Winxp Professional Networking

MCSE
2013
Networking With XP Professional
Sardar Azeem
Azeem_aag2000@yahoo.com contact
03135879331
MCSE 2013
Sardar Azeem Page 1 3/27/2013
Introduction
Contents:
Attended Installation
Upgrading To Windows XP Professional
Additional Installation Methods
RIS Installations
Troubleshooting Setup
Disk Management
Using the Disk Management Tool
File Systems Overview
Using the Files and Settings Transfer Wizard
Managing Users Accounts
Managing Groups
TCP/IP Protocol
Troubleshooting TCP/IP
Remote Assistance
NWLink IPX/SPX/NetBIOS Compatible Transport Protocol
Understanding DNS
Configuring Windows XP Professional as a DNS Client
Windows XP Professional in Active Directory Environments
Understanding Compression and Encrypted File Systems
Attended Install of Windows XP Professional
This article covers attended installations of Windows XP Professional from a CD-ROM.
Installing Windows XP Professional from a CD-ROM to a clean hard disk consists of

these four stages:
Running the Setup program - Partitions and formats the hard disk (if required) for
the installation to proceed and copies the files necessary to run the Setup Wizard.
Running the Setup Wizard - Requests setup information about the local
workstation where the installation is taking place.
Networking components - Installs the networking components that allow the

computer to communicate with other computers on the loc al network.
Completing the installation - This final phase copies files to the hard drive and
configures the final stages of the setup.
There are some noted differences in the Windows XP Professional installation and
older Windows NT4 and Windows Professional installations.
The design of the installation program assumes that your system has the ability to
boot directly from a CD-ROM or that you will use a Windows 95/98/ME boot floppy to
begin installing from a CD. The ability to directly create setup floppies has been
dropped from Windows XP. Setup boot disks are available only by download from
Microsoft. The Setup boot disks are available so that you can run Setup on
computers that do not support a bootable CD-ROM.
Prepared By Sardar Azeem Computer H/w And Network Engineer abbottabad

Contact No:03135879331 email: azeem_aag2000@yahoo.com
There are six Windows XP Setup boot floppy disks. These disks contain the files and
drivers that are required to access the CD-ROM drive through generic PCI drivers and
begin the Setup process.
If your computer does support booting from a CD-ROM, or if network-based

installation is available, Microsoft recommends that you use those installations
methods.
Setup will not prompt the user to specify the name of an installation folder unless
you are performing an unattended installation or using winnt32 to perform a clean
installation.
By default, the Setup Wizard installs the Windows XP Professional operating system
files in the WINDOWS folder. If this folder exists on the partition you have chosen for
the install, setup will warn you that you are about to overwrite the current operating
system installed on that partition. In order to keep it (e.g. dual or multi booting
scenario) you would need to choose another partition for the installation.
To start the Setup program, insert the Windows XP Professional installation CD-ROM
in your CD-ROM drive
If an operating system is detected on the hard drive, the following message will
appear:
In this scenario, you would need to press any key on the keyboard to continue with
the CDROM installation.
After the computer starts, a minimal version of Windows XP Profe ssional is copied
into memory. This version of Windows XP Professional starts the Setup program.
After all of the files are copied and the system is restart ed, the text-mode portion of
Setup is started which prompts you to read and accept a licensing agreement.

You would select "F8-I agree" to continue. (If you elect not to accept the agreement,
the installation will end)
You are then prompted to select a partition on which to install Windows XP

Professional. You can select an existing partition or create a new partition by using
any unpartitioned free space on the hard drive(s).
(The above example shows a partitioned and formatted drive)
Once a partition has been selected the next step is to select a f ile system for the new
partition. Next, Setup formats the partition with the selected file system. (This would
assume that a file system didn't currently exist. In this example, one already does
and it is formatted in NTFS so I have elected to leave it as is. Any formatting done
here during setup will destroy any existing data on the partitions formatted.)

From here Setup copies files to the hard disk and saves configuration information.
Setup restarts the computer once the file copy is completed and then starts the
Windows XP Professional Setup Wizard, the graphical user interface (GUI) portion of
Setup.

The GUI-based Windows XP Professional Setup Wizard is the next stage of the
installation process.
Regional settings - In this section you are able to customize settings to your
language and where you live as well as setup Windows XP Professional to use
multiple languages and regional settings.

Personalize your Software - In this sec tion you can enter the name of the person
and the organization to which this copy of Windows XP Professional is licensed. This
can be your own name and nothing in the organization field or the name of the
company in both places if this installation is being performed in a place of business.
Software installed on the system later will often use this information for product
registration and document identification.
Your Product Key - This page is where you enter your 25-character product key in
order to install the software.
If you incorrectly type the key, an error message will be generated.

Computer Name And Administrator Password - Here you enter a name for the
computer or use the auto generated one that Windows XP Professional provided.
The computer name will always display in all uppercase letters, no matter how you
type it. The name is not case sensitive.
In the Administrator Password box on the same screen, you will enter the password
to be used for the administrator account and in the Confirm Password box you will
re-enter it to make sure that it is entered correctly.
If the passwords do not match, the above error message will appear and you will
need to enter them again.

Modem Dialing Information - This section will begin only if an installed modem
has been found on your system.
Enter the correct country or region if it is not selected. (It should match your
selection from the Regional settings page.) Type your area code or city code and
any number you might need to dial to get an outside line. You can also select either
tone or pulse dialing on this page as well.
Date and Time Settings - This section of Setup allows you to verify that the correct
date, time and time zone are entered and whether or not the system should adjust
itself automatically at the daylight savings times events each year.
Network Settings - The next section of setup deals entirely with installing the
Windows XP Professional networking components on your system.
Installing Windows XP Professional networking components involves the following

processes:
Detect network adapter cards - The Setup Wizard detects and configures any
network adapter cards installed on the computer. By default, it attempts to locate a
DHCP server on the network. If none is found it will use an Automatic Private IP
Addressing (APIPA) IP address. (The APIPA IP address feature of Windows XP
Professional automatically configures a unique IP address from the range
169.254.0.1 to 169.254.255.255 and a subnet mask of 255.255.0.0 when TCP/IP is
configured for dynamic addressing and a DHCP server is not available.)
Select networking components - The Setup Wizard prompts you to choose typical
or customized settings for networking components.
The Typical (selected by default) installation includes the following options:
 Client For Microsoft Networks. Allows your computer to access network

resources.
 File And Printer Sharing For Microsoft Networks. Allows other computers to
access file and print resources on your computer.
 QoS Packet Scheduler. Helps provide a guaranteed delivery system for
network traffic, such as Internet Protocol (TCP/IP) packets.
 Internet Protocol (TCP/IP). Allows your computer to communicate over local
area networks (LANs) and wide area networks (WANs). TCP/IP is the default
networking protocol.
You can install other clients, services, and network protocols during the Windows XP
Professional installation by choosing CUSTOM, but it is recommended that you wait
until after the installation has completed to add additional services. (The exception
would be if the lack of these services would prevent the system from coming online

to your network properly upon restart.)
Workgroup or Computer Domain - This section allows you to choose to join a

domain for which you have administrative privileges or to join a local workgroup. You
can create the computer account in the domain you are joining ahead of time or
during installation. (The Setup Wizard prompts you for the name and password of a
user account with authority to add domain computer accounts if you elect to create
the account during the Windows XP Professional installation).
After installing the networking components, Setup starts the final steps of the
installation process, which include:
 Installs Start menu items - Shortcuts that will appear on the Start menu are
installed and configured during this stage.
 Registers components - The configuration settings that you specified earlier
during the install are configured now.
 Saves the configuration - The Setup Wizard saves your entered configuration
settings. Once the system is restarted, the computer uses this configuration
by default.
 Removes temporary files - Any files used by the Setup Wizard that are no
longer needed are deleted.
 Restarts the computer - The computer is automatically restarted. This is the
final step of the Setup Wizard.
Upon restart, the computer will either boot directly to Windows XP Professional or it
will bring up the operating system selection window (the text of the BOOT.INI file) if
you have more than one operating system installed.

After you start Windows XP for the first time, you will come to the Welcome to
Microsoft Windows screen to finish setting up your computer. Click on the Green
NEXT arrow at the bottom right hand corner of the display.
The system will then check to see how you will connect to the Internet. If Windows
cannot detect the settings it will prompt you for input. (You can also select SKIP to
by pass this section).
The Registration of your Windows XP Professional software IS NOT REQUIRED. You

can skip this step and never go back to it.
The Windows Product Activation screen appears next. Windows Product Activation
has been designed by Microsoft it protect their intellectual property as much as
possible from software piracy. According to Microsoft through the setup feature, you
do not need to send any information at all when you activate the product, not even a
name. This step is required, at this time or within the first 30 days.

If you decide to skip this registration step now, you will only be able to use Windows
XP Professional for 30 days. At that time, the operating system will not function
without activating the product. You will have no other option but to either blow the
partition away and reinstall the OS for another 30 days or activate the software.
If you skip this step, Windows XP will periodically remind us during our 30-day period
to Activate the product.
The next screen we are brought to is the Internet Access screen, which allows us to
configure our Internet connection at this time as well. You do have the option to skip
this step as well.
The next screen that appears is the User Setup screen. On this setup page you are
able to enter the name of each person that will have local access to this computer. If
you choose to do this now, Windows XP Professional would create a separate user
account for each name entered.

These names would first appear on the Welcome Screen in alphabetical order. At that
point, users would be able to select their name from the Welcome screen to use the
computer. The local administrator can use User Accounts in the system Control Panel
to assign these users with passwords and system permission limits. It is also where
additional users can be created, in lieu of doing here or in addition to entering some
here.
At least one name needs to be entered.
This first user becomes a local administrator by default.
Best of luck in your studies and please feel free to contact me with any questions on
my article and remember, "If a bad guy can alter the operating system on your
computer, it may not be your computer anymore"

Upgrading To Windows XP Professional
Before we get started with a direct upgrade to Windows XP Professional we need to

know which operating systems support a direct upgrade.
Windows XP Supported Upgrade Paths
The following direct upgrade paths are supported by Microsoft and are considered
viable for both the Windows XP Professional and Windows XP Home operating
systems.
Microsoft Windows 98
Microsoft Windows 98 Second Edition
Microsoft Windows Millennium Edition
 Windows XP Home Edition Retail (Full) Version

 Windows XP Home Edition Upgrade Version
 Windows XP Professional Retail (Full) Version
 Windows XP Professional Upgrade Version
Microsoft Windows NT 4.0 Workstation

Microsoft Windows 2000 Professional

Microsoft Windows XP Home Edition

All Versions of Windows NT 4.0 require Service Pack 5 to be installed prior to

upgrading to Windows XP.
Currently, there are no supported direct upgrade paths for the following Microsoft
operating systems:
Microsoft Windows 3.x
Microsoft Windows NT 3.51 Workstation
Microsoft Windows NT 3.51 Server
Microsoft Windows NT 3.51 Server with Citrix

Microsoft Windows 95
Microsoft BackOffice Small Business Server
Having this information available or knowing where to look it up is important before

you get started.
[NOTES FROM THE FIELD] - I often get the question, "how do you know all of this
stuff", when I am working with desktop or system admins. The t ruth is, I often do
not know the information off the top of my head. Sometimes I do, and it is often due
to the fact that many people throughout the course of the year come to ask me
different questions and because many of them are repetitive I often have immediate
recall of them. Many times, (more often than not) I don't remember the answer, but
I have a vague idea of where I looked it up when I was asked it before and I head
right "battle" is knowing where to look up the information when you need it. If y ou
can do that, you're ahead of the game and ahead of most other people you might
work with.
Once you are certain that the operating system you're currently using can be directly
upgraded to Windows XP Professional, you then need to be sure that the inst alled
system hardware meets the minimum Windows XP Professional hardware
requirements by verifying all of the hardware is on theHardware Compatibility List
(HCL) at the Microsoft website.
Windows XP Professional supports only the devices listed in the HCL. If your
hardware isn't listed, contact the hardware manufacturer and request a Windows XP
Professional driver.
Support means that while the operating system may load and run on unsupported
hardware and software, any issues that come up with the system will not be covered
(i.e. supported) by Microsoft Technical Support if you should need to engage them.
You can test the computer for compatibility by using the Windows XP Professional
Compatibility tool. During a system upgrade you will see the option for this on the
introductory screen. (You also run the tool from the command line by typing
<CDROM DRIVE>:\i386\w innt32 /checkupgradeonly. You can perform just the check
and then exit the tool without installing the operating system, if you wish.)
If you have AUTORUN enabled on your system the Welcome to Microsoft Windows XP
setup screen will appear.

