Visit
http://www.LearnQuick.ComToday I took and passed Enterprise. It was adaptive- my score was 791 - 560 was required to pass. Below are the notes I created based on the requirements. I read new riders, dummies, o'reilly mcse, used trans*** and the dumps here. On this exam the dumps did not help as much as in the past - i do not think I could have passed server the first time without the brain dump. Good luck!
This certification exam measures your ability to implement, administer, and troubleshoot information systems that incorporate Windows NT Server version 4.0 in an enterprise-computing environment.
An enterprise computing environment is typically a heterogeneous WAN. It might include multiple servers and multiple domains, and it might run sophisticated server applications. Before taking the exam, you should be proficient in the following job skills.
Planning:
Plan the implementation of a directory services architecture.
Considerations include:
Selecting the appropriate domain model
Directory Services means: one user, one account. Universal resource access. Central admin.
Directory synchronization.
BDC- recommends one bdc for every 2000 authenticating users in all domain models
Single domain model- all users and groups in one domain. It is easy to install. Centralized admin.
Resources can be managed from one location. No trusts. It can handle a theoretical limit of 40,000 accounts- a max of 40mg Sam. The recommended (25,000 in dum- 20,000 in nr, 20,000- they all agree it is less that 40,000 26,000 is on one of the exams) no departmental admin controls can be assigned. Browsing is slow if there is a large number of computers
Single - Master Domain- same user limitations as single domain.
Centralized admin- but now resources can admin themselves. Admin or resources can be shared. Each resources can have an admin. The trust is easy each resource domain trusts the master.
Allows for one user, one account. Master holds global groups.-
Limitations include- local groups must be defined in each domain (master and resource)- the max users is still 40,000 and well below 20,000 should be used. Resource domains have no control over global groups. Good for across WAN.
Multiple-Master Domain Model- good for big company. It is scaleable to required number of users (more than 20 or 40 thousand.) Distributed resources administration.
East Master can have an admin or the masters can be grouped for centralized admin. Limitations are- complex trusts. User accounts are distributed across multiple masters. Global groups may have to be defined a number of times.
there are two one way trusts between each master and one between each master and each resource.
The equation is master * (master-1) + resource * master = trusts
(the global groups may have to be defined a number of times because global groups can hold accounts from their domain only)
Complete- trust- rarely used. Hard to administer. No central admin.
Each domain controls its resources. NumberofDomains * (NumberofDomains 1) Number f trusts needed to make complete trust. Not realistic for more than 3 or 4 domains.
Supporting a single logon account
Allowing users to access resources in different domains:
Accounts are defined in PDC (master or other) and are put into Global
Groups (all accounts in global groups MUST BE from the same domain). Global Groups can cross trusts.
They should have no permissions granted to them. They are placed in Local Groups (in the same domain or other) and then granted Permissions. If you have multiple master PDCs you must (may) create duplicate Global Groups to grant users from different domains the same permission in the Local Groups.
Member servers must define their own Local Groups. Other resources can have all groups defined from any trusted domain PDC. (in user manager select domain then add user or group)
Plan the disk drive configuration for various requirements.
Requirements include choosing a fault-tolerance method. Mirroring, duplexing and raid 5 disk striping with parity. Volume set, disk striping without parity (nneds only 2 disks)
Choose a protocol for various situations. Configure protocols and protocol bindings. include:
TCP/IP connecting to internet
TCP/IP with WINS and
DHCP - DHCP uses DHCP Manager. Can maintain all DHCP servers from central location. A SCOPE is IPs are used. (range) name scope. Specify lease time/
Created in JET format- (MS Access) is stored in \winnt\system32\dhcp dir. To back up using jet type: JETPACK DHCP.mbd
c:\backup.dir\dhcp.mbd then restart dhcp service.
DHCP relay agent allows a multihomed
WINS- see wins section below
NWLink IPX/SPX Compatible Transport Protocol
Data Link Control (DLC)
AppleTalk see services for mac below
Installation and Configuration:
Install Windows NT Server to perform various server roles. Server roles include:
Primary domain controller - account Backup domain controller resource helps with authentication
Member server- resource- application etc- local groups must be defined on them individually.
