Complete-Terms.doc

7/27/2019 Complete-Terms.doc

1/44

Active Directory Preparation Tool (adprep.exe)

What does ADPrep.exe do?Adprep.exe is a command-line tool used to prepare a Microsoft Windows 2000 forest or aWindows 2000 domain for the installation of Windows Server 2003 domain controllers.

Who does this feature apply to?The changes in ADPrep.exe for Windows Server 2003 Service Pack 1 will be of interest to:IT professionals who support Active Directory, such as Active Directory administrators, ActiveDirectory Schema administrators, Domain Name System (DNS) administrators, and domaincontroller administrators.Help desk professionals.Application developers.System integrators.

What new functionality is added to this feature in Windows Server 2003 Service Pack 1?Adprep.exe enhancement to detect conflicting Exchange Server schema objects

Detailed description

When Microsoft Exchange Server is deployed in an organization, Exchange Server uses ActiveDirectory as a data store and it extends the Windows 2000 Active Directory schema to enable itto store objects specific to Exchange Server. The ldapDisplayName of the attribute schemams-Exch-Assistant-Name, ms-Exch-LabeledURI and ms-Exch-House-Identifier defined byExchange Server conflicts with the iNetOrgPerson schema that Active Directory uses inWindows Server 2003. When Windows Server 2003 Service Pack 1 is installed, Adprep.exe willbe able to detect the presence of the schema conflict and block the upgrade of the schemauntil the issue has been resolved.

Why is this change important?Upgrading the Active Directory schema from Windows 2000 to Windows 2003 when theseschema objects are present causes the ldapDisplayName to become corrupted and results inissues with Active Directory replication. Fixing the Exchange Server schema objects before the

upgrade occurs results in a much smoother upgrade experience.

If an organization has a large number of files contained in the GPOs or slow links to replicationservers, the FRS synchronization triggered by the /domainprep operation could adversely affectthe deployment schedule for Windows Server 2003. By putting this operation at the discretionof the administrator, the impact of this operation can be planned and scheduled as part of thedeployment.

The deployment of a Windows Server 2003 domain controller can occur after running adprep/forestprep and adprep /domainprep. Resultant Set of Policy (RSoP) functionality will only beoperational after running adprep /domainprep /gpprep.

What works differently?

The Windows 2000 Active Directory schema cannot be upgraded to the Windows Server 2003schema until the required Exchange Server schema objects are fixed. In Windows Server 2003Service Pac 1, Adprep.exe will identify that a conflicting schema object exists, prevent thecorruption of the schema object by blocking the upgrade, and if possible identify which objectsare in conflict so that you can resolve the conflict.

Adprep.exe enhancement to perform SYSVOL operations in a separate step


2/44


In previous versions of Windows Server 2003 running adprep /domainprep resulted in theaddition of an inheritable access control entry (ACE) to all Group Policy objects (GPOs) in theSYSVOL folder. This ACE gives Enterprise domain controllers read access to the GPOs to supportResultant Set of Policy (RSoP) functionality for site base policy. The addition of this ACE is

detected by the file replication service (FRS) and initiates an FRS synchronization of all GPOs inthe SYSVOL folder.

In Windows Server 2003 Service Pack 1, the addition of the ACE to the GPOs in the SYSVOLfolder is not performed while running adprep /domainprep. Instead, a new switch (/gpprep)has been added to adprep to add the inheritable ACE to the GPO folders in the SYSVOLdirectory. This allows administrators to update the ACE of the GPO objects at theirconvenience.

How do I resolve these issues?If Adprep.exe detects the presence of the conflicting Exchange Server schema objects, you canuse the following procedure to fix these objects and enable Adprep.exe to successfully upgradeyour Active Directory schema.

To fix conflicting Exchange Server schema objects

1. Log on to the computer that holds the Schema Operation Master role. By default, the firstdomain controller that you install in your forest is the Schema Operation Master. You must logon using an account that is a member of the Schema Admins security group.

2. Click Start, click Run, type notepad.exe in the Open box, and then click OK.

3. Create the InetOrgPersonPrevent.ldf script by copying the following text including thetrailing hyphen after "schemaUpdateNow: 1" to Notepad:Dn: CN=ms-Exch-Assistant-Name, CN=Schema, CN=Configuration, DC=XChangetype: ModifyReplace: LDAPDisplayName

LDAPDisplayName: msExchAssistantName-Dn: CN=ms-Exch-LabeledURI, CN=Schema, CN=Configuration, DC=XChangetype: ModifyReplace: LDAPDisplayNameLDAPDisplayName: msExchLabeledURI-Dn: CN=ms-Exch-House-Identifier, CN=Schema, CN=Configuration, DC=XChangetype: ModifyReplace: LDAPDisplayNameLDAPDisplayName: msExchHouseIdentifier-Dn:

Changetype: ModifyAdd: schemaUpdateNowSchemaUpdateNow: 1-4. On the File menu, click Save. In the Save As dialog box, follow these steps to save theInetOrgPersonPrevent.ldf script:In File name, type the following:\%userprofile%\InetOrgPersonPrevent.ldfIn Save as type, click All Files.


3/44

In Encoding, click Unicode.Click Save.Close Notepad.

5. Run the InetOrgPersonPrevent.ldf script using the following steps:Click Start, click Run, type cmd in the Open box, and then click OK.

At a command prompt, type the following, and then press ENTER:cd %userprofile%Type the following commandc:\documents and settings\%username%ldifde -i -f inetorgpersonprevent.ldf -v -c DC=X"domain_name_path_for_forest_root_domain"

6. Verify that the ldapDisplayNames for the CN=ms-Exch-Assistant-Name, CN=ms-Exch-LabeledURI, and CN=ms-Exch-House-Identifier attributes in the schema naming context nowappear as msExchAssistantName, msExchLabeledURI, and msExchHouseIdentifier.

NoteIn step 5 of the previous procedure note the following details:DC=X is a case-sensitive constant.The domain name path for the root domain must be enclosed in quotation marks. For example,the command syntax for an Active Directory forest whose forest root domain is Contoso.comwould be:c:\documents and settings\administrator>ldifde -i -f inetorgpersonprevent.ldf -v -c DC=X"dc=contoso, dc=com"

Adprep.exe enhancement to detect other conflicting schema objects


Many applications use Active Directory as a data store and extend the Windows 2000 ActiveDirectory schema to enable it to store objects specific to the application. If an applicationdefined a non-RFC compliant schema object, such that the ldapDisplayName, object identifier(OID) or other schema attributes conflict with the Windows 2003 Active Directory schema,

when Adprep.exe is run it will detect the conflict and display a generic error.

Adprep

AdprepPrepares Windows 2000 domains and forests for an upgrade to Windows Server 2003, StandardEdition; Windows Server 2003, Enterprise Edition; or Windows Server 2003, Datacenter Edition.Among its tasks, adprep extends the schema, updates default security descriptors of selectedobjects, and adds new directory objects as required by some applications.

SyntaxAdprep {/forestprep | /domainprep | /gpprep}

When you upgrade Windows 2000 Server to Windows Server 2003 without a service packinstalled, prepare the forest using adprep /forestprep and prepare each domain usingadprep /domainprep. Adprep /domainprep prepares the domain for upgrade and addsinheritable access control entries (ACEs) to the Group Policy objects (GPOs) in the SYSVOLshared folder, which causes domain-wide replication to occur. The amount of replicationtraffic that is generated by this operation might affect network conditions adversely.


4/44

When you upgrade Windows 2000 Server to Windows Server 2003 with Service Pack 1 (SP1),prepare the forest using adprep /forestprep and prepare each domain using adprep/domainprep. Adprep /domainprep in Windows Server 2003 with SP1 does not add inheritableACEs to the GPOs in the SYSVOL shared folder and does not cause domain-wide replication tooccur.When network conditions are optimal or if a full synchronization of the SYSVOL share will not

affect network bandwidth adversely, run adprep /domainprep /gpprep to add the inheritableACEs to the GPOs in the SYSVOL shared folder.

Parameters/forestprepPrepares a Windows 2000 forest for an upgrade to a Windows server 2003 forest.

/domainprepPrepares a Windows 2000 domain for an upgrade to a Windows server 2003 domain.

/domainprep /gpprepAvailable only when you prepare a Windows 2000 domain for an upgrade to a Windows Server2003 SP1 domain. Adds inheritable ACEs to the GPOs that are located in the SYSVOL sharedfolder, and synchronizes the SYSVOL shared folder among the domain controllers in thedomain.

/?Displays Help at the command prompt.

RemarksYou can find Adprep.exe in the \i386 folder of the Windows Server 2003, Standard Edition;Windows Server 2003, Enterprise Edition; and Windows Server 2003, Datacenter Edition CD-ROMs. For more information about using adprep, see the topics under "See Also."

To run adprep /forestprep, you must be a member of the Enterprise Admins group and theSchema Admins group in Active Directory, or you must have been delegated the appropriateauthority. As a security best practice, consider using Run as to run this command. For more

information, see Default local groups, Default groups, and Using Run as.

To run adprep /domainprep, you must be a member of the Domain Admins group or theEnterprise Admins group in Active Directory, or you must have been delegated the appropriateauthority. As a security best practice, consider using Run as to run this command. For moreinformation, see Default local groups, Default groups, and Using Run as.To run adprep /domainprep /gpprep, you must be a member of the Domain Admins group orthe Enterprise Admins group in Active Directory, or you must have been delegated theappropriate authority. As a security best practice, consider using Run as to run this command.For more information, see Default local groups, Default groups, and Using Run as.You should run adprep from Windows Server 2003 installation media, such as a CD-ROM or ashared network resource.

