Beruflich Dokumente
Kultur Dokumente
l drives ==
[2.1] Plug & play
For plug & play to operate we need the following:
Plug & play BIOS
OS that is plug & play capable
Device that supports plug & play
When Windows finds new hardware but is unable to install it we can go to
Device Manager and run troubleshooter as well as look at the error codes
Uninstalling the device using 'Device manager' only removes the driver and
uninstalls it from the OS (not from the PC!). If the device is not physically
removed from the PC, it will be detected the next time PC boots up. To
prevent this from happening one must disable the device.
When Windows 2003 fails to detect new hardware use 'Add new hardware
wizard'
[2.2] Hardware supported
Virtual Disk service API for storage systems, SANs (storage area networks)
IEEE 1394, RAID, USB 2.0, Video, Sound
Wireless supports
Wireless and cable network bridging
Roaming and autoconfiguration
USB 2.0 supports up to 127 devices per root hub and up to 5 deep nested
external hubs. You can see power & bandwith usage by checking out root
properties.
Windows 2003 has the ability to burn CD-R and CD-RW using IMAPI service,
however it is disabled by default
You will need a decoder for video DVDs (data DVDs are OK)
DVD+RW and DVD-RW are not supported, need manufacturer's driver
[2.3] Access needed to install new hardware
You will need to be a member of the Administrators group or have 'load and
unload device drivers' user privelage to install new hardware, unless
Driver the the hardware uses is signed or has the Designed for Windows
Logo
No further action is required to install the device, no requirement for
Windows to display a user interface. No need to use 'Add Hardware
Wizard'
Device driver is already on the system
No network policy settings are preventing you from installing hardware.
This way ordinary users can for example connect a USB pen drive to the PC
without beeing member of the administrators group
[2.4] Device Manager can be accessed in 4 ways
By going to start -> all programs -> administrative tools -> computer
managment-> device manager tree selection
Control panel -> system -> hardware tab -> device manager button
R-click on 'My computer' and select properties ->hardware tab -> device
manager button
Custom made MMC snap-in
[2.5] Device Manager views
Devices by type - when you use this view all network adapters present will
be listed under 'network adapters', all disk drives under 'disk drives' etc. This
is the default view.
Devices by connection - you can for example see what devices are
connected to the motherboard on the PCI slot by expanding Standard PC
node and expanding PCI bus node.
Resources by type - sorts devices by type, i.e. DMA devices, I/O devices,
IRQ devices and memory devices. Good for IRQ conflict troubleshooting.
Resources by connection - sorts devices by connection instead of type
Show hidden devices - shows the non plug and play devices that have been
removed from the PC but have installed drivers.
[2.6] Device properties tab
General - for example manufacturer and device status
Advanced settings - optional, not every device has them. For example, for a
network card we could have card link speed selector.
Resources tab - shows things like IRQ assignments. You can only edit IRQ if
there is a conflict. Also the device has to be plug and play capable.
Power managment - not applicable to servers
Hardware profiles - good mostly for laptops, when say you have different
hardware connected to your PC at the office and at home office. Also can be
used for troubleshooting, you can limit the hardware in each profile.
[2.7] Driver properties
Details of installed driver
Update driver
Roll back driver (new in Windows 2003)
Uninistall driver
Driver signing:
Harmful driver install prevention
HCL - Hardware compatabilty list, to be replaced by Windows catalog
Run d:\i386\winnt32 /checkupgradeonly from Windows 2003 CD to
check hardware compatability
Command line sigverif.exe is used to check drivers from command line
By default system is set to warn user if he or she is installing unsigned
driver (other options are: ignore and block)
Unsigned driver means that the driver was not tested by Microsoft and is
not supported by Microsoft. For most part these drivers are still OK
When driver is signed by Microsoft it and the hardware are tested by
Microsoft
Some older devices (like CD-ROM etc.) plug into LPT port on the PC. You will
need to set LPT port to "Legacy plug and play support" on port settings tab
for older devices to work.
The easiest way to solve embedded device conflict with an add on device is
to disable the onboard device. For example, to use add on music card, you
will need to disable onboard music card
Many problems are caused by incorrect drivers, for example graphic card that
displays only 800x600 resolution. Update driver to solve these problems.