Additional Installation Methods of Windows XP Professional
This article covers the additional installation methods of Windows XP Professional of

over the network installations and automating installations using Windows Setup
Manager.
Installing Windows XP Professional over the Network
Before you can begin a network installation of Windows XP Professional, you need to
copy the Windows XP Professional installation files to a server, normally a file or
distribution server, and share out the directory so that people who need to perform
an over the network installation can attach to the share. (These people will also need
the proper level of Folder and NTFS permissions to attach to the share.)
The distribution server share will need to contain the installation files from the I386
folder on the Windows XP Professional CD-ROM.
From the target system, you connect to this shared directory and then run the Setup
program.
The target system needs to be prepared ahead of time in order to be successful with
an over the network installation. First, you need to create a FAT or FAT32 partition
on the target computer of at least 1.5 GB of disk space and format it ahead of time
and you also need to either boot from a client diskette that includes a network client
that enables the target computer to connect to the distribution server or install the
client directly to the local system hard drive with some sort of system installed, such
as formatting the hard drive with a Windows 9x boot disk with the "s" switch.
(FORMAT /S Copies system files to the formatted disk to make a boot disk. This also
works on a local hard drive).
The preferred method is to boot from a client diskette that includes a network client
that enables the target computer to connect to the distribution server.
(As we continue from here, we will assume we are using the preferred methods of
installation. As variables come up, I will mention them as a side note.)
The Setup program copies the installation files to the target computer, which is why
you need to create a FAT or FAT32 partition on the target computer of at least 1.5
GB of disk space and format it ahead of time.
You begin from the target computer by booting from a floppy disk that includes a
network client that can be used to connect to the distribution server. Once the
network client on the target computer is started, you connect to the shared folder on
the distribution server that contains the Windows XP Professional insta llation files
and Run WINNT.EXE to start the Setup program.
[NOTES FROM THE FIELD] - WINNT.EXE is used for an installation using MS-DOS
or Windows 3.0 or later versions on the source system. WINNT32.EXE is run for an
installation using Microsoft Windows 95, Windows 98, Microsoft Windows Me,
Windows NT 4, or Windows 2000 Professional.

Running WINNT.EXE from the shared folder does creates the $Win_nt$.~ls
temporary folder on the target computer and the Windows XP Professional
installation files are copied from the shared folder on the distribution server to the
$Win_nt$.~ls folder on the target computer. Once all of the files are copied to the
target system, setup will reboot the local computer and begin installing the Windows
XP Professional operating system.
[NOTES FROM THE FIELD] - WINNT.EXE and WINNT32.EXE can be modified by

using switches. I have outlined the available switches below.
Modifying the Setup Process Using WINNT.EXE switches
Switch Function
/a Enables accessibility options.
Specifies an optional folder to be copied and saved. The folder remains after
/r[:folder]
Setup is finished.
Specifies the optional folder to be copied. The folder is deleted after Setup is
/rx[:folder]
finished.
Specifies the source location of Windows XP Professional files. This must
/s[:sourcepath] be a full path x:\[path] or \\server\share\[path]. The default is the current folder
location
Specifies a drive to contain temporary setup files and directs the Setup
program to install Windows XP Professional on that drive. If you do not
/t[:tempdrive]
specify a drive, Setup attempts to locate the drive with the most available
space by default.
Performs an unattended installation. (Requires the /s switch.) The answer file
/u[:script_file] provides answers to some or all of the prompts that the end user normally
responds to during Setup.
Indicates an identifier (id) that Setup uses to specify how a Uniqueness
Database File (UDF) modifies an answer file. The /udf parameter overrides
/udf:id[,UDF_file] values in the answer file, and the identifier determines which values in the
UDF file are used. If you do not specify a UDF_file, Setup prompts you to
insert a disk that contains the $UNIQUE$.UDB file.
Modifying the Setup Process Using WINNT.EXE32 switches
Switch Function
Checks your computer for upgrade compatibility for Windows XP
Professional.
 On Windows 98 or Windows Me upgrade checks, the default

/checkupgradeonly
filename is UPGRADE.TXT in the %systemroot% folder.
 For Windows NT 4 or Windows 2000 upgrades, the default
filename is NTCOMPAT.TXT in the %systemroot% folder.

Specifies a specific command that Setup is to run. This command is run

/cmd:command_line after the computer restarts and after Setup collects the necessary
configuration information.
Copies to the hard disk the files for the Recovery Console, which is used
/cmdcons for repair and recovery as a Startup option after the Windows XP
Professional installation has been completed.
/copydir:foldername Creates an additional folder within the %systemroot% folder, which
contains the Windows XP Professional system files. You can use the
/copydir switch to create as many additional folders within the
%systemroot% folder as you want.
Creates an additional folder within the %systemroot% folder. Setup
/copysource:foldername
deletes folders created with /copysource after installation is complete.
Creates a debug log at the specified level. By default, the debug log file is
C:\WINNT32.LOG and the default level is 2. Includes the following
levels:
 0 (severe errors)
/debug[level] [:file_name]  1 (errors)
 2 (warnings)
 3 (information)
 4 (detailed information for debugging)
Each level includes the level below it.

Prevents Dynamic Update from running. Without Dynamic Updates,
Setup runs only with the original Setup files. This option disables
/dudisable
Dynamic Update even if you use an answer file and specify Dynamic
Update options in that file.
Specifies a share on which you previously downloaded Dynamic Update
files from the Windows Update Web site. When run from your
installation share and used with /prepareinstall, it prepares the updated
/dushare: pathname
files for use in network-based client installations. When used without
/prepareinstall and run on a client, it specifies that the client installation
will use the updated files on the share specified in pathname.
Prepares an installation share for use with Dynamic Update files that you
downloaded from the Windows Update Web site. You can use this share
/duprepare: pathname
for installing Windows XP Professional for multiple clients and it can
only be used with /dushare).
Instructs Setup to copy replacement files from an alternate locatio n.
/m:foldername Directs Setup to look in the alternate location first and, if files are
present, to use them instead of the files from the default location.
Instructs Setup to copy all installation source files to the local hard disk.
/makelocalsource Use this switch when installing from a CD-ROM to provide installation
files when the CD-ROM is not available later in the installation.
Prevents Setup from restarting the computer after completing the file-
/noreboot
copy phase.
Specifies the source location of Windows XP Professional installation
/s:sourcepath files. To simultaneously copy files from multiple paths, use a separate /s
switch for each source path. If you type multiple /s switches, the first

location specified must be available or the installation will fail. You can
use a maximu m of eight /s switches.
Copies Setup startup files to a hard disk and marks the drive as active.
You can then install the drive in another computer. When you start that
computer, Setup starts at the next phase. Using /syspart requires the
/syspart:[drive_letter] /tempdrive switch. You can use syspart on computers running Windows
NT 4, Windows 2000, Windows XP Professional, or Windows 2000
Server. You cannot use it on computers running Windows 95, Windows
98, or Windows Me.
Places temporary files on the specified drive and installs Windows XP
/tempdrive:drive_letter
Professional on that drive.
Performs an unattended installation. The answer file provides your
custom specifications to Setup. If you don't specify an answer file, all
user settings are taken from the previous installation. You can specify the
/unattend [number]: number of seconds between the time that Setup finishes copying the files
[answer_file] and when it restarts with [number]. You can specify the number of
seconds only on computers running Windows 98, Windows Me,
Windows NT 4, or Windows 2000 that are upgrading to a newer version
of Windows XP Professional.
Indicates an identifier (id) that Setup uses to specify how a UDF modifies
an answer file. The UDF file overrides values in the answer file, and the
/udf:id[,udb_file] identifier determines which values in the UDF file are used. If you do not
specify a UDF file, Setup prompts you to insert a disk that contains the
$UNIQUE$.UDF file.
For the most part, an over the network installation of Windows XP Professional from
this point forward is almost perfectly identical to installing Windows XP Professional
from a CD-ROM to a clean hard disk. For more information, you can take a look at
my article Attended Install of Windows XP Professional.
Installing Windows XP Professional using Windows Setup Manager.
Using the Windows Setup Manager will help you automate certain Windows XP
Professional installations. In order to use the Windows Setup Manager you need to
install the Windows XP Professional Deployment Tools from the Windows XP
Professional CD-ROM.
To start, you need to log on with a user account that is a member of the
Administrators group and insert the Windows XP Professional CD-ROM in the CD-
ROM drive. (If you have AUTORUN enabled the Welcome To Microsoft Windows XP
screen, shown below, will appear. Click Exit to close it).

Open the Windows Explorer and create the folder where the files can be extracted to.
The E:\Setup Tools folder in our example will be used to contain the files extracted
from DEPLOY.CAB on the Windows XP Professional CD-ROM. (You can also choose to
create a new folder to where you want to extract the files when you open the CAB
files. We have performed this step ahead of t ime in the example)

Double-click :\Support\Tools\Deploy.CAB. The cabinet file will open in the explorer

window and show all of the files. Select them all and right click and choose EXTRACT.
The Select a Destination window will open. Select the E:\Setup Tools folder we
created earlier as the point where to extract the tools to. (Or, as I mentioned before,
you could select Make New Folder at this point as well).

When you have finished, the following files will appear in the folder.
We will use setupmgr.exe, the Windows System Manager, to create an unattended

setup script. Double clicking the on the executable will start the Windows Setup
Manager Wizard.

Clicking Next will bring up the New Or Existing Answer File page. Since we do not
have an existing answer file, we will elect to create a new one and continue.

We are then presented with three different options on the Product to Install pa ge.
Since we are creating an answer file for a Windows Unintended Installation (which is
selected by default) we will keep this setting and continue.

