Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Os windows 2000 Section – A 2 Marks Questions Q1. What is Windows 2000? Ans. Windows 2000 is Microsoft's latest version of its popular Windows NT Operating System. (Technically, it's NT 5.0. The name was changed for marketing reasons.) Both Windows NT and Windows 2000 are extremely well built, robust, secure, and popular Operating Systems that are designed specifically for businesses and high end environments. But Windows 2000 is a lot more than just a simple upgrade. It's almost a total rewrite of the Windows NT Operating System, with hundreds of new features and fixes. Q2. What is windows 2000 family? Explain. Ans. Windows 2000 family consists of four operating systems: Windows 2000 Professional Windows 2000 Server Windows 2000 Advanced Server Windows 2000 Data center Server These four operating systems share a common user interface, share many common features and utilities, and are all 32-bit operating systems. In fact, all of these operating systems use the same kernel, which is based on Windows NT technology. Although based on the same kernel, each of the four operating systems that make up the Windows 2000 operating system family is optimized for use in a specific environment. The following section explores some of the new common features shared by the four Windows 2000 operating systems. Q3. What are the differences between Windows 2000 Professional, Server, Advanced Server, and Data Center? Ans. Windows 2000 comes in several versions. Windows 2000 Professional is a desktop operating system for workstations designed to replace Windows NT Workstation and Windows 95/98 in corporate environments. It can support 2 processors, as well as multiple monitors. Windows 2000 Server supports 4 processors and is designed to fill the role of typical domain controller, file and print server, application server, and other common tasks. Windows 2000 Advanced Server is designed for high-end mission critical platforms, supports 8 processors, and includes support for 2-way server clustering. Windows 2000 Data Center Server goes even further than Advanced Server in that it can support up to 32 processors, cascading fail over among 4 nodes, and 32 node network load balancing. Q4. How much difference is there between Windows 2000 and Windows NT 4.0? Ans. Even though Windows 2000 is built on the Windows NT architecture, Microsoft has added many new features (Plug and Play, USB support, Recovery Console, IntelliMirror, Group Policy, Active Directory, integration of IIS and Terminal Services) and redesigned many of the management tools (MMC, Disk Administration, ADSI). If you are already familiar with Windows NT, you'll have an easier time getting used to Windows 2000 but there is still a lot to learn. Q5. What is the difference between Windows 95/98/Me and Windows 2000? Ans. Windows 98 and Windows Me are based on the popular Microsoft Windows-95 Operating System, and are designed for the consumer market. Windows 95/98 were designed for backward compatibility with older DOS and 16bit programs, as well as providing a platform for the newer (back in 1995) 32 bit programs. Although many companies use both Windows 95 and Windows 98, these Operating Systems lack the security and stability of Windows NT/2000. However, Windows 95/98/Me is compatible with more software (including games) and hardware. It is important to remember that Windows 2000 is designed for the corporate environment, and not the average home user. Q6. What is the difference between UNIX and Windows 2000? Ans. UNIX is a much older Operating System that was designed in the 1960's. It began as an open source project that became widely used in Universities, scientific labs, and by the U.S. government. Over the years, hundreds of talented programmers contributed their own 1 Q7. Ans. Q8. Ans. Q9. Ans. Q10. Ans. improvements to Unix making it extremely robust, stable, and fast. However, UNIX can be difficult to learn and isn't as widely supported as Microsoft Windows. Can you run Windows 2000 in a Windows NT 4.0 or Novell Networks? Yes, Windows 2000 Professional and Server will work just fine in a Windows NT 4.0 environment and can authenticate to NT domain controllers. For Novell networks, Windows 2000 still supports IPX/SPX as well as TCP/IP. Novell has also created a client for Windows 2000 that is available on their web site. How stable is Windows 2000? Although Windows 2000 contains about 30 million lines of code and has its share of quirks and bugs, overall it is a very stable operating system. Microsoft has removed many of the system processes that contributed to crashes in NT 4.0, and added several new recovery features that make it easier to restore a system in the event things go horribly wrong. In our experience, the leading cause of crashes in Windows 2000 have been poorly written 3rd party software and hardware drivers, not the operating system itself. How secure is Windows 2000? No system is 100% hacker proof, but Windows 2000 includes several improvements over Windows NT (and blows away Windows 9x). In addition to beefing up the file system and adding encryption, Microsoft has changed the way Windows 2000 authenticates network resources by using certificates and encrypting traffic using Kerberos, added support for smart cards and biometric identification, and eliminated many of the back doors that plagued Windows NT 4.0. The Windows 2000 CD-ROM also includes several ready to use security templates that allow you to lock down workstations and servers quickly and easily, depending on the level of security you need. What are the hardware requirements for Windows 2000? These are the minimum hardware requirements for Windows 2000. For acceptable performance, we recommend doubling processor, memory and disk space requirements. Operating CPU Memory Disk Space System Professional P133 64Mb 1 GB Server P133 256Mb 1 GB Q11. What is the Hardware Compatibility List? Ans. Windows 2000 is very particular about the hardware on which it runs, and will run just fine on most modern off the shelf computers and servers. However, the support for video cards, sound cards, printers, scanners, and other peripherals is not as comprehensive as it is for Windows 95/98/Me. To help you sort through this mess, Microsoft created a Hardware Compatibility List so you can check to see which hardware has been tested and certified by Microsoft with Windows 2000. If you don't find the hardware on the list, check with the vendor to see if they have released any patches or updates, or if they support their products on Windows 2000 but have not taken the time to submit their hardware and drivers to Microsoft. You can search for compatible hardware on: Q12. What is the use of scheduling task? Ans. By using Task Scheduler, you can schedule tasks such as to automate web testing and site monitoring or system tools like the Disk Defragmenter to run at a time that is most convenient for you. Task Scheduler starts each time you start Windows, and runs in the background. With Task Scheduler, you can: Schedule a task to run daily, weekly, monthly, or at certain times (such as system startup). Q13. Can you run Windows 2000 on Laptop? Ans. Windows 2000 is an ideal operating system for laptops, provided your laptop can support it. Since laptops often feature proprietary hardware in the motherboard, display, network cards, video cards, integrated modems, and sound cards, not all laptops can run Windows 2000. If you're vendor supports Windows 2000 on your model, or if you're buying a new laptop that comes preloaded with Windows 2000, you'll like the stability and security that this OS brings. Windows NT 4.0 didn't support advanced power management, USB, or native file encryption, and Windows 95/98 doesn't have any security. Windows 2000 brings you the best of both 2 Q14. Ans. Q15. Ans. Q16. Ans. Q17. Ans. Q18. Ans. Q19. Ans. Q20. Ans. worlds. I travel with an IBM ThinkPad i1400 that has a 366MHz Pentium II processor and 128Mb of RAM and Windows 2000 performs flawlessly on the road. Can we dual boot Windows 2000 with other operating systems? Yes, you can dual boot Windows 2000 with other versions of itself, Windows NT, and one other Operating System. (Example: You can install Windows 98 on a PC and then install Windows 2000 Professional on a different partition, and Windows 2000 Server on another partition.) What are the system requirements for Data Center Server? Win2000 Data center Server System Requirements: 8 CPU (or greater) capable server hardware Intel Pentium Xeon (or better) processors 256 MB RAM 2 GB HDD, with 1 GB free CD-ROM or DVD drive VGA (or higher) resolution monitor Explain the features of data center server. Win2000 Data center Server Features: Support for up to 32 processors (Advanced Server is only 8) Support for up to 64 GB of RAM (Advanced Server is only 8) Network Load Balancing of up to 32 nodes (Same as Advanced Server) Support for Server Clustering (fail-over) up to 4 nodes (Advanced server is only 2) A Process Control tool Winsock Direct What is data center server? Data center server is used for real time transaction processing and database services. It provides the capabilities of Windows 2000 Advanced Server plus more scalability. It supports clustering for up to four nodes. What do you understand by workstation? Workstation is the general term for a computer on a network. It is also the Windows 2000 service that will be responsible for connecting to remote resources across the network. What is taskbar? The Microsoft Windows interface includes a special application toolbar called the taskbar. You can use the taskbar for such tasks as switching between open windows and starting new applications. The taskbar includes start menu , Quick Launch bar, Taskbar buttons ,Status area . Explain ZAP file? A ZAP file is an ASCII text file created with any text editor (Notepad will work) and that specifies a number of things about the software to be installed including the application name, the name of the setup, program, any parameters to be used for setup as well as any file extensions to be associated with the application, the tech support Web site address, and so on. ZAP files are used to deploy software using Group Policy for which no Windows Installer Package exists Q21. What is Port? Ans. Generally, a connection point on your computer where you can connect devices that pass data into and out of a computer. For example, a printer is typically connected to a parallel port (also called an LPT port), and a modem is typically connected to a serial port (also called a COM port). Q22. Explain RAID-5 Volume. Ans. A fault-tolerant volume with data and parity striped intermittently across three or more physical disks. Parity is a calculated value that is used to reconstruct data after a failure. If a portion of a physical disk fails, you can recreate the data that was on the failed portion from the remaining data and parity. You can create RAID-5 volumes only on dynamic disks, and you cannot mirror 3 Q23. Ans. Q24. Ans. Q25. Ans. Q26. Ans. Q27. Ans. Q28. Ans. or extend RAID-5 volumes. In Windows NT 4.0, a RAID-5 volume was known as a striped set with parity. What is hibernation? The hibernate feature saves everything in memory on disk, turns off your monitor and hard disk, and then turns off your computer. When you restart your computer, your desktop is restored exactly as you left it. It takes longer to bring your computer out of hibernation than out of standby. What do you mean by Disk Partitions? Disk partitioning is a way of dividing your hard disk so that each section functions as a separate unit. You can create a partition to organize information, for example, to back up data, or to dual boot with another operating system. When you create partitions on a disk, you divide the disk into one or more areas that can be formatted for use by a file system, such as FAT or NTFS. What do you understand by Media Access Layer (MAC) The MAC address is the physical address assigned to a network card and is used to identify it on the network. Explain network operating system (NOS). An operating system or extension to an operating system will enable clients to use a redirector to determine if a request is for the local machine or a remote system. The NOS can then expose the required network interface or can access it on behalf of the user application to pass the request to another service running, normally, on another computer connect to the network. Difference between Basic disk and Dynamic disk? Dynamic:- A physical disk that is managed by Disk Management. Dynamic disks can contain only dynamic volumes (that is, volumes created with Disk Management). Dynamic disks cannot contain partitions or logical drives, nor can they be accessed by MS-DOS. Basic:- A physical disk that contains primary partitions, extended partitions, or logical drives. Basic disks may also contain spanned, mirrored, striped, and RAID-5 volumes created using Windows NT 4.0 or earlier. Basic disks can be accessed by MS-DOS. What is the difference between mobile computing and distributed computing? Mobile Computing:- Mobile Computing is a generic term describing the application of small, portable, and wireless computing and communication devices. This includes devices like laptops with wireless LAN technology, mobile phones, wearable computers and Personal Digital Assistants (PDAs) with Blue tooth or IRDA interfaces, and USB flash drives. Distributed Computing:- This is another way of describing client/server architecture, illustrating that the various functions performed by the system, such as data storage and applications are spread across a network of servers and workstations. It is a Computing system in which services to users are provided by teams of computers collaborating over a network. Q29. What do u understand by Baud rate? Ans. The speed at which a modem communicates. Baud rate refers to the number of times the condition of the line changes. This is equal to bits per second only if each signal corresponds to one bit of transmitted data. Modems must operate at the same baud rate in order to communicate with each other. If the baud rate of one modem is set higher than that of the other, the faster modem usually alters its baud rate to match that of the slower modem. Q30. Write a short note on Bandwidth? Ans. In analog communications, the difference between the highest and lowest frequencies in a given range. For example, an analog telephone line accommodates a bandwidth of 3,000 hertz (Hz), the difference between the lowest (300 Hz) and highest (3,300 Hz) frequencies it can carry. In digital communications, bandwidth is expressed in bits per second (bps). Q31. Explain BIOS? Ans. On PC-compatible computers, the set of essential software routines that test hardware at startup, start the operating system, and support the transfer of data among hardware devices. The BIOS is stored in read-only memory (ROM) so that it can be executed when the computer 4 Q32. Ans. Q33. Ans. Q34. Ans. Q35. Ans. is turned on. Although critical to performance, the BIOS is usually invisible to computer users. Basic input/output system is also called BIOS. What is CHAP protocol? An authentication protocol used by Microsoft remote access and Network and Dial-up Connections. Using CHAP, a remote access client can send its authentication credentials to a remote access server in a secure form. Microsoft has created a Windows-specific variant of CHAP called MS-CHAP. Challenge Handshake Authentication Protocol is also called CHAP. What is the function of defragmentation? The process of rewriting parts of a file to contiguous sectors on a hard disk to increase the speed of access and retrieval. When files are updated, the computer tends to save these updates on the largest continuous space on the hard disk, which is often on a different sector than the other parts of the file. When files are thus fragmented, the computer must search the hard disk each time the file is opened to find all of the file's parts, which slows down response time. How to set Regional Date and Time on Windows 2000 computer? To set Regional Date and Time we use Regional options applications. To start the Regional Options application, double-click the Regional Options icon in Control Panel. Regional options dialog box contains six tabs: General, Numbers, Currency, Time, Date, and Input Locales. Click on the date tab to set the date and then click on time tab to set the time. What are the rules of choosing file names in NTFS? NTFS supports the use of long filenames. Filenames can be up to 255 characters in length. Filenames can contain any character except \ / : * ? “ < > | and may begin with any permitted character. Filenames can contain spaces and multiple periods, and the characters after the last period are considered the filename extension. NTFS preserves uppercase and lowercase in filenames. Filenames are not case sensitive (except when used by a POSIX application). Section – A 5 Marks Questions Q1. What are the different File and Folder permissions? Ans. When you set permissions on a file or folder, you specify the groups and users whose access you want to restrict or allow, and then select the type of access. It is more efficient to specify group accounts when you assign permissions to objects, so that you can simply add users to the appropriate group when you need to allow or restrict access for those users. For example, you can give managers Full Control of a folder that contains electronic timesheets, and then give employees Write access so that they can copy timesheets to that folder, but not read the contents of the folder. File and folder permissions can be set only on NTFS drives. Shared Folder Permissions If you are a member of the Administrators or Power Users group, you can share folders on your local computer so that users on other computers can access those folders. By assigning shared folder permissions to any NTFS, FAT, or FAT32 shared folder, you can restrict or allow access to those folders over the network. Use NTFS folder permissions if the shared folder is located on an NTFS drive. NTFS permissions are effective on the local computer and over the network. Printer Permissions Because shared printers are available to all users on the network, you might want to limit access for some users by assigning printer permissions. For example, you could give all non administrative users in a department the Print permission and all managers the Print and Manage Documents permissions. By doing this, all users and managers can print documents, but managers can change the status of any print job submitted by any user. Auditing You can use auditing to track which user account was used to access files or other objects, as well as logon attempts, system shutdowns or restarts, and similar events. Before any auditing takes place, you must use Group Policy to specify the types of events you want to audit. For example, to audit a folder, you first enable Audit Object Access in the Auditing policy in Group 5 Policy. Next, you set up auditing like you do permissions: You choose the object, such as a file or folder, then select the users and groups whose actions you want to audit. Finally, you choose the actions you want to audit, such as attempts to open or delete the restricted folder. You can audit both successful and failed attempts. You track auditing activity by using Event Viewer to view the Security log. User Rights User rights are rules that determine the actions a user can perform on a computer. In addition, user rights control whether a user can log on to a computer directly (locally) or over the network, add users to local groups, delete users, and so on. Built-in groups have sets of user rights already assigned. Administrators usually assign user rights by adding a user account to one of the built-in groups or by creating a new group and assigning specific user rights to that group. Users who are subsequently added to a group are automatically granted all user rights assigned to the group account. User rights are managed using Group Policy. Group Policy Use Group Policy to set a variety of software, computer, and user policies. For example, you can define the various components of the user's desktop environment, such as the programs that are available to users, the icons that appear on the user's desktop, the Start menu options, which users can modify their desktops and which cannot, and so on. You also use Group Policy set user rights. Q2. Why Win2Kpro is popular than earlier versions of windows? Or Define the new features of windows 2000 professional. Ans. Microsoft Windows 2000 Professional is more compatible and more powerful than any workstation you've used before. Easier To Use With Windows 2000 Professional, you have faster access to information, and you are able to accomplish tasks more quickly and easily. Windows 2000 Professional makes it easier to: Work with files. Find information. Personalize your computing environment. Work on the Web. Work remotely. Easier To Manage You and your network administrators can work more efficiently now, because many of the most common computer-management tasks are automated and streamlined with Windows 2000 Professional. With Windows 2000, your workstation will be easier to: Set up. Administer. Support More compatible Q3. Windows 2000 Professional offers increased compatibility with different types of networks and with a wide array of legacy hardware and software. Windows 2000 also provides: Improved driver support. Increased support for new-generation hardware and multimedia technologies. Integration of the new Euro currency symbol. More powerful For all your computing needs, Windows 2000 Professional provides: Industrial-strength reliability. The highest level of security. What is the use of My Computer and My Network Places? 