Exchange of information between domains. Administration, tools (Administrative Tools) File database recovery utility

13.05.2024

We break and protect WordPress with our own hands You might also be interested

Administration, tools (Administrative Tools) File database recovery utility

Adobe animate examples. Danil Fimushkin. Motion Animation Components

How to remove programs from startup (autorun)?

The global catalog is a separate database of Active Directory objects. It contains all the objects of the main database and some of the attributes of these objects. The global catalog allows users to quickly find objects in the forest. It is especially useful if you have many domains and domain trees are spread across a large network.

Note. You can think of a global catalog as a resource locator for a domain.

The default global catalog is created on the first domain controller in the tree. Later, if you want, you can use the Active Directory Sites MMC snap-in to manually select other domains for the global catalog.

When deploying a network running Windows 2000 or .NET, ensure that the global catalog is installed correctly. Every Windows XP Professional client should have easy access to the global catalog for optimal searching.

Groups

Windows NT had two user groups: global and local. These groups were created to assign security attributes and contained only user objects. Active Directory adds a third group - universal. The following differences exist between the groups.

Local groups. They are used only within their local domain. They gain access to domain resources, and administrators can only see them within the domain.
Global groups. Gain access to domains with which trust relationships have been established. You can always see them when you are inside a certain tree. You can nest global groups within other global groups.
Universal groups. They can be seen in all domains in a given forest. They contain global groups. For example, an administrator can create two separate global groups and then merge them into one universal group. The administrator now has to deal with one universal group rather than two (or more) global groups.

adminpak file. msi is included in the Windows 2000 installation disk. However, there is no version for Windows XP on the Windows XP Professional installation disk, although adminpak. msi is included in the .NET installation disk.

Note. At the time of writing this course, there was a third beta version of the Windows .NET Server Administration Tools Pack. The file size is 10.4 MB, which is something to keep in mind when downloading the file over a slow connection.

The Windows .NET Server Administration Tools Pack provides a set of commonly used tools for remotely administering servers and services. Administration tools are provided as snap-ins for the MMC. They can be used for any Windows .NET Server and Windows XP Professional operating system.

Note. The Administration Toolkit does not work on Windows XP Home Edition or 64-bit versions.

adminpak file. msi includes the following applications:

Active Directory Domains and Trusts (Active Directory - domains and trust);
Active Directory Sites and Services (Active Directory - sites and services);
Active Directory Users and Computers (Active Directory - users and computers);
Certification Authority ( Certification Authority);
Cluster Administrator;
Component Services;
Computer Management;
Connection Manager Administraion Kit;
Data Sources (ODBS);
DHCP;
Distributed File System;
Event Viewer;
Local Security Policy;
.NET Framework Configuration;
.NET Wizards (.NET Masters);
Network

In 2009, Microsoft introduced the new operating system Windows 7. In addition to a large number of innovations, this OS implemented many tools for managing almost all key settings of the Windows 7 system. System administration provides the ability to manage users, groups, files and folders, access to them, security system, printers, etc.

Types of Windows 7

There are several versions of the Windows 7 operating system. They are designed for different tasks and applications, and, accordingly, have different capabilities and administration tools.

The most common modifications of Windows are Ultimate, Professional and Home. Administration of Windows 7 has its own characteristics in each type of OS. The most complete administration package is presented in Windows 7 Ultimate, as it is universal for both work and entertainment tasks. Windows 7 Starter has the least amount of settings. It is designed to solve basic problems, is installed on low-power laptops or netbooks, and is often intended for pre-sale demonstration of the capabilities of computer equipment.

Why do you need administrator rights?

To fully administer Windows 7, you must have administrator rights. The user that is created when Windows is installed has fairly limited rights for security reasons. Malicious programs or viruses will not be launched under the current user account, important system files will not be accidentally deleted, and any significant damage to files necessary for the OS will not be caused. But there are also unpleasant moments. When installing some programs, for example, office ones, the user may encounter that the changes made in the system are not saved or the installed programs malfunction and do not save data. When determining the reasons, it turns out that the user does not have enough rights to certain operations, for example, to write files to the Program Files folder.

Ways to obtain administrator rights

To have more rights to administer Windows, you need to increase your permissions in the system. This can be done in different ways. The two most commonly used are:

Through the user management window. On the keyboard you need to type the combination “WIN + R”, in the window that opens, type the name of the snap-in lusrmgr.msc and click “OK”. In the “Local Users and Groups” window that opens, go to the “Users” item. On the administrator account, right-click to open the menu and select “Properties”, in which you uncheck the option to disable the account. Next, select completion, click “Ok” and reboot the device.

