LEVEL 2 MONITORING SERVER / REMOTE LOGIN FTE- CCNA MCSE

DIAGNOSTIC TESTING:
NETWORK TESTING: Whether youre developing a new network element or testing your live network, you need to be able to troubleshoot any problem and correct it as quickly as possible. With the increasing data rates and amount of information exchanged through the network, the chances for error are greater than ever as are the consequences for your business of a poor service delivery. A Network test is a method of evaluating the security of a computer system or network by simulating an attack from a malicious source, known as a Black Hat Hacker, or Cracker. The process involves an active analysis of the system for any potential vulnerabilities that could result from poor or improper system configuration, both known and unknown hardware or software flaws, or operational weaknesses in process or technical countermeasures. This analysis is carried out from the position of a potential attacker and can involve active exploitation of security vulnerabilities. Any security issues that are found will be presented to the system owner, together with an assessment of their impact, and often with a proposal for mitigation or a technical solution. The intent of a penetration test is to determine the feasibility of an attack and the amount of business impact of a successful exploit, if discovered. To diagnose network connectivity status, the Network Diagnostics analyzes the following tests: IP configuration test Default gateway test Winsock tes test DNS test Firewall test Internet connectivity validation test

TROUBLESHOOTING 3RD PARTY SOFTWARE:

Eleven Tips for Troubleshooting Software:1. Free up RAM by closing other open programs. Every piece of software that's installed on your machine needs Random Access Memory (RAM) in order to run. The more software that's running on your computer at once, the more RAM it will consume. So if a certain program refuses to load or is running sluggishly, the first step you should take is to close all other open applications. This can be especially important if your nonprofit uses older machines that don't have a large amount of RAM. If you want to investigate which open applications might be hogging much of your computer's RAM, both Windows and Macintosh operating systems (OS) provide tools that display this information. In Windows, you can locate RAM-usage statistics by hitting Ctrl+Alt+Delete, then choosing the Task Manager option. From the window that appears, click the Processes tab, then click the menu item labeled "Mem Usage," which arranges all open applications according to the amount of RAM they're using. You can shut down a process or application by clicking the End Task button, but before you do so, you may want to perform a Web search on the name of the process or application; that way you won't accidentally stop a process or program that's necessary in order for your system to run.

Mac OS X displays RAM-usage information with a tool called the Process Viewer, which you can access by going to Applications > Utilities. Once you've called up the Process Viewer, you sort programs by RAM usage by clicking the column labeled Real Memory. 2. Restart the software. If you've closed all applications that are running on your computer and the software still runs slowly, crashes, or returns error messages, try shutting down the problematic program and immediately restarting it. Sometimes, software problems stem from a conflict with other programs or simply encounter difficulties starting up, so restarting the software can often resolve these issues. 3. Shut down and restart your computer. Sometimes, a glitch in your computer's OS or a hardware mishap can cause software problems. If restarting the actual application doesn't resolve the issue, try rebooting your computer. Once the computer has fully restarted, re-launch the application in question and see if the problem has resolved itself. 4. Use the Internet to find help. problems No matter what piece of software is misbehaving or what specific you encounter, chances are, it's happened to someone else. And as long as you're not having issues with a custom-built piece of software, there's a good chance that you can find help on the Internet. When conducting online troubleshooting research using Google or your search engine of choice, include the most important information, such as the software program's name, the type of problem you've encountered, and the circumstances under which it occurs. If the program is returning a specific error message, write it down and type it into the search engine's search box along with the application's name. Although using a search engine can be a quick way to find information regarding very specific software error messages or crashes, take a look at the manufacturer's site for more general troubleshooting advice. Most major software manufacturers provide at least some form of product-specific help on their official sites, such as a list of frequently asked questions, product documentation, or discussion forums where users can swap tips. 5. Undo any recent hardware or software changes. As mentioned, some software problems arise from conflicts with other software. For example, as this information technology article from the Johns Hopkins Institutions points out, Symantec Norton Antivirus can often conflict with competing antivirus products. So, if one of your organization's staffers has installed another antivirus program and Norton Antivirus no longer works correctly, uninstalling the other antivirus problem could very well solve your problem. If you are troubleshooting one of your staff members' computers and suspect that they have tinkered with the OS's settings, it's possible that they have inadvertently made changes that are causing their current software problems. For instance, Windows XP's Start Menu contains an option called "Set Program Access and Defaults," which allows you to disable access to certain applications. If the user accidentally unchecked the box next to a program, this may be the reason it won't run. Ask the user whether he has recently changed any of their computer's settings; if he can remember what changes he made, undo them and try launching the software again. Similarly, software problems can sometimes be caused by new or improperly configured hardware peripherals, including scanners and printers. If you've recently connected new hardware to one of your organization's computers, try disconnecting it and see if that corrects the software issue.

6. Uninstall the software, and then reinstall it. Sometimes, a certain piece of software will fail to run properly because crucial application files have been removed or deleted. For instance, many Windows applications use Dynamic Link Library (DLL) files to perform certain tasks. Oftentimes, several applications will need the same DLL file to operate properly, so if you've recently removed one program from your computer along with all of its DLL files, another application may become unstable or nonfunctional. One step you can take to ensure that the problematic software has all of its necessary files intact is to completely uninstall it, then reinstall it on your computer. Even if you remove a program using its built-in uninstall wizard (if it includes one), it's still a safe move to check your hard drive's Program Files folder usually located on the C drive for any remnants of the program and delete any files or folders you find. Next, check to see if there's a new version of the program available (the vendor or developer might have introduced bug fixes that address the issue you're having) download and install the new version if it's ready. If not, locate your installation CD or download the most current version of the software and repeat the installation process. 7. Look for software patches. Though some software vendors will correct major problems with their products by releasing entirely new versions, other vendors may fix minor bugs by issuing patches, small software updates that address problems detected by developers or users. Even if you're sure that you have installed the most current version of the software, you might still want to visit the manufacturer or developer's Web site to check for new updates, as the vendor may have chosen to quickly correct a recently discovered problem with a patch rather than a new version. 8. Scan for viruses and malware. Viruses, spyware, and other forms of malicious software (commonly referred to as malware) can not only compromise your nonprofit's privacy, they can also cause other applications on your computer especially Web browsers and email clients to freeze, crash, or quit working entirely If tips 1 through 8 haven't helped solve your software problem, you may want to scan the machine using both antivirus and anti-malware applications, programs designed to find and remove viruses and malware. When running one of these programs, it's a good idea to use the most thorough scan mode available; also, remember to shut down and restart your machine if the antivirus or anti-malware program does find and remove threats from the computer. 9. Check for a firewall conflict. Many nonprofits do not have the budget to purchase a centralized hardware or software-based firewall and may instead choose to install personal firewall software such as ZoneAlarm Free on each computer in their office. Though personal firewalls can be an important line of defense against hackers and other security threats, they might also confuse users, since they frequently display messages asking users whether to allow a program to run or whether to block it. It's possible that you may be experiencing software problems because you've accidentally instructed the personal firewall to block the program in question, most likely by responding to one of the aforementioned messages. You may want to check the firewall's settings to see if the problematic software has inadvertently been added to its list of programs to block. If so, change the firewall's settings to allow the software to run, then check to see if you're still having issues.

