PC Repair Tools Review

PC Repair Tools Review

How the DHCP Lease Renewal Process Works

Dhcp Lease And Renewal Process Images

j DHCP client sends a DHCPREQUEST packet 2J DHCP Serverl sends a DHC PACK packet Purpose of the DHCP lease renewal process The DHCP lease renewal process is the process by which the DHCP client renews or updates its IP address configuration data with the DHCP server. The DHCP client renews its IP configuration data prior to the expiration of the lease time. If the lease period expires and the DHCP client has not yet renewed its IP configuration data, then the DHCP client loses the IP...

How the DHCP Lease Generation Process Works

Jj DHCP client broadcasts a DHCPDISCOVER packet 2 DHCP servers broadcast a DHCP OFFER packet J DHCP client broadcasts a DHCPREQUEST packet - 'i ' 4 I DHCP Serverl broadcasts a DHC PACK packet DHCP uses a four-step process to lease IP addressing information to DCHP clients. The four steps are named after the DHCP packet types. 4. DHCP acknowledgement or DHCP negative acknowledgement The DHCP client broadcasts a DHCPDISCOVER packet The DHCP lease generation process is the process by which the...

Effects on NTFS Permissions When Copying and Moving Files and Folders

When you copy files and folders, they inherit permissions of the destination folder When you move files and folders within the same partition, they retain their permissions When you move files and folders to a different partition, they inherit the permissions of the destination folder Introduction When you copy or move a file or folder, the permissions may change depending on where you move the file or folder. It is important to understand the changes that the permissions undergo when being...

Managing DNS Suffixes Problem

You want to add, modify, or delete the DNS domain name suffixes that are used by a Windows Server 2003 computer, also referred to as the domain suffix search order. The domain name suffix order helps Windows resolve an unqualified name that is, a computer name that does not have a domain name appended to it. 1. Open the Network Connections applet. 2. Double-click on the Local Area Connection icon. 3. Click on Internet Protocol (TCP IP), and select Properties. 4. Verify that the radio button...

Creating a New Domain Tree in an Existing Forest

Log in as a local Administrator. 4. Click OK to start the Active Directory Installation Wizard. 5. In the Welcome to the Active Directory Installation Wizard window, click Next. 6. In the Operating System Compatibility window, click Next. 7. In the Domain Controller Type window, click Domain controller for a new domain Next, as shown in Figure 4.18. Figure 4.18 The Domain ControllerType Dialog Box Used for a New Domain Tree in an Existing Forest Figure 4.18 The Domain ControllerType Dialog...

Using NTDSUtil for Active Directory Database Troubleshooting and Repair

The Active Directory database is the same type of database that is used within applications such as Microsoft Exchange Server. If you are familiar with the utilities used with an Exchange server, you should be familiar with some of the utilities used with Active Directory. A benefit of using NTD-SUtil is that the cryptic commands needed to manage the Exchange databases are encapsulated into easier-to-understand commands. Upcoming chapters will introduce some of the other utilities, such as...

Loading and Unloading Hive Files

Just as you sometimes must import or export Registry data, you'll sometimes need to work with individual hive files. The most common reason for doing this, as discussed previously, is when you must modify a user's profile to correct an issue that prevents the user from accessing or using a system. Here, you would load the user's Ntuser.dat file into Registry Editor and then make the necessary changes. Another reason for doing this would be to change a particular part of the Registry on a remote...

CAPolicyinf File Sections

Within the CAPolicy.inf file, there are several predefined sections, each of which defines specific settings for Certificate Services. These sections and related decisions regarding their contents are outlined here, as well as whether the section applies to root CA installations, subordinate CA installations, or to both root and subordinate CA installations. The Version section defines that the .inf file uses the Windows NT format. This section must exist for both root and subordinate CA...

Setting up a Smart Card for User Logon

Log on to your workstation with a user account that has permissions to the appropriate certificate template in the domain where the user's account is located, and permission to enroll other users for certificates. The account used for Exercise 3.04 has these permissions. 2. Open Internet Explorer, and browse to http servername certsrv , where servername is the name of the CA on your network. 3. Select Request a certificate for a smart card on behalf of another user by using the smart card...

Active Directory Integrated versus Primary Zones

At the beginning of the chapter, several zone types were identified and described. Two principal zone types in Windows Server 2003 are primary and Active Directory-integrated. There are good reasons for using both types of zones. However, one type will be more appropriate than the other depending on how your DNS needs to function once the design has been implemented. This section will describe each zone type and where it would be most appropriately used. Primary and secondary zones are standard...

