You are on page 1of 54

Windows Vista Training

Train Signal, Inc.


Scott Skinger

Windows Vista Overview Video


Scenario

Amy's Cake House is a bakery that specializes in high-end cakes for all occasions. The business is
owned by Amy Costella and is located in Madison, WI. Although Amy’s Cake House has been in
business for 8 years, they are low tech and have a very basic network setup with 5 computers.

Lately, the “Cake House” has had more frequent computer/network issues that are affecting
the productivity of Amy and her employees. Amy has decided enough is enough and has
contacted a computer consulting company to help her with her problems and recommend
solutions.

The Cake House network currently consists of a hodge-podge of machines from different
vendors and running different operating systems, including Windows 98, 2000 and XP. All of
these machines, except for the XP machine (2 months old), are over 3 years old. The machines are
connected through a switch (wired) on a peer-to-peer (workgroup) network. There is no server
on the network and only one machine has Internet access (DSL).

Amy has decided to completely revamp the network. Five new PCs will be purchased and
Windows Vista will be installed on each of them. The XP machine will be tested to see if it can run
Vista. It will be kept if it is able to run Vista. All of the older machines will be recycled or donated.
The Cake House will also get a brand new server running Windows 2003 and a domain will be set
up to handle the network in the near future. Amy expects to add even more computers/users
soon, so a domain environment was agreed upon. In addition, the Internet (DSL) will be shared
throughout the Cake House network using a Linksys Wireless Router.
Windows Vista Training
Train Signal, Inc.
Scott Skinger

2 - Network Diagram (Before)

3 - Network Diagram (After)


Windows Vista Training
Train Signal, Inc.
Scott Skinger

Course Setup
1. Windows Vista (Base System)
2. Windows Server 2003 (Remote Desktop)
3. Windows XP (Remote Desktop)
4. Windows Vista (Remote Desktop)
5. Windows Vista (Virtual PC)

Windows Vista Overview


1. Why do I need Vista?
-Start Menu
-Instant Search
-Windows Aero
-Security enhancements (UAC)
-Parental Controls
-Networking enhancements
-BitLocker
-Backup
-File System enhancements
-Applications (Windows Mail, Calendar, Meeting Space, Games)
-50+ other new features
-Cool Factor

2. Should you upgrade?


-You need a new computer
-Feature Love - $200+ to blow
-Check your hardware & applications!
Windows Vista Training
Train Signal, Inc.
Scott Skinger

Windows Vista Versions


1. Other Versions/Options
2. Home Versions
3. Business Versions
4. Pricing - Full vs. Upgrade

Other Versions/Options
Vista Starter
Very Stripped Down
Developing Countries, OEM - only ships on computers (not retail)
Not available in the US, EU, Australia, Japan, etc.

"N" Editions
Designed to satisfy anti-trust agreements in the EU
Home Basic & Business Editions Only
Does not include Windows Media Player, Movie Maker, etc.
Same price. Not popular.

32-bit vs. 64-bit Versions


Starter edition is 32-bit only
32-bit & 64-bit DVDs come with Ultimate
Home & Business must order 64-bit DVD (free + shipping)
More RAM allowed (8GB/16GB/128 GB)
Special 64-bit programs
Windows Vista Training
Train Signal, Inc.
Scott Skinger

Vista Home Versions


Vista Home Basic
No domain support (5 computer networks max)
No Aero interface, Limited backup capabilities, No second monitor
No Group Policy, No Offline Files, No Shadow Copy
No Premium games, No DVD Maker, No Media Center
Parental Controls, Movie Maker are in Home Basic & Home Premium

Vista Home Premium


No domain support (10 computer networks max)
Everything you get in Home Basic PLUS:
Aero interface, Media Center, DVD Maker, Second Monitor, Tablet PC
About $40-$60 more than Home Basic (retail)
Free at Dell

Vista Ultimate
Home or Business - We will cover this last

Vista Business Versions


Vista Business
Domain support (or 10 computer peer-to-peer networks)
2 CPU (physical) support
Group Policy, Offline files, IIS, Shadow Copy, System imaging/recovery
No Media Center, No DVD Maker, No Movie Maker, No Parental Controls
About $40-$60 more than Home Premium (retail)

Vista Enterprise
Essentially the same as Vista Business
Volume Licensing customers, No retail
Includes BitLocker, Language support (multiple/same time)
Windows Ultimate
All of the above and more
Windows Ultimate Extras (Additional games, utilities and other "cool" stuff)
About $100-$160 more than Home Premium (retail)
About $60-$100 more than Vista Business (retail)
Windows Vista Training
Train Signal, Inc.
Scott Skinger

Vista Upgrades & Pricing

Full Version vs. Upgrade Version


Windows 2000 & XP users are eligible for upgrade version
9x, ME & NT users must purchase a full copy
Upgrade doesn't necessarily mean "Upgrade"

Anytime Upgrade
Allows you to upgrade (unlock features) in a "higher" version
Instant, download a new product key
Not as cheap as buying the "right" version up front

Version of Vista Upgrade Price Full Price Anytime Upgrade


(retail) (retail)

Home Basic $100 $200 Home Premium/Ultimate

Home Premium $155 $230 Ultimate

Business $195 $285 Ultimate

Ultimate $250 $380 N/A


Windows Vista Training
Train Signal, Inc.
Scott Skinger

What we covered
Overview of Vista features
Different versions of Vista
Vista pricing

What you should know


1. Who is the Vista Starter edition for?
2. What Vista versions allow you to participate in a domain?
3. What OSes are eligible for an upgrade license to Vista?
4. What version of Vista should you use if you need to have more than 4GB of RAM?
5. What are the "N" editions?
Windows Vista Training
Train Signal, Inc.
Scott Skinger

Windows Vista Installation Video


Scenario
Installation Overview
System Requirements
Installation Options
Upgrade to Vista
Clean Install of Vista
After Installation

Scenario
Amy, the owner of Amy's Cake House, has met with the consulting company and has laid our her
plans for the network upgrade. The older systems will not support Windows Vista and they will
be donated to a local school. Here is what she has decided to do:

-Order five new PCs from Dell with Vista Business edition (domain support)
-Order one laptop from Dell with Vista Business edition
-Attempt to upgrade the XP Pro PC to Vista Ultimate edition (or buy new system with Vista
Ultimate)

Installation Overview
1. Very Important to Plan - Foundation
2. System Requirements
3. Upgrade or Clean Install
4. Backup and Transfer of Settings
5. Installation
6. Check for problems & update
7. Transfer settings
Windows Vista Training
Train Signal, Inc.
Scott Skinger

Home Premium or Minimum My


Business or Requirements Recommended
Ultimate Editions (Don’t even think Configuration
about it!)