6 Ans. My Computer:- Double-clicking the My Computer icon displays the My Computer dialog box. This dialog box graphically represents every drive on the computer (including network drives, if any), as well as the Control Panel folder. If you double-click any icon in the My Computer dialog box, a dialog box is displayed showing the contents of the drive or folder you clicked. My Network Places:- If you double-click the My Network Places icon, a dialog box is displayed that contains an icon for Add Network Place, an icon for Computers Near Me, and an icon for the Entire Network. Use the Add Network Place icon when you want to connect to a shared folder on the network, or connect to an FTP or Web site. This icon is a simplified wizard for mapping a network drive or connecting to a Web site, and creating a shortcut to this drive or Web site in the My Network Places folder. If you double-click the Computers Near Me icon, all of the computers in your workgroup or domain are displayed. You can double-click any of these computers to display the shared folders and shared printers on that computer. The Printers and Scheduled Tasks folders on the selected computer are also displayed. The Entire Network icon, when double clicked, opens a dialog box that gives you three options. You can select a link that will search for a particular computer on the network. You can also select a link that will search for specific files or folders located anywhere on the network. Finally, you can select a link that will let you view and browse all of the workgroups, domains, and computers on your network. Q4. Give installation steps of windows 2000 professional. Ans. Installing Windows 2000 Professional To install Windows 2000 Professional, follow these steps: 1. Start the installation by using one of the following methods: Start from the Windows 2000 Professional installation CD-ROM. Make sure that the CDROM is set to start before the hard disk starts. Insert the CD-ROM, and then when you are prompted, press any key to start the Windows 2000 Professional Setup program. Start from boot disks. Insert Disk 1, and then insert each of the remaining three floppy disks when you are prompted to do so. How to Create Setup Boot Disks for Windows 2000 Start from within a current operating system. Insert the CD-ROM, and then, at a command prompt, type drive:\i386\winnt32.exe and then press ENTER, or if this is an installation on a computer that has no previous installation of Windows, type drive:\i386\winnt.exe and then press ENTER, where drive is the letter of the CD-ROM drive. 2. Setup inspects your computer's hardware configuration and then begins to install the Setup and driver files. When the Microsoft Windows 2000 Professional screen appears, press ENTER to set up Windows 2000 Professional. 3. Read the license agreement, and then press the F8 key to accept the terms of the license agreement and continue the installation. 4. When the Windows 2000 Professional Setup screen appears, either press ENTER to set up Windows 2000 Professional on the selected partition, or press C to create a partition in the unpartitioned space. 5. If you choose to install Windows 2000 Professional on a file allocation table (FAT) partition, specify whether you want to: Leave the current file system intact. Format the partition as FAT16. Convert the existing file system to the NTFS file system. Format the partition by using the NTFS file system. 6. Press ENTER after you make your selection. Setup examines the existing hard disks and then copies the files that are needed to complete the installation of Windows 2000 Professional. After the files are copied, the computer restarts. Important: Do not press a key to boot from your CD-ROM drive when your computer restarts. When the Windows 2000 GUI Mode Setup Wizard appears, click Next to start the wizard. Setup detects and installs such devices as a specialized mouse or keyboard. 7 7. When the Regional Options dialog box appears, customize your installation of Windows 2000 Professional for locale, number format, currency, time, date, and language, if necessary. Click Next. 8. In the Personalize Your Software dialog box, type your name and the name of your organization, and then click Next. 9. In the Product ID dialog box, type the 25-character product key, and then click Next. 10. In the Computer Name and Password dialog box, either accept the default name that Setup generates or assign a different name for the computer. When you are prompted for an administrative password, type a password for the Administrator account. (You can leave the box blank; however, this is not recommended.) Click Next. 11. In the Date and Time Settings dialog box, set the correct date and time for your computer. You can also specify which time zone you are in and set the computer to automatically adjust the clock for daylight saving time. Click Next. 12. Setup installs the networking software and detects your network settings. When the Network Settings dialog box appears, click either Typical to set default network settings such as File and Print Sharing for Microsoft Networks, Client for Microsoft Networks, and TCP/IP protocol that uses Dynamic Host Configuration Protocol (DHCP), or Custom to specify the network components that you require for your network environment, and then click Next. 13. In the Workgroup or Computer Domain dialog box, specify the workgroup or the domain to join. If you indicate that you are part of a domain, specify your domain user name and password. Click Next. Setup installs the networking components. 14. During the final stage of installation, Setup installs Start menu items, registers components, saves settings, and removes temporary files. When the Completing the Windows 2000 Setup Wizard dialog box prompts you to do so, remove the Windows 2000 CD-ROM, and then click Finish to restart the computer. 15. After the computer restarts, click Next in the Welcome to the Network Identification Wizard dialog box. 16. In the Users of This Computer dialog box, specify either that users must enter a user name and password or that you want Windows 2000 to automatically log on a specific user when the computer starts. Click Finish. When the Windows 2000 Professional desktop appears, the installation is complete. Q5. Explain the default desktop items on windows 2000 professional computer. Ans. My Documents:- The My Documents icon represents the My Documents folder of the loggedon user. This folder is the default storage location for user-created documents. Double-clicking the My Documents icon displays the contents of the My Documents folder. My Computer:- Double-clicking the My Computer icon displays the My Computer dialog box. This dialog box graphically represents every drive on the computer (including network drives, if any), as well as the Control Panel folder. If you double-click any icon in the My Computer dialog box, a dialog box is displayed showing the contents of the drive or folder you clicked. My Network Places:- If you double-click the My Network Places icon, a dialog box is displayed that contains an icon for Add Network Place, an icon for Computers Near Me, and an icon for the Entire Network. Recycle Bin:- The Recycle Bin icon is a politically correct version of the Macintosh trash can icon. When you delete files, the files are moved from their original location into the Recycle Bin folder. If you later want those files back, you can move them from the Recycle Bin to another location. When you delete items in the Recycle Bin, the items are removed permanently from your computer. It’s normally a good idea to periodically empty your Recycle Bin so that a large amount of valuable disk space is not taken up by deleted files. Internet Explorer:- When you double-click the Internet Explorer icon, Microsoft Internet Explorer 5 starts. You can use this application to browse Web pages located on the Internet or on your company’s intranet. 8 Connect to the Internet:- When you double-click the Connect to the Internet icon, the Internet Connection Wizard starts. You can use this wizard to sign up for a new account with an Internet service provider (ISP), to transfer your existing Internet account settings to the computer you’re working on, or you can elect to bypass this wizard and manually configure your Internet connection. Taskbar:- The taskbar at the bottom of the desktop contains the Start button, a Quick Launch toolbar, a button for each program that is currently running, and a clock. Start Button:- The Start button is located on the left side of the taskbar at the bottom of the desktop. Clicking the Start button opens a menu that enables you to quickly access programs, recently used documents, favorites, settings (such as the Control Panel and Printers folders), and Help. The menu also includes a Windows Update option, which is a link to Microsoft’s Web site where you can download new Windows features and operating system updates. In addition, this menu enables you to run applications from a command line, find a document, log off, and shut down your computer. You can customize your Start menu by dragging and dropping program icons from one Start menu folder to another location in the Start menu. Quick Launch Toolbar:- The Quick Launch toolbar is located directly to the right of the Start button in the taskbar. By default, the Quick Launch toolbar consists of the Show Desktop icon, the Internet Explorer icon, and the Outlook Express icon. The purpose of the Quick Launch toolbar is to enable you to easily start any of the applications whose icons appear in the toolbar by clicking the icon for the desired application. You can customize the Quick Launch toolbar by dragging and dropping shortcuts from your desktop, the Start menu, or Windows Explorer on the toolbar. You can place the Quick Launch toolbar anywhere on your desktop by clicking the left end of the toolbar, and then dragging and dropping it to the desired location on your desktop. Q6. How will you configure your server to as web server? Ans. This article is a step-by-step guide for setting up a World Wide Web server for anonymous access in a Windows 2000 environment. Installing Internet Information Services Microsoft Internet Information Services (IIS) is the Web service that is integrated with Windows 2000. To install IIS: 1. Click Start, point to Settings, and then click Control Panel. 2. In Control Panel, double-click Add/Remove Programs. 3. Click Add/Remove Windows Components. In the Windows Components Wizard, select the Internet Information 4. Services (IIS) check box, and then click Details. Clear all the check boxes, and then select the following check boxes: Common Files Documentation 5. FrontPage 2000 Server Extensions Internet Information Services Snap-In Internet Services Manager World Wide Web Server Click OK, and then on the Windows Components page, click Next. If you are 6. prompted to do so, insert the Windows 2000 CD-ROM, and then click OK. 7. On the "Completing the Windows Components Wizard" page, click Finish. 8. In the Add/Remove Programs dialog box, click Close. Configuring Anonymous Authentication Click Start, point to Programs, point to Administrative Tools, and then click 1. Internet Services Manager. (In Windows 2000 Professional, you can start Administrative Tools from Control Panel.) 2. Right-click * server name (where server name is the name of the server), and 9 3. 4. 5. 6. 7. 8. then click Properties. In the Master Properties box, click WWW Service (if it is not already selected), and then click the Edit button that is next to the Master Properties box. Click the Directory Security tab. Under Anonymous access and authentication control, click Edit. Under Authenticated access, select the Integrated Windows authentication check box. Select the Anonymous access check box, and then click Edit. Note the user account in the Username box. This account is used by Windows to authenticate anonymous users when they browse the Web site. Click OK, click OK, click OK, and then click OK. Basic Web Site Configuration 1. Start Internet Services Manager. In the Tree list, expand * server name (where server name is the name of the 2. server). 3. Right-click Default Web Site, and then click Properties. If you have multiple IP addresses assigned to your computer, click the IP 4. address that you want to assign to this Web site in the IP Address box. If you do not want unlimited connections to the Web site, click Limited To, and then type the number of concurrent connections that you want. 5. NOTE: Windows 2000 Professional is limited to 10 concurrent connections. Each client that browses the Web site generally uses about 3 connections. 6. Click the Performance tab. 7. Move the Performance tuning slider to the position that you want. If you want to limit the amount of network bandwidth that is available for connections to this Web site, select the Enable bandwidth throttling check 8. box, and then type the amount that you want in the Maximum network use box. If you want to limit the amount of computer processing time spent servicing requests for content on this Web site, select the Enable process throttling check box, and then type the amount that you want in the Maximum CPU use box. 9. This prevents the Web site from consuming too much processor time to the detriment of other computer processes. NOTE: Bandwidth throttling is not available in Windows 2000 Professional. Click the Home Directory tab. If you want to use Web content that is stored on the local computer, click A directory located on this computer, and then type the path that you want in the Local Path box. For example, the default path is • C:\Inetpub\wwwroot. 10. NOTE: For added security, do not create Web content folders in the root folder. If you want to use Web content that is stored on a different computer, click • A share located on another computer, and then type the location that you want in the Network Directory box that appears. 10 If you want to use Web content that is stored on another Web address, click A redirection to a URL, and then type the location that you want in the • Redirect to box. Under The client will be sent to, select the appropriate check box. Click the Documents tab. Note the list of documents that IIS can use as the default start documents. If you want to use Index.html as your start document, you must add it. To do this: 11. a. Click Add. In the Add Default Document dialog box, type Index.html, and then click b. OK. c. Click the up-arrow button until Index.html is displayed at the top of the list. Click the Operators tab. Note the user accounts that have operator privileges on this Web site. Click Add to add additional user accounts to operate this 12. Web site. NOTE: The Operators tab is not available in Windows 2000 Professional. 13. Click OK to return to the Internet Information Services window. 14. Right-click Default Web Site, and then click Stop. 15. Right-click Default Web Site, and then click Start. The server is now configured to accept incoming Web requests to the default Web site. You can replace the content of the default Web site with the Web content that you want, or you can create a new Web site. Q7. Explain NTFS, FAT(16) and FAT32. OR Difference between NTFS, FAT 16 and Fat 32. Ans. FAT32 is an enhanced version of the FAT file system that can be used on drives from 512 megabytes (MB) to 2 TB in size. FAT and FAT32 offer compatibility with operating systems other than Windows 2000. If you're setting up a dual-boot configuration, you should probably use FAT or FAT32. If you're dual booting Windows 2000 and another operating system, choose a file system based on the other operating system, using the following criteria: Format the partition as FAT if the installation partition is smaller than 2 gigabytes (GB), or if you're dual booting Windows 2000 with MS-DOS, Windows 3.1, Windows 95, Windows 98, or Windows NT. Use FAT32 for use on partitions that are 2 GB or larger. If you choose to format using FAT during Windows 2000 Setup and your partition is greater than 2 GB, Setup automatically formats it as FAT32. It's recommended that you use NTFS rather than FAT32 for partitions larger than 32 GB. NTFS The NTFS file system is the recommended file system for use with Windows 2000. NTFS has all of the basic capabilities of FAT, and it provides the following advantages over the FAT and FAT 32 file systems: Better file security. Better disk compression. Support for large hard disks, up to 2 terabytes (TB). (The maximum drive size for NTFS is much greater than that for FAT, and as drive size increases, performance with NTFS doesn't degrade as it does with FAT.) If you're using a dual-boot configuration (using both Windows 2000 and another operating system on the same computer), you may not be able to gain access to files on NTFS partitions from the other operating system on your computer. For this reason, you should probably use FAT32 or FAT if you want a dual-boot configuration. Q8. What is dual booting? Explain. 11 Ans. If you want to set up a dual-boot configuration to have Windows 2000 Professional and another operating system, such as MS-DOS or Windows 98, available on your computer, first review the following precautions: Each operating system should be installed on a separate drive or disk partition. Because you're performing a new installation of Windows 2000, you need to reinstall any programs—such as word processing or e-mail software—after Setup is complete. You should use a FAT file system for dual-boot configurations. Although using NTFS in a dual boot is supported, such a configuration introduces additional complexity into the choice of file systems. For more information about using NTFS with a dual-boot configuration, see the Windows 2000 Professional Resource Kit. To set up a dual-boot configuration between MS-DOS or Windows 95 and Windows 2000, you should install Windows 2000 last. Otherwise, important files needed to start Windows 2000 could be overwritten. For a dual boot between Windows 98 and Windows 2000, it isn't necessary to install the operating systems in a particular order. For a dual boot of Windows 2000 with Windows 95 or MS-DOS, the primary partition must be formatted as FAT; for a dual boot with Windows 95 OSR2 or Windows 98, the primary partition must be formatted as FAT or FAT32, not NTFS. If you're upgrading a dual-boot computer, you can't gain access to NTFS partitions from any operating system other than Windows NT 4.0 with SP4. If you install Windows 2000 on a computer that dual boots OS/2 and MS-DOS, Windows 2000 Setup configures your system so you can dual boot between Windows 2000 Professional and the operating system (MS-DOS or OS/2) you most recently used before running Windows 2000 Setup. Don't install Windows 2000 on a compressed drive unless the drive was compressed with the NTFS file system compression utility. It isn't necessary to uncompress DriveSpace or DoubleSpace volumes if you plan to dual boot with Windows 95 or Windows 98; however, the compressed volume won't be available while you're running Windows 2000. Windows 95 or Windows 98 might reconfigure hardware settings the first time you use them, which can cause problems if you're dual booting with Windows 2000. If you want your programs to run on both operating systems on a dual-boot computer, you need to install them from within each operating system. You can't share programs across operating systems. Q9. What is hardware profile ? How it helpful in portable computer? Ans. A hardware profile is a set of instructions that tells Windows 2000 which devices to start when you start your computer or what settings to use for each device. When you first install Windows 2000, a hardware profile called Profile 1 (for laptops, the profiles would be Docked Profile or Undocked Profile) is created. By default, every device that is installed on your computer at the time you install Windows 2000 is enabled in the Profile 1 hardware profile. Hardware profiles are especially useful if you have a portable computer. Most portable computers are used in a variety of locations, and hardware profiles will let you change which devices your computer uses when you move it from location to location. For example, you may have one profile named Docking Station Configuration for using your portable computer at a docking station with hardware components such as a CD-ROM drive and a network adapter. And you may have a second profile named Undocked Configuration for using your portable computer in a hotel or on an airplane, when you are not using a network adapter or a CD-ROM but you are using a modem and a portable printer. You can manage hardware profiles by double-clicking System in Control Panel, clicking the Hardware tab, and clicking Hardware Profiles. If there is more than one hardware profile, you can designate a default profile that will be used every time you start your computer. You can also have Windows 2000 ask you which profile to use every time you start your computer. Once you create a hardware profile, you can use Device Manager to disable and enable devices that are in the profile. When you disable a device in a hardware profile, the device drivers 12 Q10. Ans. Q11. Ans. Q12. Ans. for the device are not loaded when you start your computer. How the multiple language and regional settings are managed in win2kpro Environment? Change your locale (location) Your locale affects the way programs display dates, times, currency, and numbers. You usually select the locale that matches your location, such as English (United States) or French (Canada). Change the clock to 24-hour format You can customize how the time is displayed by choosing 12-hour and 24-hour formats, the time separator, and A.M. and P.M. symbols. Change the way Windows 2000 and programs interpret two-digit years You can change the way your computer interprets two-digit years, as well as customize longand short-date formats. Change the default currency symbol You can select the symbol used to indicate currency, such as $ or the new Euro dollar symbol €, the default format for positive and negative currencies, the decimal symbol that separates units of currency, and more. Add an input locale and keyboard layout You add input locales to specify the language and keyboard layout or Input Method Editor you want to use to type. When you add an input locale, a keyboard layout or Input Method Editor for that language is also added. Keyboard layouts and Input Method Editors vary to accommodate the special characters and symbols used in different languages. Switch to a different input locale As you compose documents using multiple languages, you can easily switch between input locales by using the taskbar indicator. Change the keyboard layout or Input Method Editor for an installed input locale Keyboard layouts and Input Method Editors vary to accommodate the special characters and symbols used in different languages. Changing your keyboard layout affects which characters appear when you press the keys on the keyboard. Each language has a default keyboard layout, but many languages have alternate layouts. Even if you work mainly with one language, you may want to try other layouts, like Dvorak or U.S.-International. What are the various steps for creating a share in win2k? To share a folder or drive with other people 1. Open Windows Explorer, and then locate the folder or drive you want to share. 