WINDOWS 1002000 PROFESSIONAL RESOURCE KIT [Electronic resources] نسخه متنی

اینجــــا یک کتابخانه دیجیتالی است

با بیش از 100000 منبع الکترونیکی رایگان به زبان فارسی ، عربی و انگلیسی

جستجو بر اساس ... همه عنوان پدیدآور موضوع یادداشت تمام متن
اصطلاحنامه مجموعه ها مرورالفبایی لغت نامه دهخدا
جستجو در لغت نامه
بیشتر
کتابخانه شخصی پرسش از کتابدار ارسال منبع

WINDOWS 1002000 PROFESSIONAL RESOURCE KIT [Electronic resources] - نسخه متنی

Chris Aschauer

| نمايش فراداده ، افزودن یک نقد و بررسی
افزودن به کتابخانه شخصی
میخواهم بخوانم
درحال خواندن
خوانده شده
ارسال به دوستان

آدرس پست الکترونیک گیرنده :

آدرس پست الکترونیک فرستنده :

نام و نام خانوارگی فرستنده :

پیغام برای گیرنده ( حداکثر 250 حرف ) :

کد امنیتی را وارد نمایید

ارسال
جستجو در متن کتاب
بیشتر
تنظیمات قلم

فونت

اندازه قلم

+ - پیش فرض

حالت نمایش

روز نیمروز شب
جستجو در لغت نامه
بیشتر
لیست موضوعات

Sitemap

Cover

Acknowledgments

Introduction

Document Conventions

Resource Kit Compact Disc

Resource Kit Support Policy

Part I: Overview

Chapter 1 -- Introducing Windows 2000 Professional

Quick Guide to Using Windows 2000 Professional

Overview

Deployment and Installation

Configuration and Management

Networking

Interoperability

Performance Monitoring

Troubleshooting

Accessibility

Where to Find More Information in this Book

Additional Resources

Chapter 2 -- Using Windows 2000 Professional with Windows 2000 Server

Quick Guide to Using Windows 2000 Professional with Windows 2000 Server

Centralized Deployment

Centralized Administration

Advanced Security

Robust Networking Infrastructure

Interoperability with Other Networks

Additional Resources

Part II: Deployment and Installation

Chapter 3 -- Deploying Windows 2000 Professional

Quick Guide to Deploying Windows 2000 Professional

Mapping Your Needs to Windows 2000 Professional

Planning Your Deployment

Determining a Preferred Client Configuration

Assessing Your Current Network Infrastructure

Determining a Client Connectivity Strategy

Determining Implementation Methods

Testing Your Deployment Plan

Conducting a Pilot

Preparing for the Rollout

Chapter 4 -- Installing Windows 2000 Professional

Quick Guide

What's New

Planning Your Installation

Running Setup

Post-Installation Tasks

Additional Resources

Chapter 5 -- Customizing and Automating Installations

Quick Guide to Customizing and Automating Installations

Overview of Customizing and Automating Installations

Step 1: Plan

Step 2: Prepare

Step 3: Customize

Step 4: Deploy

Additional Resources

Chapter 6 -- Setup and Startup

Quick Guide to Setup and Startup

Phases of Setup

Windows 2000 Professional Startup Process

Plug and Play Device Detection

Installing a Multiple-Boot Operating System

Installing Service Packs

Removing Windows 2000 Professional from Your Computer

Troubleshooting Windows 2000 Professional Setup

Part III: System Configuration and Management

Chapter 7 -- Introduction to Configuration and Management

Quick Guide to Workstation Configuration and Management

What's New

Managing Windows 2000 Professional in a Windows 2000 Server Environment

Managing Windows 2000 Professional in a Non-Windows 2000 Environment

Managing Users and Groups

Group Policy

Management Tools

Managing Windows 2000 Professional in a Multilanguage Environment

Making Windows 2000 Professional More Accessible

Chapter 8 -- Customizing the Desktop

Quick Guide to Customizing the Desktop

Overview of Desktop Customization and Configuration

Defining Desktop Administration Standards

Implementing Custom Desktops in a Windows 2000 Server Network

Implementing Custom Desktop Configurations in Non-Windows 2000 Server Networks

Using Group Policy Settings for Desktop Control

Desktop Shortcuts and Icons

Active Desktop and Wallpaper Settings