All domain controllers in the forest should be upgraded to Windows 2000 Service Pack 2 orlater before preparing the forest for an upgrade to the Windows Server 2003 family.

Adprep /forestprep must be run on the schema master.

Adprep /domainprep must be run on each infrastructure master in each domain, and onlyafter adprep /forestprep has been run successfully for the forest.


5/44

Adprep /domainprep /gpprep must be run on the infrastructure master of each domain. It canbe run anytime after adprep /forestprep and adprep /domainprep have been run, whennetwork bandwidth permits the replication of all GPOs among the domain controllers in thedomain.

You must wait for the changes made by adprep /forestprep to replicate from the schema

master to the infrastructure masters before running adprep /domainprep. If you try to runadprep /domainprep on an infrastructure master before the adprep /forestprep changes havereplicated, you will receive notification that the forest preparation has not finished.

After you prepare your forests and domains with adprep, you can leave your domaincontrollers running Windows 2000 for an indefinite length of time, or you can begin the domaincontroller upgrade immediately.

After running adprep, the adprep log files can be found insystemroot\System32\Debug\Adprep\Logs.

For more information about the enhancements to Adprep.exe in Windows Server 2003 withSP1, see article 324392, Enhancements to Adprep.exe in Windows Server 2003 Service Pack 1and in hotfix 324392, in the Microsoft Knowledge Base.For more information about how to prepare your forest and domains using Adprep.exe, see"Overview: Upgrading Windows 2000 Domain Controllers to Windows Server 2003" in article325379, How to Upgrade Windows 2000 Domain Controllers to Windows Server 2003, in theMicrosoft Knowledge Base.

ExamplesTo prepare a Windows 2000 forest for upgrade to the Windows server 2003 family, type:Adprep /forestprepTo prepare a Windows 2000 domain for upgrade to the Windows server 2003 family, type:Adprep /domainprep

Note

If you are preparing a Windows 2000 domain for upgrade to Windows Server 2003 without SP1,this command will cause inheritable ACEs to be added to the GPOs in the SYSVOL shared folder,and the SYSVOL share will synchronize, which might cause significant network delays.

To prepare a Windows 2000 domain for upgrade to Windows Server 2003 with SP1, by addinginheritable ACEs to the GPOs in the SYSVOL shared folder and synchronizing the SYSVOL sharedfolder among the domain controllers in a domain, type:Adprep /domainprep /gpprep


6/44

BackupSystem State Data:System state data include boot files, Registry, Com + Class registration database, Certificateservice database (If certificate service is installed), Active directory data store & Sysvol folder(If its a domain controller).

Note: You cannot use System state back to backup or restore system state data on a remotewindows 2000 computer. System State data can only be restored on the local computer. Youcant restore System State data over the network to a remote Windows 2000 computer. Youcant pick and choose which parts of System State data will be restored.

Archive:Archive attribute is a marker that the operating system automatically assigns to all files andfolders when they are first installed or created and that need to be backed up.

Types of Backup:

Normal:Normal Backup backs up all selected files and folders.Removes the archive attributes for all backed up files and folder.A normal backup is a full complete backup.It is the backbone of you backup plan or strategy.

Copy:Copy backup backs up all selected files and folder.Does not remove or otherwise affect the archive attributes.Copy backup is used to create extra backup to store off-site.

Incremental:Incremental backup backs up all files and folders that are changed since last normal orincremental backup.Remove the archive attributes for all backed up files and folder.If a normal backup is performed on Sunday and from Monday to Friday incremental backup is

performed, then Mondays incremental backup will contain only the changes made to data onMonday, Tuesdays Incremental backup will contain only the changes made to data on Tuesdayand so on.

Differential:Differential backup backs up all selected files and folders that are changed since last normalbackup.Does not remove the archive attributes from any files and folder.If a normal backup is performed on Sunday and from Monday to Friday differential backup isperformed, Mondays differential backup will contains the changes made to data on Monday;Tuesdays differential backup will contain all the changes made to data on Monday and Tuesdayand so on.

Daily:Daily backup backs up all selected files and folders that have changed during the day thebackup is performed.It doesnt remove or otherwise affect the archive attribute.


7/44

Restoring System State Data on Domain Controllers.Because System State data includes the Active Directory data store on a Windows 2000 domaincontroller, restoring System State data on a domain controller includes restoring ActiveDirectory.

There are two types of restores you can perform of Active Directory:

Nonauthoritative restore of Active Directory:This is a full restore of System State data, including Active Directory, on a Windows 2000domain controller. When this type of restore is performed, Active Directory entries on otherdomain controllers will replace the restored entries when replication of Active Directoryoccurs. This type of restore should be performed only when you have one domain controller onyour network, or when you are primarily concerned with restoring the other components ofSystem State data, such as the registry and system boot files, and you dont want to overwritethe more recent copy of Active Directory located on other domain controllers on your network.

Authoritative restore of Active Directory:This is also full restore of System State data, including Active Directory, on a windows 2000domain controller. After restore is completed, however an additional step is required. Some orall of the restored Active Directory objects are marked as being authoritative. During thisprocess, the objects attribute version numbers are increased. When this type of restore isperformed, the restored Active Directory entries that are marked as authoritative will replacethe corresponding Active Directory entries on other domain controllers on your network whenreplication of Active Directory occurs. You should use this type of restore when the ActiveDirectory data store on your networks domain controllers is damaged or when a portion ofActive Directory has been accidentally deleted.

Directory service restore mode administrator password is required in order to restore SystemState data on a domain Controller.


8/44

GroupsUsers and GroupsWhen account policies conflict, the policy with the highest priority is applied. The levels ofaccount policy priority, from greatest to least are:

Account policies for an OU

Account policies for the domainAccount policies for the domain controllerAccount policies for the local computer.

Groups on Local computerLocal GroupsBuilt-in Groups

Groups in Active DirectoryDomain Local GroupsGlobal GroupsUniversal Groups

Built-in Groups on Domain ControllersBuilt-in Local GroupsBuilt-in Global and Universal GroupsBuilt-in Special Groups

Local group - Has local computer permissions and rights only.

Global group - The groups permissions and rights exist in the group's domain and domains thathave a trust relationship with the group's domain. Global groups may be given rights andpermissions of local groups. Only NT Server can create global groups.

Domain Local group - Created on Active Directory controllers and are used manage access to

resources in the domain.

Universal group - Users from multiple domains that perform similar tasks or share resourcesacross the domains. Any group or user in any domain can be a member of the universal group.The universal group is however, not available in Active Directory mixed mode.

Local groups can include global groups. They will not include other local groups. Local groupsare created in the User Manager. Created groups may be deleted with the User Manager, butbuilt in system groups may not be deleted. When a domain is joined the domain administratorsgroup is added to the local administrators group and the domain users group is added to thelocal users group on the computer that joins the domain.

Local Groups created on non domain controllers at installation time

Administrators - Used to administer the system. It is a good idea to make a backupadministrator user.Power Users - Have some administrative privileges such as ability to share directories andprinters. Can manage Power Users, Guests and User groups.Users - Have privileges for daily tasks. All users on the computer are normally in this group. Canmanage local groups they create.Guests - Have minimal privileges. Can be renamed. But can't be deleted.Backup Operators - Have privileges for performing system backup.


9/44

Replicators - A service account that NT uses to perform the replication function. Allows theserver to replicate files to the NT workstation machine.

Non-Domain Controller Special GroupsThese are special groups that are not on the group menu. These groups also exist on domain

controllers.

System * - Used to manage accounts that provide system services such as the webserver.Everyone * - All on the local machine, in the domain and trusted domains.Interactive * - A user at the local machine.Network * - Anyone who accesses information on this computer over the network (remotely). Itcan be used to restrict users from getting to specific resources over the network.Creator/Owner * - The owner of the resource.Creator Group - For Apple users or POSIX application users.Anonymous Logon - Any user that used anonymous logon.Authenticated Users - Any Windows 2000 locally or globally authenticated user.Batch - A program that logged on using the logon as batch job user right.Dialup - A user logged on using a phone line, VPN, or cable connection.

Service - A service logged on with a user account.Terminal Server Unit - A user logged on using a terminal.

Local Groups on domain controllersCreated during Active Directory installation.

Administrators * - Those who administer the domain and the server. It initially contains theDOMAIN ADMINS global group.Account Operators * - This group has privileges to to create and manage local and global usersand groups in the domain. This group can also shut down the domain controller. This group isonly on domain controllers.Backup Operators * - Those who can save file to tape backup media. This group is on all NT

servers.Print Operators * - This local group can control the sharing of printers, along with shuttingdown the domain controller.Server Operators * - Basically this group can do anything on the NT server. They can format thehard drive, restore or backup files or directories, create and control shared directories, controlthe sharing of printers, lock/unlock the server, shut down the domain controller locally orremotely, and modify the system time.Replicators * - Used to perform directory replication. This group is on all NT servers.Users * - Those who use the server.Guests * - Includes the Guest account and Domain Guests group.Pre-Windows 2000 Compatible Access - Allows Windows NT 4.0 users to get domain access. Theeveryone needs to be a member of this group when there are NT computers in the domain.

Global and Universal GroupsDomain Admins * - It is automatically a member of the administrators local group on allmachines that are a member of the domain. These way global administrators may remotelyadminister any machine in the domain. It initially contains the Administrator user account.Domain Users * - Contains all created domain user accounts. On the domain controller, thisgroup is a member of the users local group. It initially contains all users in the domain exceptfor guests.Domain Guests * - Contains the domain Guest account.Enterprise Admins - It is automatically a member of the administrators local group on allmachines that are a member of all domains in the forest.