On the Platform page we will choose our platform for the answer file. (This will be
Windows XP Professional, but you are supplied with the options for Windows XP
Home Edition and Windows 2002 Server, Advanced Server or Data Center when you
use setupmgr.exe, the Windows System Manager, from the Windows XP Professional
CDROM).

On the User Interaction Level page, the following five options are displa yed:
Provide Defaults. This setting causes default selections to appear to the end user as
the operating system installs itself on a workstation. The user can accept the default
answers or change any of the answers supplied by the script.
Fully Automated. A Fully Automated installation does not allow the user the chance
to review or change the answers supplied by the script.
Hide Pages. This setting causes default selections to be hidden. Pages for which the
script supplies all answers are hidden from the user.
Read Only. Pages for which the script supplies all answers are viewable by the user
but the user cannot change the answers.
GUI Attended. The text-mode portion of the installation is automated, but the user
must supply the answers for the GUI-mode portion of the installation.
We will choose FULLY AUTOMATED and continue.

On the Distribution Folder page you can create a distribution folder on your local
computer or network containing the required source files. You can add files to this
distribution folder to further customize your installation.
For this demonstration we will select, No This Answer File Will Be Used To Install
From A CD, and then click Next to continue.

On the License Agreement page you will need to select the checkbox to accept the
terms of the License Agreement in order to successfully continue.

The next page that comes up is the Customize the Software page. As you can see
here and in the left hand column, all of the prompts are exactly like the ones you
would expect to see during an attended install. You are answering them all here, just
once, for use each time in the future.
To view the next set of images, use the links below.

Screen 1
Screen 2
Screen 3
The last entry of the General Settings section is Providing the Product Key. Click here
to view the image.
During a fully automated install, you must supply a Product Key or you will receive
an error message.
If you were to use Provide Defaults or GUI Attended user interaction levels, you

would be allowed to leave this page blank. Also, if you provide a bogus key on the
Product Key page, the Wizard will continue, but, the fully automated install will halt
when it reaches this point, as the key is invalid.
The next page that is presented starts the Network Settings section of the answer
file. Click here to view the image.
The first entry is for Computer names. Here, you can enter as many different
workstation names and you want, import them from a text file, or allow the
installation program to auto generate names based on your organization name.
[NOTES FROM THE FIELD] - If multiple computer names were specified in the
computers to be installed section, the setup wizard c reates a *.UDB file. The
Uniqueness Database File (UDB) provides you the ability to specify individually
specific computer parameters automatically. The UDB modifies an answer file by
overriding values in the answer file, when you run Setup with the /udf:id[,UDB_file]
switch. The file overrides values in the answer file, and the identifier (id) determines
which values in the .udb file are used.
The Administrator Password page is next and has two options, (of which only the
second is available):
1) Prompt The User For An Administrative Password

2) Use The Following Administrative Password (127 Characters Maximum)
(Because we selected the User Interaction level of Fully Automated, the Prompt The
User For An Administrative Password option is grayed out).
Enter any password that you want. Click here to view the image.
There is also two other options on this page, to encrypt the Administrator's password
in the answer file and to have the Administrator log on automatically.
You can also set the number of times you want the Administrator to log on
automatically when the computer is restarted.
We will leave these blank continue from here. Click here to view the image.
The Networking Components page is where we can elect to keep the typical settings
or to choose to customize them. We will leave the default selection of Typical and
select NEXT to continue.
The final page of the Network Settings section is the Workgroup or Domain page.
Image
Here you can choose whether or not the answer file will put the newly installed
system into a workgroup or a domain. As with an attended install, if we elect to
choose a domain, we need may need to create a computer account in the domain if
this hasn't already been done.
We will be using the WORKGROUP option, so we will enter a name and continue.
(The WORKGROUP "workgroup" is supplied by default, just as DOMAIN in under the
Windows Server domain option)

The last a final phase of the process is the Advanced Settings section. Image
The first option is for the Telephony information.
Next is the Regional Setting section, which allows us to either use the default
regional settings for Windows XP Professional from the CDROM we're installing from
or to choose another. Image
We will keep the defaults as listed above and continue.
We are also given the option to add support for other languages. Image
In the Browser and Shell Settings section we can elect to use the default Internet
Explorer settings or use an auto configuration script created by the Internet Explorer
Administration Kit. Image
We could also set Proxy, Home page and other Browser settings at this time as well.
We will keep the defaults and continue.
[NOTES FROM THE FIELD] - The version of Internet Explorer that is deployed with
Windows XP Professional is 6. At the time of this writing, there is one security hotfix
that should be installed on systems that use Internet Explorer and that is
Q313675.exe.
The next option of the Advanced Settings section is the Installation Folder window.
Image
Here you can elect to install Windows XP Professional to one of three options as
listed, only the third being a variable of your choice.
[NOTES FROM THE FIELD] - While I cannot find the specific Q article at this time,
here is the Windows 2000 Professional article that outlines my next point. Other than
the above method of using the answer file, there is no way on a clean installation of
Windows XP Professional to choose the installation folder. The folder for Windows XP
Professional will always default t o \Windows. (DRIVE LETTER being the only variable
that you can set without the answer file.) Windows 2000 Professional installed to the
WINNT directory by default.
The next section allows you to automatically setup networked printers on the target
systems if you wish. Image
You can also configure run once commands to run the first time a user logs on.
Image
The last step in the Advanced Settings section is the Additional Commands option. It
allows you to add any commands you wish to run at the end of the unattended
installation before Setup restarts the system and runs Windows XP Pro fessional for
the first time. Image
The Windows Setup Manager then will create the answer file with the settings you
have provided with all of your previous entries to a place on the local system as a
text file. (The default location is the folder where the Setup Tools were extracted to.)

Click here for next image.
The unattend.bat file that was created from our input here is below.
@rem SetupMgrTag
@echo off
rem
rem This is a SAMPLE batch script generated by the Setup Manager Wizard.
rem If this script is moved from the location where it was generated, it may have to
be modified.
rem
set AnswerFile=.\unattend.txt
set SetupFiles=J:\i386
J:\i386\winnt32 /s:%SetupFiles% /unattend:%AnswerFile%
[NOTES FROM THE FIELD] - The path of J:\i386\winnt32 /s:%SetupFiles%

/unattend:%AnswerFile% is the default path to my CDROM drive on my system.
The unattend.txt file that was created from our input here is below.
;SetupMgrTag
[Data]
AutoPartition=1
MsDosInitiated="0"
UnattendedInstall="Yes"
[Unattended]
UnattendMode=FullUnattended
OemSkipEula=Yes
OemPreinstall=No
TargetPath=XPPRO

[GuiUnattended]
AdminPassword="RedSox:Rule"
EncryptedAdminPassword=NO
OEMSkipRegional=1
TimeZone=35
OemSkipWelcome=1
[UserData]
ProductID=XXXXX-XXXXX-XXXXX-XXXXX-XXXXX
FullName="Jason Zandri"
OrgName="Gunderville"
ComputerName=*
[Identification]
JoinWorkgroup=DRINKOFTEN
[Networking]
InstallDefaultComponents=Yes
[NOTES FROM THE FIELD] - Because we didn't choose the option to encrypt the
Administrator password earlier on the Administrator Password page of the Network
settings section, anyone that has access to read the unattend.txt can see what the
default administrator password for an installation is. This can be a serious issue in
large environments where the passwords are not reset on a regular basis.
If encryption were selected the entry in the [GuiUnattended] section would look like
this.
[GuiUnattended]
AdminPassword=
f8a2b8ccdf88c616332ed3251640d370c1d991ef0f617f3e7879bc923d175c5a
EncryptedAdminPassword=Yes
Well, that's a wrap for this week.

RIS Installations of Windows XP Professional
In order to install Windows XP Professional using the Remote Installation Service,

you must install the RIS on a Windows 2000 server (either Server, Advanced Server
or Datacenter) using the Remote Installation Services Setup Wizard. The server can
be a member server or a domain controller, it doesn't make a difference, however,
what must be present on the network in order to use RIS are the following services:
RIS relies on the DNS service for locating both the directory service and client
DNS
computer accounts.
DHCP The DHCP service is required so that client computers that can receive an IP address.
Active
RIS relies on the Active Directory service in for locating the RIS servers.
Directory
The shared volume where the RIS data is installed cannot be on the same drive that
is running Windows 2000 Server. The volume must be large enough to hold the RIS
software and the various Windows XP Professional images that are installed and that
volume must be formatted with the NTFS 5 file system.
You begin the RIS server setup by logging on to the server with an account that has
administrative permissions, and go to the Control Panel and select Add/Remove
Programs. From here you will need to choose Add/Remove Windows Components
and make sure that you have either the Windows I386 directory available for the
installation or the Windows 2000 Server CDROM.
In the Add/Remove Windows Components window, select Remote Installation

Services.

From this point, the remainder of the installation is automatic. (If the I386 source
files cannot be found the system will prompt you to locate them.)
When the installation is completed, you'll need to restart your server to configure
your RIS services.
You need to go back into the Control Panel and choose Add/Remove Windows
Components again in order to start the configuration. (You can also type RIsetup
from the run line or a command prompt as well.)
Click on Configure to begin. This will launch the Welcome to the Remote Installation
Services Setup Wizard, as shown below. (The window below is the first thing you will
see if you choose to type RIsetup from the run line or a command prompt.)

Once you continue you will be prompted with the default Remote Installation folder
location of D:\RemoteIstall. You can elect to keep the default path or browse to a
new location.
The volume you opt to use must be large enough to hold the RIS software and the
various Windows XP Professional images that will be installed and the volume must
be formatted with the NTFS 5 file system.

By default, Remote Installat ion Services servers do not respond to requests for
service from client computers. There are two settings available to use on the server.
If you select the Respond to clients requesting service option, Remote Installation
Services is enabled and will respond to client computers requesting service.
Additionally, if you select the Do not respond to unknown client computers option,
Remote Installation Services will respond only to known (prestaged) client
computers.
You will also need to provide a name for the Windows installation image folder, as
well as a friendly description for each image you install on the RIS server.

The last step the wizard performs is actually a series of events, as outlined in the
image above. Once the final step is completed, the setup wizard starts the required
services for RIS to run. The server is complete at this point and will service client
requests for CD-based installs.
Additional details of RIS configuration and administration from this point forward
actually goes beyond the scope of what is required for installing Windows XP

Professional CD-based installs via RIS. For additional information on RIS for Windows
XP Professional, you can visit the Microsoft Website
Client computers that support remote installation must either meet the Net PC
specification (which is, effectively, a system which can perform a network boot) or
have a network adapter card with a PXE boot ROM and BIOS support for starting
from the PXE boot ROM.
Some client computers that have certain supported PCI network adapter cards can
use the remote installation boot disk as well.
This support is somewhat limited and can only be used with certain motherboards, as
the BIOS settings for booting the system from the network needs to be configurable.
The RIS service provides the Windows 2000 Remote Boot Disk Generator if your
system does support starting from the PXE boot ROM. You can create a Remote Boot
Disk by typing <DRIVE LETTER> RemoteInst \Admin\i386\rbfg in the RUN box or at a
command prompt. (The drive letter is the drive where you installed the RIS services
and will vary from server to server).
The boot disk simulates the PXE boot process on your system when your network
card does not have the required PXE boot ROM for a RIS installation. (Again, only a
small number of PCI network cards currently support using the Remote Boot Disk.
This includes mainly 3COM and a small cross section of other major vendors.)
The user account used to perform a RIS installation must be assigned the user right
of Log On as a Batch Job. The users must also be assigned permission to create
computer accounts in the domain they are joining if this has not been done ahead of
time. There are other factors as well, such as prestaging a client. For the purposes of
this overview, we will go through a "plain vanilla" RIS installation from a boot floppy.
When the client system starts from the boot floppy you would press F12 when
prompted to boot from the network.
The Client Installation Wizard will start and you will need to supply a valid user name
and password for the domain you're joining as well as the DNS name of the domain.
Once this is done you can press Enter to continue.