Start and Programs Menus

Customizing the Taskbar and Toolbars

Limiting Access to Display Options

Screen Saver Group Policy Settings

Restoring the Original Configuration

Choosing a New User Interface

Troubleshooting

Additional Resources

Chapter 9 -- Managing Files, Folders, and Search Methods

Quick Guide to Files, Folders, and Search Methods

What's New

Windows 2000 Server Network Advantages

Working with Files and Folders

Customizing Folders

Using Offline Files and Folders

Searching for Files, Folders, and Network Resources

Troubleshooting

Additional Resources

Chapter 10 -- Mobile Computing

Mobile Computing Quick Guide

What's New

Setting Up a Portable Computer

Configuring Offline Files for Portable Computers

Configuring Power Management

Managing Hardware on Portable Computers

Security Considerations for Portable Computers

Folder Redirection and Configuring Roaming User Profiles

Hardware Issues Related to Portable Computers

Chapter 11 -- Multimedia

Quick Guide to Multimedia

What's New

Optimizing Workstations for Multimedia

Using Multimedia Effectively

Troubleshooting Multimedia

Additional Resources

Chapter 12 -- Telephony and Conferencing

Quick Guide to Telephony and Conferencing

Overview of Telephony and Conferencing

Configuring Telephony and Conferencing

Troubleshooting

Additional Resources

Chapter 13 -- Security

Quick Guide to Security

What's New

Planning for Security

User Authentication

Security Groups, User Rights, and Permissions

Security Policy

Security Templates

Remote Access

Internet Protocol Security

Encrypting File System

Public Key Technology

Protecting User Data on Portable Computers

Additional Resources

Chapter 14 -- Printing

Quick Guide to Printing

What's New

Finding Printers

Installing Printers

Configuring Printers

Creating and Sending Print Jobs

Monitoring and Managing Print Jobs

Printer Pooling

Printing Concepts

Troubleshooting Printing Problems

Additional Resources

Chapter 15 -- Scanners and Cameras

Quick Guide to Scanners and Cameras

What's New

Installing Scanners and Cameras

Configuring Scanners and Cameras

Scanner and Camera Concepts

Troubleshooting

Chapter 16 -- Fonts

Quick Guide to Fonts

What's New

Installing Fonts

Managing Installed Fonts

Character Set Types

Supported Code Pages

Troubleshooting Font Problems

Chapter 17 -- File Systems

Quick Guide to File Systems

Overview of Windows 2000 File Systems

File System Comparisons

FAT

NTFS

Compact Disc File System

Universal Disk Format

Using Long File Names

File System Tools

Chapter 18 -- Removable Storage and Backup

Quick Guide to Removable Storage

Overview of Removable Storage

Administering Removable Storage

Troubleshooting Removable Storage

Overview of Backups

Establishing a Backup Plan

Backing Up System State Data

Using the Backup Tool

Chapter 19 -- Device Management

Quick Guide to Device Management

What's New

Device Tree

Plug and Play

Device Installation

Configuring Device Settings

Troubleshooting Device Management

Additional Resources

Chapter 20 -- Power Management

Quick Guide to Power Management

Overview of Power Management

Power Management Features

Understanding the Advanced Configuration and Power Interface

Using the Power Management Interface

Troubleshooting Power Management

Additional Resources

Part IV: Network Configuration and Management

Chapter 21 -- Local and Remote Network Connections

Quick Guide to Local and Remote Network Connections

Overview of Local and Remote Network Connections

Creating, Configuring, and Monitoring Connections

Remote Network Security

Group Policies for Network and Dial-up Connections

Internet Connection Sharing

Internet Connection Sharing Scenario: Connecting Your Branch Office's Intranet to the Internet