10/44

Schema Admins - This group has rights to modify the schema of the Active Directory database.This group only exists on the highest level domain in the forest.Domain ControllersDomain Computers - Computers that are members of the domain.Cert Publishers - Users that can publish security certificates.Group Policy Admins - Users who can modify group policy settings for objects in the domain.

Group CreationLocal group - Open the "Computer Management" dialog box by clicking on "My Computer", and"Manage". Click + next to "Local Users and Groups", highlight "Groups", select "Action", and "NewGroups".Global group - The Administrative Tool, "Active Directory Users and Computers" is used tocreate and manage these groups.

Group AccountsPass through authentication is the process of a local user logon being passed to the domainallowing the user to be logged onto the domain at the same time. The local user name andpassword must be the same as the domain user name and password. Domain user and group

accounts are created and stored on the PDC (Primary Domain Controller) SAM (SecurityAccounts Manager) database. Two types of groups in a domain are:

Local groups - These groups are used to manage local resources. They can exist onworkstations, member servers, and domain controllers (PDC and BDC).Global groups - These groups can be used on any computer that is a part of the domain. Domaincontrollers are the only way to create and modify global groups.

Three domain global groups built in to the NT domain:Domain Admins - It is automatically a member of the administrators local group on allmachines that are a member of the domain. These way global administrators may remotelyadminister any machine in the domain.Domain Users - Contains all created domain user accounts. On the domain controller, this groupis a member of the users local group.Domain Guests - Contains the domain Guest account.

Three local groups on the domain controller:Account Operators - This group has privileges to create and manage local and global users andgroups in the domain. This group can also shut down the domain controller.Print Operators - This local group can control the sharing of printers, along with shutting downthe domain controller.Server Operators - Basically this group can do anything on the NT server. They can format thehard drive, restore or backup files or directories, create and control shared directories, controlthe sharing of printers, lock/unlock the server, shut down the domain controller locally orremotely, and modify the system time.

Active Directory GroupsThere are two types of Active Directory groups, each with a different purpose. These are:

Security principal groups: These groups can be assigned permissions. Their scope can be:Domain localGlobalUniversal

Distribution groups: Used to group users for applications such as mail.


11/44

Kerberos (protocol)

Kerberos is a computer network authentication protocol which allows individualscommunicating over an insecure network to prove their identity to one another in asecure manner. Kerberos prevents eavesdropping or replay attacks, and ensures theintegrity of the data. Its designers aimed primarily at a client-server model, and itprovides mutual authentication both the user and the service verify each other'sidentity.

Kerberos operation

What follows is a simplified description of the protocol. The following shortcuts will be used:

AS = Authentication Server, TGS = Ticket Granting Server, SS = Service Server.

In one sentence: the client authenticates itself to AS, then demonstrates to the TGS that it's

authorized to receive a ticket for a service (and receives it), then demonstrates to the SS that

it has been approved to receive the service.

In more detail:

1. A user enters a username and password on the client.2. The client performs a one way hash on the entered password, and this becomes the

secret key of the client.3. The client sends a clear-text message to the AS requesting services on behalf of the

user. Sample Message: "User XYZ would like to request services". Note: Neither thesecret key nor the password is sent to the AS.

4. The AS checks to see if the client is in its database. If it is, the AS sends back thefollowing two messages to the client:

o Message A: Client/TGS session keyencrypted using the secret key of the user.

o Message B: Ticket-Granting Ticket (which includes the client ID, client network

address, ticket validity period, and the client/TGS session key) encrypted usingthe secret key of the TGS.

5. Once the client receives messages A and B, it decrypts message A to obtain theclient/TGS session key. This session key is used for further communications with TGS.(Note: The client cannot decrypt the Message B, as it is encrypted using TGS's secretkey.) At this point, the client has enough information to authenticate itself to the TGS.

6. When requesting services, the client sends the following two messages to the TGS:o Message C: Composed of the Ticket-Granting Ticket from message B and the ID

of the requested service.o Message D: Authenticator (which is composed of the client ID and the

timestamp), encrypted using the client/TGS session key.7. Upon receiving messages C and D, the TGS decrypts message D (Authenticator) using

the client/TGS session keyand sends the following two messages to the client:o Message E: Client-to-server ticket (which includes the client ID, client network

address, validity period) encrypted using the service's secret key.o Message F: Client/server session key encrypted with the client/TGS session

key.

8. Upon receiving messages E and F from TGS, the client has enough information toauthenticate itself to the SS. The client connects to the SS and sends the following twomessages:

o Message G: the client-to-server ticket encrypted using service's secret key.

o Message H: a new Authenticator, which includes the client ID, timestamp and is

encrypted using client/server session key.9. The server decrypts the ticket using its own secret key and sends the following message

to the client to confirm its true identity and willingness to serve the client:o Message I: the timestamp found in client's recent Authenticator plus 1,

encrypted using the client/server session key.
http://en.wikipedia.org/wiki/Computer_networkhttp://en.wikipedia.org/wiki/Authenticationhttp://en.wikipedia.org/wiki/Cryptographic_protocolhttp://en.wikipedia.org/wiki/Eavesdroppinghttp://en.wikipedia.org/wiki/Replay_attackhttp://en.wikipedia.org/wiki/Data_integrityhttp://en.wikipedia.org/wiki/Client-serverhttp://en.wikipedia.org/wiki/Computer_networkhttp://en.wikipedia.org/wiki/Authenticationhttp://en.wikipedia.org/wiki/Cryptographic_protocolhttp://en.wikipedia.org/wiki/Eavesdroppinghttp://en.wikipedia.org/wiki/Replay_attackhttp://en.wikipedia.org/wiki/Data_integrityhttp://en.wikipedia.org/wiki/Client-server


12/44

10. The client decrypts the confirmation using its shared key with the server and checkswhether the timestamp is correctly updated. If so, then the client can trust the serverand can start issuing service requests to the server.

11. The server provides the requested services to the client.


13/44

Networking Terminology

Ping: Its a Utility to determine whether specific IP address is accessible or not. Ping commandsends an ICMP request to obtain ICMP response from a host or a gateway. It is used totroubleshoot network issue.

Switch: It is a device that filters and forward data packets between LAN segments based onMAC address. Switch operates on Data link layer.

Difference between Switch and Router

When a router receives a packet, it looks at the Layer 3 source and destinationaddresses to determine the path the packet should take. A standard switch relies onthe MAC addresses to determine the source and destination of a packet, which is Layer2 (Data) networking.

A switch is a layer 2 device with physical ports. A layer 2 switch communicates usingframes on the wire at layer 1.A router is a layer 3 device, which communicates withpackets. A packet is encapsulated inside of a frame. A router has interfaces forconnection into the network medium. For a router to route over Ethernet, it requiresan Ethernet interface. A token ring interface is required for token ring, a frame relayinterface for frame relay and so forth.

Definition Layer 3 switchA Layer 3 switch is a high-performance device for network routing. Layer 3 switches actuallydiffer very little from routers. A Layer 3 switch can support the same routing protocols asnetwork routers do. Both inspect incoming packets and make dynamic routing decisions basedon the source and destination addresses inside. Both types of boxes share a similar appearance.

Layer 3 SwitchLayer 3 switches have optimized hardware to pass data as fast as Layer 2 switches, yet theymake decisions on how to transmit traffic at Layer 3, just like a router. Within the LANenvironment, a Layer 3 switch is usually faster than a router because it is built on switchinghardware.

Layer 3 switches were conceived as a technology to improve on the performance of routersused in large local area networks (LANs) like corporate intranets. The key difference betweenLayer 3 switches and routers lies in the hardware technology used to build the unit. Thehardware inside a Layer 3 switch merges that of traditional switches and routers, replacingsome of a router's software logic with hardware to offer better performance in some situations.

Layer 3 switches often cost less than traditional routers. Designed for use within localnetworks, a Layer 3 switch will typically not possess the WAN ports and wide area networkfeatures a traditional router will always have.

Router: A router is a computer networking device that forwards data packets across a network

towards their destinations, through a process known as routing. Routing occurs at layer 3(Network Layer).

__________________________________________________________________________________


14/44

OSI Model:(All People Seem To Need Data Processing)

Application Layer: This is the Layer that actually interacts with the Operating system orapplication whenever the user chooses to transfer files, read message or perform othernetwork related activities.

Presentation Layer: Layer 6 takes the data provided by the application layer and converts itinto a standard format that the other layers can understand.

Session Layer: Layer 5 establishes, maintains and end communication with the receivingdevice.

Transport Layer: This layer maintains Flow Control of data and provides error checking andrecovery of data between the devices. Flow control means that the transport layer looks to seeif the data is coming from more than one application and integrates each applications datainto a single stream for physical network.

Network Layer: The way that the data will be sent to the recipient device is determined in thislayer. Logical protocols, routing and addressing are handled here.

Data Link Layer: In this layer, the appropriate physical protocol is assigned to the data. Alsothe type of network and the packet sequencing is defined.

Physical Layer: This is the level of actual hardware. It defines the physical characteristics ofthe network such as connections, voltage levels and timing.

The OSI reference model is really just a guideline. Actual protocol stacks often combine one ormore of the OSI layers into a single layer.

__________________________________________________________________________________

Networking

TCP/IP: TCP/IP is a suite of protocol that is used on a network to communicate with othercomputer. TCP/IP is a transport protocol.

IP Address: IP address is a 32 bit binary number; it is represented in dotted decimal format.Each 8 bit Octet is represented by whole decimal number.