10. Boot up in Safe Mode. As mentioned, some software malfunctions can be caused due to OS settings or other system problems. Windows and Mac operating systems both feature a troubleshooting environment known as Safe Mode, which disables applications and processes that are not crucial to the system, theoretically making it easier to isolate problems. Most Windows computers allow you to enter Safe Mode by pressing the F8 key as your computer is booting up. If you're using a Mac, you can enter Safe Mode by pressing the Shift key while or directly after your computer boots up. Once your computer is in Safe Mode, launch the problematic software application and attempt to replicate the problem you encountered while your computer was in normal mode. If you don't encounter the same problem, there's a good chance that the issue is being caused by your OS or another program rather than the application you are troubleshooting. 11. Defrayment your hard drive. As a final troubleshooting step, you might choose to defrayments your computer's hard drive, the process of rearranging its file structure so that the system runs more efficiently. Defragmenting a hard drive will probably prove most useful if you're experiencing extreme software sluggishness, as this process is meant to make your entire system run faster. Note that defragmenting a hard drive applies only to Windows-based computers, as the Macintosh OS automatically optimizes the hard drive's file structure. Windows 98, ME, 2000, and XP OSs all include a built-in disk-defragmentation tool, which you can launch by going to Start > Programs > Accessories > System Tools > Disk Defragmenter. Be aware that defragmenting a hard drive can be a time-consuming process especially if the drive contains many files so make sure to perform this task when you (or the user) will be away from their computer for a few hours. If the tips listed above haven't solved your software problem, it may be time to bite the bullet and call the techsupport hotline. One final tip? If you do end up having to place a tech-support call, you may want to invest in a hands-free headset; it will likely make the time you spend on hold both more comfortable and convenient. MANAGING YOUR NETWORK CONNECTIONS/SETTINGS:The network connections settings in Microsoft Windows XP specify how your computer will connect to a network. If you use a laptop, you might need to change your network connections to adapt to different environments. For example, you might want to use your wired network connection to conserve battery power while sitting at your desk and your wireless network connection when you're at the local coffee shop. You might also need to change network settings if you add a network adapter or change Internet service providers (ISPs). To manage your network connections, first open Network Connections 1Click Start, and then click Control Panel. .

2In Control Panel, under Pick a Category, click Network and Internet Connections. .

3Under or pick a Control Panel icon, click Network Connections. .

Windows XP displays the Network Connections window. In this window, you can perform several network management tasks: Disable a network connection. Disable a network connection if you aren't using it. For example, if your computer has a built-in wireless connection, and you're currently connected to a wired network, you should disable the wireless network connection to make sure your computer doesn't use the slower wireless connection. You'll save power, too. To disable a network connection, right-click the network connection, and then click Disable.

Enable a network connection. To enable a previously disabled network connection, right-click the network connection, and then click Enable.

Repair a network connection. Windows XP can solve common network problems automatically. To repair a network connection, right-click the network connection, and then click Repair. For detailed instructions, read Repairing network connections.

Configure your Internet Protocol (IP) settings. Though you rarely need to change the default settings, your employer or your ISP might request that you specify your IP address and Domain Name System (DNS) servers. To configure your IP settings, follow these steps in the Network Connections window

1Right-click your network connection, and then click Properties. .

2On the General tab, under This connection uses the following items, click Internet Protocol (TCP/IP). .Then click Properties.

3In the Internet Protocol (TCP/IP) Properties dialog box, configure your network settings, and then click .OK. Click Close to return to the Network Connections window.

If you run into any difficulties, read Troubleshooting network connection problems. SOFTWARE CONFIGURATION:In software engineering, software configuration management (SCM) is the task of tracking and controlling changes in the software. Configuration management practices include revision control and the establishment of baselines. The traditional software configuration management (SCM) process is looked upon by practitioners as the best solution to handling changes in software projects. It identifies the functional and physical attributes of software at various points in time, and performs systematic control of changes to the identified attributes for the purpose of maintaining software integrity and traceability throughout the software development life cycle. The SCM process further defines the need to trace changes, and the ability to verify that the final delivered software has all of the planned enhancements that are supposed to be included in the release. It identifies four procedures that must be defined for each software project to ensure that a sound SCM process is implemented. They are: 1. 2. 3. 4. Configuration identification Configuration control Configuration status accounting Configuration audits

These terms and definitions change from standard to standard, but are essentially the same. Configuration identification is the process of identifying the attributes that define every aspect of a configuration item. A configuration item is a product (hardware and/or software) that has an end-user purpose. These attributes are recorded in configuration documentation and baseline. Baselining an attribute forces formal configuration change control processes to be effected in the event that these attributes are changed. Configuration change control is a set of processes and approval stages required to change a configuration item's attributes and to re-baseline them. Configuration status accounting is the ability to record and report on the configuration baselines associated with each configuration item at any moment of time. Configuration audits are broken into functional and physical configuration audits. They occur either at delivery or at the moment of effecting the change. A functional configuration audit ensures that functional and performance attributes of a configuration item are achieved, while a physical configuration audit ensures that a configuration item is installed in accordance with the requirements of its detailed design documentation.