Configure Windows NT Server core services. Services include:
Directory Replicator is part of SERVER Services.helps maintain logon and profiles and same for users. PDC is export server and import server receives all changes to files. Needs a service account to use. The account should be a member of backup op and replicators groups. Default export dir is /winnt/system32/repl/export. Script default for NETLOGON are found in /winnt\system32\repl\import\scripts. NT Servers can export. WKSTN or NT Server can import. The default sync is every 5 minutes. You can force through Server manager.
It can be full or partial replication. BDC requests replication sync. To change replication time you must edit the registry.
You change the PulseConcurrency values and Pulse in reg key: Increase PULSE to decrease traffic H_KEY_LOCAL_MACHINE\system\currentcontrolset\service\netlogon\parameters PULSE setting is REG_DWORD- defines pulse frequency (how often) every two hours regardless.
Can be set fro 60 to 3,600 seconds.
PulseConcurrency- is also REG_DWORD- define max simultaneous pulses.
Increasing - increases the load on pdc. The default value is 20 and can range between 1 to 500 decreasing - lowers the frequency of replication.
ReplicationGovenor- defines how often bdc responds to pdc sync announcement. And how much data is exchanged. The value is a percentage from 0 to 100. 100 is the default. This helps with lowering WAN traffic. ReplicationGovernor should not be set below 25.
Computer Browser installed in services tab of network option. To allow browser edit Registry. In Hkey_Local_Machine\system\currentcontrolset\services\browser\paramaters\maintainserverlist Three possible values- YES to become a browser service makes you either master or backup browser default in dcs. NO- never participates in browser service and AUTO- potential browser wkstn and server default. To maintain Browser list over WAN and subnets- You can Implement WINS, Use LMHOSTS, configure Router to forward through UDP port 137.
Wins- is a dynamic database which monitors and maintains netbios broadcast name management.
Allows for central admin. Eliminates need for LMHost file (which is static text file admin must make and put in each machine- updating manually) It decreases broadcast traffic. Can be used with remote clients.
WINS can be referred to by DNS to resolve host names and avoid creation of static mappings for all hosts in DNS. WINS Server is designated in Network Control, TCP/IP properties. Contains info on IP to NetBios name. TTL = time to live or time in which netbios name must renew. Default name time is 96 hours. (4 days) You should have one primary and secondary wins server for every 10,000 clients. WINS packets can cross Networks (routable) Needs Nt Server 3.51 or higher. Must have static IP, default gateway info and subnet mask. Add service through Services in Network Control Panel. Must add wins server to wins manager. Configured in wins manager.
Uses PUSH and PULL. Pulls info from replicating wins server. PUSH determines if pull partner is notified of changes Two methods of push and pull- set up predetermined amount of time- to update whenever there is a change. Push partner forces info to Pull partner.
Pull sends requests from time to time. Across WAN link should be the PULL partner. This way you can control traffic keep at off hours. WAN PULL LAN Push Pull ---Auto back up every three hours. 2 ways to restore backed up db- use win manager and or manually move db.Can add static mappings. reserves name you can create these kinds of mappings: Unique permits only one address per name. Group- a normal group doesnt have an ip address stored for the computers in the group. A normal group is used for broadcasts and browsing. Internet Group- can have as many as 25 primary and back up domain controllers- used to dcs tp communicate with each other. Multi-homed- can have up to 25 addresses used for multi-homed systems. When statically mapped you see 3 entries one for netbios, redirector messenger and server. Microsoft recommends compacting when reached 30mbs in size.
JETPACK- is the compactor tool must stop wins sever before compaction IS SAME UTILTIY FOR DHCP- syntax is: jetpack databasename temp databasename
You can include UNIX and non-Microsoft machines by giving a static mapping,. OR you can install wins proxy on the subnet with the "non-clients" b-node broadcasts cannot pass through routers. Win Proxy listens for broadcast and reports it to WIN server. It only works on one subnet .so you may bee win proxy on each subnet of "non-clients" Permissible clients are any NT, 95, workgroups 3.1 w) tcp/ip and ms dos net client 3.0 or higher plus Lanmanager 2.2 or higher.