IP address consist of two parts Network ID and Host ID.

Subnet Mask: Its a 32 bit binary number, represented in dotted decimal format.

A subnet mask specifies which portion of an IP address represents the network ID. A subnetmask allows TCP/IP to determine whether network traffic destined for a given IP address

should be transmitted on the local subnet, or whether it should be routed to a remote subnet.

NATTING: Natting is a process which enables computers on a private network with Private IPaddress to communicate with computers on internet that uses registered IP address.__________________________________________________________________________________

ExtranetAn extranet is a private network that uses Internet technology and the publictelecommunication system to securely share part of a business's information or operations with


15/44

suppliers, vendors, partners, customers, or other businesses. An extranet can be viewed as partof a company's intranet that is extended to users outside the company.

An extranet requires security and privacy. These can include firewall server management, theissuance and use of digital certificates or similar means of user authentication, encryption ofmessages, and the use of virtual private networks (VPNs) that tunnel through the public

network.

Companies can use an extranet to:Exchange large volumes of data using Electronic Data Interchange (EDI)Share product catalogs exclusively with wholesalers or those "in the trade"Collaborate with other companies on joint development effortsJointly develop and use training programs with other companiesProvide or access services provided by one company to a group of other companies, such as anonline banking application managed by one company on behalf of affiliated banksShare news of common interest exclusively with partner companies

IntranetDefinition: Intranet is the generic term for a collection of private computer networks within anorganization. Intranets are communication tools designed to enable easy information sharingwithin workgroups.

Intranets utilize standard network hardware and software technologies like Ethernet, TCP/IP,Web browsers and Web servers. An organization's intranet often features Internet access but isfire walled so that its computers cannot be reached directly from the outside.

A common extension to intranets, called extranets, opens holes in this firewall to providecontrolled access to outsiders.

Many schools and non-profit groups have deployed intranets, but an intranet is still seenprimarily as a corporate productivity tool. Besides email and groupware applications, anintranet generally incorporates internal Web sites, documents, and/or databases todisseminate information.

The business value of intranet solutions is generally accepted in larger corporations, but theirworth has proven very difficult to quantify in terms of time saved or return on investment.

Also Known As: corporate portal, private business network

__________________________________________________________________________________

1) What is encryption?

The translation of data into a secret code. Encryption is the most effective way to achieve datasecurity. To read an encrypted file, you must have access to a secret key or password thatenables you to decrypt it. Unencrypted data is called plain text; encrypted data is referred to

as cipher text.

There are two main types of encryption: asymmetric encryption (also called public-keyencryption) and symmetric encryption.

2) What is VPN?

Short for virtual private network, a network that is constructed by using public wires toconnect nodes. For example, there are a number of systems that enable you to create


16/44

networks using the Internet as the medium for transporting data. These systems use encryptionand other security mechanisms to ensure that only authorized users can access the network andthat the data cannot be intercepted.

3) What is DHCP?

DHCP: Dynamic Host Configuration Protocol service provides centralized management of IPaddress assignment. DHCP server should be assigned Static IP address.

DHCPA TCP/IP service protocol that offers dynamic leased configuration of host IP addresses anddistributes other configuration parameters to eligible network clients. DHCP provides safe,reliable and simple TCP/IP network configuration, prevent address conflicts and help conservethe use of client IP addresses on the network.

DHCP uses a client/server model where the DHCP server maintains centralized management ofIP addresses that are used on the network. DHCP supporting clients can then request andobtain lease of an IP address from a DHCP server as part of their network boot process.

BroadcastAn address that is destined for all hosts on a particular network segment.

What is DHCP?

DHCP (Dynamic Host Configuration Protocol) is a communications protocol that lets networkadministrators centrally manage and automate the assignment of Internet Protocol (IP)addresses in an organization's network. Using the Internet Protocol, each machine that canconnect to the Internet needs a unique IP address, which is assigned when an Internetconnection is created for a specific computer. Without DHCP, the IP address must be entered

manually at each computer in an organization and a new IP address must be entered each timea computer moves to a new location on the network. DHCP lets a network administratorsupervise and distribute IP addresses from a central point and automatically sends a new IPaddress when a computer is plugged into a different place in the network.

DHCP uses the concept of a "lease" or amount of time that a given IP address will be valid for acomputer. The lease time can vary depending on how long a user is likely to require theInternet connection at a particular location. It's especially useful in education and otherenvironments where users change frequently. Using very short leases, DHCP can dynamicallyreconfigure networks in which there are more computers than there are available IP addresses.The protocol also supports static addresses for computers that need a permanent IP address,such as Web servers.

DHCP is an extension of an earlier network IP management protocol, Bootstrap Protocol(BOOTP). DHCP is a more advanced protocol, but both configuration management protocols arecommonly used and DHCP can handle BOOTP client requests. Some organizations use bothprotocols, but understanding how and when to use them in the same organization is important.Some operating systems, including Windows NT/2000, come with DHCP servers. A DHCP orBOOTP client is a program that is located in (and perhaps downloaded to) each computer sothat it can be configured.


17/44

Operating SystemThe Differences between NT & Windows 2000 are:

Windows 2000 uses Kerberos Version 5 Protocol for user logon authentication whereasNT uses NTLM protocol

Windows 2000 support Plug & Play whereas NT is not

Domain Local, is Group Types in windows 2000, whereas in NT it is Global & local only IE Version is 5.0, in NT it is 4.0

Encrypted File System Support is there in 2000 which is not there in NT.

NT supports only Fat16 and NTFS 4.0 version. Whereas 2000 supports FAT 16/32 NTFS5.

NT is a Single Master Domain Model, whereas 2000 is a Multi Master Domain model.

In NT database name is SAM. IN 2000 it is ADS.

Database size in NT is 40MB.Database size in 2000 is 17TB.

Supports up to 40,000 objects only in NT, whereas more than 1 million in 2000.

NT 4.0 uses single master replication model while Windows 2000 uses Multimasterreplication model.

NT 4.0 Windows 2000

Security Uses NTLM protocol to authenticateuser logon.

Uses Kerberos version 5.0 protocol. Itsan Internet Standard authenticationprotocol that provides higher level ofsecurity, faster and more efficient.

Plug and Play Do not support Plug & Play Support Plug and Play

New File System Do not support FAT32 and EFS Support FAT32 and EFS. FAT32 supportup to 2 terabytes. EFS enable you tostore files on NTFS partition in anencrypted format, so that even if anunauthorized user removes a hard diskfrom your computer, that user will beunable to access the sensitive datacontained in the encrypted file.

Power Option inControl Panel

Power option enables you to configureenergy settings for your computer,especially for Laptops.

Internet Explorer5.0

IE 4.0 is an integral part of WindowsNT 4.0

IE 5.0 is an integral part of Windows2000 operating system. IE 5.0 alsoincludes Microsoft Outlook Express 5.

Domain PDC and BDC DC and ADC (Note: DC and ADCmaintain Read/Write copy of ActiveDirectory Data store. Reason for ADC isto provide fault tolerance and loadbalancing for Active Directory DataStore).

Windows 2000 Family Hardware Requirement.

Processor RAM RecommendedRAM

Hard Disk Space

Windows 2000Prof

P 133 MHz 32 MB 64 MB 650 MB Freespace

Windows 2000Server

P 133 MHz(Note: Support up

64 MB(Notes: Support

128 MB 950MB. (Moredisk space is


18/44

to 4 processors) up to 4 GB RAM) required if RAM ismore than 64MB).

Windows 2000Adv Server

P 133 MHz(Note: Support upto 8 processors)

64 MB(Note: Support upto 8 GB RAM)

128 MB 950MB. (Moredisk space isrequired if RAM is

more than 64MB).

Windows 2000Data centreserver

P 133 MHz(Note: Support upto 32 processors)

64 MB(Note: Support upto 64 GB RAM)

128 MB 950MB. (Moredisk space isrequired if RAM ismore than 64MB).

16-bit applicationA 16 bit application is any software written for MS-DOS or early versions of Microsoft Windowswhich originally ran on the 16-bit Intel 8088 and Intel 80286 microprocessors. Such applicationsused a 20-bit segment-offset address representation to extend the range of addressablememory locations beyond what were possible using only 16-bit addresses. ...

32-bit applicationA 32-bit application is software that runs in a 32-bit flat address space (a flat memorymodel).In computer architecture, 32-bit is an adjective used to describe integers, memoryaddresses or other data units that are at most 32 bits (4 octets) wide, or to describe CPU andALUarchitectures based on registers, address buses, ordata busesof that size

NTFS file systemA file system that provides performance, security, reliability, and advanced features that arenot found in any version of the file allocation table (FAT) file system. For example, NTFSguarantees volume consistency by using standard transaction logging and recovery techniques.If a system fails, NTFS uses its log file and checkpoint information to restore the consistency ofthe file system.