2. Right-click the folder or drive, and then click Sharing. 3. On the Sharing tab, click Share this folder. 4. To change the name of the shared folder or drive, type a new name in Share name. The new name is what users will see when they connect to this shared folder or drive. The actual name of the folder or drive does not change. 5. To add a comment about the shared folder or drive, type the text in Comment. 6. To limit the number of users who can connect to the shared folder or drive at one time, under User limit, click Allow, then enter a number of users. 7. To set shared folder permissions on the shared folder or drive, click Permissions. 8. To set up this shared folder to be used offline, click Caching. Explain Accessibility option and use of it. You can adjust the appearance and behavior of Windows 2000 to enhance accessibility for some vision-impaired, hearing-impaired, and mobility-impaired users without requiring additional software or hardware. Windows 2000 includes the following programs to enhance accessibility: Magnifier enlarges a portion of the screen for easier viewing. Narrator uses text-to-speech technology to read the contents of the screen aloud. This is useful for people who are blind or who have low vision. On-Screen Keyboard provides users with limited mobility the ability to type on-screen using a pointing device. 13 Utility Manager enables users with administrator-level access to check an Accessibility program's status, start or stop an Accessibility program, and designate to have the program start when Windows 2000 starts. Using Accessibility Options in Control Panel, you can easily set up how you want to use your keyboard, display, and mouse functions. The accessibility tools available in Accessibility Options in Control Panel perform various functions: StickyKeys enables simultaneous keystrokes while pressing one key at a time. FilterKeys adjusts the response of your keyboard. ToggleKeys emits sounds when certain locking keys are pressed. SoundSentry provides visual warnings for system sounds. ShowSounds instructs programs to display captions for program speech and sounds. High Contrast improves screen contrast with alternative colors and font sizes. MouseKeys enables the keyboard to perform mouse functions. SerialKeys allows the use of alternative input devices instead of a keyboard and mouse. You can use the Accessibility wizard to help you set up the options and programs for your individual needs. Please see Related Topics for information on using these Accessibility aids. A wide variety of hardware and software products are available to make personal computers easier to use for people with disabilities. Among the different types of products available for MS-DOS and the Microsoft Windows operating systems are: Programs that enlarge or alter the color of information on the screen for people with visual impairments. Programs that describe information on the screen in Braille or synthesized speech for people who are blind or have difficulty reading. Hardware and software utilities that modify the behavior of the mouse and keyboard. Programs that enable the user to type using a mouse or his or her voice. Word or phrase prediction software, that allows users to type more quickly and with fewer keystrokes. Alternate input devices, such as single switch or puff-and-sip devices, for people who cannot use a mouse or a keyboard. Q13. What are the features of NTFS? Explain. Ans. NTFS:- The Windows NT file system (NTFS) is the most powerful file system supported by windows 2000. Only Windows 2000 and Windows NT support NTFS—no other Microsoft operating systems currently support this file system. Windows 2000 NTFS is a newer version than Windows NT NTFS, and supports several features not supported by Windows NT NTFS. When it comes to security, naming conventions, speed of access to files, and volume size, NTFS in Windows 2000 has its own unique characteristics. Additionally, NTFS has some features not supported by the FAT or FAT32 file systems. Security:- NTFS provides file and folder security for both local and remote users on a network. NTFS is the only file system discussed here that permits the assigning of permissions to individual files and folders. NTFS security controls access to files on an NTFS volume by utilizing the user’s security identifier (SID) to determine which files that user can access. Each file and folder on an NTFS volume has an access control list (ACL) associated with it. The ACL is a list that contains user and group SIDs, with the associated privileges of each user and group. EFS:- NTFS supports the Encrypting File System (EFS). EFS enables you to store files on an NTFS partition in an encrypted format so that even if an unauthorized user removes a hard drive from your computer, that user will be unable to access the sensitive data contained in the encrypted file. In addition to the security provided by NTFS, remember that because Windows 2000 requires a user to log on before accessing files, Windows 2000’s security is greater than operating systems that don’t require the user to log on. Naming Conventions:- Like the FAT and FAT32 file systems, NTFS supports the use of long filenames. Filenames can be up to 255 characters in length. Filenames can contain any character except \ / : * ? “ < > | and may begin with any permitted character. Filenames can contain spaces and 14 multiple periods, and the characters after the last period are considered the filename extension. NTFS preserves uppercase and lowercase in filenames. Filenames are not case sensitive (except when used by a POSIX application). For example, a Win32 application does not distinguish between Money.DOC, MONEY.DOC, and money.doc—it treats all three names as though they were the same file. The POSIX subsystem, however, is case sensitive with respect to filenames, because it does not translate a request for a file into all uppercase letters as the Win32 and other subsystems do. A POSIX application treats the filenames in the previous paragraph as though they were three separate files: Money.DOC, MONEY.DOC, and money.doc.You must use a POSIX application if you want to access these three different files—if you attempt to access Money.DOC with a Win32 application (no matter how you type the file name), you will always retrieve the MONEY.DOC file because the Win32 Subsystem translates file requests into all uppercase letters. Speed of Access to Files:- NTFS usually provides faster access than the FAT or FAT32 file systems to files stored on a large volume that contains many files. NTFS is able to access files in this situation faster than the FAT or FAT32 file systems because NTFS uses an enhanced binary tree to locate files. A binary tree search is a faster mechanism for searching through a large number of filenames than the sequential read mechanism used on FAT and FAT32 volumes. Volume Size:- The maximum theoretical size of an NTFS volume is 16 exabytes (an exabyte is one billion billion bytes, or a giga-gigabyte). However, when you actually implement NTFS on current standard industry hardware, there is a functional limitation of 2TB. The maximum size of a file in an NTFS volume is limited only by the amount of free space in the NTFS volume. Additional Features Not Supported by FAT or FAT32:NTFS has several other unique attributes and features that are not found in, nor supported by, the FAT or FAT32 file systems. _ NTFS supports a compression attribute for each file. You can choose which files to compress and which ones to leave uncompressed. The compression algorithm NTFS uses is similar to the one used by DriveSpace in MS-DOS. Using compression provides an approximately 40 to 50 percent increase in hard disk space. _ NTFS is a highly reliable, recoverable file system. It is not necessary to periodically run Chkdsk.exe on an NTFS volume. _ Using NTFS greatly reduces fragmentation on volumes. However, files can still become fragmented when their size is increased. Windows 2000 (unlike Windows NT) includes a defragmentation utility, which can be used to defragment FAT, FAT32, and NTFS volumes. _ NTFS maintains a recycle bin for each user. _ NTFS enables you to mount a volume on a folder in a different volume. The term mounting a volume refers to a disk management technique sometimes used to access space on more than one hard disk (or volume) but still retain and use a single drive letter. The result of this feature is that a folder’s contents are physically stored on a different hard disk (or volume), but this folder and its contents appear to users to be located in the current volume. This feature produces results similar to those produced by executing the mount command on a UNIX computer. _ NTFS supports disk quotas. Disk quotas is a volume management tool that is enabled on a volume-by-volume basis. Once enabled, disk quotas automatically track disk space usage on a user-by-user basis, and prevent individual users from exceeding the disk space limitations that they have been assigned by administrators. Q14. What do you mean by Disk Partitions? How Disk partition is done in windows 2000? Ans. Disk partitioning is a way of dividing your hard disk so that each section functions as a separate unit. You can create a partition to organize information, for example, to back up data, or to dual boot with another operating system. When you create partitions on a disk, you divide the disk into one or more areas that can be formatted for use by a file system, such as FAT or NTFS. Creating and Formatting Partitions 15 You can use Disk Management to create and format partitions on your computer’s hard disk(s). CREATING AND FORMATTING A PRIMARY PARTITION 1. Start Disk Management. 2. If you have not previously upgraded all of your un-partitioned basic disks, the Write Signature and Upgrade Disk Wizard appears. Because primary partitions can only be created on basic disks. 3. In the bottom right pane, right-click in an area of unallocated space on the disk on which you want to create the primary partition. From the menu that appears, select Create Partition. 4. The Create Partition Wizard appears, Notice the explanation of basic disks. Click Next. 5. In the Select Partition Type screen, select the “Primary partition” option. Click Next. 6. Specify the amount of disk space, in MB, to be used for this partition, or accept the default, which is all of the unallocated space on the disk. Click Next. 7. The Assign Drive Letter or Path window appears. Notice the three options available. If you choose the “Assign a drive letter” option, select a drive letter from the drop-down list box. If you select the “Mount this volume at an empty folder that supports drive paths” option, either type in the path to an empty folder on an NTFS volume on the local computer, or click Browse and select an empty folder. The Browse command button is grayed out and not available if you are using Disk Management remotely. If you select the “Do not assign a drive letter or path” option, you will need to assign a drive letter or path to this partition later so that it can be accessed. Click Next. 8. The Format Partition window appears. Note that the default file system to use is NTFS. There are several options you can configure in this dialog box. You can choose to not format this partition, or to format the partition with specified settings. If you choose to format the partition, you have the option to specify several of its characteristics. _ File system to use: The file system choices available are FAT, FAT32, or NTFS. The default file system is NTFS. _ Allocation unit size: This setting refers to the sector size Disk Management uses when it formats a partition. Sector sizes vary in this menu from 512 bytes to 256K. _ Volume label: This setting enables you to give the partition a name. Type in the name you want to use for the volume label. The default label is New Volume. You can assign a blank label to a volume by deleting the default name. _ Perform a Quick Format: Selecting this option instructs Windows 2000 to write only the necessary data to the disk to support a volume, and not to check for bad sectors during the formatting. Checking for bad sectors can add a significant amount of time to the formatting process. _ Enable file and folder compression: This option is only available if you choose NTFS as the file system. (If you choose any other file system, this box is grayed out.) Selecting this option causes all files and folders placed in this partition to be compressed by default. click Next. 9. In the Completing the Create Partition Wizard window, review the settings you have selected. If the settings are correct, click Finish. If you want to change any of the settings, click Back and make the appropriate changes. Windows 2000 creates and formats the primary partition. After Windows 2000 creates and formats the primary partition, it appears in Disk Management with a listing of its characteristics, including the name of the new partition, a drive letter or path, the amount of space the partition contains, the file system the partition is formatted with, and the word “Healthy.” The space on the disk that was used to create the partition is no longer shown as unallocated Q15. Define the following: a) Running setup b) Renaming files and folders 16 Ans. Running Setup:- Whether you make a new installation or perform an upgrade , it’s the setup program that does all the work. Most of the time, setup is completely automatic, but from time to time, it pauses to ask you a question or ask you to confirm certain choices such as time zone information and other regional settings. Just follow the instructions on the screen. Setup then copies all the appropriate files to your hard disk, checks your hardware, and configures your installation. Because windows 2000 is plug and play, all device-driver selection and loading is completed automatic. Setup also restarts your computer several times during installation. The whole process takes about an hour or so to complete. The method you use to start setup depends on several things, including whether you are making a new installation or performing an upgrade installation. Renaming Files And Folders:- We can rename existing files and folder. We can easily rename a file or folder in two ways: Left-click twice (wait about a second between clicks) the name of the file or folder, and enter a new name in the highlighted box. Right click the name of a folder, choose rename from the shortcut menu, and then type a new name. Q16. Explain hiding and displaying taskbar. Ans. We can set on when we need to see the taskbar and off when we don’t need it. We need to see taskbar if we want to use it when we are working with an application or otherwise not at the desktop. If we set the taskbar properties correctly, we can hide the taskbar when we don’t need it and display it when we need. Follows the following steps so that the taskbar will only display when you point to the bottom of the screen. 1. Right click the taskbar, and choose properties to open the taskbar and start menu properties dialog box. 2. On the General tab, select both the always on top and the auto hide check boxes. 3. Click OK. Q17. Explain the directory service module. Ans. The directory service module is itself made up of multiple components that work together to provide directory services. These modules are arranged in three layers. The layers are: 1. Agents 2. Directory System Agent 3. Database. Agents Layers:- Five interface agents gain access to the directory through internal functions: 1. Lightweight Directory Access Protocol (LDAP) 2. Intersite and intrasite replication (REPL) 3. Name Service Provider Interface (NSPI) 4. Exchange Directory Service (XDS) 5. Security Accounts Manager(SAM) Each of these interfaces uses a different method to access the information stored with in the database. Directory System Agent (DSA) Layer:- The DSA is responsible for creating a hierarchical treelike namespace from an existing flat namespace. This arrangement allows you to view objects in a more logical manner, rather then as a flat list. The database itself is not really a “tree“ – the DSA uses the information found for containers to create the logical structure that you see in the various management tools. The DSA has the following responsibilities: To enforce all Directory Service semantics To process transactions To enforce the common schema To support replication between ADS servers To provide Global Catalog services To propagate security descriptors Database Layer:- The database layer provides the functionality needed to access and search the directory database. All database access is routed through the database layer. It controls the ways in which data is viewed. 17 Q18. How the appearance of windows elements is changed in windows 2000? Explain. Ans. We can change the appearance of windows elements through display properties. The tab we use in the Display Properties dialog box is the Appearance tab, Notice that on this tab you can configure the appearance of windows, dialog boxes, message boxes, and other items that appear in the Item pull-down menu. On the Appearance tab, you can select a pre-configured appearance scheme, such as Windows Standard (large) or High Contrast Black, that Windows 2000 will apply to your desktop and to all windows, dialog boxes, icons, message boxes, and so on. The default scheme is Windows Standard. Q19. Explain Disk management tools in details. Ans. Windows 2000 includes a powerful tool to manage disks—it’s called Disk Management. Disk Management is a graphical tool that is a snap-in to the Microsoft Management Console (MMC). The MMC is a Windows 2000 feature that hosts administrative tools you can use to perform administrative tasks on your Windows 2000 computer and network. The tools contained in the MMC are referred to as snap-ins. You can use Disk Management to: Create and format partitions Upgrade a disk from basic to dynamic Revert from a dynamic disk to a basic disk Create and format simple, spanned, striped, mirrored, and RAID-5 volumes Delete simple, spanned, striped, mirrored, and RAID-5 volumes Troubleshoot disk configuration problems Recover from single hard disk failures in mirrored and RAID-5 volumes Disk Management replaces the Disk Administrator tool that was included in Windows NT 4.0. You must be a member of the Administrators group on the computer that contains the disks you want to manage in order to use Disk Management. Disk Management can be used in two capacities: Disk Management can be used at the local computer to manage the local computer. Disk Management can also be used at one computer to remotely manage disks on another computer. Two of the most common ways to start Disk Management are described in the steps that follow. 18 STARTING DISK MANAGEMENT— METHOD 1 1. From the desktop, Select StartProgramsAdministrative ToolsComputer Management. This starts the Microsoft Management Console (MMC). 2. If you want to use Disk Management to manage the local computer, skip to Step 3 now. If you want to use Disk Management to manage a remote computer, in the left pane of the Computer Management dialog box, right-click Computer Management (Local), and select “Connect to another computer” from the menu that appears. In the Select Computer dialog box, either click the computer you want to manage in the list box, or type in the name of the computer you want to manage in the Name text box. Click OK. 3. Click the + next to Storage in the left pane in the Computer Management dialog box. 4. Click Disk Management. Or, you can use the following shortcut method to start Disk Management: STARTING DISK MANAGEMENT— METHOD 2 1. From the desktop, right-click My Computer. Select Manage from the menu that appears. 2. If you want to use Disk Management to manage the local computer, skip to Step 3 now. If you want to use Disk Management to manage a remote computer, in the left pane of the Computer Management dialog box, right-click Computer Management (Local), and select “Connect to another computer” from the menu that appears. In the Select Computer dialog box, either click the computer you want to manage in the list box, or type in the name of the computer you want to manage in the Name text box. Click OK. 3. In the left pane of the Computer Management dialog box, click Disk Management. (If Storage is not already expanded so that Disk Management appears in the list, click the + next to Storage.) Following Figure shows the Disk Management tool within Computer Management. Disk Management is one of the many tools available in Computer Management. Notice that the upper pane lists information on each of the volumes in the computer. In this pane you can view the volume name and drive letter; its volume type and layout; the file system used; the status of the volume; the capacity, free space, and percent of the volume’s capacity that is free space; whether or not the volume provides fault tolerance; and the percent of disk space overhead required by Windows 2000 to manage the volume. You might have to scroll to the right to view all of this information. 