes and password changes.
SAM directory replication requests.
Domain master browser requests
Authentication requests.
GPO
Time synchronization
In Windows 2000 Active Directory domains is the concept of Mixed and Native
Modes. The default mixed mode allows both NT and Windows 2000 domain
controllers to coexist. Once you convert to Native Mode, you are only allowed to
have Windows 2000 domain controllers in your domain. The conversion is a one-way
conversion -- it cannot be reversed. In Windows Server 2003, Microsoft introduced
forest and domain functional levels. The concept is rather similar to switching from
Mixed to Native Mode in Windows 2000. The new functional levels give you additional
capabilities that the previous functional levels didn’t have.
There are four domain functional levels:
To raise the domain functional level, you go to the properties of your domain in
Active Directory Domains and Trusts. To raise the forest functional level you go to
the properties of Active Directory Domains and Trusts at the root. Of course, if your
domains are not at the correct level, you won’t be able to raise the forest functional
level.
Directory partition
Schema partition
It contains all class and attributes definitions for the forest. There is one schema
directory partition per forest.
Configuration partition
It contains replication configuration information (and other information) for the
forest. There is one configuration directory partition per forest.
Domain partition
It contains all objects that are stored by one domain. There is one domain directory
partition for each domain in the forest.
Security Principles - Objects that can have permissions assigned to them and each
contain security identifiers. The following objects are security principles:
o User
o Computer
o Group
RPC:
Active Directory uses RPC over IP to transfer both intersite and intrasite replication
between domain controllers. To keep data secure while in transit, RPC over IP
replication uses both the Kerberos authentication protocol and data encryption.
SMTP:
If you have a site that has no physical connection to the rest of your network, but
that can be reached using the Simple Mail Transfer Protocol (SMTP), that site has
mail-based connectivity only. SMTP replication is used only for replication between
sites. You also cannot use SMTP replication to replicate between domain controllers
in the same domain—only inter-domain replication is supported over SMTP (that is,
SMTP can be used only for inter-site, inter-domain replication). SMTP replication can
be used only for schema, configuration, and global catalog partial replica replication.
SMTP replication observes the automatically generated replication schedule.
Changing of ntds.dit file from one Drive to another
1. Boot the domain controller in Directory Services Restore mode and log on with the
Directory Services Restore mode administrator account and password (this is the
password you assigned during the Dcpromo process).
2. At a command prompt, type ntdsutil.exe. You receive the following prompt:
ntdsutil:
3. Type files to receive the following prompt:
file maintenance:
4. Type info. Note the path of the database and log files.
5. To move the database, type move db to %s (where %s is the target folder).
6. To move the log files, type move logs to %s (where %s is the target folder).
7. Type quit twice to return to the command prompt.
8. Reboot the computer normally.
DNS
Domain Name System (DNS) is a database system that translates a computer's fully
qualified domain name into an IP address.
The following graphic shows an overview of the complete DNS query process.
DNS Zones
Primary Zones - It Holds Read and Write copies of all resource records (A, NS,
_SRV).
Secondary Zones- which hold read only copies of the Primary Zones.
Stub Zones
Conceptually, stub zones are like secondary zones in that they have a read only copy
of a primary zone. Stub zones are more efficient and create less replication traffic.
Stub Zones only have 3 records, the SOA for the primary zone, NS record and a Host
(A) record. The idea is that if a client queries a record in the Stub Zone, your DNS
server can refer that query to the correct Name Server because it knows its Host (A)
record.
Queries
Query types are:
Inverse - Getting the name from the IP address. These are used by servers as a
security check.
Iterative - Server gives its best answer. This type of inquiry is sent from one server
to another.
Conditional Forwarding
Without resource records DNS could not resolve queries. The mission of a DNS
Query is to locate a server that is Authoritative for a particular domain. The easy
part is for the Authoritative server to check the name in the query against its
resource records.
SOA (start of authority) record each zone has one SOA record that identifies
which DNS server is authoritative for domains and sub domains in the zone.
PTR (pointer) record the opposite of an A record, a PTR record is used to resolve
the IP address of a host into its FQDN.
SRV (service) record An SRV record is used by DNS clients to locate a server
that is running a particular service—for example, to find a domain controller so you
can log on to the network. SRV records are key to the operation of Active Directory.
After running DCPROMO, A text file containing the appropriate DNS resource
records for the domain controller is created. The file called Netlogon.dns is
created in the %systemroot%\System32\config folder and contains all the
records needed to register the resource records of the domain controller.
Netlogon.dns is used by the Windows 2000 NetLogon service and to support
Active Directory for non-Windows 2000 DNS servers.
Once DNS and replication are setup, it is generally a bad idea to change a servers IP
address (at least according to Microsoft). Just be sure that is what you really want to
do before starting the process. It is a bit kin to changing the Internal IPX number of
A Novell server, but it can be done.
5. Go to one of the other DCs and verify that its DNS is now pointing to the new
IP address of the server. If not, change the records manually and give it 15 minutes
to replicate the DNS changes out.
6. Run REPLMON and make sure that replication is working now. You may have to
wait a little while for things to straighten out. Give it an hour or two if necessary.
If a server shows that it isn’t replicating with one of its partners, there are
several issues to address:
A. Check to see that the servers can ping each other.
B. Make sure that both servers’ DNS entries for each other point to the proper IP
addresses
C. If server A says it replicated fine, but server B says it couldn’t contact Server A,
check the DNS setup on Server B. Chances are it has a record for Server A pointing
to the wrong place.
Trust Relationship
• One way trust - When one domain allows access to users on another
domain, but the other domain does not allow access to users on the first
domain.
• Two way trust - When two domains allow access to users on the other
domain.
• Trusting domain - The domain that allows access to users on another
domain.
• Trusted domain - The domain that is trusted, whose users have access to
the trusting domain.
• Transitive trust - A trust which can extend beyond two domains to other
trusted domains in the tree.
• Intransitive trust - A one way trust that does not extend beyond two
domains.
• Explicit trust - A trust that an administrator creates. It is not transitive and
is one way only.
• Cross-link trust - An explicit trust between domains in different trees or in
the same tree when a descendent/ancestor (child/parent) relationship does
not exist between the two domains.
• Forest trust - When two forests have a functional level of Windows 2003,
you can use a forest trust to join the forests at the root.
• Shortcut trust - When domains that authenticate users are logically distant
from one another, the process of logging on to the network can take a long
time. You can manually add a shortcut trust between two domains in the
same forest to speed authentication. Shortcut trusts are transitive and can
either be one way or two way.
Archive bit:
The archive bit is used to determine what files have been backuped up previously on
a Windows file system. The bit is set if a file is modified
Types of Backups:
Normal - Saves files and folders and shows they were backed up by clearing the
archive bit.
Copy - Saves files and folders without clearing the archive bit.
Incremental - Incremental backup stores all files that have changed since the last Full,
Differential or Incremental backup. The archive bit is cleared.
Differential - A differential backup contains all files that have changed since the last
FULL backup. The archive bit is not cleared.
Daily - Saves files and folders that have been changed that day. The archive bit is
not cleared.
Multiplexing:
Multiplexing sends data from multiple sources to a single tape or disk device. This is
useful if you have a tape or disk device that writes faster than a single system can
send data, which (at this point) is just about every tape device.
Multistreaming:
Changes are accepted from other domain controllers after the backup is done.
When you are restoring a domain controller by using backup and restore programs,
the default mode for the restore is non authoritative. This means that the restored
server is brought up-to-date with its replicas through the normal replication
mechanism.
Changes are NOT accepted from other domain controllers after the backup is done.
E:\ntdsutil>ntdsutil
ntdsutil: authoritative restore
authoritative restore: restore sub tree OU=bosses,DC=ourdom,DC=com
• Ntds.dit is the Active Directory database which stores the entire active
directory objects on the domain controller. The .dit extension refers to the
directory information tree. The default location is the %systemroot%\Ntds
folder. Active Directory records each and every transaction log files that are
associated with the Ntds.dit file.
• Edb*.log is the transaction log file. Each transaction file is 10 megabytes
(MB). When Edb.log file is full, active directory renames it to Edbnnnnn.log,
where nnnnn is an increasing number starts from 1.
• Edb.chk is a checkpoint file which is use by database engine to track the data
which is not yet written to the active directory database file. The checkpoint
file act as a pointer that maintains the status between memory and database
file on disk. It indicates the starting point in the log file from which the
information must be recovered if a failure occurs.
• Res1.log and Res2.log: These are reserved transaction log files. The
amount of disk space that is reserved on a drive or folder for this log is 20
MB. This reserved disk space provides a sufficient space to shut down if all
the other disk space is being used.
1. Register the Schmmgmt.dll library by pressing Start > RUN and typing:
regsvr32 schmmgmt.dll
1. On any domain controller, click Start, click Run, type Ntdsutil in the Open
box, and then click OK.
Microsoft Window s [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.
C:\WINDOWS>ntdsutil
ntdsutil:
ntdsutil: roles
fsmo maintenance:
Note: To see a list of available commands at any of the prompts in the Ntdsutil
tool, type? And then press ENTER.
5. At the server connections: prompt, type q, and then press ENTER again.
server connections: q
fsmo maintenance:
6. Type transfer <role>. where <role> is the role you want to transfer.
For example, to transfer the RID Master role, you would type transfer rid
master:
Options are:
Transfer domain naming master
Transfer infrastructure master
Transfer PDC
Transfer RID master
Transfer schema master
7. You will receive a warning window asking if you want to perform the
transfer. Click on Yes.
8. After you transfer the roles, type q and press ENTER until you quit
Ntdsutil.exe.
9. Restart the server and make sure you update your backup.
1. On any domain controller, click Start, click Run, type Ntdsutil in the Open
box, and then click OK.
C:\WINDOWS>ntdsutil
ntdsutil:
ntdsutil: roles
fsmo maintenance:
Note: To see a list of available commands at any of the prompts in the Ntdsutil
tool, type ?, and then press ENTER.
5. At the server connections: prompt, type q, and then press ENTER again.
server connections: q
fsmo maintenance:
6. Type seize <role>, where <role> is the role you want to seize. For
example, to seize the RID Master role, you would type seize rid master:
Options are:
Seize domain naming master
Seize infrastructure master
Seize PDC
Seize RID master
Seize schema master
7. You will receive a warning window asking if you want to perform the
seize. Click on Yes.
Note: All five roles need to be in the forest. If the first domain controller is out
of the forest then seize all roles. Determine which roles are to be on which
remaining domain controllers so that all five roles are not on only one server.