You are then given the option of performing an Automatic Setup, Custom Setup, or
to Restart a Previous Setup Attempt, or use the Maintenance and Troubleshooting
Tools installed on the RIS server. You would choose one of the options and then
press Enter.
The next screen will show a number of RIS images (including the default CD-based
image) that you can use. (The number will depend on what has been placed on t he
server by the administrator and whether or not you have the proper access
permission to read them.) Choose an image and then press Enter.
You will be presented with one last opportunity to verify that the settings are correct.
Once you're sure that they are, you would press Enter to begin the RIS installation.
When it is complete, Windows XP Professional will be deployed to the client system
and available for use upon restart.
Well, that's a wrap for this week.
Best of luck in your studies and please feel free to contact me with any questions on
my column and remember,
If you allow a bad guy to upload programs to your Web site, it's not your Web site
anymore.

Troubleshooting the Windows XP Professional Setup
This article covers Troubleshooting the Windows XP Professional Setup.
Troubleshooting the Windows XP Professional Setup

Usually when you are going about your Windows XP Professional installation, you will
not run into any issues, particularly if you are sure that the installed system
hardware meets the minimum Windows XP Professional hardware requirements by
verifying all of the hardware is on the Hardware Compatibility List (HCL) at the
Microsoft website.
Windows XP Professional supports only the devices listed in the HCL. If your
hardware isn't listed, contact the hardware manufacturer and request a Windows XP
Professional driver or replace the hardware to avoid potential issues.
Support means that while the operating system may load and run on unsupported
hardware and software, any issues that come up with the system will not be covered
(i.e. supported) by Microsoft Technical Support if you should need to engage them.
If this has been done beforehand and issues do arise, there are a couple of
"textbook" events that can be looked at first that will cover some of the more
common problems you might encounter during installation and these will generally
be what is at issue most of the time.
Common installation problems and Troubleshooting Tips

Media errors - When you are installing Windows XP Professional from a CD-ROM
and run into problems, the quickest way to try to resolve the issue is to use a
different CD-ROM. Even if the CD-ROM you are using has worked a dozen times
before, the drive it is in at the time of the error may have trouble reading it or the
disk itself may have been newly damaged by a fall or some other issue. You can
attempt to clean a finger print laced CD-ROM as a troubleshoot point as well. If you
should need to request a replacement CD-ROM, you can contact Microsoft or your
point of purchase.
You can also try using a different computer and CD-ROM drive. If you can read the
CD-ROM on a different computer, you can perform an over-the-network installation if
that option is available to you.
If one of your Setup disks is not working, download a different set of Setup disks.
(The ability to directly create setup floppies has been dropped from Windows XP.
Setup boot disks are available only by download from Microsoft. The Setup boot
disks are available so that you can run Setup on computers that do not support a
bootable CD-ROM. There are six Windows XP Setup boot floppy disks. These disks
contain the files and drivers that are required to access the CD-ROM drive through
generic PCI drivers and begin the Setup process.
You may also find that the Windows XP Professional setup program is unable to copy
files from the CD-ROM. In this event, it may be possible to either replace the drive
with a supported drive (as this is usually the issue) or you can attempt your
installation via a different method such as installing over the network (as mentioned
above) or by copying the files to the local drive first, outside of the installation
program, as sometimes the copy failure only crops up after the Windows XP

Professional setup program is running.
Insufficient disk space errors - The current minimum hardware requirements for
Windows XP Professional at the time of this writing is as follows:
 300MHZ or higher processor clock speed recommended (233 MHz minimum

required, can be single or dual processor system) Intel Pentium/Celeron
family, or AMD K6/Athlon/Duron family, or compatible processor
recommended
 128MB of RAM or higher recommended (64MB minimum supported; may limit
performance and some features)
 1.5GB of available hard disk space
 Super VGA (800 × 600) or higher-resolution video adapter and monitor
 CD-ROM or DVD drive
 Keyboard and Microsoft Mouse or compatible pointing device
If you do not have 1.5GB of available hard disk space on a single partition, you will
not be able to complete the installation in most cases.
You can use the setup program to create additional partitions that are large enough
for the installation if there is enough space on the drive or you can elect to delete
existing data on the current partition to make enough room for the installation.
Troubleshooting using Setup Logs

Windows XP Professional generates a number of log files during the setup routine
that contain information that was logged during installation that will assist you when
you are attempting to resolve problems that may have occurred during the setup.
[NOTES FROM THE FIELD] - For the purpose of the Windows XP Exam you need
not remember the exact contents of these files, they are supplied here so that you
can get an overview of what would be in them commonly.
Error codes are often cryptic, whether in a log file or the system event viewer but
taking the time to understand what error has occurred and why, will help you bet ter
understand and troubleshoot the system.
The list below outlines the purpose of each file, and also a portion of the file contents
for you to examine.
Action Log (SETUPACT.LOG) - The action log records the actions that the Setup
program performs in chronological order and is saved as SETUPACT.LOG. Click here
for the sample log.
The setup log that I have available from my system is 165KB in size and too large to
post here in its entirety, but I have cut a few sections out so that you can see what
some of the entries look like.
(The SETUPACT.LOG can be found in the \Windows directory in a default Windows XP

Professional installation)
As I mentioned before, the log file is much larger and has a lot more to it, but this
cross section gives you an idea of what is there.

Error Log (SETUPERR.LOG) - The error log shows any errors that occurred during
setup and their severity level. If errors do occur, the log viewer displays the error log
at the end of setup.
(The SETUPERR.LOG can be found in the <DRIVE LETTER>\Windows directory in a

default Windows XP Professional installation)
The log will be created even if no errors occur. (I do not have anything available to
show you from the error log as mine is empty. Sorry.)
Setup also creates a number of additional logs during setup.
<DRIVE LETTER>\Windows\comsetup.log - Outlines installation for Optional

Component Manager and COM+ components. A subsection of mine is here.
<DRIVE LETTER>\Windows\setupapi.log - Receives an entry each time a line

from an .inf file is implemented. If an error occurs, this log describes the failure. A
subsection of mine is here. (The full size was 245KB)
<DRIVE LETTER>\Windows\de bug\NetSetup. log - Logs activity when

computers join domains or workgroups. (This entire log was only 7KB, so I copied all
of it). Click here for the sample log.
<DRIVE LETTER>\Windows\repair\setup.log - Provides information that is

used by the Recovery Console. A subsection of mine is below. (The full size was
204KB)
[Paths]
TargetDirectory = "\WINDOWS"
TargetDevice = "\Device\Harddisk0\Partition3"
SystemPartitionDirectory = "\"
SystemPartition = "\Device\Harddisk0\Partition1"
[Signature]
Version = "WinNt5.1"
[Files.SystemPartition]
NTDETECT.COM = "NTDETECT.COM","b28f "
ntldr = "ntldr","3a7b2"
[Files.WinNt]
\WINDOWS\system32\drivers\kbdclass.sys = "kbdclass.sys","e756"
\WINDOWS\system32\drivers\mouclass.sys = "mouclass.sys","8cd9"
\WINDOWS\system32\drivers\usbuhci.sys = "usbuhci.sys","11ded"
\WINDOWS\system32\drivers\usbport.sys = "usbport.sys","22ffd"
\WINDOWS\system32\drivers\usbd.sys = "usbd.sys","40af "
\WINDOWS\system32\drivers\hidparse.sys = "hidparse.sys","acd7"
\WINDOWS\system32\drivers\hidclass.sys = "hidclass.sys","88de"
\WINDOWS\system32\drivers\usbhub.sys = "usbhub.sys","ee45"
\WINDOWS\system32\drivers\intelide.sys = "intelide.sys","dec0"
\WINDOWS\system32\drivers\pci.sys = "pci.sys","1a257"
\WINDOWS\system32\drivers\oprghdlr.sys = "oprghdlr.sys","b001"
(The whole remainder of the file looked as it does above, detailing drivers and path
information for the whole system).

Disk Management in Windows XP Professional
This article will cover Disk Management tools that are available in Windows XP
Professional.
Using Disk Management tools in Windows XP Professional
In Microsoft Windows XP Professional, you can perform most disk administrative

tasks, both local and remote, by using the Microsoft Management Console (MMC)
snap-in tool called Disk Management.
A command-line tool, DiskPart, is also available in Windows XP Professional which

allows the administrator to handle disk administrative tasks from a command
prompt.
You can use both tools to convert disks, as well as format current partitions and
unallocated space. You can also check on the status of fixed and removable disks
and their associated properties.
Disk Management
Normally, you will need to be a local administrator to perform most system
configuration functions (even just taking a look at the current configuration settings)
on a Windows XP Professional system, and in some cases, there may be a local
policy set by some other administrator or if your system is in a Domain, a Domain
policy setting which may prevent you from performing some actions.
To open the Disk Management MMC, you can select Start, right -click My Computer,
and then click Manage, which will open the Computer Management MMC. Under the
Storage icon, click Disk Management to open the Disk Management MMC.

You can also type compmgmt.msc in the RUN box or from a command line to launch
the Computer Management MMC.
Click here for the next image.
[NOTES FROM THE FIELD] - What your Start Menu options look like all depend on
how you have the menu set. If you are using the Classic Start Menu, you would not
see My Computer as a selection to right click on. Your options would be to click Start,
select Administrative Tools and then select Computer Management. Not a whole lot
different, but perhaps just enough to confuse you.

The Windows XP Professional exam rarely tests you on Classic anything. You need to
know how to get from Windows XP Professional settings to Classic and back, but in
90% of the cases you're going to find instructions laid out in the Windows XP
Professional vein. I will do my best to point out alternatives in the [NOTES FROM
THE FIELD] section as I have done here.
If you want to directly open the Disk Management MMC you can type diskmgmt.msc
from the RUN box or from a command line. This will run the tool independently from
Click here for the next image.
As you can see from the image above, we have a number of basic physical and
logical drives on the system, as well as two CD-ROM drives (not shown in the above
image).
If there were removable drives on this system, such as Jaz or ORB drives and the
like, they would appear here as well. The removable drives, as well as the CD-ROM
drives, will either show "no media" when they are empty (or some error is
preventing them from seeing inserted media) or the file system of the installed
media.
(When I inserted a CD-ROM in my DVD drive, the Disk Management MMC

automatically detected the change, refreshed it's view, and displayed the data. The
Compact Disk File System (CDFS) is file system of the inserted disk and is
displayed.)