19 Also notice in Figure that the lower pane of Disk Management graphically illustrates each of the disks in the computer. For each disk in the computer, the disk number, type of disk (basic or dynamic), size of the disk, and whether the disk is Online or Offline is displayed. Disk Management also displays, in a bar graph fashion, each volume or partition on each disk along with pertinent information about each volume. You can easily customize the appearance of Disk Management by using the options in the View menu. In the top pane, you can choose to display a disk list, a volume list, or a graphical view of the disks in the computer. In the bottom pane, you can choose to display a disk list, a volume list, a graphical view of the disks in the computer, or to hide the bottom pane entirely. In addition, you can move the bar that separates the top and bottom panes by clicking and dragging it. You can also configure appearance and scaling settings and customize additional MMC and snap-in view options in the View menu. Q20. What are prerequisites of installing Active Directory? Write steps to install Active Directory. OR How domain is crested and configured in win2k server? Ans. Active Directory can be installed on any Windows 2000 Server or Advanced Server computer. Like DNS, Active Directory is not supported on Windows 2000 Professional computers. There are a couple of prerequisites that must be met prior to installing Active Directory: At least one volume on the Windows 2000 Server/Advanced Server computer must be formatted with NTFS. Because Active Directory requires DNS, you either need to have a DNS server installed on your network prior to installing Active Directory, or you can choose to install DNS at the same time that you perform the Active Directory installation. Another fact to consider when preparing to install Active Directory is that any computer that you install Active Directory on will become a domain controller. Because domain controllers 20 provide extensive network services, you’ll probably want to make sure this computer is reliable and powerful enough to handle the extra load. You should also consider the services and functions currently being performed by this computer. For example, if a computer is already a SQL server, an Exchange server, or a heavily used Web server, you may decide not to increase the burden on this computer by installing Active Directory. From the desktop, select StartRun. In the Run dialog box, type dcpromo and click OK. From the desktop, select StartProgramsAdministrative Tools Configure Your Server.Then, in the Windows 2000 Configure Your Server dialog box, click the Active Directory link. On the Active Directory page, scroll down and click Start the Active Directory wizard. INSTALLING ACTIVE DIRECTORY FOR THE FIRST TIME When Active Directory is installed for the first time, the following events take place: The computer on which Active Directory is installed becomes a domain controller for a new Windows 2000 domain. The Active Directory Installation Wizard creates the new Windows 2000 domain, using the domain name you specify in the process. The Active Directory Installation Wizard creates a new domain tree and forest. INSTALLING ACTIVE DIRECTORY 1. Start the Active Directory Installation Wizard. (Select StartRun. In the Run dialog box, type dcpromo and click OK.) 2. The Active Directory Installation Wizard starts. Click Next. 3. The Domain Controller Type screen appears. Accept the default option of “Domain controller for a new domain” and click Next. 4. The Create Tree or Child Domain screen appears. Accept the default option of “Create a new domain tree” and click Next. 5. The Create or Join Forest screen appears. Accept the default option of “Create a new forest of domain trees” and click Next. 6. The New Domain Name screen appears. In the “Full DNS name for new domain” text box, type the FQDN of the new domain. Click Next. 7. The NetBIOS Domain Name screen appears. Accept the default name displayed, and click Next. 8. The Database and Log Locations screen appears. In this screen, you specify the location where the Active Directory database and log will be stored. Microsoft recommends that, for best recoverability, you store the database and log on separate physical hard disks. However, the default locations are on the same hard disk. Either accept the default locations or type in the locations you want to use and click Next. 9. The Shared System Volume screen appears. On this screen you specify the location of the folder that will be shared as the system volume. This folder must be located on a Windows 2000 NTFS volume. Either accept the default location or type in the location you want to use and click Next. 10. If you have not previously configured a DNS server on your network, or if this computer is not correctly configured to use a DNS server, the Active Directory Installation Wizard may display a message indicating that it can’t contact the DNS server. If this message is displayed, click OK. 11. If you don’t have a DNS server on your network, or if your DNS server does not support dynamic updates, the Configure DNS screen appears. If you haven’t yet installed a DNS server on your network, accept the default option of “Yes, install and configure DNS on this computer.” If you have a DNS server but it doesn’t support dynamic updates, select the “No, I will install and configure DNS myself” option. Click Next. 12. The Permissions screen appears. If your network includes Windows NT 4.0 Server computers as well as Windows 2000 Server computers, accept the default option of “Permissions compatible with pre-Windows 2000 Servers. If the servers on your network all run Windows 2000, select the “Permissions compatible only with Windows 2000 servers” option. Click Next. 21 13. 14. 15. 16. 17. The Directory Services Restore Mode Administrator Password screen appears. In this screen, type in and confirm an Administrator password that will be used if Active Directory ever needs to be restored on this computer from a backup. Click Next. The Summary screen appears, summarizing the choices you selected while using this wizard. If you are satisfied with the configurations, click Next. (Otherwise, you can click Back to change the options you selected.) The wizard installs and configures Active Directory. This process may take several minutes to complete. The Completing the Active Directory Installation Wizard screen appears. Click Finish. When the Active Directory Wizard dialog box appears, click Restart Now to restart your computer and complete the Active Directory installation. If you selected the “No, I will install and configure DNS myself ” option in Step 11 because your DNS server doesn’t support dynamic updates, you will need to manually add Active Directory resource records to the zone file on your DNS server. To do this, first copy the SystemRoot\System32\Config\Netlogon. dns file from the server on which you installed Active Directory to your DNS server. Then, on the DNS server, use your favorite text editor to copy the contents of this file and then paste these contents onto the end of the zone file of the DNS domain with the same name as the Windows 2000 domain you created during the Active Directory installation process. 22 Section – B 2 Marks Questions Q1. State the advantages of customizing the desktop. Ans. Customizing desktop includes changing of background, screen saver, appearance, settings etc. By customizing the desktop as per our own requirements we can set the desired background of the desktop, can set the color scheme that suits us, can set the appearance as per our requirements. We can also set the power settings i.e., when to turn off your monitor or hard disk etc. Q2. What is DNS? Ans. DNS stands for Domain Name System. It is Internet service that maps Internet domains into corresponding IP addresses. DNS database is distributed and replicated among many DNS servers, so when you change your domain's IP address, the changes take a while to propagate. Q3. How are event logs maintained in win2k server? Ans. The Event Log continues to be one of the most important problem troubleshooting tools available for Windows 2000. It can also be an important tool for improving performance, for preventing problems before they occur, and for keeping your Win2000 computer secure. The Event Log is actually made up of several logs, each with its own individual settings. Win2K Pro still has the same three that were standard in Windows NT: the Application Log, the Security Log, and the System Log. Win2K Server can have a variety of additional logs, however, depending on the services installed. Windows 2000 Server makes many more entries in all of the Event Logs than past versions of Windows NT. The Event Log viewer has changed somewhat in Windows 2000 from Windows NT. It is now an MMC (Microsoft Management Console) utility. However, it can still be found in the same spot on the Start Menu. To open the Event Viewer, click Start, Programs, Administrative Tools, Event Viewer. In the left-hand pane of the Event Viewer, you will see the available logs. Highlighting (clicking on) one of those logs will display the events that are stored in that log in the right-hand pane. Once you have the Event Viewer up and running, changing the defaults is a snap. Q4. How can a printer be added in win 2k server? Ans. Printers are added using the add printer wizard found under Control Panel-Printers. This allows you to define the name, properties and location of the new printer. You must be logged in as Administrator rights to add printer. When a user connects to a printer on a Windows 2000 server, the client computer downloads the printer driver from the server. One copy of the printer driver needs to be maintained, and clients get the latest driver when they connect to the printer. Printer drivers do not have to be installed on client computers, easing the task of letting users connect to printers without having to locate the required setup disks. Q5. What is the role of operating system? Ans. Operating systems manage a computer's resources—memory, peripheral devices, and even CPU access—and provide a battery of services to the user's programs. The most popular operating systems are Unix, Microsoft Windows, Linux etc. Q6. What do you understand by MMC. Ans. A framework for hosting administrative tools, called consoles. A console may contain tools, folders or other containers, World Wide Web pages, and other administrative items. These items are displayed in the left pane of the console, called a console tree. A console has one or more windows that can provide views of the console tree. The main MMC window provides commands and tools for authoring consoles. The authoring features of MMC and the console tree itself may be hidden when a console is in User Mode. Microsoft Management Console is also called MMC. Q7. What are the kinds of backups? Ans. Types of Backups Normal - Saves files and folders and shows they were backed up by clearing the archive bit. 23 Q8. Ans. Q9. Ans. Q10. Ans. Q11. Ans. Q12. Ans. Q13. Ans. Q14. Ans. Copy - Saves files and folders without clearing the archive bit. Incremental - Saves files and folders that have been modified since the last backup. The archive bit is cleared. Differential - Saves files and folders that have been modified since the last backup. The archive bit is not cleared. Daily - Saves files and folders that have been changed that day. The archive bit is not cleared. To perform a backup, select "Start", "Programs", "Accessories", "System Tools", and "Backup". The Windows 2000 "Backup Utility" will start. What do you mean by client server architecture? In client/Server network architecture computers on a network act as a server managing files and network services OR as a client where users run applications and access servers. Clients rely on servers for resources like web pages, data, files, printing and OLAP. What is proxy server ? Or What is the role of proxy server? A server that acts as an intermediary between a workstation user and the Internet so that the enterprise can ensure security, administrative control, and caching service. A proxy server is associated with or part of a gateway server that separates the enterprise network from the outside network and a firewall server that protects the enterprise network from outside intrusion Define registry. In computing, the registry is the part of an operating system which records the relationship between hardware, memory space and addressing. In general terms it is a database which stores settings and options for the operating system, especially for Microsoft Windows 32-bit versions. It contains information and settings for all the hardware, software, users, and preferences of the PC. Explain Compression and Encryption in NFS volumes. NTFS supports a compression attribute for each file. You can choose which files to compress and which ones to leave uncompressed. The compression algorithm NTFS uses is similar to the one used by DriveSpace in MS-DOS. Using compression provides an approximately 40 to 50 percent increase in hard disk space. NTFS also supports the Encrypting File System (EFS). EFS enables you to store files on an NTFS partition in an encrypted format so that even if an unauthorized user removes a hard drive from your computer, that user will be unable to access the sensitive data contained in the encrypted file. How can we run programs from start menu? We can use the start button to begin anything in windows 2000. To start an application previously installed on your computer for your use, follow following steps: 1. Click the start button to open the start menu. 2. Click programs. Along with some application names, your Programs menu will likely include several folders for different categories of programs such as Accessories and a folder for startup programs that run automatically when you start Windows. 3. Choose the program group that includes the application you want to start. 4. Click the program you want to start from the selections listed in the submenu. Click OK. What is clipboard? The clipboard is an area in memory that serves as the temporary storage house for an item that you cut or copy. When paste an item, a copy stays on the clipboard until you cut or copy another item, close windows 2000 professional, or intentionally clear the clipboard. Thus, you can paste the same item multiple times. Windows 2000 includes the clip book viewer, a utility that you can use to save and share items that you place on the clipboard. Give features of Active Directory. Active Directory is a major step forward for the Windows NT/Windows 2000 operating systems. Just a few of the key features and benefits offered by Active Directory are: 24 Q15. Ans. Q16. Ans. Q17. Ans. Q18. Ans. Q19. Ans. Q20. Ans. Q21. Ans. It provides fully integrated security. It provides ease of administration by using group policies. It makes resources easier to locate. It is scalable to any size network. It is flexible and extensible. What is forest? Forest is a group of one or more domain trees, linked by transitive trusts, that shares a common schema and global catalog. A forest begins with one domain and one domain tree. When you install Active Directory on the first domain controller on your network, Windows 2000 creates a domain, a domain tree, and a forest all at the same time. So, even though you’ve only installed Active Directory on one computer, you’ve got all of these big-picture elements created and ready to go. Now the forest can grow as you add additional domains and domain trees. Define Global catalog. A global catalog server is a domain controller that has an additional duty—it maintains a global catalog. You may recall that a global catalog is a master, searchable database that contains information about every object in every domain in a forest. The global catalog contains a complete replica of all objects in Active Directory for its host domain, and contains a partial replica of all objects in Active Directory for every other domain in the forest. A global catalog server performs two important functions: * Provides group membership information during logon and authentication * Helps users locate resources in Active Directory How many different types of Internet connections are possible in WIN2k server? We can connect a PC to the internet in at in at least four ways: 1. The older, more limited way is as a remote terminal on a host computer already connected to the Internet. 2. The ideal way is through a network interface card (NIC) to a local area network (LAN) that’s connected to the Internet. 3. The most common way is through a dial-in TCP/IP connection to an ISP. 4. And finally, also quite common is accessing the Internet via an online information service such as American Online or CompuServe. What are terminal services? Terminal Services is a Windows 2000 Server component that provides terminal emulation to network clients. Terminal Services enables users of client computers to remotely perform processor-intensive and network-intensive tasks from their client computers. The application runs on the server running Terminal Services, so the user can take advantage of the processing power and network connectivity of the server, while fully controlling the application from the client computer’s keyboard and monitor. What is control panel? With control panel we can configure and personalize settings for many of windows 2000 functions and features, such as Accessibilities options, Add/remove programs, Administrative tools, folder options, regional options, and schedule tasks. To access control panel, choose startsettingscontrol panel. You can also access control panel through my computer and windows explorer. Define transitive trust. A transitive trust is a trust relationship between two Windows 2000 domains in the same domain tree (or forest) that can extend beyond these two domains to other trusted domains within the same domain tree (or forest). A transitive trust is always a two-way trust. By default, all Windows 2000 trusts within a domain tree (or forest) are transitive trusts. Differentiate between Mixed mode and Native Mode. A mixed mode ADS server can interact with domain controller running earlier version of NT. Basically, the ADS server becomes the primary domain controller (PDC) for the existing domain, and it will update the older servers in a manner similar to that of an NT 4 server. This 25 allows you to update your servers one at a time without having to be concerned about backward capabilities issues. A native mode ADS server cannot act as part of an older environment. As soon as all of your older servers have been upgraded to windows 2000 and ADS, you should switch your servers to native mode. “Mixed mode” basically refers to a process running on your windows 2000 server, using processor power and memory. Section – B 5 Marks Questions Q1. What are the common control panel options in windows 2000 professional? Ans. Accessibility Options:-The Accessibility Options application is used to configure the keyboard, sound, display, and mouse options on a computer to accommodate users who are physically challenged, including people who have difficulty striking multiple keys simultaneously on a keyboard, people who are visually or hearing impaired, or people who have difficulty holding or clicking a mouse. The Accessibility Options application is available unless you deselected it during the installation of Windows 2000. Accessibility Options is normally installed by default, but if it’s not installed on your computer, you can use the Add/Remove Programs application to install it. Add/Remove Hardware:- The Add/Remove Hardware application is a wizard that helps you add, remove, unplug, and troubleshoot the hardware in your computer. Hardware devices that you can add, remove, and troubleshoot include: _ Display devices/video adapters _ DVD and CD-ROM devices _ Input/output (I/O) devices, such as: _ Cameras _Keyboard _ Modems, including fax modems _ Mouse _ Multimedia devices _ Printers _ Scanners _ Smart card readers _ USB devices _Wireless devices, such as infrared (IrDA) devices _ Mobile computer hardware, such as PC Card devices _ Network adapter cards Add/Remove Programs:- The Add/Remove Programs application is used to install and remove third party software and to add and remove optional Windows 2000 components. All users can use the Add/Remove Programs application to add and remove third-party applications, but only members of the Administrators group can use the portion of this application that enables you to add and remove optional Windows 2000 components. To start the Add/Remove Programs application, double-click the Add/Remove Programs icon in Control Panel. Date/Time:- The Date/Time application is used to configure the date, time, time zone, and optional adjustment for daylight saving time. You must be a member of the Administrators group to use the Date/Time application. To start the Date/Time application, double-click the Date/Time application in Control Panel, or double-click the clock/time display in the lower-righthand corner of the taskbar on your desktop. Display:- The Display application is used to configure a computer’s desktop settings, including background, screen saver options and computer power settings, desktop appearance, Web pages that appear on the Active Desktop, desktop icons and visual effects, and display adapter settings (including multiple display support).You can also configure the display to use 26 large fonts, large icons, and a high-contrast color scheme to accommodate a visually challenged user. In addition to configuring desktop and display settings, the Display application is also useful for troubleshooting desktop settings and video adapters. To start the Display application, double-click the Display icon in Control Panel; or, simply right-click the desktop and select Properties from the menu that appears. There are six tabs in the Display Properties dialog box: Background, Screen Saver, Appearance, Web, Effects, and Settings. Folder Options:- The Folder Options application is used to customize the manner in which files and folders are displayed, and to make network files available for use offline. To start the Folder Options application, double-click the Folder Options icon in Control Panel. You can also access this application by selecting ToolsFolder Options in Windows Explorer. There are four tabs in the Folder Options dialog box: General, View, File Types, and Offline Files. Fonts Folder:- The Fonts folder is actually a tool used to install, delete, and manage fonts. To access the Fonts folder, double-click the Fonts icon in Control Panel. When you open the Fonts folder, numerous fonts are displayed. The Fonts folder displays every font that is installed on the computer. Game Controllers:- The Game Controllers application is useful for managing game-related hardware, such as joysticks and game pads. With Game Controllers, you can add, remove, and configure game controllers. You must be a member of the Administrators group to perform many of the tasks that can be done using the Game Controllers application. To access Game Controllers, double-click the Game Controllers icon in Control Panel. Q2. How to configure and use accessibility options? Ans. Accessibility Options:- The Accessibility Options application is used to configure the keyboard, sound, display, and mouse options on a computer to accommodate users who are physically challenged, including people who have difficulty striking multiple keys simultaneously on a keyboard, people who are visually or hearing impaired, or people who have difficulty holding or clicking a mouse. The Accessibility Options application is available unless you deselected it during the installation of Windows 2000. Accessibility Options is normally installed by default, but if it’s not installed on your computer, you can use the Add/Remove Programs application to install it. Configuring Accessibility Options:- To start Accessibility Options, double-click the Accessibility Options icon in Control Panel. In the Accessibility Options dialog box notice the five tabs available