WINDOWS 1002000 PROFESSIONAL RESOURCE KIT [Electronic resources] نسخه متنی

اینجــــا یک کتابخانه دیجیتالی است

با بیش از 100000 منبع الکترونیکی رایگان به زبان فارسی ، عربی و انگلیسی

جستجو بر اساس ... همه عنوان پدیدآور موضوع یادداشت تمام متن
اصطلاحنامه مجموعه ها مرورالفبایی لغت نامه دهخدا
جستجو در لغت نامه
بیشتر
کتابخانه شخصی پرسش از کتابدار ارسال منبع

WINDOWS 1002000 PROFESSIONAL RESOURCE KIT [Electronic resources] - نسخه متنی

Chris Aschauer

| نمايش فراداده ، افزودن یک نقد و بررسی
افزودن به کتابخانه شخصی
میخواهم بخوانم
درحال خواندن
خوانده شده
ارسال به دوستان

آدرس پست الکترونیک گیرنده :

آدرس پست الکترونیک فرستنده :

نام و نام خانوارگی فرستنده :

پیغام برای گیرنده ( حداکثر 250 حرف ) :

کد امنیتی را وارد نمایید

ارسال
جستجو در متن کتاب
بیشتر
تنظیمات قلم

فونت

اندازه قلم

+ - پیش فرض

حالت نمایش

روز نیمروز شب
جستجو در لغت نامه
بیشتر
لیست موضوعات

Sitemap

Cover

Acknowledgments

Introduction

Document Conventions

Resource Kit Compact Disc

Resource Kit Support Policy

Part I: Overview

Chapter 1 -- Introducing Windows 2000 Professional

Quick Guide to Using Windows 2000 Professional

Overview

Deployment and Installation

Configuration and Management

Networking

Interoperability

Performance Monitoring

Troubleshooting

Accessibility

Where to Find More Information in this Book

Additional Resources

Chapter 2 -- Using Windows 2000 Professional with Windows 2000 Server

Quick Guide to Using Windows 2000 Professional with Windows 2000 Server

Centralized Deployment

Centralized Administration

Advanced Security

Robust Networking Infrastructure

Interoperability with Other Networks

Additional Resources

Part II: Deployment and Installation

Chapter 3 -- Deploying Windows 2000 Professional

Quick Guide to Deploying Windows 2000 Professional

Mapping Your Needs to Windows 2000 Professional

Planning Your Deployment

Determining a Preferred Client Configuration

Assessing Your Current Network Infrastructure

Determining a Client Connectivity Strategy

Determining Implementation Methods

Testing Your Deployment Plan

Conducting a Pilot

Preparing for the Rollout

Chapter 4 -- Installing Windows 2000 Professional

Quick Guide

What's New

Planning Your Installation

Running Setup

Post-Installation Tasks

Additional Resources

Chapter 5 -- Customizing and Automating Installations

Quick Guide to Customizing and Automating Installations

Overview of Customizing and Automating Installations

Step 1: Plan

Step 2: Prepare

Step 3: Customize

Step 4: Deploy

Additional Resources

Chapter 6 -- Setup and Startup

Quick Guide to Setup and Startup

Phases of Setup

Windows 2000 Professional Startup Process

Plug and Play Device Detection

Installing a Multiple-Boot Operating System

Installing Service Packs

Removing Windows 2000 Professional from Your Computer

Troubleshooting Windows 2000 Professional Setup

Part III: System Configuration and Management

Chapter 7 -- Introduction to Configuration and Management

Quick Guide to Workstation Configuration and Management

What's New

Managing Windows 2000 Professional in a Windows 2000 Server Environment

Managing Windows 2000 Professional in a Non-Windows 2000 Environment

Managing Users and Groups

Group Policy

Management Tools

Managing Windows 2000 Professional in a Multilanguage Environment

Making Windows 2000 Professional More Accessible

Chapter 8 -- Customizing the Desktop

Quick Guide to Customizing the Desktop

Overview of Desktop Customization and Configuration

Defining Desktop Administration Standards

Implementing Custom Desktops in a Windows 2000 Server Network

Implementing Custom Desktop Configurations in Non-Windows 2000 Server Networks

Using Group Policy Settings for Desktop Control

Desktop Shortcuts and Icons

Active Desktop and Wallpaper Settings