Troubleshooting

Chapter 22 -- TCP/IP in Windows 2000 Professional

TCP/IP Configuration Quick Guide

Overview of Windows 2000 TCP/IP

Install TCP/IP

Configure IP Address Assignment

Configure TCP/IP Name Resolution

Configure Multihoming

Configure Local IP Routing Table

Configure Internet Connection Sharing

Configure IP Security and Filtering

Configure Quality of Service

Perform TCP/IP Troubleshooting

Additional Resources

Chapter 23 -- Windows 2000 Professional on Microsoft Networks

Quick Guide to Windows 2000 Professional on Microsoft Networks

Overview of Microsoft Networking

Configure Transport Protocols

Join Network Environment

Confirm Group Membership

Troubleshooting Microsoft Networking

Part V: Network Interoperability

Chapter 24 -- Interoperability with NetWare

Quick Guide to NetWare Interoperability

Overview of Windows 2000 Professional and NetWare Connectivity

Client Service and Gateway Service

Configuring Client Service for NetWare

Accessing NetWare Resources

NetWare Administration Through Windows 2000 Professional

Windows 2000 Professional and NetWare Security

NWLink

Troubleshooting Windows 2000 Professional and NetWare Connectivity

Chapter 25 -- Interoperability with UNIX

Quick Guide to UNIX Interoperability

Overview of Windows 2000 Professional and UNIX Connectivity

Planning and Installing Services for UNIX on Windows 2000 Professional

Configuring Services for UNIX on Windows 2000 Professional

Tools

Troubleshooting

Chapter 26 -- Interoperability with IBM Host Systems

Quick Guide to Interoperability with IBM Host Systems

Overview of Interoperability with IBM Host Systems

DLC Protocol

SNA Server Client and Components

Network Management Integration

Windows 2000 Professional and IBM Host Security

Troubleshooting

Part VI: Performance Monitoring

Chapter 27 -- Overview of Performance Monitoring

Quick Guide to Monitoring Performance

Performance Monitoring Concepts

Monitoring Tools

Starting Your Monitoring Routine

Analyzing Monitoring Results

Investigating Bottlenecks

Troubleshooting Problems with Performance Tools

Monitoring Remote Computers

Monitoring Legacy Applications

Integrating the System Monitor Control into Office and Other Applications

Chapter 28 -- Evaluating Memory and Cache Usage

Quick Guide to Monitoring Memory

Overview of Memory Monitoring

Determining the Amount of Installed Memory

Understanding Memory and the File System Cache

Establishing a Baseline for Memory

Investigating Memory Problems

Resolving Memory and Cache Bottlenecks

Additional Resources

Chapter 29 -- Analyzing Processor Activity

Quick Guide to Monitoring Processors

Overview of Processor Monitoring and Analysis

Establishing a Baseline for Processor Performance

Recognizing a Processor Bottleneck

Processes in a Bottleneck

Threads in a Bottleneck

Advanced Topic: Changing Thread Priority to Improve Performance

Eliminating a Processor Bottleneck

Additional Resources

Chapter 30 -- Examining and Tuning Disk Performance

Quick Guide to Monitoring Disks

Disk Monitoring Concepts

Configuring the Disk and File System for Performance

Working with Disk Counters

Establishing a Baseline for Disk Usage

Investigating Disk Performance Problems

Resolving Disk Bottlenecks

Evaluating Cache and Disk Usage by Applications

Part VII: Troubleshooting

Chapter 31 -- Troubleshooting Tools and Strategies

Quick Guide to Troubleshooting

General Troubleshooting Strategy

Startup and Recovery Tools

Maintenance and Update Tools

System File and Driver Tools

Applications Tools

Networking Tools

Troubleshooting Procedures

Chapter 32 -- Disk Concepts and Troubleshooting

Quick Guide to Disk Concepts

Basic and Dynamic Disks

Disk Sectors Critical to Startup

Troubleshooting Disk Problems

Additional Resources

Chapter 33 -- Windows 2000 Stop Messages

System Messages

Stop Messages

Troubleshooting Stop Messages

Hardware Malfunction Messages

Additional Resources

Appendix A -- Accessibility for People with Disabilities

Quick Guide to Accessibility for People with Disabilities

Overview of Accessibility in Windows 2000 Professional

Customizing Computers for Accessibility

Setting Accessibility Options by Type of Disability

Configuring Accessibility Features

Adding Third-Party Products and Services

Additional Resources

Appendix B -- Sample Answer Files for Windows 2000 Professional Setup

Answer File Format

Answer File Keys and Values

Sample Answer Files