Administration of Windows 7 may be needed for a short period of time, for example, to run a program that is unstable in normal mode. To do this, right-click on the program and select “run as administrator” from the menu. In this case, the program will run with elevated rights.

To enable elevated rights for permanent operation, you need to launch the command line as an administrator, enter the line “net user Administrator / active: yes” (provided that you enable the administration of Windows 7 Russian version), and then press Enter. After rebooting, you will be able to select the Administrator account on the Welcome screen along with other accounts.

It must be taken into account that constant work under the administrator account is carried out with a very low level of protection, since all programs, including viruses and malware, will be launched with maximum privileges.

Logging into the computer control center

This is the place where administration in Windows 7 is most conveniently carried out through the main computer management tools. There are different ways to get there. The simplest is to right-click on the “My Computer” icon and select “Manage” or “Tools” individually. There are also options to launch through the “Administration” panel in or through the command line with the command compmgmtlauncher. This snap-in contains frequently used Windows 7 administration tools, such as service and disk management, event viewer, and other management tools. In case of system failures, experienced users and administrators can quickly find the problem by simply examining the system logs in the “Event Viewer” branch. Logs are kept for almost all events occurring in the system, from starting services when the computer is turned on and ending with recording user actions in the system.

Windows Service Management

On the service management tab you can see a list of services and their status. It is possible to change the mode and parameters of their operation and launch. Windows 7 service administration is often used when a computer is infected with viruses that add themselves as a service and start when the computer boots. To combat them, you need to stop the service and then remove it from the startup list.

and device manager

Equally important is the administration of Windows 7 disks. This makes it possible not only to create partitions on the hard drive, but also to change their sizes, assign them names and a letter identifier under which it is seen in the system. Look into this section of the control panel if the flash drive is not detected in the system or the drive letter is not specified. When connecting new disks in the snap-in, you can assign them sizes, perform formatting and other operations.

Information about your computer's hardware can be seen in Device Manager. There are times when new equipment is not detected by the system and you have to look for drivers for it in an unknown place. Administration in Windows 7 allows you to view information not only on installed devices, but also on those for which drivers were not found. The properties of each device indicate a unique identifier for the device and the group to which the device belongs. Using these parameters, you can easily find a driver for a new device. Most often, problems arise with video card drivers, Wi-Fi adapters, etc.

Remote administration tools allow you to perform system settings and troubleshoot errors in programs and the operating system remotely via an internal network or via the Internet. Remote administration of Windows 7 is not possible in all types of OS; the connection is configured only for corporate, professional and maximum versions (you can see the version of the operating system in “Computer Properties”).

The built-in Remote Desktop utility allows the administrator to connect to a computer and make certain settings on it without affecting the user's session. To activate the connection feature, you need to go to the Control Panel, and then make changes to the “Remote access settings” item in the system properties. With remote connections enabled and enabled, remote administration of Windows 7 is not particularly difficult.

Account administration

The operating system provides for the administration of Windows 7 accounts. It is possible to manage not only local accounts (creating new ones, editing, deleting existing ones, changing passwords, etc.), but also remote access user accounts. As mentioned above, for security reasons, it is recommended to create a user account and log in under it. Since it has reduced privileges, in the event of a virus infection or with little user experience, the damage to system files will be minimal.

If you have multiple users on your computer, you can create multiple accounts. The user is selected upon login in the welcome window. Each user can configure personal system settings, such as shortcuts and desktop backgrounds, which are stored in the user's personal profile. The administrator has the ability to work with all user profiles on the computer.

Network administration

Another important administration item is setting up network parameters. To start Windows 7, you need to go to the “Start - Control Panel - Network and Internet” menu. Most often, administration involves creating and configuring shared access to files and folders of home devices, as well as access to a printer on the home network.

There are also convenient options such as “Diagnostics and troubleshooting”, which allows you to quickly diagnose and search for network problems.

Every user whose work is somehow related to a computer knows who a system administrator is and understands that this work requires knowledge in the field of information technology.

But often knowledge alone is not enough, and in order to perform diagnostics and restore normal operation of computer equipment, both conventional and special tools are required.

Home users sooner or later also have to deal with maintaining their computer. At a minimum, this means disassembling, cleaning and replacing individual components. A single screwdriver is often enough to do this, but when it comes to troubleshooting, this is no longer enough.

In order to measure the battery voltage on the motherboard, you need a multimeter, which is also useful for checking the voltage of the power supply and identifying breaks.

