Upload
august-powers
View
217
Download
3
Embed Size (px)
Citation preview
Chapter-4 Windows 2000
Professional
• Win2K Professional provides a very usable interface and was designed for use in the desktop PC.
Microsoft server system offers:• Windows 2000 Professional Server• Windows 2000 Professional Advanced Server• Windows 2000 Professional Datacenter Server
Security
• Windows 2000 Professional provides better security as compared to Windows 95 or 98.
• Login to Windows 2000 Professional is essential, and must be performed from an account that is a member of a local or networked security database.
• Access to local resources such as files, folders, and printers can be restricted to specific users or group accounts via permissions.
Security Group policies:• Group policy is a grouping of policies for controlling security
& configuration settings for the operating system.• Group policies are used to centrally manage security.• The Group Policy Editor tool can be used for managing
group policies.
Authentication:• The validation of a user account and its password is called
authentication.• Win2K Professional uses the Kerberos authentication
protocol when users log on to an Active Directory domain.• An Active Directory domain is one in which some of the
servers maintaining the domain database are running Win2K Professional Server operating system or greater.
Security File encryption:• Folders and files are encrypted to secure data.• When encryption is enabled for a folder, only the
files within that folder are encrypted.• Data can be unencrypted only by the administrator
or the user who encrypted the data.
Stability • Windows 2000 Professional has a 32-bit
architecture, thereby providing better stability.• It runs each application program in its own
protected memory space.
Software Compatibility • Win2K Professional is designed to perform at its best when
running 32-bit Windows programs.• Windows 2000 Professional runs applications in
environments called subsystems, like NT.• It also runs the same type of applications as NT 4.0
File System • Windows 2000 Professional supports the Compact Disk File
System (CDFS), Universal Disk Format (UDF), FAT12, FAT16, FAT32, and the NTFS file system.
• NTFS is more efficient and secure than the FAT file systems.
Limitations
• A few DOS and 16-bit Windows applications do not run in the newer version of Windows.
• A few DOS and Windows 3.x applications working in the Windows 2000 virtual environment may run very slowly.
• Windows 2000 Professional has to be rebooted after adding components, applications, and applying service packs.
Hardware Requirements Minimum hardware requirements:• 133 MHz Pentium or higher microprocessor.• 64 MB of RAM. • 2 GB hard disk with 650 MB of free space.• VGA or higher resolution video adapter.• Keyboard, mouse, and a CD-ROM drive.
Ideal hardware requirements:• Intel Pentium 4 processor.• 256 MB of RAM.• 30 GB of hard disk space.• Fast CD-ROM drive.• DVD drive.• SVGA or higher resolution video adapter.• Microsoft mouse.
Checking Hardware & Software Compatibility • The Hardware Compatibility List (HCL) must be checked
before installing Windows 2000, or adding new hardware or software to the existing installation.
• The HCL is a list of all the tested system components and peripherals that are compatible with the operating system.
• The Win2K Professional installation program also performs a hardware compatibility test before installation begins.
• Users can also utilize the Readiness Analyzer compatibility test by running the WINNT32 program with the check upgrade only switch.
Determining the Method of Installation
Manual installation:• A manual installation can be performed for an empty hard disk or for an
upgrade to an existing Windows computer.• Installation performed on an empty hard disk is also referred to as a
clean installation.• An upgrade is an installation that directly replaces an existing Windows
operating system, preserving the configuration information and applications from the previous operating system.
• A clean installation can be performed either by booting directly from the CD or from the Windows 2000 Professional setup disks.
• The Windows 2000 Professional setup disks can be created by using the Makeboot program.
• The program is located in the Bootdisk folder on the Windows 2000 Professional CD.
Automated installation:• An automated installation can be performed by using
special scripts or by using images.
• Special scripts are called using special switches in the WINNT or WINN32 programs, which are located in the i386 directory of the Windows 2000 Professional CD.
• An image is a copy of the entire hard disk containing the operating system and all other applications.
Determining the Method of Installation
Verifying Network Access• A computer on the network should be able to communicate
with other computers on the network.
• The ‘My Network Places’ option can be used to check for network connectivity.
Verifying Updates and Service Packs• Updates and service packs are used to fix security
problems and vulnerabilities caused by hackers and unauthorized users.
• Updates and service packs can be downloaded for free from the Microsoft Web site.
Using the Control Panel Applets
The Windows 2000 Professional Control Panel
Accessibility Options
Customizing Display
Installing & Removing Programs
Adding a Printer
• Only a member of the Administrators group can install a printer.
• A printer driver needs to be installed irrespective of whether the printer is a local or network printer.
Managing Files and Folders
Windows 2000 Professional provides the following important default folders:
• My Documents• My Pictures• Windows• Program Files• Fonts• System and System32• Temp
Finding Files and Folders
Other important aspects of the Search Results window include:– Size – It allows the user to specify a particular file size.
– Advanced options – It can be used to specify that a search should include subfolders or be case-sensitive.
– Indexing service – It is used to enable or disable the indexing service, which maintains indexes of the files on the hard drive. (makes searches faster)
Managing Security for Users, Files, and Printers
Windows 2000 includes the following important security features:
• Auditing.• Group policies.• Encrypted files and folders.• Printer permissions.• File and folder permissions.• Shared folder permissions.• User accounts.• Group accounts.• User rights.
Managing User Accounts and Groups • A user account is the most basic element of Windows 2000
Professional security.
• Users must have a valid username and password to log in.
• The user is also a member of one or more groups of users.
• Groups enable the system administrator to easily assign the same rights and permissions to all members of a group without setting them individually.
Managing User Accounts and Groups Creating a new user:• Creating a new user enables that user to log in with a
user name and a password.• User accounts are required to set rights and permissions
as well as to audit their access to certain network resources.
Password:• A password in an important part of any security system.• Passwords should include numbers, letters, and non-
alphanumeric characters, and must be at least eight characters long.
Managing Permissions • Permissions restrict access to local users as well as users
connecting to the resources over the network.
• Only NTFS volumes allow users to assign permissions to files and folders.
• Full Control, Modify, Read and Execute, Read, and Write are the standard file permissions.
• The standard folder permissions include Full Control, Modify, Read and Execute, Read, Write, and List Folder Contents.
Managing Permissions
Groups:• A group is a special security account that can
contain local users, domain users, and special domain groups called global groups.
• The built-in groups include Administrators, Backup Operators, Guests, Power Users, Replicator, and Users.
• The Guest group is disabled by default.
Managing Permissions Controlling file and folder access:• File- and folder-level permissions can be set only on an
NTFS volume.• The Ctrl-Alt-Delete key combination can be used to lock
the computer to restrict local access.
Controlling printer access:• A printer has a single set of permissions for both, the
locally logged on users and users accessing it as a share on the network.
• Printer permissions include Print, Manage Printers, and Manage Documents.