Syngress knows what passing the exam means to you and to your career. And we know that you are often financing your own training and certification; therefore, you need a system that is comprehensive, affordable, and effective. Boasting one-of-a-kind integration of text, DVD-quality instructor-led training, and Web-based exam simulation, the Syngress Study Guide & DVD Training System guarantees 100% coverage of exam objectives. The Syngress Study Guide & DVD Training System includes: ■ Study Guide with 100% coverage of exam objectives By reading this study guide and following the corresponding objective list, you can be sure that you have studied 100% of the exam objectives. ■ Instructor-led DVD This DVD provides almost two hours of virtual classroom instruction. ■ Web-based practice exams Just visit us at www.syngress.com/ certification to access a complete exam simulation. Thank you for giving us the opportunity to serve your certification needs. And be sure to let us know if there’s anything else we can do to help you get the maximum value from your investment. We’re listening. www.syngress.com/certification 274_70-290_FM.qxd 8/12/03 12:03 PM Page i 274_70-290_FM.qxd 8/12/03 12:03 PM Page ii Deborah Littlejohn Shinder Dr. Thomas W. Shinder Laura E. Hunter Technical Reviewer Will Schmied DVD Presenter Exam 70-290: Managing and Maintaining a Windows Server 2003 Environment MCSA/MCSE 274_70-290_FM.qxd 8/12/03 12:03 PM Page iii Syngress Publishing, Inc., the author(s), and any person or firm involved in the writing, editing, or production (collectively “Makers”) of this book (“the Work”) do not guarantee or warrant the results to be obtained from the Work. There is no guarantee of any kind, expressed or implied, regarding the Work or its contents.The Work is sold AS IS and WITHOUT WARRANTY. You may have other legal rights, which vary from state to state. In no event will Makers be liable to you for damages, including any loss of profits, lost savings, or other incidental or consequential damages arising out from the Work or its contents. Because some states do not allow the exclusion or limitation of liability for consequential or incidental damages, the above limitation may not apply to you. You should always use reasonable care, including backup and other appropriate precautions, when working with computers, networks, data, and files. Syngress Media®, Syngress®,“Career Advancement Through Skill Enhancement®,” “Ask the Author UPDATE®,” and “Hack Proofing®,” are registered trademarks of Syngress Publishing, Inc. “Mission Critical™,” and “The Only Way to Stop a Hacker is to Think Like One™” are trademarks of Syngress Publishing, Inc. Brands and product names mentioned in this book are trademarks or service marks of their respective companies. KEY SERIAL NUMBER 001 PV43SLUGGY 002 Q2TQRGN7VA 003 8C38A9R7FF 004 Z6TDAVAN9Y 005 P33JEET8MS 006 3SHX6SN$RK 007 CH3W7E42AK 008 9EU6V4DER7 009 SUPACM4NFH 010 5BVF3MEV2Z PUBLISHED BY Syngress Publishing, Inc. 800 Hingham Street Rockland, MA 02370 Managing and Maintaining a Windows Server 2003 Environment Study Guide & DVD Training System Copyright © 2003 by Syngress Publishing, Inc. All rights reserved. Printed in the United States of America. Except as permitted under the Copyright Act of 1976, no part of this publication may be reproduced or distributed in any form or by any means, or stored in a database or retrieval system, without the prior written permission of the publisher, with the exception that the program listings may be entered, stored, and executed in a computer system, but they may not be reproduced for publication. Printed in the United States of America 1 2 3 4 5 6 7 8 9 0 ISBN: 1-932266-60-7 Technical Editor:Deborah Littlejohn Shinder Cover Designer: Patricia Lupien and Thomas W. Shinder M.D Page Layout and Art by: Patricia Lupien Technical Reviewer: Laura Hunter Copy Editors: Beth Roberts, Michelle Melani Acquisitions Editor: Jonathan Babcock Indexer: Rich Carlson DVD Production: Michael Donovan DVD Presenter:Will Schmied 274_70-290_FM.qxd 8/12/03 