CPU Modern Processor Intel Core 2 Duo


(800Mhz or greater) or greater
AMD Athlon 64 X2
or greater

Memory 512MB 2GB or more

Hard Drive 15GB free space 100GB or more of free


space

Graphics DirectX 9-capable DirectX 9 capable with


graphics processor 256MB of RAM on card

DVD Drive Yes Yes

Installation Options - Old PC


Old Computer
1. Upgrade
Carries Programs & Settings forward
Problematic - Not Recommended
Upgrade Advisor
Backup!
2. Clean Install (Recommended)
Starting from scratch…everything is gone
Backup
Easy Transfer Wizard
3. Dual Boot (Clean Install)
Keep both OSes (XP and Vista)
Set up different partitions (recommended)
Boot off of DVD (select "Custom (advanced)" option)
Not accidentally blow out your partition
Not worth the hassle
Windows Vista Training
Train Signal, Inc.
Scott Skinger

Installation Options - New PC


New Computer
1. Factory Install
Vista is pre-installed on the computer
Loaded with lots of junk!

2. Clean Install (Recommended)


Overwrite the factory install
No OS on the PC originally or Build your own PC

Upgrade to Vista
Can you Upgrade?
You can't upgrade all OSes
95, 98, ME & NT4 can not be upgraded (licensing)
2000 & XP 64-bit are licensed for upgrade, clean install only!

Which versions of XP can be upgraded?


XP Home - upgrade to any edition of Vista
XP Pro - upgrade only to Business or Ultimate editions of Vista
XP Media Center - upgrade only to Home Premium or Ultimate editions of Vista
XP Tablet PC - upgrade only to Business or Ultimate editions of Vista

Ready to Upgrade? Steps to take:


-Minimum system requirements
-Run Upgrade Advisor (take action on recommendations)
-Backup up important files, program settings (Easy Transfer Wizard)
-Make a complete system backup
-Launch setup from within Windows XP
Clean Install of Vista
Recommended System Requirements
DVD drive
Product key (not required immediately)
User account name, password, computer name
Backup your files (old PC)
Windows Vista Training
Train Signal, Inc.
Scott Skinger

After Installation
Check Device Manger
Windows Update
Activation
Install Programs
Copy data & Transfer settings

What we covered
Minimum/Recommended System Requirements
Different installation options (upgrade, clean install, dual-boot)
Upgrade path, using the Upgrade Advisor
Easy Transfer Wizard
How to Install Windows Vista

What you should know


1. What are some of the problems that come up when you upgrade to Vista?
2. If you are running Windows XP Pro, which versions of Vista can you upgrade to?
3. If you buy a Vista upgrade CD can you use this to perform a clean install?
4. What versions of Windows can you perform a software upgrade from?
5. Does the Easy Transfer Wizard work on Windows 2000?
6. Does the Easy Transfer Wizard transfer programs?
7. What is the minimum/recommended amount of RAM for Vista Business/Ultimate?
8. If you want to dual boot, should you choose the Upgrade or Custom option?
Windows Vista Training
Train Signal, Inc.
Scott Skinger

Windows Vista Interface Video


Scenario
Welcome Center, Start Menu & Task Bar
Search
AERO Interface
Sidebar
Control Panel
  
Scenario
After using Windows Vista, Amy has realized how different it is than Windows XP or earlier OSes.
She has asked the consulting company to setup the desktops in a configuration that is easier for
the users and to train them on the Vista interface.

Welcome Center, Start Menu, Task Bar & Search


Welcome Center
Start Menu
Programs
User Folders
Sleep/Hibernate
Customize

Task Bar
General
Toolbars
Task Manager

Search
Love it!
Windows Vista Training
Train Signal, Inc.
Scott Skinger

AERO, Sidebar & Control Panel


AERO Interface
Authentic, Energetic, Reflective, Open
Transparent, glass-like
Thumbnails, Windows Flip, 3D Flip
Home Premium, Business, Enterprise & Ultimate
Window Color & Appearance
Desktop Background

Sidebar
Windows Gadgets
Customizable
Downloads available

Control Panel
Overview & Navigation
System & Maintenance - Performance

What we Covered
Start Menu, Taskbar
AERO
Sidebar
Control Panel
What you should know
1. What versions of Vista support AERO?
2. How do you add the Run program to the start menu?
3. How do you use Flip 3D?
4. How do you make your computer "sleep"?
5. How do you minimize the sidebar?
6. How do you get to the old "My Computer"?
7. Where do you go to see if your computer has been activated?
8. How do you change your desktop background?
9. How do you disable Windows Previews (thumbnails)?
10. How do you prevent recently viewed documents from showing up in your start menu?
Windows Vista Training
Train Signal, Inc.
Scott Skinger

Users & Groups Video


Scenario
User Account - General Information
Local User Accounts
User Account Control (UAC)
User Management
-Parental Controls
-Group Policy

Scenario
During the transition from workgroup to domain, the consulting company has told Amy that local
user account management will be very important and remain important even after switching to
the domain environment. While they will handle the "heavy lifting", they have agreed to show
Amy the essentials of what she needs to know in order to properly manage the network.

