Exam
70-210 - Installing, Configuring, and Administering
Microsoft
Windows 2000 Professional
Installing Windows 2000 Professional:
Requirements:
|
Component
|
Recomended Minimum
|
|
CPU
|
Pentium-based
|
|
Memory
|
32 MB
|
|
Hard disk space
|
685 MB
|
|
Networking
|
NIC
required for network install
|
|
Display
|
VGA
|
|
Keyboard and mouse
|
required
|
All hardware should appear on the Windows 2000 Hardware
Compatibility List (HCL)
Windows 2000 Pro supports Symetric Multi-processing with max. two
processors, and up to 4 GB of RAM.
Setup has four stages:
1.
Setup Program (text mode)- preps hard drive for following
stages of install and copies files needed for running Setup Wizard.
Requires reboot.
2.
Setup Wizard (graphical mode) - prompts for additional info
such as product key, names, passwords, regional settings, etc.
3.
Install Windows Networking - detects adapter cards, installs
networking components (Client for MS Networks, File & Printer
Sharing for MS Networks), and installs TCP/IP protocol by default
(other protocols can be installed later). Choose to join a workgroup
or domain at this point (must be connected to network and provide
credentials to join a domain).
4.
Setup Completion - installs Start Menu items, register's
components, saves configuration, removes temporary files and system
rebooted one final time.
Installing from CD-ROM:
- Setup
disks are not required if your CD-ROM is bootable or you are
upgrading a previous version
- To
make boot floppies, type makeboot a: in the \bootdisk
directory of your W2K CD.
- If
installing using a MS-DOS or Win95/98 boot floppy, run winnt.exe
from the i/386
- Setup
will not prompt the user to specify the name of an installation
folder unless you are performing an unattended installation or
using winnt32 to perform a clean installation.
Installing over a Network:
- Create
a distribution server which has a file share containing the
contents of the /i386 directory
- 685
MB minimum plus 100 - 200 MB free hard drive space to hold
temporary files
- Install
a network client on the target computer or use a boot floppy
that includes a network client. Run winnt.exe from
file share on distribution server or winnt32.exe if
upgrading.
- Clean
installation is now possible with Windows 2000. NT 4 required a
pre-existing FAT partition.
Command
line switches for winnt.exe:
/e[:command]
Specifies a command that will be run at the end of
Stage 4 of setup
/r[:folder]
Specifies optional folder to be installed. Folder is not
removed after installation
/rx[:folder]
Specifies optional folder to be copied. Folder is deleted
after installation
/s[:sourcepath]
Specifies source location of Windows 2000 files. Can either
be a full path or network share
/t[:tempdrive]
Specifies
drive to hold temporary setup files
/u[:answer file]
Specifies
unattended setup using answer file (requires /s)
/udf:id[,UDF_file]-Establishes
ID that Setup uses to specify how a UDF file modifies an answer file
Unattended installations:
- Unattended installations
rely on an answer file to provide information during
setup process
- Answer files can be
created manually using a text editor or by using the Setup
Manager Wizard (SMW) (found in the Windows 2000 Resource Kit
Deployment Tools).
- SMW allows for creation
of a shared Distribution Folder and OEM Branding
- If you had a CD in drive
D: and an unattended installation answer file named sales.txt in
C:\, you could start your install with this command: D:\i386\winnt32
/s:d:\i386 /unattend:c:\sales.txt
- When doing a CD-based
install of W2K Pro and are booting from CD, name your answer
file WINNT.SIF and make sure it is on a floppy disk in your
floppy drive. The serial # for the CD should be entered into the
.SIF file to avoid a need for manual user input during the
install.
- There are five levels of
user interaction during unattended installs:
1.
Provide
Defaults - Administrator supplies default answers and user
only has to accept defaults or make changes where necessary.
2.
Fully
Automated - Mainly used for Win2000 Professional desktop
installs. No user input.
3.
Hide
Pages - Users can only interact with setup where
Administrator did not provide default information. Display of all
other dialogs is suppressed.