Computer hardware configuration management Computer hardware configuration management is the process of creating and maintaining an up-to-date record of all the components of the infrastructure, including related documentation. Its purpose is to show what makes up the infrastructure and illustrate the physical locations and links between each item, which are known as configuration items. Computer hardware configuration goes beyond the recording of computer hardware for the purpose of asset management, although it can be used to maintain asset information. The extra value provided is the rich source of support information that it provides to all interested parties. This information is typically stored together in a configuration management database (CMDB). Computer hardware configuration management provides direct control over information technology (IT) assets and improves the ability of the service provider to deliver quality IT services in an economical and effective manner. All components of the IT infrastructure should be registered in the Configuration Management Database (CMDB). The responsibilities of configuration management with regard to the CMDB are: identification control status accounting verification

The scope of configuration management is assumed to include: physical client and server hardware products and versions operating system software products and versions application development software products and versions technical architecture product sets and versions as they are defined and introduced live documentation networking products and versions

live application products and versions definitions of packages of software releases definitions of hardware base configurations configuration item standards and definitions

The benefits of computer hardware configuration management are: helps to minimize the impact of changes provides accurate information on CIs improves security by controlling the versions of CIs in use facilitates adherence to legal obligations helps in financial and expenditure planning

Maintenance systems Configuration management is used to maintain an understanding of the status of complex assets with a view to maintaining the highest level of serviceability for the lowest cost. Specifically, it aims to ensure that operations are not disrupted due to the asset (or parts of the asset) overrunning limits of planned lifespan or below quality levels. In the military, this type of activity is often classed as "mission readiness", and seeks to define which assets are available and for which type of mission; a classic example is whether aircraft onboard an aircraft carrier are equipped with bombs for ground support or missiles for defense. Preventive maintenance Understanding the "as is" state of an asset and its major components is an essential element in preventive maintenance as used in maintenance, repair, and overhaul and enterprise asset management systems. Complex assets such as aircraft, ships, industrial machinery etc. depend on many different components being serviceable. This serviceability is often defined in terms of the amount of usage the component has had since it was new, since fitted, since repaired, the amount of use it has had over its life and several other limiting factors. Understanding how near the end of their life each of these components is has been a major undertaking involving labor intensive record keeping until recent developments in software. Predictive maintenance Many types of component use electronic sensors to capture data which provides live condition monitoring. This data is analyzed on board or at a remote location by computer to evaluate its current serviceability and increasingly its likely future state using algorithms which predict potential future failures based on previous examples of failure through field experience and modeling. This is the basis for "predictive maintenance". Availability of accurate and timely data is essential in order for CM to provide operational value and a lack of this can often be a limiting factor. Capturing and disseminating the operating data to the various support organizations is becoming an industry in itself.

CONFIGURATION OF SOFTWARES HUBS, ROUTERS AND GATEWAY

HUB INSTALLATION AND SETUP INSTRUCTIONS The installation and use of Hub requires installing the Hub Adobe AIR application on the desktop and importing and deploying Adobe LiveCycle Archive (LCA) services into the Adobe LiveCycle ES environment that Hub will connect to. 1. Install the Hub application The installer is delivered as a ZIP file that will extract to a folder called Deploy. In this folder there is a file called Hub.air. Double-click Hub.air. Click Continue to create the folder C:/Program Files/Hub. The Hub AIR application will be installed on the system.

2. Import the LCA files The Deploy folder contains other files used to integrate with the AIR application with the LiveCycle ES server. To import the LCA file: Log on to http://localhost:8080/adminui as an Administrator. Navigate to Service -> Archive Administration -> Archive Management and click Import.

Click Browse and locate the LCA file inside the installed directory. You may need to move the LCA files in the Deploy folder to another network accessible location in order to import them into your LiveCycle ES instance.

To import each LCA into LiveCycle ES, use the Preview and Import buttons.

After the LCAs are deployed on the server, launch Hub and configure it to connect to your server. 3. Launch the Hub application Navigate to C:\Program Files\Hub and double-click Hub.exe, or double-click the Hub shortcut created on the Desktop.

The Hub application bar should appear on the right side of your Desktop.

4. Set up the LiveCycle ES Server The first time that Hub launches it will start the Server Settings dialog box that connects Hub to the desired LiveCycle ES Server. Hub reads the server from Server.xml file, which is located in C:\LCESDemo\PDFHub. The default setting for the server points to a placeholder server location with a placeholder Username. You need to modify the server setting and login information to configure your Hub to work with your local LiveCycle ES server. To connect to a new LiveCycle ES server, enter the workstation name and user information in the Server Settings dialog box. Note: The Username and Password must be a valid user configured through the User Manager on the LiveCycle ES server. This user must have the rights to use PDF Generator in order to convert files from the Desktop.

ROUTER CONFIGURATION PROCESS:This guide explains how to set up a router for home computer networks. The exact names of configuration settings on a network router vary depending on the model and whether it is wired or wireless. However, this general procedure will guide you through the process for the common kinds of home network equipment. Difficulty: Average Time Required: 1 hour Here's How to perform:

1. Choose a convenient location to begin installing your router such as an open floor space or table. This
does not need to be the permanent location of the device. Particularly for wireless routers, you may find it necessary to re-position the unit after installing it as the cables / signals may not reach all areas needed. At the beginning, its better to choose a location where it's easiest to work with the router and worry about final placement later.

2. Plug in the router's electrical power source, then turn on the router by pushing the power button. 3. (Optional) Connect your Internet modem to the router. Most network modems connect via an
Ethernet cable but USB connections are becoming increasingly common. The cable plugs into the router jack named "WAN" or "uplink" or "Internet." After connecting the cable, be sure to power cycle (turn off and turn back on) the modem to ensure the router recognizes it.