To restore wiring that has come off the front panel of a PC, you often need a simple soldering iron, and craftsmen can even resolder swollen capacitors on the motherboard or in the power supply.

To re-wire an Internet cable or simply replace a connector, many people have to submit an application to the provider and wait several days for a technician to arrive. You can do all this yourself in a matter of minutes, having crimping pliers on hand.

In general, a system administrator and a technically savvy user must have a certain set of tools. In addition, many of the tools made from it are used on the farm.

It’s very cool when everything you need is in one place, and not scattered across different boxes. This problem is solved by system administrator tool sets, in which each tool has its own place, and thanks to a convenient case, you can take it with you to a friend or client.

These sets are so diverse that everyone can find one that suits their needs and budget. Here are a few examples that are popular among system administrators.

Includes essential high-quality tools for crimping and testing twisted pair cables.

This set is more suitable for experienced system administrators and installers; it includes:

digital professional twisted pair tester
crimper for crimping connectors (6 in 1)
cable cutting tool
screwdriver with replaceable inserts (34 pcs)
instrument case

A simpler, highly targeted set that contains only the essentials for tasks related to the installation of cable lugs.

This set is more aimed at installers who know what they need for convenient work; it includes:

E Network cable tester
crimper for installing modular connectors (3-position)
cable stripping and stripping tool
Phillips screwdriver 5×75 mm
flat screwdriver 5×75 mm
zipper bag

This set is designed for repairing computers and peripheral devices and includes a large set of tools that can be useful for a variety of purposes.

It is perfect for equipment repair specialists and those users who like to tinker and do everything with their own hands, because it has everything you can imagine:

electric screwdriver
set of bits (25 pcs)
precision screwdrivers
combination wrench (5-11 mm)
set of sockets (5-10 mm)
soldering iron with suction
pliers with wire cutters
parts box
zipper bag

This kit includes everything you need to connect your computer to the network.

It is suitable for specialists who connect computers to the Internet and troubleshoot network problems; its composition will make this work as easy as possible:

E Network cable tester
crimper for crimping connectors (3 in 1)
cable stripper
RJ-45 connectors (80 pcs)
plastic case

There are many more modifications of tool sets and you can choose the one most suitable for yourself, and even if there is not enough of something there, then it is not a problem to supplement it with what you need.

Although the Active Directory service is supported and managed on Windows 2000 or .NET servers, it can also be managed from a remote Windows XP Professional client. This management is implemented through the Windows .NET Administration Tools, a set of tools that can be added to the MMC console of the Windows XP Professional client.

Note. It is important to remember that the Windows XP Professional client you are using must be part of a Windows 2000 domain. “Remotely” does not mean that the domain is managed from the Internet.

As we mentioned earlier, MMC is a useful tool because it allows you to create a customized environment for networking and computer management. This is implemented using snap-ins. You can add as many of them as you need for your work.

The Windows .NET Server Administration Tools Pack (adminpak.msi) allows an administrator to remotely manage Windows 2000 servers from a Windows XP Professional computer.

To install Windows .NET Server Administration Tools Pack on your local computer, download it from http://www.microsoft.com/downloads/release.asp?ReleaseID=34032&area=search&ordinal=1.

The adminpak.msi file is included on the Windows 2000 installation disk. However, there is no version for Windows XP on the Windows XP Professional installation disk, although adminpak.msi is included on the .NET installation disk.

Note. The Administration Toolkit does not work on Windows XP Home Edition or 64-bit versions.

The adminpak.msi file includes the following applications:

Active Directory Domains and Trusts (Active Directory - domains and trust);
Active Directory Sites and Services (Active Directory - sites and services);
Active Directory Users and Computers (Active Directory - users and computers);
Certification Authority;
Cluster Administrator;
Component Services;
Computer Management;
Connection Manager Administraion Kit;
Data Sources (ODBS);
DHCP;
Distributed File System;
Event Viewer;
Local Security Policy;
.NET Framework Configuration;
.NET Wizards (.NET Masters);
Network Load Balancing Manager;
Performance;
Remote Desktops;
Remote Storage;
Routing and Remote Access;
Server Extensions Administrator;
Services;
Telephony;
Terminal Server Licensing;
Terminal Services Manager;
WINS.

In Fig. Figure 6.11 is an example of the Network Load Balancing Manager application. We'll look at the specific features of each Windows .NET Administration Tool in the application.