Wins for DHCP enabled clients0 require 044 WINS/NETBIOS Name Service Servers and 046
WINS/BT Node Type OR add wins server in tcp/ip properties.
Configure hard disks to meet various requirements. Requirements include: Providing redundancy Improving performance
To monitor disk performance must turn on diskperf y tool. it turns on monitoring counters.
%disk Time percent of disk busy time
Ave. Disk Queue Length- ave numb of waiting ops
Current Disk Queue Length- num of ops waiting now
Ave. Disk/Sec Transfer average data transfer time in seconds
Disk Bytes/ Sec how fast bytes are being moved. This is primary measure of throughput Ave Disk/Bytes/Transfer measure of efficiency
Disk Transfer/ Sec how quickly transfers are serviced
Abottle neck occurs if regular activity is 85 percent or higher. Also if disk ques are greater than 2 while paging is less than 5 per sec.- Usually adding ram solves problems from paging
Mirroring and Duplexing have moderate read/write times write time slower with mirror
Disk Striping with Parity increased write performance. Needs more memory
Configure printers. Tasks include:
Adding and configuring a printer add printer wizard
Implementing a printer pool devices must be on same server and use same driver
Setting print priorities 1 is lowest 99 is highest
Configure a Windows NT Server computer for various types of client computers.
Client computer types include: Windows NT Workstation Windows® 95
Network Client Adminstrator - make startup disk for net install of os, make disk set- for networking tools on sys with Os
Macintosh® - services for Macintosh installs AppleTalk. Mac can access special volumes on NTFS for Macs only. Can share printing on nt and within AppleTalk zone.
Can Install Admin tools on other OS- for 95 event viewer, server manager and user manager for domain
On NT Workstation- dhcp manager, event viewer, RAS admin, remote reboot, server manager, services for Mac, user manager for domains, WINS manager, and USER profile Editor.
Administer remote servers from various types of client computers.
Client computer types include:
Windows 95 Windows NT Workstation see configure clients
Manage disk resources. Tasks include: Creating and sharing resources server manager
Implementing permissions and security- right click on item
Establishing file auditing- go to securities tab on file or folder of object to be audited. Replace auditing on subdirectories and replace auditing on existing file check boxes. Select the user or groups to audit- add names. Select the events you wish to audit. (this
process is the same to audit
printers---for policies do this from user manager for domains s and
select policies audit and audit
these events) audit logs are saved in the system and security logs and
can be viewed with the event
viewer. Can monitor success or failure if following events:
Logon and off
File and object access
Use of user rights
User and group management
Security policy changes
Restart, shutdown and system
Process tracking.
Connectivity
Configure Windows NT Server for interoperability with NetWare servers
by using various tools.
Tools include:
Gateway Service for NetWare lets NT server and machines using NT
server access NetWare file
and print services. Dont need to add software to clients for them to
access NetWare. NWLink must
be on system.
Migration Tool for NetWare you can not migrate passwords. The only
way around is to USE a
mapping file. Can not migrate workgroup and user account managers,
NetWare logon scripts and
print and que info.
Uses nwconv.exe. If it tuns into identical user names the default is
to skip the account and stop
migrating. After migration must replace NetWare redirectors with
Microsoft redirectors.
FPNW- File and Print Services for NetWare.- allows NetWare users to
access NT resources.- no
additional client software is needed. This is an add on service
additional cost.
DSMN- Directory Service for NetWare
CSNW- only on Workstation. Allows access NetWare in conjunction with
nwlink.
Install and configure multiprotocol routing to serve various
functions. Functions include: good for
small to mid sized networks. You need NT server & 2 nics, ENABLE IP
FORwarding. Create A
static routing table for entries to remote networks the nics are nto
attached to.- may optionally create
a ROUTE entry so the router can exhange info with other routers.
Internet router multi-homed nt machine- unique ips on each nic.