Generator and Bridgehead Servers

Bridgehead Server

While the KCC is responsible for intra-site connection objects, all inter-site connection objects are established by the Inter Site Topology Generator ISTG .The first DC in each site regardless of domain membership will assume the role of the ISTG.This role cannot be viewed or changed using standard Microsoft tools, and precisely one ISTG role per site exists for sites that house one or more DCs. The ISTG is responsible for assessing the replication needs of the site in which it resides in...

Crl Publication Interval And Crl Life Time Configuration

Crl Overlap Period

Lightweight Directory Access Protocol LDAP addresses or by file and folder location . Note that any changes to a certificate server's CRL distribution points do not apply retroactively. This information is included in the certificate at the time of issue . If you change the CRL distribution point, clients checking previously issued certificates will be unable to locate the new distribution point. If it becomes necessary to change a distribution point, develop a transition strategy that either...

Configuring Dead Gateway Detection Problem

You want to configure dead-gateway detection on a Windows Server 2003 computer so that the computer can continue to route traffic even if its default gateway becomes unavailable. To enable dead-gateway detection for a Windows Server 2003 computer, set the following Registry value HKEY_LOCAL_MACHINE SYSTEM Current Control Set Services Tcpip Parameters To disable dead-gateway detection, set the previous DWORD value to 0 (false). Using VBScript This code enables dead-gateway detection for all...

Using ADSI Edit to View Directory Service Partitions

How Use Adsiedit

ADSI Edit is a utility that is part of the support tools. Once you add the support tools, ADSI Edit is available from the Start menu gt Programs gt Support Tools. The Windows Server 2003 version is an MMC snap-in. With Windows Server 2008, when you view the advanced properties of an object, you will see a new Attribute Editor tab. From this tab, you can edit the settings that are available in ADSI Edit. You can perform the same tasks here that you can perform in ADSIEdit, but instead of having...

The Difference between DNS and AD Domains

For some reason, our industry often uses the same term to represent completely different things. In Chapter 7 we discussed DNS Domain Name System domains. A DNS server is used to resolve TCP IP host names into IP addresses. A DNS domain represents a piece of the overall DNS namespace. DNS is a service used to find resources A process submits a host name, and DNS attempts to find a record that matches. If a match is found, DNS returns the appropriate IP address to the requestor. As such, we...

Configure Site Link Costs

Site Link Versus Site Link Bridge

SiteLink objects can be assigned a cost, which is an administrative setting that gives priority to one link over another, where multiple paths between the same two sites exist. The lowest cost, intuitively enough, has the highest priority. When you assign costs to your links, consider available bandwidth, reliability, latency, and actual costs charged by your ISP based on time or amount of data crossing the line if applicable . If you leave the default link costs set to 100, or assign costs...

Configuring Multiple Logical Printers for a Single Printer

Although a printer pool is a single logical printer that supports multiple ports, or printers, the reverse structure is more common and more powerful multiple logical printers supporting a single port, or printer. By creating more than one logical printer directing jobs to the same physical printer, you can configure different properties, printing defaults, security settings, auditing, and monitoring for each logical printer. For example, you might want to allow executives at Contoso, Ltd. to...

Using the cipher Command to Add Data Recovery Agent

Click Start Run, type cmd, and then click OK. 2. Type this command at the prompt and then press Enter to execute the command If you do not specify a filename when using the cipher lr command, files named .CER and .PFX will be created essentially, no filename, just the extension . Instead, use a filename such as the testdra we used earlier. Once you've added the DRA to the EFS policy, you can right-click on the DRA and edit the properties, such as giving it a user-friendly name and a...

Using the Msinfo Command Line Utility

The Msinfo32 command-line utility provides the same functionality as the System Information utility. Through the use of this command, you can Gather information about computers through batch files Automatically create a System Information file .nfo or text file .txt with a snapshot of the computer's system information Create and save a System Information file, without ever opening the System Information utility on a local or remote computer The options associated with Msinfo32 are defined in...

Setting Registry Access Permissions via Group Policy

In this exercise, we'll step through how to set Registry permissions via Group Policy. For the purposes of this exercise, we'll select the default domain policy. However, in practice, you might apply these settings to an OU, a site, or a domain. 1. Click Start Run, type mmc in the Open text box, and then click OK to launch the Microsoft MMC. 2. Click File Add Remove Snap-in. 3. In the Add Remove Snap-in dialog, click Add. Scroll through the list until you locate Group Policy Object Editor....

Logical vs Physical Components

Multimaster Replication Topology

The components making up Active Directory can be broken down into logical and physical structures. Logical components in Active Directory allow you to organize resources so that their layout in the directory reflects the logical structure of your company. Physical components in Active Directory are similarly used, but are used to reflect the physical structure of the network. By separating the logical and physical components of a network, users are better able to find resources, and...