Domains are an important part of the network. They are not only mechanisms for operating on large networks, but are also important for the functioning of Active Directory and for maintaining security boundaries. In addition to being used on client machines, Windows XP Professional is also used to manage domain resources.

Rice. 6.11. Network Load Balancing Manager is part of the Windows .NET Administration Tools Suite

Attention! If you see an error on our website, highlight it and press Ctrl+Enter.

Lecture 7. Internet information services

While Windows XP Professional boasts new Internet tools, one of the most powerful tools has been around since the advent of Windows NT. Internet Information Services (IIS) provides integrated services for the Hypertext Transport Protocol (HTTP) and File Transfer Protocol (FTP). IIS also includes extensions and applications from other developers that take its capabilities beyond the boundaries of conventional Internet services. This includes email, security, and site management tools.

In this lecture we will look at the main Microsoft web service tool and its application in the Windows XP Professional environment. First we'll talk about what IIS is and how to use it. Next, we'll look at the installation process on Windows XP Professional. At the end of the lecture we will give some useful tips on using IIS.

(2 hours)

GOAL OF THE WORK: studying the basic tools of Windows Server 2003 designed to manage the system and control user actions.

OBJECTIVES OF THE WORK

1. Learn the basics of building peer-to-peer networks and networks with a dedicated server.

2. Study the server system management tools.

3. Understand the principles of setting up an Active Directory domain.

LIST OF SUPPORTING MEANS

2. Software: Oracle VirtualBox, Windows Server 2003 OS.

3. Educational and methodological literature.

General theoretical information

When building and configuring computer networks, their physical and logical topology is taken into account. A physical topology defines the set of networking equipment, including cabling and communications equipment, that is needed to physically connect computers into a network. The logical topology is determined by the settings of network protocols and programs that allow you to configure information flows between network computers.

A computer network can be built using one of three logical topologies:

Based on peer-to-peer nodes that combine client and server functions (peer-to-peer network);

Based on clients and servers (network with dedicated server);

Based on nodes of different types (hybrid network).

When configuring network nodes, you should consider what role they play: as a network server, as a network client node, or as a peer node.

Using special administration tools, you can create a logical group of network computers in a peer-to-peer network - workgroup.

Workgroup is a network environment support tool included with Microsoft Windows.

Workgroup computers share common resources such as files and printers.

When administering each computer, determine:

What resources of this computer will be shared (common);

Which network users will have access to these resources and with what rights.

In this case, each workgroup computer creates its own user databases and local computer security policies.

A workgroup is a convenient network environment for a small number of computers located close to each other.

In a peer-to-peer network, all computers have the same priority and independent administration.

Each computer has an installed operating system of the Microsoft Windows platform of any version or compatible with it. This operating system supports the Microsoft network client.

The user of each computer independently decides whether to provide access to his resources to other network users. This is the simplest network option that does not require special professional knowledge. Setting up such a network does not take much time.

In a network with a dedicated server, resource management of the server and workstations is centralized and carried out from the server. There is no need to bypass all computers on the network and configure access to shared resources. Bringing new computers and users onto the network is also easier. The security of using information online increases. This is convenient for networks with different categories of users and many shared resources.

To create a network with a dedicated server you need:

Install and configure a server operating system on one of the computers, for example Microsoft Windows Server 2003 (on this server a common database of accounts for all users is created, shared resources are assigned, and access to each is determined for categories or individual users);

Install the Windows XP Professional network operating system on client computers, which is configured to work with the server. When connecting to the network, each user registers on the server. Only registered users, i.e. registered on the server can access the network and shared network resources.

To build a peer-to-peer local network, it is enough to connect computers using a network cable (mount a cable system) and install, for example, Windows XP Professional on the computers. The Network Connection Wizard will help you make all the necessary operating system settings.

Changes to user accounts are made centrally by the network administrator on the server. In addition, users can be combined into groups and a separate network policy can be created for each group. This greatly simplifies the administrator's work when assigning access to shared resources.

A dedicated server often performs only one specific function (role), for example:

¾ file server (file server) is used to store files;

¾ print server (print server) provides printers for general use;

¾ application server provides users with network applications;

¾ Web servers provide shared access to data;

¾ router - to provide access to other networks and remote access to your network;

¾ email servers store user mailboxes and organize mail delivery over the network, etc.

In small local networks, as a rule, one server is installed that combines several server functions (roles). This is quite sufficient and economically justified.