in this dialog box: Keyboard, Sound, Display, Mouse, and General. On the Keyboard tab, you can configure Sticky Keys, Filter Keys, Toggle Keys, and show extra keyboard help in programs. Sticky Keys enables a user to execute keyboard commands that normally require striking two or more keys simultaneously by striking one key at a time. Filter Keys instructs Windows 2000 to ignore quick or repeated keystrokes, or to slow the repeat rate of a key when it is held down. Filter Keys can be helpful when a user’s hands tremble while typing, or when a user cannot remove a finger quickly once he or she has pressed a key. Toggle Keys causes Windows 2000 to play a tone every time the Caps Lock, Num Lock, or Scroll Lock key is pressed. A high tone is played when the key is first pressed, and a lower tone is played when Caps Lock, Num Lock, or Scroll Lock is pressed again (and turned off).This feature is helpful for visually impaired users. On the Sound tab, you can configure the Sound Sentry and Show Sounds. When the Sound Sentry is enabled, Windows 2000 displays a visual warning when the computer makes a sound. When Show Sounds is enabled, applications display captions for the speech and sounds they generate. Both of the features on this tab can be helpful for users who are hearing impaired. On the Display tab, you can select the High Contrast option if you want Windows 2000 to use colors and fonts designed to be read easily. You can select from a white-on-black appearance scheme, a black-on-white scheme, or a custom scheme that you specify. On the Mouse tab, you can configure a Windows 2000 computer to use MouseKeys. MouseKeys enable you to move the cursor by pressing the keys on your keyboard’s 10-key pad instead of by using a mouse. On the General tab, you can configure Windows 2000 to turn off accessibility features after the computer has been idle for a specified number of minutes. You can also configure Windows 27 2000 to notify you, either visually or by making a sound, when an accessibility feature is turned on or off. You can also configure Serial Key devices, such as numeric keypads or other devices that augment the keyboard and mouse features, on this tab. As the name implies, Serial Key devices are connected to a computer’s serial port. Finally, an administrator can choose to apply all selected Accessibility Option settings to the computer’s default desktop that is displayed during logon, to new users that log on to this computer from this point on, or both. Making configuration changes in the Accessibility Options application is fairly straightforward and self-explanatory. For example, suppose you want to configure keyboard settings for an employee who is unable to strike two keys simultaneously. Because many keyboard commands use the Shift, Ctrl, or Alt keys in conjunction with another key, you’ll need to select the Use Sticky Keys option on the Keyboard tab. You can either accept the default settings for this option, or click Settings for more Sticky Keys configuration options. When you’re finished configuring Accessibility Options, click OK. Q3. What are the different printing settings in win2k? Ans. There are three types of settings that affect printing: Printer properties, printing preferences, and print server properties. Printer properties From the printer's Properties dialog box, you set the options that affect the printer and all documents printed. These options include: Loading a new printer driver and printing a test page. Adding, deleting, and configuring a port and enabling printer pooling. Scheduling the printer's availability and assigning printer priorities. Sharing a printer and installing additional drivers. Assigning permissions for a printer and taking ownership of a printer. Setting printer memory. Assigning a print form to a printer tray. Choosing font types. Document printing preferences From the Printing Preferences dialog box, you can change settings that affect the way documents are printed. These options include: Changing the layout of your text on a page by choosing portrait or landscape. Changing the number of copies that are printed. Choosing to print on both the front and back of the paper. Print server properties From the Print Server Properties dialog box, you can change settings that affect all printers installed on the print server. These options include: Assigning standard print forms to a printer tray and creating custom forms that are available to all printers on the server. Adding, deleting, and configuring ports on the print server. Adding, removing, updating, and viewing the properties of printer drivers installed on the print server. Setting spooler and print notification options. Q4. What is scheduled task? How you can add a new scheduled task? Ans. The Scheduled Tasks folder is a tool used to schedule a program, command, script, document, or batch file to run at a specified time. You can schedule multiple tasks in the Scheduled Tasks folder. The Scheduled Tasks tool is sometimes called the Task Scheduler. ADDING AND CONFIGURING A TASK 1. Start the Scheduled Tasks tool. (Select StartSettingsControl Panel, and then double-click Scheduled Tasks.) 2. In the Scheduled Tasks folder, double-click the Add Scheduled Task icon. 3. The Scheduled Task Wizard starts. Click Next. 4. The wizard prompts you to select the program you want to schedule, Several applications are listed, and if you don’t find the program you want, you can click Browse to locate the desired program or file on your computer or the network. 28 If you selected a program from the list, click Next. Or, if you browsed for and selected a file or program, click Open. 5. Enter a name for this task, and select how often you want the task to be performed. Click Next. 6. Depending on the frequency you selected in Step 5, an additional screen may be displayed prompting you to enter specific scheduling information, including days, dates, time, and so on. Configure this screen to meet your needs and click Next. 7. Enter a user name and password that Windows 2000 will use to run this task. Ensure that the user name you enter has the necessary rights and permissions to perform this task, especially if the task needs to access data on another computer on your network. Confirm the password, and click Next. 8. To configure advanced settings for this task, select the check box next to “Open advanced properties for this task when I click Finish.” Click Finish. Or, if you don’t want to configure advanced settings at this time, click Finish, and skip the remaining steps listed here. (You can set advanced settings later by right clicking the task’s icon in Scheduled Tasks, and then selecting Properties from the menu that appears.) 9. Four tabs are displayed in which you can configure advanced settings: Task, Schedule, Settings, and Security. On the Task tab, you can configure command-line switches, specify the appropriate folder to start the task in, and specify a user name and password for the task. You can also temporarily disable a task by clearing the check box next to Enabled. On the Schedule tab, you can configure specific scheduling information for the task and create additional schedules for this task. On the Settings tab, you can configure various advanced settings, including idle time and Power Management options. For example, you can configure Windows 2000 to start the task only if the computer has been idle for a specified number of minutes, or to not start the task if the computer is running on battery power. On the Security Tab, you can configure security permissions so that other users can run the task. When you’ve finished configuring advanced settings, click OK. Q5. How to install a local printer? Give step-by-step in detail. Ans. ADDING A LOCAL PRINTER 1. Open the Printers folder. (Select Start ➪Settings ➪Printers.) 2. In the Printers folder, double-click Add Printer. 3. The Add Printer Wizard begins. Click Next. 4. The Local or Network Printer screen appears. Ensure that the check box next to “Automatically detect and install my Plug and Play printer” is cleared. Click Next. 5. The Select the Printer Port screen appears. Notice that LPT1: is the default selection. If the port you want to use is not displayed, select the “Create a new port” option, and select the type of port you want to create from the Type drop-down list box. Then follow the instructions presented on-screen to create the new port. Click Next. 6. The Add Printer Wizard screen is displayed. Select your print device’s manufacturer from the list on the left. Then select the print device’s model from the list on the right. If your print device does not appear in the list, and you have drivers for the device (either on a floppy disk, CD-ROM, or downloaded from the Internet), click Have Disk and follow the instructions on-screen. Click Next. 7. On the Name Your Printer screen, either accept the default name displayed for this printer, or type in a different name in the “Printer name” text box. Also choose whether you want this printer to be the default printer for all Windows-based programs on this Windows 2000 computer. Click Next. 8. On the Printer Sharing screen, choose whether or not to share this printer. If you’re adding a printer on a Windows 2000 Professional computer, the default selection is “Do not share this printer.” If you’re adding a printer on a Windows 2000 Server computer, the default selection is “Share as.” If you choose to share the printer, either accept the 29 Q6. Ans. Q7. Ans. default name displayed for the shared printer, or type in a different name in the “Share as” text box. Click Next. 9. If you chose to share the printer in Step 8, a Location and Comment screen appears on which you can describe the location and features of the printer you’re adding. All entries on this screen are optional. Enter information as appropriate and click Next. 10. The Print Test Page screen is displayed. Select Yes to print a test page, or select No to skip printing a test page. Click Next. 11. On the Completing the Add Printer Wizard screen, click Finish. 12. If you chose to print a test page in Step 10, a dialog box is displayed asking if the test page printed. Click OK. 13. The new printer you added is displayed in the Printers folder. Close the Printers folder. How to install Network Printer? Give step-by-step in detail. ADDING A NETWORK PRINTER 1. On the Windows 2000 computer, open the Printers folder. (Select Start➪ SettingsPrinters.) 2. In the Printers folder, double-click Add Printer. 3. The Add Printer Wizard begins. Click Next. 4. The Local or Network Printer screen appears. Select the option next to “Network printer.” Click Next. 5. The Locate Your Printer screen appears. On this screen, you specify how you want Windows 2000 to locate the shared network printer you’re adding. The options you can select from are: _ Find a printer in the Directory: Select this option if you want to have Windows 2000 search Active Directory for the shared network printer. If you select this option (which is the default setting), you can use the Find Printers dialog box to search Active Directory for the printer. _ Type the printer name, or click Next to browse for a printer: Select this option if you want to specify a UNC path to the shared network printer, or if you want to browse the network for this printer. If you select this option, you can select the shared network printer from a browse list. _ Connect to a printer on the Internet or on your intranet: Select this option if you want to specify a URL for an Internet printer. Browsing is not supported for this option. Select the appropriate option, and click Next. 6. If the computer that hosts the shared network printer you’re adding does not have drivers for the print device that are supported by Windows 2000, Windows 2000 prompts you to install drivers on the local Windows 2000 computer to enable it to print to the shared network printer. If this Connect to Printer warning dialog box does not appear, skip to Step 8. If this Connect to Printer warning dialog box appears, click OK and continue. 7. In the Add Printer Wizard dialog box, select the shared network print device’s manufacturer from the list on the left. Then select the print device’s model from the list on the right. If the shared network print device does not appear in the list, and you have drivers for the device (either on a floppy disk, CD-ROM, or downloaded from the Internet), click Have Disk and follow the instructions on-screen. Click Next. 8. On the Default Printer screen, choose whether the network printer you’re adding will be the default printer for all Windows-based programs on this Windows 2000 computer. Click Next. 9. On the Completing the Add Printer Wizard screen, click Finish. 10. The network printer you just added is displayed in the Printers folder. Close the Printers folder. How we can convert FAT or FAT 32 to NTFS? Converting from FAT or FAT32 to NTFS In Windows 2000 you can format a new volume with FAT, FAT32, or NTFS. You can change an existing FAT or FAT32 volume into an NTFS volume by using Convert.exe. This is a fairly simple procedure. When you use Convert.exe all data on the existing volume is retained.. 30 However, it is a one-way process—there is no way to convert an NTFS volume into a FAT or FAT32 volume without first backing up, reformatting the volume, and restoring the data. To convert a FAT or FAT32 volume into an NTFS volume, use the Convert.exe command at a command prompt. To start a command prompt, select StartProgramsAccessoriesCommand Prompt. The syntax for the Convert.exe command is: CONVERT volume /FS:NTFS [/V] The following is an explanation of this syntax: * Volume This specifies the drive letter (followed by a colon) or mount point to convert to NTFS. * /FS:NTFS This indicates that the file system should be converted to NTFS. This is an outdated switch, because NTFS is the only file system that you can use Convert.exe to switch to in Windows 2000; but its use, in terms of command syntax, is still required. * /V This optional switch specifies that Convert.exe will run in verbose mode. Running a command in verbose mode will display the maximum amount of information and detail to the user. Q8. What are the various files and folder attributes in windows 2000? Explain. Ans. Windows 2000 File and Folder Attributes There are seven Windows 2000 file and folder attributes. These file and folder attributes can be used on FAT, FAT32, and NTFS volumes, with the exception of the Compress, Encrypt, and Index attributes, which are available only on NTFS volumes. Archive Indicates that the file or folder has been modified since the last backup. This is applied by the operating system when a file or folder is saved or created, and is commonly removed by backup programs after the file or folder has been backed up. Compress Indicates that Windows 2000 has compressed the file or folder. This is only available on NTFS volumes. It can be set by using Windows Explorer and by using the compress command-line utility. It can’t be used in conjunction with the Encrypt attribute. In other words, a file can be encrypted or compressed, but not both. It is applied by administrators to control which files and folders will be compressed. Encrypt Indicates that Windows 2000 has encrypted the file or folder. It is only available on NTFS volumes. It can be set by using Windows Explorer and by using the cipher commandline utility. It can’t be used in conjunction with the Compress attribute. It is applied by users and administrator to control which files and folders will be encrypted. Once a file or folder has been encrypted, only the user who encrypted the file or folder (or the Administrator) can open the file or folder and view its contents. Hidden Indicates that the file or folder can’t be seen in a normal directory scan. Files or folders with this attribute can’t be copied or deleted. It is automatically applied to various files and folders by Windows 2000 during installation. In addition, this attribute can be applied by administrators or users to hide and protect files and folders. Index Indicates that the file or folder is indexed by the Indexing Service. It is only available on NTFS volumes. It can be applied by administrators or users. Once this attribute has been applied to a file, users can use Windows Explorer to locate this file by searching for words or phrases contained in the file. Read-only Indicates that the file or folder can only be read — it can’t be written to or deleted. This is often applied by administrators to prevent accidental deletion of application files. System Indicates that the file or folder is used by the operating system. Files or folders with this attribute can’t be seen in a normal directory scan, and can’t be copied or deleted. It can’t be set by using Windows Explorer. You must use the attrib command-line utility to view or change this attribute. It is automatically applied to various files and folders by Windows 2000 during installation. Q9. How programs can be added and removed in windows 2000? Ans. Add/Remove Programs 31 The Add/Remove Programs application is used to install and remove third party software and to add and remove optional Windows 2000 components. All users can use the Add/Remove Programs application to add and remove third-party applications, but only members of the Administrators group can use the portion of this application that enables you to add and remove optional Windows 2000 components. To start the Add/Remove Programs application, double-click the Add/Remove Programs icon in Control Panel. Adding a Program One of the most common uses for the Add/Remove Programs application is to add a new program or application. To add a new program, such as a word processing application or a game, insert the application’s compact disc (or first installation floppy disk) into your computer. In the Add/Remove Programs application main dialog box, click Add New Programs. A dialog box is displayed. Notice that you can either add a program from a compact disc or a floppy disk, or you can connect to Microsoft’s Web site over the Internet and download new or updated Windows 2000 features, device drivers, service packs, and so on. If your Windows 2000 computer is a member of a domain, another option is displayed in this dialog box that enables you to add programs from your corporate network. Follow the instructions presented on-screen to install the new program. Removing a Program Another common use of this application is to remove an installed program, perhaps because the program is not functioning properly, because you want to free up disk space, or for any other reason. You can use the Add/Remove Programs application to remove a program entirely, or to remove a discrete component within a program. Q10. Write steps to add/ remove windows components. Ans. USING ADD/REMOVE PROGRAMS TO ADD/REMOVE OPTIONAL WINDOWS 2000 COMPONENTS 1. Select StartSettingsControl Panel. 2. In the Control Panel dialog box, double-click Add/Remove Programs. 3. In the Add/Remove Programs dialog box, click Add/Remove Windows Components. 4. The Windows Components Wizard starts. Notice the detailed list of optional Windows 2000 components. To add or remove a component, select or clear the check box next to that component. The check boxes in this dialog box have three possible states: Checked: If the check box next to a component is checked when the dialog box first appears, this component, and all of its subcomponents, is already installed on this computer. If you select a check box that was previously cleared, this component, and all of its subcomponents, will be installed during this process. Cleared: If the check box next to a component is cleared when the dialog box first appears, this component, and all of its subcomponents, is not installed on this computer. If you clear a check box that was checked or gray checked, this component, and all of its subcomponents, will be removed by this process. Gray Checked: If the check box next to a component is gray checked when the dialog box first appears, this component and selected subcomponents are already installed on this computer. If you highlight a component, click Details, and then select or clear check boxes next to specific subcomponents, Windows 2000 will make the requested changes by either adding or removing selected subcomponents. As you can tell from the preceding check box descriptions, you can control which subcomponents of a component are added or removed. To configure specific subcomponents, highlight a component and click Details. In the dialog box that appears, select the check boxes next to the subcomponents you want to add, clear the check boxes next to the subcomponents you want to remove, or both, and then click OK. Click Next. 5. Windows 2000 configures components, and makes the configuration change(s) you requested. When the Completing the Windows Components Wizard screen appears, click Finish. 6. Click Close to exit the Add/Remove Programs application. 32 Q11. What is registry? How registry editor can be open and what are the various settings available under registry editor? Ans. The registry is just a database that contains all the configurable settings used on your system. Everything, from users and accounts to applications and the kinds of documents they create, to Properties settings for your Desktop, to printers, modems, and other hardware, has entries in the Registry. Registry entries are updated automatically by windows 2000 professional operating system services when they receive a request from one of the control panel applets, so most of the time we don’t need to worry about the registry. We can open the registry editor by click startRuntype regedit and click ok. In the left pane of the registry editor , you will see the following sub trees: HKEY_CLASSES_ROOT:Contains information on file-association data and about OLE. HKEY_CURRENT_USER:Contains information about the user currently logged on to this computer. HKEY_LOCAL_MACHINE:Stores information about the hardware available on your computer, as well as device drivers, device settings, and hardware profiles. HKEY_USERS:Stores information about users and their preferences, along with network and desktop settings. HKEY_CURRENTCONFIG:Contains information about the currently active hardware configuration. Q12. How printing can be done from desktop? Ans. We can print documents from desktop in the following way:1. By using drag and drop 2. By right-clicking the document. Using drag and drop:- To print with drag and drop, you need a shortcut to your printer on the desktop, and you need an open folder that contains the file. In other words , you need to be able to see both the printer icon and the filename or icon. Simple click the file, and drag it onto the printer icon. Windows 2000 opens the file in the program in which the document was created or in the program you’ve associated with the file by using the Open With Command, and then it prints the file. When you print in this manner you use the default options in the Print dialog box. The entire file is printed, only one copy is printed, the printed output is in portrait orientation (vertical), and the default paper tray is used. You have no opportunity to modify these settings. Right-clicking to print:- To print using the right-click method in windows, open a folder that contains the file you want to print, right-click the file, and select print from the shortcut menu. In a flash, the program associated with the file opens, and the document prints. Just as when you drag and drop to print, the default settings in the Print Dialog box are used. Q13. What is printing to a file and how it is done in windows 2000? Ans. Printing to a file, saves cods and data that are normally sent to the printer. In our work sometime we need to supply the publisher with a file that has been saved to disk so that it can be printed on their printer. When you want to do this, you can even install on your hard drive a printer that isn’t physically installed on your system or the network, and then print the file to that printer. To print a file, follow these steps: 1. Choose File Print to open the print dialog box. 2. Select the printer, and then click Print to File. 3. Click Print. 