How to Configure DNS Dynamic Update Credentials

Your instructor will demonstrate how to configure DNS dynamic update credentials, including Configuring DHCP server to use the account illegal for non trainer use Introduction The Windows Server 2003 DNS Server service supports Dynamic DNS updates, which allow client systems to add DNS records directly into the database. Dynamic DNS servers can receive malicious or unauthorized updates from an attacker by means of a client that supports the Dynamic DNS DDNS protocol if the server is configured...

Understanding the OU Design Options

Wassilly Chair Misure

The OU design should be predicated on the administrative structure of the organization, not the departmental organization as seen on the company's organization chart. Most companies do not base the administration of resources on the organization chart. Usually, the IT department is responsible for objects within the company no matter which department is using the resource. Although this centralized approach is the most basic method of controlling the objects within Active Directory, some...

Step Configure an Ad Rms Client to Allow Access to the Rights Policy Templates

The third step in the process is to configure the AD RMS client to access the AD RMS rights policy templates. To achieve this, you must copy the AD RMS rights policy templates to the client computer and then create a registry entry that points to the central repository of the rights policy templates. Perform the following steps to configure the AD RMS clients to access the AD RMS rights policy templates 1. Log on to the Windows Vista workstation as Local Administrator. 2. Click Start gt...

Disconnected Networks

Image Disconnected Process

If your organization includes WSUS servers on disconnected networks, you can follow a two-step export and import process (see Figure 9.4) to update those replica servers.This process requires additional management overhead, but it does guarantee update consistency between all WSUS servers however, there can be a high degree of lag time for this type of asynchronous synchronization. Good planning will optimize the process and minimize the time it takes to synchronize WSUS servers on disconnected...

Using the REG Command for a Quick Display of Client Setup

The quickest way to identify WSUS client settings is to create a simple script file that can be used to query the registry keys you are interested in, and pipe them to the console for quick review. This can be used for troubleshooting purposes or for random audits of your WSUS clients, to make sure that you are not having GPO inheritance, blocking, or conflict problems. To remotely query your WSUS computer's registry, you need the reg.exe command-line utility, which is part of the Windows...

Managing Computer Groups

The heart of WSUS management is the capability to target updates to groups of client computers. WSUS provides a mechanism to help you ensure that the right computers get the rights updates at the right time. In fact, computer groups ensure that client computers receive their updates in a consistent manner on an ongoing basis. Computers will always belong to two groups. Every computer belongs to the All Computers group. However, they will also belong to the Unassigned Computers group until you...

Using the Registry to Manage Shutdown Event Tracker

You can configure the registry to enable or disable the Shutdown Event Tracker. The Windows Server 2003 default installation enables Shutdown Event Tracker by default. However, you can configure the registry settings to enable it or disable it on demand. The process is described in Exercise 9.09. We prefer to use the registry to configure Shutdown Event Tracker in many cases in comparison to the local Group Policy settings . The local Group Policy can dictate the shutdown policy for the domain....

Configuring RIP on a Windows Server Network

Route Lan Wan Internet Windows 2003

In this exercise, we will configure RIP v2. 1. Begin by configuring LAN Routing in Routing and Remote Access. Click Start Programs Administrative Tools Routing and Remote Access. 2. In the left pane of the Routing and Remote Access management console, right-click the server name and select Configure and Enable Routing and Remote Access. If this option is grayed out, select Disable Routing and Remote Access to start with a fresh configuration. 3. On the first page of the Routing and Remote...

Using Client Side Targeting

By using client-side targeting, WSUS can figure out how to assign computers to different groups by looking at Group Policy or Registry keys on each machine to automatically collect computers into a group. Client-side targeting saves you the trouble of manually adding computers, moving them around in groups, and generally resorting to tedious administrative methods. To enable this, use Group Policy to configure the AU software on each computer. Enable the client-side targeting option by clicking...

Configuring NetBIOS over Tcpip Problem

You want to configure the NetBIOS over TCP IP settings for a Windows Server 2003 computer. 1. Open the Network Connections applet. 2. Double-click on the Local Area Connection icon. 3. Click on Internet Protocol (TCP IP), and select Properties. 4. Click on Advanced. From the WINS tab, select the radio button next to one of the following settings for NetBIOS over TCP IP Use NetBIOS settings from the DHCP server. (This is the default. If a static IP address is used or the DHCP server does not...