4.
Read
Only - Similar to above, but will display information
to user without allowing interaction to pages where Administrator
has provided default information.
5.
GUI
Attended - Only used for automating the second stage of
setup. All other stages require manual input.
Deploy Windows 2000 by using Remote Installation Services (RIS):
Overview:
Remote Installation Services (RIS) is used to lower the Total Cost
of Ownership (TCO) of Windows by simplifying the process of
installing new client workstations. Currently only Windows 2000
Professional clients can be installed using RIS.
RIS Server requirements:
- DHCP
Server Service
- Active
Directory
- DNS
Server Service
- At
least 2 GB of disk space. Hard disk must have at least two
partitions, one for the Operating System and one for the images.
Image partition must be formatted with NTFS. RIS packages cannot
be installed on either the system or boot partitions. Also
cannot be on an EFS volume or DFS shared folder.
Steps for setting up RIS Server:
- Install
Remote Installation Services using Control Panel > Add/Remove
Programs > Windows
- Start
the RIS Setup Wizard by running risetup.
Specify the Remote Installation Folder Location. For Initial
Settings, choose Do not respond to any client requests
(default setting - RIS Server must be authorized first). Specify
the location of the W2K Professional source files for building
the initial CD-based image. Designate a folder inside the RIS
folder where the CD image will be stored. Provide a friendly
text name for the CD-based image.
- Setup
Wizard creates the folder structure, copies needed source files
to the server, creates the initial CD-based W2K Professional
image in its designated folder along with the default answer
file (Ristandard.sif), and starts the RIS services on the
server.
- Server
must now be authorized. Open Administrative Tools > DHCP.
Right-click DHCP in the console tree and choose Manage
authorized servers. When dialog appears, click Authorize
and enter name or IP of the RIS server (user must be a member of
the Enterprise Admins group to do this).
- You
may now configure your RIS Server to respond to client requests.
- Assign
users/groups that will be performing RIS Installations
permissions to Create Computer Objects in Active Directory.
- The
Client Computer Naming Format is defined through Active
Directory Users & Computers. Right-click the RIS Server and
click Properties > Remote Install > Advanced Settings >
New Clients. Choose a pre-defined format or create a custom one.
Variables are: %Username (user logon name), %First (user first
name), %Last (user last name), %# (incremental number), %MAC (NIC
hardware address)
- Associate
an answer file (.SIF) with your image.
Creating a RIPrep Image:
- Procure
a Source Computer and install Windows 2000 Professional.
Configure all components and settings for your desired client
configuration keeping everything on a single partition (RIPrep
Wizard can only image a single partition).
- Install
your applications and configure them. Do not install unnecessary
applications - remember that RIS requires Active Directory which
can be used to publish or assign software as needed using Group
Policy.
- As
you created and configured the system using the Administrator
profile, you will need to copy your configuration to the Default
User profile so that your custom settings will not be lost.
- To
launch the RIPrep Wizard, click Start > Run and type the
following into the Open box: \\RISServerName\reminst\admin\i386\riprep.exe.
Provide the name of the RIS Server where the image will be
stored, the folder that will hold the image and a friendly text
description.
RIS Client requirements:
- Client
machine must meet minimum hardware requirements for Windows 2000
Professional and must use the same Hardware Abstraction Layer
(HAL).
- Must
have a network adapter that meets the Pre-boot Execution
Environment standard (PXE) version 99c and higher or a 3
1/2" floppy drive and PCI network adapter supported by the
RIS Startup Disk utility's list of supported adaptors.
Troubleshooting Remote Installations:
- If
computer displays a BootP message but doesn't display the DHCP
message, check to see if it can obtain an IP address. If it
cannot, make sure a DHCP server is online, is authorized, has a
valid IP address scope and that the DHCP packets are being
routed (you may need to install a DHCP relay agent if your DHCP
server is located on a different network segment than the RIS
client
- Computer
displays the DHCP message but does not display the Boot
Information Negotiations Layer (BINL) message. Make sure the RIS
server is online and authorized and that DHCP packets are being
routed.