[2.8] HAL - hardware abstraction layer
Computer driver which is the interface to BIOS, kernel is build on top of this
driver
You can choose HAL during install by pressing F5
Multiple processors - when installing a 2nd processor in a single processor
system (UP - uni processor) you will need to update HAL for the CPU from
single CPU to multiple CPU (SMP - symmetric multi processor driver)
Do not upgrade from standard HAL to ACPI (advanced configuration and
power interface) HAL and vice versa
[2.9] Windows update & automatic update
1st appeared in Windows 98
Windows 2003 adds scheduling of updates capability
To access follow: control panel -> system -> system properties -> automatic
update button
Can set up Windows update properties via GP settings
Specify Intranet Microsoft Update service location
Configure automatic updates
Reschedule Automatic updates scheduled installations
No auto-restart for scheduled automatic updates
[2.10] Printers
Printer - this is how we call a piece of software on your PC
Print device - this is the actual hardware printer
Print server - PC to which a local printer is connected - any Windows PC. It
is the computer that sends print jobs to the print device. For a network printer
you send jobs to the server as well.
Print spooler - also referred to as print queue this is a directory on print
server where jobs are being stored prior to being printed
Print processor - also known as rendering is the process that determines
whatever a print job needs further processing once job has been sent to the
spooler
Printer pool - configuration that allows to use one printer for multiple print
devices
Print driver - piece of software that understands your print device codes
Physical port - port through which a printer is directly connected to the
computer, COM or LPT
Logical port - port through which a printer with a network card is attached to
network, much faster than a physical port
Local printer - printer that uses a physical port and has not been shared
Network printer - printer that is available to local and network users, can use
either physical or logical port
Windows server 2003 can be in a "print server" role. In this role the server is
set to manage network printers (this includes local printers connected to other
PCs which are shared)
You can use UNIX (LPR) protocol, for this you will need to add LPR port. LPR
is included in "print services" for UNIX, which is installed as a separate
component of Windows Server 2003
You can also have print services for Macintosh and for Netware
Whenever you hear anything that deals with: LPR, LPD, LPQ think UNIX
You can load into your Windows 2003 server in "print server" role additional
drivers for other Windows versions (Windows 95/98/NT4/2000/XP)
You can set printer priority (1-99) as well as printer avability (which means
when the printer will be available timewise) to different user groups as well as
access to the print device itself to different user groups and individual users.
For network printers that are attached using ethernet cable to the network and
use TCP/IP for communication any Windows 2003 server can be a print
server provided that it is connected to the same network
To implement above you need to create a new TCP/IP port
To create a port you will also need IP of the network printer or its share
name (so IP can be pulled from active directory)
You can print from Windows XP clients to print server computers running a
Windows 2003 by using a Uniform Resource Locator (URL). Internet printing
uses Internet Printing Protocol (IPP).
For example to use different print priority for two groups you need to setup
two print devices, restrict their use and set priority on them
If you want to know printer utilization track print queue object in system
monitor
%systemdir%\system32\spool\printers\ is the default location of the spool
folder. You should change it if your server serves many printers.
A port is defined as the interface that allows the PC to communicate with the
print device. Local ports are for print devices attached to the PC directly.
Separator pages are used in multi user environments, sample files are found
in %systemroot/system32/ folder with .sep ending
Print.exe - sends a text file to a printer
Net Print - displays information about a specified printer queue, displays
information about a specified print job, or controls a specified print job
[2.11] Printer Poling
One printer, multiple print devices
Think of it as load balancing for printers, used in larger enterprises
Need to use the same driver for all print devices that are member of the pool.
Many newer printer devices will work with older driver, use driver that is the
newest for the oldest printer.
[2.12] Management of printers using print server role of Windows 2003 server
Surf to http://printserver/printers/ where 'printserver' is the name (or IP) of
your print server PC
Can restrict access to this web interface using group policy
For above to work you will need to install IIS 6
[2.13] Redirecting print jobs
You can redirect print jobs provided both printers use the same driver
When user placed into a queue a request to print a document on a print
device which failed to print BEFORE comencment of printing you can redirect
printing to another printer
To redirect a print job select print device you want jobs redirected from
If the new printer is on this print server, just select new port to which the new
printer is attached, otherwise
Click on 'ports' tab
Click on 'add port', select local printer and click on 'new port'
Type in UNC share name of the printer you want the job redirected to, in
format \\other_print_server\share_name
Check the check box next to the port you just created
[2.14] Disk drives
SCSI 15000RPM, 20Mbps transfer
IDE 7200RPM, 16.7Mbps transfer
SATA (similar to IDE)
Both SCSI and SATA support up to 15 drives on a single controller
IDE drives have 'cable select' option on them which automatically determines
master and slave. It is best practice to manually set jumpers for master and
slave.