Load Zone Data On Startup

Chvac Zone Data Window

By default, the Load Zone Data On Startup drop-down list box is set to the From Active Directory And Registry option. Thus, by default, DNS servers in Windows Server 2003 initialize with the settings specified in the Active Directory database and the server Registry. However, this setting includes two other options, From Registry and From File, as shown in Figure 5-30. Figure 5-30 Server initialization options Figure 5-30 Server initialization options When you select the From Registry option...

How DHCP Server Scope and Reserved Client Options Are Applied

Why use levels of DHCP DHCP applies options to client computers in a specific order options As a result, you can define DHCP-assigned options with varying levels of authority so that certain options take precedence over other options. How options are applied relates directly to where they are configured. The following table describes the levels of DHCP options and their precedence. Server-level option Scope-level option Class-level option Reserved client-level option A server-level option is...

DFS structure and terminology

Essentially, a DFS namespace is a shared group of network shares residing under a DFS root, which serves as a container for the namespace and performs much the same function for the distributed file system that a root folder serves for a physical volume. In other words, the DFS root serves as the sharepoint for the distributed file system. Rather than contain subfolders like a root directory does, the DFS root contains links to the shares local and remote that form the distributed file system....

Configuring Deployment

You can configure WDS to use a multicast transmission to deploy a single install image to multiple computers. As Figure 11-3 shows, you can configure an auto-cast, which begins the transmission immediately, or configure a scheduled-cast in which you specify settings such as the number of clients that must connect prior to beginning the transmission, a time and date for the transmission to begin, or both. You can configure a multicast deployment to throttle the bandwidth it uses by selecting a...

Assigning the Certificate Template Manager Role

Three separate tasks must be performed to assign the Certificate Template Manager role Delegate permissions to the Certificate Templates container in the Configuration naming context to create new certificate templates. Delegate permissions to the OID container in the Configuration naming context to create new object identifiers OIDs . Delegate permissions to every existing certificate template in the Certificate Templates container in the Configuration naming context. Chapter 10 Role...

Using the Active Directory Blueprint

Like the Enterprise Network Architecture Blueprint presented in Chapter 1 refer back to Figure 1-5 , the Active Directory Design Blueprint emerges from the structure of the Microsoft Certification Exam number 70-219, Designing a Microsoft Windows 2000 Directory Services Infrastructure. It also includes the same prerequisites business and technical requirements analyses. The advantage of using the same blueprint structure for both operations is that you should already have most of this...

Configuring NLB Port Rules

Port Rule The Nodes The Cluster

Port rules, shown in Figure 16-5, control, on a port-by-port basis, how network traffic is treated by an NLB cluster. By default, the cluster balances all traffic received on the cluster IP address across all nodes. You can modify this so that only specific traffic, designated by port, received on the cluster IP address is balanced. The cluster drops any traffic that does not match a port rule. You can also configure the cluster to forward traffic to a specific node rather than to all nodes,...

How to Import a Foreign Disk

Your instructor will demonstrate how to Remove a disk by using Disk Management import a foreign dish by using Dish Management Remove a disk by using Disk Part Import 9 foreign dish by using DishPart Introduction If you must move a disk from one server to another, use the following steps to Procedure for removing To remove a disk by using Disk Management a disk by using Disk Management l. In Computer Management, open Disk Management. 2. For a dynamic disk, right-click the disk that you want to...

When You Should Use AD LDS

As a network administrator, you will be called on to decide when it is appropriate to use AD LDS and when AD DS is required. Consider using AD LDS in the following situations You need to provide support for departmental applications that require additional identity information that is of no relevance to any other department within the organization. By integrating the additional information in an AD LDS instance, you can ensure that the relevant department has access to it without affecting the...

Removing scopes from a superscope

You can remove one or more scopes from a superscope if necessary to restructure the scopes on the server. Removing a scope from a superscope does not delete the scope or deactivate it. Instead, it simply makes it a scope directly under the server branch, rather than a child scope of the superscope. This enables you to add it to a different scope or eliminate the superscope without affecting its individual scopes. To remove a scope from a superscope, open the DHCP console and open the superscope...

Terminal Services Licensing

Licensing requirements for the Remote Desktop connections to Windows Server 2003 servers are dependent on three factors the mode in which Terminal Services are running Remote Desktop for Administration or Full Terminal Server , the operating system on the client device that's running Remote Desktop session, and the number of Terminal Servers configured with per-device and per-session licensing. Per-device licensing requires a temporary or full license for each connecting device per-session...

Comparing Ad Lds and AD DS

AD LDS is based on AD DS but does not include all the features of AD DS . Both AD LDS and AD DS rely on multimaster replication for data consistency and support the LDAP application programming interface API and the Active Directory Services Interface ADSI APIs. Both services support schema extensions and application directory partitions . Both can install a replica from removable media and are integrated into the Windows Server 2008 backup tools . Both services support object-level security...