12:03 PM Page iv v Acknowledgments v We would like to acknowledge the following people for their kindness and support in making this book possible. Karen Cross, Meaghan Cunningham, Kim Wylie, Harry Kirchner, Kevin Votel, Kent Anderson, Frida Yara, Jon Mayes, John Mesjak, Peg O’Donnell, Sandra Patterson, Betty Redmond, Roy Remer, Ron Shapiro, Patricia Kelly, Andrea Tetrick, Jennifer Pascal, Doug Reil, David Dahl, Janis Carpenter, and Susan Fryer of Publishers Group West for sharing their incredible marketing experience and expertise. Duncan Enright, AnnHelen Lindeholm, David Burton, Febea Marinetti, and Rosie Moss of Elsevier Science for making certain that our vision remains worldwide in scope. David Buckland,Wendi Wong, Daniel Loh, Marie Chieng, Lucy Chong, Leslie Lim, Audrey Gan, and Joseph Chan of Transquest Publishers for the enthusiasm with which they receive our books. Kwon Sung June at Acorn Publishing for his support. Jackie Gross, Gayle Voycey, Alexia Penny, Anik Robitaille, Craig Siddall, Darlene Morrow, Iolanda Miller, Jane Mackay, and Marie Skelly at Jackie Gross & Associates for all their help and enthusiasm representing our product in Canada. Lois Fraser, Connie McMenemy, Shannon Russell, and the rest of the great folks at Jaguar Book Group for their help with distribution of Syngress books in Canada. David Scott, Annette Scott, Geoff Ebbs, Hedley Partis, Bec Lowe, and Mark Langley of Woodslane for distributing our books throughout Australia, New Zealand, Papua New Guinea, Fiji Tonga, Solomon Islands, and the Cook Islands. Winston Lim of Global Publishing for his help and support with distribution of Syngress books in the Philippines. A special thanks to Deb and Tom Shinder for going the extra mile on our core four MCSE 2003 guides.Thank you both for all your work. And to Will Schmied, thank you for being a trooper on the DVD part of this project! 274_70-290_FM.qxd 8/12/03 12:03 PM Page v Debra Littlejohn Shinder (MCSE) is a technology consultant, trainer, and writer who has authored a number of books on networking, including Scene of the Cybercrime: Computer Forensics Handbook, published by Syngress Publishing (ISBN: 1-931836-65-5), and Computer Networking Essentials, published by Cisco Press. She is co-author, with her husband, Dr.Thomas Shinder, of Troubleshooting Windows 2000 TCP/IP (ISBN: 1-928994-11-3), the best-selling Configuring ISA Server 2000 (ISBN: 1-928994-29-6), and ISA Server and Beyond (ISBN: 1-931836-66-3). Deb is also a technical editor and contributor to books on subjects such as the Windows 2000 MCSE exams, the CompTIA Security+ exam, and TruSecure’s ICSA certification. She edits the Brainbuzz A+ Hardware News and Sunbelt Software’s WinXP News and is regularly published in TechRepublic’s TechProGuild and Windowsecurity.com. Deb currently specializes in security issues and Microsoft products. She lives and works in the Dallas-Fort Worth area and can be contacted at deb@shinder.net or via the web- site at www.shinder.net. Thomas W. Shinder M.D. (MVP, MCSE) is a computing industry veteran who has worked as a trainer, writer, and a consultant for Fortune 500 companies including FINA Oil, Lucent Technologies, and Sealand Container Corporation.Tom was a Series Editor of the Syngress/Osborne Series of Windows 2000 Certification Study Guides and is author of the best selling books Configuring ISA Server 2000: Building Firewalls with Windows 2000 (Syngress Publishing, ISBN: 1-928994-29-6) and Dr. Tom Shinder’s ISA Server and Beyond (ISBN: 1-931836-66-3).Tom is the editor of the Brainbuzz.com Win2k News newsletter and is a regular contributor to TechProGuild. He is also content editor, contributor and moderator for the World's leading site on ISA Server 2000, www.isaserver.org. Microsoft recognized Tom's lead- ership in the ISA Server community and awarded him their Most Valued Professional (MVP) award in December of 2001. Technical Editors 274_70-290_FM.qxd 8/12/03 12:03 PM Page vi vii Laura E. Hunter (CISSP, MCSE, MCT, MCDBA, MCP, MCP+I, CCNA, A+, Network+, iNet+, CNE-4, CNE-5) is