Index
P
p-node (peer node), 419, 465
packet event logging, 755–756
packet filteringchoices for, 268–269
firewall, 762
methods of RRAS, 279
packet header structure, 230
Packet Signature and Encryption field, 721
Packet Signature with the AH Header field, 721
packetsdescribed, 149, 569
IPSec, 710–711, 728
in NAT process, 296–297
Padding field, ESP trailer, 720
Padding Length field, ESP trailer, 720
page files, 561–562
PAP (Password Authentication Protocol), 509–511
parent domaindelegating authority to child domain, 347
DNS and AD, 361–362
name, choosing, 358–359
parity block, 623
partitions, 120, 602
See also application directory partition
passive hubs, 240
passwordadding to InetOrgPerson accounts, 86
administrative password for WAP, 814
in custom security template, 132, 134
with DSN, 128
for IAS server, 312
user account security, 798–799
Password Authentication Protocol (PAP), 509–511
password-based authentication methods, 509–511
Password Expiration problem, 835–836
password must meet complexity requirement, 825
password policies
applying to all clients, 852
Group Policy to enforce, 785
options of, 824–825
passwordsConnection Manager security and, 325
PDC emulator and, 61
strong passwords, 118–119
patchesimportance of, 831
with Software Update Services, 837–847
from Windows Update Web site, 115–117
pathping command, 272
PDC (primary domain controller) emulator, 61
PEAP (Protected Extensible Authentication Protocol), 810–811
peer node (p-node), 419, 465
perfect forward secrecy (PFS), 743
performance
baseline for server cluster, 657
network planning and, 16
optimizing network, 198–199
of WINS, 444–449
Performance console, 415–416
performance counterscommonly referenced, 572–573
data, assessing, 576–578
log files, 574–578
System Monitor, 196
for WINS, 445
Performance Logs and Alerts function, 573–574, 578
Performance Monitor, 45
perimeter network, 257, 258
period (.), 345
Permcopy.exe, 830–831
permissionsActive Directory, 786, 787–788
for database server security, 127–128
NTFS, 22, 669, 788–789
printer, 124–125
with rootsec template, 96
share, 789–790
supported by AD, 783–784
for terminal servers, 130
user rights vs., 826
persistent connections, 306, 431
personal identification number (PIN), 897
PFS (perfect forward secrecy), 743
phone lines, 488
phone number, 525
Physical Disk resource, 642
Physical layer, OSI model, 237, 239
physical printer, 24
physical securityof domain controllers, 790
of NLB, 691
of print servers, 124
of server cluster, 667
of servers, 113–114
PIN (personal identification number), 897
PINGICMP and, 162
IPv6 parameters, 191–192
testing TCP/IP connections with, 271, 279
PKCS (Public Key Cryptography Standard), 864
PKI. See 36–38
test network, 29–30
planning mode, 765, 768
Point-to-Point network, 232
Point-to-Point Protocol (PPP), 314, 488
Point-to-Point Tunneling Protocol (PPTP)described, 307
packet filters, 269
for VPN remote access, 496–497
pointer record (PTR)for DNS server, adding, 356
of resource record, 342
for reverse lookup zones, 352
update with DNS/DHCP interaction, 387–389
policies, IPSec
AD based, 747–749
assigning/applying in Group Policy, 746–747
custom, 734–746
default, 732–734
managing, 772
policyassignment information, 752
enabling remote access by, 494–495
See also remote access policies; security policies
POP3 (Post Office Protocol), 68–69
port rulesfiltering modes, 679–680
in NLB cluster creation, 694–695, 698
Port Rules window, 694
portsDNS ports and security, 412
of hubs, 239
port switching, 243
positive answer, 351
Possible Owners property, 648, 649–650
Post Office Protocol (POP3), 68–69
power-management features, 662
power sources, redundant, 625
PPP (Point-to-Point Protocol), 314, 488
PPTP. See pre-shared keys, 716, 763–764
#PRE tag, 420
predefined templates, 95–97
Preferred Owners propertyfailover ring order and, 651
setting, 649, 650
Presentation layer, OSI model, 238
primary domain controller (PDC) emulator, 61
primary master server, 373
primary server, 347
Print permission, 124, 125
print queue, 24–25
print servers
defined, 57
securing, 122, 124–125
print services, 24–25
printer permissions, 124–125
printer pool, 24
printer servers, 62
priority, 564
privacy, 802
private DNS namespace, 357
private IP addressesaddress blocks defined as, 214
uses of, 174–175
private keyin Public Key Infrastructure, 69–70
of Server 2003, 865
private root zone, 408
privileges, 827
processor affinity, 564
processorsperformance and, 563–564
requirements for Windows OSs, 80
project collaboration, 19–21
Properties dialog box, 295–296
property set, 788
Protected Extensible Authentication Protocol (PEAP), 810–811
protocol field, 218
protocolsauthentication, 810–812
multiprotocol environments, 153–156
network testing and, 31
NLB support of, 689
nonroutable transport protocols, 150
requirements, identifying, 149–151
routable, 152
Server 2003 supported, 569
supported by Windows, 153
VPN protocols, 306–307, 496–497
Web server protocols, 66
See also routing protocols; specific protocol namesprotocols, IPSec
AH, 721–722
IPSec ESP, 719–720
ISAKMP/IKE, 722–724
overview of, 718
primary, 712
proxy serversinternal DNS root zone with, 367–368
IPSec/IKE traffic and, 723
redundancy with, 620
PTR. See 357
public key, 69–70
Public Key Cryptography Standard (PKCS), 864
Public Key Infrastructure (PKI)CAs, implementing, 875–887, 908–909
CAs, overview of, 870–872
certificates, enrollment/distribution of, 887–897, 909–910
components of, 867–868
cryptography, 864–867
described, 69–70
digital certificates, 868–870
function of, 867
for L2TP, 497
Microsoft certificate services, 872–875
overview of, 863–864
purpose of, 907
Server 2003 certificate-based, 862–863, 908
Smart Card authentication, 897–906
Public Key Interoperability, 871
public keys, 865
pull-only replication, 433
pull replication partnershipconvergence time and, 427
push replication vs., 474
settings, 432–433
troubleshooting, 460
pull request, 430
push notification, 430–431, 434
push-only replication partnership, 432
push partnershipsmanually starting push notification, 431–432
process of, 430
settings, 431
push/pull replication partnershipconvergence time and, 427
described, 433–434
push replication partnershipconvergence time and, 427
pull replication vs., 474
troubleshooting, 460