4. Connect one computer to the router. Even if the router is a wireless model, connect this first
computer to the router via a network cable. Using a cable during router installation ensures the maximum reliability of the equipment. Once a wireless router installation is complete, the computer can be changed over to a wireless connection if desired.

5. Open the router's administration tool. From the computer connected to the router, first open your
Web browser. Then enter the router's address for network administration in the Web address field and

hit return to reach the router's home page. Many routers are reached by either the Web address "http://192.168.1.1" or "http://192.168.0.1" Consult your router's documentation to determine the exact address for your model. Note that you do not need a working Internet connection for this step.

6. Log in to the router. The router's home page will ask you for a username and password. Both are
provided in the router's documentation. You should change the router's password for security reasons, but do this after the installation is complete to avoid unnecessary complications during the basic setup.

7. If you want your router to connect to the Internet, you must enter Internet connection information
into that section of the router's configuration (exact location varies). If using DSL Internet, you may need to enter the PPPoE username and password. Likewise, if you have been issued a static IP address by your provider (you would need to have requested it), the static IP fields (including network mask and gateway) given to you by the provider must also must be set in the router.

8. If you were using a primary computer or an older network router to connect to the Internet, your
provider may require you to update the MAC address of the router with the MAC address of the device you were using previously. Read How to Change a MAC Address for a detailed description of this process.

9. If this is a wireless router, change the network name (often called SSID). While the router comes to
you with a network name set at the factory, you will never want to use this name on your network. Read How to Change the Router SSID for detailed instructions.

10. Verify the network connection is working between your one computer and the router. To do this, you
must confirm that the computer has received IP address information from the router. See How to Find IP Addresses for a description of this process.

11. (If applicable) Verify your one computer can connect to the Internet properly. Open your Web
browser and visit a few Internet sites such as http://compnetworking.about.com/.

12. Connect additional computers to the router as needed. If connecting wirelessly, ensure the network
name (SSID) of each is computer matches that of the router.

13. Finally, configure additional network security features as desired to guard your systems against
Internet attackers. These WiFi Home Network Security Tips offer a good checklist to follow. Tips: 1. When connecting devices with network cables, be sure each end of the cable connects tightly. Loose cables are one of the most common sources of network setup problems.

GATEWAY INSTALLATION:Please do the following: a). Start Softick Audio Gateway and tap "Internal Speaker". b). Turn off Enable extra program resources protection and Enable Treo 700p headset connection watchdog options from Options>Troubleshooting menu. c). Exit to Launcher. d). Perform soft reset. e). Delete Audio Gateway application using Launcher App->Delete menu.

2. Remove your headset from Trusted devices list ("Prefs->Bluetooth->Setup Devices->Trusted Devices", select your headset, tap "Details" and "Delete Device"). 3. Perform soft reset. 4. In "Bluetooth->Setup Devices->Hands-free Setup" establish connection with your headset, pair your headset again. 5. It is REQUIRED to soft reset your Palm after step 4. 6. Install newest version of Softick Audio Gateway and start it. 7. Select your headset from devices list and tap "A2DP Device". Connection With your bluetooth headset will be established. Please note. You should perform these operations in described order, Otherwise Softick Audio Gateway may work incorrectly. FOLDER PERMISSIONS: Examples are shared file access (also known as disk sharing and folder sharing), shared printer access (printer sharing), shared scanner access, etc. The shared resource is called a shared disk (also known as mounted disk), shared drive volume, shared folder, shared file, shared document, shared printer or shared scanner. The term file sharing traditionally means shared file access, especially in the context of operational systems and LAN services, for example in Microsoft Windows documentation. Shared file and printer access within a local area network may either be based on a centralized file server or print server, sometimes denoted clientserver paradigm, or on a decentralized model, sometimes denoted peerto-peer network topology or Workgroup (computer networking). In clientserver communications, a client process on the local user computer takes the initiative to start the communication, while a server process on the file server or print server remote computer passively waits for requests to start a communication session. In a peer-to-peer network, any computer can be server as well as client.

Features and Benefits

Occasionally network administrators report difficulty getting Microsoft Windows clients to interoperate correctly with Samba servers. It seems that some folks just cannot accept the fact that the right way to configure an MS Windows network client is precisely as one would do when using MS Windows NT4 or 200x servers. Yet there is repetitious need to provide detailed Windows client configuration instructions. The purpose of this chapter is to graphically illustrate MS Windows client configuration for the most common critical aspects of such configuration. An experienced network administrator will not be interested in the details of this chapter.
INTERNET PROTOCOLS CONFIGURATION

TCP/IP Configuration
The builder of a house must ensure that all construction takes place on a firm foundation. The same is true for the builder of a TCP/IP-based networking system. Fundamental network configuration problems will plague all network users until they are resolved. MS Windows workstations and servers can be configured either with fixed IP addresses or via DHCP. The examples that follow demonstrate the use of DHCP and make only passing reference to those situations where fixed IP configuration settings can be effected. It is possible to use shortcuts or abbreviated keystrokes to arrive at a particular configuration screen. The decision was made to base all examples in this chapter on use of the Start button.

MS Windows XP Professional
There are two paths to the Windows XP TCP/IP configuration panel. Choose the access method that you prefer: Click Start -> Control Panel -> Network Connections. Alternately, click Start ->, and right-click My Network Places then select Properties. The following procedure steps through the Windows XP Professional TCP/IP configuration process: 1. On some installations the interface will be called Local Area Connection and on others it will be called Network Bridge. On our system it is called Network Bridge. Rightclick on Network Bridge -> Properties. See Network Bridge Configuration.. Figure 8.1. Network Bridge Configuration.

2. The Network Bridge Configuration, or Local Area Connection, panel is used to set TCP/IP protocol settings. In This connection uses the following items: box, click on Internet Protocol (TCP/IP), then click on Properties. The default setting is DHCP-enabled operation (i.e., Obtain an IP address automatically). See Internet Protocol (TCP/IP) Properties.. Figure 8.2. Internet Protocol (TCP/IP) Properties.

