General discussion


Windows Server 2003 Issues

By anangelfailed ·
hi, i tried very hard to solve these questions and i don't have any more time, so would you help me with correcting and filling them,,, thanks a lot, i've only 24hs:
Win Server 2003 Only

1.How would you set up and start an unattended upgrade of Windows Server 2003 using a CD-ROM?
Automated Installation: Windows Server 2003 incorporates an unattended installation feature, without keyboard interaction. Begin the process and everything else is automated.
To avail of automatic installation, you should know, in advance, the answers to the questions that the installation program asks, and you should put them into a data file.
Unattended installation utilizes that script file that feeds information and keyboard strokes, and completes the installation.
Automated Installation facilities are great for companies that install Windows Server 2003 repeatedly on various machines with the same hardware configurations. Remote offices can also take advantage of this feature, because main office administrators can customize script files and transfer them to remotely located offices.

Unattended installations:
It can be done by one of the following methods:
?Creating an Answer File which is a text file that contains answers to the questions that windows setup prompts you for during an installation (server1.txt). it can be created by setup manager in order to complete the setup automatically
?Sysprep.exe: Generate unique SID ?Disk Imaging ?
?RIS (.sif): Network installation server. RIS server must have the following components installed on it: (DHCP - DNS - RIS - Active Directory)

Creating Answer File for unattended installations using a CD-ROM:
1. go to the following track:
2. run setupmgr.exe
3. click Next
Sysprep.exe (Generate unique SID - Disk Imaging) - RIS (.sif) (Network installation server)
In next window, we?ll specify if the user will provide any information during the setup or it?s fully automated.
Now, you have to provide the following information:
General Settings such as (Name and Organization, Display Settings, Time Zone, Product Key ?which is an essential step?) click ?Next? between each step.
Network Settings: such as (Licensing Mode, Computer Name ?essential?, ?.)
Note; you can pass by any unessential step only.
Now, we run Winnt32.exe to start installation from within a 32-bit environment, where we specify an Answer File.

2.How can you determine who has been logging on to your servers and accessing resources?
Intro: Windows Server 2003 practices an auditing process by tracking access and usage by domain user accounts if that level of auditing has been enabled in the domain.
Because, in order to access Windows Server 2003, users have to authenticate themselves with a user domain account. A user has to press Ctrl+Alt+Del to start the logon process. This is called an interactive logon. The user has to furnish his user name and password. If both are valid, the user is granted access. When the user is finished with the computer, he logs out and another user can gain access by providing his own user name and password, repeating the sequence all over again.

Process: You can audit information on your network or track activities of users throughout your network, to locate configuration problems, security breaches, improper activity or misuse of the system. If you wish to audit your system, do the following:

1. In the Group Policy dialog box, click the Properties button.
2. From the Administrative Tools area, select Local Security Policy.
3. Navigate through the left pane to Security Settings -> Local Policies, and then click Audit Policy.
4. Double-click the option you want to audit. The Security Policy Setting dialog box appears.
5. Choose to audit either successful attempts or failed attempts. (This dialog box is displayed so that the administrator can choose to audit successful attempts, failed attempts, or both.)
6. After making your selection, click OK.

You may wish to audit failed attempts for logon attempts and object access. This can warn you of an impending intruder.

Tip: The information obtained through auditing is recorded in the Event Viewer's Security Log. Launch the Event Viewer from the Administrative Tools menu and select Security Log. The right pane displays a list of the items you chose to audit. It's a good idea to check this log regularly, and then clear the log so it doesn't fill up.

Remember: This example uses the local security policy. If a domain policy is different, it takes precedence. For example, if you set to log all successes and all failures for all local security policy elements and the domain security policy is set to Not Configured, no logging is enabled because the domain security policy is enabled after the local security policy.

Tackling Access Problems: Listed here are some of the problems users encounter and the causes or methods to resolve them. In case you have done all of the above and yet the problem cannot be solved, consult a Microsoft resource ? either online or through TechNet ? and hunt for a solution. The Microsoft Information Database is rather wide and of someone else has already experienced the same problem, you will find information about its solution posted on the database.


3.How does a computer decide whether or not data should be sent to the computer?s default gateway? Answer by using an example.
Example: a host computer with a single network interface card and has the IP address, subnet mask (/20), and default gateway of
Default Route: an entry corresponding to the default gateway configuration is a Network Destination of with a subnet mask of Any destination IP address ANDed with will result in Therefore, for any IP address, the default route will produce a match. If the default route is chosen because no better routes were found, the IP packet will be forwarded to the IP address in the Gateway column using the interface corresponding to the IP address in the Interface column.


4.What is the difference between a certificate authority that you create and a commercial certificate authority like VeriSign?
Basically ?Generally!? there?s not very much difference. Both of them perform essentially the same function, i.e.: issue certificates. One difference of course is a matter of trust.
VeriSign is a well known and well respected certificate authority. When a secure website shows you their certificate and it says "I'm", you can be pretty sure that they are who they say they are. Whereas with creating your own certificate authority, because your level of trust isn't known, one cannot be completely confident that the certificate is indeed legit.
How could it not be legit? If the computer that generates certificates (a Win2k3 server for example) were to be compromised, a hacker could write all the certificates he/she wants. So basically your certificates are only as good as the security protecting the certificate authority is. The only other difference is cost. I haven't looked recently, but getting a VeriSign signed cert. can be very expensive and is sometimes not necessary. If your implementing PKI for user and computer authentication then I would recommend setting up your own certificate authority. If however, you wanted to startup an e-commerce site. Then you'd probably want to assure your customers by getting a VeriSign cert.

5.What is the difference between a symmetric key and an asymmetric key?
Essentially a symmetric key is something like a password. If I encrypt a file and send it to someone, I'd need to provide the key also. Because the same key both encrypts and decrypts it is called symmetric.
On the other hand an asymmetric key would be like using public/private keys. For example, I could use a person public key to encrypt a file. The Person would then use the private key to decrypt the file. It that situation the key that encrypts is different than the one that decrypts. Therefore, the public key is distributed freely; whereas, the private key is highly guarded. By the way, if you haven't already guessed asymmetric keys are superior to sym. ones. Symmetric keys are highly susceptible to "man-in-the-middle" type attacks.

6.How can you use DHCP to configure client computers to use a WINS or DNS server?
We use DHCP to configure the client computers to use WINS or DNS server by adding wins server and domain server entries to the configuration files.

7.How can you create your own security templates?

8.What data can you capture with Network Monitor?

9.How does disk defragmentation improve system performance?

10.What are the basic requirements for an application to be cluster-compatible?

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Related Discussions

Related Forums