Additional Resources

Appendix C -- Hardware Support

Overview of Hardware Support

Universal Serial Bus

IEEE 1394

Supporting Other Buses

New and Enhanced Hardware Support

Troubleshooting Hardware Support Components

Additional Resources

Glossary

3

5

8

A

B

C

D

E

F

G

H

I

J

K

L

M

N

O

P

Q

R

S

T

U

V

W
توضیحات
افزودن یادداشت جدید







Managing Users and Groups


Windows 2000 allows you to manage user accounts and passwords. It also provides you with tools such as the Local Users and Groups management tool, security for users, and user and computer profiles.

Setting Up User Accounts


A local user account gives a user access to resources that are located only on the computer where you create the account. Local user accounts are stored in the security database of the computer where you create them.

Overview of Users and Passwords


Users and Passwords in Control Panel simplifies adding and removing local user accounts, adding and removing users from groups, and working with passwords. It also provides access to certificate management and secure boot settings.

When the Windows 2000 Professional–based computer is connected to a Windows NT or Windows 2000 Server domain, you can use Users and Passwords to add and remove domain user accounts to local groups.

When the Windows 2000 Professional–based computer is not connected to a domain, you can use Users and Passwords to add and remove local user accounts and assign users to a local group.

In addition, you can specify whether users can log on automatically each time the computer starts. You enable this feature on the Users tab by clearing the Users must enter a user name and password to use this computer check box. Users and Passwords is not available on Windows 2000 Server or when Windows 2000 Professional is running in Terminal Services mode.

NOTE

You must log on as an administrator or be a member of the Administrators group to add and delete user accounts, assign users to a local group, and change user passwords.

To add users to more than one group or create groups, use the Local Users and Groups MMC snap-in that is available by going to Users and Passwords in Control Panel and clicking Advanced on the Advanced tab.

Users and Passwords allows you to create or change the password for local user accounts, which is necessary when you create a new local user account or when a local user forgets his or her password.

To improve the security of user passwords, the password should contain at least two of the following elements: uppercase letters, lowercase letters, numbers, and punctuation. The longer the password and the more of these elements it contains, the more secure it is.

You can use Group Policy settings to enforce password requirements such as minimum length and expiration time. However, domain controller Group Policy settings override local computer configuration and local user configuration Group Policy settings.

For more information about using Group Policy, see "Group Policy" later in this chapter. For more information about using Local Users and Groups to manage certificates and secure boot settings, see Windows 2000 Professional Help.

Local Users and Groups


The Local Users and Groups MMC snap-in gives you more control setting up and maintaining local user accounts. It is similar to User Manager in Windows NT 4.0 Workstation.

With Local Users and Groups you can assign profiles, add and edit users and groups, assign users to more than one group, and set or modify password restrictions. You can also add a domain user to any local group. This is helpful for assigning domain user accounts to the local Administrators group. This allows domain user account members to have administrator rights on the local computer without giving them administrator rights on the domain.

To gain access to Local Users and Groups, start MMC and then add the Local Users and Group snap-in; or open Users and Passwords in Control Panel, click the Advanced tab, and then click Advanced.

You should review the information about security settings for Windows 2000 before you create or modify user accounts and groups. For more information about security settings, see "Security" in this book.

Security for Users and Groups


To effectively manage users of Windows 2000 Professional, it is important to understand how user rights are defined and set, how privileges and logon rights are granted, and how to change these settings.