Registry Key

HKEY_CLASSES_ROOT: Is a subkey of HKEY_LOCAL_MACHINE\Software. The information storedhere ensures that the correct program opens when you open a file by using Windows Explorer.File associations and OLE information

HKEY_CURRENT_USER: Contains the root of the configuration information for the user who iscurrently logged on. The user's folders, screen colors, and Control Panel settings are storedhere. This information is referred to as a user's profile. All preferences set for current user

HKEY_LOCAL_MACHINE: Contains configuration information particular to the computer (for anyuser). Settings for hardware, operating system and installed application

HKEY_USERS: Contains the root of all user profiles on the computer. HKEY_CURRENT_USER is asubkey of HKEY_USERS. All the current user information for each user of the system

HKEY_CURRENT_CONFIG: Contains information about the hardware profile used by the localcomputer at system start-up. Settings for the display and printers

HKEY_Dyn_Data: Performance data.
http://en.wikipedia.org/wiki/Softwarehttp://en.wikipedia.org/wiki/32-bithttp://en.wikipedia.org/wiki/Address_spacehttp://en.wikipedia.org/wiki/Flat_memory_modelhttp://en.wikipedia.org/wiki/Flat_memory_modelhttp://en.wikipedia.org/wiki/Computer_architecturehttp://en.wikipedia.org/wiki/Integer_(computer_science)http://en.wikipedia.org/wiki/Memory_addresshttp://en.wikipedia.org/wiki/Memory_addresshttp://en.wikipedia.org/wiki/Data#Uses_of_data_in_computinghttp://en.wikipedia.org/wiki/Bithttp://en.wikipedia.org/wiki/Octet#Computers_and_networkinghttp://en.wikipedia.org/wiki/Central_processing_unithttp://en.wikipedia.org/wiki/ALUhttp://en.wikipedia.org/wiki/Computer_architecturehttp://en.wikipedia.org/wiki/Computer_architecturehttp://en.wikipedia.org/wiki/Processor_registerhttp://en.wikipedia.org/wiki/Address_bushttp://en.wikipedia.org/wiki/Data_bushttp://en.wikipedia.org/wiki/Data_bushttp://en.wikipedia.org/wiki/Data_bushttp://en.wikipedia.org/wiki/Softwarehttp://en.wikipedia.org/wiki/32-bithttp://en.wikipedia.org/wiki/Address_spacehttp://en.wikipedia.org/wiki/Flat_memory_modelhttp://en.wikipedia.org/wiki/Flat_memory_modelhttp://en.wikipedia.org/wiki/Computer_architecturehttp://en.wikipedia.org/wiki/Integer_(computer_science)http://en.wikipedia.org/wiki/Memory_addresshttp://en.wikipedia.org/wiki/Memory_addresshttp://en.wikipedia.org/wiki/Data#Uses_of_data_in_computinghttp://en.wikipedia.org/wiki/Bithttp://en.wikipedia.org/wiki/Octet#Computers_and_networkinghttp://en.wikipedia.org/wiki/Central_processing_unithttp://en.wikipedia.org/wiki/ALUhttp://en.wikipedia.org/wiki/Computer_architecturehttp://en.wikipedia.org/wiki/Processor_registerhttp://en.wikipedia.org/wiki/Address_bushttp://en.wikipedia.org/wiki/Data_bus


19/44

Windows Registry:HKEY_Classes_Root: File associations and OLE informationHKEY_Current_User: All preferences set for current userHKEY_User: All the current user information for each user of the systemHKEY_Local_Machine: Settings for hardware, operating system and installed application.HKEY_Current_Configuration: Settings for the display and printers

HKEY_Dyn_Data: Performance data.

Operating System

In computing, an operating system (OS) is the system software responsible for the directcontrol and management ofhardware and basic system operations. Additionally, it provides afoundation upon which to run application software such as word processing programs, webbrowsers and others.

Network operating system (NOS):Software that (a) controls a networkand its message (e.g.packet)traffic andqueues, (b) controls access by multiple users to network resources such asfiles, and (c) provides for certain administrative functions, including security.

A NOS is not the same as the networking tools provided by some existing OS's, Windows XP forinstance. An NOS is an OS that has been specifically written to keep networks running atoptimal performance.

Boot Sequence in Windows NTWhat is the NT Boot Process? Or what is the Winnt systems boot sequence

A. Firstly the files required for NT to boot are

Ntldr - This is a hidden, read-only system file that loads the operating system

Boot.ini - This is read-only system file, used to build the Boot Loader Operating System

Selection menu on Intel x86-based computers

Bootsect.dos - This is a hidden file loaded by Ntldr if another operating system is

selected.

Ntdetect.com - This is a hidden, read-only system file used to examine the hardware

available and to build a hardware list.

Ntbootdd.sys - This file is only used by systems that boot from a SCSI disk.

The common Boot sequence files are

Ntoskrnl.exe - The Windows NT kernel

System - This file is a collection of system configuration settings

Device drivers - These are files that support various device drivers

Hal.dll - Hardware Abstraction Layer software

The boot sequence is as follows

1. Power on self test (POST) routines are run

2. Master Boot Record is loaded into memory, and the program run3. The Boot Sector from Active Partition is Loaded into Memory4. Ntldr is loaded and initialized from the boot sector5. Change the processor from real mode to 32-bit flat memory mode6. Ntldr starts the appropriate minifile system drivers. Minifile system drivers are built

into Ntldr and can read FAT or NTFS7. Ntldr reads the Boot.ini file8. Ntldr loads the operating system selected, on of two things happen

*If Windows NT is selected, Ntldr runs Ntdetect.com
http://en.wikipedia.org/wiki/Computinghttp://en.wikipedia.org/wiki/System_softwarehttp://en.wikipedia.org/wiki/Computer_hardwarehttp://en.wikipedia.org/wiki/Application_softwarehttp://en.wikipedia.org/wiki/Word_processinghttp://en.wikipedia.org/wiki/Web_browserhttp://en.wikipedia.org/wiki/Web_browserhttp://en.wikipedia.org/wiki/Computer_softwarehttp://en.wikipedia.org/wiki/Computer_networkhttp://en.wikipedia.org/wiki/Computer_networkhttp://en.wikipedia.org/wiki/Messagehttp://en.wikipedia.org/wiki/Packethttp://en.wikipedia.org/wiki/Traffic_(disambiguation)http://en.wikipedia.org/wiki/Traffic_(disambiguation)http://en.wikipedia.org/wiki/Queuehttp://en.wikipedia.org/wiki/Queuehttp://en.wikipedia.org/wiki/Securityhttp://en.wikipedia.org/wiki/Computinghttp://en.wikipedia.org/wiki/System_softwarehttp://en.wikipedia.org/wiki/Computer_hardwarehttp://en.wikipedia.org/wiki/Application_softwarehttp://en.wikipedia.org/wiki/Word_processinghttp://en.wikipedia.org/wiki/Web_browserhttp://en.wikipedia.org/wiki/Web_browserhttp://en.wikipedia.org/wiki/Computer_softwarehttp://en.wikipedia.org/wiki/Computer_networkhttp://en.wikipedia.org/wiki/Messagehttp://en.wikipedia.org/wiki/Packethttp://en.wikipedia.org/wiki/Traffic_(disambiguation)http://en.wikipedia.org/wiki/Queuehttp://en.wikipedia.org/wiki/Security


20/44

*for other operating system, Ntldr loads and runs Bootsect.dos and passes control to it.The Windows NT process ends here

9. Ntdetect.com scans the computer hardware and sends the list to Ntldr for inclusion inHKEY_LOCAL_MACHINE\HARDWARE

10. Ntldr then loads Ntoskrnl.exe, Hal.dll and the system hive11. Ntldr scans the System hive and loads the device drivers configured to start at boot

time12. Ntldr passes control to Ntoskrnl.exe, at which point the boot process ends and the loadphases begin

Multiprocessing, Multithreading, and Multitasking

Multiprocessing: Refers to the capacity of an operating system to use more than one processorin a single computer simultaneously.

Symmetric Multiprocessing: is a type of multiprocessing in which the system and applicationprocess can run on any available processor.

Thread: A Thread is a smallest unit of processing that can be scheduled by the Operating

system Kernel.

Multithreading: All application requires at least one thread. When an application has more thanone thread, each thread can be executed independently of the others. This is referred to asmultithreading. Individual threads within a single application can even be run on differentprocessor in the same computer.

Preemptive multitasking: The Operating system allocates processor time between applications.Because the operating system and not the application allocate processor time betweenmultiple applications, one application can be pre-empted by the operating system, and anotherapplication allowed to run. When multiple applications are alternately paused and thenallocated processor time, they appear to run simultaneously to the user.

Windows Operating System Release

NT Ver. Marketing Name Editions Release Date Build

NT 3.1 Windows NT 3.1Workstation (named just WindowsNT), Advanced Server

July1993 528

NT 3.5 Windows NT 3.5 Workstation, ServerSeptember 1994

807

NT 3.51 Windows NT 3.51 Workstation, Server May 1995 1057
http://en.wikipedia.org/wiki/Windows_NT_3.1http://en.wikipedia.org/wiki/Julyhttp://en.wikipedia.org/wiki/1993http://en.wikipedia.org/wiki/Windows_NT_3.5http://en.wikipedia.org/wiki/Septemberhttp://en.wikipedia.org/wiki/1994http://en.wikipedia.org/wiki/1994http://en.wikipedia.org/wiki/Windows_NT_3.51http://en.wikipedia.org/wiki/Mayhttp://en.wikipedia.org/wiki/1995http://en.wikipedia.org/wiki/Windows_NT_3.1http://en.wikipedia.org/wiki/Julyhttp://en.wikipedia.org/wiki/1993http://en.wikipedia.org/wiki/Windows_NT_3.5http://en.wikipedia.org/wiki/Septemberhttp://en.wikipedia.org/wiki/1994http://en.wikipedia.org/wiki/1994http://en.wikipedia.org/wiki/Windows_NT_3.51http://en.wikipedia.org/wiki/Mayhttp://en.wikipedia.org/wiki/1995


21/44

NT 4.0 Windows NT 4.0Workstation, Server, ServerEnterprise Edition, TerminalServer, Embedded

