Windows NT Training 1

7/31/2019 Windows NT Training 1

1/57

WINDOWS NT BASICS


2/57


3/57


4/57

Cha pter 1 Overview of Windows NT

1. Windows 95 and Windows NT

2. NT Server and NT Workstation

3. Types of NT Server

4. License Management

5. Work Group and Domain

6. Management Tools


5/57

1-2

Memo

1.1 Windows 95 and Windows NT

1981 1984 1990 1991 1992 1993 1994 1995 1996 1997 1998

MS-DOS

MS-Windows

1.0 3.1 5.0 6.2

1.0 3.1

WindowsNT

Windows95

MS-Networks

LanManager

2.1 2.2

Netware

Netware386 Netware IntranetWare

1.0 2.0

4.0 4.1

3.1 3.5 3.51 4.0 5.0

OS Network support OS

Network OS

History of the network OS

Windows98

n Microsoft OSs

Windows 3.1, Windows 95, Windows NT, etc.

n Features of Windows 95

Derived form MS-DOS to Windows 3.1, then to Windows 95.

Highly compatible with currently available software and hardware.

Provides the plug-and-play andAPM functions.

n Windows NT

Developed separately as a 32-bit OS.

Provides the multi-user environment.

Provides a user interface similar to Windows 95.

Available in 2 types: NT Server and NT Workstation.

Plug-and-play

A function to automatically

detect and configure hardware

devices.

APM

Advanced Power Management

Multi-user

An environment that allows

multiple users to use a singlecomputer by providing each

user with his own work

environment.


6/57


7/57

1-4

Memo

1.3 Types of NT Ser ver

Small Business Server

Provides integrated applications with NT.

NT Server Enterprise Edition

Designed to be used for large-scale backbone

works.

n NT Server packages

In addition to a standard package, multiples packages are available in accordance

with network scales.

n Small Business Server

Windows NT Server integrated with an electronic mail function, a groupware,

databases, a Internet server, a home page design tool, an Internet connection

gateway function, a FAX server, a centralized management tool, and others.

n Windows NT Server, Enterprise Edition 4.0

Designed to be used for large-scale backbone works.

Tips

Although the prices of personal computers and peripheral devices have been

lowered, the costs of management and operations, including software upgrades,

employment of support personnel, and problem solutions, are becoming rather

expensive due to complexity of the system. This has triggered business users to

place much interest in TCO.


8/57

1-5

Memo

1.4 License Management (1)

NT Server

Text Data

A single user accesses

to multiple folders.


to multiple folders.

1

NT Server

Text


to a single folder via

multiple computers.


to a single folder via

multiple computers.

2

n Access license

Using NT Server resources via a network requires a separate client access license.

n What is an access license?

Using resources via a network is called a connection and each connection

requires a license.

n License tool

A tool for license management is provided.


9/57

1-6

Memo

1.4 License Management (2)

License mode

NT Server

NT Server NT Server

Number of

concurrent users

2

Number ofconcurrent users

2

Number of

connected clients

2

Number of

connected clients

2

Number of

concurrent users

4 (22)

Number ofconcurrent users

4 (22)

Number of

connected clients

2

Number of

connected clients

2

n License mode

There are 2 license grant modes available: number of concurrent users and

number of connected clients.

n Number of concurrent users

Provides the same number of licenses as the number of accesses per server.

n Number of connected clients

Provides the same number of licenses as the number of clients in a network.

n Changing license mode

Available only one time from the number of concurrent users to the number of

connected clients.


10/57

1-7

Memo

1.5 Work Group and Doma in (1)

User management

Available from 2 aspects:

a work group and a domain. Work group

User data is managed

by each computer.

User data

User data

Work group model

n Window NT user management

Windows NT user management is provided form 2 aspects: a work group and a

domain.

n Work group

A logical group for providing a list of computers and users.

User data is stored in each computer for user management anduser

authentication.

User authentication

A process to verify whether to

give a permission to a user

attempting to use a Windows

NT server. This process is

performed every time a user

attempts to use a Windows

NT server.


11/57

1-8

Memo

1.5 Work Group and Domain (2)

User data

Directory

database

Primary Domain Controller

(PDC)

Backup Domain Control ler

(BDC)

User dataDirectory

A copy of the

database

Automatically copied.

User data

Added

Domain model

n Domain model

A logical group for computer and user management.

The whole user data is exclusively managed by a domain controller.

Applicable to large networks.

Tips

You must determine an application of a Window NT server at installation. You may

use it as a PDC or BDC for domain management, a member server, or a computer

called a stand alone server. To change the application, you must reinstall the

Window NT server.