Many network administrators will want to use DHCP to configure all client TCP/IP protocol stack settings. (For information on how to configure the ISC DHCP server for Windows client support see the DNS and DHCP Configuration Guide, DHCP Server). If it is necessary to provide a fixed IP address, click on Use the following IP address and enter the IP Address, the subnet mask, and the default gateway address in the boxes provided. 3. Click the Advanced button to proceed with TCP/IP configuration. This opens a panel in which it is possible to create additional IP addresses for this interface. The technical name for the additional addresses is IP aliases, and additionally this panel permits the setting of more default gateways (routers). In most cases where DHCP is used, it will not be necessary to create additional settings. See Advanced Network Settings to see the appearance of this panel. Figure 8.3. Advanced Network Settings

Fixed settings may be required for DNS and WINS if these settings are not provided automatically via DHCP. 4. Click the DNS tab to add DNS server settings. The example system uses manually configured DNS settings. When finished making changes, click the OK to commit the settings. See DNS Configuration.. Figure 8.4. DNS Configuration.

5. Click the WINS tab to add manual WINS server entries. This step demonstrates an example system that uses manually configured WINS settings. When finished making changes, click OK to commit the settings. See WINS Configuration. Figure 8.5. WINS Configuration

MS Windows 2000
There are two paths to the Windows 2000 Professional TCP/IP configuration panel. Choose the access method that you prefer: Click Start -> Control Panel -> Network and Dial-up Connections. Alternatively, click Start, then right-click My Network Places, and select Properties. The following procedure steps through the Windows XP Professional TCP/IP configuration process: 1. Right-click on Local Area Connection, then click Properties. See Local Area Connection Properties.. Figure 8.6. Local Area Connection Properties.

2. The Local Area Connection Properties is used to set TCP/IP protocol settings. Click on Internet Protocol (TCP/IP) in the Components checked are used by this connection: box, then click the Properties button. 3. The default setting is DHCP-enabled operation (i.e., Obtain an IP address automatically). See Internet Protocol (TCP/IP) Properties.. Figure 8.7. Internet Protocol (TCP/IP) Properties.

Many network administrators will want to use DHCP to configure all client TCP/IP protocol stack settings. (For information on how to configure the ISC DHCP server for Windows client support, see, DHCP Server). If it is necessary to provide a fixed IP address, click on Use the following IP address and enter the IP Address, the subnet mask, and the default gateway address in the boxes provided. For this example we are assuming that all network clients will be configured using DHCP. 4. Click the Advanced button to proceed with TCP/IP configuration. Refer to Advanced Network Settings.. Figure 8.8. Advanced Network Settings.

Fixed settings may be required for DNS and WINS if these settings are not provided automatically via DHCP. 5. Click the DNS tab to add DNS server settings. The example system uses manually configured DNS settings. When finished making changes, click OK to commit the settings. See DNS Configuration.. Figure 8.9. DNS Configuration.

6. Click the WINS tab to add manual WINS server entries. This step demonstrates an example system that uses manually configured WINS settings. When finished making changes, click OK to commit the settings. See WINS Configuration.. Figure 8.10. WINS Configuration.

MS Windows Me
There are two paths to the Windows Millennium edition (Me) TCP/IP configuration panel. Choose the access method that you prefer: Click Start -> Control Panel -> Network Connections. Alternatively, click on Start ->, and right click on My Network Places then select Properties. The following procedure steps through the Windows Me TCP/IP configuration process: 1. In the box labeled The following network components are installed:, click on Internet Protocol TCP/IP, then click on the Properties button. See The Windows Me Network Configuration Panel.. Figure 8.11. The Windows Me Network Configuration Panel.

2. Many network administrators will want to use DHCP to configure all client TCP/IP protocol stack settings. (For information on how to configure the ISC DHCP server for Windows client support see the DNS and DHCP Configuration Guide, DHCP Server). The default setting on Windows Me workstations is for DHCP-enabled operation (i.e., Obtain IP address automatically is enabled). See IP Address.. Figure 8.12. IP Address.

If it is necessary to provide a fixed IP address, click on Specify an IP address and enter the IP Address and the subnet mask in the boxes provided. For this example we are assuming that all network clients will be configured using DHCP. 3. Fixed settings may be required for DNS and WINS if these settings are not provided automatically via DHCP. 4. If necessary, click the DNS Configuration tab to add DNS server settings. Click the WINS Configuration tab to add WINS server settings. The Gateway tab allows additional gateways (router addresses) to be added to the network interface settings. In most cases where DHCP is used, it will not be necessary to create these manual settings. 5. The following example uses manually configured WINS settings. See DNS Configuration.. When finished making changes, click OK to commit the settings. Figure 8.13. DNS Configuration.

This is an example of a system that uses manually configured WINS settings. One situation where this might apply is on a network that has a single DHCP server that provides settings for multiple Windows workgroups or domains. See WINS Configuration.. Figure 8.14. WINS Configuration.

Joining a Domain: Windows 2000/XP Professional

Microsoft Windows NT/200x/XP Professional platforms can participate in domain security. This section steps through the process for making a Windows 200x/XP Professional machine a member of a domain security environment. It should be noted that this process is identical when joining a domain that is controlled by Windows NT4/200x as well as a Samba PDC. 1. Click Start. 2. Right-click My Computer, then select Properties. 3. The opening panel is the same one that can be reached by clicking System on the Control Panel. See The General Panel.. Figure 8.15. The General Panel.

4. Click the Computer Name tab. This panel shows the Computer Description, the Full computer name, and the Workgroup or Domain name. Clicking the Network ID button will launch the configuration wizard. Do not use this with Samba-3. If you wish to change the computer name or join or leave the domain, click the Change button. See The Computer Name Panel.. Figure 8.16. The Computer Name Panel.

5. Click on Change. This panel shows that our example machine (TEMPTATION) is in a workgroup called WORKGROUP. We will join the domain called MIDEARTH. See The Computer Name Changes Panel.. Figure 8.17. The Computer Name Changes Panel.