User Account Overview


-User account is needed to logon to a Vista system
  

‐Security (limiting access to files, programs, etc.) and a Customized Profile 
Windows Vista Training
Train Signal, Inc.
Scott Skinger

Vista User Account Information


 Users 
Administrator & Guest accounts – disabled by default 
Administrator account is created during install (your user account) 
 Groups 
Group similar users for simplicity in assigning permissions and rights 
Standard Users (users) and Administrators 
Power Users have greatly diminished rights in Vista 
Lots of groups, you won’t use most 

Local vs. Domain Accounts


 Local 
Workgroup/Peer‐to‐Peer/SMB Networks 
No Domain, no centralized user account database 
Local Accounts authenticate to the local system (locally significant) 
No domain is specified (field won’t be present) 
  
Domain 
Most company networks (server) 
Centralized logon, allows access to multiple resources 
Domain Logon – Domain or Local (computer name) 
Scott (with domain specified below) or scott@cakehouse.local 
Windows Vista Training
Train Signal, Inc.
Scott Skinger

User Account Control


NT4, Windows 2000 & XP ‐ Basic Problem 
Malware, Spyware, Viruses, etc. 
Admin Approval Mode (Consent & Credential Prompt) 
‐Administrators log on with two SIDs (administrator and standard user) 
Unidentified Program & Secure Desktop 
  

Consent prompt
Pasted from <http://technet.microsoft.com/en-us/windowsvista/aa906022.aspx>
  

Credential Prompt
Pasted from <http://technet.microsoft.com/en-us/windowsvista/aa906022.aspx>
Windows Vista Training
Train Signal, Inc.
Scott Skinger

User Management
User Accounts & Family Settings
‐Fast User Switching 
‐UAC Consent Mode 
‐Password Reset Disk 

Parental Controls 
Group Policy Settings (UAC & Password Policies)

What we Covered
What user accounts are used for
Differences between Local & Domain accounts
Different modes of User Account Control (UAC)
Manage User accounts.
Parental Controls

What you should know

1. The two ways/locations to manage user accounts


2. What is an access token?
3. What is a good reason to use fast user switching?
4. How do you keep your child from visiting adult websites?
5. How do you reset a user's password?
6. How do you create a password reset disk?
7. Why is Secure Desktop important?
8. What accounts are disabled by default in Vista?
9. How do you change the minimum password length?
10. What are the two ways you can disable UAC?
Windows Vista Training
Train Signal, Inc.
Scott Skinger

Networking Video
Scenario
Network Sharing Center
Domain Environment
Cakehouse Domain Conversion

Scenario
The server has arrived at Amy's Cake House and the consulting company has installed Windows
Server 2003 on it. The Active Directory domain cakehouse.local has been added and it is time to
convert the client computers over to the domain.

Network Sharing Center


1. Network Connections
2. Sharing & Discovery
3. Diagnose & Repair
-ipconfig /all
-ping

Cakehouse.local Domain
  
Questions to Answer
Why a domain?
One User account to access files, printers, Internet and more
More Secure
Centralized Administration

General Information
Requires a Windows Server license (approx. $800)
Not an Internet domain
Active Directory
DNS Settings are VERY important

Changes
New User Accounts (domain)
User Profile
Group Policy
Browsing/Searching
Permissions/Rights
Windows Vista Training
Train Signal, Inc.
Scott Skinger

Steps to Convert to Domain


1. Create User Account in Domain (on SRV2003)
2. Verify IP Address (DNS) Settings
3. Join Domain (need DOMAIN administrator credentials)
4. Restart
5. Log on with Domain Admin Account
6. Add User Account to local administrators group (optional)
7. Transfer user profile (Easy Transfer Wizard, etc.)

What you should know


1. Name 3 advantages of a domain over a workgroup
2. What versions of Windows Vista can join a domain?
3. Join a Vista computer to a domain
4. Add a domain user to a local group
5. What is the ping command used for?
6. Run the command that will give you IP (including DNS) settings
7. How do you make your computer "discover" other computers
8. What is the difference between a "private" and a "public" network
9. Where do you go to change the device driver?
10. How do you set up a modem connection to connect to the Internet?
Windows Vista Training
Train Signal, Inc.
Scott Skinger

Mobile PC & Wireless Networking Video


Scenario
Mobile PC Settings
Encryption - EFS & BitLocker
BitLocker
Offline Files, Sync Center & Mapped Network Drives
Wireless Networks

Scenario
The cakehouse.local domain is now setup and running great. Next, the hired guns at the
consulting company are going to work on integrating Amy's laptop into the network. This will
involve teaching her all about the features that are specific to a laptop and configuring wireless
access so that Amy and future laptop users will have portable network access.

Mobile PC Settings
Windows Mobility Center
Power Plans
Display Settings
Presentation Settings
Sync Center
Wireless Networking Settings
Tablet PC Settings
Replaces Windows XP Tablet PC Edition
NOT included in Home Basic or Starter
New Features:
-Handwriting Recognizer - Train Vista
-Pen Flicks (for settings)
Windows Vista Training
Train Signal, Inc.
Scott Skinger

Data Encryption
Used to protect sensitive files on your computer
EFS
Available in XP but revamped in Vista
Works at the file level
More flexible than BitLocker
File name and directory structure are not protected
NTFS Permissions still matter
Can't protect the OS files
BitLocker
Only available in Enterprise or Ultimate
Operates "beneath" the OS
Only available on the system/boot partition (no other phd or volumes)
On or Off (not set on a user by user basis)
Ideal for business deployments or "simple" setups on a home PC
Combine the two together for maximum protection of your whole PC
BitLocker
Partition Requirements
Two partitions:
-One greater than 1.5 GB for the Active partition (system boots from this partition)
-The second greater than 50 GB (not documented), where the OS resides
-BitLocker Drive Preparation Tool (Ultimate Extra)
Hardware Requirements (one of these)
-Computer with a TPM (Trusted Platform Module) v. 1.2 or higher microchip
Or
-USB Memory Card
BIOS Requirements
-Must be compatible with TPM
-Support boot off of a USB device

Group Policy Settings


Computer Config.-Administrative Templates-Windows Components-BitLocker
USB Memory Card would be your "startup" key; needed every time you boot
BitLocker Recovery Password should be created IMMEDIATELY and stored safely
Windows Vista Training
Train Signal, Inc.
Scott Skinger

Offline Files & Mapped Network Drives


-Used to work on network files when you are offline
-Local copies are stored and automatically synced up when you reconnect
-Faster in Vista & "Ghost" files are now used
-Most useful in a small network or "team" environment
-Set up using the Sync Center

Mapped network Drives


-Saved shortcuts to network locations
-Can be "scripted" or saved by a user
-Use "virtual" drive letters to assign to folders

Wireless Networks
Configured in the Network & Sharing Center
SSID - Service Set IDentifier
Encryption - WPA is preferred (more secure)
Managing a Wireless Router