User rights are assigned by using the Group Policy MMC snap-in. After you have started MMC and opened the Group Policy snap-in, in the console tree pane under Local Computer Policy/Computer Configuration/Windows Settings/Security Settings/Local Policies, locate the User Rights Assignment folder.

For more detailed information about planning security, see "Security" in this book. For more information about using MMC and Group Policy, see "Group Policy" later in this chapter. For information about configuring security options, see Windows 2000 Professional Help.

User Rights


You can assign specific rights to group accounts or to individual user accounts. These rights authorize users to perform specific actions, such as logging on to a system interactively or backing up files and directories. User rights are different from permissions; user rights apply to user accounts, permissions are attached to objects.

Although user rights can apply to individual user accounts, user rights are best administered on a group account basis. A user who is a member of one or more groups, inherits rights associated with that group. You can simplify user account administration by assigning user rights to groups rather than to individual users. When all users in a group require the same user rights, you can assign the set of user rights once to the group, rather than repeatedly assigning the same set of user rights to each user account.

User rights that are assigned to a group apply to all members of the group. If a user is a member of multiple groups, the user's rights are cumulative, which means that the user has more than one set of rights. Occasionally, some logon rights assigned to one group might conflict with rights assigned to another group. However, this is generally not the case. To remove rights from a user, remove the user from the group that has those rights.

There are two types of user rights:

Privileges. A right that is assigned to a user and specifies allowable actions on the network. An example of a privilege is the right to back up files and directories.

Logon rights. A right that is assigned to a user and specifies the ways in which a user can log on to a system. An example of a logon right is the right to log on to a system locally.

Privileges


To ease the task of user account administration, you should assign privileges primarily to group accounts, rather than to individual user accounts. When you assign privileges to a group account, users are assigned those privileges when they become a member of that group. This method of administering privileges is easier than assigning individual privileges to each user account when the account is created.

Some of these privileges can override permissions set on an object. For example, a user logged on to a domain account as a member of the Backup Operators group has the right to perform backup operations for all domain servers. However, this requires the ability to read all files on those servers, even files for which their owners have set permissions that explicitly deny access to all users, including members of the Backup Operators group. A user right, in this case, the right to perform a backup, takes precedence over all file and directory permissions.

The following list shows the privileges that you can assign to a user by setting user rights. You can manage these privileges by using settings in the MMC Group Policy console in the console tree pane under Local ComputerWindows SettingsSecurity SettingsLocal PoliciesUser Rights Assignment.


    Act as part of the operating system

    Add workstations to a domain

    Back up files and directories

    Bypass traverse checking

    Change the system time

    Create a token object

    Create permanent shared objects

    Create a pagefile

    Debug programs

    Enable trusted for delegation on user and computer accounts

    Force shutdown from a remote system

    Generate security audits

    Increase quotas

    Increase scheduling priority

    Load and unload device drivers

    Lock pages in memory

    Manage auditing and security log

    Modify firmware environment values

    Profile a single process

    Profile system performance

    Replace a process-level token

    Restore files and directories

    Shut down the system

    Take ownership of files or other objects

    Unlock a laptop


For detailed descriptions of these privileges and for information about using Group Policy to manage security settings, see "Security" in this book.

Logon Rights


The special user account called "LocalSystem" has almost all available privileges and logon rights assigned to it because all processes that are running as part of the operating system are associated with this account, and these processes require a complete set of user rights. The logon rights of the local system user account are as follows:

    Log on locally

    Log on as a batch job

    Log on as a service

    Deny access to this computer from the network

    Deny logon as a batch job

    Deny logon as a service

    Deny local logon


For more information about logon rights, see "Security" in this book.

User Profile Types


In Windows 2000 Professional, user profiles automatically create and maintain the desktop settings for each user's work environment on the local computer. A user profile is created for each user when the user logs on to a computer for the first time.

User profiles include all user-specific settings of a user's Windows 2000 Professional environment, including program items, screen colors, network connections, printer connections, mouse settings, window size and position, and desktop preferences.

User profiles provide several advantages to users. For example, when users log on to their workstations, they receive the desktop settings as they existed when they logged off. Also, when several users log on to the same computer, each receives a customized desktop.