BOOTP/DHCP Relay Agent dhcp is not designed to cross routers- so you
need to have a dhcp
router on each subnet OR bootp/ dhcp agent installed on remote subnet
forwards request for dhcp
info to dhcp server. Some routers do not support BOOTP
IPX router - dynamically exchange route info- broadcast s routing info
to other routers. Using SAP
(Server Advertising Protocol) Agent need to periodically broadcast.
you dont always need sap for
ipx routing only if an app requires it. Installed by default
RIP for TCP/IP- dynamically exchange route info- broadcast s routing
info to other routers. Using
SAP (Server Advertising Protocol) Agent
Troubleshooting Routing Problems: use ROUTE PRINT command shows
routes. IF it has a
METRIC of 2 the route was found dynamically from another router. Check
the default gateway.
Install and configure Internet Information Server. Services include:
add from network control panel,
services. Installs Internet Service Manager Which- allows the stop,
start and pause of highlighted
service. You must specify tcp port- defaults are:
World Wide Web 80, ftp 21 and gopher is 70
Can designate a PASSWORD for access to the server. Can make a path to
another machine and
DIRECTORY accessible using UNC. Can Create HOME directory which will
act as root for the
service. To create a VIRTUAL Directory create and alias within the
service root.
ENABLE DEFAULT DOCUMENT- make the default page index (whatever
designated
DIRECTORY Browser Access- allows you to see the dir structure if the
default document is not
found if enabled.
ACOUNT INFO is required if you will be going to another machine on
network
ACCESS- determines is you have read, write .must agree with NTFS
permissions
Can LOG visits
Advanced PROPERTIES- TAB- allows you to control access and bandwidth
used
GRANTED ACCESS, DENIED ACCESS-controls who can visit the site
EXCEPT THOSE LISTED- works well in conjunction to above. Can make
access list using a list of
approved IPS
Limit Network Usage- allows you designate the allowable bandwidth to
be used and number of
attaching users.
DNS static database for ip to fully qualified domain name
resolution- can work with wins to
resolve hosts- is like HOSTS file.
Intranet
Install and configure Remote Access Service (RAS). Configuration
options include:
Configuring RAS communications check box to require data encryption
Configuring RAS protocols NetBEUI ipx/spx and tcp/ip
Configuring RAS security callback, encrypted password
Managing Resources
Manage user and group accounts. Considerations include:
Managing Windows NT user accounts Managing Windows NT groups- see
directory services
Managing Windows NT user rights from User Manager. Can designate
path to profile. Rights are
assigned to groups or users. Like access this computer from the
network(admin, power users and
everyone), backup(admin and backup op), change system time(admin and
power users), load and
unload device drivers(admin), manage and audit security log(admin),
restore files and
directories(admin and backup), shutdown (all), take ownership (admin)
Administering account policies -
Create and manage policies and profiles for various situations.
Policies and profiles include:
Local user profiles specifics of users working environment. System
policies control user
environments. User managers is where they are created. Policy editor
makes Policies. Allows ad min
to control access to resource
Roaming user profiles good on any machine saved in share on pdc
changeable by user
System policies- many of the same settings as user profile but
strictly controlled by admin. Can
prevent users from changing settings and restrict applications.
POLICIES override USER Profile
settings.
User Policies are kept in HKEY_LOCAL_USER key.
control panel allows you to restrict display control panel o hide it,
Desktop allows mandatory
wallpaper and schemes.
Shell relates to startup menu and explorer can disable run and find
commands. Hide drive letters and
restrict net neighborhood items, disable shutdown and prevent shell
settings from being saved.
System allows you to disable regedit access, specify a list of
allowable applications.
NT Shell- enforces locations for start menu and contents, program
folders and net neighborhood and
other system folders
WindowsNTSystem, include environment variables defined in dos
autoexec.bat and options relating
to logon scripts.
Computer Policies- effect a specific machine. Kept in
HKEY_LOCAL_MACHINE start at boot
time.
Policies are created in System Policy Editor.