What we Covered
Power settings, Presentation settings and more in Windows Mobility Center
Differences between EFS and BitLocker
Setup EFS and BitLocker
Offline Files
Setup wireless networks

What you should know


1. How to enable offline files on your computer
2. The purpose for setting up a wireless network without the SSID broadcasting
3. The hardware requirements necessary to implement BitLocker
4. How to create a custom power plan using advanced settings
5. Versions of Vista is BitLocker available
6. How to enable EFS on a file(s)
7. Configure a sync partnership in the Sync Center
8. Setup a wireless router to require encryption
Windows Vista Training
Train Signal, Inc.
Scott Skinger

Disk Management & File Systems Video


Scenario
Computer Management Console (Partitions/Volumes)
Basic vs. Dynamic Disks
Windows ReadyBoost
New Windows Explorer
New Search
Scenario
The network is running great! Unfortunately, the users are a little bit confused. "Why does
everything look so different?", they ask. The consulting company is going to give these users a
quick lesson and walk them through some of the new enhancements to Vista.

Disk Management Overview


-Computer Management Console or diskmgmt.msc
-FSUtil and DiskPart are command line tools for more advanced administration
-Up front planning & organization are the keys to success
Physical Hard Drives
Logical Volumes/Partitions
Partitioning 
Formatting with a File System 
Basic vs. Dynamic Disks 
Physical hard drives can be setup as either basic (default) or dynamic disks
Basic Disks
-Compatible (if dual booting with a pre-2000 OS or Linux)
-Use partitions (instead of volumes) and logical drives
-Limited number of partitions/drives
-Probably no reason to change to Dynamic disks
Dynamic Disks
-Not compatible with pre-2000 OS or Linux
-Use volumes instead of partitions and logical drives
-Unlimited number of volumes
-Allow for disk spanning and striping (NOT fault-tolerant)
-One way conversion to Dynamic without data loss
-Not available for laptops are removable storage (caution!)
Windows Vista Training
Train Signal, Inc.
Scott Skinger

Formatting your Partition/Volume


-FAT16, FAT32, NTFS
-NTFS should (almost) always be used
-Full format to ensure disk integrity
-Formatting "erases" all data on the disk

3 - New Disk Performance Features


Windows ReadyBoost
-Boosts system performance by using USB Flash devices as a source of caching
-USB 2.0 Flash Devices, SD Cards, CompactFlash Cards
-Used in addition to the hard drive as system cache (up to 10 times faster)
-Use one to three times the amount of RAM in your system
-Plug in device, AutoPlay option or Properties to start
Windows ReadyDrive
-Improves performance on laptops with a special (hybrid) drive
-Hybrid drive uses flash RAM in addition to the hard drive
-Longer battery life and faster wakeup from hibernation
-Nothing to configure, automatically on
Windows SuperFetch
-Windows service that dynamically improves system performance
-Allocates more memory to user processes (over background processes)
-Adjusts based on how the computer is used
-User applications faster, system applications (backup, defrag, etc.) slower

File & Folder Management


Explorer Interface
Folder Options
File Options
Search
Windows Vista Training
Train Signal, Inc.
Scott Skinger

What we Covered
Hard Drive & Partition Management
Basic vs. Dynamic Disks
ReadyBoost, ReadyDrive, SuperFetch
File System Navigation
Searching for files, folders and more

What you should know


1. Convert a basic disk to a dynamic disk
2. Enable file extensions to be viewable
3. Add a tag to a Microsoft Office file
4. Create a spanned volume
5. Shrink a volume
6. Enable ReadyBoost on your system
7. Perform a search for a file based on it being used in the last 30 days
8. Enable the "detail" view for your files and change the details shown
9. What is the difference between partitions and volumes
10. What are the benefits of ReadyDrive?
Windows Vista Training
Train Signal, Inc.
Scott Skinger

Shared Folders & Permissions Video


Scenario
Basic Folder Sharing
"Advanced" Folder Sharing
Share vs. NTFS Permissions
NTFS Permissions
Inheritance, Ownership & Effective Permissions

Scenario
Amy is trying to determine exactly how to share files over the network. In the past, cakehouse
users randomly shared files from their computers and gave each other their usernames and
passwords. Amy is trying to eliminate this and would also like to setup a network that effectively
uses permissions to control access to folders/files.

Shared Folders & Permissions Overview


Basic Premise:
1. We want to share information with another person/computer
-same computer, different users
-different computers (across a network) at home
-different computers (across a network) at work
-different computers (across a network) over the Internet

2. We want to secure our information


-Share permissions
-NTFS permissions
-Passwords, Physical Security, Encryption, etc.

3. Pick the right method


-Simple to complex
-KISS
-Test
Windows Vista Training
Train Signal, Inc.
Scott Skinger

Basic Sharing
Ad Hoc Network
Wireless
Quick setup
Temporary
Gaming or simple file transfer
Public Folder Sharing
Good for home PCs or a shared PC situation
Local or Network Access
Local is ON, Network is OFF (by default)
Not very scalable (general permissions)
You need a user account
Recommended for single computers or very simple networks

Sharing a Folder
Share a folder other than the "Public" folder

1. Share Wizard
2. Advanced Sharing in Windows Explorer
3. Shared Folders Console
4. Net Share command

-SRV2003 Shared Folders


-Can be mapped to drive letters
-Administrative shares have a $
Windows Vista Training
Train Signal, Inc.
Scott Skinger

Share vs. NTFS Permissions


Share Permissions
Work over the network only (not local)
Set on folders only (not files)
Permissions propagate down to all sub-folders/files
Simple permissions
Work in conjunction with NTFS Permissions
NTFS Permissions
Work over the network AND locally
Set on folders and files
More control of permissions
Complex permissions
Work in conjunction with Share Permissions
Available on NTFS partitions only

NTFS Permissions Overview


General Info
-Probably not necessary on a home pc, KISS
-Username/Password are still VERY important
-Shared data on a server
-Don't mess with your boot/system drive…plenty secure

How Permissions Work:


Access Token - The "ID card" that contains all of your SIDs (security identifiers from your user
account and groups)
ACL = access control list contains a list of the users and groups who have access to the file or
folder and what their access is
ACE = access control entry is located in the ACL and it contains an entry for the user or group. If
the user or group does not have an ACE, permission is denied.
Windows Vista Training
Train Signal, Inc.
Scott Skinger