- BINL
message is displayed but system is unable to connect to RIS
server. Try restarting the NetPC Boot Service Manager (BINLSVC)
on the RIS Server.
- If
the Client cannot connect to RIS Server using the Startup disk
check to make sure you used the right network adapter driver in rbfg.exe.
- If
the installation options you expected are not available, there
may be Group Policy conflicts. Check to make sure another Group
Policy Object did not take precedence over your own.
Other considerations:
- You
cannot create RIPrep images on a server unless it already has an
existing CD-based image.
- The
Remote Boot Floppy Generator utility (rbfg.exe)
only works on Windows 2000 systems. To create boot floppies,
click Start > Run and then type:
\\RISServerName\reminst\admin\i386\rbfg.exe
and click OK
- The
answer file (.SIF) supports the new [RemoteInstall] section.
Setting the repartition parameter to yes causes the install to
delete all partitions on the client computer and reformat the
drive with one NTFS partition.
- Pre-staging
images using the GUID of PXE-based workstations prevents
unauthorized users from illegally installing Windows 2000 onto
their systems.
- The
MAC address of the network adapter can be entered into the GUID
field and padded with zeros.
Working with SYSDIFF:
- Used
for installing applications, usually in conjuction with an
unattended installation. SYSDIFF allows you to take a snapshot
of your machine's original state, install applications, and then
package all of these changes into a single file which can be
applied to other machines.
- Install
your baseline system first. Then take a snapshot of it before
installing any applications. Syntax is: sysdiff /snap snap_file
- Next
install desired applications on target system. Use the SYSDIFF
tool to create a difference file. Syntax is: sysdiff
/diff snap_file diff_file
- You
can now apply your difference file to the target system(s).
Syntax is: sysdif /apply \\setupserver\w2k\diff_file
System preparation tool (SYSPREP.EXE):
- Removes the unique
elements of a fully installed computer system so that it can be
duplicated using imaging software such as Ghost or Drive Image
Pro. Avoids the NT4 problem of duplicated SIDS , computer names
etc. Installers can use sysprep to provide and answer file for
"imaged" installations.
- Must be extracted from
DEPLOY.CAB in the \support\tools folder on the Windows 2000
Professional CD-ROM.
- Adds a mini-setup wizard
to the image file which is run the first time the computer it is
applied to is started. Guides user through re-entering user
specific data. This process can be automated by providing a
script file.
- Use Setup Manager Wizard
(SMW) to create a SYSPREP.INF file. SMW creates a SYSPREP folder
in the root of the drive image and places sysprep.inf in this
folder. The mini-setup wizard checks for this file when it runs.
- Specifying a
CMDLINES.TXT file in your SYSPREP.INF file allows an
administrator to run commands or programs during the mini-Setup
portion of SYSPREP.
- Available switches for
sysprep.exe are: /quiet (runs without user interaction), /pnp
(forces Setup to detect PnP devices), /reboot (restarts
computer), and /nosidgen (will not regenerate SID on target
computer).
Upgrading from a previous version of Windows:
- Run
winnt32.exe to upgrade from a previous version
of Windows.
- Windows
2000 will upgrade and preserve settings from the following
operating systems: Windows 95 and 98 (all versions), Windows NT
Workstation 3.51 and 4.0, and Windows NT 3.1 or 3.5 (must be
upgraded to NT 3.51 or 4.0 first, then Professional).
- Upgrade
installations from a network file share are not supported in
Windows 2000 (this *can* be done, but only by using SMS). You
must either do a CD-based upgrade or perform a clean
installation of Windows 2000 and re-install needed applications.
- Because
of registry and program differences between Win95/98 and 2000,
upgrade packs (or migration DLLs) might be needed. Setup checks
for these in the \i386\Win9xmig folder on the Windows 2000
CD-ROM or in a user specified location.
- Run
winnt32 /checkupgradeonly to check for
compatible hardware and software. Generates a report indicating
which system components are Windows 2000 compatible. Same as
running the chkupgrd.exe utility from
Microsoft's site.