4. Enter a name for the file in the Print To File dialog box, and click OK. By default, these files are stored in your My Documents folder. Q14. How clipbook viewer can be started and how e can use it to paste, copy and share? Ans. To start clipbook viewer follow the following steps: 1. Choose start Run Type clipboard and click OK To Paste an item into the clipbook: 1. Cut or Copy something to the clipboard. 33 2. Open the clipbook viewer. 3. Choose Edit Paste to open the paste dialog box: 4. In the page Name box, enter a name for the page, and click OK. You will now see the item in Thumbnail view in the Local Clipbook. You can also view it on the clipboard. To change the view, choose ViewTable of contents of a page, choose view full page. Copying an item from the clipbook 1. Open clipbook viewer. 2. In the local clipbook, click the page you want to copy. 3. Choose EditCopy. 4. Open the document in the application to which you want to copy the item 5. Place the insertion point where you want the item. 6. Choose Edit Paste. Q15. Ans. Q16. Ans. Sharing Clipbook Pages: If you are on the local area network, you can share clipbook pages with other users who also have clipbook viewer installed. 1. In the local clipbook. Click the page you want to share. 2. Choose Fileshare to open the share clipbook page dialogbox. 3. To start the program with which the page was created when a user inserted the page in a document, click the Start Application On Connect check box. To also run the program minimized, also click the Run Minimized check box. 4. If You want to ensure that users can’t edit or delete the page, click the permissions button to open the clipbook page permission dialog box. 5. After you set the permissions, click OK twice. Write steps to install DNS server service. INSTALLING THE DNS SERVER SERVICE 1. Place your Windows 2000 Server or Advanced Server compact disc into your computer’s CD-ROM drive. Select Start Settings Control Panel. 2. In the Control Panel dialog box, double-click Add/Remove Programs. 3. In the Add/Remove Programs dialog box, click Add/Remove Windows Components. 4. The Windows Components Wizard starts. In the Windows Components screen, scroll down and highlight Networking Services. Click Details. 5. In the Networking Services dialog box, select the check box next to Domain Name System (DNS). Click OK. 6. In the Windows Components screen, click Next. 7. Windows 2000 Setup configures components. In the Completing the Windows Components Wizard screen, click Finish. 8. Close the Add/Remove Programs dialog box. Close Control Panel. How will you configure keyboard settings in control panel? The Keyboard application is used to configure specific keyboard features, including speed of character repeat and cursor blink rate, input locale (including keyboard layout), and keyboard device type. To start the Keyboard application, double-click the Keyboard icon in Control Panel. There are three tabs in the Keyboard Properties dialog box: Speed, Input Locales, and Hardware. If you want to adjust the character repeat delay, the character repeat rate, or the cursor blink rate, drag the slider to the desired speed, and click OK. The Input Locales tab, is used to configure both the input locale (the language and locality of the language such as English United States) and the keyboard layout. The default input locale is English (United States). You can add other input locales (such as English [United Kingdom] or Dutch [Netherlands]) by clicking Add on the Input Locales tab, selecting the input locale you want from the Input locale drop-down list box, and then clicking OK. You can also remove an input locale on this tab by highlighting the input locale and clicking Remove. 34 The default keyboard layout option is US. To configure keyboard layout options, first highlight the input locale for which you want to modify the keyboard layout. Then click Properties, and select the keyboard layout you want from the “Keyboard layout/IME” drop-down list box, and click OK. You can also use the Input Locales tab to configure hot key sequences to switch between input locales, and to switch to a particular input Figure 1 Figure 2 locale. The Hardware tab is used to configure the hardware properties of your keyboard. This tab offers you the same configuration options that are available in Device Manager. Q17. Write steps to start programs automatically when you start windows 2000 professional. OR Explain startup facility in windows 2000. Ans. You can specify that applications start automatically every time you start windows 2000 professional by adding applications to a special folder called the startup folder. Everyone has at least one program that they use on a regular basis (a word processor or spreadsheet etc.), so you may as well have your most commonly used programs start every time you start up your computer. To do this follow the following steps:1. Choose startsettingsTaskbar & start menu to open the Taskbar and start menu properties dialog box. 2. Click the Advanced tab to bring It to the front, and click the Advanced button to open the start menu folder. 3. Find the shortcut to the program you want to start automatically when you start windows 2000 professional, and drag it to your startup folder. The next time you start windows 2000 professional, this application will be started automatically. 35 Q18. Explain how you can adjust mouse in windows 2000. Ans. The Mouse application is used to configure a mouse or other pointing device. To start the Mouse application, double-click the Mouse icon in Control Panel. There are four tabs in the Mouse Properties dialog box, as shown in Figure. Notice the Buttons, Pointers, Motion, and Hardware tabs. On the Buttons tab, you can configure either a right-handed or left-handed button configuration, whether a single-click or double-click will open a file or folder, and double-click speed. The default settings in this dialog box are the right-handed button configuration, double-click to open an item, and medium double-click speed. The settings on the Buttons tab are pretty self explanatory, but do notice the small box in the Test area. You can double-click this box to test your double-click speed. When the system detects a double-click here, a clown pops up like a jack-in-the-box. When you double-click again, the clown disappears back into the box. If you double-click in the Test area and nothing happens, you probably have your double-click speed set too high. Drag the slider to a slower speed and retest your setting. The Pointers tab is used to select and customize a pointer scheme. The pointer is the arrow on your screen that moves as you move your mouse. The Motion tab is used to configure the speed and acceleration of your pointer. You can also select an option on this tab that causes the pointer to be automatically positioned over the default button in all dialog boxes when they are first opened. This option is called the “Snap to default” option. The Hardware tab is used to configure the hardware properties of your mouse or pointing device. This tab offers you the same configuration options that are available in Device Manager. Q19. Explain the followings a) Running programs from document. b) Running programs from search c) Running Programs from explorer OR Explain any two ways to run programs. Ans. (i) Running programs from document:- Windows 2000 professional keeps track of your 15 most recently used documents and makes these documents available from the document 36 menu on the start menu. To open one of these documents, and open the parent application at the same time, choose startdocuments, and then choose the name of the document you want to work with. The application starts running and opens the appropriate document on the desktop. The Documents submenu can only hold maximum 15 documents as you continue top work, new items replace the least recently used items. If you start a new project and realize that all the documents on your menu are now out of date, follow these steps to clear the entire menu and start over: 1. Choose Start settings Taskbar & Start menu. 2. In the Taskbar and start menu properties dialog box, click the Advanced tab top bring it to the front. 3. Click the clear button, and click OK to close the dialog box. (ii) Running programs from search:- Search is particularly useful for applications that do not appear in any of the start button program submenus but are loaded somewhere on your hard disk or on the network. Follow these steps: 1. Choose startsearchfor files and folders. Alternatively, right-click the start button, and choose search. 2. Enter the name of the file you want to locate in the search for files or folders named field. You can use the * wildcard character to search for files with similar names. And if you don’t know the name of the file you are looking for, you can locate all the executable files by entering *.exe 3. Use the drop down list from the look in filed to select the drive you want to search. 4. Click the search now button to start the search. You wait until the search completes, or it you spot the file you are looking for, click stop search. Q20. Explain when we use Run command and command prompt. Ans. Run Command:-The start menu contains a useful Run command that you can use to launch programs, to open folders, to connect to shared computers, and even to open web sites. The run command is most useful when: 1. The program you want to run is not available on your programs menu or as an icon on the desktop. 2. You want to rerun or reopen a recently used program, document, or folder. 3. The program you want to run requires one or more command line-parameters. Command prompt:- Windows 2000 professional also contains a command prompt you can use to start programs and run utility programs. To open command prompt window, choose startprogramsAccessoriescommand prompt, or choose the run command from the start menu, enter cmd in the open box, and click OK. To close the command prompt windows type exit and press Enter, or click the close button. To open another command prompt windows type start or start cmd at the command prompt. If you want to customize the appearance of the command prompt window, click the window’s control menu icon to open the shortcut menu, and select properties. You can change the font, color, cursor size, and other options used in the window. 37 Section – C 2 Marks Questions Q1. What are the benefits of ADS? Ans. Directory services are repositories for information about network-based entities, such as applications, files, printers, and people. Directory services are important because they provide a consistent way to name, describe, locate, access, manage, and secure information about these resources. Q2. Explain Group Policy. Ans. Use Group Policy to set a variety of software, computer, and user policies. For example, you can define the various components of the user's desktop environment, such as the programs that are available to users, the icons that appear on the user's desktop, the Start menu options, which users can modify their desktops and which cannot, and so on. You also use Group Policy to set user rights. Q3. What is DHCP? Ans. A TCP/IP service protocol that offers dynamic leased configuration of host IP addresses and distributes other configuration parameters to eligible network clients. DHCP provides safe, reliable, and simple TCP/IP network configuration, prevents address conflicts, and helps conserve the use of client IP addresses on the network. DHCP uses a client/server model where the DHCP server maintains centralized management of IP addresses that are used on the network. DHCP-supporting clients can then request and obtain lease of an IP address from a DHCP server as part of their network boot process. Dynamic Host Configuration Protocol is also called DHCP. Q4. Write a short note on Dial-up-connection. Ans. The connection to your network if you are using a device that uses the telephone network. This includes modems with a standard phone line, ISDN cards with high speed ISDN lines, or X.25 networks. If you are a typical user, you may have one or two dial-up connections, perhaps to the Internet and to your corporate network. In a more complex server situation, multiple network modem connections might be used to implement advanced routing. Q5. What is inheritance? Ans. In Active Directory, permissions are inherited from parent objects. This process is called inheritance and can be blocked if desired. Q6. What do you understand by Universal Serial Bus (USB)? Ans. A hardware standard for external device connections (such as a mouse, modems, game controllers, and keyboards). USB supports Plug and Play installation so that you can easily add new devices to your computer without having to add an adapter card or shut down Q7. Explain Hyper Terminal. Ans. You can use HyperTerminal and a modem to connect to a remote computer, even if the remote computer isn't running Windows. You can also use HyperTerminal to send and receive files, or to connect to computer bulletin boards and other information programs. Q8. Use of NTDSUTIL. Ans. This utility is used for several different functions. Notably, it is used to seize a singleoperations master role and to perform authoritative restores. Q9. What do you understand by PXE? Ans. Pre-Boot Execution Environment (PXE) is a standard by which a network card with a boot ROM complying with the standard can request a TCP/IP address from a DHCP server and the IP address of a RIS server to start the installation of a Windows 2000 Professional image. Q10. Explain RIS image. Ans. An operating system image that can be deployed to computers from a RIS server. RIS images can be CD based or RIPrep images and are stored on a RIS server. Q11. What is RIS server? Ans. A Windows 2000 server that is part of an Active Directory domain and has Remote Installation Services installed. 38 Q12. What is system state data? Ans. The system state data is the core of the operating system and represents Active Directory, the registry, the certificate database, and other key files. The system state data should be backed up on a schedule.. Q13. What is the purpose of access control list (ACL)? Ans. An access control list is used to verify the permissions of a process to access an object. The credentials of the process are compared to the entries in the access control list to determine whether access is granted and what permissions are available if access is granted. Q14. Explain audit policy. Ans. Security auditing policy is a portion of security policy that enables you to configure which security-related events to monitor or which to potentially monitor. By monitoring these securityrelated system events, you are able to detect attempts by intruders to compromise data on the system or to gain access to resources they should not be able to reach. Q15. Explain Disk Quotas. Ans. Disk Quotas are settings on an NTFS volume used to enforce the amount of disk space that can be used by each user for files they create and/or own. Disk Quotas help ensure that users do not hog a disk and that enough space is available for all users. Q16. Explain domain. Ans. In terms of DNS, this is a name given to an organization on the Internet. In truth, it is only part of the namespace for the Internet. In Windows 2000, a domain is a part of the namespace, but it is also a logical division that can be used to separate a large group of users from the rest of the network, providing a security and replication boundary. Q17. Explain the purpose of Event Viewer. Ans. The Event Viewer is used to look at the system log files for various parts of the system including system, security, application, and DNS. This is the first place you should look when troubleshooting a problem. Q18. What is backup domain controller (BDC)? Ans. This is a type of computer found in Windows NT 4.0 domains. This computer kept a copy of the domain accounts database and was able to authenticate user logons. No changes could be made at a BDC, however, because the copy of the database that was kept was read only. Q19. Write a short note on credentials. Ans. In simple terms, credentials are the information you use to connect to the remote computer. Within the Windows 2000 domain, credentials are stored in an access token and include the user information along with a list of groups to which the user belongs. The access token can then be attached to each process the user starts, and when a process attempts to access an object, these credentials. Q20. What is Member server in Win 2k? Ans. A computer that runs Windows 2000 Server but is not a domain controller of a Windows 2000 domain. Member servers participate in a domain, but do not store a copy of the directory database. For a member server, permissions can be set on resources that allow users to connect to the server and use its resources. Resource permissions can be granted for domain global groups and users as well as for local groups and users. Q21. What do you understand by object? Ans. An entity such as a file, folder, shared folder, printer, or Active Directory object described by a distinct, named set of attributes. For example, the attributes of a File object include its name, location, and size; the attributes of an Active Directory User object might include the user's first name, last name, and e-mail address. For OLE and ActiveX, an object can also be any piece of information that can be linked to, or embedded into, another object. Q22. Difference b/w full & half duplex. Ans. Full Duplex:- A system capable of simultaneously transmitting information in both directions over a communications channel. Half Duplex:- A system capable of transmitting information in only one direction at a time over a communications channel. Q23. What is ICMP? 39 Ans. A maintenance protocol in the TCP/IP suite, required in every TCP/IP implementation, that allows two nodes on an IP network to share IP status and error information. ICMP is used by the ping utility to determine the reach ability of a remote system. Internet Control Message Protocol is also called ICMP. Q24. What do you understand by Infrared port? Ans. An optical port on a computer that communicates with other computers or devices using infrared light. Communication is achieved without cables. Infrared ports can be found on portable computers, printers, cameras, and other devices. An infrared port may also be assigned to an external infrared device that is connected to a serial or a parallel port, or connected directly to the motherboard. Q25. What is Internet address? Ans. An address for a resource on the Internet that is used by Web browsers to locate Internet resources. An Internet address typically starts with a protocol name, followed by the name of the organization that maintains the site; the suffix identifies the kind of organization it is. For example: the address http://www.yale.edu/ provides the following information: http This Web server uses the Hypertext Transfer Protocol. www This site is on the World Wide Web. yale The Web server is at Yale University. edu This is an educational institution. Internet address is also called Uniform Resource Locator (URL). Q26. What do you understand by IrQ? Ans. A request for attention from the processor. When the processor receives an interrupt, it suspends its current operations, saves the status of its work, and transfers control to a special routine known as an interrupt handler, which contains the instructions for dealing with the particular situation that caused the interrupt. Interrupts can be generated by various hardware devices to request service or report problems, or by the processor itself in response to program errors or requests for operating-system services. Interrupts are the processor's way of communicating with the other elements that make up a computer system. A hierarchy of interrupt priorities determines which interrupt request will be handled first if more than one request is made. A program can temporarily disable some interrupts if it needs the full attention of the processor to complete a particular task. Q27. Explain ISP. Ans. A company that provides individuals or companies access to the Internet and the World Wide Web. When you sign a contract with an ISP, you are given a telephone number, a user name, a password, and other connection information so you can connect your computer to the ISP's computers. An ISP typically charges a monthly and/or hourly connection fees. Internet service provider is also called ISP. Q28. What is Kerberos v5? Ans. An Internet standard security protocol for handling authentication of user or system identity. With Kerberos V5, passwords that are sent across network lines are encrypted, not sent as plaintext. Kerberos V5 includes other security features as well. Q29. What do you understand by Master boot record? Ans. The first sector on every hard disk. The MBR contains a small amount of executable code and the partition table, which stores information about the disk's