8. Repeat steps 6 and 7 until you've seized all the required FSMO roles.
9. After you seize or transfer the roles, type q, and then press ENTER until
you quit the Ntdsutil tool.
Note: Do not put the Infrastructure Master (IM) role on the same domain
controller as the Global Catalog server. If the Infrastructure Master runs on a GC
server it will stop updating object information because it does not contain any
references to objects that it does not hold. This is because a GC server holds a
partial replica of every object in the forest.
DHCP
DHCP Scopes
Scope - A range of IP addresses that the DHCP server can assign to clients that
are on one subnet.
Super scope - A range of IP addresses that span several subnets. The DHCP
server can assign these addresses to clients that are on several subnets.
DORA
DHCP leases are used to reduce DHCP network traffic by giving clients specific
addresses for set periods of time.
When the client sends the lease request, it then waits one second for an offer. If a
response is not received, the request is repeated at 9, 13, and 16 second intervals
with additional 0 to 1000 milliseconds of randomness. The attempt is repeated every
5 minutes thereafter. The client uses port 67 and the server uses port 68.
Client Reservation
Client Reservation is used to be sure a computer gets the same IP address all
the time. Therefore since DHCP IP address assignments use MAC addresses to
control assignments, the following are required for client reservation:
2) IP address
Exclusion Range
Database files:
APIPA
If all else fails, then clients give themselves an Automatic IP address in the range
169.254.x.y where x and y are two random numbers between 1 and 254.
BOOTP
WINS
WINS
WINS stands for Windows Internet Name Service. WINS is a NetBIOS Name Server
that registers your NetBIOS names and resolves into IP addresses.
DFS
The Distributed File System (DFS) allows files and directories in various places to be
combined into one directory tree. Only Windows 2000 & 2003Servers can contain
DFS root directories and they can have only one.
DFS Components
DFS root - A shared directory that can contain other shared directories, files, DFS
links, and other DFS roots. One root is allowed per server.
Stand alone DFS root - Not published in Active Directory, cannot be replicated, and
can be on any Windows 2000 & 2003 Server. This provides no fault tolerance with
the DFS topology stored on one computer. A DFS can be accessed using the
Syntax: \\Server\DFSname
Domain DFS root - It is published in Active Directory, can be replicated, and can be
on any Windows 2000 & 2003 Server. Files and directories must be manually
replicated to other servers or Windows 2000 & 2003 must be configured to replicate
files and directories. Configure the domain DFS root, then the replicas when
configuring automatic replication. Links are automatically replicated. There may be
up to 31 replicas. Domain DFS root directories can be accessed using the
Syntax: \\domain\DFSname
DFS link - A pointer to another shared directory. There can be up to 1000 DFS links
for a DFS root.
IIS
Virtual Directory:
A virtual directory is a directory that is not contained in the home directory but
appears to client browsers as though it were.
What is ISAPI?
In IIS there are 4 types of authentication security - Basic, Anonymous, Digest &
Integrated windows Authentication.
What is the Tombstone? What is the default tombstone life time? How to
increase the tombstone life time?
The number of days before a deleted object is removed from the directory services.
The default tombstone-lifetime of 60 days, Windows Server 2003 sp1 the new
default tombstone-lifetime is 180 days.
You can check your tombstone-lifetime using the following command which comes
with Windows Server 2003:
EXCHANGE SERVER
DS PROXY
1. DSProxy emulates a MAPI address book service and sends proxy requests to an
Active Directory server.
2. DSProxy refers Outlook client queries to an Active Directory server.
DSAccess
The Exchange components that need to interact with Active Directory use DSAccess
to retrieve Active Directory information rather than communicating directly with
domain controllers and global catalog servers
Forestprep
When you use the /ForestPrep option, the Exchange Setup program extends the
Active Directory schema to add Exchange-specific classes and attributes.
DomainPrep:
DomainPrep creates the groups and permissions necessary for Exchange servers to
read and modify user attributes in Active Directory. You must run DomainPrep before
installing your first Exchange server in a domain
It is an extensive set of functions that developers can use to create mail-enabled applications.
Enables an application to send and receive mail over a Microsoft Mail message system
Recovery Storage Group is a new feature in Exchange 2003. The biggest advantage
of this method is that it reduces the impact of restoring a single mailbox from
backup.
Exmerge tool:
ExMerge is to recover the mailbox data from the Recovery Storage Group. Since
ExMerge creates a .pst file.
Monitors folders and triggers events for server applications compatible with
Exchange Server 5.5.
The information store, which is the key component for database management in
Exchange Server, is actually two separate databases. The private information store
database, Priv.edb, manages data in user mailboxes. The public information store,
Pub.edb, manages data in public folders.
You use Exchange X.400 services to connect to Exchange 5.5 servers and other
connectors (custom gateways).
Microsoft Exchange POP3
POP3 is a Client/Service protocol in which e-mail is received and held for you by your
Internet server.
The Exchange Routing Engine uses Link State information for e-mail routing. The
Routing Engine will forward this information to the Advanced Queuing Engine. The
default size of routing table log file is 50 MB and default age is seven days.
Provides directory interoperability between Exchange 5.5 and Exchange 2000 Server
or Exchange 2003. Site Replication Service (SRS) acts as a directory replication
bridgehead server for an Exchange site. SRS runs on Exchange 2000 and serves as a
modified Exchange 5.5 directory. SRS uses Lightweight Directory Access Protocol
(LDAP) to communicate to both the Active Directory® directory service and the
Exchange 5.5 directory. To Exchange 5.5, SRS looks similar to another Exchange 5.5
configuration/recipients replication partner.
Eseutil /mh
Here is a simple switch to verify the state of an Exchange database. All that
eseutil /mh does is to determine whether the last shutdown was clean or dirty.
Eseutil /mh is ideal to practice getting to the right path and executing eseutil without
doing any harm to the mailstore databases.
Eseutil /ml
Similar to the /mh, except this switch performs an integrity check on log files, for
example, E00.log.
Eseutil /mm
Dumps metadata from the database file (not the logs). Specialist use only, I find the
output fascinating but not very useful.
Eseutil /mk
Provides information about the checkpoint file. Handy for troubleshooting backup /
restore problems. Where /mh used priv1.edb, remember to substitute the name of
the checkpoint file E00.chk with /mk.
Eseutil /m Generates formatted output of various database file types. e.g. /mh
Isinteg Utility (Information Store Integrity Checker) finds and eliminates errors
from the public folder and mailbox databases at the application level. it can recover
data that Eseutil cannot recover.
Microsoft Exchange Server locally stores its data in OST file on your storage Device.
An OST file is a component Of Microsoft Exchange Server and can’t be used with
Microsoft Outlook.
At the time of when exchange server crashes or when mailbox is deleted from the
exchange server, OST file gets inaccessible and remains on the users computer
holding large part of emails, calendar, journals, notes, contacts, tasks etc.
The Advanced Queuing Engine (AQE) is responsible for creating and managing
message queues for e-mail delivery. When AQE receives a Simple Mail Transfer
Protocol (SMTP) mailmsg object, this object will be forwarded to the Message
Categorizer. The Advanced Queuing Engine then queues the Mailmsg object for
message delivery based on the Routing information provided by the Routing Engine
process of Exchange Server 2003.
The following are the minimum requirements for outbound mail flow:
• Exchange Server must have access to the Internet on port 25. This
access should not be blocked by firewalls or other network settings.
Anonymous connections should be allowed.
DHCP, like BOOTP runs over UDP, utilizing ports 67 and 68.
In fact, by default it's 60 minutes. You can change the frequency though
As a general recommendation, limit each DHCP server to having no more than 1,000
scopes defined for use.
When adding a large number of scopes to the server, be aware that each scope
creates a corresponding need for additional incremental increases to the amount of
disk space used for the DHCP server registry and for the server paging file
For the best possible DHCP server design in most networks, it is recommended that
you have, at most, 10,000 clients per server.
repadmin /removelingeringobjects
If there is set of 30 hard disk configured for raid 5 if two hard disk failed
what about data
Because of parity, information all data are available in case one of the disks fails. If
extra (spare) disks are available, then reconstruction will begin immediately after the
device failure. However if two hard disks fail at same time, all data are LOST. In short
RAID 5 can survive one disk failure, but not two or more.
In Raid 5, suppose I have 5 HDD of 10-10 GB, after configuring the Raid
how much space does I have for utilized.
-1 out of the total (eg- if u r using 5 u will get only 4 because 1 goes for parity).
If administrator forget password in 2003 server; how to recover it?
where mstsc is the Remote Desktop connection executable file, -v indicates a server
to connect to, /F indicates full screen mode, and -console is the instruction to
connect to the console session.
Domain local groups assign access permissions to global domain groups for local
domain resources. Global groups provide access to resources in other trusted
domains. Universal groups grant access to resources in all trusted domains.
What is LSDOU?
Its group policy inheritance model, where the policies are applied to Local machines,
Sites, Domains and Organizational Units.
%SystemRoot%System32\GroupPolicy
SystemRoot%\SYSVOL\sysvol\domainname\Policies\GUID
AT and FAT32 provide no security over locally logged-on users. Only native NTFS
provides extensive permission control on both remote and local files.
RSA Data Security’s Message Digest 5 (MD5), produces a 128-bit hash, and the
Secure Hash Algorithm 1 (SHA-1), produces a 160-bit hash.
The standalone server stores the Dfs directory tree structure or topology locally.
Thus, if a shared folder is inaccessible or if the Dfs root server is down, users are left
with no link to the shared resources. A fault-tolerant root node stores the Dfs
topology in the Active Directory, which is replicated to other domain controllers.
Thus, redundant root nodes may include multiple connections to the same data
residing in different shared folders.
The Netlogon service registers all the SRV records for that domain controller. These
records are displayed as the _msdcs, _sites, _tcp, and _udp folders in the forward
lookup zone that matches your domain name. Other computers look for these
records to find Active Directory-related information.
WINS files are in SystemRoot\System32\Wins. A file names WINS. WINS backup will
occur 24 to 27 hours after the last backup occurred.
If I delete a user and then create a new account with the same username
and password, would the SID and permissions stay the same? No. If you
delete a user account and attempt to recreate it with the same user name and
password, the SID will be different.
The default replication interval between two sites is 180 minutes, or 3 hours.