12/57

1-9

Memo

1.6 Man agement Tools

Management tools

A set of tools for computer and domain management.

User Manger for Domains

Performs user management tasks.

n Windows NT management

Management tools to be used by a system administrator are available by selecting

[Start] - [Program] - [Administrative Tools (Common)].

Frequently used management tools

(1) User Manager for Domains

(2) Disk Administrator

(3) Server Manager

(4) Event Viewer

(5) Performance Monitor


13/57


14/57

2-2

Memo

2.1 What Is a User Account? (1)

User accoun t

Un ique iden tificat ion of a u ser

Built-in accoun t

User a ccoun ts p rovided by th e system.

Tips

Since the Administrator account is highly privileged, a mistake in operation with this

account for ordinary operations may cause a serious problem. To avoid this to

happen, an administrator is provided with a user account to perform ordinary

operations as well as the Administrator account to perform only management tasks.

n User account

Unique identification of a user.

Required when a user attempts to use a computer or to use resources of other

computer via a network.

One account is required per user.

n Built-in account

User accounts provided by the system.

n Administrator

An account for an administrator.

n Guest

An account for a temporary user of the system.


15/57

2-3

Memo

2.1 What Is a User Account? (2)

Domain

user accounts

PDCMaster directory

database

Domain

Domain user

accounts

A copy of the master

directory database

The database is copied.

Local user

accounts

Local directory database

Available only to a

local computer.

Available to

the whole

domain.

BDC

n Place to save user accounts

User accounts are classified into domain user accounts and local user accounts.

n Domain user accounts

Available to the whole domain.

n Local user accounts

Available only to aspecific computer. Specific computerWindows NT Server installed

as a member server or a

computer running Window

NT Workstation.

Tips

It takes a few minuets for the database on the BDC to synchronize with the PDC.

Thus a user data just created will not be copied and a new user may not log in for a

while. When this happens, you can use the server manager to copy the database

manually.


16/57


17/57

2-5

Memo

2.2 Creating a User Account (2)

Logon hours

Work sta tion to log on

n Logon hours

Setup procedure for the logon hours

(1) Click on [Hours] in the [New User] dialog box.

(2) Select hours to prohibit logon by dragging on bars and click on

[Disallow].

(3) Click on [OK].

n Workstation to log on

Setup procedure for a workstation to log on

(1) Click on [Logon to] in the [New User] dialog box.

(2) Click on [User May Log On To These Workstations].

(3) Enter up to 8 computer names. You must enter at least one.

(4) Click on [OK].


18/57

2-6

Memo

2.2 Creat ing a User Account (3)

Accoun t inform at ion

Dial-in access right

n Account information

Set 2 items related to an account.

(1) Valid period of an account

(2) Account type

Setup procedure for the account information

(1) Click on [Account] in the [New User] dialog box.

(2) Click on [Account Expires] and enter a date.

(3) Check [Local Account] to define it as a local account.

n Dial-in access right

Setup procedure for the dial-in access right

(1) Click on [Dialin] in the [New User] dialog box.

(2) Check [Grant dialin permission to user].

(3) Configure the Call Backoption and press [OK].

Call Back

A process in which an RAS

server that received a call

disconnects the call and calls a

client computer to make a

connection.


19/57

2-7

Memo

2.3 Man aging a User Account

n Changing the user account information

Start the user manager for domains. Select a user account and click on

[Properties...] in [User] menu.

n Deleting an account

Procedure to delete an account

(1) Start the user manager for domains and select a user account.

(2) Press [Delete] key or select [Delete] from [User] menu.

n Changing a user account name

Start the user manager for domains. Select a user account and click on [Rename...]

in [User] menu.

Tips

Window NT manages accounts using unique numbers called S-IDs (Security IDs),

which makes a new account created using a previously delete account name to

handled as a separate user account. Until you are sure that you can really delete an

account, you should check [Account Disallow] to prevent the account from being

used and save it.


20/57

2-8

Memo

2.4 Wha t Is a Group Account?

PDC

Master directory

database

Domain

Global group accounts

.Local gr oup accounts

A copy of the master

directory database

The database is copied.

Local group

accounts

Local directory database

Available only to a local

computer.

Available to the

whole domain.

BDC

Global group accounts.

Local group accounts

Available only to domain

controllers.

n What is a group account?

A group account is a set of user accounts.

n Local group

Many include user accounts and global accounts.

Created in the local directory database or the master directory database on the PDC.

n Global group

May only include user accounts of a domain to which a group is registered.

Created in the master directory database on the PDC.