When you select a drive in the upper window (which is currently set to the default
Volume List View) by left clicking on it once, not only will it become highlighted (in
blue), but it will also become shaded in the lower part of the window (which is
currently set to the default Graphical List View).
You can change the appearance of both the top and bottom window views by
selecting VIEW from the menu and then selecting whichever (or both) views you
wish to change. Top and Bottom, along with Settings and Drive Paths are controlled
here.
You can change the colors and wallpaper for volumes and disk regions by selecting
VIEW and then SETTINGS. The APPEARANCE tab shows all of the current default
colors for the available disk regions. Even disk regions that are not currently installed
on the system are set with specific colors by default.

You can change how disk sizes are displayed on the SCALING tab. The default
settings are shown below.

That's the five cent tour of the Disk Management MMC.
DiskPart
The command line tool, DiskPart, is available in Windows XP Professional, which
allows the administrator to handle disk administrative tasks from a command
prompt.
You start your session at the command prompt by typing the following:
H:\Documents and Settings\JZANDRI>diskpa rt
Microsoft DiskPart version 1.0

Copyright (C) 1999-2001 Microsoft Corporation.
On computer: P42GHZ
DISKPART>
This will put you into the DiskPart program session. If you needed to get a little more
information on DiskPart before starting your session and tried the standard
:\diskpart /?, this is all you would get:
H:\Documents and Settings\JZANDRI>diskpa rt /?


On computer: P42GHZ
Microsoft DiskPart syntax:

diskpart [/s <script>] [/?]
/s <script> - Use a DiskPart script.

/? - Show this help screen.
However, if you started the program and then typed HELP, you'd get much more
information:
H:\Documents and Settings\JZANDRI>diskpa rt

On computer: P42GHZ
DISKPART> help
ADD - Add a mirror to a simple volume.

ACTIVE - Activates the current basic partition.
ASSIGN - Assign a drive letter or mount point to the selected volume.
BREAK - Break a mirror set.
CLEAN - Clear the configuration information, or all information, off the disk.
CONVERT - Converts between different disk formats.
CREATE - Create a volume or partition.
DELETE - Delete an object.
DETAIL - Provide details about an object.
EXIT - Exit DiskPart
EXTEND - Extend a volume.
HELP - Prints a list of commands.
IMPORT - Imports a disk group.
LIST - Prints out a list of objects.
ONLINE - Online a disk that is currently marked as offline.
REM - Does nothing. Used to comment scripts.
REMOVE - Remove a drive letter or mount point assignment.
RESCAN - Rescan the computer looking for disks and volumes.
RETAIN - Place a retainer partition under a simple volume.
SELECT - Move the focus to an object.
DISKPART>
For the most part, this command line tool is highly effective when you are using any
of the above commands via scripting. The only other time it is easy / necessary to
use it, is from the Recovery Console, as it is one of the commands that are available
from it.
[NOTES FROM THE FIELD] - Do not modify the structure of dynamic disks with the
DiskPart command line tool because you might damage your partition table within

the dynamic disk structure.
To exit the DiskPart program simply type EXIT at the program prompt.
The Diskpart Command Line Utility is available for download from Microsoft for
Windows 2000 and it is part of the Windows 2000 Resource Kit Tools as well. (It is
included as part of Windows XP Professional.) As with any software available for use
from any version of the Resource Kits or the download site, it is not supported under
any Microsoft standard support program or service. You use it at your own peril.

Using the Disk Management tool in Windows XP Professional
This article will cover using the Disk Management tool in Windows XP Professional.
The emphasis of this first part will be on the different disk types in a Windows XP
Professional system.
Using Disk Management tools in Windows XP Professional
In Microsoft Windows XP Professional, you can perform most disk administrative

tasks, both local and remote, by using the Microsoft Management Console (MMC)
snap-in tool called Disk Management, which can be used to convert disks, as well as
format current partitions and unallocated space. You can also check on the status of
fixed and removable disks and their associated properties.
Using the Disk Management tool

Just as a quick review from last week, you would normally need to be a local
administrator to perform most system configuration functions (even just taking a
look at the current configuration settings) on a Windows XP Professional system, and
in some cases, there may be a local policy set by some other administrator or if your
system is in a Domain, a Domain policy setting which may prevent you from
performing some actions.
To open the Disk Management MMC, you can select Start, right -click My Computer,
and then click Manage, which will open the Computer Management MMC. Under the
Storage icon, click Disk Management to open the Disk Management MMC.

how you have the menu set. If you are using the Classic Start Menu, you w ould not
I seem to continually repeat this from article to article, but it is important to stress,
the Windows XP Professional exam rarely tests you on Classic anything. You need to
If you want to directly open the Disk Management MMC you can type diskmgmt.msc
from the RUN box or from a command line. This will run the tool independently from
Disk Management, which was introduced in the Windows 2000 line of NT -based
Windows operating systems, replaces the Disk Administrator utility found in Windows
NT 4.0.
There are two different types of disk storage in Windows 2000 and Windows XP
Professional: basic disks and dynamic disks.
Basic Disks
The number of partitions you can create on a basic disk depends on the disk's
partition style.
On master boot record (MBR) disks, you can create up to four primary pa rtitions, or
you can create up to three primary partitions and one extended partition. Within the
extended partition, you can create an unlimited number of logical drives.
[NOTES FROM THE FIELD] - You used to be limited to the number of logical drives
that could be created on a system by the number of remaining drive letters that
were available to assign to the formatted partitions. With volume mount points this is

no longer the case.
On GUID partition table (GPT) disks, you can create up to 128 primary partitions.
Because GPT disks do not limit you to four partitions, you do not need to create
extended partitions or logical drives.
[NOTES FROM THE FIELD] - The GUID partition table (GPT) disk-partitioning
scheme is a format that is used by the Extensible Firmware Interface (EFI) in
Itanium-based computers. GUID partition table offers more advantages than master
boot record (MBR) partitioning because it allows up to 128 partitions per disk,
provides support for volumes up to 18 exabytes in size, allows primary and backup
partition tables for redundancy, and supports unique disk and partition IDs.
A primary partition of a basic disk is a portion of the physical disk that functions as
though it were a physically separate disk. On most Intel based systems this partition
is the one that is marked as active which allows the computer to start up. You can
create up to four primary partitions (sometimes called volumes) on a single disk or
three primary partitions and an extended partition with multiple logical drives.
Extended partitions allow you to create more than four individual volumes on a basic
disk. Unlike primary partitions, you do not format an extended partition with a file
system and then assign a drive letter to it. Instead, you create one or more logical
drives within the extended partition. It's the logical drive of the extended partition
that you format and assign a drive letter to. You can create an unlimit ed number of
logical drives per disk.
[NOTES FROM THE FIELD] - Volume mount points allow a volume to be mounted
on an existing folder rather than at the root of a new drive letter. Establishing a
volume mount point for an empty NTFS directory allows an administrator to create
new volumes without requiring additional drive letters.
Some of the properties and characteristics of basic disks are outlined below.
 Create and delete primary and extended partitions.

 Create and delete logical drives within an extended partition.
 Format a partition and mark it as active.
 Establish drive letter assignments for volumes or partitions, optical storage
devices and removable drives.
 Establish disk sharing and security arrangements for volumes and partitions
formatted with NTFS.
 Convert a basic disk to dynamic.
Convert a basic disk to dynamic
In order to convert a basic disk to dynamic you would start the Disk Management
tool and Right-click the basic disk you want to convert, click Convert to Dynamic
Disk.
You can upgrade a disk from basic storage to dynamic storage at any time without
loss of data in much the same way that you might run the CONVERT command line
utility to change a FAT or FAT32 partition to NTFS without losing any data. Along the
same lines, all data on a dynamic disk will be lost when you convert it to a basic disk
just as you would going from NTFS "back" to FAT or FAT32.

In order to convert a basic disk to a dynamic disk there needs to be 1 MB of free disk
space for the upgrade to succeed. T his 1 MB of free disk space is needed to hold the
configuration data for the dynamic disk structure.
Converting basic disks to dynamic disks produces the following results.
Basic disk organization Dynamic disk organization

System partition Simple Volume
Boot partition Simple Volume
Primary partition Simple Volume
Extended partition Simple volume for each logical drive and any remaining unallocated space
Logical drive Simple Volume
Volume set Spanned Volume
Stripe set Striped Volume
There is a very good article on the Microsoft Web site entitled Description of Disk
Groups in Windows Disk Management (Q222189). While it is based off of the
Windows 2000 line of operat ing systems it is still for the most part pertinent and a
good read.
Dynamic Disks
The dynamic disk format can be accessed only by Windows 2000 and Windows XP
Professional operating systems.
You convert basic disks to dynamic by using the Disk Manage ment snap-in or the
DiskPart command line utility. When you convert a basic disk to dynamic, all existing
basic volumes become dynamic volumes.
Dynamic disks provide features that basic disks do not, such as the ability to create
volumes that span multiple disks (spanned and striped volumes), and the ability to
create fault-tolerant volumes (mirrored and RAID-5 volumes).
[NOTES FROM THE FIELD] - Windows 2000 Servers and the up and coming .NET
server line provide fault tolerance on dynamic disks in the f orm of software based
(operating system) disk mirroring (RAID-1) or striping with parity (RAID-5).
Windows XP Professional does not provide fault tolerance.
Hardware devices that support fault tolerance, such as RAID controllers, can make a
Windows XP Professional fault tolerant, but it is this third party hardware solution
that is providing the fault tolerance, not the Windows XP Professional operating
system.
Windows XP Professional supports dividing dynamic disks into volumes, which can
consist of a portion, or portions, of one or more physical disks.
There are five types of dynamic volumes: simple, spanned, striped, disk mirroring

(RAID-1) and striping with parity (RAID-5). Mirrored and RAID-5 volumes are fault
tolerant and are available only on computers running the Windows 2000 Server
family of operating systems.
When you have converted a basic disk to dynamic storage, you can create Windows
XP Professional volumes, of which there are three different types that can be utilized
on the local system:
Simple volumes. All of the disk space from a single disk is used and it is not fault
tolerant.
Spanned volumes. Includes disk space from multiple disks up to a total of 32. Data is
written to a spanned volume on the first disk, completely filling the space, and
continues to the next until it is full and then the next, and so on, through each disk
that you include in the spanned volume. These volumes are not fault tolerant either.
If any one single disk in the whole entire spanned volume fails, all the data in the
entire volume is lost.
Striped volumes. Combines areas of free space from multiple hard disks (up to 32)
into one logical volume. In a striped volume, Windows XP Professional optimizes
performance by adding data to all disks at the same t ime in succession, a direct
contrast to spanned volumes. If any one single disk in the whole entire striped
volume fails, all the data in the entire volume is lost.
Some of the properties and characteristics of dynamic storage are outlined below.
 Extend a simple or spanned volume.