NTFS File Permissions


Full Control
Read, write, modify, execute, change attributes, permissions, and take ownership of the file.
Modify
Read, write, modify, execute, and change the file's attributes.
Read & Execute
Display the file's data, attributes, owner, and permissions, and execute the application.
Read
Display the file's data, attributes, owner, and permissions.
Write
Write to the file, append to the file, and read or change its attributes.
 Note: The following reference was used for the NTFS file permissions, NTFS folder permissions and copying/moving in the next
three slides. http://www.mcmcse.com/microsoft/guides/ntfs_and_share_permissions.shtml 
  
NTFS Folder Permissions
Full Control
Read, write, modify, and execute files in the folder, change attributes, permissions, and take
ownership of the folder or files within.
Modify
Read, write, modify, and execute files in the folder, and change attributes of the folder or files
within.
Read & Execute
Display the folder's contents and display the data, attributes, owner, and permissions for files
within the folder, and run applications in the folder.
List Folder Contents
Display the folder's contents and display the data, attributes, owner, and permissions for files
within the folder, and run applications in the folder.
Read
Display the file's data, attributes, owner, and permissions.
Write
Write to the file, append to the file, and read or change its attributes.
 
Windows Vista Training
Train Signal, Inc.
Scott Skinger

Inheritance & Ownership


Inheritance
Any time you add a folder/file it inherits the permission settings from its parent folder. Inherited
permissions are "grayed" out

Notes on Inheritance:
When files are moved within a NTFS partition, the files are not really moved. Their location is
updated and they keep the same permissions.
When files are moved from one NTFS partition to another, this creates new files and deletes
the old ones. The new files will inherit the new folder's permissions.
When files are copied within a NTFS partition, this creates new files and those files inherit
permissions of the new folder.

Ownership
The creator of the file on the system. Ownership allows the user to set permissions, even when
they don't have permissions. Safety net for administrators.
  
Determining Effective Permissions

Rules for Determining Effective Permissions


1. Go down the list of NTFS permissions and select the LEAST RESTRICTIVE permission.
2. Go down the list of SHARE permissions and select the LEAST RESTRICTIVE permission.
3. Between NTFS and SHARE permissions, select the MOST RESTRICRIVE permission.
4. DENY always wins.

Example #1:
Sam is in the HR and Advertising groups. Here are the NTFS and shared permissions to the
folder C:\Shared Docs

Group = HR
NTFS Permission = Read Only
SHARE Permission = DENY

Group = Advertising
NTFS Permission = Full Control
Share Permission = Change

Effective permission = Full Control (NTFS) and Deny (Share)


Results = DENY

---------------------------
Windows Vista Training
Train Signal, Inc.
Scott Skinger

Example #2:
Sam is in the HR and Advertising groups. Here are the NTFS and shared permissions to the
folder C:\Shared Docs

Group = HR
NTFS Permission = Full Control
SHARE Permission = Read Only

Group = Advertising
NTFS Permission = Full Control
Share Permission = Change

Effective permission = Full Control (NTFS) and Change (Share)

Results = Change

What we Covered
Basic Folder Sharing (Public folder)
Ad Hoc Networks
Shared Folders
NTFS Permissions
Inheritance, Ownership & Effective Permissions

What you should know


1. How to enable the public folder
2. How to set up a folder share
3. How to form an Ad Hoc network with another computer
4. Calculate effective permissions on a share
5. How to assign NTFS permissions to a folder/file
6. Differences between share and NTFS permissions
7. How to map a network drive
8. How to take ownership of a file
Windows Vista Training
Train Signal, Inc.
Scott Skinger

Security in Windows Vista Video


Scenario
Security Center
-Windows Update
-Windows Firewall
-Windows Defender
Anti-Virus
OneCare

Scenario
The cakehouse network is really taking shape and the users are online and using Vista without
any initial problems. Before they get too used to it, however, the consulting company want to
secure the computers and make sure that network does not run into any problems with viruses
and malware.

Security Center
Essential security programs, all managed from one place
Not present in domain environments
Some settings may be controlled through group policy
Windows Update
-Updated
Windows Firewall
-New & Improved
-Inbound and outbound protection
-Easy to use front-end, customizable back-end
Windows Defender
-Spyware prevention & removal tool
-Simple to use, out of beta

Anti-Virus
-Windows OneCare or 3rd party offering
Windows Vista Training
Train Signal, Inc.
Scott Skinger

Anti-Virus Programs
Lots of Options:
-Norton's Anti-Virus (Symantec)
-Mcaffe Anti-Virus
-Trend Micro
Windows Live OneCare
-Microsoft's new offering
-$40 to $50 for a 3 computer, one year subscription
-Not just anti-virus, all-in-one keep you computer tune up
-Includes anti-virus, anti-spyware, anti-phising, firewall, backup & pc tune-up
-ISCA Labs certified
The Bad
-Beta tester
-All-in-One solutions make me nervous
-Red/Yellow "1" will make you crazy

What we Covered

Security Center
-Windows Update
-Windows Firewall
-Windows Defender
Anti-Virus
OneCare

What you should know


1. Turn the Windows Firewall on/off
2. Configure a custom scan in Windows Defender
3. Uninstall an update in Windows update that is causing problems
4. Change your settings so Windows Updates do not install automatically
5. Configure a firewall exception to allow remote desktop connections
6. Schedule a backup in OneCare
7. Access the advanced firewall
8. How Network & Sharing Center and Windows Firewall interact
Windows Vista Training
Train Signal, Inc.
Scott Skinger

Internet Explorer 7 Video


IE 7 New Features - Tabbed Browsing, RSS
Internet Explorer - Options
Internet Explorer - Security
Internet Explorer 7 - New Features
Tabbed Browsing
Quick Tabs
Better Printing (scaling)
Favorites Center
Page Zoom
RSS
-Known as feeds, RSS feeds, XML feeds or syndicated content
-Orange feed icon indicates that a feed is available
-Automated way of getting web content…the info comes to you
-Read using Internet Explorer, Google Reader, Windows Live, Outlook
-Favorites Center in IE 7
-RSS settings on content tab
What we Covered
Internet Explorer - New Features
RSS
Internet Explorer - Internet Options
Internet Explorer – Security
What you should know
1. Subscribe to a RSS feed
2. Enable/Disable anti-phishing
3. Use Quick Tabs
4. Name 3 programs that you can read RSS feeds in
5. What is the trusted sites zone for?
6. How can you enable an unsigned Active X control to work in IE 7?
7. Change the default RSS feed check to 30 minutes
8. Clear your Auto Complete settings
9. Change the default browser back to Internet Explorer
10. Enable 3rd party cookies
Windows Vista Training
Train Signal, Inc.
Scott Skinger