Start and Programs Menus

Customizing the Taskbar and Toolbars

Limiting Access to Display Options

Screen Saver Group Policy Settings

Restoring the Original Configuration

Choosing a New User Interface

Troubleshooting

Additional Resources

Chapter 9 -- Managing Files, Folders, and Search Methods

Quick Guide to Files, Folders, and Search Methods

What's New

Windows 2000 Server Network Advantages

Working with Files and Folders

Customizing Folders

Using Offline Files and Folders

Searching for Files, Folders, and Network Resources

Troubleshooting

Additional Resources

Chapter 10 -- Mobile Computing

Mobile Computing Quick Guide

What's New

Setting Up a Portable Computer

Configuring Offline Files for Portable Computers

Configuring Power Management

Managing Hardware on Portable Computers

Security Considerations for Portable Computers

Folder Redirection and Configuring Roaming User Profiles

Hardware Issues Related to Portable Computers

Chapter 11 -- Multimedia

Quick Guide to Multimedia

What's New

Optimizing Workstations for Multimedia

Using Multimedia Effectively

Troubleshooting Multimedia

Additional Resources

Chapter 12 -- Telephony and Conferencing

Quick Guide to Telephony and Conferencing

Overview of Telephony and Conferencing

Configuring Telephony and Conferencing

Troubleshooting

Additional Resources

Chapter 13 -- Security

Quick Guide to Security

What's New

Planning for Security

User Authentication

Security Groups, User Rights, and Permissions

Security Policy

Security Templates

Remote Access

Internet Protocol Security

Encrypting File System

Public Key Technology

Protecting User Data on Portable Computers

Additional Resources

Chapter 14 -- Printing

Quick Guide to Printing

What's New

Finding Printers

Installing Printers

Configuring Printers

Creating and Sending Print Jobs

Monitoring and Managing Print Jobs

Printer Pooling

Printing Concepts

Troubleshooting Printing Problems

Additional Resources

Chapter 15 -- Scanners and Cameras

Quick Guide to Scanners and Cameras

What's New

Installing Scanners and Cameras

Configuring Scanners and Cameras

Scanner and Camera Concepts

Troubleshooting

Chapter 16 -- Fonts

Quick Guide to Fonts

What's New

Installing Fonts

Managing Installed Fonts

Character Set Types

Supported Code Pages

Troubleshooting Font Problems

Chapter 17 -- File Systems

Quick Guide to File Systems

Overview of Windows 2000 File Systems

File System Comparisons

FAT

NTFS

Compact Disc File System

Universal Disk Format

Using Long File Names

File System Tools

Chapter 18 -- Removable Storage and Backup

Quick Guide to Removable Storage

Overview of Removable Storage

Administering Removable Storage

Troubleshooting Removable Storage

Overview of Backups

Establishing a Backup Plan

Backing Up System State Data

Using the Backup Tool

Chapter 19 -- Device Management

Quick Guide to Device Management

What's New

Device Tree

Plug and Play

Device Installation

Configuring Device Settings

Troubleshooting Device Management

Additional Resources

Chapter 20 -- Power Management

Quick Guide to Power Management

Overview of Power Management

Power Management Features

Understanding the Advanced Configuration and Power Interface

Using the Power Management Interface

Troubleshooting Power Management

Additional Resources

Part IV: Network Configuration and Management

Chapter 21 -- Local and Remote Network Connections

Quick Guide to Local and Remote Network Connections

Overview of Local and Remote Network Connections

Creating, Configuring, and Monitoring Connections

Remote Network Security

Group Policies for Network and Dial-up Connections

Internet Connection Sharing

Internet Connection Sharing Scenario: Connecting Your Branch Office's Intranet to the Internet