Domain controllers that exist in the same site will replicate to all other domain
controllers within 15 minutes. If there are only two domain controllers, they replicate
to one another within 5 minutes. Note: in win2k 15 mins, win2k3 5 mins
SMTP – 25, POP3 – 110, IMAP4 – 143, RPC – 135, LDAP – 389, SSL- 443, HTTP – 80
RDP - 3389 DNS - 53 DHCP - 67 & 68, FTP – 21, Global Catalog – 3268, LDAP – 389,
Kerberos – 88 , NNTP – 119, TFTP- 69, SNMP – 161.
DCPROMO/ADV
When running the wizard from the command line, you can append the /adv switch
to the dcpromo command to populate the directory using a backup of system state
data from another domain controller in the same domain. Installing from backup
media reduces the amount of data that must be replicated over the network, thus
reducing the time required to install Active Directory.
What is the default life time period not deleting an unconnected mailbox?
The timeline for not deleting an unconnected mailbox from the storage is 30 days by
default and can be increased using a private storage system policy.
Move log files and queue data using Exchange System Manager
Circular Logging is turned on by default for Exchange Server 5.5 and earlier, but
circular logging is turned off by default for Exchange 2000 Server.
The EXIFS (M: drive) feature has been disabled by default. If the feature is still
needed, it can be assigned to an available drive letter with a registry setting.
Standard Edition
• 16 GB database limit
• One mailbox store
• One public folder store
Enterprise Edition
• Clustering
• Up to 20 databases per server
• X.400 Connectors
• 16 TB database limit.
Connectors: Configurable 'pipes' that join the servers in different routing groups.
Routing Group Master: Co-ordinates routing information to all servers in the group
Bridgehead server
In Windows 2000 Server, bridgehead servers are the contact point for the exchange
of directory information between sites. Bridgehead is a key concept where you have
more than one server in each routing group. All the mail in one group is physically
routed through the bridgehead server. Your bridgehead options are extremely
flexible. Either you nominate one server on each side of the connector as a
bridgehead, or all servers can be bridgeheads.
OR
A domain controller that is used to send replication information to one or more other
sites
MS _ SQL
Where do you think the user’s names and passwords will be stored in sql server?
Let us say the SQL Server crashed and you are rebuilding the databases including
the master database what procedure to you follow? - For restoring the master db we
have to stop the SQL Server first and then from command line we can type
SQLSERVER –m which will basically bring it into the maintenance mode after which
we can restore the master db.
Local Delivery Contains messages destined for recipient mailboxes that reside
on the local Exchange 2003 server. Messages can accumulate in this queue if the
Microsoft Exchange Information Store service is not accepting messages or if it has
a performance problem.
Remote Delivery Contains messages that are destined for remote delivery. If
this queue is in a Retry state (that is, the connection has failed), use Telnet.exe to
try to connect to the intended destination host. Restart the SMTP virtual server to
immediately retry sending queued messages.
Messages with an Unreachable Destination Contains messages that cannot
reach their final destination server. Reasons that messages may not be able to
reach their destinations include the following:
o A connector is down
Messages Queued for Deferred Delivery Contains messages that are queued
for later delivery. Reasons that messages will be placed in this queue include the
following:
ILO makes it possible to perform activities on a HP server from a remote location. The iLO card has a
separate network connection (and its own IP address) to which one can connect via HTTPS. Possible
options are:
reset the server (in case the server doesn't respond anymore via the normal network card)
power-up the server (possible to do this from a remote location, even if the server is shut down)
take over the screen
mount remote physical CD/DVD drive or image.
access the server's IML (Integrated Management Log)
remote console (in some cases however an 'Advanced license' maybe required for some of the utilities
to work)
Hardware Models
DL 380 Rack mountable servers
Dell Power Edge 2850, 2950
While installation of os
Putting that server cd given by hp or dell
We can configure raid
Or go to the bios we can do that
Array configuration: To create or implement to RAID Controller concepts we need to configure array.
Version - 5i
Hp or Dell Management:
If you talk about HP Management tool through this tool we can find out the problems like HDD, there like
port0 by 1 ….we can take down the error number log call to Vendor, then Vendor will come to our site
resolve the problem.
Customers using SMS will appreciate the obvious integration of the HP server software catalog within
the SMS management structure. The Inventory tool supports all SMS features, including server
inventory with adjustable scope, such as filtering by server model or Windows version. It allows remote
scanning of HP server software configurations and reporting of the results via standard template
reports. The tool also enables management and distribution of complete Support Packs or individual
components (drivers, ROM, and software agents) to defined collections of servers. All data is
presented through the SMS interface
What ‘s New :
The SMS Inventory Tool for HP ProLiant and Integrity Servers Updates has been updated. The version
1.3 release provides support for Collect Utility to the newer PSP's and ISP's
• ProLiant Support Packs (PSP) represent operating system (OS) specific bundles of ProLiant
optimized drivers, utilities, and management agents
• Integrity Support Packs (PSP) represent operating system (OS) specific bundles of Integrity
optimized drivers, utilities, and management agents
The SMS Inventory Tool for HP ProLiant and Integrity Update enhances previous SMS integration
tools provided by HP. The Inventory tool adds the following features:
Management
Usability
• Simplified distribution of ProLiant and Integrity support packs directly from HP.com through
the SMS user interface
• Complete installation documentation and an interactive Troubleshooting Assistant to allow
simple resolution of common installation and configuration questions
• Supports ProLiant Support Pack 7.6 and Integrity Support Pack 4.6 and later for Windows
Server 2003. PSP 7.2 supported for Windows Server 2000
• " Supports ProLiant Support Pack 7.9 and Integrity Support Pack 5.2 and later for Windows
Server 2003
Overview
All Smart Array products share a common set of configuration, management and diagnostic tools,
including Array Configuration Utility (ACU), Array Diagnostic Utility (ADU), and Systems Insight
Manager. This software consistency of tools reduces the cost of training for each successive
generation of product and takes much of the guesswork out of troubleshooting field problems. These
tools lower the total cost of ownership by reducing training and technical expertise necessary to install
and maintain HP server storage.
Dell OpenManage™ Server Administrator Storage Management provides enhanced features for
configuring a system's locally-attached RAID and non-RAID disk storage. Storage Management
enables you to perform controller and enclosure functions for all supported RAID and non-
RAID controllers and enclosures from a single graphical or command-line interface without
requiring use of the controller BIOS utilities. The graphical interface is wizard-driven with
features for novice and advanced users and detailed online help. The command-line interface
is fully-featured and scriptable. Using Storage Management, you can protect your data by
configuring data-redundancy, assigning hot spares, or rebuilding failed physical disks. You can
also perform data-destructive tasks. All users of Storage Management should be familiar with
their storage environment and storage management.
Storage Management supports SCSI, SATA, ATA, and SAS but not fibre channel.
NOTE: Starting with Dell OpenManage 5.0, Array Manager is no longer an installable
option. If you have an Array Manager installation and need information on how to migrate
from Array Manager to Storage Management, refer to the product documentation prior to
Storage Management 2.1 or Dell OpenManage 5.1.
The advantages of our interoperable management solutions derive from Dell's commitment to:
• Open manageability —Dell's instrumented clients, servers, storage, printers and network platforms
interface seamlessly with most standards-based management tools and consoles. Dell systems
management solutions and platforms provide the pro-active management information and control
functions you need to optimize deployment, health status monitoring, fault recovery, change
management and more.
• Industry standards —Dell champions open standards within the industry because they are the
foundation for management systems that can deploy, monitor and upgrade heterogeneous
computing environments. Standards also give you greater choice in the selection of your systems
management solution, providing more flexibility to better meet your specific requirements.
• Strong partnerships —Dell partners with industry-leading companies to deliver integrated, "best-
in-class" technologies, services and standardized components to provide customers with cost-
effective broad-based systems management functionality.
RAID?
While installation of os
Putting that server cd given by hp or dell
We can configure raid
Or go to the bios we can do that
RAID (Redundant Array of Independent Disks) is a technology for managing how data is
stored on the physical disks that reside in your system or are attached to it. A key aspect of
RAID is the ability to span physical disks so that the combined storage capacity of multiple
physical disks can be treated as a single, extended chunk of disk space. Another key aspect of
RAID is the ability to maintain redundant data which can be used to restore data in the event
of a disk failure. RAID uses different techniques, such as striping, mirroring, and parity, to
store and reconstruct data. There are different RAID levels that use different methods for
storing and reconstructing data. The RAID levels have different characteristics in terms of
read/write performance, data protection, and storage capacity. Not all RAID levels maintain
redundant data, which means for some RAID levels lost data cannot be restored. Which RAID
level you choose depends on whether your priority is performance, protection, or storage
capacity.
NOTE: The RAID Advisory Board (RAB) defines the specifications used to implement RAID.
Although the RAID Advisory Board (RAB) defines the RAID levels, commercial
implementation of RAID levels by different vendors may vary from the actual RAID
specifications. An implementation used by a particular vendor may affect the read and
write performance and the degree of data redundancy.
RAID Concepts
RAID uses particular techniques for writing data to disks. These techniques enable RAID to
provide data redundancy or better performance. These techniques include:
• Mirroring (RAID 1)— Duplicating data from one physical disk to another physical
disk. Mirroring provides data redundancy by maintaining two copies of the same data
on different physical disks. If one of the disks in the mirror fails, the system can
continue to operate using the unaffected disk. Both sides of the mirror contain the
same data at all times. Either side of the mirror can act as the operational side. A
mirrored RAID disk group is comparable in performance to a RAID 5 disk group in read
operations but faster in write operations.
• Striping (RAID 10) — Disk striping writes data across all physical disks in a virtual
disk. Each stripe consists of consecutive virtual disk data addresses that are mapped
in fixed-size units to each physical disk in the virtual disk using a sequential pattern.
For example, if the virtual disk includes five physical disks, the stripe writes data to
physical disks one through five without repeating any of the physical disks. The
amount of space consumed by a stripe is the same on each physical disk. The portion
of a stripe that resides on a physical disk is a stripe element. Striping by itself does
not provide data redundancy. Striping in combination with parity does provide data
redundancy.
• Stripe size — The total disk space consumed by a stripe not including a parity disk.
For example, consider a stripe that contains 64KB of disk space and has 16KB of data
residing on each disk in the stripe. In this case, the stripe size is 64KB and the stripe
element size is 16KB.
• Stripe element — A stripe element is the portion of a stripe that resides on a single
physical disk.
• Stripe element size — The amount of disk space consumed by a stripe element. For
example, consider a stripe that contains 64KB of disk space and has 16KB of data
residing on each disk in the stripe. In this case, the stripe element size is 16KB and
the stripe size is 64KB.