6. Enter the name MIDEARTH in the field below the domain radio button. This panel shows that our example machine (TEMPTATION) is set to join the domain called MIDEARTH. See The Computer Name Changes Panel Domain MIDEARTH.. Figure 8.18. The Computer Name Changes Panel Domain MIDEARTH.

7. Now click the OK button. A dialog box should appear to allow you to provide the credentials (username and password) of a domain administrative account that has the rights to add machines to the domain. Enter the name root and the root password from your Samba-3 server. See Computer Name Changes Username and Password Panel.. Figure 8.19. Computer Name Changes Username and Password Panel.

8. Click on OK. The Welcome to the MIDEARTH domain. dialog box should appear. At this point the machine must be rebooted. Joining the domain is now complete.

Domain Logon Configuration: Windows 9x/Me

We follow the convention used by most in saying that Windows 9x/Me machines can participate in domain logons. The truth is that these platforms can use only the LanManager network logon protocols.

Note
Windows XP Home edition cannot participate in domain or LanManager network logons. 1. Right-click on the Network Neighborhood icon. 2. The Network Configuration Panel allows all common network settings to be changed. See The Network Panel.. Figure 8.20. The Network Panel.

Make sure that the Client for Microsoft Networks driver is installed as shown. Click on the Client for Microsoft Networks entry in The following network components are installed: box. Then click the Properties button. 3. The Client for Microsoft Networks Properties panel is the correct location to configure network logon settings. See Client for Microsoft Networks Properties Panel.. Figure 8.21. Client for Microsoft Networks Properties Panel.

Enter the Windows NT domain name, check the Log on to Windows NT domain box, and click OK. 4. Click on the Identification button. This is the location at which the workgroup (domain) name and the machine name (computer name) need to be set. See Identification Panel.. Figure 8.22. Identification Panel.

5. Now click the Access Control button. If you want to be able to assign share access permissions using domain user and group accounts, it is necessary to enable User-level access control as shown in this panel. See Access Control Panel.. Figure 8.23. Access Control Panel.

Common Errors
The most common errors that can afflict Windows networking systems include:

Incorrect IP address. Incorrect or inconsistent netmasks. Incorrect router address. Incorrect DNS server address. Incorrect WINS server address. Use of a Network Scope setting watch out for this one!

The most common reasons for which a Windows NT/200x/XP Professional client cannot join the Samba controlled domain are:

does not have correct add machine script settings. root account is not in password backend database. Attempt to use a user account instead of the root account to join a machine to the domain.
smb.conf

Open connections from the workstation to the server. Firewall or filter configurations in place on either the client or the Samba server.

Remote Windows Server 2003 With Remote Desktop on Windows XP Professional or Windows Server 2003 (in Windows 2000 Advanced Server, this feature was called Terminal Services in Remote Administration Mode), you can have access to a Windows session that is running on your computer when you are at another computer.

Cut Network Troubleshooting Time in Half! SolarWinds Engineers Toolset includes tools like Real-Time Monitors, Switch Port Mapper, IP Address Management, and Bandwidth Gauges All of which can be easily accessed through the new Workspace Studio to quickly resolve issues right from your desktop. Get Your Free Trial Download of Engineer's Toolset here What you need to do is create the new RDP listening port via the registry: 1. Run REGEDIT on your XP workstation or on your Windows 2000/2003 Server. 2. Click on File, then choose "Connect Network Registry".

3. In the Select Computer search box either browse Active Directory to locate the remote server, or type its name in the dialog box.

Click Ok. 4. In the remote machine's registry browse to the following key:
HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server

5. Under the Terminal Server key find the value named fDenyTSConnections (REG_DWORD). Change the value data from 1 (Remote Desktop disabled) to 0 (Remote Desktop enabled).

Click Ok. 6. Close Regedit. 7. Reboot the remote machine for the change to take effect. You can easily do so by opening a command prompt and typing the following command: shutdown -m \\srv1 -r After the remote machine reboots, Remote Desktop will be enabled on it. To test this from your workstation, open Start -> All Programs -> Accessories -> Communications -> Remote Desktop Connection. You can also type mstsc in the Run command.

Enter the name of the remote server in the Remote Desktop Connection logon box, supply your administrator password when prompted, and press Enter or click Ok.

SERVER MONITORING:Server Status report

Group Status Report

All Servers Status report

Configuring Event Log monitor

Running a report

Bulk Configuration for fast configuration NETWORK PERMISSIONS: How to Share and Set Permissions for Folders and Files Using Windows XP This article describes how to share folders and files on a network using Windows XP.

File and Printer Sharing for Microsoft Networks

The File and Printer Sharing for Microsoft Networks component allows computers on a network to access resources on other computers using a Microsoft network. This component is installed and enabled by default. It is enabled per connection using TCP/IP and is necessary to share local folders. The File and Printer Sharing for Microsoft Networks component is the equivalent of the Server service in Windows NT 4.0. To share folders with other users on your network 1. Open My Documents in Windows Explorer. Click Start, point to All Programs, point to Accessories, and then click Windows Explorer.

2. Click the folder you want to share. 3. Click Share this folder in File and Folder Tasks. 4. In the Properties dialog box select the radio button Share this folder to share the folder with other users on your network, as shown in Figure 1 below.

Figure 1. Sharing a folder on a network 5. To change the name of the folder on the network, type a new name for the folder in the Share name text box. This will not change the name of the folder on your computer. Note The Sharing option is not available for the Documents and Settings, Program Files, and Windows system folders. In addition, you cannot share folders in other users profiles. To set, view, change, or remove file and folder permissions 1. Open Windows Explorer, and then locate the file or folder for which you want to set permissions. To open Windows Explore click Start, point to All Programs, point to Accessories, and then click Windows Explorer. 2. Right-click the file or folder, click Properties, and then click the Security tab as shown in Figure 2 below.

Figure 2. Setting file and folder permissions 3. To set permissions for a group or user that does not appear in the Group or user names box, click Add. Type the name of the group or user you want to set permissions for and then click OK, as shown in Figure 3 below.