Troubleshooting

Chapter 22 -- TCP/IP in Windows 2000 Professional

TCP/IP Configuration Quick Guide

Overview of Windows 2000 TCP/IP

Install TCP/IP

Configure IP Address Assignment

Configure TCP/IP Name Resolution

Configure Multihoming

Configure Local IP Routing Table

Configure Internet Connection Sharing

Configure IP Security and Filtering

Configure Quality of Service

Perform TCP/IP Troubleshooting

Additional Resources

Chapter 23 -- Windows 2000 Professional on Microsoft Networks

Quick Guide to Windows 2000 Professional on Microsoft Networks

Overview of Microsoft Networking

Configure Transport Protocols

Join Network Environment

Confirm Group Membership

Troubleshooting Microsoft Networking

Part V: Network Interoperability

Chapter 24 -- Interoperability with NetWare

Quick Guide to NetWare Interoperability

Overview of Windows 2000 Professional and NetWare Connectivity

Client Service and Gateway Service

Configuring Client Service for NetWare

Accessing NetWare Resources

NetWare Administration Through Windows 2000 Professional

Windows 2000 Professional and NetWare Security

NWLink

Troubleshooting Windows 2000 Professional and NetWare Connectivity

Chapter 25 -- Interoperability with UNIX

Quick Guide to UNIX Interoperability

Overview of Windows 2000 Professional and UNIX Connectivity

Planning and Installing Services for UNIX on Windows 2000 Professional

Configuring Services for UNIX on Windows 2000 Professional

Tools

Troubleshooting

Chapter 26 -- Interoperability with IBM Host Systems

Quick Guide to Interoperability with IBM Host Systems

Overview of Interoperability with IBM Host Systems

DLC Protocol

SNA Server Client and Components

Network Management Integration

Windows 2000 Professional and IBM Host Security

Troubleshooting

Part VI: Performance Monitoring

Chapter 27 -- Overview of Performance Monitoring

Quick Guide to Monitoring Performance

Performance Monitoring Concepts

Monitoring Tools

Starting Your Monitoring Routine

Analyzing Monitoring Results

Investigating Bottlenecks

Troubleshooting Problems with Performance Tools

Monitoring Remote Computers

Monitoring Legacy Applications

Integrating the System Monitor Control into Office and Other Applications

Chapter 28 -- Evaluating Memory and Cache Usage

Quick Guide to Monitoring Memory

Overview of Memory Monitoring

Determining the Amount of Installed Memory

Understanding Memory and the File System Cache

Establishing a Baseline for Memory

Investigating Memory Problems

Resolving Memory and Cache Bottlenecks

Additional Resources

Chapter 29 -- Analyzing Processor Activity

Quick Guide to Monitoring Processors

Overview of Processor Monitoring and Analysis

Establishing a Baseline for Processor Performance

Recognizing a Processor Bottleneck

Processes in a Bottleneck

Threads in a Bottleneck

Advanced Topic: Changing Thread Priority to Improve Performance

Eliminating a Processor Bottleneck

Additional Resources

Chapter 30 -- Examining and Tuning Disk Performance

Quick Guide to Monitoring Disks

Disk Monitoring Concepts

Configuring the Disk and File System for Performance

Working with Disk Counters

Establishing a Baseline for Disk Usage

Investigating Disk Performance Problems

Resolving Disk Bottlenecks

Evaluating Cache and Disk Usage by Applications

Part VII: Troubleshooting

Chapter 31 -- Troubleshooting Tools and Strategies

Quick Guide to Troubleshooting

General Troubleshooting Strategy

Startup and Recovery Tools

Maintenance and Update Tools

System File and Driver Tools

Applications Tools

Networking Tools

Troubleshooting Procedures

Chapter 32 -- Disk Concepts and Troubleshooting

Quick Guide to Disk Concepts

Basic and Dynamic Disks

Disk Sectors Critical to Startup

Troubleshooting Disk Problems

Additional Resources

Chapter 33 -- Windows 2000 Stop Messages

System Messages

Stop Messages

Troubleshooting Stop Messages

Hardware Malfunction Messages

Additional Resources

Appendix A -- Accessibility for People with Disabilities

Quick Guide to Accessibility for People with Disabilities

Overview of Accessibility in Windows 2000 Professional

Customizing Computers for Accessibility

Setting Accessibility Options by Type of Disability

Configuring Accessibility Features