July1996 1381

NT 5.0 Windows 2000Professional, Server, AdvancedServer, Datacenter Server

February 2000 2195

NT 5.1 Windows XPHome, Professional, Media Center(2004 & 2005), Tablet PC, Starter,Embedded, N

October2001 2600

NT 5.2 Windows Server 2003Standard, Enterprise, Datacenter,Web, Small Business Server, XP Pro

x64

March 2003 3790

NT 6.0 Windows Vista

Starter, Home Basic, HomePremium, Professional, SmallBusiness, Enterprise, Ultimate (x64editions will be available too)

2006 (expected)

Unknown

NT 6.0+Longhorn Server(codename)

Unknown2007 (expected)

Unknown

Port Numbers

port / service name common UNIX additional remarks
http://en.wikipedia.org/wiki/Windows_NT_4.0http://en.wikipedia.org/wiki/Julyhttp://en.wikipedia.org/wiki/1996http://en.wikipedia.org/wiki/Windows_2000http://en.wikipedia.org/wiki/Februaryhttp://en.wikipedia.org/wiki/2000http://en.wikipedia.org/wiki/Windows_XPhttp://en.wikipedia.org/wiki/Octoberhttp://en.wikipedia.org/wiki/2001http://en.wikipedia.org/wiki/Windows_Server_2003http://en.wikipedia.org/wiki/Marchhttp://en.wikipedia.org/wiki/2003http://en.wikipedia.org/wiki/Windows_Vistahttp://en.wikipedia.org/wiki/2006http://en.wikipedia.org/wiki/Windows_Longhorn_Serverhttp://en.wikipedia.org/wiki/Windows_Longhorn_Serverhttp://en.wikipedia.org/wiki/2007http://en.wikipedia.org/wiki/Windows_NT_4.0http://en.wikipedia.org/wiki/Julyhttp://en.wikipedia.org/wiki/1996http://en.wikipedia.org/wiki/Windows_2000http://en.wikipedia.org/wiki/Februaryhttp://en.wikipedia.org/wiki/2000http://en.wikipedia.org/wiki/Windows_XPhttp://en.wikipedia.org/wiki/Octoberhttp://en.wikipedia.org/wiki/2001http://en.wikipedia.org/wiki/Windows_Server_2003http://en.wikipedia.org/wiki/Marchhttp://en.wikipedia.org/wiki/2003http://en.wikipedia.org/wiki/Windows_Vistahttp://en.wikipedia.org/wiki/2006http://en.wikipedia.org/wiki/Windows_Longhorn_Serverhttp://en.wikipedia.org/wiki/Windows_Longhorn_Serverhttp://en.wikipedia.org/wiki/2007


22/44

protocol daemon(s)

20/tcp and21/tcp

ftp (file transferprotocol) dataand login control

in.ftpd,wu.ftpd,proftpd; launched byinetd

obsolete:insecure, because unencrypted anddifficult to harden service, please use sshd and scpor sftp instead (see below)

22/tcp ssh (Secure SHell) sshd

Secure, because fully encrypted remote login (ssh)and copy (scp and sftp) service, please useexclusively this full substitute instead of theobsolete ftp, telnet, rlogin, rsh, rcp and so on!

23/tcptelnet (remotelogin)

in.telnetd, launchedby inetd

obsolete: unencrypted login, use sshd and sshinstead, see above

25/tcpsmtp (simple mailtransfer protocol)

sendmail, postfix,qmail, etc.

standard mail protocol since 30 years, only way tocommunicate world wide with messages withouthttp measures, for your privacy you need to encryptmails preferably with the free PGP (pretty goodprivacy)

53/udp and53/tcp

DNS (domainname system)

bind (BerkeleyInternet NameDomain)

the name service of the Internet, used by http,smtp and all others to resolve symbolic names intothe IP layer addresses, name resolution is done viaudp, zone transfers between several name serversvia tcp

80/tcp

http (Hyper TextTransfer Protocol)= www (WorldWide Web)

httpd (= apache, APAtCHy [web]sErver)

the Internet/web service, unencrypted port (seebelow, 443, for encrypted counterpart) for standarddata transfer from web servers to user agents(browsers, robots, download tools)

88/tcp kerberos krshdhigh security special purpose protocol with ticketsystem and so on

110/tcppop3 (Post OfficeProtocol version3)

popper, launched byinetd

post retrieval service of storing mail servers withencryption possibilities

111/udp(sun)rpc (remoteprocedure call)

rpc.statd,rpc.rusersd,rpc.walld

insecure remote calls of special informationservices

119/tcpnntp (NetworkNews TransferProtocol)

leafnode the internet news server query service

123/udp ntp (NetworkTime Protocol) (x)ntpd modern world wide time service for synchronisationwith nuclear clock driven time standard

137/udpnetbios-ns(NETBIOS NameService)

nmbdspecial name service for a still too widespreadproprietary OS and its SMB (Server Message Block)system, needed in union with the following service


23/44

139/tcpnetbios-ssn(NETBIOS SessionService Network)

smbd (Sambadaemon)

special session service for that proprietary OS andits SMB (Server Message Block) system, workstogether with immediately above service

143/tcp

imap2 (InternetMessage Access

Protocol version2)

imapd (InteractiveMail Access Protocol

Daemon), launchedby inetd

rather insecure and therefore only locally suitablemail retrieval service, for non-local purposes preferpop3 (see above)

161/tcp

snmp (SimpleNetworkManagementProtocol)

snmpd

base of communication between very differenttechnical units (not only computers), they have toshare the network capability and these protocolrules only: CAUTION: veryinsecure (no limiting ofallowed requesting IP addresses possible)

194/tcpirc (Internet RelayChat)

ircd the Internet chat service

220/tcp

imap3 (Interactive

Mail AccessProtocol version3)

imapd

modern mail retrieval service, successor of imap2

(see above), but still pop3 may the betteralternative (see above too)

389/tcpldap (LightweightDirectory AccessProtocol)

ldapdnetwork distributed, domain organized directoryservice, connection part, see also immediatelybelow

389/udpldap (LightweightDirectory AccessProtocol)

slapd (StandaloneLightweight AccessProtocol Daemon

network distributed, domain organized directoryservice, listener/contoller part, see alsoimmediately above

443/tcphttps (HyperTextTransfer Protocol

Secure)

httpd (= apache)encrypted (via TLS/SSL) counterpart to abovehttp/80 entry, the only acceptable way, to do

online credit card transactions

514/udpsystem loglistener

syslogdalways active to log other hosts informations,because otherwise the daemon won't start

515/tcp print spoolerlpd (Line PrinterDaemon)

network printer queue

554/tcprtsp (Real TimeStream Protocol)

rsvpd (ResourcereSerVationsProtocol Daemon)

used by Real Media for video and audio streaming

631/tcp ipp (InternetPrinting Protocol)

cupsd --- CUPS

(Common UnixPrinting System)Daemon

unencrypted port for (local) printer access viabrowser and CUPS client

744/udpflexlm (FLEXibleLicense Manager)

lmgrd (LicenseManaGeR Daemon)

network bound license evaluation system


24/44

901/tcpswat (Samba WebAdministrationTool)

swat, launched byinetd

browser/web bound Samba administration (seeabove, 137/nmbd and 139/smbd), use with care:it's not encrypted without additional measures

993/tcp

imaps (InteractiveMail Access

Protocol Secureversion 4)

imapd, launched by

inetd

TLS/SSL encrypted mail retrieval system (see also

imap above)

994/tcpircs (InternetRelay ChatSecure)

ircdthe Internet chat system TLS/SSL encrypted, seealso irc above

995/tcppop3s (Post OfficeProtocol Secureversion 3)

popper, launched byinetd

TLS/SSL encrypted mail retrieval system (see alsopop3 above)

2049/tcpNFS (Network FileSystem by Sun)

nfsd, rpc.nfsd,needs (sun)rpc and

portmap too

network sharing of filesystems, only suitable forlocal networks

2049/udpNFS (Network FileSystem by Sun)

rpc.mountd needs(sun)rpc andportmap too

network sharing of filesystems, only suitable forlocal networks

2401/tcp

cvspserver(ConcurrentVersion SystemPassword server)

cvs, launched byinetd (alternativelyby sshd, see above)

RCS (revision control system) based network versioncontrol, suitable even for Internet cooperation, butthan usage via ssh (see above) is recommended,because this pserver protocol does only a not reallysecure scrambling of passwords (only suitable foranonymous checkout otherwise)

6000/tcp (--6063/tcp)

x11X (X window systemserver)

standard GUI base server of the X/Open Group, the

ports above 6000 up to 6063 are addressed viadisplay (variable: upper case) setting to 1, 2 and soon, instead of 0, for the ports 6001, 6002 and so oninstead of 6000 (display number part 1 = portoffset)

8080/tcphttp-alt(alternative http)

httpd (= apache)see http above: usually privately=non-public usedhttp port


25/44

Active Directory

Active Directory (codename Cascade) is an implementation of LDAP directory services by

Microsoft for use in Windows environments. Active Directory allows administrators to assign

enterprise wide policies, deploy programs to many computers, and apply critical updates to anentire organization. An Active Directory stores information and settings relating to an

organization in a central, organized, accessible database. Active Directory networks can vary

from a small installation with a few hundred objects, to a large installation with millions of

objects.

NOTE: LDAP - In computer networking, the Lightweight Directory Access Protocol, or LDAP, is a

standardized networking protocol designed for querying and modifying directory services.

The AD database, the directory store, in Windows 2000 uses the JET Blue-based Extensible

Storage Engine (ESE98), limited to 16 terabytes and 1 billion objects in each domain controller's

database (a theoretical limit, only 100 million or so have been tested. NT4's Security Account

Manager could support no more that 40,000 objects). Called NTDS.DIT, it has two main tables:

the data table and the link table. In Windows 2003 a third main table was added for security

descriptor single instancing.