 Reactivate a missing or offline disk.
 Check disk properties, such as capacity, available free space, and current
status.
 View volume and partition properties such as size, drive letter assignment,
label, type, and file system.
 Establish drive letter assignments for volumes or partitions, optical storage
devices removable drives.
 Establish disk sharing and security arrangements for volumes and partitions
formatted with NTFS.
[NOTES FROM THE FIELD] - Do not modify the struc ture of dynamic disks with the
DiskPart command line tool because you might damage your partition table within
the dynamic disk structure.
Storage Types Partition Styles

Dynamic simple,
Basic
Operating System spanned, and stripped MBR Disks GPT Disks
Volumes
volumes
Windows XP Home Edition YES NO YES NO
Windows XP Professional YES YES YES NO
Windows 2000 Server YES YES YES NO
Windows 2000 Advanced
YES YES YES NO
Server

Windows 2000 Datacenter

YES YES YES NO
Server
Windows XP 64-Bit Edition YES YES YES YES
Dynamic Disk Limitations
Just like anything else, with certain advances there are certain limitations and
drawbacks.
 Laptop Limitation. Dynamic disks are not supported on laptops, removable disks,
such as Jaz or ORB drives, detachable disks that use Universal Serial Bus (USB) or
IEEE 1394 (FireWire) interfaces, or on drives connected to a shared SCSI bus. On
laptops you do not even see the option to convert basic disks to dynamic within the
Disk Management tool.
 Multi-boot considerations. Dynamic volumes cannot be accessed by MS-DOS,
Windows 95, Windows 98, Windows Millennium Edition, Windows NT 4.0, or Windows
XP Home Edition operating systems that are dual-booted with Windows XP
Professional. If you want computers running these operating systems to be able to
access the data, you need to store the data on basic volumes.
 Extending Volumes. When basic volumes are converted to dynamic they may or
may not have an entry in the partition table depending on whether that volume was
a system or boot partition. If the volume that was converted was originally a system
or boot partition it retains its old entry in the partition table. You can install Windows
XP Professional on that volume, however, you will be unable to extend it. If the
converted volume was not originally a system or boot volume it will not have the old
partition table entry. You won't be able to install Windows XP Professional on the
volume, but it will be possible to extend it.
Volumes converted from partitions on Windows 2000 systems have an entry in the
partition table. On Windows XP Professional systems, volumes converted from
partitions do not have an entry in the partition table unless the partitions were
originally system or boot partitions. You can see if a volume has an entry in the
partition table by right-clicking the volume in within the Disk Management tool. If the
Extend Volume option is disabled, the volume has an old entry in the partition table.
"Absolute anonymity isn't practical, or possible, in real life or on the internet."

Windows XP Professional File Systems Overview
With this article I will begin focusing on the next section of material which centers on
Implementing and Conducting Administration of Resources on Windows XP
Professional, this one covering Windows XP Professional file systems.
File System Overview
To have a good understanding of how and why you can set up or deny access to data
on a Windows XP Professional system, you need to have an underlying
understanding of any native file security that may or may not be in place.
One place to start would be the file system the operating system is utilizing.
Windows XP Professional supports the three major computer files systems of File
Allocation Table (commonly known as FAT or FAT16), FAT32 and NTFS.
FAT16
File Allocation Table (commonly known as FAT or FAT16) is supported by Windows

XP Professional, all Windows operating systems, DOS, as well as a host of other non-
Microsoft OSes.
FAT is allocated in clusters, the size of which are determined by the size of the
partition. The larger the partition, the larger the clust er size. The larger the cluster
size, the more space is "required" when using it to store data.
FAT file system cluster sizes

Partition Size Cluster Size FAT Type
0M to less than 16MB 4,096 bytes 12-bit
16M through 128MB 2,048 bytes 16-bit
128 through 256MB 4,096 bytes 16-bit
256 through 512MB 8,192 bytes 16-bit
512 through 1,024MB 16,384 bytes 16-bit
1,024 through 2,048MB 32,768 bytes 16-bit
As you can see, with a 2GB partition size, (the maximum allowed under FAT16 in
most cases) if you were to save 50 different files, all 1024 bytes (1KB) in actual size
(or to have 50 fractions of larger files "fall over" to the next cluster by that same
amount), the amount of hard drive space used up would be 1,638,400 bytes (a little
over 1 MB), for 51,200 bytes of actual data.
You can obviously see that this is a serious problem when there are thousands of
small *.DLLs and other types of small files.
Also, with the advent of super-inexpensive hard drives that are 80GB in size, you can
see where using FAT would be an issue as well.

In summary, there are "advantages" for using the FAT file system on a Windows XP
Professional installation:
MS-DOS, Windows 95, Windows 98, Windows NT, Windows 2000, and some UNIX
operating systems can use FAT16. If there is some reason to dual boot the system,
FAT16 allows you the greatest number of options.
There are many software tools that can address problems and recover data on FAT16
volumes.
If you have a startup failure, you can start the computer by using a bootable floppy
disk to troubleshoot the problem.
FAT16 is efficient, in speed and storage, on volumes smaller than 256 MB.
(Those 50 files I mentioned above, all 1024 bytes (1KB) in actual size, would use up
"only" 409,600 bytes on a 400MB partition formatted with FAT16 and "only" 204,800
bytes on a 250MB partition.)
There are also some FAT16 disadvantages as well:
The root folder (usually the C:\ drive) has a limit of 512 entries. The use of long file
names can significantly reduce the number of available entries.
FAT16 is limited to 65,536 clusters, but because certain clusters are reserved, it has
a practical limit of 65,524. The largest FAT16 volume on Windows 2000 and Windows
XP Professional is limited to 4 GB and uses a cluster size of 64 KB. To maintain
compatibility with MS-DOS, Windows 95, and Windows 98, a volume cannot be
larger than 2 GB. (Those 50 files I mentioned above, all 1024 bytes (1KB) in actual
size, would use up 3,276,200 bytes of hard drive space to store 51,200 bytes of
actual data on a 4 GB FAT16 partition used in this scenario.)
FAT16 is inefficient on larger volume sizes, as the size of the cluster increases. We
have seen this in the examples above.
The boot sector is not backed up on FAT16 partitions. Because FAT16 does not
include a backup copy of critical data structures they are susceptible to single point
of failure issues, more so than other file systems.
There is no native file level security, compression or encryption available in the

FAT16 file system.
Below is a table of Microsoft Operating systems and which file systems they can
natively access.
Supports Supports NTFS Supports NTFS Max

Operating System
NTFS FAT32 FAT Partition
Windows XP Professional Yes Yes Yes 4GB
Windows XP Home Yes Yes Yes 4GB
Windows 2000 Professional Yes Yes Yes 4GB
Windows Millennium Edition No Yes Yes 2GB

Windows 98 and Second

No Yes Yes 2GB
Edition
Windows 95 OSR2 and
No Yes Yes 2GB
OSR2.5
Windows NT4 Workstation Yes No Yes 4GB
Windows 95 Gold (Original
No No Yes 2GB
Release)
Windows NT3.5x Workstation Yes No Yes 4GB
MS-DOS (versions 3.3 and
No No Yes *See below
higher)
[NOTES FROM THE FIELD] - There is no test requirement to memorize these

tables, but it's good to understand the "how and why" of it. Also, it is never a "best
practice" to dual boot any workstation or server that has sensitive data on it with any
file system installed that cannot secure those files or any operating system that
threatens that security.
The maximum FAT partition that can be created and accessed by the operating
systems listed above is 2GB in most cases. 4GB FAT partitions can be created and
properly accessed only under those operating systems specifically listed above. A
dual boot NT family of operating system can create a 4GB FAT partition and a lower
level OS such as Windows 98 may be able to see data on it, however, issues will
arise when data access is attempted above the 2GB threshold that the OS normally
uses.
For more information on the Maximum Partition Size Using the FAT16 File System in
Windows XP, you can look up Q310561 at the Microsoft PSS webpage.
The "OSR" in "Windows 95 OSR2 and OSR2.5" stands for OEM Service Release.
The "OEM" in "OEM Service Release" stands for Original Equipment Manufacturer.
For more information on Accessing FAT16 Drives Larger Than 2 GB, or Maximum
Partition Size Using FAT16 File System, feel free to follow the links I have provided to
the Microsoft web site.
* There are some exceptions, but for the most part, DOS 3.3 and higher can access
up to 2GB of single partition space, as outlined in Q67321 at the Microsoft PSS
webpage. The MS-DOS Partitioning Summary (Q69912) names some exceptions and
points out the fact that some earlier versions didn't support many of today's FAT16
standards.
The maximum single file size on a FAT16 partition is 2 GB, regardless of the fact that
some OSes can have a 4GB partition.
FAT32
FAT32 is supported by Windows XP Professional, as well as a number of the newer

Microsoft Operating systems. FAT32 was first introduced with Microsoft Windows 95
OSR2 and the major differences between FAT and FAT32 are volume and cluster

sizes for the most part and the fact that only Microsoft Operating systems can
natively access FAT32 and these are a reduced number from FAT16.
The FAT32 file system can support drives up to 2 terabytes in size (in theory) and
because it uses space more efficiently, FAT32 uses smaller clusters (that is, 4,096
byte clusters for drives up to 8 GB in size), resulting in more efficient use of disk
space relative to large FAT16 drives.
FAT32 file system cluster sizes

Partition Size Cluster Size
0M to less than 260MB 512 bytes
260MB through 8GB 4,096 bytes
8GB through 16GB 8,192 bytes
16GB through 32GB 16,384 bytes
32GB through 2TB 32,768 bytes
The 50 files I mentioned in the FAT16 section, all 1024 bytes (1KB) in actual size,
would use up only 409,600 bytes on a 16GB partition formatted with FAT16 and only
204,800 bytes on a 8GB partition. As you can see however, we are now running into
the issue with FAT32 drives with 80GB and 100GB partitions that we did a few years
ago under FAT16, wasted space. Those same 50 files would use 819,200 bytes on
either of the two large drives I mentioned. There's a Windows 2000 Professional and
XP Professional catch, however.
While the FAT32 file system can support drives up to a standard theoretical size of 2
terabytes, (it "can" be jury-rigged under Windows Millennium Edition to support
partitions of up to 8 TB). Windows 2000 Professional and XP Professional cannot
FORMAT a volume larger than 32 GB in size using their native FAT32 file system.
The FastFAT driver can mount and support volumes larger than 32 GB that use the
FAT32 file system, such as those created locally by Windows 98 or ME in dual boot
configuration, (subject to other limits listed here for Windows 98, ME and 2000 and
here for Windows XP), but you cannot CREATE one using the Format tool from within
either Windows 2000 Professional or XP Professional. If you attempt to format a
FAT32 partition larger than 32 GB, the format fails near the end of the process with
the following error message: Logical Disk Manager: Volume size too big.
In summary, the advantages of the FAT32 file system are:
FAT32 allocates disk space much more efficiently than FAT16.
The root folder on a FAT32 drive is not restricted in the number of entries in the root
folder as was FAT16.
FAT32 is a more robust file system than FAT16 was. FAT32 has the ability to relocate
the root directory and use the backup copy of the FAT instead of the default copy. In
addition, the boot record on FAT32 drives has been expanded to include a bac kup of
critical data structures. This means that FAT32 volumes are less susceptible to a
single point of failure than FAT16 volumes.