- All
operating system files associated with Windows 95/98 will be
deleted after an upgrade.
Troubleshooting failed installations:
Common errors:
|
Problem
|
Possible fix
|
|
Cannot contact domain controller
|
Verify that network cable is properly
connected. Verify that servers running DNS and a domain
controller are both on-line. Make sure your network settings
are correct (IP address, gateway, etc.). Verify that your
credentials and domain name are entered correctly.
|
|
Error loading
operating system
|
Caused when a drive is formatted with NTFS
during setup but the disk geometry is reported incorrectly.
Try a smaller partition (less than 4 GB) or a FAT32 partition
instead. (KB# Q234621)
|
|
Failure of
dependency
service to start
|
Make sure you installed the correct protocol
and network adapter in the Network Settings dialog box in the
Windows 2000 Setup Wizard. Also check to make sure your
network settings are correct.
|
|
Insufficient
disk space
|
Create a new partition using existing free
space on the hard disk, delete or create partitions as needed
or reformat an existing partition to free up space.
|
|
Media errors
|
Maybe the CD-ROM you are installing from is
dirty or damaged. Try using a different CD or trying the
affected CD in a different machine.
|
|
Nonsupported
CD drive
|
Swap out the drive for a supported drive or try
a network install instead. (KB# Q228852)
|
Log files created during Setup:
|
Logfile name
|
Description
|
|
setupact.log
|
Action Log - records setup actions in a
chronological order. Includes copied files and registry
entries as well as entries made to the error log.
|
|
setuperr.log
|
Error Log - records all errors that occur
during setup and includes severity of error. Log viewer shows
error log at end of setup if errors occur.
|
|
comsetup.log
|
Used for Optional Component manager and COM+
components.
|
|
setupapi.log
|
Logs entries each time a line from an .INF file
is implemented. Indicates failures in .INF file
implementations.
|
|
netsetup.log
|
Records activity for joining a domain or
workgroup.
|
|
mmdet.log
|
Records detection of multimedia devices, their
port ranges, etc.
|
Implementing and Conducting Administration of Resources:
Choosing a file system:
- NTFS
provides optimum security and reliability through it's ability
to lock down individual files and folders on a user by user
basis. Advanced features such as disk compression, disk quotas
and encryption make it the file system recommended by 9 out of
10 MCSEs. (KB# Q244600)
- FAT
and FAT32 are only used for dual-booting between Windows 2000
and another operating system (like DOS 6.22, Win 3.1 or Win
95/98). (KB# Q184006)
- Existing
NT 4.0 NTFS system parition will be upgraded to Windows 2000
NTFS automatically. If you wish to dual-boot between NT4.0 and
2000 you must first install Service Pack 4 on the NT4.0 machine.
This will allow it to read the upgraded NTFS partition, but
advanced features such as EFS and Disk Quotas will be disabled.
(KB# Q197056
& Q184299)
- Use
convert.exe to convert a FAT or FAT32 file
system to NTFS. NTFS partitions cannot be converted to FAT or
FAT32 - the partition must be deleted and recreated as FAT or
FAT32 (KB# Q156560
& Q214579)
- You
cannot convert a FAT partition to FAT32 using convert.exe.
(KB# Q197627)
NTFS file and folder permissions: (KB#S Q183090,
Q244600)
File attributes when copying/moving within a partition or between
partitions:
|
Copying within a partition
|
Creates a new file resembling the old file.
Inherits the target folders permissions.
|
|
Moving within a partition
|
Does not create a new file. Simply updates
directory pointers. File keeps its original permissions.
|
|
Moving across partitions
|
Creates a new file resembling the old file, and
deletes the old file. Inherits the target folders
permissions.
|
Miscellaneous:
- NTFS in Windows 2000
(version 5) features enhancements not found in Windows NT 4.0
version 4). Reparse Points, Encrypting File System (EFS), Disk
Quotas, Volume Mount Points, SID Searching, Bulk ACL Checking,
and Sparse File Support. (KB# Q183090)
- Volume Mount Points
allow new volumes to be added to the file system without needing
to assign a drive letter to it. Instead of mounting a CD-ROM as
drive E:, it can be mounted and accessed under an existing drive
(e.g., C:\CD-ROM). As Volume Mount Points are based on Reparse
Points, they are only available under NTFS5 using Dynamic
Volumes.
