M C S E - 2003

I P Address: There are two versions: 1) IP V4 and 2) IP V6. Of which IPV4 is normally used and is 32 bit and IPV6 is rarely used and is 128 bit. Internet Protocol IP V4 8bits. 8bits. 8bits. 8bits bits --- 2^7, 2^6, 2^5, 2^4, 2^3, 2^2, 2^1, 2^0 Note: Win2003 is designed to handle IPV6. However normally used IP addressing is IP V4. 8 bits: 2^7 = 2x2x2x2x2x2x2 = 128 2^6 = 2x2x2x2x2x2 = 64 2^5 = 2x2x2x2x2 = 32 2^4 = 2x2x2x2 = 16 2^3 = 2x2x2 = 8 2^2 = 2x2 = 4 2^1 = 2 = 2 2^0 = = 1 --------------- Total = 255 IP Addressing: Internet Protocols are in two versions viz., IPV4 and IPV6. IPV4 is 32 Bit and IPV6 is 128 bit. The notation is called Dotted Decimal Notation (DDN). Any computer to contact another computer need IP Addressing. Decimal to Binary & Binary to Decimal conversion: IP address is divided into four octets which is as follows. 8 . 8 . 8 . 8 00000000 00000000 00000000 00000000 ----- 32 bits 0 . 0 . 0 . 0 The following is the table showing the conversion of binary to decimal.

BINARY Decimal Equivalents 0 1

28/08/2009

2^7 128 0 0

2^6 64 0 0

2^5 32 0 0

2^4 16 0 0

2^3 8 0 0

2^2 4 0 0

2^1 2 0 0

2^0 1 0 1 1

Compilation by K.V.Sudhakara Reddy, M.Sc.Ag, CVA

M C S E - 2003
2 3 4 5 6 7 8 9 10 20 30 40 100 150 200 255 0 0 0 0 0 0 0 0 0 0 0 0 0 1 1 1 128+ 0 0 0 0 0 0 0 0 0 0 0 0 1 0 1 1 64+ 0 0 0 0 0 0 0 0 0 0 0 1 1 0 0 1 32+ 0 0 0 0 0 0 0 0 0 1 1 0 0 1 0 1 16+ 0 0 0 0 0 0 1 1 1 0 1 1 0 0 1 1 8+ 0 0 1 1 1 1 0 0 0 1 1 0 1 1 0 1 4+ 1 1 0 0 1 1 0 0 1 0 1 0 0 1 0 1 2+ 0 1 0 1 0 1 0 1 0 0 0 0 0 0 0 1 1

IP Addressing is classified into 5 classes. This is done using parity bit at the MSB ( Most Significant Bit) of the First Octet. That is .. 8 . MSB 0 000000 0 MSB LSB 8 . 8 . 8

Decimal 128 64 32 16 8 4 2 1 Equivalents 00 0 0 0 0 0 0 0 127 0 1 1 1 1 1 1 1 -------------Class A 1281 0 0 0 0 0 0 0 191 1 0 1 1 1 1 1 1 -------------Class B 1921 1 0 0 0 0 0 0 223 1 1 0 1 1 1 1 1 -------------Class C 2241 1 1 0 0 0 0 0 239 1 1 1 0 1 1 1 1 -------------Class D 2401 1 1 1 0 0 0 0 255 1 1 1 1 1 1 1 1 -------------Class E

WORKGROUPS
28/08/2009

AND

DOMAINS:
2

Compilation by K.V.Sudhakara Reddy, M.Sc.Ag, CVA

M C S E - 2003

SERVER

|
HUB/S WITCH HUB/S WITCH

SYS 1

SYS 2

SYS 3

SYS4

SYS 5

SYS 1

SYS 2

SYS 3

SYS 4

SYS 5

DIFFERENCES BETWEEN WORKGROUP AND DOMAIN MODEL: S.No WORKGROUPS 1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. DOMAINS

Logical grouping of computers Logical grouping of systems sharing sharing single workgroup name. single domain name No Server, No Client. At least one Server and others clients. Systems are independent of each All the clients are dependent on other. Server. One account per system i.e, Only one a/c per user irrespective of multiple user a/cs for no.of systems no. of systems. Profile is different from system to Common profile all over the domain. system. No profile backup. Profile backup available.

Network sharing & access need to No need to have multiple accounts. have multiple accounts. Not centralized. No centralized administration. No need to have server/client O/S. Recommended for smaller N/Ws. Centralized data store. Centralized administration. Server/client O/S required. Recommended for BIG N/Ws.

There are Three versions of Server Operating Systems released by Microsoft. 1. WIN NT 4.0

28/08/2009

Compilation by K.V.Sudhakara Reddy, M.Sc.Ag, CVA

M C S E - 2003
2. WIN NT 5.0 -- WIN 2000 3. WIN NT 5.2 -- WIN 2003 Differences between WIN NT 4.0 and WIN 2000/2003: WIN NT 4.0: (Net Bios) Eg: sunmarss NO A D S UPTO 40,000 USER A/Cs WINS
SYS 1 SYS 2 SYS 3 SYS 4 SYS 5

SERVER P D C

BDC

|
HUB/ SWITCH

-----------------------------------------------------------------------------------------------------------WIN 2000 / 2003: ADS ONLY Eg: sunmarss.com D N S or F Q D N

SERVER D C

ADC

1,60,00,000 USER A/Cs AND MORE DNS

HUB/ SWITCH

SYS 1

SYS 2

SYS 3

SYS 4

SYS 5

S.NO 1. 2. 3. 4. 5. 6. 7. 8.

WIN NT 4.0 NT 4.0 Server is used. Server is called PDC (Primary Domain Controller. Backup Server is called BDC (Backup Domain Controller) WINS is used for identifying clients. Supports maximum of 40,000 user accounts. No Active Directory. Low Security. Flat Structure.

WIN 2000 / 2003 2000/2003 Server is used Server is called DC (Domain Controller). Backup Server is called ADC (Additional Domain Controller). DNS is used to identify clients. Supports up to 1,60,00,000 + more user accounts (Flexible) Only Active Directory Service. High Security. Hierarchial Structure

DOMAIN STRUCTURE OF WINDOWS - 2003:

28/08/2009

Compilation by K.V.Sudhakara Reddy, M.Sc.Ag, CVA

M C S E - 2003
1. Domain Controller: Domain Controller is the first system to have Active Directory Service (ADS). This is the first system to start a Domain Tree in a new Forest. 2. C D C: Child Domain Controller, is a sub-domain controller under a DC or a subdomain controller which shares same domain name space. ( Follows name space Hierarchy). 3. N D E F: New Domain Tree in the Existing Forest, is a new domain tree of or under an existing Forest DC which follows different name space. 4. A D C: Additional Domain Controller, acts as a Backup server for DCs, like DC, CDC and NDEF. 5. Tree: It is an Hierarchial structure of a domain which follows same name space. 6. Forest: Combination of multiple domain trees. Note: All the computers in the domain structure of WIN 2000 and WIN 2003 maintain FQDN ( Fully Qualified Domain Name). Note: Only one DC can exist in a complete Forest and any no. of CDCs, NDEFs, ADCs can exist. DOMAIN STRUCTURE OF WINDOWS - 2003: 7. Domain Controller: Domain Controller is the first system to have Active Directory Service (ADS). This is the first system to start a Domain Tree in a new Forest. 8. C D C: Child Domain Controller, is a sub-domain controller under a DC or a subdomain controller which shares same domain name space. ( Follows name space Hierarchy). 9. N D E F: New Domain Tree in the Existing Forest, is a new domain tree of or under an existing Forest DC which follows different name space. 10.A D C: Additional Domain Controller, acts as a Backup server for DCs, like DC, CDC and NDEF. 11.Tree: It is an Hierarchial structure of a domain which follows same name space. 12.Forest: Combination of multiple domain trees. Note: All the computers in the domain structure of WIN 2000 and WIN 2003 maintain FQDN ( Fully Qualified Domain Name).

28/08/2009

Compilation by K.V.Sudhakara Reddy, M.Sc.Ag, CVA

M C S E - 2003
Note: Only one DC can exist in a complete Forest and any no. of CDCs, NDEFs, ADCs can exist. ACTIVE DIRECTORY ROLES: 1. Global Catalog 2. Schema Master 3. Domain Naming Operations Master 4. Relative Identity Master 5. Infrastructure Master 6. PDC Emulator Minimum Requirements before installing Active Directory: 1. Server Operating System Windows 2003 Server (Enterprise) 2. Workgroup for a standalone system 3. Static I P Address ---- Eg: 192.168.1.1 4. Preferred DNS ---- Eg: 192.168.1.1 5. DNS suffix is enabled 6. Minimum memory of 200 MB in NTFS File system 7. Administrative Login 8. Network Connectivity 9. Windows Server (Enterprise) 2003 CD. (Active Directory installation process is in Snap_ser_2003, snapshots file) Note: After installing Active Directory with DNS, 6 new options can be seen in the Administrative Tools. 1. AD domains and trusts 2. AD sites and services 3. AD users and computers 4. D N S 5. Domain Controller Security Policy 6. Domain Security Policy

28/08/2009

Compilation by K.V.Sudhakara Reddy, M.Sc.Ag, CVA

M C S E - 2003
For loading Schema Master run : regsvr32 schmmgmt.dll Active Directory: AD is a centralized data store through which centralized administration can be achieved. It contains users information, computers information, share folders information, Departments information, printers etc. Computer having AD service is called Domain Controller. Roles of Active Directory:
ACTIVE DIRECTORY

1 GLOBAL CATALOG FWR

2 SCHEMA MASTER FWR

3 DOM.NAM. OPER. MAST. FWR

4 RID MASTER DWR

5 INFRASTRUCT MASTER DWR

6 PDC EMULATOR DWR

F W R: FOREST WIDE ROLES D W R: DOMAIN WIDE ROLES These six roles can be classified into Forest Wide Roles (1,2,3) and Domain Wide Roles (4,5,6). F S M O: ( Flexible or Fixed Single Master Operation ) Except Global Catalog server all the other five roles are called FSMO roles. Defines only one computer can act as a Master Operations at a time. Global Catalog: This is a FWR. Maintains complete information about the local domain and partial information about other domains. At a time more than one GC servers can exist. This is generally used for authentication purpose. Schema Master: Defines infrastructure of AD. It contains classes like computers, users, folders, printers etc and their attributes like first name, last name, email Id, Computer name, O/S, IP Address, Role, Profiles, Security etc. Any modifications of AD can be done using Schema Master. It is a FWR. Only one Schema Master can exist in the entire Forest. D N O M : It ensures that there is no duplicate domain name exists in the entire Forest. This is a FWR. Only one DNOM exists in the complete Forest. R I D Master: It ensures that no duplicate object exists and ensures uniqueness of domain objects like computers, users etc. It is a combination of SID & DID. a) SID: Security identity. This is a unique sequence generated to each and every object in a domain b) DID: Domain Identity. This provides unique sequence of particular domain. DID and SID together maintain uniqueness of objects in a forest. This is a DWR. Only one RID Master can exist in the Domain. Infrastructure Master: It always updates any change that takes place in a domain. Only one IM can exist in a Domain. This is a DWR.

28/08/2009

Compilation by K.V.Sudhakara Reddy, M.Sc.Ag, CVA

M C S E - 2003
P D C Emulator: Role of AD acts a PDC (NT Server) for NT Clients. It is a DWR.

Steps to check Active Directory Roles:

Global Catalog: Start----Programs----Admn.Tools----ADS&S----expand sites----default first site----expand servers----expand computer 1(Sun1)----NTDS settings----right click on NTDS setting----OK. Schema Master: Go to Run----enter regsvr32 schmmgmt.dll----press OK Run---- mmc----OK Go to file menu----add/remove snap in----add snap in----select AD Schema Directory---add----OK. Right click on AD schema----select operations master----current schema master DNOM: Start----programs----Admn.Tools----ADD&T----Right click on ADDT----select Operations master RID, INFRASTRUCTURE AND PDC EMULATOR: Start----programs----Admn.Tools----AD users and computers----Right click on Domain Name----select OM Steps to change the Roles: For RID, PDC emulator and Infrastructure Master steps are common. ----Right click on ADUC----select connect to DC----select the domain----select the other computer and give OK *Right click on Domain name and select OM----select RID and select change----give yes *PDC----select change----give yes *Infrastructure Master----select change----give yes Go to ADS&S----Right click on NTDS settings of AD----select properties----check the Global Catalog server ----give OK MMC----AD schema master---- right click on AD Schema----select change DC----select DC(ADS) ----give OK Right click on AD Schema----select Oper. Master----click change----give yes ----ADDT----click change (since new DC already got connected)-----give yes

28/08/2009

Compilation by K.V.Sudhakara Reddy, M.Sc.Ag, CVA

M C S E - 2003
Commands to check DC and ADC in command prompt mode: Go to run----type cmd----type net accounts at command prompt. For DC--------------------------- Primary For ADC------------------------- Backup For Server----------------------- Server For Client------------------------ Workstation Creating and Managing user accounts, organizational units, computers and groups: 1. Creation of users: Go to ADUC----expand domain----select users----right click on users----new user----give OK Adding computers to a Domain: ( Minimum Requirements): a) Server side: Go to start----programs----Admn. Tools----DNS----expand forward look up zone----select DC ( on the right side pane 10 records must be seen). b) Client side: Go to TCP/IP ----right click on my network places ----go to properties----right click on Local Area Connection----go to properties----scroll down to TCP/IP----select properties----give IP address within DNS range of DC----and Primary DNS is IP address of DC ----OK Right click on my computer----properties select computer name----select change---select more----give the domain name and put tick mark----then select member of Domain Name----give the Administrator user name and Password----OK Restart the system. User Accounts; There are two types of user accounts a) system users and b) domain users. System users are specific to the client system and Domain user can access DC from any client machine. S.No System Local Account Domain Local Account 1 A/c is created using local users and A/c is created using AD U&C groups option. 2 A/c can not be created using AD U&C Can not be created using workgroup computer/system 3 User A/c limited to one system i.e., User A/c limited to all the systems in specific to client machine the domain 4 Very low security High security 5 Only one profile can be maintained Domain local, mandatory and

28/08/2009

Compilation by K.V.Sudhakara Reddy, M.Sc.Ag, CVA

M C S E - 2003
6 roaming profiles can be maintained. Permissions to access N/W resources Enough permissions are available are limited

Computers: In a domain computers can be classified into three types. 1. Domain Controllers 2. Member servers 3. Clients 1. DC: Computer having Active Directory Service known as DC 2. Mem. Server: Computer having server operating system connected to the domain 3. Client: Computer having client O/S connected to the domain is called client. Organizational units: An OU is a container also known as Department which contains users, computers, groups, printers and organizational units. Here group policies can be applied. Steps for creation of OUs: In ADUC----right click on Domain name----New----OU(organizational unit) Creating user in a OU: Right click on OU created----New user---Groups: Group is a logical collection of users, computers, printers and groups it self. User accounts creating, managing, implementing user accounts: a) System user accounts or system local accounts: A/cs created using system local users and groups or using control panel user settings. Steps: Procedure 1: Right click on My Computer----Mange----go to local users and groups---users right click----new user---- user name, and password to be given----create Managing system user: system user accounts---- for disabling right click on user---- a/c is disabled option to be selected----apply b) Domain user accounts or Domain local accounts: User accounts created using ADUC. Procedure 1: using GUI i.e., windows mode Start----Programs----Admn. Tools----ADUC----right click on users----New user----user full name and log on name----give next----give password----next----next finish. Procedure 2: command prompt method C:\.>net user <user name> password <enter password> /add

28/08/2009

Compilation by K.V.Sudhakara Reddy, M.Sc.Ag, CVA

10

M C S E - 2003
User object has so many attributes some are listed below; First name, last name, address, A/c, profile, telephones, organization, remote control, terminal services profile, member of, dial in, environment and sessions etc. Note: Removing password policy---Start----Programs----Admn. Tools----Domain security policy----expand a/c policies---select PWD policy----disable or make zeroes. Go to run----cmd----gpupdate.exe---Moving a user from one container to another: Right click on the user----select move----select the Organizational Unit or container or Department----give OK. * another method is drag and drop method. Changing Logon name for a user: Start----Programs----Admin.Tools----Active Directory Users & Computers----RC on any user----properties----go to accounts----give new user logon name----OK Disabling account: Right click on user select disable. Profiles: The user account information which is loaded as a user logs in is called Profile. Profile contains user information like desktop, my documents, start menu, application data, cookies, favorites etc.

28/08/2009

Compilation by K.V.Sudhakara Reddy, M.Sc.Ag, CVA

11

M C S E - 2003
Types of Profiles: There are two types of profiles. System local profile (SLP) and Domain local Profile. S.NO 1. SYSTEM LOCAL PROFILE(SLP) DOMAIN LOCAL PROFILE(DLP) This is a user profile created using This is a profile created using Active local users & groups option in client Directory Users and Computers. system. SLP is limited to a single system No roaming or Mandatory profiles SLP provides very less security for the profiles (No fault tolerance). SLP can not make use of efficient NW resources SLP administration can not be done remotely Limited to all systems in a domain Domain local, Roaming and Mandatory DLP provides high security for the profile (high fault tolerance). DLP can make use of NW resources DLP administration remotely can be done

2. 3. 4. 5. 6.

System Local Profile configuration: 1. Client Operating System: Start----settings----control panel user accounts----Manage user accounts---- create new user----set privileges. (Either Administrator or User)----next----Finish. 2. Server Operating System: Go to My computer----RC----Manage----Local users and groups----RC on users----New user----give details----create user. Note: The steps for server o/s are also applicable for client o/s.

28/08/2009

Compilation by K.V.Sudhakara Reddy, M.Sc.Ag, CVA

12

M C S E - 2003

Domain Local Profile configuration: DLP can be created using two methods, GUI method(windows) & C:\> prompt method (dos). GUI method: Start----Programs----Admin. Tools----ADUC----RC on users---New----user----specify user name and password with logon name----next----finish C:\> prompt method: c:\> net user username password /add There are three types of DLPs: Default, Roaming and Mandatory. 1. Default: This is a default profile applied to all the users in a domain. User having this profile can login into all the computers in a domain except DC by default and his account information is saved in whatever computer he logs in. Here profile information is different from system to system. 2. Roaming Profile: A user should have default domain local profile to go for a roaming profile. Roaming profile of any account provides or enables a user to access his own profile information as it is (same) in any system. To go for Roaming profile NTFS system is recommended. Steps: My computer----C: drive----New Folder----Rename the folder----RC on the folder----Properties----sharing----enable sharing of this folder----go to permissions----give full control----give OK. Start----Programs----Admin. Tools-----ADUC----RC on user name(to whom roaming profile need to be given)----RC properties----in profile path give: \\Server name\shared folder name\user name----give OK. ( Where ever you go your Roaming Profile Follows ) 3. Mandatory Profile: Mandatory profile is a profile that will not allow a user to save the changes made to his profile.
28/08/2009

Compilation by K.V.Sudhakara Reddy, M.Sc.Ag, CVA

13

M C S E - 2003
Steps: For Mandatory profile we should have a Roaming profile and user must login at least once with a roaming profile. RC on shared folder where roaming profile is saved---- Go to properties---Security----advanced----Owner----Administrators group----Replace permissions. Check the box and apply----Yes----Ok Open the shared folder----open the profile----Rename NTuser.dat to NTuser.man RC on shared folder----properties----security----advanced----Check the box replace the entries/permissions on entire child objects----apply----yes----OK. Note: To check the profile type RC on mycomputer----Properties----Advanced----User Profile settings. Home Folder: It is a facility for a user to access a shared resource over a network as a home drive in whatever system he logs in. Steps: First create a share folder in NT File System (NTFS). Give appropriate permissions to the specified user. Start----Programs----Admin. Tools----ADUC----RC on the user----go to properties---profile----Home Folder connect to Drive----give \\server name\share folder name\user name (Eg:\\sun2\new1\user1) Note: Home folder can be used for Mandatory or Roaming or Local Profile users i.e., users of Domain Local Profile.

GROUPS:
Group is a logical collection of users, computers, printers and groups itself. Groups depend on Domain Functional Levels. Functional levels: define that level or the mode in which Windows 2003 operating system working in coordination or compatibility with previous versions of o/s viz., Win NT 4.0, Windows 2000. Here we have three functional levels. 1. Mixed mode ( WIN NT, Windows 2000 and Windows server 2003) 2. Native Mode (Windows 2000 and Windows server 2003) 3. Windows Server 2003 mode. User A/cs:

28/08/2009

Compilation by K.V.Sudhakara Reddy, M.Sc.Ag, CVA

14

M C S E - 2003
DL Users out side Using Resources: Inside Resources Global Users Inside Outside Resources Univer sal All sides All Resources

DL

Global

Univer sal

GROUPS:
Group is a logical collection of users, computers, printers and groups itself. Groups depend on Domain Functional Levels. Groups are dependent upon Domain Functional Levels (DFLs). DFL is a status of Win2003 o/s which determines whether Win2003 Server works in compatibility with previous versions of servers. There are three DFLs. 1. Mixed Mode 2. Native Mode 3. 2003 Mode 4. Intrum Mode (additional information) 1. Mixed Mode: Here Win2003 o/s as domain works or runs in compatibility with WIN NT 4.0 Server and WIN 2000 Server. Here very few features of 2003 can be utilized. 2. Native Mode: Here Win 2003 domain works in compatibility with WIN 2000 Server only. Here few features of 2000 and 2003 can be utilized. 3. 2003 Mode: 2003 Domain need not run in compatibility with Win 2000 or Win NT 4.0 Servers. Hence maximum features of 2003 can be utilized. Note: Mixed mode does not support Universal group. Native and 2003 modes support Universal group. 4. Intrum Mode: 2003 in compatibility with WIN NT 4.0 only. Group Types: Can be classified into two varieties--- a) Group Scope & b) Group Type.

28/08/2009

Compilation by K.V.Sudhakara Reddy, M.Sc.Ag, CVA

15

M C S E - 2003
a) Group Scope: determines the logical extent to which that group can contain user and can access the resources. There are 3 types of Group Scopes. 1. Domain Local 2. Global 3. Universal Domain Local Scope: Group contain users from other domain but are only allowed to access domain local resources (within the domain only). User accounts from Outside domain Resources in side the domain

DL DL Global Group Scope: can have members/users within the domain but can access the resources outside the domain. User A/cs within the Domain Access Resources outside the Domain

Global

Global

Universal Group Scope: Members can be both from local domain as well as from out side the domain and access the resources both from local domain as well as from outside the domain. User Accounts Access to Resources

Univer sal

Univer sal

Note: Universal group is only supported by Native and 2003 Modes. b) Group Type: Defines level of security or level of permissions the group has. There are two types of groups. 1. Distribution group

28/08/2009

Compilation by K.V.Sudhakara Reddy, M.Sc.Ag, CVA

16

M C S E - 2003
2. Security group Distribution Group: has less privileges i.e., they can not modify a group but access a group. Security Group: Has high privileges i.e., they can do modification of groups. Note: Distribution group is also called Mailing Group. Note: No group can be created just using group scope only or group type only i.e., group scope and group type always exist in combination. Note: Mixed mode does not support changing of group. Native mode does not support changing Domain Local to Global or Global to Domain Local. It only supports change to Universal. Changing DFLs: Note: By default Win 2003 works in Mixed Mode. Steps: Start----Programs----ADUC----RC on Domain Name----click on Raise DFL----select the functional level (selecting Native -2000 or 2003 Mode)----give Raise. Steps to create Groups:( First create Organizational Unit) Group1: RC on OU----New----Group----specify name (Ex. G1)----give OK. Group2: RC on OU----New----Group----specify name (Ex. G2)----give OK. Likewise for other groups G3 to G6. Since the Group scopes are three and the Security are two types, totally we get 6 groups depending upon the scope and the security privileges. Add a Member to a group: Method 1: RC on user ----add to group----specify group name----give OK. The users/members are logically placed in the group without physically moving the users. Method 2: RC on a group----properties----in that select members----add----select user. Method 3: RC on a user----go to properties----select member of----add to group name. Method 4: Adding a group to group- RC on a group----properties----select member of----give add. Method 5: RC on a group----properties----members----add----give group name----give OK.

28/08/2009

Compilation by K.V.Sudhakara Reddy, M.Sc.Ag, CVA

17

M C S E - 2003
Steps for changing the groups: RC on any group----select the wanted type of group combination. Moving Groups: Select the user----drag and drop to required container or use option of Moving.

PERMISSIONS:
Permissions can be of different types and different levels. There are three levels of permissions: 1. Server Level Permissions: Server Level Permissions deal with different components like a) Site level permissions b) Domain level permissions c) OU level permissions a) Site Level: can be given to a user in order to let him manage entire site i.e., all the domain trees in the site (Forest). Here only limited permissions can also be given calledDelegation of Control. b) Domain Level: User having domain level permissions can manage entire domain as well as the OUs in the domain. c) OU Level: These permissions will let the user to manage a particular OU as well as OUs within that OU. 2. System Level Permissions: These are basically of three types: a) Admin Level b) Power User Level c) Ordinary User Level a) Admin Level: this level of user has sole rights to manage, monitor or change permissions to any user of the system. b) Power User Level: the user has little less privileges compared to an Administrator and little more permissions than ordinary user. c) Ordinary User Level: this user got privileges in the system i.e., he can not install or modify the existing content.

28/08/2009

Compilation by K.V.Sudhakara Reddy, M.Sc.Ag, CVA

18

M C S E - 2003
3. Folder Level Permissions: These are two types: a) Security Permissions or NTFS Permissions b) Sharing Permissions or Network Permissions Note: Security permissions are only available on NTFS file system and sharing permissions will only take effect in a Network. Delegation of Control: DOC is assigning only particular permissions or rights to an object. DOC can be done over Site level, Domain level, OU level, and also on servers like DNS, IIS, DHCP etc. DOC can be done on or for users, computers, printers and organizational units. Steps: For DOC at OU level RC on OU----select DOC----Add user----OK---next----select----the tasks ( to create, to reset etc.)----next----Finish. Steps to modify or delete Delegated Controls: In ADUC----view----Advanced features----RC on the OU----properties----go to Security----select required user----Advanced----select the user----give edit----child object----modify the settings----OK----Apply----Yes.

PERMISSIONS:
SERVER LEVEL
1. Site Level Permissions 2. Domain Level Permiss. 3. O U Level Permissions

SYSTEM LEVEL
1. Admin Level Permissions 2. Power User Level Permi. 3. Ordinary User Level Per.

FOLDER LVEL
1. Security Level Permiss. 2. Sharing Perimissions

Folder Level Permissions: (Users) Privilege Escalation Sharing/ Network Security/ NTFS Read Change Full Control

28/08/2009

Compilation by K.V.Sudhakara Reddy, M.Sc.Ag, CVA

19

M C S E - 2003
Read & Execute Write Modify Full Control 1 2 3 4 5 6 7 8 9 10 11 12

GROUP POLICIES: Group Policy: is a set of controls over a container allowing or denying a user or Group for accessing the resources with in the system or within the Network. Group policies can be applied over sites, domains and on OU. Group Policies follow inheritance. GP inheritance can be block level under sub-levels. Using group policies we can achieve two levels. 1) Normal Level and 2) Advanced Level of group policies. 1. Normal Level: Normal level is allowing or denying access to resources already existing. Ex: Hiding desktop icons, hiding shut down event tracks, hiding network drives, local drives, hiding or allowing or allowing log off, control panel are some of the profile information comes under normal level of using group policy. 2. Advanced Level: Providing access to new resources or providing extra features to existing resources. Ex: Scripts, software deployment, Folder redirection etc. come under advanced level of group policies. Note: There are more than thousand group policies in Windows 2003 Server. Group policies over Site level, Domain level and Organizational Unit level are same. Site Level Policy: Group policy applied over the Site level will take effect on all Domains in the Site: Steps: Start----Programs----AD Tools & AD sites----RC on default first site name----go to properties----select Group Policy. Domain Level Policy: Policy applied over domain level will take effect all over the Domain but not to other domains. The policy will be applied to all the OUs within the domain also. Steps: RC on Domain name----go to properties----select Group Policy----over.

28/08/2009

Compilation by K.V.Sudhakara Reddy, M.Sc.Ag, CVA

20

M C S E - 2003
OU Level: Policy applied at OU level will take effect within the OU including OUs in the OU. Steps: RC on the OU----go to properties----GP----New----specify the GP (ex: hide search menu from the start menu) ----edit----under user configuration----expand Admin. Templates----select start-menu----select search in start-menu----select enable. 2. Advanced Features in Group Policy: There are few advanced features using group policy like software deployment, Scripts, Folder Re-Direction and Resultant Set Of Policies (RSOP) etc., a) Software Deployment: is used in order to install or deploy one or more applications on to client machines remotely using group policies. Note: S/W deployment is achieved using only MSI or Zap Files. If an .exe has to be deployed that can be converted to an MSI using Wininstalle. Steps to convert .exe to .msi using Wininstalle: Start----Programs----Wininstalle----RC on windows installer package and give----select run to discover----give OK----give next----specify the name of the application (Winzip for ex.)----specify the name and the path(share folder path)----give next----next----all or particular O/S drive----next----next----finish. Before snapshot is completed----Ok. After installation of required package (Ex: Winzip)----RC on Wininstalle----select Run discover----give OK----select after snapshot----give next----give close. After snapshot is completed -----Ok. Steps to deploy the MSI S/W: ADUC----go to OU (on which GP to be deployed)----properties----group policy----new---edit----software deployment----Ex: Winzip. Go to user----RC on s/w installation----select new package----select the MSI file through N/W path----give open----Publish or Assign----give OK----Close. Then go to run and run gpupdate. b) Scripts: Steps: create new folder ----share the folder----rename----RC new text.doc----in that wscript.echo Hi!! Welcome to Sunmars!!----rename the file----new vbs.

28/08/2009

Compilation by K.V.Sudhakara Reddy, M.Sc.Ag, CVA

21

M C S E - 2003
Go to ADUC----on the domain RC----properties----Group Policy----new---- edit---- user configuration----windows scripts----log on or log off----give location of script----apply---OK Run gpupdate c) i. Folder Re-direction: Using Group Policy one particular part of a user profile like my documents, desktop, start menu, and application data can be re-directed to a different location for convenience. Steps: My computer ----system drive (c:\>)----new folder----rename----sharing in NTFS Go to ADUC----select a particular user----of a OU----RC on OU----go to properties---Group Policies----new----edit----user configuration----expand----Folder re-direction----ex: RC on my documents---- go to properties select basic----select re-direct to the following location----select browse----give path (through n/w path ie., \\ \shared folder\user) apply----close----close. Run gpupdate. c) ii. RSOP: (Resultant Set Of Policies) RSOP is used to identify group policies applied to any containers like domains, OUs, computers, users etc. Steps: Ex: to know RSOP on any user----RC on a user----all tasks----RSOP---planning----in container select Domain----next----select default first site----give next---next----select everyone or leave as it is----next..next.. finish.

28/08/2009

Compilation by K.V.Sudhakara Reddy, M.Sc.Ag, CVA

22

M C S E - 2003
D N S Domain Naming System:
DNS is used to resolve Host Names to IP addresses and IP addresses to Host Names. DNS is used in 2 cases: 1. For accessing website 2. For directory service For Website:

Server

DNS

. (Root) Root

3
Top Level Domain. .gov .org .com .mil

Server

DNS CACHE

Server

Second Level Domain. Yahoo.com: google.com

Server

Client

Server

Sub Level Domain. Mail.yahoo.com Greeting.yahoo.com Games.yahoo.com

9
Server

I IS / DNS ( www.mail.yahoo.com) (202.40.75.36) public IP

FQDN (FULLY QUALIFIED DOMAIN NAME) Host www. Domain Mail . yahoo . com. --- Root

1) Client computer puts a simple query to the DNS server for a website (www.mail.yahoo.com) 2) DNS server will check for any information of the query. If it is not resolved the query is forwarded to the root. 3) Root contains that information about Top Level Domains (.gov; .com; .org; .net; .mil) and it refers to one of the top level domains.

28/08/2009

Compilation by K.V.Sudhakara Reddy, M.Sc.Ag, CVA

23

M C S E - 2003
4) The DNS server again put the query (Recursive) to the Top level domain and gets the information of Second Level Domain and the request is forwarded to the second level domain. 5) Second Level Domain gives the information about sub level domains and the query is forwarded to sub level domain. 6) & 7) Sublevel domain gives the information about the website and DNS server stores the information in the temporary cache. 8) DNS server response to the client with the information about the query (recursive query). 9) Client contacts the website using the IP address resolved by the DNS server. For Directory Service: DNS is used for directory service in Windows 2000 and 2003. Here when any computer in the domain wants to contact any computer it has to contact DNS server to resolve the destination computer name to IP address. The preferred DNS of any computer in a domain having single DNS server will be same as the DNS server IP address. DNS contains four components. 1. Forward lookup zone 2. Reverse lookup zone 3. DNS event log 4. DNS cache Zone is a DNS record that contains Host Names (A), IP addresses, Pointers(PTR), and resource records and service records. There are two types of zones: a) Forward lookup zone b) Reverse lookup zone Forward Lookup Zone: contains host names and IP addresses. This is used to resolve host names to IP addresses. Reverse Lookup Zone: It contains IP addresses and host names. It is used to resolve IP addresses to host names. DNS Event Log: this is a log which maintains any events of the DNS server (warning, errors, information etc.,). DNS Cache: DNS cache maintains any recent query resolved by it. There are two types queries used by DNS. Simple and Recursive queries Simple Query: This is from the client to the DNS server. Recursive Query: this is a query from one DNS server to another DNS server.

FOREST OF INDIA.COM

28/08/2009

Compilation by K.V.Sudhakara Reddy, M.Sc.Ag, CVA

24

M C S E - 2003
India.com
DC/PDNS

USA.com
DC/PDNS

Domain SDNS

Server

1.1 (1.20)

Server

1.10 (1.9)

SDNS

1.2
STUB STUB

1.11
Abc.GA .USA.com

1.9
1.3 1.4 1.5 1.6 1.7 1.8 1.12

1.20
1.13 1.14 1.15 1.16 1.17

S1

S2

S3

Clients

S4

S5

S6

C1

C2

C3

Clients

C4

C5

C6

DNS PDNS SDNS

S1 1.1 1.2

S2 1.1 1.2

S3 1.1 1.2

S4 1.1 1.2

S5 1.1 1.2

S6 1.1 1.2

C1 1.10 1.11

C2 1.10 1.11

C3 1.10 1.11

C4 1.10 1.11

C5 1.10 1.11

C6 1.10 1.11

There are four types of DNS : 1. Primary 2. Secondary 3. Stub 4. Cache and 5. ADI ( Active Directory Integrated) 1. Primary DNS : is the first zone having Master Read / Write copy of the

zone .

2. Secondary DNS : is the zone having a duplicate Read only copy of the PDNS zone. Any information updated in the primary will be copied to the SDNS.

28/08/2009

Compilation by K.V.Sudhakara Reddy, M.Sc.Ag, CVA

25

M C S E - 2003
3. Stub-zone : Stub zone contains only three record, they are SOA(Start of Authority) ; NS(Name Server) ; A ( Host record or Glue record). Stub zone only maintains the information about the available DNS servers and will not resolve any query. 4. Cache : maintains information about recently accessed queries stored temporarily. 5. Active Directory Integrated : DNS in a domain controller will be integrated with the active directory in order to maintain any updates that take place in AD can be updated. Installation of DNS : There are 3 situations where installation of DNS can be done. With reference to AD : 1. Before installation of AD : This is a situation where no AD is present but web server has to configured. 2. While installing AD (DC) : This is a situation while configuring DC. 3. After installing AD : This is a situation DNS has to be moved from one computer to another or from DC to another computer. Steps : Minimum requirements : 1. Server operating system 2. Static IP address 3. Operating System CD Start----settings----control panel----add remove programs----add remove windows components----details of networking services----in that put tick mark against DNS---insert the O/S CD----next----finish. Configuration of DNS : Start----programs----Administrative Tools----DNS----RC on Forward Look up Zone----new zone----wizard----next specify the zone name (Ex : microsoft.com) next---- finish. RC on the zone name----new host record----Ex :sun1.microsoft.com----add host (host name & IP 192.168.1.1) To check : go to run---- ping sun1.microsoft.com RC the zone----select new alias----www. And browse host record----give OK. Ex : sun1.microsoft.com Configuring Reverse Lookup Zone: Start----Programs----Admn. Tools----DNS----RC on reverse lookup zone----new zone---next----next----next----specify the n/w id (ex:192.168.1.1)----next----next----finish RC on the subnet----new pointer----specify the original IP address(Ex:10) and the associate the host record using browse----give OK. RC----new alias----give some other number (Ex:200)----associate the host record or alias record. Go to command prompt----type nslookup and particular IP Address full.

28/08/2009

Compilation by K.V.Sudhakara Reddy, M.Sc.Ag, CVA

26

M C S E - 2003
Active Directory Records in DNS: There are two types of records: 1. Service Records : SOA, NS & Host (A) 2. Resource Records: msdcs, sites, tcp, udp, domain dns zones, forest dns zones. a) msdcs: Microsoft domain controller service- this contains active directory domain controllers information. b) Sites: will identify the location of the zone gc c) Tcp & d)udp: used for accessing DNS e) domain dns & f) forest dns: these two are called AD partitions. Note: Forest DNS zone can only be seen in the DNS integrated with DC. Domain DNS zone can be seen in DNS of both DC as well as NDEF. SOA: contains serial no: primary DNS server, refresh interval and zone expiry time. Serial no. specifies the updation of the zone. It will regularly increment until it is refreshed. Primary Server: defines the first DNS server of the zone. Expiry time: If the zone is not refreshed for a particular amount of time, then the zone will be expired i.e, it is not accessible. Refresh Interval: DNS refreshes all the zones at every 15 minutes by default. If the zone is not getting refreshed it will try every 10 minutes. Name Server (NS): NS record specifies the host name and the IP address of the DNS server. We can have multiple NS. NS record is also useful in case of zone transfer. Host Record (A): is also known as Glue Record which maintains name of the host and IP address of the host. Other Records: Cname: alias record-(c=canomycal)- this is a duplicate name used on behalf of host name for security reasons. MX: mail exchange: this record maintains mail server address. PTR: Pointer: is a record in reverse look-up zone that maintains IP address associated to that host. Cname in reverse look-up zone: this record creates a duplicate IP on behalf of the original IP (original pointer) for security reasons. Important Commands: 1. ipconfig ? USAGE: ipconfig [/? | /all | /renew [adapter] | /release [adapter] |

28/08/2009

Compilation by K.V.Sudhakara Reddy, M.Sc.Ag, CVA

27

M C S E - 2003
/flushdns | /displaydns | /registerdns | /showclassid adapter | /setclassid adapter [classid] ] where adapter Connection name (wildcard characters * and ? allowed, see examples)

Options: /? Display this help message /all Display full configuration information. /release Release the IP address for the specified adapter. /renew Renew the IP address for the specified adapter. /flushdns Purges the DNS Resolver cache. /registerdns Refreshes all DHCP leases and re-registers DNS names /displaydns Display the contents of the DNS Resolver Cache. /showclassid Displays all the dhcp class IDs allowed for adapter. /setclassid Modifies the dhcp class id. The default is to display only the IP address, subnet mask and default gateway for each adapter bound to TCP/IP. For Release and Renew, if no adapter name is specified, then the IP address leases for all adapters bound to TCP/IP will be released or renewed. For Setclassid, if no ClassId is specified, then the ClassId is removed. Examples: > ipconfig ... Show information. > ipconfig /all ... Show detailed information > ipconfig /renew ... renew all adapters > ipconfig /renew EL* ... renew any connection that has its name starting with EL > ipconfig /release *Con* ... release all matching connections, eg. "Local Area Connection 1" or "Local Area Connection 2" 2. nslookup 3. ping a <ipaddress> 4. In Windows 98 --- winipcfg---- in run command

D H C P:
28/08/2009

Compilation by K.V.Sudhakara Reddy, M.Sc.Ag, CVA

28

M C S E - 2003
There are two ways to assign IP addresses: 1. Static IP addressing 2. Dynamic IP addressing Static IP addressing: Assigning IP address manually on a console machine is called Static IP addressing. Disadvantages: 1. It is time consuming 2. Possibility of mishap 3. Changing IP address or related information may be a tedious job 4. Less secured 5. No centralized database for computer like, names, ip addresses and their MAC addresses can be maintained directly. Dynamic IP addressing: Assigning IP addressing to the machines from a remote system is called dynamic IP addressing. Two types of Dynamic IP addressing: 1) DHCP and 2) RAS (Remote Access Server) DHCP: is used for dynamically allocating IP addresses within local area network and also in WAN with the help of RAS. RAS: is used to assign IP addresses using dialup connection to set up connection. DHCP Process: can be classified into four stages.
DHCP DISCOVER- BC DHCP OFFER - BC

DHCP REQUEST- BC DHCP ACK. - UC

DHCP Server

CLIENT

1. DHCP DISCOVER: client having no IP address (0.0.0.0) will broadcast (BC) requesting for an IP address (255.255.255.255 universal broadcast ID). 2. DHCP OFFER: DHCP server accepting the clients request offers a pool of IP addresses to the client machine. This is a broadcast. 3. DHCP REQUEST: client taking one IP address from the offered pool will request the DHCP server for confirmation. This is also a broadcast. 4. DHCP ACKNOWLEDGE: DHCP saves client name and MAC address, client IP address and also leased duration and acknowledges the client. This is a unicast.

28/08/2009

Compilation by K.V.Sudhakara Reddy, M.Sc.Ag, CVA

29

M C S E - 2003
By default DHCP assigns IP address to any machine for Eight days (lease duration 8 days). After getting the IP address on the client side: a) By default a client will have 8 days of lease duration given by the DHCP. b) At 50 % of leased duration (after completion of four days) client will again request the DHCP for renewal. If the DHCP server responds then 8 more days are added to the clients present leased duration (4+8=12 days). c) If DHCP does not respond at 50 % of lease duration, then client will request the server again at 87.5 % of leased duration i.e. after 7 days. If the DHCP server responds 8 more days are added to the present leased duration and the total leased duration at this stage is 1+8 = 9 days. d) If DHCP does not respond still then the IP address will expire after 100 % of the leased duration. And once again four stages will repeat or followed by client i.e, D O R A ( Discover, Offer, Request and Acknowledge).

D H C P:
Installation of DHCP: Minimum requirements are: 1. Server O/S 2. Member server 3. Domain Administration Login 4. Static IP address Steps: Start----settings----control panel----Add Remove Programs----Add Remove Windows Components----Networking services----go to details----put tick mark against DHCP----give OK. Configuring DHCP: DHCP contains five components minimum, of which major two components are Scope and Server options. Scope in turn contains/maintains four basic components. Hence the DHCP should contain a minimum of 5 components (Scope(4) and Server options). 1. Scope: is a container which contains four basic components; they are address pool, address lease; reservation and scope options. Steps to create a Scope: Start----Programs----Administrative tools----DHCP----RC on the computer name----select Authorize and then Refresh. ( Initially the dhcp will be with downward arrow orange mark and after refreshing the arrow turns to green and will be upwards). RC on computer name again and select New Scope----next----specify the scope name (Ex: Scope 1)----specify the range of IP addresses----next----next----next----give Yes---next----specify the domain name specify the server name----select resolve give add---next----next----next----finish. Components of Scope: a) Address Pool : contains/maintains list of available IP addresses and excluded range of IP addresses.

28/08/2009

Compilation by K.V.Sudhakara Reddy, M.Sc.Ag, CVA

30

M C S E - 2003
b) Address Lease: contains client IP address, Name, lease expiration, type (DHCP or RAS), unique ID (MAC address/physical address) c) Reservation: can be used to assign a particular IP address to a definite or known machine. This can be achieved using physical address or MAC address of the machine. d) Scope Options: using scope options a DHCP server can give information of 76 severs by default excluding DHCP itself. Scope options are limited to a scope and change from scope to scope. 2. Server Options: Server options and scope options are same, but sever options are common for all the scopes in a DHCP. After configuring DHCP scope on the client side IP address can be renewed or released from the DHCP using two commands: a) ipconfig /release b) ipconfig /renew Super Scope: is used in a DHCP server when single DHCP has to assign IP addresses for multiple networks. Note: One scope one network only. Another scope another network. Ex: Scope 1 ------ 192.168.1.0 to 192.168.1.254 Scope 2 ------ 192.168. 2.0 to 192.168.2.254 and so on Multicast Scope: is used only in the range Class D. There can be multiple DHCP servers in a single domain, but they should be authorized to assign IP addresses. Authorize: A domain Administrator giving permission to a DHCP server for assigning IP addresses to the domain clients. Note: 1. There is no authorize concept in WIN NT. 2. WIN 2000 has Authorize option, but it will take 15 minutes to authorize. 3. WIN 2003 DHCP authorize is quick ( Refresh and it will authorize). INTERNET INFORMATION SERVICE ( I I S ) 6.0: Is basically used for information interchange. This can be achieved using two ways. 1. Web sites and 2. FTP IIS is available in almost all flavors of Windows. This is independent of domain. The version used in Windows 2003 is 6.0. This provides high efficiency and security. Installation of IIS:

28/08/2009

Compilation by K.V.Sudhakara Reddy, M.Sc.Ag, CVA

31

M C S E - 2003
Minimum Requirements: 1. Server operating system 2. IP address 3. DNS service 4. O/S CD Steps: Start----Settings----Control Panel----Add Remove Programs----Add Remove Windows components----Application server----details----select IIS----select details----put a tick for FTP----give OK----OK. Configuration of IIS: Start----Programs----Admin. Tools----go to IIS----expand websites----RC on websites---New website----Next----description (Ex. Google or Yahoo)----next----assign IP address or specify an IP address----Host header name (www.google.com or www.yahoo.com )----give next-----specify the path of the shared folder----next----select browse----give next----finish. Copy the name of the page (.htm file). RC on website(the new website created) description----go to properties ---- go to documents----select the default/existing documents and remove----add and paste the name of the file copied----give OK----apply and OK. Go to DNS----create new forward look up zone for the new website----give next---uncheck last option in the list of options leaving only primary zone----next----specify the zone name (Ex: Google or Yahoo.com) ----next----next----next----finish. RC on new zone name----create new host record----specify Cname & IP ----OK. RC on new zone name----create new alias----www----browse the host record and insert----give OK----close DNS. Redirecting a website: Go to IIS-----RC on yahoo description----properties----home directory----select a redirection to URL----http://www.google.com----apply----OK----close. Virtual Directory: copy of the main.htm or the page to get included in Virtual Directory. RC on website required----New----Virtual directory----next----give alias (ex:mail for yahoo.com)----next specify the website path----next----select browse----next finish. RC on mail---go to properties----go to documents----remove yahoo.htm and add---yahoo.mail.htm----give OK----apply----OK----close. Go to Internet Explorer and type : www.yahoo.com/mail.

28/08/2009

Compilation by K.V.Sudhakara Reddy, M.Sc.Ag, CVA

32

M C S E - 2003
F T P: Configuration: 1. FTP site without Isolation of users: Go to my computer----any drive----new folder----rename----Share the folder----give proper sharing permissions----add some files to the shared folder----close. Go to IIS----RC on FTP sites----new FTP site----next specify site description----next---specify the IP address----next----next----specify the share folder path----next----allow permissions as required----next ---- finish. Go to Internet Explorer----type----ftp://192.168.1.1 for example. 2. FTP site with isolation of users: In NTFS drive create a folder----give root as name----within the root create another folder with domain name----within this create another folder administrator and user (as per requirement, to isolate users depending upon the access need to be given to the individual folders as per the permissions given)----create some files/add some files to the folders. NOTE: for isolated users password must be there. Go to IIS----RC on FTP site----new FTP site----next----give any new name----specify the IP address----next----select isolate users (2nd option)----next----and browse the root folder path----next----give Read & Write permissions----finish----close. BACKUP: Is maintaining or having a duplicate copy of the information and restore the information without any loss of the data when required is referred to as Backup. There are different levels of backups: 1. Server level backups ---Ex: DC to ADC; PDNS to SDNS; etc 2. System level backup ---Ex: Distributed File System 3. Disk level backup ----Ex: RAID Backups are two types depending on the data: 1. user data files, programs, applications, data, games, movies, music etc. 2. System level data O/S information like registry and other information. There are five types of Backup strategies: 1. Copy Backup 2. Normal Backup 3. Incremental Backup 4. Differential Backup 5. Daily Backup

28/08/2009

Compilation by K.V.Sudhakara Reddy, M.Sc.Ag, CVA

33

M C S E - 2003
Note: Backup for live servers and shared folders can be taken using a service called volume shadow copy. Volume shadow copy provides taking of Backup for the files which are in use. Attributes: every file will have three attributes a) Hidden, b) Read only & c)Archive. 1. Hidden : to hide or display the folders or files 2. Read only : will specify whether it has write protection or not 3. Archive : specifies whether file is backed up or not. Normal Backup: it backs up/copies all the data and remove the archive bit A. Steps: for Backup Two methods of accessing backup wizard: 1. Command prompt method: Start----run----type----ntbackup 2. Windows method: Start----Programs----Accessories----System Tools----backup---select advanced----select backup wizard----next----select Backup selected files ----give next----select the file to be backed up----give next----specify the back up file path and file name----next----go to advanced----select the back up type (Normal or Incremental or Differential or Daily backup)----next----disable Volume Shadow Copy (do not disable if the backup file is a shared folder)----next---next.. finish. Steps to Restore: Go to backup wizard----advanced----select restore wizard----next----select the item to be restored----next----select advanced options----next----next.finish. Incremental Backup: Takes the back up of all the files which are having archive bits and it removes the archive bit once the backup is taken. Differential Backup: This type of backup will take the backup of all the files having archive bit and will not remove Archive bit after backup. Note: Incremental backup is used for high speed backup and slow restore. Differential backup is used for high speed restore and slow backup.

28/08/2009

Compilation by K.V.Sudhakara Reddy, M.Sc.Ag, CVA

34

M C S E - 2003
S.No.
CASE 1

No. of Files created

Total Files

Type of Backup

A Bits Before

A Bits After

No. of Files in Backup Folder 3 7 12 19 23 27 32 38

Speed of Backup

Speed Of Restore

1 2 3 4
CASE 2

3 4 5 7 4 4 5 6

3 7 12 19 23 27 32 38

Normal Incremental Incremental Incremental Normal Differential Differential Differential

3 4 5 7 4 4 5 6

0 0 0 0 0 4 5 6

Normal Fast Fast Fast Normal Slow Slow Slow

Normal Slow Slow Slow Slow Fast Fast Fast

1 2 3 4

28/08/2009

Compilation by K.V.Sudhakara Reddy, M.Sc.Ag, CVA

35