Figure 3. Adding new group or user permissions

4. To change or remove permissions from an existing group or user, click the name of the group or user and do one of the following, as shown in Figure 2 above: o To allow or deny a permission, in the Permissions for...box, select the Allow or Deny check box. o To remove the group or user from the Group or user names box, click Remove. Notes

In Windows XP Professional, the Everyone group no longer includes Anonymous Logon. You can set file and folder permissions only on drives formatted to use NTFS. To change permissions you must be the owner, or have been granted permission to do so by the owner. Groups or users granted Full Control for a folder can delete files and subfolders within that folder regardless of the permissions protecting the files and subfolders. If the check boxes under Permissions for user or group are shaded or if the Remove button is unavailable, then the file or folder has inherited permissions from the parent folder. When adding a new user or group, by default, this user or group will have Read & Execute, List Folder Contents, and Read permissions.

SET PERMISSIONS FOR FOLDERS AND FILES

If you have multiple computers connected to your home network and have enabled file sharing, you can open and access files located on other computers on the network. Being able to share files makes computing a lot more flexible for everyone using the network. If you have your files stored on your home office desktop computer, but need a break from sitting at your desk, you can take your laptop to the couch and still access your files. It's good to share. However, you may not want everyone on your network to have access to all of your files and folders. You might not, for example, want your kids to open your financial or personal files across the network. Fortunately, you can set file permissions to specify who can access which files and folders. Then only you and those you give permission to can touch your documents. And the permissions apply whether your computer is accessed across your network or by another user sitting at your keyboard logged into his or her account. To restrict access to files or folders: Create user accounts on the computer that is sharing the files. Create a user account and password for each person you want to be able to access fileswhether they will access the files from their own account on the same computer or from another computer on the network. If you create the accounts using each users existing network logon username and password, the file-sharing computer will recognize the users when they connect and will not prompt them for a password. Remove administrator access to your files. By default, only your user account and any user with a Computer Administrator account can access your files. To further limit access to your files and folders, you can remove administrator access. To learn more about the differences between Computer Administrator accounts and Limited accounts, read Create and customize user accounts. Add file and folder permissions if you want to grant other users access to your fileswhether they will access on the same computer with their own accounts or from another computer across the network.

Remove administrator access to your files

By default, all Computer Administrator accounts have access to all files on your computer. You can never completely block this type of user, because administrators can take ownership of files and then grant themselves permission. However, you can remove this permission to make it more difficult for them. You can also restrict other users from accessing your files. To remove Computer Administrator access to your files 1.Click Start, and then click My Documents.

2.Select the folder or files you want to set permissions for. To select multiple files and folders, hold down the CTRL key on your keyboard and click each file. 3.Right-click the selected folders and files, and then click Properties.

4.Click the Security tab.

5.Click Advanced.

6.Clear the Inherit from parent the permission entries that apply to child objects check box.

7.In the Security dialog box, click Copy.

8.In the Permission entries list, click Administrators.

Note: Windows XP uses the SYSTEM account, so you shouldnt remove it. 9.Click Remove.

10.Click OK.

11.Click OK again.

Now only you and any users you specifically grant permission to can easily open your file. Next learn how to add file and folder permissions for users. ADD FILE AND FOLDER PERMISSIONS To allow another user on your computer (logged in under his or her own account), or on a computer connected to your home network, to open or edit your files 1.Click Start, and then click My Documents.

2.Select the folder or files you want to set permissions for. To select multiple files and folders, hold down the CTRL key on your keyboard, and click each file or folder. 3.Right-click the selected folders and files, and then click Properties.

4.Click the Security tab.

5.Click the Add button.

6.In the Select Users or Groups dialog box, click the Advanced button.

7.Click Find Now.

8.In the list at the bottom of the Select Users or Groups dialog box, click the user you want to grant permissions to. If you want to allow anybody with a user account to see your files, click Everyone. Then click OK.

9.Click OK again.

10.By default, the user will only be able to open a file but will not be able to save changes. If you want the user to also be able to save changes, select the Modify check box in the Allow column. You dont need to worry about the other check boxes.

11.Repeat steps 5 through 10 to allow more people to open your files. 12.Click OK to save your changes.

Now, the people you specify will be able to open your files and, if you chose to allow it, modify your files. NETWORKING PERMISSIONS:With Windows XP, you can share files and documents with other users on your computer and with other users on a network. There is a new user interface (UI) named Simple File Sharing and a new Shared Documents feature. This article describes the new file sharing UI and discusses the following topics:

How to turn Simple File Sharing on and off. How to manage and configure levels of access to shares and files. Guidelines for file sharing in Windows XP. How to troubleshoot file sharing problems.

Windows XP Home Edition-based computers always have Simple File Sharing enabled.

For information about how to configure file sharing in Windows Vista, visit the following Microsoft Web site: On a Windows XP-based computer, you can share files among both local and remote... On a Windows XP-based computer, you can share files among both local and remote users. Local users log on to your computer directly through their own accounts or through a Guest account. Remote users connect to your computer over the network and access the files that are shared on your computer. You can access the Simple File Sharing UI by viewing a folder's properties. Through the Simple File Sharing UI, you can configure both share and NTFS file system permissions at the folder level. These permissions apply to the folder, all the files in that folder, subfolders, and all the files in the subfolders. Files and folders that are created in or copied to a folder inherit the permissions that are defined for their parent folder. This article describes how to configure access to your files, depending on permission levels. Some information that this article contains about these permission levels is not documented in the operating system files or in the Help file. With file sharing in Windows XP, you can configure five levels of permissions. You can configure Levels 1, 2, 4, and 5 by using the Simple File Sharing UI. To do this, right-click the folder, and then click Sharing and Security to open the Simple File Sharing UI. To configure Level 3, copy a file or a folder into the "Shared Documents" folder under "My Computer." This configuration does not change when you turn on or turn off Simple File Sharing. Level 1 is the most private and secure setting, while Level 5 is the most public and the most changeable (nonsecure) setting.