Running Software in Vista


Scenario
Installing Programs, Default Settings
New and Improved - Programs in Vista
Classifying programs in Vista
Running legacy applications
Application elevation prompts and run levels
Troubleshooting Vista software installation

Scenario
The network and the Vista computers are all running smoothly on the cakehouse network.
However, software has been a little bit of a problem. Amy is concerned that her old legacy
application, an accounting package, won’t work correctly on Vista. Amy also wants to make
sure that users can run all of their applications with standard user accounts.

Programs and Features


Install/Uninstall/Update
Enabling Windows features
Windows Marketplace
Digital Locker
Default Programs
-Global default programs
-User specific default programs
-File associations
-AutoPlay options
Programs in Vista
SideShow
Sidebar
Windows Email/Calendar/Contacts
Fax and Scan
Movie Maker
Photo Gallery
Meeting Space
Snipping Tool
Windows Vista Training
Train Signal, Inc.
Scott Skinger

Microsoft Live Services


 Windows Live
Office Live 
Xbox Live 
  
Program Classifications
Vista Compliant Software
Legacy Software

Vista Compliant Software


-all programs within Vista
-Other Microsoft and 3rd Party programs - Certified for Windows Vista
-retail box features logo
-programs must be able to run with a standard user token

Standard User Applications


-most Vista applications (i.e. sidebar, calendar, etc) run as a standard user
-run by administrators using their standard user access token
-standard user applications (cmd.exe) can be "run as" administrator

Administrator Applications
-core administrative tasks (i.e. disk management, firewall)
-require elevated privileges or they won't run
-able to write to system/registry (i.e. c:\windows and program files)
Windows Vista Training
Train Signal, Inc.
Scott Skinger

Legacy Applications
-any program that is not Vista compliant certified
-may run without a problem
-applications should be thoroughly tested before migrating
  
Getting "Old" Programs to run on Vista
1. File & Registry Virtualization
-some user programs have to be run as admins in XP & Vista
-programs are run as standard users in Vista
-application writes to a virtual system/registry location
-copy of files/registry key are stored in the user's profile
-application reads/writes from these virtual files
-transparent to the application
2. Application Compatibility Settings
‐install an application using the program compatibility wizard 
‐run a program in application compatibility mode 
3. Virtual Machine Programs
A. MS Virtual PC
B. VMware Workstation
C. Other options 
  
4. Upgrade

Installing Software
  
Installing the application: 
1. You must have an admin account 
2. Vista compliant application 
2a. If not Vista compliant, have you tested it? 
3. All other programs closed, anti‐virus disabled 
4. Backup and System Restore prepared 
5. Install only one application at a time 
6. Test 
Windows Vista Training
Train Signal, Inc.
Scott Skinger

  
Pasted from http://technet2.microsoft.com>
  
Application is blocked from running 
‐blocked publisher or policy 
   
Administrative Application
-"Windows needs your permission"
-blue/green background
Trusted Publisher
-"A program needs your permission
to continue"
-trusted by your computer
-gray background
Unsigned/Not yet Trusted
-"A unidentified program wants to access
your computer"
-yellow background (red shield),
Windows Vista Training
Train Signal, Inc.
Scott Skinger

Application Run Levels

1. Run as administrator (right click application)

2. Run Non-System application as administrator


-compatibility mode (tab)

3. Run System application as administrator


-shortcut tab, then advanced button
-create a desktop shortcut

Troubleshooting Applications

Managing Startup/Running Programs


Software Explorer in Windows Defender
Task Manager
Msconfig
  
Failed Installation Message
Windows Vista Training
Train Signal, Inc.
Scott Skinger

What we Covered
New programs in Vista
Meeting Space
Setting global/individual defaults for programs
Installing/Uninstalling/Upgrading programs
Different alternatives to get legacy applications to work
Application elevation prompts and run levels
Software Explorer, Task Manger, Msconfig
What you should know
1. Uninstall a program
2. Install an application using the application compatibility wizard
3. Run a program as an administrator (one time)
4. Run a program as an administrator (create shortcut)
5. Use Windows Defender to see what programs are running on your system
6. Use task manager to end a process
7. How does a software program become Vista compliant?
8. Change the global defaults for the default email program
9. Change a file extension to be associated with a different program
10. Add a new Windows Vista feature
Windows Vista Training
Train Signal, Inc.
Scott Skinger

Administering Windows Vista


Remote Desktop & Remote Assistance
Services
Task Manager
Task Scheduler
Disk Quotas
Disk Tools (Defrag, Compression, Cleanup)
System Properties
Performance Monitor
Event Viewer
Scenario
Everything is working great on the cakehouse network; server is setup, Internet is working,
software is installed and the network is secure. It is now time for Amy to learn a little bit about
administering and managing the network.

Remote Administration
Remote Desktop
-remote desktop management
-disabled by default
-faster connections in Vista
-if same user is logged on, desktop locks; otherwise a new session is opened
-RDP, port 3389
Remote Assistance
-desktop control (good for helpdesk problems)
-disabled by default
-invitations are sent allowing access to computer for a limited time
-RDP, port 3389

Services
-System programs that run in the background and make Vista "work"
-Run as part of the OS; you don't need to be logged on
-Include things like Windows Firewall, Parental Control, DNS Client
-Launched with services.msc
Windows Vista Training
Train Signal, Inc.
Scott Skinger

Services are More Secure in Vista


-unnecessary services are turned off
-reduced privileges, just enough permission to do their job
-Service Isolation (can only modify a few items)

Managing Services
-Starting/Stopping/Restarting/Disabling

Task Manager
-Manage applications, service & performance

Task Scheduler
-Automation of tasks

Disk Quotas
-Allow you to limit disk storage space on a per user level
-NTFS volumes/partitions only
-Configured on a volume by volume basis
-Configured by local or domain administrators only
-More common on a network file server