Just as there were disadvantages to the FAT16 file system, so there are in FAT32 as
well:
FAT32 volumes are not accessible from any other operating systems other than
certain Microsoft ones.
FAT32 partition sizes are limited to 32GB in size using the native FAT32 file system
format tools under Windows 2000 and Windows XP. (The maximum size is 127.5 GB
practical and 2TB standard theoretical.)
There is no native file level security, compression or encryption available in the

FAT32 file system.
Below is a table of Microsoft Operating systems which support native access to the
FAT32 file system.
Operating System Supports FAT32

Windows XP Professional Yes
Windows XP Home Yes
Windows Millennium Edition Yes
Windows 98 and Second Edition Yes
Windows 95 OSR2 and OSR2.5 Yes
Windows NT4 Workstation No
Windows 95 Gold (Original Release) No
Windows NT3.5x Workstation No
MS-DOS (versions 3.3 and higher) No
[NOTES FROM THE FIELD] - There is no test requirement to memorize the FAT32
tables either, but again, it's good to understand the "how and why" of it. Also, it is
never a "best practice" to dual boot any workstation or server that has sensitive data
on it with any file system installed that cannot secure those files or any operating
system that threatens that security. This would include the FAT32 file system.
For answers to some common questions about the FAT32 File System, you can look
up Q253774 at the Microsoft PSS webpage.
For more information on the Limitations of FAT32 File System on Windows 98, ME
and 2000, you can look up Q184006 at the Microsoft PSS webpage. You can find the
information for the limitations of the FAT32 File System in Windows XP information
available at Q314463. You will also find the maximum partition sizes, both practical
and theoretical listed there as well.
The maximum single file size on a FAT32 partition is 4 GB, regardless of the size of
the partition.
NTFS
NTFS is the preferred file system for all computers running Windows XP Professional.

The version of NTFS that is in use on Windows XP Professional is called NTFS 5.

(Windows 2000 uses version 5 as well.)
If you are running Windows NT 4.0 Service Pack 4 or later, you can read basic
volumes formatted by using NTFS 5 locally on dual boot systems. Windows 2000 and
Windows XP Professional can read NTFS 5 on both basic and dynamic volumes.
(Computers systems accessing either version of NTFS across networks are not
affected. Version differences are usually only considered in local / dual boot
situations.)
The following NTFS features are available under version 5;
 File and Folder Permissions

 Encryption
 Disk Quotas
 File Compression
 Mounted Drives
 Hard Links
 Distributed Link Tracking
 Sparse Files
 Multiple Data Streams
 POSIX Compliance
 NTFS Change Journal
 Indexing Service
Detailed information on these features can be found in both the Microsoft Windows
XP Professional Resource Kit Documentation and online.
If you are running Windows XP Professional in a dual boot scenario with a system
running Windows NT 4.0 Service Pack 4 or later, most of the NTFS 5 features are not
available. Most read and write operations are permitted provided as they do not
attempt to make use of most NTFS 5 features.
Issues that may occur under this type of configuration may include some of the
following:
 Windows NT4 cannot perform any operations that make use of reparse points.
 When you run Windows NT4 on a multiple-boot configuration that also runs
Windows XP Professional, Windows NT4 ignores disk quotas implemented by
Windows XP Professional.
 Windows NT4 cannot perform any operations on files encrypted by Windows
XP Professional.
 Windows NT4 cannot perform any operations on sparse files.
 Windows NT4 ignores the change journal setup under Windows XP
Professional.
The NTFS file system can support drives up to 16 exabytes, in theory, but beca use
partition tables on basic disks (disks that include a master boot record) only support
partition sizes up to 2 terabytes, you would need to use dynamic volumes to create
NTFS partitions over 2 terabytes in size.
Windows XP Professional manages dynamic volumes in a special database instead of

in the partition table, so dynamic volumes are not subject to the 2-terabyte physical
limit imposed by the partition table. This is why dynamic NTFS volumes can be as
large as the maximum volume size supported by NTFS.
Default NTFS file system cluster sizes
Partition Size NTFS

7 MB-16 MB 512 bytes
129 MB-256 MB 512 bytes
257 MB-512 MB 512 bytes
513 MB-1,024 MB 1,024 bytes
1,025 MB-2 GB 2,048 bytes
2 GB-4 GB 4,096 bytes
16 GB-32 GB 4,096 bytes
32 GB-2 terabytes 4,096 bytes
In summary, the advantages of NTFS 5 are as follows:
 NTFS uses standard transaction logging and recovery techniques. By using

the log file and checkpoint information to automatically restore the
consistency of the file system in the event of a failure, NTFS, for the most
part, maintains the consistency of the data on the volume and the volume
itself.
 NTFS supports compression on volumes, folders, and files. Files that are
compressed on an NTFS volume can be read and written by any Windows
based application without first being decompressed by another program.
Decompression happens automatically, (think of a ZIP utility on-the-fly)
during the file read. The file is compressed again when it is closed or saved.
 NTFS does not restrict the number of entries to 512 in the root folder.
 Windows 2000 and Windows XP can format partitions up to 2 terabytes using
NTFS.
 NTFS manages disk space efficiently by using smaller clusters (see the cluster
table).
 The boot sector is backed up to a sector at the end of the volume.
 You can set permissions on shares, folders, and files that specify which
groups and users have access, and what level of access is permitted on NTFS
partitions.
 NTFS supports a native encryption system, (EFS), to prevent unauthorized
access to file contents.
 Reparse points enable new features such as volume mount points.
 Disk quotas can be set to limit the amount of usage allowed by end users.

 NTFS uses a change journal to track changes made to files.

 NTFS supports distributed link tracking to maintain the integrity of shortcuts
and OLE links.
 NTFS supports sparse files so that very large files can be written to disk while
requiring only a small amount of storage space.
There are also a few notable disadvantages to NTFS, as outlined below.
 NTFS volumes are not locally accessible from MS-DOS, Windows 95, Windows
98 and Windows Millennium Edition operating syst ems.
 Many advanced features of NTFS included with version 5 are not available in
Windows NT.
 On small partitions with mostly small files, the overhead of managing the
NTFS file system can cause a slight performance drop in comparison to FAT.
 Floppy disks cannot be formatted as NTFS
[NOTES FROM THE FIELD] - There is no test requirement to memorize the NTFS
tables either, but again, it's good to understand the "how and why" of it. Also, it is
never a "best practice" to dual boot any workstation or server that has sensitive data
on it with any file system installed that cannot secure those files or any operating
system that threatens that security. This would include even NTFS if older versions
and newer versions of NTFS are running and one "degrades" the security strength of
the other.
For more detailed answers to questions about the NTFS File System, you can look up
the information in the Microsoft Windows XP Professional Resource Kit
Documentation, which can also be found online.
NTFS stands for New Technology File System.
The maximum single file size on a NTFS partition is 16 EB (exabytes), in theory.
Well, that's a wrap for this week. On my way out the door I'd like to drop one more
table into your lap and a few more bullet points.
Default Cluster Sizes for partitions under Windows XP Professional
Partition Size FAT16 cluster size FAT32 cluster size NTFS cluster size
7 MB-16 MB 2 KB (FAT12) Not supported 512 bytes
17 MB-32 MB 512 bytes Not supported 512 bytes
33 MB-64 MB 1 KB 512 bytes 512 bytes
65 MB-128 MB 2 KB 1 KB 512 bytes
129 MB-256 MB 4 KB 2 KB 512 bytes
257 MB-512 MB 8 KB 4 KB 512 bytes
513 MB-1,024 MB 16 KB 4 KB 1 KB
1,025 MB-2 GB 32 KB 4 KB 2 KB
2 GB-4 GB 64 KB 4 KB 4 KB

4 GB-8 GB Not Supported 4 KB 4 KB

32 GB-2 TB Not Supported Not Supported 4 KB
Quick points and summary tidbits:
 FAT volumes smaller than 16 megabytes (MB) are formatted as FAT12.

 FAT12 is used only on floppy disks and on volumes smaller than 16
megabytes.
 FAT16 volumes larger than 2 gigabytes (GB) are not locally accessible from
computers running MS-DOS, Windows 95, Windows 98, Windows Millennium
Edition and many other operating systems.
 FAT32 volumes can theoretically be as large as 2 terabytes, Windows 2000
and Windows XP Professional limit the maximum size FAT32 volume that it
can format to 32 GB. (Windows 2000 and Windows XP Professional can read
and write to larger FAT32 volumes formatted locally by other operating
systems.)
 The implementation of FAT32 in Windows 2000 limits the maximum number
of clusters on a FAT32 volume that can be mounted by Windows 2000 to
4,177,918. This is the maximum number of clusters on a FAT32 volume that
can be formatted by Windows 98.
 NTFS volumes can theoretically be as large as 16 exabytes (EB), but the
practical limit is 2 terabytes.
 The user can specify the cluster size when an NTFS volume is formatted.
However, NTFS compression is not supported for cluster sizes larger than 4
kilobytes (KB).
 Not supported means "Not supported by Microsoft." In some "chance" cases,
you may be able to perform a function that is not normally supported.

Using the Files and Settings Transfer Wizard
The Windows XP Professional Files and Settings Transfer Wizard can be used to
simplify the task of moving data files and personal settings from your old computer
to your new one.
By utilizing this helpful tool properly, you won't have to reconfigure all of your
personal settings on your new system because you will be able to move your old
settings, such as display, Outlook Express, dial-up connections, Internet Explorer, as
well as your folder and taskbar options to your new system. You c an also use the
Wizard to move specific files and / or specific folders to your new system as well.
This can include the My Documents, My Pictures, and Favorites folders.
You should connect your new system and your old system together in some way, in
order to perform the transfer with the least amount of difficulty.
You can use a null modem cable if you have one that is long enough to connect the
two systems and you will need an available serial port on both systems as well.
The preferred option would be to have NICs installed in both systems and have them
connected via a crossover cable or through a hub.
After the physical connection between the two systems is est ablished and working
properly, you can run the Wizard.
To open the Files and Settings Transfer Wizard you can click Start, select All
Programs, select Accessories, select System Tools, and then click Files and Settings
Transfer Wizard.
You can also type migwiz.exe from the Run line of the start menu
find the All Programs selection. Your options would be to click Start, select Programs,
select Accessories, select System Tools, and then click Files and Settings Transfer
Wizard. Not a whole lot different, but perhaps just enough to confuse you.
The Windows XP Professional exam rarely tests you on Classic anything. You need to
The first window that appears is the Welcome to the Files and Settings Transfer
Wizard startup window.

From here you would select NEXT to continue. The next screen that appears is the
WHICH COMPUTER IS THIS screen, where you would select either NEW COMPUTER,
where you would want to transfer your files and settings to, or OLD COMPUTER,
which is what you would select if the system you were working on was where the
current files and settings are that you want transferred.

Let's select NEW COMPUTER and click NEXT.
[NOTES FROM THE FIELD] - The OLD COMPUTER can be running Microsoft
Windows 95, Microsoft Windows 98, Microsoft Windows 98SE, Microsoft Windows Me,
Microsoft Windows NT 4, Windows 2000, or Windows XP (32-bit). We will go through
the OLD COMPUTER settings a little later.
You will also find that if you are running a personal firewall product (I use Zone
Alarm Pro) you may find, depending on how you have it set up, that it will alert you
that the Files and Settings Transfer Wizard wants to act as server process on your
system and it wants access to the internet. This is a little misleading, as it is not
actually looking for an internet connection so much as it is looking for the local LAN.
(Notice the broadcast address.) You need to allow the Files and Settings Transfer
Wizard to act as a server process and access the network or it will not be able to
reach the remote system.