primary and extended partitions. Master boot record is also called MBR. Q30. What is Master file table? Ans. An NTFS system file on NTFS-formatted volumes that contains information about each file and folder on the volume. The MFT is the first file on an NTFS volume. Master File Table is also called MFT. Q31. Difference b/w mirror set & mirror volume. Ans. Mirror Set: A fault-tolerant partition created with Windows NT 4.0 or earlier that duplicates data on two physical disks. You can only repair, resynchronize, break, or delete mirror sets in 40 Q32. Ans. Q33. Ans. Q34. Ans. Q35. Ans. Q36. Ans. Q37. Ans. Q38. Ans. Windows 2000. To create new volumes that are mirrored, use mirrored volumes on dynamic disks. Mirror Volume : A fault-tolerant volume that duplicates data on two physical disks. It provides data redundancy by using a copy (mirror) of the volume to duplicate the information contained on the volume. The mirror is always located on a different disk. If one of the physical disks fails, the data on the failed disk becomes unavailable, but the system continues to operate using the unaffected disk. A mirrored volume is slower than a RAID-5 volume in read operations but faster in write operations. You can create mirrored volumes only on dynamic disks. In Windows NT 4.0, a mirrored volume was known as a mirror set. What is Mounted drive? A drive attached to an empty folder on an NTFS volume. Mounted drives function the same as any other drive, but are assigned a label or name instead of a drive letter. The mounted drive's name is resolved to a full file system path instead of just a drive letter. Members of the Administrators group can use Disk Management to create mounted drives or reassign drive letters. What do you understand by Name space? A set of unique names for resources or items used in a shared computing environment. For Microsoft Management Console (MMC), the namespace is represented by the console tree, which displays all of the snap-ins and resources that are accessible to a console. For Domain Name System (DNS), namespace is the vertical or hierarchical structure of the domain name tree. For example, each domain label, such as "host1" or "example," used in a fully qualified domain name, such as "host1.example.microsoft.com," indicates a branch in the domain namespace tree. What is NetBEUI? A network protocol native to Microsoft Networking. It is usually used in small, department-size local area networks (LANs) of 1 to 200 clients. It can use Token Ring source routing as its only method of routing. NetBIOS Enhanced User Interface is also called NetBEUI. It is the Microsoft implementation of the NetBIOS standard. What do you understand by Nwlink? An implementation of the Internet work Packet Exchange (IPX), sequenced packet exchange (SPX), and Net BIOS protocols used in Novell networks. NWLink is a standard network protocol that supports routing and can support NetWare client-server applications, where NetWare-aware Sockets-based applications communicate with IPX/SPX Sockets-based applications. What is Posix? An Institute of Electrical and Electronics Engineers (IEEE) standard that defines a set of operating-system services. Programs that adhere to the POSIX standard can be easily ported from one system to another. POSIX was based on UNIX system services, but it was created in a way that allows it to be implemented by other operating systems. Portable Operating System Interface for UNIX is also called POSIX. What do you understand by Administrative alert? Alerts that relate to server and resource use. They notify users about problems in areas such as security and access, user sessions, server shutdown due to power loss (when a uninterruptible power supply is available), directory replication, and printing. When a computer generates an administrative alert, a message is sent to a predefined list of users and computers. What is Authentication? The process by which the system validates the user's logon information. A user's name and password are compared against an authorized list. If the system detects a match, access is granted to the extent specified in the permissions list for that user. When a user logs on to an account on a computer running Windows 2000 Professional, the authentication is performed by the workstation. When a user logs on to an account on a Windows 2000 Server domain, authentication may be performed by any server of that domain. 41 Q39. What is Active Directory data store? Ans. The Active Directory data store is the database in Active Directory that contains information about various types of network objects, including printers, shared folders, user accounts, groups, and computers. In a Windows 2000 domain, a read/write copy of the Active Directory data store is physically located on each domain controller in the domain. The Active Directory data store is also called the directory. Q40. What do you understand by container object? Ans. A container object (sometimes called a container for short) is any Active Directory object that can contain other objects. An OU is a container object. See also organizational unit (OU). Q41. Explain domain tree. Ans. A domain tree, in Active Directory terminology, is a hierarchical grouping of one or more domains that must have a single root domain, and may have one or more child domains. Q42. Explain Encrypting File System (EFS). Ans. The Encrypting File System (EFS) enables you to store files on an NTFS volume in an encrypted format, so that if an unauthorized user removes a hard disk from your computer, that user will be unable to access the sensitive data contained in the encrypted files. EFS provides the capability of the Encrypt attribute. Q43. Explain forward lookup zone. Ans. A forward lookup zone is a zone that contains host name to IP address mappings and information about available services for either a DNS domain or a DNS domain and one or more of its sub domains. See also zone, DNS. Q44. What is fully qualified domain name (FQDN)? Ans. An FQDN is a fancy term for the way computers are named and referenced on the Internet. The format for an FQDN is server_name.domain_ name.root_domain_name For example, a server named wolf in the alancarter domain in the com root domain has a fully qualified domain name of wolf.alancarter.com . Fully qualified domain names always use lowercase characters. DNS domain names are FQDNs. Q45. Explain IIS. Ans. Internet Information Services (IIS) is Windows 2000’s Web server. IIS is actually a collection of several services. Some of the most commonly used components of IIS are World Wide Web Server, File Transfer Protocol (FTP) Server, FrontPage 2000 Server Extensions, SMTP Service, and NNTP Service. IIS 5.0 is an integral part of Windows 2000 Professional, Windows 2000 Server, and Windows 2000 Advanced Q46. Explain infrastructure master. Ans. The infrastructure master is one of five operations master roles. The infrastructure master is the domain controller in the domain that updates group membership information when group members (who are users from other domains) are renamed or moved. There can be only one infrastructure master in each domain in a forest. Q47. How we can perform Internet connection sharing in win2k? Ans. Internet connection sharing, when enabled, permits other computers on your local area network to use a specific dial-up (or local area) connection on a computer to connect to the Internet. Internet connection sharing is commonly used in a home or small-office network setting when a single Internet connection must be shared by multiple computers. Internet connection sharing should not be used on networks that have existing routers, DNS servers, or DHCP servers. Q48. Explain intransitive trust. Ans. An intransitive trust is a trust relationship between two domains that is bounded by the two domains, and does not extend beyond these two domains to other domains. An intransitive trust is a one-way trust. Q49. Explain mandatory user profile. Ans. A mandatory user profile is users profile that, when assigned to a user, can’t be changed by the user. A user can make changes to desktop and work environment settings during a single logon session, but these changes are not saved to the mandatory user profile when the user 42 logs off. Each time the user logs on, the user’s desktop and work environment settings revert to those contained in the mandatory user profile. Q50. What are security groups and distribution groups? Ans. Security Groups:- Security groups are primarily used to assign permissions and user rights to multiple users. In addition, security groups can be used by some e-mail programs to send messages to the list of users that are members of the group. Distribution Groups:- Distribution groups are primarily used to send e-mail messages to a specified list of users. You can’t assign permissions and user rights to distribution groups. Section – C 5 Marks Questions Q1. What are goals of ADS? Explain active directory in windows 2000 server architecture. Ans. The three primary goals of Active Directory are: * To provide user logon and authentication services. * To enable administrators to organize and manage user accounts, groups, and network resources. * To enable authorized users to easily locate network resources, regardless of where they are located on the network. Active Directory is the directory service used by Windows 2000. It is a core new feature of the Windows 2000 operating systems. A directory service consists of two parts—a centralized, hierarchical database that contains information about users and resources on a network, and a service that manages the database and enables users of computers on the network to access the database. In Windows 2000, the database is called the Active Directory data store, or sometimes just the directory. The Active Directory data store contains information about various types of network objects, including printers, shared folders, user accounts, groups, and computers. Windows 2000 Server computers that have a copy of the Active Directory data store, and that run Active Directory are called domain controllers. In a Windows 2000 domain, a read/write copy of the Active Directory data store is physically located on each domain controller in the domain. A domain is a logical grouping of networked computers in which one or more of the computers has shared resources, such as a shared folder or printer, and in which all of the computers share a common Active Directory data store. Q2. What is Domain? How can you connect your system to a Domain in 2000? Ans. In Windows 2000, a domain is a collection of computers on a network, sharing common information. The network administrator creates one user account for each user in a domain. Your user account gives you access to all of the domain resources (such as files and printers) for which you have permissions. The administrator must also create a computer account for each computer participating in a domain. You can specify a domain during or after Setup. The following procedure describes how to join a domain after you've installed Windows 2000. To specify the domain for your computer account 1. Log on to Windows 2000 as an administrator or as a user with administrator rights. 2. Right-click My Computer, and then click Properties. 3. Click the Network Identification tab, and then click Properties. 4. Click Domain, type the name of the domain to which your computer belongs, and then click OK. If you don't know the domain name, contact your network administrator. 5. When prompted for Domain Username and Password, type your user name and password, and then click OK. 43 Q3. What is VPN ? How we create VPN connection ? Ans. The extension of a private network that encompasses encapsulated, encrypted, and authenticated links across shared or public networks. VPN connections can provide remote access and routed connections to private networks over the Internet. Virtual private network is also called VPN. To make a virtual private network (VPN) connection Open Network and Dial-up Connections Double-click Make New Connection, and then click Next. Click Connect to a private network through the Internet, and click Next. If you have already established a dial-up connection, do one of the following: If you need to establish a connection with your ISP or some other network before tunneling to your destination computer or network, click Automatically dial this initial connection, click a connection in the list, and then click Next. If you do not want to automatically dial an initial connection, click Do not dial the initial connection, and then click Next. Type the host name or IP address of the computer or network to which you are connecting, and then click Next. Do one of the following: If you want this connection to be made available to all users on your network, click For all users, and then click Next. If you want to reserve the connection for your own use, click Only for myself, and then click Next. If you want to let other computers access resources through this dial-up connection, select the Enable Internet connection sharing for this connection check box, and then click Next. Type a name for the connection, and then click Finish. Q4. Explain profile ? and short note on a) Mandatory profile b) Local user profile c) Roaming profile Ans. A user profile defines customized desktop environments, which include individual display settings, network and printer connections, and other specified settings. You or your system administrator may define your desktop environment. Types of user profiles include: A local user profile, which is created the first time you log on to a computer and is stored on a computer's local hard disk. Any changes made to your local user profile will be specific to the computer in which you made the changes. A roaming user profile, which is created by your system administrator and is stored on a server. This profile is available every time you log on to any computer on the network. Any changes made to your roaming user profile will be updated on the server. A mandatory user profile, which is a roaming profiles that can be used to specify particular settings for individuals or an entire group of users. Only system administrators can make changes to mandatory user profiles. Q5. Write the steps for creating a new user in win2kpro? Ans. To add a new user to the computer Open Users and Passwords in Control Panel. 1. Click Add. 2. Follow the instructions on the screen. You must be logged on as an administrator or a member of the Administrators group to use Users and Passwords. To open a Control Panel item, click Start, point to Settings, click Control Panel, and then double-click the appropriate icon. If the computer is part of a domain, Add New User gives an existing domain user permission to use the computer. If the computer is not part of a domain, Add New User creates a new local user. If the computer is part of a domain, you can only add existing domain users with Users and Passwords. To add a new local user, click the Advanced tab and then click the Advanced button. In Local Users and Groups, click Users, click Action, and then click Create User. 44 You should not add a new user to the Administrators group unless the user will perform only administrative tasks. Q6. What are the main tasks performed by Administrative Tool? Ans. The following administrative tools appear in both Windows 2000 Professional and Windows 2000 Server: Component Services Used by system administrators to deploy and administer COM+ programs from a graphical user interface, or to automate administrative tasks using a scripting or programming language. Software developers can use Component Services to visually configure routine component and program behavior, such as security and participation in transactions, and to integrate components into COM+ programs. Computer Management Used to manage local or remote computers from a single, consolidated desktop utility. Computer Management combines several Windows 2000 administrative tools into a single console tree, providing easy access to a specific computer's administrative properties. Data Sources (ODBC) Open Database Connectivity (ODBC) is a programming interface that enables programs to access data in database management systems that use Structured Query Language (SQL) as a data access standard. Event Viewer Used to view and manage logs of system, program, and security events on your computer. Event Viewer gathers information about hardware and software problems, and monitors Windows 2000 security events. Local Security Policy Used to configure security settings for the local computer. These settings include the Password policy, Account Lockout policy, Audit policy, IP Security policy, user rights assignments, recovery agents for encrypted data, and other security options. Local Security Policy is only available on Windows 2000 computers that are not domain controllers. If the computer is a member of a domain, these settings may be overridden by policies received from the domain. Performance Used to collect and view real-time data about memory, disk, processor, network, and other activity in a graph, histogram, or report form. For more information, see Using Performance. Services Used to manage the services on your computer, set recovery actions to take place if a service fails, and create custom names and descriptions for services so that you can easily identify them. Q7. What are environment variables ? Explain. Ans. . Environment variables are strings that contain information such as drive, path, or file name. Environment variables control the behavior of various programs. For example, the TEMP environment variable specifies the location where programs place temporary files. Any user can add, modify, or remove a user environment variable. However, only an Administrator can add, modify, or remove a system environment variable. Using System in Control Panel, you can customize the following variables: User environment variables for logged_on_user_name The user environment variables are different for each user of a particular computer. The variables include any that are set by the user, as well as any variables defined by applications, such as the path to the location of the application files. System environment variables Administrators can change or add environment variables that apply to the system, and thus to all users of the system. During installation, Windows 2000 Setup configures the default system variables, such as the path to the Windows 2000 files. Q8. Write a short note on managing device drivers in win 2000? Ans. Device Manager provides you with information about how the hardware on your computer is installed and configured, and how the hardware interacts with your computer's programs. You 45 can also use Device Manager to check the status of your hardware and update device drivers for the hardware installed on your computer. Open Device Manager You must be logged on as an administrator or a member of the Administrators group in order to complete this procedure. If your computer is connected to a network, network policy settings may also prevent you from completing this procedure. To open Device Manager, click Start, point to Settings, and then click Control Panel. Doubleclick System, click the Hardware tab, and then click Device Manager. Q9. Write a brief note on network access on win2k? Ans. Networking lets you connect your computer to other computers or a private network. When you connect your computer to a network or another computer, you can: Gain access to files and folders on other computers. Let other people gain access to your files and folders. Use printers and other devices that are connected to other computers. Let other people gain access to any printers or devices that are connected to your computer. There are many different ways to connect your computer to another computer or a network. Using Windows 2000, you can connect your computer to: Another computer using a direct cable connection A private network using a modem or an Integrated Services Digital Network (ISDN) adapter or a network adapter card. A network using a virtual private network (VPN) connection. Another computer by having another computer call your computer. Q10. What is shared folder and different shared folder permissions? Ans. A folder on another computer that has been made available for others to use on the network is called shared folder. You can set the following shared folder permissions for files and folders through a shared folder or drive. The following table shows shared folder permissions and the actions on shared folders available to users for each permission. Action Full Control Change Read Viewing file names and subfolder names x x x Traversing to subfolders x x x Viewing data in files and running programs x x x Adding files and subfolders to the shared folder x x Changing data in files x x Deleting subfolders and files x x Changing permissions (NTFS only) x Taking ownership (NTFS only) Q11. What is EFS explain it and how we can encrypt a document in win2k? Ans. Windows 2000 file system that enables users to encrypt files and folders on an NTFS volume disk to keep them safe from access by intruders. Encrypting file system is also called EFS. In Windows Explorer, right-click the file or folder that you want to encrypt, and then click Properties. 1. On the General tab, click Advanced. 2. Select the Encrypt contents to secure data check box. Notes When you encrypt a folder, you are asked if you want all files and subfolders within the folder to be encrypted as well. If you choose to do so, all files and subfolders currently in the folder are encrypted, as well as any files and subfolders that are added to the folder in the future. If you choose to encrypt the folder only, all files and subfolders currently in the folder are not encrypted. However, any files and subfolders that are added to the folder in the future are encrypted when they are added. 46 When you encrypt a single file, you are asked if you want to encrypt the folder that contains it as well. If you choose to do so, all files and subfolders that are added to the folder in the future will be encrypted when they are added. Q12. How we install TCP/IP in WIN2k? Ans. To install TCP/IP Open Network and Dial-up Connections 1. Right-click the network connection for which you want to install and enable TCP/IP, and then click Properties. 