There are three types of user profiles, which are as follows:

Local User Profile This profile is automatically created the first time a user logs on to the computer, and it is stored on the computer's local hard drive. Any changes made to the local user profile are specific to the computer where the change was made.

Roaming User Profile You, as the administrator, create this profile, and store it on a network server. This profile is available when a user logs on to any computer on the network. Any changes made to roaming user profiles are automatically updated on the server when the user logs off.

Mandatory User Profile Mandatory user profiles are stored on a network server and are downloaded each time the user logs on. This profile does not update when the user logs off. It is useful for situations where consistent or job-specific settings are needed Only administrators can make changes to mandatory user profiles. If the mandatory user profile is unavailable, the user cannot log on.

IMPORTANT

Group policy settings take precedence over user settings.

For more information about roaming user profiles and mandatory user profiles, see "Defining Client Administration and Configuration Standards" in the Deployment Planning Guide.

Creating User Profiles


When you install Windows 2000 Professional, a user profile is created on the %SystemDrive%Documents and Settings partition.

When a user logs on to a Windows 2000 Professional–based computer, the name of the folder that is created is derived from the user account name, and, if necessary, the user account name is appended with the name of the local computer or domain that is applicable to the user who is logging on.

The user account name in Windows NT 4.0 Server is in NetBIOS format, such as <domain>jeffsmith. In Windows 2000 Server, you can specify user accounts in the NetBIOS format, or you can use the user principal name (UPN) format. An example of a UPN format is jeffsmith@<domain>.com.

If the NetBIOS name is <domain>jeffsmith, the user ID is jeffsmith. If the UPN is jeffsmith@<domain>.com, the user ID also is jeffsmith. The user ID portion of the UPN and the user ID portion of the NetBIOS name usually are the same. However, they might not be the same, as shown in the following example:



NetBIOS name: <domain>jeffsmith
User principal name: jeffreysmith@<domain>.com


Whether the user logs on to a local account or to an account from a domain, if the %UserProfile% folder does not contain a folder with the name of the user who is logging on (in this case jeffsmith), a folder with that name is created and the path is recorded in the registry of the user who is associated with the profile. The folder that is created as a result is the following:



%SystemDrive%:Documents and Settingsjeffsmith


If another user with the NetBIOS name jeffsmith logs on, another folder is created, but it is created with the name of the local computer or domain in which the user's account originates. The folder that is created as a result is the following:



%SystemDrive%:Documents and Settingsjeffsmith.NEWDOMAIN.


Or, if the user account is established on the local computer, the folder that is created as a result is the following:



%SystemDrive%:Documents and Settingsjeffsmith.LOCALBOX.


If another user with an account name jeffsmith logs on to the same Windows 2000 Professional–based computer from an identically named source (either a domain or local computer) and the SIDs of the two accounts are not the same, a new folder is created with an extension indicating how many times the user account name was used. This occurs when the user accounts are re-created and the user logs on to the same computer, as shown in the following example:

    For the first user: %SystemDrive%:Documents and Settingsjeffsmith [NEWDOMAIN].000

    For the second user: %SystemDrive%:Documents and Settingsjeffsmith [NEWDOMAIN].001


For more information about setting and changing local profiles, see Windows 2000 Professional Help.


Upgrading User Profiles from Previous Versions of Windows

The naming convention for user profile folders in Windows 2000 is different from the naming convention that is used in Microsoft Windows NT 4.0 and earlier versions of Windows. There is a new location for user profile folders in Windows 2000 and also a new way to create subfolders for individual user profiles.

If you upgrade from Windows NT, the user profile folders are stored in the same location as in Windows NT. This location is as follows:



%SystemRoot%Profiles


When you upgrade to Windows 2000 from Windows 95 or Windows 98, a new folder for user profiles is created on the same partition as the Windows 2000 installation:



%SystemDrive%:Documents and Settings


NOTE


The appropriate path to the user profiles folder is represented as %UserProfile%.

/ 335