Adding Third-Party Products and Services

Additional Resources

Appendix B -- Sample Answer Files for Windows 2000 Professional Setup

Answer File Format

Answer File Keys and Values

Sample Answer Files

Additional Resources

Appendix C -- Hardware Support

Overview of Hardware Support

Universal Serial Bus

IEEE 1394

Supporting Other Buses

New and Enhanced Hardware Support

Troubleshooting Hardware Support Components

Additional Resources

Glossary

3

5

8

A

B

C

D

E

F

G

H

I

J

K

L

M

N

O

P

Q

R

S

T

U

V

W
توضیحات
افزودن یادداشت جدید







Security Considerations for Portable Computers


Because portable computers are vulnerable to theft, it is important that you secure a portable computer and the data on it with as many Windows 2000 security features as possible. In general, hard drives format to use NTFS so that permissions can be set and encryption (EFS) enabled on files and folders. Add the users of portable computers to the Power Users group so that they have maximum control of the computer without having full control of the system. Users should use strong passwords for logging on to their network and administrators should use strong passwords for the local administrator account. Use Group Policy settings as much as possible to restrict access to the computer and any data on it. For more information about these security features, see "Security," "Managing Files, Folders, and Search Methods," and "File Systems" in this book. In this section, the discussion focuses on security considerations that are relevant to portable computers, including undocking privileges, BIOS security, and security for offline files.

Undocking Portable Computers


Portable computers can be undocked in any one of the following ways depending on the type of docking station, the type of portable computer, and the permissions and Group Policy settings that have been implemented on the computer.


    While the portable computer is shut down and the power is off, someone physically ejects it or removes it from the docking station (a cold undock).

    While the portable computer is running, someone physically ejects it or removes it from the docking station (a surprise removal).

    While the portable computer is running, someone uses the Eject PC command in Windows 2000 Professional to eject the computer from the docking station (a hot undock).


Each of these undocking methods relies on a different security mechanism to restrict undocking. Some of these security mechanisms are configurable, and some are not.

Undock Notifications


Depending on how a portable computer is undocked, Windows 2000 might or might not receive notification. Depending on how the notification is reported, Windows 2000 might or might not be able to authorize the undock event.

When someone shuts down a portable computer and physically ejects or removes it from its docking station, Windows 2000 is not notified that the computer is being undocked (that is, turned off). In this case, the only security that restricts undocking is physical security (for example, a keyed lock on the docking station or a cable connected between the docking station and the portable computer).

When someone physically ejects or removes a portable computer from its docking station without first shutting down Windows 2000 or turning off the portable computer, the BIOS notifies Windows 2000 that the portable computer has been undocked. This notification is initiated in kernel mode. When an undock notification is initiated in kernel mode, Windows 2000 does not perform a security check to determine whether there are any restrictions (for example, Group Policy settings) that affect the removal of the computer. In other words, Windows 2000 performs no security check. In this case, the only security mechanism that restricts undocking is physical security.

When someone uses Eject PC in Windows 2000 Professional to eject or remove a portable computer from a docking station, Windows 2000 is notified that the computer is being undocked. This notification is initiated in user mode. When an undock notification is initiated in user mode, Windows 2000 performs a security check to determine whether there are any undocking restrictions.