21/57

2-9

Memo

2.5 Creat ing a Group Account

n Creating a local/global group

Creating a global group

(1) Click on [New Global Group...] in [User] menu.

(2) Enter a group name and a brief description in the [New Global Group] dialog

box.

(3) Select a user to include in a group from [Not Members] list and click on the

[


22/57

2-10

Memo

2.6 Managing a Group Account

n Changing the group account information

Start the user manager for domains. Select a user account and click on

[Properties...] in [User] menu.

n Deleting a group account

Procedure to delete a group account

(1) Start the user manager for domains and select a group account.

(2) Press [Delete] key or select [Delete] from [User] menu.

(3) Click on [OK].

n Changing a group name

You can not change any group name.


23/57


24/57

2-12

Memo

2.7 Managing Mult iple Accounts (2)

n Changing multiple user accounts

Multiple user settings may be changed at once.

Procedure to change multiple accounts

(1) Start the user manager for domains and select all user accounts of which

information you want to change.

(2) Click on [Properties] in [User] menu.


25/57


26/57


27/57


28/57


29/57


30/57


31/57

3-7

Memo

3.3 Sett ing NTFS Per mission (1)

Prerequisite for permission setup

Must be an owner of a file or folder or capable of changing

the permission.

Default permission

n Prerequisite for permission setup

To set a permission to a file or folder, you must be its owner or hold either of thefollowing permissions:

(1) Full Control

(2) Special access permission to change the permission

n Default permission

Formatting a drive with the NTFS assigns Full Control permission to the group

Everyone.

Tips

The NTFS permissions include Special Accesswith which an administrator can

combine permissions to set a unique permission. This permission is used for special

purposes, such as giving ownership to another user.


32/57

3-8

Memo

3.3 Sett ing NTFS Per mission (2)

n Setting a permission to a file or folder

Procedure to set a permission to a file or folder

(1) Right-click on a folder or file in Explorer and click on

[Properties]

(2) Click on the [Security] tab in the Properties dialog box,

then click on [Permission].

(3) Click on [Add...] to add users or groups to which you set a permission.

(4) In the Add Users and Groups dialog box, select a user(s)

or group(s) and set a permission to it (them).


33/57

3-9

Memo

3.4 Copying and Moving a F ile or Folder

Change of permission

Copying and moving a file

Copy

Move

Change (RWXD)New permission

Change (RWXD) Change (RWXD)

n Change of permission

Copying or moving a file or folder may change its permission and ownership.

n Copying a file or folder

Takes over a permission of the destination folder.

Gives ownership to a user who copied it.

n Moving a file or folder

Maintains an access permission of the source folder if moving was carried out in the

same drive.

Takes over a permission of the destination folder just like copying if moving wascarried out between drives.


34/57


35/57

3-11

Memo

3.6 Shar ed Folder Per mission (1)

No Access

Read

Change

FullControl

Shared folder permission

Restricts access to a shared folder.

n What is a shared folder permission?

A function to restrict access to a shared folder.

n Permission types and available operations

No Access

Read (RX)

Change (RWXD)

Full Control (RWXDPO)


36/57


37/57


38/57

3-14

Memo

3.7 Sett ing a Sh ared F older (2)

n Sharing a folder

Procedure to set a shared folder

(1) Right-click on a folder in Explorer and click on [Sharing...].

The Properties dialog box with the [Sharing] tab appears on top appears.

(2) Click on [Shared As] and enter a share name.

(3) Enter a description in the [Comment] entry box. (Optional)

(4) Set the number of users to allow concurrent access to a shared folder in

[User Limit].

(5) Click on the [Permissions...] button to set permission.

(6) Click on [OK].

Share NameA name that other computers

use to connect to a shared

folder. This is displayed in

Network Computer. You may

also assign a name that is

different from a folder name.

Tips

When an already shared folder is selected, the [New Sharing] button will be

displayed. Clicking on this button allows you to share a single folder with anothershare name. Use this function to provide both short and long names for users of an

old client OS that can not recognize a long share name and for users of Windows

Client, respectively.


39/57


40/57


41/57


42/57

3-18

Memo

3.9 Pr inter Man agement (2)

Creating a network printer

Setting a printer you created to be shared

Setting permission to access to a printer

n Creating a network printer

Procedure to create a network printer

(1) Right-click on an existing printer icon in [Printer] under [Control Panel]

and click on [Sharing...].

(2) Click on [Shared] and specify a share name, then click on [OK].

n Setting permission to access a printer

Procedure to set permission

(1) Right-click on an existing printer icon in [Printer] under [Control Panel]

and click on [Properties].