- NTFS4 stored ACLs on
each file. With bulk ACL checking, NTFS5 uses unique ACLs only
once even if ten objects share it. NTFS can also perform a
volume wide scan for files using the owner's SID (SID
Searching). Both functions require installation of the Indexing
Service.
- Sparse File Support
prevents files containing large consecutive areas of zero bits
from being allocated corresponding physical space on the drive
and improves system performance.
- NTFS partitions can be
defragmented in Windows 2000 (as can FAT and FAT32 partitions).
Use Start > Programs > Accessories > System Tools >
Disk Defragmenter.
- Local security access
can be set on a NTFS volume.
- Files moved from an NTFS
partition to a FAT partition do not retain their attributes or
security descriptors, but will retain their long filenames.
- Permissions are
cumulative, except for No Access, which overrides anything.
- File permissions
override the permissions of its parent folder.
- Anytime a new file is
created, the file will inherit permissions from the target
folder.
- The cacls.exe utility
is used to modify NTFS volume permissions. (KB# Q237701)
Windows File Protection Feature (WFP): (KB# Q222193)
- New
to Windows 2000 - prevents the replacement of certain monitored
system files (important DLLs and EXEs in the %systemroot%\system32
directory).
- Uses
file signatures and code signing to verify if protected system
files are the Microsoft versions.
- WFP
does not generate signatures of any type.
- Critical
DLLs are restored from the %systemroot%\system32\dllcache
directory. Default maximum size for Professional is 50MB. This
can be increased by editing the Registry. (KB# Q229656)
Local and network print devices:
- Windows
2000 Professional supports the following printer ports: Line
Printer (LPT), COM, USB, IEEE 1394, and network attached
devices.
- Print
services can only be provided for Windows and UNIX clients on
Windows 2000 Professional (KB# Q124734)-
Windows 2000 Server is required to support Apple and Novell
clients.
- Windows
2000 Professional automatically downloads the printer drivers
for clients running Win2000, WinNT 4, WinNT 3.51 and Windows
95/98. (KB# Q142667)
- Internet
Printing is a new feature in Windows 2000. You have the option
of entering the URL where your printer is located. The print
server must be a Windows 2000 Server running Internet
Information Server or a Windows 2000 Professional system running
Personal Web Server - all shared printers can be viewed at:
http://servername/printers
- Print
Pooling allows two or more identical printers to be installed as
one logical printer.
- Print
Priority is set by creating multiple logical printers for one
physical printer and assigning different priorities to each.
Priority ranges from 1, the lowest (default) to 99, the highest.
- Enabling
"Availability" option allows Administrator to specify
the hours the printer is available.
- Use
Separater Pages to separate print jobs at a shared printer. A
template for the separater page can be created and saved in the
%systemroot%\system32 directory with a .SEP file extension. (KB#
Q102712)
- You
can select Restart in the printer's menu to reprint a document.
This is useful when a document is printing and the printer jams.
Resume can be selected to start printing where you left off.
- You
can change the directory containing the print spooler in the
advanced server properties for the printer. (KB# Q123747)
- To
remedy a stalled spooler, you will need to stop and restart the
spooler services in the Services applet in Administrative Tools
in the Control Panel. (KB# Q240683 &
- Use
the fixprnsv.exe command-line utility to
resolve printer incompatibility issues. (KB# Q247196)
Managing file systems: (KB# Q222189)
Windows 2000 supports both Basic and Dynamic
storage. In basic storage you divide a hard disk into partitions.
Windows 2000 recognizes primary and extended partitions. A disk
initialized for basic storage is called a Basic disk.