[2.15] ARC path designation (Advanced RISC computing)
ARC dates back to NT 3.5 days (in the form presented here, otherwise NT
3.1)
The file boot.ini is used to find '\windows\' directory
Bootcfg.exe configures, queries, or changes Boot.ini file settings
Boot.ini switches:
/debug - for debugging (/nodebug)
/bootlog - enable boot logging
/sos - display driver names while they are being loaded during the
Windows boot
Please note that Microsoft has changed the default install directory from
WINNT to WINDOWS for Windows server 2003. For upgrades we will still use
WINNT directory.
Multi
Identifies the controller physical disk is on
Multi(x) syntax of the ARC path is only used on x86-based computers
For IDE or pure SCSI disks when OS is on the 1st or 2nd SCSI drive
The Multi(x) syntax indicates to Windows NT that it should rely on the
computers BIOS to load system files. This means that the operating
system will be using interrupt (INT) 13 BIOS calls to find and load
NTOSKRNL.EXE and any other files needed to boot Windows NT.
Numbering starts at 0, for example Multi(0), due to technical reasons it
should always be 0
In a pure IDE system, the Multi(x) syntax will work for up to the 4 drives on
the primary and secondary channels of a dual-channel controller
In a pure SCSI system, the Multi(x) syntax will work for the first 2 drives on
the first SCSI controller (that is, the controller whose BIOS loads first)
In a mixed SCSI and IDE system, the Multi(x) syntax will work only for the
IDE drives on the first controller
SCSI
Identifies the controller physical disk is on
The SCSI(x) syntax is used on both RISC and x86-based computers
Using SCSI() notation indicates that Windows NT will load a boot device
driver and use that driver to access the boot partition
On an x86-based computer, the device driver used is NTBOOTDD.SYS,
on a RISC computer, the driver is built into the firmware
Numbering starts at 0, for example SCSI(0)
Windows NT Setup always uses Multi(x) syntax for these first two drives
Disk
Identifies the physical disk attached to controller
0 if Multi(x) present, Disk is only for SCSI
For SCSI value of Disk(x) is the SCSI ID and can be 0-15 Note: one
channel is always reserved for the controller itself
Numbering starts at 0, for example Disk(0)
Rdisk
Identifies the physical disk attached to controller
Almost always 0 if SCSI(x) is present, Rdisk is for Multi(x), ordinal for the
disk, usually number 0-3
Numbering starts at 0, for example Rdisk(0)
Partition
Refers to the partition on the hard disk where Windows system folder is
located on
All partitions receive a number except for type 5 (MS-DOS Extended) and
type 0 (unused) partitions, with primary partitions being numbered first and
then logical drives
A partition is a logical definition of hard drive space
Numbering starts at 1, for example Partition(1)
Signature
Used when system BIOS or controller hosting the boot partition cannot
use INT-13 Extensions
The signature() syntax is equivalent to the scsi() syntax
Using the signature() syntax instructs Ntldr to locate the drive whose disk
signature matches the value in the parentheses, no matter which SCSI
controller number the drive is connected to
The signature() value is extracted from the physical disk's Master Boot
Record (MBR)
[2.16] Easy way to memorize ARC
There are 5 letters in the word 'Multi' and 5 letters in the word 'Rdisk'
There are 4 letters in the word 'SCSI' and 4 letters in the word 'Disk'
'SCSI' works together with 'Disk' while 'Multi' works together with 'Rdisk'
When system uses Multi(x) it uses BIOS INT-13 Extensions, so on board
BIOS has to be enabled
[2.17] Disk Managment MMC snap-in
To activate: start -> all programs -> administrative tools -> computer
managment -> disk managment tree node
Another ways is to r-click on My computer and select 'manage' from the list
Finally you can just create a custom MMC snap in
Using disk managment, among other things, you can:
Initialize new disks
Create new volumes and partitions
If you r-click and select properties -> general tab you can see location
heading with a number. That number is the ARC number of the HD.