• Span — A span is a RAID technique used to combine storage space from groups of
physical disks into a RAID 10 or 50 virtual disk.
RAID Levels
Each RAID level uses some combination of mirroring, striping, and parity to provide data
redundancy or improved read and write performance. For specific information on each RAID
level, see "Choosing RAID Levels and Concatenation."
RAID provides different methods or RAID levels for organizing the disk storage. Some RAID
levels maintain redundant data so that you can restore data after a disk failure. Different RAID
levels may also entail an increase or decrease in the system's I/O (read and write)
performance.
Maintaining redundant data requires the use of additional physical disks. As more disks
become involved, the likelihood of a disk failure increases. Because of the differences in I/O
performance and redundancy, one RAID level may be more appropriate than another based on
the applications in the operating environment and the nature of the data being stored.
When choosing concatenation or a RAID level, the following performance and cost
considerations apply:
• Cost efficiency. Maintaining the redundant data or parity information associated with
RAID volumes requires additional disk space. In situations where the data is
temporary, easily reproduced, or non-essential, the increased cost of data redundancy
may not be justified.
• Mean Time Between Failure (MBTF). Using additional disks to maintain data
redundancy also increases the chance of disk failure at any given moment. Although
this cannot be avoided in situations where redundant data is a requirement, it does
have implications for the workload of your organization's system support staff.
You can use RAID or concatenation to control data storage on multiple disks. Each RAID level
or concatenation has different performance and data protection characteristics.
The following sections provide specific information on how each RAID level or concatenation
store data as well as their performance and protection characteristics.
• "Concatenation"
RAID
RAID - or Redundant Array of Independent Disks - comes in different flavours from RAID 0 and RAID
1 to combination of those two, and going up to RAID 5 and RAID 10.
RAID 1, also called mirroring, is setting up the two disks such that the second one mirrors the first
providing you an up to the minute backup if something ever goes wrong with the first disk. Should the
first hard disk fail you simply remove it, put the second disk in it's place and carry on where you left
off.
RAID 0 + 1
You could have a combination of RAID 0 and RAID 1 to provide both the speed and the security. You
will, of course, need several hard disks for this.
RAID 1.5
A new concept but the jury is still out on this one. It may give you slightly higher read speeds but write
speeds don't benefit.
What you need to setup RAID 0 or RAID 1
you need to have a motherboard that has a RAID controller on it. If the motherboard does not have a
RAID controller you will need to add a PCI RAID controller card. Check that the RAID facility it offers
covers the type of hard disk you want to use (IDE/SATA/SCSI).
While it is not mandatory to have identical hard disks it is very highly recommended not just that you
have similar sized disks but also exactly the same make and model.
Tips:
RAID 0 + 1 will give you the best of both worlds.
You do not need to have your operating system on the RAID drives.
RAID-0. Has striping but no redundancy of data. Offers the best performance but no fault-tolerance.
RAID-1. Also known as disk mirroring and consists of at least two drives that duplicate the storage of
data.
RAID 5.
Description: One of the most popular RAID levels, RAID 5 stripes both data and parity
information across three or more drives. It is similar to RAID 4 except that it exchanges
the dedicated parity drive for a distributed parity algorithm, writing data and parity blocks
across all the drives in the array. This removes the "bottleneck" that the dedicated parity
drive represents, improving write performance slightly and allowing somewhat better
parallelism in a multiple-transaction environment, though the overhead necessary in
dealing with the parity continues to bog down writes. Fault tolerance is maintained by
ensuring that the parity information for any given block of data is placed on a drive
separate from those used to store the data itself. The performance of a RAID 5 array can
be "adjusted" by trying different stripe sizes until one is found that is well-matched to the
application being used.
If there is set of 30 hard disk configured for raid 5 if two hard disk failed
what about data
Because of parity, information all data are available in case one of the disks fails. If
extra (spare) disks are available, then reconstruction will begin immediately after the
device failure. However if two hard disks fail at same time, all data are LOST. In short
RAID 5 can survive one disk failure, but not two or more.
In Raid 5, suppose I have 5 HDD of 10-10 GB, after configuring the Raid
how much space does I have for utilized.
-1 out of the total (eg- if u r using 5 u will get only 4 because 1 goes for parity).
Clustering
A server cluster is a group of independent servers running Windows Server 2003, Enterprise Edition,
or Windows Server 2003, Datacenter Edition, and working together as a single system to provide high
availability of services for clients. When a failure occurs on one computer in a cluster, resources are
redirected and the workload is redistributed to another computer in the cluster. You can use server
clusters to ensure that users have constant access to important server-based resources.
Typical uses for server clusters include file servers, print servers, database servers, and messaging
servers.
Introduction to Server Clusters
A cluster consists of two or more computers working together to provide a higher level of availability,
reliability, and scalability than can be obtained by using a single computer.
• Application and service failures, which affect application software and essential services.
• System and hardware failures, which affect hardware components such as CPUs, drives, memory,
network adapters, and power supplies.
• Site failures in multisite organizations, which can be caused by natural disasters, power outages,
or connectivity outages.
Cluster.exe can target server cluster nodes that are running Windows Server 2003, Enterprise Edition,
Windows Server 2003, Datacenter Edition, Windows 2000 Advanced Server, Windows 2000
Datacenter Server, and Windows NT Server 4.0, Enterprise Edition.
•
Cluster.exe is the command-line interface for server clusters. Cluster.exe provides all the functionality
of Cluster Administrator, the graphical user interface (GUI), plus several additional functions:
VM Ware
VM ware is a application software, we will install the VM Ware software into one Server and we can
create the servers.
This software layer creates virtual machines and contains a virtual machine monitor or “hypervisor” that
allocates hardware resources dynamically and transparently so that multiple operating systems can run
concurrently on a single physical computer without even knowing it.
Citrix
Client-side application virtualization reduces the cost of testing, installing and supporting applications.
Together with application isolation technology,
With server-side application virtualization, the server acts as the client. Applications are streamed to a
protected isolation environment on the server as opposed to the local device. This has many of the
same benefits of client-side virtualization and also helps reduce application silos and greatly improves
management of Presentation Server farms.
Key Benefits
Client side
Client-Side Application Virtualization enables applications to be delivered to client devices and run in a
protected, virtual environment. Applications are managed in a centralized Application Hub, but are
streamed to the user's machine and run in an isolation environment. Applications become an on-
demand service that is always available and up to date. Caching technology makes the application
available even when not connected to the network.
· Record – Applications are packaged using the Profiler, which determines the components and the
system resources the application requires and then defines a set of rules for running the application in
isolation on the endpoint device. The resulting package is a standard cabinet (.CAB) file that is
transparent and is easy to work with and debug.
· Download – The application package is published to a regular network file share, just like with
Presentation Server. No proprietary tools or storage systems are required. Authorized users can start
streaming the application simply by clicking on their desktop icon. The application is cached locally, but
it is not installed. It runs in isolation, without interfering with other applications on the same device.
• Play – Applications behave just like they were installed locally, but without any of the
problems of installation. Files are saved locally and individual settings are preserved. Every
time the application is run, it checks for errors or updates and delivers them automatically. The
application is managed centrally, but can be used when it is disconnected from the network.
• The only solution that automatically changes your password every 60 seconds
MS Resource Kit
Tool Description
MoveTree Move objects from one domain to another.
SIDWalker Set the access control lists on objects previously owned by accounts that were
moved, orphaned, or deleted.
LDP Allows LDAP operations to be performed against Active Directory. This tool has a
graphical user interface.
DNSCMD Check dynamic registration of DNS resource records, including Secure DNS update,
as well as deregistration of resource records.
DSACLS View or modify the access control lists of directory objects.
NETDOM Batch management of trusts, joining computers to domains, verifying trusts and
secure channels.
NETDIAG Check end-to-end network and distributed services functions.
NLTest Check that the locator and secure channel are functioning.
REPAdmin Check replication consistency between replication partners, monitor replication
status, display replication metadata, force replication events and knowledge
consistency checker (KCC) recalculation.
REPLMon Display replication topology, monitor replication status (including group policies),
force replication events and knowledge consistency checker recalculation. This tool
has a graphical user interface.
DSAStat Compare directory information on domain controllers and detect differences.
ADSIEdit A Microsoft Management Console (MMC) snap-in used to view all objects in the
directory (including schema and configuration information), modify objects and set
access control lists on objects.
SDCheck Check access control list propagation and replication for specified objects in the
directory. This tool enables an administrator to determine if access control lists are
being inherited correctly and if access control list changes are being replicated from
one domain controller to another.
ACLDiag Determine whether a user has been granted or denied access to a directory object. It
can also be used to reset access control lists to their default state.
DFSCheck Command-line utility for managing all aspects of Distributed File System (Dfs),
checking the configuration concurrency of Dfs servers, and displaying the Dfs
topology.
MOM
PsKill:
Windows NT/2000 does not come with a command-line 'kill' utility. You can get one in the
Windows NT or Win2K Resource Kit, but the kit's utility can only terminate processes on the
local computer. PsKill is a kill utility that not only does what the Resource Kit's version does, but
can also kill processes on remote systems. You don't even have to install a client on the target
computer to use PsKill to terminate a remote process.
SMS
Systems Management Server (SMS) 2003 with Service Pack 1 (SP1) provides a comprehensive
solution for change and configuration management for the Microsoft platform, enabling
organizations to provide relevant software and updates to users quickly and cost-effectively. SMS
2003 SP1 provides the following key capabilities:
Application Deployment
Deliver critical business productivity applications reliably and easily to users in the right place at
the right time.
Asset Management
Reduce software costs and stay compliant by understanding the installed application base and its
usage.
Security Patch Management
Improve security of the Microsoft Windows environment through increased vulnerability
awareness and reliable targeted delivery of updates.
Mobility
Deliver enterprise management to the growing mobile workforce through industry standards
independent of connection or location.
Windows Management Services Integration
Reduce operational costs by fully utilizing the management capabilities built into the Windows
platform.
Integrating Operations and Technology
Microsoft Solutions for Management Solution Accelerators provide a blueprint for addressing
key management issues by combining people, processes, and technology to help solve specific
customer scenarios. Solution Accelerators are lab-tested, customer-approved Microsoft best
practices that are intended to be used by Microsoft Consulting Services or Microsoft partners to
help customers achieve optimal solutions.
Improvements in these areas enable enterprises to effectively manage software, from devices to
data centers, on the Windows Server System platform. For more information, read the product
overview datasheet.
SMS 2003 SP1 is primarily a rollup of a number of hotfixes for SMS 2003, but also introduces
some changes to the supported configurations and broadens the configurations allowed.