a Senior IT Specialist with the University of Pennsylvania, where she provides network planning, implementation, and trou- bleshooting services for various business units and schools within the University. Her specialties include Microsoft Windows NT and 2000 design and implementation, troubleshooting and security topics. As an “MCSE Early Achiever” on Windows 2000, Laura was one of the first in the country to renew her Microsoft credentials under the Windows 2000 certification structure. Laura’s previous experience includes a position as the Director of Computer Services for the Salvation Army and as the LAN admin- istrator for a medical supply firm. She also operates as an independent consultant for small businesses in the Philadelphia metropolitan area and is a regular contributor to the TechTarget family of websites. Laura has previously contributed to the Syngress Publishing’s Configuring Symantec Antivirus, Corporate Edition (ISBN 1-931836-81-7). She has also contributed to several other exam guides in the Syngress Windows Server 2003 MCSE/MCSA DVD Guide and Training System series as a DVD presenter, contributing author, and technical reviewer. Laura holds a bachelor's degree from the University of Pennsylvania and is a member of the Network of Women in Computer Technology, the Information Systems Security Association, and InfraGard, a cooperative undertaking between the U.S. Government other participants dedicated to increasing the security of United States critical infrastructures. Chad Todd (MCSE: Security, MCSE, MCSA: Security, MCSA, MCP+I, MCT, CNE, A+, Network+, i-Net+) author of Hack Proofing Windows 2000 Server (Syngress, ISBN: 1-931836-49-3) co-owns a training and integration company (Training Concepts, LLC) in Columbia, SC. Chad first certified on Windows NT 4.0 and has been training on Windows operating systems ever since. His specialties include Exchange Technical Reviewer Contributors 274_70-290_FM.qxd 8/12/03 12:03 PM Page vii viii messaging and Windows security. Chad was awarded MCSE 2000 Charter Member for being one of the first two thousand Windows 2000 MCSEs and MCSA 2002 Charter Member for being one of the first five thousand MCSAs. Chad is a regular contributing author for Microsoft Certified Professional Magazine. Chad has worked for companies such as Fleet Mortgage Group, Ikon Office Solutions, and Netbank. Chad would like to first thank his wife Sarah.Without her love and support all of the late nights required to write this book would not be possible. He would also like to thank Kirk Vigil and Jim Jones for their support and encouragement. Lastly, Chad would like to thank Olean Rabon and Theresa Johnson for being his greatest fans. Jeffery A. Martin (MCSE, MCDBA, MCT, MCP+I, MCP, MCNE, CNE, CNA, CNI, CCNA, CCNP, CCI, CCA, CTT, A+, Network+, I-Net+, Project+, Linux+, CIW, ADPM) has been working with computers and computer networks for over 15 years. Jeffery spends most of his time managing several companies that he owns and consulting for large multinational media companies. He also enjoys working as a technical instructor and training others in the use of technology. Feridun Kadir (MCP, MCP+I, MCSE, MCT) is a freelance IT consultant and trainer who has worked in the field of IT since 1988. He remembers selling a TRS-80 home PC with 4Kilobytes RAM (yes kilobytes!) in the early 1980s for over $1,000. His early IT experience was with UNIX systems and local area networks. In more recent years he has worked with Microsoft products. Having discovered that he liked giving presentations he became an MCT and regularly teaches Microsoft technical courses including Windows NT 4.0,Windows 2000,Windows XP,TCP/IP, SQL Server Administration and Small Business Server. Feridun also provides IT consulting services to all types of businesses. Feridun lives with his wife, Liz and son, Jake in Stansted, Essex in England. Colin Bowern (MCSE, MCAD, MCSD, MCDBA, CCNA, CCDA, Network+) is a Senior Consultant at Microsoft Services in Toronto, Canada.Through his work with enterprise customers and