If you need a disk formatted in FAT or FAT32 you cannot do it from disk
manager, you need to use: format x: /fs:FAT32 Note Windows can format
FAT 32 disks up to maximum of 32Gb but can read higher capacity drives
DiskPart.exe - you can create scripts to automate tasks, such as creating
volumes or converting disks to dynamic.
Fsutil.exe - perform many NTFS file system related tasks, such as managing
disk quotas, dismounting a volume, or querying volume information.
Mountvol.exe to mount a volume at an NTFS folder or unmount the volume
from the NTFS folder.
[2.18] Remote managment
Computer managment is not just for the local machine, you can also manage
other PCs, to activate r-click on computer managment (local) and select
'connect to another pc'
By default Domain Admins are part of local administrators group and you
need these right to connect and administer remote PCs
If you cannot access Device Manager from the Computer Management
extension snap-ins on a remote computer, ensure that the Remote Registry
service is started on the remote computer.
Computer Management does not support remote access to computers that
are running Windows 95.
In remote managment 'Device Manager' is in read only mode
[2.19] Basic Disks
Primary partition is the only one that is bootable and there is a maximum of
4 primary partitions
Extended partitions are not bootable
Logical drives are created in extended partitions. There are no limits as to
the number of logical drives each extended partition may have.
Primary partitions and logical drives are assigned drive letters
Basic Disk FAT is located on the first sector of the hard disk; space is shared
with the MBR
[2.20] Dynamic disks
Fault tolerance better than basic disks, due to multiple storage places for
information. 1Mb database is placed at the end of each physical hard disk
containing information about all dynamic disk located in this particular system,
this creates multiple storage spaces of the same data.
Can be one of the following:
Simple volume:
Single disk
No fault tolerance
Can be NTFS or FAT
Spanned volume:
maximum of 32 disks
Cannot extend spanned volumes, need to delete and recreate if not
NTFS or contain system files
For more information see <a
href="http://technet2.microsoft.com:80/WindowsServer/en/library/5079
e4a1-b0be-4fdf-9b4a-ece7a0755c5c1033.mspx?mfr=true"
target="_blank">MS knowledge base paper</a>
No fault tolerance
Extendeding simple volume:
Similar to spanned volume but uses the same physical HD with simple
volume
You can extend a simple volume only if it does not have a file system
or if it is formatted using the NTFS file system. You also need free
space on HD and the volume could not have been originally a basic
disk partition (when the conversion from basic to dynamic has been
made on Windows 2000).
You cannot extend volumes formatted using FAT or FAT32
You cannot extend a system volume, boot volume, striped volume,
mirrored volume, or RAID-5 volume
Mirror volume:
Also known as RAID 1
The only volume besides simple volume in Windows 2003 which can
boot and system partitions can both reside on
Can be NTFS or FAT
Fault tolerance, data is the same on both disks
To replace the failed mirror in a mirrored volume, right-click the failed
mirror and then click Remove Mirror, and then right-click the other
volume and click Add Mirror to create a new mirror on another disk
Variation of mirroring called duplexing uses HD connected to different
controllers for even more fault tolerance
Striped volume:
Also known as RAID 0
Maximum of 32 disks
Breaks data into 64Kb chunks for writing to different disks that make
up the stripe
It is recommended to use same type of hard drives for member drive
Windows 2003 cannot be installed on software RAID 0
You cannot extend striped volume, need to recreate it
No fault tolerance
RAID 5:
Made up of three disks with each storing parity information
Fault tolerance when one disk fails
Maximum of 32 disks, minimum of 3
Not available in Windows XP professional
To replace the failed disk region in a RAID-5 volume, right-click the
RAID-5 volume and then click Repair Volume
Only in Windows XP Professional, windows 2000 Professional and Windows
2003 Server (all editions) you can use dynamic disks
Note: if disk fails for which ARC path is in boot.ini system will not boot. You
should have a disk with modified boot.ini
Mounted volumes - can mount HD as a NTFS folder
Uninstall disks prior to moving them, Re-scan disk when you attach it
Dynamic disks can be re-configured without re-boot
When your boot disk is also a dynamic disk, then you will not be able to dual
boot into OS that is not dynamic disk capable
Dynamic disks are not supported on laptops due to luck of advantage over
basic disks in this scenario
Dynamic disk partition table types:
dynamic GUID partition table (GPT) disks, for 64bit editions of Windows
dynamic MBR disks, for 32 and 64bit editions of Windows
The Foreign status occurs when you move a dynamic disk to the local
computer from another computer
You can have a maximum of 2000 volumes on a dynamic disk, recommended
maximum is 32
Volumes created after the 26th drive letter has been used must be accessed
using volume mount points
Hard drives that are connected to the Pc using USB or IEEE 1394 can not be
converted to dynamic volumes
Volume status descriptions
Failed - basic or dynamic volume cannot be started automatically or the
disk is damaged
Failed Redundancy - data on a mirrored or RAID-5 volume is no longer
fault tolerant because one of the underlying disks is not online, has
substatuses
Formatting - occurs only while a volume is being formatted with a file
system
Healthy - normal volume status on both basic and dynamic volumes, no
known problems, has substatuses
Regenerating - occurs when a missing disk in a RAID-5 volume is
reactivated
Resynching - occurs when creating a mirror or restarting a computer with
a mirrored volume
Unknown - occurs when the boot sector for the volume is corrupted
Data Incomplete - displayed in the Foreign Disk Volumes dialog box, and
occurs when data spans multiple disks, but not all of the disks were
moved.