It can contain primary partitions, extended partitions and logical
drives. Basic volumes cannot be created on dynamic disks. Basic
volumes should be used when dual-booting between Windows 2000 and
DOS, Windows 3.x, Windows 95/98 and all version of Windows NT. (KB# Q175761)
Dynamic storage (Windows 2000 only) allows you to
create a single partition that includes the entire hard disk. A disk
initialized for dynamic storage is called a Dynamic disk.
Dynamic disks are divided into volumes which can include portions of
one, or many, disks. These can be resized without needing to restart
the operating system. (KB# Q225551)
There are three volume types:
- Simple
volume - contains space from a single disk
- Spanned
volume - contains space from multiple disks (maximum of 32).
First fills one volume before going to the next. If a volume in
a spanned set fails, all data in the spanned volume set is lost.
Performance is degraded as disks in spanned volume set are read
sequentially.
- Striped
set- contains free space from multiple disks (maximum of
32) in one logical drive. Increases performance by
reading/writing data from all disks at the same rate. If a disk
in a stripe set fails, all data is lost.
Dynamic Volume States:
|
State
|
Description
|
|
Failed
|
Volume cannot be automatically restarted and
needs to be repaired
|
|
Healthy
|
Is accessible and has no known problems
|
|
Healthy at risk
|
Accessible, but I/O errors have been detected
on the disk. Underlying disk is displayed as Online (Errors)
|
|
Initializing
|
Volume is being initialized and will be
displayed as healthy when process is complete
|
Dynamic Volume Limitations:
- Cannot
be directly accessed by DOS, Win95/98 or any versions of Windows
NT if you are dual-booting as they do not use the traditional
disk organization scheme of partitions and logical volumes. MBR
on dynamic disks contains a pointer to disk configuration data
stored in the last 1 MB of space at the end of the disk. (KB# Q197738)
- Dynamic
volumes which were upgraded from basic disk partitons cannot be
extended, especially the system volume which holds
hardware-specific files required to start Windows 2000 and the
boot volume. Volumes created after the disk was upgraded to
dynamic can be extended. (KB# Q222188)
- When
installing Windows 2000, if a dynamic volume is created from
unallocated space on a dynamic disk, Windows 2000 cannot be
installed on that volume. (KB# Q216341)
- Not
supported on portable computers or removable media. (KB# Q232463)
- A
boot disk that has been converted from basic to dynamic cannot
be converted back to basic. (KB# Q217226)
Translation of terms between Basic and Dynamic Disks:
|
Basic Disks
|
Dynamic Disks
|
|
Active partition
|
Active volume
|
|
Extended partition
|
Volume and unallocated space
|
|
Logical drive
|
Simple volume
|
|
Mirror set
|
Mirrored volume (Server only)
|
|
Primary partition
|
Simple volume
|
|
Stripe set
|
Striped volume
|
|
Stripe set with parity
|
RAID-5 volume (Server only)
|
|
System and boot partitions
|
System and boot volumes
|
|
Volume set
|
Spanned volumes
|
There is NO fault-tolerance with Windows 2000 Professional.
Fault-tolerance (RAID levels 1 and 5) are only available in the
Windows 2000 Server family. (KB# Q113932)
To manage disks on a remote computer you must create a custom
console focused on another computer. Choose Start > Run and type
mmc. Press Enter. On console menu click Add/Remove Snap-in. Click
Add. Click Disk Management then click Add. When Choose Computer
dialog box appears choose the remote system.
Windows 2000 now supports disk-based quotas. Quotas can be set on
NTFS volumes, but not on FAT or FAT32 volumes. Quotas cannot be set
on individual folders within a NTFS partition. (KB# Q183322)
Disk information is now stored on the physical disk itself,
facilitating moving hard drives between systems. As managing disk
numbering can become quite complex, the dmtool.exe
utility has been provided. (KB# Q222470)
When using the Disk Management Snap-in Tool:
- Whenever
you add a new disk in a computer it is added as Basic Storage