Network policy is added every time they logon,
System uses SNMP allows you to run specific applications.,
Windows NT Network determines if hidden shares are created.
NT Printers, options for printing and spooling,
Remote access- security. Shell- specify shared dirs for program
folders and desktop icons, User
Profiles- can force deletion of former user to be deleted at logout.
Auditing changes to the user account database User
Manager>Policies>Audit>check box User
and Group Management and check box for success and failure
Monitoring and Optimization
Establish a baseline for measuring system performance. Tasks include
creating a database of
measurement data. Use should monitor disk objects, memory objects,
processor objects and
network protocol objects to get a baseline. You can use save to log
and later can create a report to
view baseline.
Processor bottle neck id: processor object %processor time over
85;System object: processor
queue length is often greater than 2; memory objects
Monitor performance of various functions by using Performance Monitor.
Functions include:
Processor Memory Disk Network processor object %processor
time how often busy,
%User Time- how often users have control of processor; %priveledge
time os using processor.
Memory
OBJECT COUNTER DESCRIPTION
Memory Available Bytes Virtual
memory available for system use
< 4MB indicates a need for more RAM
Memory Pages/sec Number of
pages being written between
physical memory and paging file.
This number should be below 20.
Memory Committed Bytes Memory that is allocated and
currently being
used by applications. Should be less that the physical memory
installed on your computer.
CPU
OBJECT COUNTER DESCRIPTION
System %ProcessorTime If consistently at
or above 80%, consider upgrading
the
processor.
System Processor Queue Length Consistent processor
length > 2, the processor causing
a
problem.
Disk Access
OBJECT COUNTER
DESCRIPTION
Physical Disk %Disk Time
If Over 90% then disk is the
bottleneck
Physical Disk Current Disk Queue length
If Over 2 then disk is the bottleneck
Logical Disk Avg. Disk sec/Transfer
Network Access
OBJECT COUNTER
DESCRIPTION
Network Segment %Network Utilization
Should below 40% in Ethernet
Should below 80% in Token
Ring
Monitor network traffic by using Network monitor. Tasks include:
Two Tools-
Agent which runs at client computers and monitors their status and
Manager - which polls clients and summarizes data.
Collecting data
Capture data- 3 ways- capture >start start capture toolbar F10
Stop Capture- 4ways- capture>stop stop capture toolbar F11 stop>view
Display-3ways-capture>display cap. data display cap. Data toolbar F12
Presenting data -3 windows- summary detail hexidecimal
Filtering data
Identify performance bottlenecks.
Optimize performance for various results. Results include:
Controlling network traffic
Controlling server load
Troubleshooting
Choose the appropriate course of action to take to resolve
installation failures.
Choose the appropriate course of action to take to resolve boot
failures.
Choose the appropriate course of action to take to resolve
configuration errors. Tasks include:
Backing up and restoring the registry rdisk /s checkbox on
ntbackup, regback, regrest (resoucre
kit tools- for live restorations) canback up rvia regedit32 restore
key through registry editor although
not optimal.
Editing the registry - regedit regedit32
Choose the appropriate course of action to take to resolve printer
problems.
Choose the appropriate course of action to take to resolve RAS
problems.
Choose the appropriate course of action to take to resolve
connectivity problems.
Choose the appropriate course of action to take to resolve resource
access and permission
problems.
Choose the appropriate course of action to take to resolve
fault-tolerance failures.
Fault-tolerance methods include: Tape backup- restore Mirroring
break and recreate
Stripe set with parity- one disk regenerate 2 restore from tape after
recreation
Perform advanced problem resolution. Tasks include: Diagnosing and
interpreting a blue screen
Configuring a memory dump- in startup shutdown menu BEFORE blue
screen, go to my
computer>startup/shutdown>recovery>write debugging information to
check box
Memory dump Is size of physical ram. Must be room on hd
Dumpchk- checks order lists i/o and errors
Dumpexam utility examines.- creates text file. need imagehlp.dll
conatins same info as blue screen
Dumpflop- backs the dump to a series of floppies to be sent out
Using the Event Log service