Data Not Redundant - displayed in the Foreign Disk Volumes dialog box
when you import all but one of the disks in a mirrored or RAID-5 volume
Stale Data - displayed in the Foreign Disk Volumes dialog box, and
occurs when a mirrored or RAID-5 volume has stale mirror information,
stale parity information, or I/O errors
[2.21] Converting to dynamic disk and back to basic disk
If you convert a boot disk, or if a volume or partition is in use on the disk you
attempt to convert, you must restart the computer for the conversion to
succeed.
The conversion may fail if you change the disk layout of a disk to be
converted or if the disk has I/O errors during the conversion.
After you convert a basic disk into a dynamic disk, any existing partitions on
the basic disk become (dynamic) simple volumes.
If you are using shadow copies and they are stored on a different disk then
original you must first dismount and take offline the volume containing the
original files before you convert the disk containing shadow copies to a
dynamic disk.
If you are converting disks form dynamic to basic the disk being converted
must not have any volumes on it nor contain any data before you can change
it back to a basic disk. If you want to keep your data, back it up before you
convert the disk to a basic disk.
[2.22] File systems
FAT 16 bit (File Allocation Table)
FAT 32 bit
NTFS (New Technology File System)
To convert from FAT to NTFS use: convert x: /fs:NTFS
[2.23] Folder compression (zipped)
Create new compressed folder (zipped)
All new items added to that folder will be compressed (zipped)
For command line operations use compress.exe, which acts like winzip
[2.24] Compression (NTFS)
When you compress a whole folder:
All files are compressed automatically when added but not current folder
occupants
OR
Compression can also be applied to current files and subfolders
Decompression is a reverse process of compression
Moving a file on the same volume means that the file location is moved in
MFT only, not the physical file itself.
When you copy a file, no matter whatever on the same volume or not, the
destination file will inherit the destination folder's permissions
When you move a file on the same volume, it keeps its original permissions
(explicit permissions only). When you move a file to another volume, the
move is treated as a copy operation and the file permissions are inherited
from the destination folder.
All file attributes behave in the same way with the exception of encryption
File compression is supported only on NTFS volumes with cluster sizes 4 KB
and smaller
For command line use compact.exe, it can display and modify compression
attributes but it works only on NTFS
[2.25] Encryption:
Only users who created the files, users whom owner gave access to view the
file (new in Windows 2003, additional users need to already be issued
certificates) and recovery agents can decrypt the file
When moving encrypted file from one volume to another volume, it stays
encrypted. When copying file it also stays encrypted. This behaviour is unique
for encryption!
Note that user which has NTFS permissions to an encrypted file can delete
that file, even if he/she cannot view that file
Cannot encrypt and compress at the same time (due to encryption process
using pseudo random salt which cannot be further compressed due to its
nature)
You can zip 1st then encrypt to get encrypted and compressed file
Executable file cipher.exe is a command line encryption utility
By default, the recovery agent is the Administrator account on the 1st DC,
there is no default for stand alone server
For encryption property, moving/copying a file to a FAT system decrypts file
without warning
It is recommended to store recovery agent certificate on a floppy disk in
secured location. It is also recommended to copy their file to be recovered to
the recovery agent PC where it will be recovered.