Setting Undock Permissions


You can choose a local Group Policy setting that controls who has docking privileges on a portable computer. If a user has the undocking privilege, he or she is able to use the Eject PC command. If the user does not have the undocking privilege, the Eject PC command is not available. However, any program can call the application programming interface (API) that controls the Eject PC command, which means that any program can have its own button or menu item that tries to eject a portable computer. If a user tries to use such a button or menu item and doesn't have the undocking privilege, the command fails, but the user is not notified about why it failed.

To set undocking privileges by using group policy


    From the Start menu, click Run, and then type::

    gpedit.msc

    Press ENTER.

    In the view pane of Group Policy, under Computer Configuration, open the Windows Settings folder, Security Settings, and the Local Policies folder.

    Click the User Rights Assignment folder.

    In the details pane, double-click Remove computer from docking station.

    In the Local Security Policy Setting dialog box, under Local Policy Setting, clear the check box next to any user or group that you do not want to have the undocking privilege. If you want to add users and groups to the list, click Add.


NOTE

This procedure restricts undocking only when a user attempts to undock a portable computer by using the Eject PC command.

By default, undocking privileges are granted to everyone during clean installs of Windows 2000 and during upgrades from Windows 95, Windows 98, and Windows NT 4.0. In these cases, you must use the preceding procedure if you want to prevent users from undocking.

BIOS Security


Some computers allow you to implement system security or device security at the BIOS level. Equipment manufacturers usually implement this type of security by requiring a password at startup while the BIOS is loading. If the user enters an incorrect password, the BIOS does not finish loading and the computer does not start; or the BIOS might finish loading, but it does not transfer control of the computer to Windows 2000. Although this type of security is designed to control access to the computer at startup, it might also control access when the computer resumes from a low power state such as standby mode or hibernate mode. In these cases, users might have to enter the BIOS password when the system resumes from either standby or hibernate mode.

If you want to implement BIOS security on a portable computer, contact the portable computer manufacturer to verify that it operates properly with the standby and hibernate features of Windows 2000. Also be aware that BIOS security can supercede Windows 2000 security insofar as it prevents Windows 2000 from taking control of the computer or various other devices.

Offline Files


Offline files use two types of security to ensure that offline files are secure. The first type of security protects the Offline Files folder, including the Offline Files database and the stored offline files, from unauthorized access. The second type of security ensures that offline files and folders behave like their network counterparts with regard to user rights.

Protecting the Offline Files Folder


Offline files are stored (cached) in the Offline Files folder. This folder is machine-centric not user-centric, which means that there is only one Offline Files folder for each computer and all offline files are stored in this folder. By default, this folder is protected by administrator-level permissions so that unauthorized users cannot view the contents. However, these permissions are only applied to the folder if the folder is located on a drive that is formatted to use NTFS. (A warning notifies you of this when you first cache an offline file on a FAT or FAT32 drive.)

Maintaining File and Folder Permissions


In addition to the protection afforded by the permissions on the actual Offline Files folder, offline files and folders retain the permissions set specifically on them when they were on the network share. This type of security is important if multiple users use a single computer. For example, if John creates a file on a network share, changes its permissions so that only he has access to the file, and then makes the file available offline, another user who tries to open the offline version of the file on John's computer is denied access just as if he or she tried to open the file directly on the network share.

This type of security is applied to offline files independent of the formatting of the user's hard disk. In other words, if you set permissions on a file on a network share that is formatted to use NTFS and you make that file available offline on a computer that has a FAT or FAT32 drive, the permissions carry over to the offline version of the file, even though the drive is formatted to use FAT or FAT32.

NOTE

Offline files and folders do not retain encryption. If a user encrypts a file or folder on a network share using EFS and then makes the file or folder available offline, the offline version of the file or folder is not encrypted with EFS.

Also, you cannot encrypt the Offline Files folder by using EFS. It is a system folder, and system folders cannot be encrypted.

/ 335