partners, Colin helps information technology profes- sionals and business leaders understand how to leverage and make better decisions about how to use technology in their business to gain competitive advantages. Clients span several industry verticals including financial services, public utilities, and govern- ment. In addition to consulting, Colin is also an active presenter, speaking regularly in the Microsoft Developer Network's web casts as well as at a variety of public events including the TechNet Tour series in Canada. Colin's involvement with the industry also includes providing technical review for Addison-Wesley's .NET development series and the Windows Server 2003 series from Microsoft Press. In addition he is also working on a M.Sc. degree from the University of Liverpool, England. 274_70-290_FM.qxd 8/12/03 12:03 PM Page viii ix Chris Peiris (MVP) currently lectures on Distributed Component Architectures (.NET, J2EE & CORBA) at Monash University, Caulfield,Victoria, Australia. He also works as an independent consultant for .NET and EAI implementations. He is been awarded the title “Microsoft Most Valuable Professional” (MVP) for his contributions to .NET Technologies. He has been designing and developing Microsoft solutions since 1995. His expertise lies in developing scalable, high-performance solutions for financial institutions and media groups. He has written many articles, reviews and columns for various online publications including 15Seconds, Developer Exchange (www.Devx.com) and Wrox Press (www.wrox.com). He co-authored the book C# Web Service with .NET Remoting and ASP.NET by Wrox Press. It was followed by C# for Java Programmers by Syngress Publishing as a primary author. Chris frequently pre- sents at professional developer conferences on Microsoft technologies. His core skills are C++, Java, .NET, DNA, MTS, Site Server, Data Warehousing, WAP, and SQL Server. Chris has a Bachelor of Computing, Bachelor of Business (Accounting), and a Masters of Information Technology degree. He is currently undertaking a PhD on “Web Service Management Framework.” He lives with his family in Civic, Canberra ACT. Chris dedicates his contributions to this book to the Tennakoon family. In his own words “to Kusum, Rohan, Fiona & Timothy, Gayathrie & Lachlan, Ranil & Ranita.This is a token of my gratitude for the friendship, inspira- tion, acceptance, love and tolerance you have shown me over the years. And most of all, thanks for the curry.” Michael Cross (MCSE, MCP+I, CNA, Network+) is an Internet Specialist / Computer Forensic Analyst with the Niagara Regional Police Service. He performs computer forensic examinations on computers involved in criminal investigations, and has consulted and assisted in cases dealing with computer-related/Internet crimes. In addition to designing and maintaining their Web site at www.nrps.com and Intranet, he has also provided support in the areas of programming, hardware, network adminis- tration, and other services. As part of an Information Technology team that provides support to a user base of over 800 civilian and uniform users, his theory is that when the users carry guns, you tend to be more motivated in solving their problems. Michael also owns KnightWare (www.knightware.ca), which provides computer- related services like Web page design; and Bookworms (www.bookworms.ca), where you can purchase collectibles and other interesting items online. He has been a free- lance writer for several years, and published over three dozen times in numerous books and anthologies. He currently resides in St. Catharines, Ontario Canada with his lovely wife Jennifer and his darling daughter Sara. 274_70-290_FM.qxd 8/12/03 12:03 PM Page ix [...]