(2) Click on the [Security] tab, then click on the [Permissions] button.

(3) Add a user or group and specify a permission type, then click on [OK].


43/57


44/57

4-2

Memo

4.1 Audit

Monitoring r esour ces an d event s

Audit records user opera tions.

Audit

Records opera ted user s, execut ed opera tions, dat e,

and t ime.

n Monitoring resources and events

Audit allows you to monitor resources and accesses to the system to find fraud use

of resources.

n About audit

Operated users, executed operations, date, and time are recorded.

n Audit procedure

Use the user manager for domains to enable audit and select events to audit.

Set audit items to a file, folder, and printer.

n Prerequisite for audit

Must be a member of Administrators group.

Event

Items recorded by auditing,

such as file operations and

logon.


45/57

4-3

Memo

4.2 Sett ing Up for Audit (1)

Auditing a doma in

n Auditing a domain

Logon and logoff

File and Object Access

Use of User Rights

Security Policy Changes

Restart, Shutdown, and System

Process Tracking

Procedure to enable audit

(1) Start [User Manager for Domains] and click on [Auditing] in the [Policies]

menu.

(2) Click on [Events to Audit] and select an appropriate event in the [Audit

Policy] dialog box.


46/57

4-4

Memo

4.2 Sett ing Up for Audit (2)

Aud iting a file or folder

Available only on an NTFS volume.

n Auditing a file or folder

Procedure to audit a file or folder

(1) Start Explorer and right-click on a file or folder to audit, then select

[Properties].

(2) Click on the [Security] tab.

(3) Click on [Auditing].

(4) Click on the [Add...] button and select a user to audit.

(5) Set an event(s) to audit on success and/or failure in [Events to Audit].

(6) Click on [OK] to bring back the [%Name% Properties] dialog box and

click on [OK].


47/57


48/57


49/57


50/57


51/57


52/57

5-2

Memo

5.1 Task Mana ger

Viewing processes

This t ool allows you t o view the st at us of processes, st op

processes, and change pr iority.

n Viewing processes

This tool display a list of running processes. Information on resources

consumed by each process is also displayed.

This tool allows you to abort processes and change priority for execution.

Starting the task manager

(1) Press [CTRL] + [ALT] + [DEL] to open the [Windows NT Security]

dialog box, then click on [Task Manager...].

Using the Task Manager

Process

An execution unit of a

program

Resource

Indicates hardware resources,

such as CPU and memory,

here.

Priority

Windows NT provides 32

priorities from 0 through 31.

When multiple applications

are started at the same time,

an application with the

highest priority will be

executed first.


53/57

5-3

Memo

5.2 Windows NT Diagn ost ic Progra m

Viewing configurat ion dat a

This tool displays inform at ion on ha rdwa re a nd OS.

n Viewing configuration data

This tool displays information on hardware and OS stored in the registry.

Use this tool to view configuration information or to look for a cause of a

trouble.

You can not change the configuration data in the registry.

Starting the NT Diagnostic Program

Select [Start] - [Program] - [Administrative Tools (Common)] and click on

[Windows NT Diagnostic].


54/57


55/57

5-5

Memo

5.4 Network Monitor Tool

Monitor ing the network

This tool allows you t o capt ur e data sent ont o th e network an d

analyze.

n Monitoring the network

Using the Network Monitor, you can capture frames or packets sent onto the

network and analyze them.

Only data transmitted or received by the local computer can be captured.

Installing the network monitor

(1) Open [Network] from [Control Panel] and click on the [Add...] button

on the [Services] tab.

(2) Select [Network Monitor Tools and Agent] and click on [OK].

Using the Network Monitor

(1) Select [Start] - [Program] - [Administrative Tools (Common}] and

click on [Network Monitor].

Frame, Packet

A chunk of data carried over

the network.

Capture

To take in data.


56/57

5-6

Memo

5.5 Disk Administr at or

Managing disk par t it ions

The Disk Administr at or is a t ool to ma na ge hard disks.

n Managing disk partitions

The Disk Administrator is a tool to manage hard disks and removable media.

Starting the Disk Administrator

Select [Start] - [Program] - [Administrative Tools (Common)] and click on

[Disk Administrator].

What you can do with the Disk Administrator

Removable Media

Include MO and ZIP.

Tips

The Disk Administrator of Windows NT Server provides menu items to use a

function called fault tolerance or RAID which was developed by enhancing the

volume set or stripe set function. This allows you to set mirroring that uses 2

disks and striping with parity that uses 3 or more disks.


57/57

Documents

Windows NT Training 1