Generic script clusters

The Generic Script resource in a server cluster is a custom script written in a language supported by any of the scripting engines present in the Windows Server 2003 servers platform such as VBScript or JScript . Even though such scripts would be application specific, they need to follow guidelines that are documented on Microsoft Development Network available at http msdn.microsoft.com . In short, the script has to implement at least the LooksAlive and IsAlive functions, which return a Boolean...

Fixing RAID redundancy failures

If the status of any volume reports Failed Redundancy, Failed Redundancy (At Risk), or just Failed, use one of the following procedures to fully recover it Procedure 1 To reactivate a volume in Failed Redundancy state, try the following 1. In the Disk Management snap-in, switch to Graphical View by selecting View O Bottom O Graphical View. 2. If a disk hosting the volume is listed in Missing, Offline, or Online (Errors) state, right-click it and select Reactivate Disk. If the reactivation...

Troubleshooting server cluster

The most valuable cluster troubleshooting information is provided in the cluster logs. Configuration log ClCfgSrv.log, which contains entries describing the actions performed when running the New Server Cluster and Add Nodes Wizards, is located in the Windir System32 LogFiles Cluster folder on the computer from which the wizards are run. A diagnostic log stores information about all other cluster activities. Its location is controlled by the value of the ClusterLog system environment variable,...

Applying WSUS for Clients Manually

Windows Update Services Name

The process for applying changes to use SSL manually on clients is not as easy as changing it on a GPO.To address various client types, the following procedure assumes a Windows 2000 client 2. Next, open the registry editor.Type regedit in the Run window. 3. Drill down into the tree to the following subkey WindowsUpdate. 5. In the main window, the following keys appear (Default), WUServer, and WUStatusServer (see Figure 8.16). 6. Open the WUServer and WUStatusServer keys one at a time, and...

Your instructor will demonstrate how to modify the CDP and AIA locations for a certification authority

Procedure Modifying the CDP location To allow users who are not members of your organization to verify the validity of certificates, you must change the AIA and CDP locations to reflect a location that is accessible to external clients. Most often this location is somewhere on a screened subnet external to the company domain. To modify and publish AIA and CDP extensions, you use Certutil.exe and the Certification Authority Program UI. To modify the CDP location for a certification authority,...

Determining the Impact of Global Catalog Failure

When a user authenticates against an Active Directory domain controller, the domain controller must be able to contact a global catalog to determine if the user is a member of any universal groups. If a domain controller fails to contact a global catalog, the user's logon will fail. As such, if a domain controller is going to be placed in a remote site in order to ensure local access to local resources in an office where many users might not have locally caches credentials, it is important to...

Last Known Good Configuration

If the system is unable to start up correctly after you have installed a new device or made a configuration change, this option should be the first tool you use. It will restore the registry key to a copy of the one that was used during the last successful system startup. Note that this tool does not solve any issues with corrupt or missing driver files. To access this tool, perform the following steps 1. Press F8 during startup when you see the Please select the operating system to start...

Local Machine Registry

Regardless of the front end, almost all software configurations ultimately end up manipulating the Windows registry for final client configuration commitments. That being said, you can edit the registry directly to configure your WSUS-specific client configuration needs. In situations where Group Policy is not available due to the lack of an active Directory domain and where configuring local policy becomes too tedious because of each logical machine visit, a few scripting techniques might help...

ADDatabase and Log File Free Space

Every Active Directory database needs free disk space to grow. The AD transaction log files also need free space. This script monitors the amount of available disk space on the drives holding the AD database and log files and raises an alert if the available disk space drops below a given amount. The script begins by retrieving a list of domain controllers from a DomainClass object. The location of the AD database and log files may be different on each domain controller. An advantage of the...

Disk Signatures MSCS Resources and Clusdisk

The disk signature is used internally by MSCS as a resource parameter. For each shared disk its signature will be recorded in the registry key value. lt resourceID gt Parameters Signature -Where lt ResourceID gt is a random based number that uniquely identifies a resource The Cluster disk driver also records signatures of disks that have been locked defined as cluster resource in the value Services -where lt Sig gt is the disk signature of the device listed as lt n gt in Disk Admin The...

Analyzing Group Policy using the registry

When Group Policy objects are applied to a computer, the computer stores important information about the Group Policy objects it is applying in the last place you'd look the registry. Information about computer policies is stored under the Pol-icy History key. Information about user policies (relating to the currently logged on user) is stored under the Policy History key. To view this information, follow these steps 1. Click Start, and then click Run. Type Regedit, and then click OK. 2. In the...