The Extensible Storage Engine (ESE), formerly known as JET Blue, is a multi-user database

from Microsoft that supports full Data Manipulation Language (DML) and Data Definition

Language (DDL). ESE is optimized for fast retrieval of data.

The underlying ESE database is stored in two files, one with extension .edb and the other with

extension .stm. The data is these files are stored in the ESE file format. ESE also defines a lowlevel API to the underlying database structures. The ESE API is used by Microsoft Exchange

Server and other database such as Active Directory (Ntds.dit). Exchange 2000/2003 and Active

Directory uses a version of ESE called ESE98, while Exchange 5.5 uses an older version called

ESE97.

Windows 2000 Server has the following services and functionality built-in:

Routing and Remote Access Service (RRAS) support

Virtual Private Network (VPN) support

DNS, including Dynamic DNS. The DNS service is necessary to be able to run Active

Directory Internet Connection Sharing (ICS)

Microsoft Connection Manager Administration Kit and Connection Point Services

DFS support

Hierarchical Storage Management support, a service that runs in conjunction with NTFS

that automatically transfers files that are not used for some period of time to lessexpensive storage media

Fault tolerant volumes, namely it supports Mirrored and RAID-5

Group policy (part of Active Directory)
http://en.wikipedia.org/wiki/Databasehttp://en.wikipedia.org/wiki/Microsoft_JET_Bluehttp://en.wikipedia.org/wiki/Extensible_Storage_Enginehttp://en.wikipedia.org/wiki/Extensible_Storage_Enginehttp://en.wikipedia.org/wiki/Security_Account_Managerhttp://en.wikipedia.org/wiki/Security_Account_Managerhttp://en.wikipedia.org/wiki/Microsoft_Jet_Database_Enginehttp://en.wikipedia.org/wiki/Databasehttp://en.wikipedia.org/wiki/Microsofthttp://en.wikipedia.org/wiki/Data_Manipulation_Languagehttp://en.wikipedia.org/wiki/Data_Definition_Languagehttp://en.wikipedia.org/wiki/Data_Definition_Languagehttp://en.wikipedia.org/wiki/APIhttp://en.wikipedia.org/wiki/Microsoft_Exchange_Serverhttp://en.wikipedia.org/wiki/Microsoft_Exchange_Serverhttp://en.wikipedia.org/wiki/Active_Directoryhttp://en.wikipedia.org/w/index.php?title=Routing_and_Remote_Access_Service&action=edithttp://en.wikipedia.org/wiki/Virtual_Private_Networkhttp://en.wikipedia.org/wiki/DNShttp://en.wikipedia.org/wiki/Dynamic_DNShttp://en.wikipedia.org/wiki/Internet_Connection_Sharinghttp://en.wikipedia.org/wiki/Distributed_File_System_(Microsoft)http://en.wikipedia.org/wiki/NTFShttp://en.wikipedia.org/wiki/Redundant_array_of_independent_disks#RAID_1http://en.wikipedia.org/wiki/Redundant_array_of_independent_disks#RAID-5http://en.wikipedia.org/wiki/Group_policyhttp://en.wikipedia.org/wiki/Databasehttp://en.wikipedia.org/wiki/Microsoft_JET_Bluehttp://en.wikipedia.org/wiki/Extensible_Storage_Enginehttp://en.wikipedia.org/wiki/Extensible_Storage_Enginehttp://en.wikipedia.org/wiki/Security_Account_Managerhttp://en.wikipedia.org/wiki/Security_Account_Managerhttp://en.wikipedia.org/wiki/Microsoft_Jet_Database_Enginehttp://en.wikipedia.org/wiki/Databasehttp://en.wikipedia.org/wiki/Microsofthttp://en.wikipedia.org/wiki/Data_Manipulation_Languagehttp://en.wikipedia.org/wiki/Data_Definition_Languagehttp://en.wikipedia.org/wiki/Data_Definition_Languagehttp://en.wikipedia.org/wiki/APIhttp://en.wikipedia.org/wiki/Microsoft_Exchange_Serverhttp://en.wikipedia.org/wiki/Microsoft_Exchange_Serverhttp://en.wikipedia.org/wiki/Active_Directoryhttp://en.wikipedia.org/w/index.php?title=Routing_and_Remote_Access_Service&action=edithttp://en.wikipedia.org/wiki/Virtual_Private_Networkhttp://en.wikipedia.org/wiki/DNShttp://en.wikipedia.org/wiki/Dynamic_DNShttp://en.wikipedia.org/wiki/Internet_Connection_Sharinghttp://en.wikipedia.org/wiki/Distributed_File_System_(Microsoft)http://en.wikipedia.org/wiki/NTFShttp://en.wikipedia.org/wiki/Redundant_array_of_independent_disks#RAID_1http://en.wikipedia.org/wiki/Redundant_array_of_independent_disks#RAID-5http://en.wikipedia.org/wiki/Group_policy


26/44

IntelliMirror support

Kerberos authentication

Public Key Infrastructure (PKI) support

Terminal Services and support for the Remote Desktop Protocol (RDP)

Internet Information Server (IIS) 5

Troubleshooting Active Directory Performance

Replication:

Replication refers to the process of copying information and information updates from ActiveDirectory data store on one domain controller to other domain controllers. The purpose ofreplication is to synchronize Active Directory data among the domain controllers in the domainand forest.

Replication of Active directory is usually partial, meaning that only changes, and not acomplete copy of the Active Directory data store, are copied. Typically the only time acomplete replication is performed is when you install a new domain controller on the network.

Widows 2000 automatically performs replication in windows 2000 domain or forests that arefully contained within a single site.

Windows 2000 Active Directory uses a multimaster replication mode, means changes can bemade on any domain controller and are replicated to all other domain controller. No onedomain controller controls changes made to Active Directory or Active directory replication.Windows NT 4.0 uses single master model in which all changes to the object are controlled bythe Primary Domain Controller.

Active Directory uses update sequence number (USN), along with stamps, to track changesmade to objects stored in Active directory data store. When an object (or any of its attributes)is changed, Active Directory increases the objects USN, and assigns the object a unique stampthat contains a version number, a timestamp, and the GUID of the domain controller on which

the change was made. Because each Active Directory object exists on all domain controllers inthe domain, during replication, Active Directory compare the USNs and stamps of each objectbeing replicated to determine which version of the object is the most current. Active directoryreplicates only the most current version of each object, and only replicates objects that havechanged since the last time replication occurred.

Active directory replication partitions are:

Schema partition: This partition contains the rules that define how objects are created withina forest. The schema partition is replicated to all domain controllers in the forest.

Configuration partition: This partition contains information about the logical structure of

Active Directory for the entire forest, including structure and use of domains, trees, sites andtrust relationships within the forest. The configuration partition is replicated all domaincontrollers in the forest.

Domain partition: This partition contains complete, detailed information about every object inthe domain. The domain partition is replicated only to the domain controllers within thisdomain.
http://en.wikipedia.org/w/index.php?title=IntelliMirror&action=edithttp://en.wikipedia.org/wiki/Kerberos_(protocol)http://en.wikipedia.org/wiki/Public_Key_Infrastructurehttp://en.wikipedia.org/wiki/Terminal_Serviceshttp://en.wikipedia.org/wiki/Remote_Desktop_Protocolhttp://en.wikipedia.org/wiki/Internet_Information_Serverhttp://en.wikipedia.org/w/index.php?title=IntelliMirror&action=edithttp://en.wikipedia.org/wiki/Kerberos_(protocol)http://en.wikipedia.org/wiki/Public_Key_Infrastructurehttp://en.wikipedia.org/wiki/Terminal_Serviceshttp://en.wikipedia.org/wiki/Remote_Desktop_Protocolhttp://en.wikipedia.org/wiki/Internet_Information_Server


27/44

Intrasite Replication:

Intrasite Replication is Active Directory replication that takes place within a single site. A siteconsists of one or more TCP/IP subnets, which are specified by an administrator and areconnected by high-speed, reliable links. Sites do not necessarily correspond to domains: you

can have two or more sites within a single domain, or you can have multiple domains in a singlesite. A site is solely a grouping based on IP addresses.

Windows 2000, by default, automatically performs intrasite replication. Windows 2000automatically configures and performs intrasite replications.

Because intrasite replication takes place between domain controllers within the same site, andall of the TCP/IP subnets in a site are connected by high-speed links, intrasite replication isfast. Windows 2000 uses RPC (Remote Procedure Call (RPC) over IP protocol for intrasitereplication. All intrasite replication is sent in an uncompressed format.

Windows 2000 automatically determines which domain controllers in a site will replicate withother domain controllers in the site. The windows 2000 server service that makes thisdetermination is called the Knowledge Consistency Checker (KCC). The KCC, which runs on allWindows 2000 domain controllers, builds a list of connections between domain controllerswithin a site, and these connections dictate the path that replication, takes between domaincontrollers. The list of connections that the KCC generates is called the replication topology.

By design, the KCC builds the replication topology to ensure that:-Changes made to any object on any domain controller will be replicated to every domaincontroller in the site.-In addition, Active Directory updates will pass through no more than three connectionsbetween the domain controller on which the change is made and any other domain controllerin the site.