Features at a Glance
Capability Description
Application
deployment
• Detailed application deployment planning. Detailed reports available in
SMS 2003 ease the application deployment process. For a planned
deployment, it is easy to obtain the target group's current hardware base,
existing applications, and version information, as well as the current
service pack and hotfix levels of the system.
Asset
management
• Application usage monitoring. Summary and detail reports can be
generated specifying which applications were used by users, how long they
were used, and on which managed systems they were used. Usage can be
tracked by user or computer, and reports can be created comparing
concurrent usage data to current license ownership (compliance reports).
Security patch
management
• Vulnerability identification. Standard Microsoft security tools like the
Microsoft Baseline Security Inventory Analyzer and the Microsoft Office
Inventory Tool for Updates enable you to inventory your systems for
applicable patches and vulnerabilities.
Mobility
• Bandwidth-aware clients. The new Advanced Client uses the Background
Intelligent Transfer Service (BITS) technology to automatically detect the
capacity of the client network connection and adjust transfer rates
efficiently.
Windows
Management
• Active Directory discovery. SMS 2003 can automatically discover the
Active Directory properties of both users and systems, including
Services organizational unit container and group level membership. Software
integration packages can then be targeted based on these Active Directory attributes.
have a customized Citrix 8 client installation in the form of a .msi. How can I use SMS 2.0 SP2 to
distribute this? You can distribute any Windows Installer (.msi) application using SMS. SMS's
software distribution feature basically does what you tell it to do. You'll first want to identify any
distribution options (i.e., command line options) for the .msi you have created and create the SMS
package using those options.
Scripting
Responsabilities1:
Responsabilities2:
• Experience on windows 2003 and windows 2000 Active Directory Support and
Implementation.
• Disaster Recovery Plan for Active Directory servers.
I have only considerable knowledge on Exchange mail box creation and mailbox
deletions and taking care of mail box movements.
In backup I am taking 5 day differential and 2 day full backup. From Sunday to Thursday
differential and Friday and Saturday full backup.
Recently we had faced an issue with our Hyderabad mail server, the mail box store has
gone down. We made it up with in an hour. We are using McAfee anti virus group shield
in the exchange server and it has deleted the recently created log file due to that the
mailbox store has gone down. We have restored it from the backup.
Dail tone recovery
Maintains hyd, chenn replication of servers, and maintain the Data Centre
Taking the backup, restoration (Daily (Incremental) and Full Backup (weekly))
Server Configurations
HP DL 380’s
Total 5 HDD's
2 for mirror
3 for raid
dhcp.mdb
DNS
dns.back
One backup server in Chennai and one more backup server in Hyderabad
Checking the Replication traffic between the Chennai and Hyderabad, and the replication
topology between sites.
ITIL
Every week we have systems and networking meetings. In systems meeting we need
to discuss what are the changes we are going to implement how much its use for
organization. If you want to do any change you have to raise a change request
through the change gear software, then you can send it to your manager for
approval. I am going to do like patch management, please approve, once we get the
approval from the manger. Then you can go ahead
Suppose if you want to restart the server for that also we need to raise request in
change gear. I have to give the explanation like I have installed the patches so its
required restart to update the all the patches please approve it. Once we get the
approval from the manager. We will restart the server.
Service Desk
This function is the single point of contact between users and IT Service
Management.
Main article: Service Desk (ITSM)
Tasks include handling incidents and requests, and providing an interface for other
ITSM processes.
• Single Point of Contact (SPOC) and not necessarily the First Point of Contact
(FPOC)
• There is a single point of entry and exit
• Easier for Customers
• Data Integrity
• Communication channel is streamlined
Service Desk
1. Incident management
2. Problem management
3. Change management
4. Configuration management
5. Release management
Incident management
Problem Management
The goal of 'Problem Management' is to resolve the root cause of incidents and thus
to minimize the adverse impact of incidents and problems on business that are
caused by errors within the IT infrastructure, and to prevent recurrence of incidents
related to these errors. A `problem' is an unknown underlying cause of one or more
incidents, and a `known error' is a problem that is successfully diagnosed and for
which a work-around has been identified. The CCTA defines problems and known
errors as follows:
A problem is a condition often identified as a result of multiple Incidents that
exhibit common symptoms. Problems can also be identified from a single
significant Incident, indicative of a single error, for which the cause is
unknown, but for which the impact is significant.
A known error is a condition identified by successful diagnosis of the root
cause of a problem, and the subsequent development of a Work-around.
Change management
Release Management
The focus of release management is the protection of the live environment and its
services through the use of formal procedures and checks.
By words:
ITIL:
Incident: automatically triggered by the server itself. Like MOM I mean alerts
Backup:
Policy: 5 day differential (sun – thu) 2 day full backup (Friday – Sat)
5 tapes we are keeping into fire proof. Another two tapes. One goes to HDFC bank
and other send it to other site. Total 7 takes will come out in a week
In tape library 32 tapes are there…..every day 1st tape, 31st is storage drive, one is
IO (IO Box),
After finishing the backup we have to remove from the tape library. We have to keep
it into fire proof.
Differential tapes in 3 months. Full backup is 6 months….and year end and month
end backups are going to keep preeminently. And year end last backup also
Through that card only we are connecting the backup tape library to the server.
We have only single head tape library, so we can only write single tape at once.
Array Configuration: to create or implement a RAID control concept. We need to
configure array configuration.
Through this only array will recognize and we will configure RAID
Array version - 5i
Citrix:
with the help of the RSA FOB virtually, they are connecting to the client network.
They are authenticating to the web page to the citrix server. Login to the remote
sessions
the major advantage is we can take the multiple session at the single time.
SMS:
They are extracting the batch files. It applies during user logins.
Final
PowerEdgeTM R900
4-Socket, Quad-Core 4U Rack Server
PowerEdgeTM 6950
4-Socket, Dual-Core 4U Rack Server
HP BLc3000 Enclosure 2 AC Power Supplies 4 Fan Full ICE License
IBM
IBM System Storage™ DS4800 processed 4,016,222 transactions per minute (tpmC) with a
price/performance of $2.98/tpmC [1], versus the HP Integrity Superdome's performance of
1,231,433 tpmC at $4.82/tpmC [1]
IBM System x3850 M2 takes performance, efficiency and reliability to the next level. Featuring
an unmatched combination of x86 performance and scalability with a balanced design, the
x3850 M2 delivers unrivaled reliability, providing confidence in your IT solution deployments.
An easy upgrade path provides the necessary flexibility to deliver an optimized solution for scale-
up database, enterprise applications and server consolidation through virtualization services.
2. Remote management cards in Dell(Rack and D-Rack), Hp(ILO)
and IBM(RSA)
HP: ILO makes it possible to perform activities on a HP server from a remote location. The iLO
card has a separate network connection (and its own IP address) to which one can connect via
HTTPS. Possible options are:
reset the server (in case the server doesn't respond anymore via the normal network card)
power-up the server (possible to do this from a remote location, even if the server is shut down)
take over the screen
mount remote physical CD/DVD drive or image.
access the server's IML (Integrated Management Log)
remote console (in some cases however an 'Advanced license' maybe required for some of the
utilities to work)
Dell:
Dell DRAC:
The DellTM Remote Assistant Card II (DRAC II) and Dell Remote Access Card III (DRAC III)
provide IT administrators with continuous access to servers. Administrators also achieve full
control of the server hardware and operating system from any client system running a Web
browser, even if the server is down or hung.
The Dell remote-access architecture consists of hardware and software components that allow
administrators to do the following:
• Access a server after a server failure, power outage, or loss of a network connection
(using a network interface card (NIC) or modem)
• Remotely view a server's internal event logs and power-on self test (POST) codes for
diagnostic purposes
• Manage servers in multiple locations from a remote console
• Manage servers by redirecting the console output to a remote console (graphic and text)
• Perform an orderly shutdown of a server for maintenance tasks
• Diagnose a server failure and restart the server
• Alert the administrator using alphanumeric page, numeric page, e-mail, or Simple
Network Management Protocol (SNMP) trap when a server detects an error
IBM RSA
However it is IBM's Remote Supervisor Adapter (and the popular RSA II) that represents the next
generation of comprehensive server management. The IBM RSA II is a PCI card service processor
and it is standard in some servers and an option in others. It manages the BMC located on the
server motherboard, and augments the BMC capability so you can perform systems management
functions whether your server is operational or not.
As shown in the table below, the RSA II provides an extensive range of remote server management
features. The Virtual KVM feature for example provides full graphic console redirection. You can use
a local desktop to access and control a remote server, run applications and receive system alerts in
whatever form you choose. So no longer is there a need for any external KVMoIP appliances at the
remote site.
Another model is the RSA SlimLine which is an internal card that includes the BMC and uses a
dedicated Ethernet connector on the server for communication. The BladeCenter’s management
module also uses a modified version of the RSA with an integrated KVM switch to provide access to
individual server blades.
3. management Tools
IBM Director
IBM's service processors can accessed with the IM/IMG then managed using IBM Director, an
integrated suite of system management tools that enables administrators to locally or remotely
track the usage and performance of their server's processors, disks, and memory. IBM Director
extends the basic RSA II software by providing a central platform for monitoring and managing
all the IBM hardware resources. And the IBM + Opengear service management can be extended
even further as Director also will seamlessly integrate with higher-level systems management
offerings such as Tivoli, HP OpenView, Microsoft SMS and MOM, CA Unicenter, BMC and
Altiris.
Dell OSMA:
Dell OpenManage™ Server Administrator Storage Management provides enhanced features for
configuring a system's locally-attached RAID and non-RAID disk storage. Storage Management
enables you to perform controller and enclosure functions for all supported RAID and non-
RAID controllers and enclosures from a single graphical or command-line interface without
requiring use of the controller BIOS utilities. The graphical interface is wizard-driven with
features for novice and advanced users and detailed online help. The command-line interface
is fully-featured and scriptable. Using Storage Management, you can protect your data by
configuring data-redundancy, assigning hot spares, or rebuilding failed physical disks. You can
also perform data-destructive tasks. All users of Storage Management should be familiar with
their storage environment and storage management.
Storage Management supports SCSI, SATA, ATA, and SAS but not fibre channel.
NOTE: Starting with Dell OpenManage 5.0, Array Manager is no longer an installable
option. If you have an Array Manager installation and need information on how to migrate
from Array Manager to Storage Management, refer to the product documentation prior to
Storage Management 2.1 or Dell OpenManage 5.1.