Disk Tools
Disk Cleanup
-volume by volume basis
-deletes files that MAY not be necessary
Disk Compression
-NTFS volumes only
-Can't be used with encryption
Disk Error Checking
-Scan the hard disk for errors
Disk Defragmentation
-Put data "back together" again

System Properties
Windows Vista Training
Train Signal, Inc.
Scott Skinger

Visual Effects
Processor Scheduling
Virtual Memory
Data Execution Prevention (DEP)

Performance Monitor & Event Viewer


-Measure and monitor system performance in real-time or historically
-Added Reliability feature to show system stability

Event Viewer
-Used to troubleshoot and monitor health of systems
-divided into several logs including, Application, Security, System

What we Covered
Remote Desktop & Remote Assistance
Services
Task Scheduler
Disk Quotas
Disk Tools (Defrag, Compression, Cleanup)
Virtual Memory
Performance & Reliability Monitor
Event Viewer

What you should know


1. Enable disk quotas on a volume
2. Enable remote desktop
3. Send a remote assistance invitation
4. Start/Stop services
5. Configure custom disk quota entries
6. Name the port used with remote desktop/assistance
7. Create a task in task scheduler
8. Check the stability of your machine using performance monitor
9. Troubleshoot a system error using event viewer
10. Use disk cleanup to free up disk space on a volume
Windows Vista Training
Train Signal, Inc.
Scott Skinger

Hardware and Printing


Hardware in Vista
Hardware Installation
Device Manager
Troubleshooting Hardware
Other Hardware
Printing
Scenario
In order to better manage the network, Amy needs to know how to manage and add new
hardware in Vista. She already has some new hardware devices that she would like to add to a
few computers, but she wants to learn the ins and outs first.

Hardware in Vista
-Much easier to manage…most of the time it just works
-Some problems early on (OS and 3rd Party Vendors)

Automated Help & Support


-Detects hardware/software issues and proactively tries to fix the problem
-Checks for updated device drivers
-Problem Reports and Solutions

Many Windows services dedicated to support, including:


-BITS
-Superfetch
-Task Scheduler
-Windows Error Reporting Service

New support policies in group policy, including:


-Corrupted File Recovery
-Disk Diagnostic
-Application Compatibility Alerts
Windows Vista Training
Train Signal, Inc.
Scott Skinger

Hardware Installation
Pre-Existing Devices (included with your computer)
-Vista has a large supply number of drivers
-New devices drivers are located through Windows Update
-Windows Update Driver Settings must be enabled
-Sometimes they are included as Optional Updates
New Devices (you add yourself)
-Most devices are plug n' play and just work
-Found New Hardware dialog box:
A. Looks in Pre-Configured Drivers
B. Hardware CD-Rom
C. Browse your Computer (download from manufacturer)

Device Manager
Control Panel, Administrative Tools, Computer Management, devmgmt.msc
 -Manage system devices, including NICs, Display Adapters, Sounds Cards, etc.
-Troubleshoot, Update Drivers, Advanced Settings
Driver Signing
-Microsoft digitally signs device drivers that ship with Vista
-Less likely to be unstable and crash system
-<systemroot>\system32\driverstore
-Unsigned drivers can be controlled through group policy:
User config\administrative templates\system\driver installation
Add Hardware Wizard
-Used to add legacy, non-plug n' play devices

Troubleshooting Hardware
-Reinstall the device driver manually, browsing to the location
-Download a new driver from the manufacturer
-XP drivers often work
-Turn the machine off. Pull the device. Restart and try again
-How much is your time & sanity worth?
-Stay away from brand new drivers if you have a working device!
Windows Vista Training
Train Signal, Inc.
Scott Skinger

Control Panel Options


Display Settings
PC Cards & USB Devices

Hardware and Sound


Sound
Mouse
Scanners & Camera
Keyboard
Phone and Modem 
Game Controller 
Tablet PC Settings 
Color Management 
Date & Time 

Ease of Access
Setup and enable accessibility settings in Vista 
  
Printing
Print Device - A physical piece of equipment that
produces printed documents.
Printer - The software interface between the OS & the
print device. This is what the user sees on the screen
of the computer.
Print queue - A buffer that holds print jobs until they
are ready to be printed.
Print Server - A computer that manages one or more
shared printers. It can also be a device like a HP Jetdirect print server.

Printer Setup
Ways to install
Plug n' Play (Local)
Login Script (Network)
Automatic Install (Network)
Add Printer Wizard (Local or Network)
Windows Vista Training
Train Signal, Inc.
Scott Skinger

Types of Printers
Local – Physically connected to local PC
Network – Access the print device via the network
Wireless/Bluetooth - Connect to a wireless printer

Sharing Printers
From Vista or a server OS (make drivers available)

Microsoft XPS Documents


-Like Adobe PDF files
-Print to a file
-Built into Vista, Downloadable for XP and Server 2003

What we Covered
Hardware in Vista
Hardware Installation
Device Manager
Troubleshooting Hardware
Other Hardware
Printing

What you should know


1. Manually install a hardware device
2. Install a non-plug n' play device (legacy)
3. Install a network printer
4. What is driver signing for?
5. Do XP drivers work for Vista?
6. Configure the magnifier
7. Set up a local printer
8. Change the device driver of a network card
9. Rollback your device driver to a working version
10. Change the refresh rate of your display adapter
Windows Vista Training
Train Signal, Inc.
Scott Skinger

Backing up your System


Backups are Important!
Backup and Restore Center
System Protection
Troubleshooting Vista
Other options for backup
Scenario
After talking to the computer consulting team about backing up and restoring data on the
network, Amy is scared. She realizes that if she lost her recipes, client list and accounts receivable
data she would be out of business. Amy is all ears as the team is telling her about her options.

Backups are Important!


-Lose irreplaceable personal/business data
-Loss of time and money recreating
-Put small companies out of business

Get a Plan
1. Get Organized
-What needs to be backed up? Not system files and software
-separate data partition
-What about large amounts of data?

2. Create an easy system


-Full backups every day? Tape drive, DVD, External hard drive?