Intrasite replication by default takes place once every hour if no changes are made. If a changeis made to an Active directory object, the domain controller on which the change is made

initiates intrasite replication with all of its connection partners within five minutes after thechanges is made. In addition, domain controllers that receive replication updates from otherdomain controllers also initiate intrasite replication within five minutes after receiving suchupdate. Because updates are replicated across no more than three connections (hops), thismeans that any changes made to an object is replicated to all domain controllers in the sitewithin 15 minutes.

Intersite Replication:

Intersite replication is Active Directory replication that takes place between sites. Unlikeintrasite replication, intersite replication is not automatically configured and performed bywindows 2000. An administrator must manually create and configures sites and other Active

Directory components before intersite replication will occur.

Intersite replication takes place between domain controllers in different sites that are typicallyseparated by WAN links, intersite replication is normally slower than intrasite replication, andoften should be scheduled by the administrator so that use of network bandwidth forreplication is minimized during the networks peak activity hours. All intersite replication issent in a compressed format to save network bandwidth.


28/44

Two different Windows 2000 protocols can be used for intersite replication: RPC over IP andSMTP. RPC over IP is the preferred protocol and requires the use of fully routed TCP/IPconnections between sites. RPC over IP is faster than SMTP. SMTP is not recommendedbecause it can only be used to replicate the schema and configuration partitions. It doesntreplicate domain partition.

Active Directory components that affect replication are Sites, Subnets, Site links and Sitelink bridges.

Site LinkA site link is an object in Active Directory that specifies a list of two or more sites that areconnected to each other, the cost associated with the site link, and a replication schedule. TheKCC uses site link information to determine the path over which replication between sites willoccur. Site links can be configured to use either IP or SMTP for intersite replication.

Site Link BridgesA site link bridge is an Active Directory object that groups two or more site links in order tocreate a virtual site link between all of the sites specified by the grouped site links. Thepurpose of site Link Bridge is to enable replication between sites that use site links but that arenot directly associated with each other via site links

Bridgehead serverOnce the server is moved to new sites, you may want to specify a particular domain controllerin each site that will be used for intersite replication. This domain controller is called thebridgehead server. The KCC automatically chooses a bridgehead server for each site, but youcan manually override the KCCs choice.

Functions of Global Catalog:A global catalog server performs two important functions:-It provides group membership information during logon and authentication,-It helps user to locate resources in Active Directory.

FSMOMicrosoft implemented Active directory, it discovered that a purely multimaster design justwasnt going to work for Windows 2000. Although most domain controller-related tasks can beperformed by any domain controller, a few critical tasks had to be limited to one domaincontroller in a domain, or to one domain controller in a forest. The result a largelymultimaster design, with some restricted single master operations. These operations are calledflexible single master operations (FSMO).

Two primary tools used to monitor the performance of Active directory objects:System MonitorActive Directory Replication Monitor.


29/44

Windows 2003 Forest Functional Level Features:

Here are some enhancements you get under the hood with Windows 2003 forest functionallevel:

Linked Value Replication (LVR) improvement: Under Win2K when a second change is initiatedbefore the replication function completed the first change; you could only guess which changewould win in AD. Now those changes merge successfully.

Global Catalog indexing improvement: Under Win2K, when a new object is added, GC wouldessentially dump its index and start re-indexing, which could cause massive network trafficamong the DCS. Global Catalog servers now retain their indexes when a new attribute is added;the index adds only the change.

Intersite Topology Generator (ISTG) improvements: Under Win2K, you faced a practical limit of200 and 250 AD sites. Now, you can have literally thousands of AD sites without the systemeven breaking a sweat.

Domain rename feature:

Cross-Forest Trust:

Defunct Schema Object:

Using Adprep is to upgrade schema to Windows 2003 levels and give it a new version number.

Run Adprep /forestprep one time on the schema master of the root domain of theWin2K forest.

Run Adprep /domainprep one time for each domain on the infrastructure master of eachdomain.

DNSNew tool for testing Windows 2003 DNS from Microsoft (DNSLint)It helps to diagnose common AD-related DNS errors. DNSLint /ad switch.Generates HTML report about the state of DNS affairs.Conditional ForwardingStub-zones


30/44

File System

FATFile Allocation table (FAT) file system is used by windows 2000 in a modified version of the FATfile system used by MS-DOS.

FAT file system does not support files and folder security in Windows 2000. Any User logged onlocally to a computer has full control of all the files and folders located in the FAT volume onthat computer. You can use share permission to control users access to shared folder over thenetwork. Share permission affects only the access of files and folders over the network, notwhen someone is logged n locally.

Filename can be upto 255 characters in length.

Speed of Access to FAT volume depends on volume size, number of files in a folder andfragmentation. Windows 2000 access files in FAT volume smaller than 512 MB faster than itaccesses the file in similar sized FAT32 and NTFS volume.

The Maximum size of FAT volume on all operating systems except windows 2000 and WindowsNT is 2GB. Both Windows 2000 and Windows NT support FAT volume upto 4GB. This is possiblebecause Windows NT support a larger cluster size (up to 64K) than do other operating system.

FAT file system do not support file compression.

FAT32FAT32 file system used in windows 2000 is the same as the FAT32 file system that was releasedwith Windows 95 OSR2 and windows 98. FAT32 is supported only in windows 2000.

FAT32 do not support file and folder security in Windows 2000, so user who logged on locallyhas full control to all files and folders located in FAT32 volumes on that computer. You can useshare permission to control users access to shared folder over the network. Share permissionaffects only the access of files and folders over the network, not when someone is logged n

locally


Windows 2000 accesses files in FAT32 volumes larger than 512MB faster than it access files insimilar-sized FAT volumes, but slower than it access files in similar-sized NTFS volumes

Maximum Volume size of FAT32 is 2 TB, but using the disk management utilities contained inWindows 2000 only enables you to create and format a FAT32 volume upto 32GB only.

FAT32 do not support file compression

NTFS

Windows NT file system (NTFS) is the most powerful file system supported by windows 2000 andWindows NT. To dual boot between Windows NT and Windows 2000 you must have Windows NTSP4 or later.

NTFS provides files and folder level security for both local and remote users on a network.NTFS security controls access to files on an NTFS volume by utilizing the users securityidentifier (SID) to determine which files that user can access. Each file and folder on an NTFSvolume has an access control list (ACL) associated with it. ACL is a list that contains user adgroup SIDs, with the associated privileges of each user and group.


31/44


NTFS provides faster access than the FAT or FAT32 file systems to files stored on a largevolume that contains many files. NTFS uses an enhanced binary tree to locate files. A binarytree search is a faster mechanism for searching through a large number of filenames than the

sequential read mechanism used on FAT and FAT32 volumes.

The maximum theoretical size of an NTFS volume is 16 exabytes (an Exabyte is one billionbillion bytes or a giga-gigabyte). Actual implementation on current industry standard hardware,functional limitation is 2TB.

NTFS support file compression, EFS and disk quotas are support only in Widows 2000.

CDFS CD-ROM

UDF DVD

HPFS HPFS is not supported in Windows 2000. Windows NT support.

Disk TypeBasic Disks: In windows 2000 basic terms refers to the hard disks that use industry standardpartitioning and formatting, and contain primary and or extended partition. A Basic disk cancontain a maximum of four partitions, it can contain up to four primary partitions, but only oneextended partition. Only windows 2000 can read dynamic disks.

Dynamic Disks: In windows 2000 dynamic disc refers to hard disks that contain Windows 2000dynamic volumes which are not in industry standard format. Dynamic volumes do not useprimary partition, extended partition or logical drives. These dynamic volumes are manuallycreated by using Disk Management. Dynamic disk can support unlimited number of volumes,versus the four partition maximum of basic disks. Windows 2000 do not support dynamic disks

on laptop computers but you can create and configure on some of them.

Partition TypePrimary Partition: A primary partition is a partition on a basic disk that can be configured asthe active partition. The active partition is the partition that contains the files necessary toload the operating system. When the computer boots, it attempts to load the operating systemfrom the active primary partitions on the first hard disk in the computer. Active partition canbe designated to any primary partition on the first hard disk. In windows 2000 terminology theactive partition is also called system partition.

Extended partition: An extended partition is a partition on a basic disk that can be subdividedinto one or more logical drives.

A Logical drive is a volume that is created from some or all of the space in an extendedpartition, and that is assigned a drive letter.


32/44

Volume TypeSimple Volumes:A simple volume is volume that consists of formatted disk space on a single hard disk. You cancreate simple volumes only on dynamic disks.A simple volume can be formatted with FAT, FAT32, or NTFS.

Provides no fault tolerance, no speed gain or lossSupports on all windows 2000 operating system.

Spanned volumes:Spanned volume consists of formatted disk space on more than one hard disk that is treated asa single volume. Spanned volume can be created only on dynamic disk. The areas of disk spacethat make up spanned volume do not need to be of identical size.A spanned volume can be formatted with FAT, FAT32 or NTFS.Spanned volume do not perform fault tolerance, no speed gain or loss

Striped volumes:A striped volume consists of identical-size areas of formatted disk space locate on two or moredynamic disks. In striped volume data is stored, a block at a time evenly and sequentiallyamong all of the disks in the striped volume. A striped volume is accessed by using a singledrive letter. Striped volumes are created in dynamic disks.A striped volume can be formatted with FAT, FAT32 or NTFS.Provides no fault tolerance.Striped volume provides faster disk access than any other windows 2000 volume type, becausethey stores a single files across multiple disks and can be read simultaneously.A striped volume is also known as RAID level 0 (Redundant Array of Inexpensive Disks).Supported by all windows 2000 operating system.

Mirrored volumes:A mirror volume consists of a simple volume that is exactly duplicated,

Complete-Terms.doc

Documents

Transcript of Complete-Terms.doc