The advantages of our interoperable management solutions derive from Dell's commitment to:
• Open manageability —Dell's instrumented clients, servers, storage, printers and network platforms
interface seamlessly with most standards-based management tools and consoles. Dell systems
management solutions and platforms provide the pro-active management information and control
functions you need to optimize deployment, health status monitoring, fault recovery, change
management and more.
• Industry standards —Dell champions open standards within the industry because they are the
foundation for management systems that can deploy, monitor and upgrade heterogeneous
computing environments. Standards also give you greater choice in the selection of your systems
management solution, providing more flexibility to better meet your specific requirements.
• Strong partnerships —Dell partners with industry-leading companies to deliver integrated, "best-
in-class" technologies, services and standardized components to provide customers with cost-
effective broad-based systems management functionality.
HP- HP Integrated.
4. Array controller Models
Array 6i HP:
Designed as an integrated component on the system board on select ProLiant DL and BL servers, the Smart Array 6i
controller and 128MB BBWC Enabler bundle provide increased performance and worry-free transportable battery back
write cache data protection for all server internal storage needs, without consuming a PCI slot.
Models
Smart Array 6i Smart Array 6i Controller N
Controller
Battery Backed Write 128MB Battery Backed Write Cache Enabler Option Kit 346914-B
Cache Enabler
Target Environments
The Smart Array 6i Controller offers superior investment protection to the following environments:
Non-RAID Current storage operations where, until now, there has not been a perceived need for data
protection, security, or performance gains.
Software RAID Current storage operations using software RAID where growing data storage requirements
demand the robustness, efficiency, and performance increases available with entry-level
hardware RAID.
Dell – 4DC
Array controls on HP( Array 6i), Dell (4DC) and IBM (ACU)
ACU: Array Configuration Utility (ACU) is a DOS-based application for Configuring and
managing arrays. ACU provides a means to reate /delete Arrays, manage spares, and initialize the
drives attached to the controller. It can also manage multiple controllers, if present in the System,
but only one controller at a time.
SAN
A SAN is a dedicated network that is separate from LANs and WANs. It is generally used to
connect all the storage resources connected to various servers. It consists of a collection of SAN
Hardware and SAN software; the hardware typically has high inter-connection rates between the
various storage devices and the software manages monitors and configures the SAN.
SANs originated to overcome the problems with network attached storage (NAS) devices, which
- like ordinary servers - are difficult to manage and difficult to expand the capacity on. NAS
devices also add to the traffic on the network and suffer from the delays introduced by the
operating systems' network stacks.
A SAN is made up of a number of fabric switches connected in a network. The most common
form of SAN uses the Fibre Channel fabric protocol (with Fibre Channel switches). Alternatively
ISCSI could be used with IP switches.
The Cisco MDS 9124 Express for System Storage is designed to address the needs of small- and
medium-sized businesses with a wide range of SAN capabilities. It can be used as part of SAN
solutions from simple single-switch configurations to larger multi-switch configurations in
support of fabric connectivity and advanced business continuity capabilities.
Using a LDAP query retrieve the information. Based on your requirement you will edit it.
Prerequisites
I recommend that you logon at a Windows Server 2003 domain controller. If you
are a long way from the server, Remote Desktop would be a suitable alternative. If
that is not possible, you could get these scripts to work from an XP machine as a
non-administrator. However, why introduce extra complications? Especially at the
beginning, you want easy success, with fewest obstacles.
WScript.Quit
Note 1: The first 10 lines explain the purpose of the script and declare the
variables.
Note 2: The simple, but clever command, which allows the script to work with any
domain is: GetObject("LDAP://rootDSE"). Crucial, this statement binds WSH /
VBScript to Active directory. The next line puts the focus on the Users container, as
that is where the user will be born. Incidentally, the correct syntax is cn=users,
whereas OUs that you create need the OU= prefix, for example OU=Accounts,.
Note 3: sAMAccountName controls the logon name, this is the name that users
should enter in the dialog box after they press the Ctrl Alt Delete, logon sequence.
Note 4: .Create is a method to build an object. See how we use "User" not
"Computer" or "OU".
Note 5: When creating or modifying users, invariably you need .put and .SetInfo.
The .put method is the equivalent of selecting a box in Active Directory Uses and
Computers, in this example sAMAccountName sets the correct property and .put
unloads the value set by strUser. .SetInfo is the VBScript equivalent of pressing the
OK button in the GUI. In both cases it represents the final act of creating or
modifying the User object.
Note 6: This script represents 'work in progress'. For a real production script you
would need to enable the account, and most likely, add several other properties, for
example givenName. My desire is to get you started. Build the script in stages,
understand each component, then add another section.
Prerequisites
Create a new OU. I called my OU Accounts, what name will your choose?
' UserOU.vbs
' Sample VBScript to create a User in a named OU.
' Author Guy Thomas http://Userperformance.co.uk/
' Version 2.4 - September 2005
' ------------------------------------------------------'
Option Explicit
Dim objRootLDAP, objContainer, objUser, objShell
Dim strUser, strName, strContainer
strUser = "BookKeeper21"
strName = "Bookie"
strContainer = "OU=Accounts ," ' Note the comma
WScript.Quit
Note 1: The key difference between the two scripts is: strContainer =
"OU=Accounts ,". Trace how VBScript applies this variable to set the Organizational
Unit.
Note 2: This command looks easy to script: GetObject("LDAP://" & strContainer &
_. However it took me ages to get the speech marks and ampersands (&) just right.
Note 3: objShell.run. This optional section is just me having a little fun. What this
section does is open the Active Directory Users and Users MMC ready for you to
inspect the new User account. My other reason for adding this code is show that the
script has executed successfully, otherwise I just sit and wonder if it has finished yet.
Note 4: I suggested in Example 1 that you could add other attributes, trace how I
added givenName through strName. To see what I mean, I suggest that you alter
the value from "Bookie" to a more realistic name.
Cluster is a group of computers, called nodes that function as a single computer/system to provide
high availability and high fault tolerance for applications or services. Windows 2003 Servers can
participate in a cluster configuration through the use of Cluster Services. If one member of the
cluster (the node) is unavailable, the other computers carry the load so that applications or
services are always (with a small interruption) available.
All nodes of the cluster use a Shared Disk – an external disk or disk subsystem which is
accessible for all nodes through SCSI (2 Nodes) or Fiber Channel (more than 2 nodes). All data
will be stored on the shared disk or an external disk subsystem (for example Exchange
databases).
Every node has a local Exchange 2003 installation with a unique configuration for every cluster
node. Each Cluster with Exchange 2003 has at a minimum one Exchange Virtual Server (EVS).
An EVS is the logical node that will be used for all cluster operations. An EVS contains an IP
address, network name, physical disk and an application.
A cluster can be …
• Active/Active or
• Active/Passive
Microsoft recommends only Active/Passive clusters – I will give you the reason later.
The number of cluster nodes supported by Windows 2003 Enterprise and Datacenter is 8 nodes.
Windows Server 2003 Standard and Web Editon doesn’t support a Cluster.
In an Active/Passive cluster - If one node in the cluster fails, the active cluster failover to another
node which becomes Active. This is called Failover. If the failed node is back online, a Failback
can be manually initiated or automatically configured in the Cluster Group properties.
Every cluster node must have two network interfaces. One network interface for the cluster
communication called the private LAN and one network interface called the public LAN. You
can link a cluster with two nodes with a simple cross link cable. If more than two nodes exist in
the cluster you have to use a dedicated switch / hub.
The private NIC is used for the Heartbeat communication (Cluster communication). A Heartbeat
is much like a ping which can be used to test if the other cluster node is still available. If the
heartbeat fails, the Failover process occurs
NTFS architecture is structured to enable file attribute indexing on a disk volume. This
functionality enables the file system to efficiently locate files that match certain criteria so that
sorting and searching processes function faster. However, you should not place any input/output
(I/O) intensive programs on your quorum drive. Heavy input/output traffic from another source
could interfere with the cluster's ability to write to the disk, which may cause the quorum resource
to fail. If the quorum resource fails, the entire cluster may fail as well.
It is recommended that you configure the quorum disk size to be 500 MB; this size is the
minimum required for an efficient NTFS partition. Larger disk sizes are allowable but are not
currently needed. It is also recommended that you configure some form of fault tolerance at the
hardware level to be used for the quorum drive, such as hardware mirroring or hardware RAID. If
the quorum drive is lost, the cluster may not be available.
The quorum resource plays a crucial role in the operation of the cluster. In every cluster, a single
resource is designated as the quorum resource. A quorum resource can be any resource with the
following functionality:
• It offers a means of persistent arbitration. Persistent arbitration means that the quorum resource
must allow a single node to gain physical control of the node and defend its control. For
example, Small Computer System Interface (SCSI) disks can use Reserve and Release
commands for persistent arbitration.
• It provides physical storage that can be accessed by any node in the cluster. The quorum
resource stores data that is critical to recovery after there is a communication failure between
cluster nodes.
Windows 2003 introduces a new quorum resource type called Majority Node Set (MNS). MNS is
tailored for geographically dispersed clusters.
How to restore the cluster quorum to a Windows 2000 or Windows 2003 node running
Active Directory
Details:
To restore the quorum to a node that is a domain controller and is running Active Directory, the
node must be in Directory Services Restore Mode. Cluster services cannot be running in this
mode, so the cluster quorum must be restored separately, after System State is restored and the
node has been rebooted. The following steps will allow for restoration of System State, and
include steps to recover the cluster quorum as well.
Note: The steps outlined below will work for clusters whether using VERITAS Backup Exec (tm)
8.6 or 9.0 4454, however, only Backup Exec 9.0 4454 (and later) is capable of fully protecting
Windows 2003 servers.
To restore the cluster quorum to a node running Active Directory:
Note: If possible, take the other nodes in the cluster offline before restoring the cluster quorum. If
the nodes cannot be taken offline, you should use the -f option with the clrest.exe command,
explained in step 8.
1. To restore System State, start the computer in safe (repair) mode (restart the computer and then
press <F8> when prompted to select an operating system), and then select Directory Services
Restore Mode. If this is a local restore, you must also start the Backup Exec services before you
restore System State data.
5. Clear the Restore cluster quorum option. This option must not be selected.
6. Start the restore operation. During the restore, the cluster quorum files are copied to the default
location %SystemRoot%\cluster\BackupExec.