... objectives Exam 70-290 covers the basics of managing and maintaining a network environment that is built around Microsoft’s Windows Server 2003 Objectives are task-oriented, and include the following: I Managing and Maintaining Physical and Logical Devices:This includes managing basic and dynamic disks; monitoring server hardware; optimizing disk performance on the server; troubleshooting hardware devices; and. .. files and shared folders Troubleshoot access to files and shared folders Managing and maintaining a Server Environment Monitor and analyze events Tools might include Event Viewer and System monitor Manage software update infrastructure Manage software site licensing Manage servers remotely Manage a server by using Remote Assistance Manage a server by using Terminal Services remote administration mode Manage... 70-290 Exam objectives Exam Objective Map Objective Number 1 1.1 1.2 1.3 1.3.1 1.3.2 1.4 1.4.1 1.4.2 1.4.3 2 2.1 Objective Chapter Number Managing and Maintaining Physical and Logical Devices Manage basic disks and dynamic disks Monitor server hardware Tools might include Device Manager, the Hardware Troubleshooting Wizard, and appropriate Control Panel items Optimize server disk performance Implement a. .. PM Page xxxiv 274_70-290_Fore.qxd 8/11/03 4:16 PM Page xxxv Foreword This book’s primary goal is to help you prepare to take and pass Microsoft’s exam number 70-290, Managing and Maintaining a Microsoft Windows Server 2003 Environment Our secondary purpose in writing this book is to provide exam candidates with knowledge and skills that go beyond the minimum requirements for passing the exam, and help... Objective Chapter Number Create and manage computer accounts in an 4 Active Directory environment Create and manage groups 4 Identify and modify the scope of a group 4 Find domain groups in which a user is a member 4 Manage group membership 4 Create and modify groups by using the Active 4 Directory Users and Computers Microsoft Management Console (MMC) snap-in Create and modify groups by using automation... Guide and DVD Training System (ISBN: 1-931836-72-8), and Configuring and Troubleshooting Windows XP Professional (ISBN: 1-928994-80-6) Will currently resides in Newport News,Virginia, with his wife, Chris, and their children, Christopher, Austin, Andrea, and Hannah.You can visit Area 51 Partners at www.area51partners.com x 274_70-290_map.qxd 8/11/03 4:18 PM Page xi MCSA/MCSE 70-290 Exam Objectives Map and. .. user accounts 4 Diagnose and resolve account lockouts Diagnose and resolve issues related to user account properties Troubleshoot user authentication issues Managing and Maintaining Access to Resources Configure access to shared folders Manage Shared folder Permissions Troubleshoot Terminal Services Diagnose and resolve issues related to Terminal Services security Diagnose and resolve issues related... whoami.exe …………………………………………274 Using cmdkey.exe …………………………………………275 2.4 Creating and Managing User Accounts ……………………………277 2.4.1 Using the ADUC MMC Snap-In to Create and Manage Users 277 2.6.2/2.6.1/ Managing and Troubleshooting 2.1 User Accounts Via the Properties Tabs ……………………280 Managing User Accounts Via the Pop-Up Menu …………296 Using the Command Line to Create and Manage Users ………300 Using dsadd.exe... Groups in a Multiple Domain Forest ………………349 2.2 Creating and Managing Computer Accounts ………………………349 2.5.1 Using the ADUC MMC Snap-In to Create and Manage Computers ………………………………350 Managing Computer Accounts Via the Properties Tabs ……353 2.5.2 Managing Computer Accounts Via the Pop-Up Menu ……359 2.5 Using the Command Line to Create, Manage, and Troubleshoot Computers ………………………362 Using dsadd computer... performance objects Monitor process performance objects Monitor disk performance objects Manage a Web server Manage Internet Information Services (IIS) Manage security for IIS Managing and Implementing Disaster Recovery Perform system recovery for a server Implement Automated System Recovery (ASR) Restore data from shadow copy volumes Back up files and System State data to media Configure security for backup . Voycey, Alexia Penny, Anik Robitaille, Craig Siddall, Darlene Morrow, Iolanda Miller, Jane Mackay, and Marie Skelly at Jackie Gross & Associates for all. PM Page x Exam Objective Map Objective Number Objective Chapter Number 1 Managing and Maintaining Physical and 2, 3 Logical Devices. 1.1 Manage basic