NT Server 4.0 (70-67)

Planning

NT supports the following file systems:

  • FAT - the same file system used by many other operating systems.  Has a max size of 4 GB and is slower than NTFS.  Does not allow file system security

  • NTFS- is faster and more secure than FAT.   Allows up to 16 exabytes of storage on a single partition. Also allows for file compression.  Required if this server will be accessed by Macintosh computers

  • CDFS - A read only file system for CD Roms

Fault Tolerance

  • Raid 1 (Disk Mirroring)- Data is written to two physical disks.  Writing to a disk is slow but reading from a disk is faster.   The boot and system partitions can be mirrored. Disk duplexing is the same as disk mirroring except that each disk has its own controller.

  • Raid 5 (Disk Striping with Parity) - Data is written evenly across stripes.  Each stripe has a parity block that will be used to regenerate data in case of a disk failure.  The boot and sytem partitions can't be included in a stripe set with parity.  Stripe sets without parity are not fault tolerant.

Choosing a Protocol:

  • TCP/IP - is the default protocol for NT Server.   Is the protocol of the internet.  This protocol is routable and is probably the best choice for a large network.

  • NWLink - This protocol is compatible with Novell's IPX/SPX.  It is routable but it not usually used unless you are connecting to a Novell network.

  • NETBeui - the fastest protocol but is not routable.   Requires almost no manual configuration.  Is useful for small LAN's.

Installation and Configuration

Hardware Requirements - 486 processor or greater, 12 MB of RAM, 125 MB of free disk space, all other hardware must be NT compatible (chekc the HCL)

Server Roles:

  • Primary Domain Controller (PDC) - Only one per domain, is the first server installed.  Contains the master directory database.

  • Backup Domain Controller (BDC) - Contains a copy of the directory database.  Can authenticate users.  If necessary because of PDC failure, a BDC can be promoted to a PDC.  More than one BDC can exist in a domain.

  • Member Server- Does not contain a copy of the directory database and does not authenticate users.  Provides file and print services and runs applications.

Installation Methods:

  • CD Rom - the most common.  Insert setup disk #1 and follow the prompts.  You will be prompted to insert the CD Rom

  • Over the Network - boot with a network floppy and access a share containing the installation files.  Run winnt.exe to begin installation

  • The Network Client Administrator is used to create the network boot floppy.

  • The following switches can be used during setup:    Run winnt.exe /switch

    • /B - no boot floppies

    • /U - unattended install, requires an answer file be created to totally automate the install

    • /OX - will create the three setup disks only

Configure Protocols - (All protocols and adapters are configured using the Network properties from Control Panel)

  • TCP/IP- requires an IP address, subnet mask and default gateway.  
  • NWLink- requires proper frame type.  May also need to adjust the network address
  • NETBeui- requires no extra configuration
  • Each protocol must be bound to a network adapter card in order to be functional.  The bindings are viewed from the Bindings tab in the Network Properties.

Core Services:

  • Directory Replicator - allows directory contents to be replicated to other servers.  The default export directory is \winnt\system32\repl\export\. The replication is configured through Server Manager.  On the import computer you must specify a service account that was set up on the export computer.  This is entered in Control Panel-Services-Directory Replication.  Any errors will be reported in the Event Viewer.
  • License Manager - Will track licenses for products installed on your network.  Licenses can be added or removed and a client's access to a server can be revoked from License Manager
  • Computer Browser:

Domain Master Browser- merges browse lists from all Master Browsers.  It then forwards the complete browse list to all master browsers.   The Domain Master Browser will be the PDC.

Master Browser - compiles a browse list of all servers and workstations.  This list is forwarded to the Domain Master Browser

Backup Browsers - receives a copy of the browse list from the Master Browser.  Can server as a Master Browser if necessary

Potential Browser -  can become a browser if necessary

Non-Browser - will not be a browser

Configuring Disks-

  • Use Disk Administrator to create and format partitions, set up fault tolerance and improve performance

Configuring Printers-

  • If a printer is added locally, the driver must be installed locally.  If a network printer is installed, the driver will be downloaded from the server.