8. After the reboot is complete, run clrest.exe from the command line to restore the cluster
quorum from the default location to the quorum disk: clrest <path> where path is the complete
path to the cluster quorum. Typically, the pathname is %SystemRoot%\cluster\BackupExec
(for Windows 2000) and \windows\repair\bootablesystemstate\clusterdatabase (for Windows
2003). A path is required for the clrest command.
Note: Make sure to select in Folder Options to Show Hidden Files if attempting to view the
quorum files.
Clrest is located in the {drive letter}:\Program Files\Veritas\Backup Exec\NT directory in 9.0
by default.
You can include other options on the command line to force the restore to proceed even if other
cluster nodes are online, and/or if the disk signatures do not match and to specify another disk as
the quorum disk: clrest path [-f] {drive letter]where [-f] forces the restore to proceed even if other
cluster nodes are online and/or the disk signatures do not match.
When this option is selected, the cluster service for any nodes that are online is stopped. This
option also allows the drive letter of the disk that the cluster quorum was on, to remain the same,
even if the configuration has changed and the disk signatures contained in the restore media do
not match the disk signatures contained in the cluster quorum.
[drive letter] specifies another drive letter for the quorum disk. If you use this option, the drive
letter on which the cluster quorum resides will be changed to the same drive letter as previously
specified. Otherwise, the drive letter on which the cluster quorum resides will stay the same as it
was previously.
9. Once the restore of the cluster quorum is completed, use the cluster administrator to bring the
other cluster nodes online
It's done by installing the Citrix "ICA client" on the user's PC, thin client computer or mobile
device to gain access to desktop applications running on the Citrix MetaFrame Presentation
Server. Citrix claims to have 120,000 corporations and government customers -- for a total of 50
million ICA clients -- using this approach in some fashion, if not for their entire user base. Citrix
spares the IT department from having to distribute desktop software on the actual desktop. And
some corporations use Citrix for disaster-recovery back-up. At the Citrix conference, IT
managers said it's not only easier to upgrade desktop applications when they're located on the
centralized Citirx server than on the actual desktop, but they see some security advantages in it as
well.
First, the entire state of a virtual machine is encapsulated by a set of files stored on shared
storage such as Fibre Channel or iSCSI Storage Area Network (SAN) or Network
Attached Storage (NAS). VMware’s clustered Virtual Machine File System (VMFS)
allows multiple installations of ESX Server to access the same virtual machine files
concurrently.
Second, the active memory and precise execution state of the virtual machine is rapidly
transferred over a high speed network, allowing the virtual machine to instantaneously
switch from running on the source ESX Server to the destination ESX Server. VMotion
keeps the transfer period imperceptible to users by keeping track of on-going memory
transactions in a bitmap. Once the entire memory and system state
ESX Server
Hardware
ESX Server
Hardware
VMotion Technology
OS OSOSOS
App App App
VMware VMotion moves live, running virtual machines from one host to another while
maintaining continuous service availability.
has been copied over to the target ESX Server, VMotion suspends the source virtual
machine, copies the bitmap to the target ESX Server, and resumes the virtual machine on
the target ESX Server. This entire process takes less than two seconds on a Gigabit
Ethernet network.
Exchange
If you one day are faced with a relatively large corrupt Mailbox Store, restoring it
can, depending on things such as backup hardware, backup application and network
speed, be quite time consuming. Now the last thing you want to deal with in such a
situation is frustrated users (or even worse a yelling CEO!).
So how can you get your users to calm down (and your CEO to s… up) and get back
to work while you concentrate on getting the Mailbox Store back to life? There’s one
simple answer and that is, you can create a dial-tone database and thereby get
message flow and mailbox access recovered almost instantly. By using a dial-tone
database your users can start to receive and send mail again, they can even go
check out old messages that existed in their mailbox on the Exchange server (if their
Outlook client has been configured to use cached mode that is), bear in mind though
they have to switch between Online and Offline mode when prompted with the
Outlook 2003 Exchange Recovery Mode dialog box. I’ll talk more about Outlook 2003
Recovery mode in “Demystifying The Exchange Dial-tone Restore Method (Part 2)”.
Using the dial-tone database restore method means that you, while restoring one or
more corrupted Mailbox Stores from the most recent backup, have users connect to
a new empty or blank Mailbox Store. The dial-tone restore method is by no means
new; it’s been used with previous versions of Exchange as well, but now that we
have the Exchange Server 2003 Recovery Storage Group (RSG) feature, the method
becomes even more attractive when restoring Mailbox Stores within your Exchange
messaging environment.
Note:
With previous versions of Exchange a dedicated Exchange recovery server was
required. Using a separate Exchange recovery Server meant you first had to restore
the required Mailbox Store(s) or database to the recovery server, then either export
the data from the restored database(s) to PST files using Exchange Server Mailbox
Merge Wizard (ExMerge) or copy the whole Exchange database from the recovery
server to the production server. As an Exchange database often is several gigabytes
in size, this meant you typically had to copy large amounts of data over the wire
which, depending on the network, could add several hours to the total recovery time.
Using the Recovery Storage Group feature makes it possible to restore Mailbox
Stores without the need to build and use a separate Exchange Recovery Server;
instead you can simply restore the Mailbox Store(s) directly to the Recovery Storage
Group (RSG) on the respective Exchange Server or any other Exchange 2003 Server
in the same Administrative Group. This makes it an easy and painless process to
merge data from the restored Mailbox Store(s) to the dial-tone database, or swap
the restored database from the Recovery Storage Group (RSG) to the dial-tone
database in the original Storage Group, then merge data from the dial-tone database
to the restored Mailbox Store. I’ll also talk more about swapping databases in
“Demystifying The Exchange Dial-tone Restore Method (Part 2)”.
Note:
If you’re not familiar with the Recovery Storage Group (RSG) feature, I recommend
you checkout MS KB article: 824126 - How to use Recovery Storage Groups in
Exchange Server 2003 which does a great job explaining how you can recover
Mailbox Stores or individual mailboxes using by restoring a Mailbox Store to the RSG.
Alright we’re ready to have the dial-tone database created, so if it’s not already the
case you first need
Roles:
Here I am playing a key role Active Directory and Backup Administration. I need to
check the backup logs, backing is completed successfully. We have a MOM Team, it
will generate the alerts in respective to MOM. I am taking care of AD Alert’s and
backups. Like Disk space low issues, automated services, CPU Utilization, Server
Availability, Server Health check, Hardware Failures and DNS issues and moreover I
can say user creations, DL Creations, Mail Box moments and I am in a part of taking
care about the Anti virus bad clients.
We are using HP OVSD tool to monitor the Queue. All these issues.
Description: One of the most popular RAID levels, RAID 5 stripes both data and parity
First let's get on the same page so we're all talking about apples.
What is RAID5?
OK here is the deal, RAID5 uses ONLY ONE parity drive per stripe and many RAID5
arrays are 5 (if your counts are different adjust the calculations appropriately) drives
(4 data and 1 parity though it is not a single drive that is holding all of the parity as
in RAID 3 & 4 but read on). If you have 10 drives or say 20GB each for 200GB
RAID5 will use 20% for parity (assuming you set it up as two 5 drive arrays) so you
will have 160GB of storage. Now since RAID10, like mirroring (RAID1), uses 1 (or
more) mirror drive for each primary drive you are using 50% for redundancy so to
get the same 160GB of storage you will need 8 pairs or 16 - 20GB drives, which is
why RAID5 is so popular. This intro is just to put things into perspective.
RAID5 is physically a stripe set like RAID0 but with data recovery included. RAID5
reserves one disk block out of each stripe block for parity data. The parity block
contains an error correction code which can correct any error in the RAID5 block, in
effect it is used in combination with the remaining data blocks to recreate any single
missing block, gone missing because a drive has failed. The innovation of RAID5
over RAID3 & RAID4 is that the parity is distributed on a round robin basis so that
There can be independent reading of different blocks from the several drives. This is
why RAID5 became more popular than RAID3 & RAID4 which must synchronously
read the same block from all drives together. So, if Drive2 fails blocks 1,2,4,5,6 & 7
are data blocks on this drive and blocks 3 and 8 are parity blocks on this drive. So
that means that the parity on Drive5 will be used to recreate the data block from
Disk2 if block 1 is requested before a new drive replaces Drive2 or during the
rebuilding of the new Drive2 replacement. Likewise the parity on Drive1 will be used
to repair block 2 and the parity on Drive3 will repair block4, etc. For block 2 all the
data is safely on the remaining drives but during the rebuilding of Drive2's
replacement a new parity block will be calculated from the block 2 data and will be
written to Drive 2.
Now when a disk block is read from the array the RAID software/firmware calculates
which RAID block contains the disk block, which drive the disk block is on and which
drive contains the parity block for that RAID block and reads ONLY the one data
drive. It returns the data block. If you later modify the data block it recalculates the
parity by subtracting the old block and adding in the new version then in two
separate operations it writes the data block followed by the new parity block. To do
this it must first read the parity block from whichever drive contains the parity for
that stripe block and reread the unmodified data for the updated block from the
original drive. This read-read-write-write is known as the RAID5 write penalty since
these two writes are sequential and synchronous the write system call cannot return
until the reread and both writes complete, for safety, so writing to RAID5 is up to
50% slower than RAID0 for an array of the same capacity. (Some software RAID5's
avoid the re-read by keeping an unmodified copy of the original block in memory.)
RAID10 is one of the combinations of RAID1 (mirroring) and RAID0 (striping) which
are possible. There used to be confusion about what RAID01 or RAID10 meant and
different RAID vendors defined them differently. About five years or so ago I
proposed the following standard language which seems to have taken hold. When N
mirrored pairs are striped together this is called RAID10 because the mirroring
(RAID1) is applied before striping (RAID0). The other option is to create two stripe
Sets and mirror them one to the other, this is known as RAID01 (because the RAID0
is applied first). In either a RAID01 or RAID10 system each and every disk block is
completely duplicated on its drive's mirror. Performance-wise both RAID01 and
RAID10 are functionally equivalent. The difference comes in during recovery where
RAID01 suffers from some of the same problems I will describe affecting RAID5 while
RAID10 does not.
Now if a drive in the RAID5 array dies, is removed, or is shut off data is returned by
reading the blocks from the remaining drives and calculating the missing data using
the parity, assuming the defunct drive is not the parity block drive for that RAID
block. Note that it takes 4 physical reads to replace the missing disk block (for a 5
drive array) for four out of every five disk blocks leading to a 64% performance
degradation until the problem is discovered and a new drive can be mapped in to
begin recovery. Performance is degraded further during recovery because all
Drives are being actively accessed in order to rebuild the replacement drive (see
below).