Turning on and turning off Simple File Sharing

Simple File Sharing is always turned on in Windows XP Home Edition-based computers. By default, the Simple File Sharing UI is turned on in Windows XP Professional-based computers that are joined to a workgroup. Windows XP Professional-based computers that are joined to a domain use only the classic file sharing and security interface. When you use the Simple File Sharing UI (that is located in the folder's properties), both share and file permissions are configured. If you turn off Simple File Sharing, you have more control over the permissions to individual users. However, you must have advanced knowledge of NTFS and share permissions to help keep your folders and files more secure. If you turn off Simple File Sharing, the Shared Documents feature is not turned off. To turn Simple File Sharing on or off in Windows XP Professional, follow these steps: 1. Double-click My Computer on the desktop. 2. On the Tools menu, click Folder Options. 3. Click the View tab, and then select the Use Simple File Sharing (Recommended) check box to turn on Simple File Sharing. (Clear this check box to turn off this feature.)

To view a video about how to turn Simple File Sharing on or off, click the Play button ( Collapse this imageExpand this image) on the following Windows Media Player viewer: Note To view this video, you must have Microsoft Windows Media Player 7.0 or a later version on your computer. For more information about how to obtain Windows Media Player version 7.1, click the following article number to view the article in the Microsoft Knowledge Base:

Managing levels of access to shares and to files

You can use Simple File Sharing to configure five levels of access to shares and files:

Level 1: My Documents (Private) Level 2: My Documents (Default) Level 3: Files in shared documents available to local users Level 4: Shared Files on the Network (Readable by Everyone) Level 5: Shared Files on the Network (Readable and Writable by Everyone)

Notes

By default, files that are stored in "My Documents" are at Level 2. Levels 1, 2, and 3 folders are available only to a user who is logging on locally. Users who log on locally include a user who logs on to a Windows XP Professional-based computer from a Remote Desktop (RDP) session. Levels 4 and 5 folders are available to users who log on locally and remote users from the network.

The following table describes the permissions: Collapse this tableExpand this table Access Everyone Owner Level (NTFS/File) Full Level 1 Not available Control Full Level 2 Not available Control Full Level 3 Read Control Full Level 4 Read Control Full Level 5 Change Control

System Full Control Full Control Full Control Full Control Full Control

Administrators Not available Full Control Full Control Full Control Full Control

Everyone (Share) Not available Not available Not available Read Full Control

Level 1: My Documents (Private)

The owner of the file or folder has read and write permission to the file or folder. Nobody else may read or write to the folder or the files in it. All subfolders that are contained in a folder that

is marked as private remain private unless you change the parent folder permissions. If you are a Computer Administrator and create a user password for your account by using the User Accounts Control Panel tool, you are prompted to make your files and folder private. Note The option to make a folder private (Level 1) is available only to a user account in its own My Documents folder. To configure a folder and all the files in it to Level 1, follow these steps: 1. Right-click the folder, and then click Sharing and Security. 2. Select the Make this Folder Private check box, and then click OK. Local NTFS Permissions:

Owner: Full Control System: Full Control

Network Share Permissions:

Not Shared

Level 2 (Default): My Documents (Default)

The owner of the file or folder and local Computer Administrators have read and write permission to the file or folder. Nobody else may read or write to the folder or the files in it. This is the default setting for all the folders and files in each user's My Documents folder. To configure a folder and all the files in it to Level 2, follow these steps: 1. Right-click the folder, and then click Sharing and Security. 2. Make sure that both the Make this Folder Private and the Share this folder on the network check boxes are cleared, and then click OK. Local NTFS Permissions:

Owner: Full Control Administrators: Full Control System: Full Control

Network Share Permissions:

Not Shared

Level 3: Files in shared documents available to local users

Files are shared with users who log on to the computer locally. Local Computer Administrators can read, write, and delete the files in the Shared Documents folder. Restricted Users can only

read the files in the Shared Documents folder. In Windows XP Professional, Power Users may also read, write, or delete any files in the Shared Documents Folder. The Power Users group is available only in Windows XP Professional. Remote users cannot access folders or files at Level 3. To allow remote users to access files, you must share them out on the network (Level 4 or 5). To configure a file or a folder and all the files in it to Level 3, start Microsoft Windows Explorer, and then copy or move the file or folder to the Shared Documents folder under My Computer. Local NTFS Permissions:

Owner: Full Control Administrators: Full Control Power Users: Change Restricted Users: Read System: Full Control

Network Share Permissions:

Not Shared

Level 4: Shared on the Network (Read-Only)

Files are shared for everyone to read on the network. All local users, including the Guest account, can read the files. But they cannot modify the contents. Any user can read and change your files. To configure a folder and all the files in it to Level 4, follow these steps: 1. Right-click the folder, and then click Sharing and Security. 2. Click to select the Share this folder on the network check box 3. Click to clear the Allow network users to change my files check box, and then click OK. Local NTFS Permissions:

Owner: Full Control Administrators: Full Control System: Full Control Everyone: Read

Network Share Permissions:

Everyone: Read

Level 5: Shared on the network (Read and Write)

This level is the most available and least secure access level. Any user (local or remote) can read, write, change, or delete a file in a folder shared at this access level. We recommend that this level be used only for a closed network that has a firewall configured. All local users including the Guest account can also read and modify the files. To configure a folder and all the files in it to Level 5, follow these steps: 1. Right-click the folder, and then click Sharing and Security 2. Click to select the Share this folder on the network check box, and then click OK. Local NTFS Permissions:

Owner: Full Control Administrators: Full Control System: Full Control Everyone: Change

Network Share Permissions:

Everyone: Full Control

Note All NTFS permissions that refer to Everyone include the Guest account. All the levels that this article describes are mutually exclusive. Private folders (Level 1) cannot be shared unless they are no longer private. Shared folders (Level 4 and 5) cannot be made private until they are unshared. If you create a folder in the Shared Documents folder (Level 3), share it on the network, and then allow network users to change your files (Level 5), the permissions for Level 5 are effective for the folder, the files in that folder, and the subfolders. The other files and folders in the Shared Documents folder remain configured at Level 3.