  • A printer pool can be created if two printers use the same driver.  In order to set up a printer pool set each printer so that it prints to multiple ports of the other identical printers.

  • Print priorities are set on the printers properties tab.  Print operaters can also change the priority of the print jobs while they are in the spool

Managing Resources

  • Remember - Users into Global, Global into Local
  • User accounts are created for each individual users, global groups contain user accounts and are then placed into local groups for the purpose of assigning permissions. Local groups exist only on the local machine, global groups can be used anywhere across the network.
  • Built in Groups:

    Administrators - have complete administrative control over the entire domain

    Users- all new accounts are placed into the Users group.   Provides user accounts with default permissions.

    Guests - all guest accounts are placed in this group.  Has very limited rights.

    Backup Operators- Allows for users to backup and restore files

    Replicator- Used in Directory Replication.  See above

    Print Operators - Allows members to create, manage and delete printer shares

    Server Operators - Allows members to log on to the server, shut it down, change system time, backup and restore files and manage network shares

    Domain Admins (global group) - by default is a member of the Administrators group.  Allows members to administrate the domain.

    Domain Users (global group) - by default all user accounts are made a member of this group. Has default user rights.

    Domain Guests (global group) - all guest accounts are automatically made a member of this group.  Has very limited access

  • Policies and auditing are set up through user manager.   Auditing allows the tracking of successes and failures of account usage.

Profiles

  • Local profiles exist on the local workstation and are only accessible at that workstation.
  • Roaming profiles are stored on the server and are downloaded to the workstation.  Allows the user to retain all settings no matter which machine the login on.
  • System policies are created with Policy Editor and allow an Administrator to "lock down" the users interface and access to the machine.

Managing Disk Resources

  • When files or directories are moved or copied to a different parition the attributes of the destination directory are inherited
  • When files are moved within the same partition, the original attributes are retained

Directory and File permissions (file permissions require an NTFS partition)

  • No Access - users cannot access the directory

  • List -  the contents of the directory can be viewed

  • Read - the contents can be viewed and a program can be executed so the file can be read

  • Add - the user can copy a file into a directory but cannot see the contents

  • Add & Read - the user can see the contents and can copy files to the directory

  • Change - files can be viewed and modified and deleted

  • Full Control - all of the above rights apply and the user can also controle permissions

Connectivity

Configure NT/Netware interoperability

  • Install Gateway Services for Netware and NWLink on the NT Server.  Setup an NTGATEWAY group on both the NT and Netware servers, setup an identical user account on both servers, check the enable gateway box.  This will   allow users to see the shared directories and printers of a  Netware server.

  • Migration Tool for Netware - This is used to migrate Netware users and groups and the data contained on the Netware server.  There is an option to allow for a trial migration to work out any problems before the migration.

RAS

  • RAS is supported over public telephone networks, X.25, ISDN, and a null mode cable

  • RAS supports the PPP protocol as both a client and server.  SLIP is supported only as a client.  PPTP allows TCP/IP packets to be securely transmitted via RAS over the internet

  • RAS security includes setting then encryption level betwenn server and client.  Callback security will hang up and call a user back at a predetermined number.

Monitoring and Optimization

Performance Monitor

  • Can be used to determine the overall functionality of the server.  Is also useful in determining bottlenecks in the server.

  • Memory, processors and hard disks are common causes of bottlenecks

Troubleshooting

Installation Failures - Is media corrupted?  Do you meet the requirements for installation?

Boot Failures - This may require that the boot.ini be edited.  The boot.ini uses the ARC Naming Convention to determine the location of the system files.  It may apper as   multi(x)disk(y)rdisk(z)partition(a) or scsi(x)disk(y)rdisk(z)partition(a)

  • multi or scsi (x)- will identify the hardware adapter.  Scsi is only used if the controller bios is disabled

  • disk (y) - scsi bus number, always 0 if multi is used

  • rdisk (z) - physical drive number, ignored for scsi

  • partition (a) - the logical partition number of the location of the system files

Printer Problems - may be necessary to stop and restart the spooler service.  At a command prompt type net stop spooler then net start spooler

Connectivity Problems- Are you using the proper protocol?  Is it bound to the network card?  Do you have an IP address?