If a drive in the RAID10 array dies data is returned from its mirror drive in a single
read with only minor (6.25% on average for a 4 pair array as a whole) performance
reduction when two non-contiguous blocks are needed from the damaged pair (since
the two blocks cannot be read in parallel from both drives) and none otherwise.
Mirroring?
Mirroring is one of the two data redundancy techniques used in RAID (the other
being parity). In a RAID system using mirroring, all data in the system is written
simultaneously to two hard disks instead of one; thus the "mirror" concept. The
principle behind mirroring is that this 100% data redundancy provides full protection
against the failure of either of the disks containing the duplicated data. Mirroring
setups always require an even number of drives for obvious reasons.
The chief advantage of mirroring is that it provides not only complete redundancy of
data, but also reasonably fast recovery from a disk failure. Since all the data is on
the second drive, it is ready to use if the first one fails. Mirroring also improves some
forms of read performance (though it actually hurts write performance.) The chief
disadvantage of RAID 1 is expense: that data duplication means half the space in the
RAID is "wasted" so you must buy twice the capacity that you want to end up with in
the array. Performance is also not as good as some RAID levels.
Parity
Mirroring is a data redundancy technique used by some RAID levels, in particular
RAID level 1, to provide data protection on a RAID array. While mirroring has some
advantages and is well-suited for certain RAID implementations, it also has some
limitations. It has a high overhead cost, because fully 50% of the drives in the array
are reserved for duplicate data; and it doesn't improve performance as much as data
striping does for many applications. For this reason, a different way of protecting
data is provided as an alternate to mirroring. It involves the use of parity
information, which is redundancy information calculated from the actual data values.
Cross realm uses for ticket granting service for cross domain authentication.
Kerberos Authentication: After giving the password at client end checks the time
stamp with domain controller of Global catalogue with the use of NTP protocol ( port
number 123 )
If the time difference between the DC and client should not be exceed more than 5
mins.
After finishing the time stamp matching session ticket with encrypted password and
it releases the two tickets with help of KDC ( Key distribution Centre ).
One is for sends the request to logon and another one sends the permission whether
accepting or not.
After providing the authentication from Kerberos LDAP finishes the logon process
with port number 389
Kerberos uses to protocols UDP and TCP with same port number 88.
After that it checks for password which is maintaining in DC if it matches it will start
authenticating with domain.
Replmon
Replmon.exe: Active Directory Replication Monitor
This GUI tool enables administrators to view the low-level status of Active Directory
replication, force synchronization between domain controllers, view the topology in a
graphical format, and monitor the status and performance of domain controller
replication.
1. How to conform if the software package deployed using group policy. Has got
installed in the user PC.
2. in one DC one user has been deleted the OU by admin1 ……delete by one
administrator, in other DC the same OU is getting updated in admin 2 (Lost and
found object)
3. what are the two attributes, which reflect while replication happening
4. how do u see the by using GPO …which software has been installed in the
machines
5. hw to install the software package for 500 machines…….can u just give the steps
6. hw do deploy patch in enterprise environment
7. hw to un-install a package
8. if Kerberos fail, what will happen, is there any other authentication
9. when you need to install DNS server in member servers, what is the use of it
10. Active directory integrated DNS in member server install?
11. what the log files and what is the use of log files
Answers:
Unless specifically noted, all references to MBSA 2.0 in the MBSA TechNet pages also apply to MBSA
2.0.1.
Legacy Product Support: For customers using legacy products not supported by MBSA 2.0.1,
Microsoft Update, and WSUS, Shavlik Technologies provides a free MBSA 2.0.1 companion tool
called Shavlik NetChk Limited.
2. only one OU you can create and delete …hw the same OU name will come in
other machines
3. GPMC………..gpo is one object in in group policy
4. whats is the GPMC……..password policy……….hw u will apply……where u
will apply
5. hirarchichy……site and domain and OU….
6. 500……Distribution point(SMS)…….
7. hw to deployed …..the enterprise environement…..
Download Software Update Services Server 1.0 with Service Pack 1 HERE
(33mb)
Though very good as what it does, Microsoft’s patch management tool does
have a few limitations:
• It does not push out service packs; you need a separate solution for that.
• It only handles patches at operating system level (including Internet
Explorer and IIS), but not application patches such as Microsoft Office, Microsoft
Exchange Server, Microsoft SQL Server, etc.
• It requires Windows 2000 and up, so it cannot patch Windows NT 4
systems.
• It cannot deploy custom patches for third party software.
• It does not allow you to scan your network for missing patches, so you
cannot check if everything has been installed correctly. There is no easy
reporting system for this.
This means that you still require a patch management solution to perform the
above tasks. Microsoft does not plan to add the above features, since it
promotes Microsoft SMS server as a tool for that. So, Microsoft SUS server is
ideal for operating system patches if used in conjunction with a patch
management tool.
Read more on how to overcome SUS's limitations by using a 3rd party tool
called GFI LANguard Network Security Scanner.
• Built-in security: Only users with local administrative privileges can interact
with Automatic Updates. This prevents unauthorized users from tampering
with the installation of critical updates. Before installing a downloaded update,
Automatic Updates verifies that Microsoft has digitally signed the files.
• Just-in-time validation: Automatic Updates uses the Windows Update
service technologies to scan the system and determine which updates are
applicable to a particular computer.
• Background downloads: Automatic Updates uses the Background
Intelligent Transfer Service (BITS), an innovative bandwidth-throttling
technology built into Windows XP and newer operating systems, to download
updates to the computer. This bandwidth-throttling technology uses only idle
bandwidth so that downloads do not interfere with or slow down other
network activity, such as Internet browsing.
• Chained installation: Automatic Updates uses the Windows Update
technologies to install downloaded updates. If multiple updates are being
installed and one of them requires a restart, Automatic Updates installs them
all together and then requests a single restart.
• Multi-user awareness: Automatic Updates is multi-user aware, which
means that it displays different UI depending on which administrative user is
logged on.
• Manageability: In an Active Directory environment, an administrator can
configure the behavior of Automatic Updates using Group Policy. Otherwise,
an administrator can remotely configure Automatic Updates using registry
keys through the use of a logon script or similar mechanism.
• Multi-language support: The client is supported on localized versions of
Windows.
Note: Windows 2000 Service Pack 3 (SP3) and Windows XP Service Pack 1 (SP1) include the
Automatic Updates component, eliminating the need to download the client component separately.
Download Windows automatic updating (SUS Client) HERE (1mb)
8. NTLM
• AS = Authentication Server
• TGS = Ticket Granting Server
• SS = Service Server.
• TGT = Ticket Granting Ticket
Briefly, the client authenticates to AS using a long-term shared secret and receives a
ticket from the AS. Later the client can use this ticket to get additional tickets for SS
without resorting to using the shared secret. These tickets can be used to prove
authentication to SS.
In more detail:
Drawbacks
solution: 1. On the domain controller, click Start, click Run, type regedit, and then click
OK.
3. In the right pane, double-click enablesecuritysignature, type 1 in the Value data box,
and then click OK.
4. Double-click requiresecuritysignature, type 1 in the Value data box, and then click OK.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanworkstation\
parameters
6. In the right pane, double-click enablesecuritysignature, type 1 in the Value data box,
and then click OK.
7. Double-click requiresecuritysignature, type 0 in the Value data box, and then click OK.
8. After you change these registry values, restart the Server and Workstation services. Do
not restart the domain controller, because this action may cause Group Policy to change
the registry values back to the earlier values.
9. Open the domain controller’s Sysvol share. To do this, click Start, click Run, type
\\Server_Name\Sysvol, and then press ENTER. If the Sysvol share does not open, repeat
steps 1 through 8.
10. Repeat steps 1 through 9 on each affected domain controller to make sure that each
domain controller can access its own Sysvol share.
11. After you connect to the Sysvol share on each domain controller, open the Domain
Controller Security Policy snap-in, and then configure the SMB signing policy settings.
To do this, follow these steps:a. Click Start, point to Programs, point to Administrative
Tools, and then click Domain Controller Security Policy.
b. In the left pane, expand Local Policies, and then click Security Options.
Note In Windows 2000 Server, the equivalent policy setting is Digitally sign server
communication (always).
Important If you have client computers on the network that do not support SMB signing,
you must not enable the Microsoft network server: Digitally sign communications
(always) policy setting. If you enable this setting, you require SMB signing for all client
communication, and client computers that do not support SMB signing will not be able to
connect to other computers. For example, clients that are running Apple Macintosh OS X
or Microsoft Windows 95 do not support SMB signing. If your network includes clients
that do not support SMB signing, set this policy to disabled.
d. Click to select the Define this policy setting check box, click Enabled, and then click
OK.
Note For Windows 2000 Server, the equivalent policy setting is Digitally sign server
communication (when possible).
f. Click to select the Define this policy setting check box, and then click Enabled.
g. Click OK.
i. Click to clear the Define this policy setting check box, and then click OK.
k. Click to clear the Define this policy setting check box, and then click OK.
12. Run the Group Policy Update utility (Gpupdate.exe) with the force switch. To do this,
follow these steps:a. Click Start, click Run, type cmd, and then click OK.
b. At the command prompt, type gpupdate /force, and then press ENTER.
For more information about the Group Policy Update utility, click the following article
number to view the article in the Microsoft Knowledge Base:
For more information about using the Secedit command in Windows 2000, click the
following article number to view the article in the Microsoft Knowledge Base:
13. After you run the Group Policy Update utility, check the application event log to
make sure that the Group Policy settings were updated successfully. After a successful
Group Policy update, the domain controller logs Event ID 1704. This event appears in the
Application Log in Event Viewer. The source of the event is SceCli.
14. Check the registry values that you changed in steps 1 through 7 to make sure that the
registry values have not changed.
Note This step makes sure that a conflicting policy setting is not applied at another group
or organizational unit (OU) level. For example, if the Microsoft network client: Digitally
sign communications (if server agrees) policy is configured as "Not Defined" in Domain
Controller Security Policy, but this same policy is configured as disabled in Domain
Security Policy, SMB signing will be disabled for the Workstation service.
15. If the registry values have changed after you run the Group Policy Update utility,
open the Resultant Set of Policy (RSoP) snap-in in Windows Server 2003. To start the
RSoP snap-in, click Start, click Run, type rsop.msc in the Open box, and then click OK.
In the RSoP snap-in, the SMB signing settings are located in the following path:
Note If you are running Windows 2000 Server, install the Group Policy Update utility
from the Windows 2000 Resource Kit, and then type the following at the commmand
prompt: