Windows

Preparing for the 70-067, Windows NT Server 4.0 exam

Troy Thompson offers a snapshot of the topics included on the exam and explains why you'll have to understand the topics presented to pass the test.

In this article, we'll focus on Microsoft's 70-067 exam, which covers Windows NT Server 4.0. We'll provide a snapshot of the topics included on the exam. You'll have to understand the topics presented in order to pass the test.

Exam basics
The 70-067 exam contains 55 questions. You have 90 minutes to complete the test. A passing score is 764—you must answer about 43 questions correctly to pass.

All questions are multiple choice, with a rare true/false or performance-based question thrown in. There are different types of multiple choice questions: those requiring a single correct answer and those requiring multiple correct answers. Sometimes the questions will tell you how many answers to choose, and sometimes they won't. When a question requires multiple answers, you must select all correct choices in order to get credit—you receive no partial credit for getting some of the answers to a question.

If you've taken previous Microsoft exams, you may have encountered the dreaded scenario question. No need to worry—there are no scenario questions.

Exam questions fall into these categories:
  • ·        Planning
  • ·        Installation and configuration
  • ·        Managing resources
  • ·        Connectivity
  • ·        Monitoring and optimization
  • ·        Troubleshooting

Planning
Disk striping without parity (RAID level 0) provides no data redundancy and isn't fault-tolerant. It requires a minimum of two disks and can be formatted with FAT or NTFS partitions. It offers the highest level of read and write performance of any available disk-management strategy by allowing concurrent requests to be processed on all drives simultaneously.

Disk mirroring (RAID level 1) supports only two hard drives. Mirror sets are the only form of fault tolerance that can include system and boot partitions. Both drives run off the same controller. Disk duplexing is the same as mirroring, but it uses two disk controllers instead of one (a hardware enhancement versus a software enhancement). Disk mirroring is the least cost effective disk-management strategy because you lose half your disk capacity.

Disk striping with parity (RAID level 5) provides fault tolerance. It requires a minimum of 3 physical disks and can have as many as 32 disks. All partitions in a stripe set are the same size. If you select free disk areas of different sizes when you create a stripe set, no stripe will be larger than the smallest free disk area. For instance, if you have 200 MB, 400 MB, 600 MB, and 800 MB free on each of four drives, only 200 MB is used on each drive. The entire stripe set will use 800 MB. The space equivalent to one partition is used for parity information. So, in this case, one fourth is used for storing parity information (200 MB), and only 600 MB of data can be stored on the stripe set. Regardless of how many disks are used in a stripe set with parity, data is recoverable only if no more than one disk is lost. If two or more disks are lost, the data is unrecoverable.

Volume sets
A volume set allows you to combine free space from 1 to 32 disks and create a single volume with a single drive letter that is transparent to the user. Volume sets provide no fault tolerance; if even one area of disk space in the set is lost, all the data is lost. Volume sets are the only Windows NT disk partition-management option that let more than one area of disk space in the set reside on the same physical hard disk. In addition, volume sets are the only Windows NT disk partition-management option that let the individual areas of disk space making up the volume be of different sizes.

The main advantage is that volume sets allow the most efficient use of hard disk space. System and boot partitions can't be part of a volume set, whereas all other partitions can. Because disk access is performed by only one drive at a time, a volume set has the slowest access of any method.

Installation and configuration
Windows NT Server version 4.0's minimum hardware requirements are a 486DX/33 processor with 16 MB of RAM and non-ESDI disks. You can install NT Server 4.0 from a CD or from a network share point. You can configure it to participate in a workgroup or a domain.

You can't upgrade Windows 95 to NT Server or NT Workstation. If you create a dual-boot machine with Windows 95 and Windows NT Server, you must install NT Server in a separate directory from Windows 95 and reinstall all applications.

Drivers for Windows 95, Windows NT 3.51, and Windows NT 4.0 aren't compatible. If you want to install NT Server 4.0 on a previous version of NT and keep all settings, install NT Server 4.0 in the same directory as the old version. If you install in a different directory, you haven't upgraded—you've created a dual-boot machine.

Your copy of NT Server 4.0 should have come with three startup disks. If you need to re-create these disks, you can do so by running Winnt.exe from the CD with the /OX switches.

The Convert utility converts a FAT partition to NTFS and allows you to keep all of your data intact. There's no way to convert an NTFS partition to a FAT partition without formatting the partition.

A Network Installation Startup Disk is a bootable MS-DOS system disk that allows a client to connect to a distribution server. You can then use the distribution server to install software over the network. You can create the disk using Network Client Administrator on the NT Server.

The ARC path
Understanding the Advanced RISC Computing (ARC) path is the key to booting a computer with a failed primary drive. The Boot.ini file uses ARC names. A sample address may look like this:
Multi(0)disk(0)rdisk(0)partition(1)

SCSI and multi are the only valid values for the first position. SCSI is used for a SCSI disk with its BIOS disabled, and multi is used otherwise (including a SCSI disk with its BIOS enabled).

The parentheses that follow contain the number of the hardware adapter card (starting at 0). The number in parentheses after the disk parameter will always be 0 for multi or SCSI with BIOS enabled. For SCSI syntax, this is the SCSI ID of the disk. The rdisk parameter for SCSI is always 0; for multi it's the ordinal of the disk—the order in which the disk appears in Disk Administrator (disk 0, disk 1, and so on). The partition parameter indicates the partition where NT is installed. Partition numbers begin with 1, not 0.

Suppose you encountered the following question: Your NT Workstation contains three IDE disks on the same controller card. Each disk contains one primary partition. The operating system is located on the second hard disk, and the boot files are located on the third hard disk. What would be the correct ARC name for the system partition?
  1. 1.      (2)multi(0)disk(1)rdisk(2)partition
  2. 2.      multi(0)disk(0)rdisk(2)partition(3)
  3. 3.      multi(0)disk(0)rdisk(1)partition(3)
  4. 4.      multi(1)disk(1)rdisk(1)partition(1)
  5. 5.      multi(1)disk(1)rdisk(0)partition(0)

The correct answer is 2. On my exam, I had three questions concerning the correct ARC path. It gets particularly tricky when the question involves a SCSI drive with BIOS enabled, which is really treated like an IDE drive.

Administration tools
Server Manager lists all computers in the domain, manages workstations and servers, creates new shares on remote computers, and promotes backup domain controllers (BDC) to primary domain controllers (PDC). You can't demote a domain controller to a member server; you must reinstall NT.

Although NT Server Tools for Windows 95 gives you the Server Manager and User Manager for Domains, functions that you can't change using these tools must be changed from Windows Explorer (that is, with permissions). You can install client-based Network Administration Tools installed on Windows 95, NT Workstation, or Windows 3.11.

Backup
The NT Backup utility lets you back up the network. To save the local registry on a backup, select the drive containing the registry and choose Backup Local Registry. Backup will recognize and back up all connected volumes, as well as Windows 95 and NT Workstation clients, provided they're connected to the domain.

NTFS
If you move a file between NTFS partitions, attributes of the target folder apply to the file. If you move a file within the same NTFS partition, the file keeps its attributes. When you copy a file, the permissions of the target directory are always assigned to the new file regardless of whether it's in the same or a different partition. When you copy a file from an NTFS partition to a FAT partition, permissions are lost, but long file names remain intact.

Printer pools
To create a printer pool, you must connect all printers to the same print server. In a printer pool, the printer name and printer driver are the same for all attached printers. The only thing that's different between them is the printer port. To update a printer driver, simply install it on the print server. The driver will be updated the next time the clients print. To create a hidden share or administrative share, add a dollar sign ($) to the end of the share name.

Export servers
Member servers, PDCs, or BDCs can be directory replication export servers. You can configure machines running NT Server and NT Workstation to import files during replication. You can't configure Windows 95 clients and MS-DOS clients to be export servers.

You might see a question like this one on the exam: Which of the following can be used as an export server using the Directory Replicator Service?
  1. 1.      a Windows 95 client
  2. 2.      an NT Workstation
  3. 3.      a Windows NT member server
  4. 4.      a BDC
  5. 5.      a PDC

To answer correctly, you must select 3, 4, and 5.

Managing resources
Every workstation's computer name must be added to the domain using the Server Manager utility. Every user account must be added to the domain using the User Manager For Domains utility. Every PC must be configured to join the domain by setting up the Network information using the Network applet in Control Panel.

You use Server Manager to view and administer domains, workgroups, and computers. You do not use it to create, maintain, or delete user accounts—those are jobs for User Manager For Domains. It's better to rename an existing account than to copy it, because a renamed file retains its file permissions and account description. If you delete a group or a user account, it can't be undeleted—you must re-create it and manually assign all permissions and restrictions.

To create a template, start User Manager For Domains. Then, select the template, choose Copy, enter the new user name, and click Add.

Permissions and configuration information
Each user has a set of permissions that are accessed when the user logs on. If the user's permissions change, those changes don't take effect until the user logs off and then logs on again.

Administrators, Server Operators, Account Operators, Backup Operators, and Print Operators are groups with rights to log on locally to an NT Server. Configuration information can be retained on a user-by-user basis; this information is stored in user profiles. For more information about user profiles, see the article "Managing Workstation Desktops with User Profiles," on page 5.

Groups
The concept of groups can be confusing. You will have questions about this topic on the exam. The local group can contain only global groups (and users); however, no group can contain other local groups. Global groups can be put into local groups or given permissions and rights directly in other domains. The local group can be used only in the domain in which it's created. If you need to grant a local group permissions in multiple domains, you'll have to manually create the local group in every domain in which you need it.

Here's a sample exam question: Joe, a member of the Tiger team, has an account in the Jungle domain. Joe must have full control on all domain printers and be able to log on locally to the domain's PDC. How can you grant Joe and the rest of the Tiger team access to the printers?
  1. 1.      Create a global group called Africa and add Joe to this group. Create a local group on the PDC called Outback. Create local groups on each of the printers called Printman. Add the Africa global group to these local groups and give the right to log on locally to the Outback group on the PDC. Grant Full Control permission to the Printman group on each of the printers.
  2. 2.      Create a local group called Africa and add Joe to this group. Create a global group on the PDC called Outback. Create local groups on each of the printers called Printman. Add the Africa local group to these global groups and give the right to log on locally to the Outback group on the PDC. Grant Full Control permission to the Printman group on each of the printers.

The question in this example can be difficult to digest, but you can also get lost in the answers unless you eliminate what is obviously wrong. Answer 1 is correct; you can eliminate answer 2 immediately because it refers to adding local groups to global groups.

Disk Administrator
NT's Disk Administrator is a graphical tool for managing hard disk drives. It allows you to partition drives, mark partitions as active or inactive, create a stripe set, create a volume set, and so on. Partitions and drives aren't actually created unless you commit the changes.

Connectivity
You must provide the IP address and the subnet mask when you install TCP/IP in a nonrouted network. Windows Internet Name Service (WINS) servers resolve Windows NT networking computer names to IP addresses in a routed environment and decrease TCP/IP network traffic by reducing b-node broadcasts.

You can place the LMHOSTS and HOSTS files in the local drive of each client computer to optimize static name resolution for RAS servers and clients. The Dynamic Host Configuration Protocol (DHCP) server provides the client with this basic information: IP address, subnet mask, and default gateway. It may provide other information as well, such as Domain Name Service (DNS) server addresses and WINS server addresses. The system administrator can configure the DHCP server with the options passed out to the client.

NetWare connectivity
My exam included five questions about Novell NetWare connectivity. It's important for you to understand the following concepts about NetWare.

You load the Gateway Service for NetWare (GSNW) on NT Servers to provide access to NetWare servers for Microsoft clients who aren't running NetWare client software. You install Client Services for NetWare (CSNW) on workstations that want to access NetWare resources without the use of a gateway.

Creating a gateway to a NetWare resource takes two steps: enabling and activating. Enabling a gateway involves creating user accounts in the NTGateway group of the NetWare server that require access to the NetWare resource. You must assign rights and permissions for the NTGateway group on the NetWare server. Activating a gateway involves mapping a networking drive to a NetWare resource or adding a printer.

The Windows NT server requires the NWLink protocol to communicate with NetWare clients and servers. There are a couple of common problems associated with NWLink. First, some people think that by installing NWLink, they can access file and print resources on a NetWare server. But NWLink is only a transport protocol, not a redirector. To access file and print resources, the computer will need a client redirector, such as CSNW, GSNW, or File and Print Services for NetWare (FPSNW).

The second problem involves the default setting of Autodetect Frame Type. The frame type is set to that of the first frame received and isn't configured to communicate over all detected frame types. You may need to manually configure the appropriate frame types for your installation. If your network uses more than one frame type, you must use Manual Frame Type. If you attempt to use Auto Detect, only 802.2 will be found (NetWare 3.x and NWLink). An incorrect frame type is the most common reason a workstation fails to connect to a network.

FPSNW is an add-on product that allows a NetWare client to access file and print resources on a Microsoft Windows NT Server computer. The NWLink protocol is also required for the server to communicate with the clients. You should place the most frequently used protocol at the top of the binding order. Protocol binding order is important at the workstation level.

Remote Access Service
The Remote Access Service (RAS) connects users over phone lines through a remote access server to a Windows NT network. The phone lines are transparent to users once they're connected; users can access all network resources as if they were at a computer in the office. Network applications that use Net BIOS, IPC, Mailslots, Named Pipes, RPC, LAN, and Manager APIs will work over RAS.

RAS works with TCP/IP, NWLink, or NetBEUI protocols for dial-in and dial-out connections, whereas RAS Autodial works only with NetBEUI or TCP/IP. TCP/IP is always best for Internet compatibility. RAS supports three modem protocols: RAS, PPP, and SLIP. SLIP requires less overhead than PPP but offers no error checking or security. Point-to-Point Tunneling Protocol (PPTP) is a network protocol that enables the secure transfer of data from a remote client to a private enterprise server by creating a virtual private network (VPN) across TCP/IP-based data networks. PPTP is a low-cost method of providing Internet access to users; it allows RAS clients to run applications using remote procedure calls, Windows socket APIs, and named pipes.

RAS provides data encryption in addition to password encryption. To maintain security in case of unauthorized interception of remote access transmissions, clients configure each Phone Book entry to use data encryption. In remote-access administration, the Remote Access Permissions dialog box contains three callback options to choose from: Preset To, Set By Caller, and No Callback (the default). Until the user has been authenticated and called back (if Callback is set), no data from the remote client or the remote-access server is transferred.

Monitoring and optimization
Your exam will include questions about Performance Monitor. You use this tool to check for bottlenecks in performance; generate alerts that can be sent to the administrator; produce information in logs, charts, and reports; and identify the demand for resources. To use network performance counters in Performance Monitor, the Network Monitor Agent must be installed on your server. In order for Performance Monitor to gather TCP/IP statistics, the SNMP service must be installed.

You must create a separate Performance Monitor alert if you want to monitor several servers and be alerted when a counter is exceeded. An alert message can be sent to a user or a group but not to multiple users or groups. If you're running so many performance monitor counters that your system is slowing down, you can increase the interval at which the counters are monitored.

If the product of the Avg. Disk Sec/Transfer counter and the Pages/Sec counter is greater than ten percent over an extended period of time, a paging problem exists. If the % Processor Time counter is high (close to 100 percent) and the System Object Processor Queue Length counter is consistently greater than 2, you should install a faster processor on the server. If excessive paging is occurring on your server, you can add more physical memory, distribute the paging file(s) across a number of disks, or move the paging file off the disk that contains the Windows NT system files.

The PageFile.sys file's size should equal the amount of RAM in your system plus 12 MB. You shouldn't place the paging file across a stripe set with parity. You can place the paging files on mirror sets, stripe sets without parity, volume sets, and so on, but you don't enhance performance by doing this. Normally, you shouldn't place the paging file on the boot partition; however, you must place it on the boot partition if Windows NT Server is creating a memory dump file each time a Kernel STOP error occurs.

Troubleshooting
Turning on the Device.log file is the first step to troubleshooting RAS problems. You must turn it on by editing the registry. By default, all server errors, user-connect attempts, disconnects, and so on are logged.

To use the Performance Monitor's physical and logical disk counters, you must first run the Diskperf utility included in Window NT. Once you run Diskperf and restart the computer, Performance Monitor can collect disk data. Otherwise, Performance Monitor displays zeros for all counter values for the disks. To enable counters, from a command line logged on as a member of the Administrator local group, type
c:\ > diskperf –y

To activate Diskperf, you must run it from a command line and then reboot your computer.

Print problems
Emergency Repair Disk
Booting
Boot using the Last Known Good configuration if your computer won't boot after loading new drivers. Doing so will set your computer's registry back to its state prior to the change. Note that all registry changes you've made will be lost.

You can make a bootable disk by formatting a disk from an NT computer and then copying the Boot.ini, NTldr, NTDetect.com, and NTBootdd.sys files to the disk. You may have to manually edit the Boot.ini file to make the necessary changes to the ARC path.

When NT is installed, it gives you two options when booting: a normal boot and booting in VGA mode. Use the VGA mode when your display doesn't function properly after you install a video card. Doing so will allow your computer to boot so you can make the appropriate changes associated with the video card. If a service fails to start, look in the Event Viewer for information to solve the problem. You must break a mirror set and replace a failed drive before you can create a new mirror.

Conclusion
The topics we've covered will give you a firm grasp on the concepts you need to know when you take Microsoft's 70-067, NT Server 4.0 exam. None of the Microsoft exams I've taken were easy, so don't take them lightly—study everything you can get your hands on.

 

Related exams
The 70-067 exam is closely related to the 70-068, Windows NT Server 4.0 Enterprise exam and the 70-073, Workstation 4.0 exam. Because these exams cover similar—and, at times, overlapping—material, I recommend that you take the three exams back to back. I studied for two weeks for each exam and was able to pass all three within six weeks.

 

Process of elimination
Many exam questions will have lengthy answers from which to choose. You can eliminate a possible answer quickly if you can pick out a single false statement in that answer.

 

few tips
When you're taking the exam, read each question carefully. Some questions are tricky. Be sure that when you click a choice, it's really marked. I found that by inadvertently clicking near the scroll bar on the right side the screen, I actually changed an answer.
When you enter the test area, you'll be given a single piece of paper and a marker for writing. Use a few minutes before the exam begins to make notes.

Troy Thompson, MCSE, has worked in the automation field for 15 years, dealing with a variety of systems: Wang OIS, Unisys BTOS, UNIX, Windows 3.11, Novell NetWare, Windows NT 3.51, and Windows NT 4.0. He's also worked as an administrator of a Novell and NT network, as well as a systems analyst for an IBM mainframe. Currently, Troy is the Information System Security Officer at the Information Management shop at Fort Knox. You can reach him at troy@bridepub.com.

Editor's Picks