Table 8.1

Table of advantages and disadvantages of two types of networks

Advantages	Flaws
Peer-to-peer network
1.Easy to set up	1. Low level of security
2. No server software required	2. Difficulty solving administration problems
3. No qualified system administrator required	3. Performance degradation when sharing network resources
4. Low project cost	4. Lack of centralized network management
Dedicated server network
1. High level of security	1. Difficulty in setting up and administering server systems
2. Centralized network management	2. High cost of implementation
3. Simplified administration during operation	3. Lack of access to network resources when the server fails

In networks with dedicated servers, administration is carried out centrally. To simplify administration, any network computers and shared resources can be combined into groups called domains. A domain is a logical grouping of any computers on a network under one name.

A common database is created for the domain. In Windows Server 2003, this database is called a directory and is part of the Active Directory directory service. .

Objects stored in the directory include both users and network resources.

A domain can unite any computers located on a local network or located in different cities or countries. The physical connection of domain computers can be anything, including telephone lines, fiber optic lines, satellite communications, and others.

The Active Directory directory service is deployed on any server that is part of the network. Such a server receives an additional status - “ domain controller". Network administration and security policy management are carried out on the domain controller.

There can be several domains on a network, and each domain necessarily has one or more domain controllers.

If there are several domain controllers, then the Active Directory database is copied to each one. This increases fault tolerance and makes administration more convenient, because all changes made on one domain controller are reflected on others. This process is called replication.

Exercise

1. Study theoretical material on this topic.

2. Install an Active Directory domain (make the server a domain controller).

3. Verify that the domain controller is installed correctly.

CREDIT REQUIREMENTS

1. For the test, you must provide the results of the work performed.

2. A report with a detailed description of the work performed.

3. Prepare answers to questions.

TECHNOLOGY for doing the work

Installing an Active Directory domain:

1. Start the virtual machine.

2. Launch the “Manage this server” program if it does not start automatically: “Start” – “Administration” – “Manage this server” (Fig. 8.1).

Rice. 8.1. Launching the “Manage this server” program

3. In the “Manage this server” window that opens, run the server setup wizard by selecting “Add or remove a role.”

4. In the “Preliminary Steps” window, carefully read the requirements.

5. In the dialog box, select “Settings”, check the “Special configuration” item and click the “Next” button.

6. Select the “Domain Controller (Active Directory)” role, then view and confirm the selected parameters.

7. The “Active Directory Installation Wizard” will start. Click the “Next” button.

9. In the “Domain Controller Type” dialog box, select the “Domain controller in a new domain” radio button and click the “Next” button (Fig. 8.2).

Rice. 8.2. Domain Controller Type window

10. In the “Create a new domain” dialog box, leave the radio button in the “New domain in a new forest” position.

11. In the New Domain Name dialog box, in the Full DNS Name of the new domain field, enter: name.is4.local(instead of the word " Name» substitute a unique name consisting of Latin letters and numbers no longer than 63 bytes).

12. In the “NetBIOS Domain Name” dialog box, leave the default name.

13. In the “Database and Log Folders” dialog box, leave the suggested path C:\WINDOWS\NTDS for the database and C:\WINDOWS\NTDS for the log.

From the point of view of optimizing the operation of the domain controller, it is more profitable to place the database and log files on different physical disks.

14. In the “Sharing System Volume” dialog box, leave the suggested path C:\WINDOWS\SYSVOL.

It should be noted that the "SYSVOL" folder cannot be moved in the future. Therefore, you must ensure that there is enough space on the disk on which the installation is to be performed. This folder contains GPOs which cause it to take up a lot of space, and if there is not enough disk space, it will cause problems with domain functionality.

15. Carefully read the contents of the “DNS Registration Diagnostics” dialog box and, by setting the switch to the “The problem will be solved later by manually setting up DNS” position, continue the “Active Directory Installation Wizard”.

16. In the “Permissions” dialog box that appears, check the “Permissions compatible only with Windows 2000 or Windows Server 2003” option.

17. In the "Recovery Mode Administrator Password" dialog box, set the "Recovery Mode Password" field and the "Confirmation" field to the password " vo$t@nD#1", which will be used when restoring the Active Directory database.

You should not use the normal administrator password as the recovery password. The domain administrator password must be changed periodically, while the recovery mode password always remains the same. If you are installing an additional domain controller, you should select a different recovery password for it, such as " vo$t@nD#2».

18. In the Summary dialog box, check that the settings for all Active Directory domain parameters are correct. If errors are identified, return to the dialog box and correct the necessary parameters. Click the “Next” button to start the further process of installing the domain controller.

19. Complete the installation by clicking the “Finish” button.

20. After finishing the Active Directory Installation Wizard, restart the computer.