2. On the General tab (for a local area connection) or the Networking tab (all other connections), if Internet Protocol (TCP/IP) is not in the list of installed components, then do the following: a. Click Install. b. Click Protocol, and then click Add. c. In the Select Network Protocol dialog box, click Internet Protocol (TCP/IP), and then click OK. 3. Verify that the Internet Protocol (TCP/IP) check box is selected, and then click OK. Notes To open Network and Dial-up Connections, click Start, point to Settings, and then click Network and Dial-up Connections. You must be logged on as an administrator or a member of the Administrators group in order to complete this procedure. TCP/IP is installed as the default network protocol if network adapter hardware was detected during Windows 2000 Setup. You only need to follow these instructions if the TCP/IP default selection was overridden during Setup. Q13. What is offline file? Write the various steps to make a file offline? Ans. A state that marks a component in a cluster as unavailable. A node in an offline state is either inactive or not running. Resources and groups also have an offline state. To set up your computer to use Offline Files Open My Computer. 1. On the Tools menu, click Folder Options. 2. On the Offline Files tab, make sure that the Enable Offline Files check box is selected. 3. Select Synchronize all offline files before logging off to get a full synchronization. Leave it unselected for a quick synchronization. Notes To open My Computer, double-click My Computer on your desktop. A full synchronization ensures that you have the most current versions of every network file that has been made available offline. A quick synchronization ensures that you have complete versions of all your offline files, though they may not necessarily be the most current versions. By default, the Enable Offline Files check box is selected in Windows 2000 Professional but is cleared in Windows 2000 Server. Even if your computer is configured to use Offline Files, you must still select the network files and folders that you want to make available offline. To view a list of all of the network files that are available offline, on the Offline Files tab, click View Files. Q14. What are built in accounts in windows 2000 professional? Ans. Built-in User Accounts:- There are two Windows 2000 built-in user accounts: Administrator and Guest. On non-domain controllers, the built-in user accounts are created automatically during the installation of Windows 2000. On a domain controller, the built-in user accounts are created automatically during the installation of Active Directory. The Administrator user account has all of the rights and permissions needed to fully administer a Windows 2000 computer or a Windows 2000 domain. The Administrator account can be used to perform numerous tasks, such as creating and managing users and groups, managing file and folder permissions, and installing and managing printers and printer security. The Administrator account, because of its powerful capabilities, can pose a security risk to your network if a non-authorized user is able to guess the password for the account. For this 47 reason, you should consider renaming the Administrator account. You can’t delete the Administrator account. You also can’t disable the Administrator account, nor can you remove this account from the Administrators local group. Incidentally, it’s the Administrator account’s membership in the Administrators local group that gives the Administrator account all of its rights and permissions. The Guest account, which is disabled by default, is designed to permit limited access to network resources to occasional users who don’t have their own user accounts. For example, a client visiting your office might want to connect a laptop computer to your network in order to print a document. Once the Guest account is enabled, the client can log on using this account. You can specify, in advance, which network resources are available to the Guest account by assigning the appropriate file, folder, and printer permissions to this account. The Guest account does not require a password. You can’t delete the Guest account, but you can rename it. Q15. What strategy should you apply when you create a new user account? Ans. Creating User Accounts Every person who uses the network on a regular basis should have a user account. In order to create local user accounts, you must be a member of either the Administrators or Power Users group on the local computer. In order to create domain user accounts, you must be a member of either the Administrators or Account Operators group in the domain. Naming Conventions When you create user accounts, keep in mind a few simple rules for user names: * User names (which are referred to as user logon names in Active Directory Users and Computers) can be from one to 20 characters long. * User names must be unique. A domain user name can’t be the same as another user, group, or computer name within the domain. * A local user name can’t be the same as another user, group, or computer name within the local computer’s account database. * The following characters may not be used in user names: “/\[]:;|=,+*?<> In addition, a user name can’t consist entirely of spaces or periods. If you have more than a few people in your organization, it’s a good idea to plan your user account naming convention. There are probably as many user account naming schemes as there are network administrators. Sometimes the overall length of a user name is limited to eight characters, so that the name is compatible with MS-DOS directory name limitations. While this eight-character limitation is common, it’s certainly not mandatory, especially on most of today’s networks. A few common naming conventions for user names include: A. The first seven letters of the user’s first name plus the first letter of the user’s last name B. The first letter of the user’s first name plus the first seven letters of the user’s last name C. The user’s initials plus the last four digits of the user’s employee number D. Various hybrid combinations of the preceding schemes In addition to choosing a naming convention, you should have a way to handle exceptions. It’s quite common, for example, for two users to have the same first name and last initial. If your company uses the naming convention described in scheme A, you would need to resolve the potentially duplicate user names for these two employees. You could resolve the problem by assigning Mike Smith the user name of MikeS (assuming he was hired before Mike Sutherland), and assigning Mike Sutherland the user name of MikeSu. Passwords:-We know that using passwords protects the security of the network, because only authorized users can log on. When user accounts are created, you should have a plan for managing passwords. When users maintain their own passwords, it’s a good idea to remind them of a few password security basics: * Don’t use your own name or the name of a family member or pet as a password. (This is a common security loophole in most networks.) * Never tell your password to anyone. 48 Don’t write your password on a sticky note and then stick it on your monitor. Other notso-hot places to store your password are on or under your keyboard; in your top desk drawer; in your Rolodex; or in your briefcase, wallet, or purse. * Use a sufficiently long password. I recommend using eight or more characters in a password. The longer the password, the more difficult it is to guess. * Use a mix of uppercase and lowercase letters, numbers, and special characters. Remember, passwords are case-sensitive. * If passwords are required to be changed regularly, don’t use the same password with an incremental number at the end, such as Alan01,Alan02,Alan03, and so on. Q16. What do you mean by domain user accounts and local user accounts? Write steps to create local user accounts. Ans. There are two kinds of user accounts: local user accounts and domain user accounts. Local user accounts enable users to log on to the local computer and to access that computer’s resources. Domain user accounts enable users to log on to the domain and to access resources in the domain. In order to create local user accounts, you must be a member of either the Administrators or Power Users group on the local computer. In order to create domain user accounts, you must be a member of either the Administrators or Account Operators group in the domain. * CREATING A LOCAL USER ACCOUNT 1. From the desktop, right-click My Computer, and select Manage from the menu that appears. 2. In the Computer Management dialog box, click the + next to Local Users and Groups. Highlight the Users folder, and select ActionNew User. 3. The New User dialog box appears. Notice that by default the new user must change his or her password when he or she first logs on. Enter the user name, the person’s full name (this entry is optional), description (this could be a department, location, or job title — it is also optional) and password (also optional). Confirm the password by retyping it. Accept the default selection of “User must change password at next logon” if you want the user to choose and enter a new password the first time the user logs on. If you don’t want the user to change his or her password the first time the user logs on, clear this check box. If the “User must change password at next logon” check box is cleared, two additional check boxes become available. Select the “User cannot change password” check box if you — the network administrator — want to manage and assign user passwords. Select the “Password never expires” check box if you are configuring a user account for a Windows 2000 service to use when it logs on. Select the check box next to “Account is disabled” if you are creating a user template. Click Create. 4. The New User dialog box reappears. Add additional users as necessary. When you are finished adding users, click Close. 5. The new user(s) is created, and appears in the right pane of the Computer Management dialog box. Q17. Write steps to create Domain user accounts. Ans. Creating Domain User Accounts To create domain user accounts in Active Directory, use Active Directory Users and Computers, as explained in the following steps. CREATING A DOMAIN USER ACCOUNT 1. Start Active Directory Users and Computers. (Select StartProgramsAdministrative ToolsActive Directory Users and Computers.) 2. In the left pane of the Active Directory Users and Computers dialog box, click the + next to the name of the domain in which you want to create a domain user account. Notice the Users folder in the domain tree. This folder is the default container in which Windows 2000 places all users and many of the groups that it automatically creates when Active Directory is installed. If you have a relatively small organization, you may want to place your administrator-created user accounts in the Users folder, too, so that 49 you can easily locate and administer all user accounts. Or, if you have a large organization and use organizational units (OUs) to administer groups of users, you can place each newly created user in the appropriate OU. Highlight the Users folder or the OU in which you want to create a domain user account, and select ActionNewUser. 3. The New Object - User dialog box appears, Enter the first name, middle initial, and last name of the new user in the appropriate text boxes. Windows 2000 automatically displays the full name based on the information you entered. Enter a user logon name — this is the user name. Click Next. 4. The next New Object - User dialog box appears. Enter the password for the new user account, and confirm the password by retyping it. (Entering a password is optional.) There are four check boxes that can be selected in this dialog box, none of which are selected by default: User must change password at next logon: Select this check box if you want the user to choose and enter a new password the first time the user logs on. User cannot change password: Select this check box if you — the network administrator — want to manage and assign user passwords. Password never expires: Select this check box if you are configuring a user account for a Windows 2000 service to use when it logs on. Account is disabled: Select this check box if you are creating a user template. Make the appropriate configurations in this dialog box, and then click Next. 5. In the next New Object - User dialog box, click Finish. 6. Windows 2000 creates the new user account, and displays it in the right pane of the Active Directory Users and Computers dialog box. Q18. What is group policy? What types of settings can be set through group policies? Ans. Group Policy is a brand new Windows 2000 feature. Group Policy is a policy that contains rules and settings that are applied to Windows 2000 computers, their users, or both, that are located in a specific part of Active Directory. Group Policy can only be used to manage Windows 2000 computers on a network (and the users of those computers). If you have other Windows based client computers, such as Windows NT 4.0, Windows 95, or Windows 98 computers, you can only manage those computers (and their users) by using System Policy. By using Group Policy, an Administrator can specify and manage a number of user and computer settings, including: Settings that manage user environments: You can specify a user’s desktop settings, such as wallpaper and Active Desktop settings. You can also configure the items that appear in a user’s Start menu, and several other user and computer settings that affect a user’s environment. Settings that manage scripts: You can configure user logon and logoff scripts, and computer startup and shutdown scripts. Settings that manage security: You can specify security settings, such as account policies, local policies, event log settings, and so on. Settings that redirect folders: You can cause folders in a user’s profile to be redirected to a shared folder on a network server. Settings that manage software deployment: You can specify an application that will be automatically installed on a computer when the computer starts, or automatically installed when a user opens a file with an extension associated with that application. You can manage the deployment of multiple applications by using Group Policy. Group Policy is typically implemented in Active Directory. However, Group Policy can be implemented directly on the local computer. When implemented on the local computer, Group Policy is called Local Group Policy. Local Group Policy consists of a series of files and folders that are automatically created during the installation of Windows 2000 on the local computer. Local Group Policy files and folders are stored in the SystemRoot\ System32\GroupPolicy folder. Local Group Policy applies to the local computer, and to users that log on to the local computer. Group Policy consists of two components: an Active Directory object, called a Group Policy object (GPO), and a series of files and folders that are automatically created when the GPO is created. Group Policy files and folders are stored in the 50 Q19. Ans. Q20. Ans. SystemRoot\SYSVOL\sysvol\domain_name\ Policies folder on domain controllers in a Windows 2000 domain. Each GPO is associated with a specific Active Directory container, such as a site, a domain, or an organizational unit (OU). Group Policy applies to computers, users, or both, that are contained within the site, domain, or OU with which the GPO is associated. An Active Directory container may have more than one GPO associated with it. How group policies are created? Write steps to create group policy? Creating Group Policy Objects in Active Directory You can use several tools to create Group Policy objects (GPOs) in Active Directory. The specific tool used generally depends on what type of container (site, domain, or OU) will be associated with the GPO. To create a GPO associated with a site, use Active Directory Sites and Services (StartProgramsAdministrative Tools Active Directory Sites and Services). To create a GPO associated with a domain or OU, use Active Directory Users and Computers (StartProgramsAdministrative ToolsActive Directory Users and Computers). You can also use the Group Policy snap-in to the MMC to create and manage GPOs. You must have the Read, Write, and Create All Child Objects Active Directory permissions to the container (site, domain, or OU) in order to create a GPO that will be associated with that container. If you’re a member of the Enterprise Admins group, or a member of the domain’s Administrators or Domain Admins groups, you have the necessary permissions to create GPOs. CREATING A NEW GROUP POLICY OBJECT 1. From the desktop, select StartProgramsAdministrative ToolsActive Directory Users and Computers. 2. The Active Directory Users and Computers dialog box appears. In the left pane, expand domains and OUs as necessary until the domain or OU for which you want to create a GPO is displayed in the left pane. Highlight the domain or OU, then select ActionProperties. (You can also right-click the domain or OU and select Properties from the menu that appears.) 3. In the domain or OU’s Properties dialog box, click the Group Policy tab. 4. The Group Policy tab is displayed. Notice that by default, this OU does not have a GPO associated with it. Also notice the “Block Policy inheritance” check box. To create a new GPO, click New. 5. The “New Group Policy Object” appears in the Group Policy Object Links column. To rename this new GPO, type in a new name and press Enter. 6. To create additional GPOs, repeat Step 5. 7. When you’re finished creating a GPO, you can configure its properties, or you can click Close. 8. Close Active Directory Users and Computers. What do you mean by OU? Write steps to create and configure OU. An organizational unit (OU) is a type of Active Directory object. OUs, which are sometimes called container objects, are specifically designed to contain objects and other organizational units from their own domain. OUs help you organize the structure of Active Directory in much the same way that folders help you organize a file system. You should plan your OU structure before you begin creating OUs. The whole purpose of OUs is to make network administration simpler. Creating OUs Before you can create OUs, you must install Active Directory and create an Active Directory domain that will contain the OUs you create. OUs are created by using Active Directory Users and Computers. CREATING AN OU 1. Start Active Directory Users and Computers. (Select StartProgramsAdministrative ToolsActive Directory Users and Computers.) 2. In the left pane of the Active Directory Users and Computers dialog box, either highlight the domain in which you want to create an OU, or expand the domain and highlight the OU in which you want to create an OU. Then select Action NewOrganizational Unit. 51 3. In the New Object - Organizational Unit dialog box, type the name you want to assign to the new OU. I recommend that you choose a name that intuitively describes the objects that will be contained in this OU (such as “Accounting Users” for an OU that contains only users who are part of your company’s accounting department). Click OK. 4. The new OU appears in the right pane of the Active Directory Users and Computers dialog box. Configuring OU Properties After you’ve created an OU, you may want to configure its properties. Specifically, you can configure a general description of the OU, specify a user account that is responsible for managing the OU, and configure Group Policy for the OU CONFIGURING AN OU 1. Start Active Directory Users and Computers. (Select Start Programs Administrative Tools Active Directory Users and Computers.) 2. In the left pane of the Active Directory Users and Computers dialog box, click the + next to the domain that contains the OU you want to configure. If the OU you want to configure is displayed in the tree, highlight it. If the OU you want to configure is not listed in the tree, click the + next to the OU that contains the OU you want to configure. Then, highlight the OU you want to configure. Select Action Properties. 3. The OU’s Properties dialog box appears. There are three tabs in this dialog box: General, Managed By, and Group Policy. Configurations on all three of these tabs are optional. On the General tab, type any descriptive text you want to enter about the OU. You can enter a general description of the OU and specify a complete geographic address for the OU. Microsoft included this tab because OUs are often based on a physical management location, such as a building, a specific floor of a building, or an office in a specific city. Click the Managed By tab. 4. On the Managed By tab, you can specify the user account that is responsible for managing this OU. To specify a user account, click Change, and select the appropriate user from the list that appears. You can also specify additional contact information about the user you specified if this information is not displayed automatically. To do this, click View, fill in the appropriate information in the user’s Properties dialog box, then click OK. 5. To configure Group Policy for the OU, click the Group Policy tab and make the necessary configurations. Click OK. Q21. Briefly explain the security subsystem of windows 2000 with ADS. Ans. Active directory is a subcomponent of the LSA, which is in turn a subcomponent of the security subsystem. The LSA is a protected module that maintains the security of the local local computer. It ensures that users have system access permissions. The LSA has four primary functions: To generate tokens that contain user and group information, as well as the security privileges for a particular user To manage the local security policy To provide the interactive processes for user logon To manage auditing The LSA itself is made up of various components, each of which is responsible for a specific function as shown below NTLM SSL Kerberos Secur32.dll NETLOGON Service LSA Server Service 52 LSA Components Netlogon.dll - Maintains the secure connection to a domain controller. It passes the user’s credentials to a domain controller and returns the domain security identifiers and user rights for that user. Msv1_0.dll – The windows NT LAN Manager (NTLM) authentication protocol. Schannel.dll – The secure socket layer (SSL) authentication protocol. Kerberos.dll – The Kerberos v5 authentication protocol. Lsasrv.dll – The LSA server service, which enforces security policies. Samsrv.dll – The Security Accounts Manager (SAM), which enforces stored policies. Ntdsa.dll – The directory service module, which supports LDAP queries and manages partitions of data. Secur32.dll – The multiple authentication provider, which manages the rest of the components. 53