3. Multiple points of failure


-What if your backup external hard drive is stolen or doesn't work?
-What if you only need to restore one file?
4. Test!
-Does it work? Can you restore information easily? flexibly?
Windows Vista Training
Train Signal, Inc.
Scott Skinger

Backup & Restore Center


Backup & Restore
‐To back up data files on your computer (not system files, program files, etc.) 
‐Very easy to use 
‐Can not specify files/folders to backup…sigh! 
‐Restore functionality is clumsy 
‐Overall lack of basic flexibility 
  
Windows PC Complete Backup & Restore
‐Complete system backup/image 
‐Can back up all local drives on your computer 
‐NTFS partitions or DVD only 
‐Takes up a lot of space 
‐Not available in Home Basic or Premium 
‐Can be restored from a Windows Recovery Environment (boot off DVD) 
‐You can only restore volumes (not individual files/folders) 
***Workaround*** 
‐This tool creates .VHD files (Virtual PC/Server) which can be mounted to a drive  letter using a Virtual 
Server tool, VHDMount.  Individual files/folders can then be  accessed! 
 
System Protection
System Restore
-Snapshot of computer's system configuration
-Most useful for recovering from software/driver installation problems
-Will take your computer back to the restore point in time
-Does NOT recover (or overwrite) data files
-Enabled on a volume by volume basis
-Restore points (also called snapshots or system checkpoints) are automatically created by Vista:
A. When you install a program
B. When you use Windows Update
C. When you install an unsigned device driver
D. Before you restore a system using System Restore or Backup
E. Manually (when you decide)
-THIS IS NOT A BACKUP SUBSTITUTE
Windows Vista Training
Train Signal, Inc.
Scott Skinger

Previous Versions (Shadow Copies)


-Requires system protection (System Restore) to be turned on
-Created automatically as part of a system restore
-Not available on system folders/files
-Shadow copies are copies of files/folders that have changed
-Backup copies are copies of files/folders that are included in a backup
-THIS IS NOT A BACKUP SUBSTITUTE

Troubleshooting Windows Problems

Safe Mode - Good for device driver problems (especially display adapters). Starts the system
with a bare minimum configuration. Allows you to troubleshoot, reinstall drivers, rollback
drivers, etc.
System Restore - Quick and effective
MSconfig - Selective diagnostics

Windows Recovery Environment (Windows RE)


-Diagnostic/Repair tool that AUTOMATICALLY tries to fix boot problems
-Recovers from problems such as registry corruptions, corrupt file systems, missing OS boot files
system file corruptions
-Loaded automatically by creating a boot partition with Windows RE
-Accessible by booting from the DVD, select Startup Repair Tool
-Attempts to fix problem using a cache of system files or a system restore point

Other Backup Options


Windows Live OneCare
-a little (very little) bit better than Windows Backup
-You can at least see the files/sizes of the potential backup set
Acronis
-What Windows backup should be
Windows Vista Training
Train Signal, Inc.
Scott Skinger

What we Covered
Backups are Important!
Backup and Restore Center
System Protection
Troubleshooting Vista
Other options for backup

What you should know


1. Start a full system backup of just pictures and documents
2. Restore you backup to a different volume
3. When would you use Windows PC Complete Backup & Restore
4. Use previous versions to restore a file
5. Use System Restore to load an earlier system checkpoint
6. Create a manual system restore point
7. Use the Windows Recovery Environment to troubleshoot a boot problem
8. Restore your PC using WindowsRE
9. Use Msconfig to perform a selective "safe" boot
10. When are System Restore points automatically created?
Windows Vista Training
Train Signal, Inc.
Scott Skinger

Group Policy in Windows Vista


Group Policy Overview
What is different in Vista
Group Policy vs. Local Group Policy
Group Policy Examples
Configuring Multiple local GPOs
Group Policy Management Console (GPMC)
Scenario
Amy is very happy with her decision to revamp her network and upgrade to Vista. The last thing
she would like to do is restrict access to certain settings and programs to ensure that her
employees aren't "distracted" by components on their computers that are unnecessary for them
to complete their jobs.

Group Policy Overview


-Used in an Active Directory domain and on local computers to efficiently deploy software,
configure settings, implement policy and more on both user and computers
-Very simple to use yet can also be very complicated
-Lots of planning and testing!

How Group Policy in Vista is Different


-Group Policy is now its own service, more secure and more reliable
-Multiple local GPOs
-ADMX instead of ADM files (XML files, central store/updates)
-Group Policy Management Console (GPMC) - gpmc.msc
-800 Plus new settings to configure
Windows Vista Training
Train Signal, Inc.
Scott Skinger

Group Policy vs. Local Policy

Group Policy
-Referring to an Active Directory domain environment
-Not available in a workgroup environment
-Policy is set at a "higher" level effecting lots of users/computer
-Policy can be set at the domain, site and organizational unit levels
-Local security policy can be used in a domain environment but is not as efficient as using group
policy on Active Directory objects

Local Group Policy


-policy that is configured on each computer separately
-available in a domain and workgroup environment
-considered a local group policy object (GPO)
-domain policies will override local policies IF they are conflicting

Group Policy Specifics


-use gpedit.msc or create a snap-in from the MMC
-computer configuration effects the whole computer
-user configuration effects users (more important in a domain)
-Local Security Policy…a subset of your local group policy

Group policy Examples


Password policies
User Account Control Settings
Turn off Windows Sidebar & Windows Mail
Windows Vista Training
Train Signal, Inc.
Scott Skinger

Additional Group Policy Information

Multiple Local GPOs


-probably not needed in a domain environment
-helpful on a shared computer
-Use the MMC and add the Group Policy Object Editor snap-in

Group Policy Management Console (GPMC)


-Add the GPMC snap-in from the MMC
-Very handy tool used to manage Group Policy from a Vista computer

What we Covered
What is different in Vista (ADMX, More efficient/secure)
Group Policy vs. Local Group Policy
Group Policy Examples
Configuring Multiple local GPOs
Group Policy Management Console (GPMC)

What you should know


1. Set the minimum password length to a minimum of 6 characters
2. Configure a policy that restricts access to the Windows sidebar
3. Explain the differences between Group Policy and Local Group Policy
4. How are ADMX files helpful?
5. Configure the same policy for two different users with two different settings
6. Use the GPMC to manage group policy from Vista
7. Disable Windows Mail on your computer
8. What command do you use to enforce a group policy immediately?