You will need to run the Files and Settings Transfer Wizard on the OLD COMPUTER
shortly (unless you have already done so) and the next screen will ask you whether
or nor you will use a Wizard Disk (which can be created by using the default se lected
"I want to create a Wizard Disk in the following drive" selection,) or you can bypass
the step if you already have a disk or intend on using the Files and Settings Transfer
Wizard from the Windows XP Professional CD-ROM.

We will elect to use the default selection, as shown above. When we click on NEXT to
continue, the Wizard asks us to make sure there's a formatted disk in the floppy
drive. Selec t OK to continue.
The Files and Settings Transfer Wizard will create the disk and when the disk is
finished it will display a window that tells you to go to the OLD COMPUTER and insert
the Wizard Disk (A:\ disk) and run the Wizard.
We would now go to the OLD COMPUTER with the floppy disk and run FASTWiz.exe,
which would expand the migwiz.cab file and run the Wizard on the OLD COMPUTER.
Once it starts, you will again see the WHICH COMPUTER IS THIS screen, however,
this time we will select OLD COMPUTER.
After selecting NEXT, you will be asked to select a transfer method. (Basically, this is
a point where the settings will go so that the NEW COMPUTER can get them. It can
be via an across the wire transfer, sent to a share point or to a floppy disk or other
removable media. We will use the D:\ drive.)

The Files and Settings Transfer Wizard will then ask you whether you want to
migrate settings only, files only or both. You can also elect to choose a custom list of
files and settings as well. This could be used if you only needed some of the files and
/ or some of the settings.

[NOTES FROM THE FIELD] - The following settings can be transferred:

Accessibility, Command Prompt Settings, Display Properties, Internet Explorer
Settings, Microsoft Messenger, Microsoft NetMeeting, Mouse And Keyboard, MSN
Explorer, Network Printer And Drives, Outlook Express, Regional Settings, Sounds
And Multimedia, Taskbar Options, Windows Media Player, and Windows Movie Maker.
The following folders can be transferred: Desktop, Fonts, My Documents, My

Pictures, Shared Desktop, and Shared Documents.
The following files types can be transferred: *.asf (Windows Media Audio/Video file),
*.asx (Windows Media Audio/Video shortcut), *.AU (AU format sound), *.avi (video
clip), *.cov (fax cover page file), *.cpe (fax cover page file), *.doc (WordPad
document), *.eml (Internet e-mail message), *.m3u (M3U file), *.mid (MIDI
sequence), *.midi (MIDI sequence), *.mp2 (Movie File MPEG), *.mp3 (MP3 Format
Sound), *.mpa (Movie File MPEG), *.mpeg (Movie File MPEG), *.MSWMM (Windows
Movie Maker Project), *.nws (Internet News Message), *.rft (Rich Text Format),
*.snd (AU Sound Format), *.wav (Wave Sound), *.wm (Windows Media Audio/Video
file), *.wma (Windows Media Audio file), *.wri (Write document).
When you select NEXT, the Files and Settings Transfer Wizard will begin the
collection.
I ran the default selection of both files and settings on my 2 GHZ Pentium 4 system,
which has three SCSI-3 18.2 GB 10,000 RPM hard drives, set up as individual basic
drives and one ATA-100 80GB IDE hard drive, also set up as an individual basic
drive, all using the NTFS file system.

Of all of that space, almost 135GB total, I have data on about 62 GB. The process
took about an hour an fifteen minutes to complete and while I could use my system
while all of this was going on, it was a little sluggish as migwiz.exe wanted as much
system resources as it could get it's hands on, often pegging the processor. (Memory
seemed to stay pretty constant at around 128MB of my physical 512MB of PC800
memory being used.)
The final result was 9 GB of data to be transferred to the new system.

As you can also see, there is a 2 GB limitation to the DAT files. Once you exceed this
amount the Wizard will automatically start another file an enumerate it.
Once the process is completed the Completing the Collection Phase window will
display with the above message. This page would indicate any files and settings that
you had selected that the Wizard could not collect. You would have to manually
transfer these files and settings or they will not be transferred to your NEW
COMPUTER. (There were none in our example.) Click FINISH to close the Wizard on
the OLD COMPUTER.
Now that we have finished the process on the OLD COMPUTER, we can head back
over to the NEW COMPUTER and continue from the last screen we were presented
with there. (SHOWN BELOW)

We would select NEXT to arrive at the WHERE ARE THE FILES AND SETTINGS page.
Since we elected to use the D:\ drive, this is where we would point the Wizard to and
select NEXT to continue.

The Wizard will begin the transfer by organizing the files and settings for transfer
and then complete the process.

Once this last step finishes the transfer of files and settings will be complete.
That's a wrap for this week.
In the meantime, best of luck in your studies and please feel free to contact me with
any questions on my column and remember,
"Out of date virus software is only marginally better than none at all."

Managing Users Accounts in Windows XP Professional
In Microsoft Windows XP Professional, you will find one of three different accounts in
use on any given system.
 Local user accounts allow you to log on to the local system and access
resources there. If you needed to access any type of resource beyond the
local system, you would need to provide additional credentials in most cases.
Local accounts authenticate to the local security database.
 Domain user accounts allow you to log on to the domain the user account
belongs to in order to access network resources. You may be able to access
resources in other domains depending on how the trust relationships are
defined or if any modifications have been made to them. Domain accounts
authenticate to a domain controller and to the domain security database.
 Built-in user accounts allow you to perform administrative tasks on the local
system and sometimes they can access local or network resources, depending
on their configuration on the network. This too, is dependant on how trust
relationships are defined or if any modifications have been made to them. The
only two accounts created by default on a stand alone Windows XP
Professional clean installation are Administrator and Guest.
[NOTES FROM THE FIELD] - The built-in Administrator account is enabled by

default and cannot be deleted from the system. The name of the account as well as
the password can be changed, however, and this is a recommended best practice. It
is also recommended that the default Administrator account never be used or used
as infrequently as possible and only when tasks need to be performed at an
Administrative level. If there is ever more than one Administrator on a workstation,
each one should have an account created for their use. In the ev ent that you need to
log administrative events, this would be easier if there were a number of different
administrator accounts created rather than a single one.
The Guest account also cannot be deleted from the system, however it is DISABLED
by default and unless there is some required operational need it should stay
disabled. The only "need" for the Guest account would be a kiosk type terminal in a
lobby of an office building or hotel and in that event it could be used. If there is ever
a short time need to grant access to a temporary user to a system it's is always
worth the "aggravation" to create an account.
Using the Local Users and Groups Snap-in

You would normally need to be a local administrator to perform most system
configuration functions (even just taking a look at the current configuration settings)
on a Windows XP Professional system, and in some cases, there may be a local
policy set by some other administrator or if your system is in a Domain, a Domain
policy setting, which may prevent you from performing some actions.
To manage local users and groups you can use the Local Users and Groups MMC and
you can access this tool a number of different ways.
One way is to select Start, right-click My Computer, and then click Manage, which
will open the Computer Management MMC. Under the System tools icon, click Local
Users and Groups to open the Local Users and Groups MMC.

If you want to directly open the Local Users and Groups MMC you can type
lusrmgr.msc from the RUN box or from a command line. This will run the tool
independently from the Computer Management MMC.
You can also launch the Control Panel and select the User Acc ounts icon as well.

[NOTES FROM THE FIELD] - User Accounts and the Local Users and Groups MMC
both function differently while performing the same task. I will cover the User
Accounts functionality separately.
Adding USERS with the Local Users and Groups MMC
Adding a user is as simple as selecting Users from the left pane, right clicking it and
choosing New User. You can also highlight Users by left clicking it and going up to
ACTION on the menu bar and selecting New User.
Depending on your current settings, all you may need to supply in order to create a
user account is a user account name. The full user name, description, and passwords
are not required by default.
To set a password where one isn't used or to change one that is currently set, you
would right click on the given account and choose SET PASSWORD.
You can also right click on the given account and choose ALL TASKS which leads you
to the single SET PASSWORD option as well.
You can also select the user with a single left click and go to ACTION in the menu to
bring up the same ALL TASKS / SET PASSWORD options as well.
[NOTES FROM THE FIELD] - Passwords are not required by default but are always
a recommended best practice.
There may be a local policy set by some other administrator or if your system is in a
Domain, a Domain policy setting, which may force you to use settings that are NOT
normally required by default.
For example, if you try to create an account that has a password policy in place and
you do not meet the minimum requirements for password creation, you will be
presented with an error message that looks like this;

Adding GROUPS with the Local Users and Groups MMC

Adding groups is performed in much the same manner. You can select Groups from
the left pane, right click it and choose New Group. You can also highlight Groups by
left clicking it and going up to ACTION on the menu and selecting New Group.
All that is required for creating a Group is the name. Descriptions do not need to be
entered for the group nor do you need to add any members.
Using USER ACCOUNTS in the Control Panel.
How USER ACCOUNTS in the Control Panel functions all depends on whether your
Windows XP Professional system is in a domain or not.
Also, how it looks depends on whether you are using the default Windows XP view or
the Classic interface.
This is the default Windows XP view.
Below is the Classic view.

When you are in a domain and you open the USER ACCOUNTS icon in the Control
Panel you are presented with the User Accounts view as shown below on the USER
tab.

NOTES FROM THE FIELD] - The "domain" BUCKAROO in this example is the local
system and not a domain. NORTHAMERICA is a domain. The icons for a local account
have a computer/user icon. In the above image in the Password for backup section
you can see this. A DOMAIN icon in the Users for this computer section would have a
planet/user icon combination as shown below.
In order to see the properties of an account, you would select it and click on the
properties button to see the following window.

On the Group Membership tab of the USER property sheet you would see three
selections to choose from regarding group memberships.

The OTHER drop down window lists all of the LOCAL groups that the user could
belong to.
The OTHER drop down window lists only the local groups, regardless of whether you
have chosen a user account in the local accounts database or a domain account that
is in the domain.
You can change the password for a given account from the USER tab by selecting the
account and clicking the RESET PASSWORD button, which will bring up the RESET
PASSWORD window as shown below.
From the ADVANCED tab you can manage passwords that are in the local database.

By selecting the MANAGE PASSWORDS button you will open the Stored User Names
and Passwords where you can add, remove or view the properties of an account.
When you select the .NET PASSPORT WIZARD, the wizard will start and allow you to
add a .NET passport to one or more Windows XP Professional user accounts.

Selecting ADVANCED from the Advanced User Management section simply launches
the Local Users and Groups MMC as if you typed lusrmgr.msc from the RUN box or
from a command line.
The secure logon section is where you would require local users to press
CTRL+ALT+DEL to begin a session.
When you are not in a domain and you open the USER ACCOUNTS icon in the Control
Panel you are presented with the User Accounts view as shown below.

To change any of the listed accounts you would select CHANGE AN ACCOUNT and
select the account you wish to change. It's here that you can change the passw ord,
change the icon (picture) that is associated with the account or to set up the account
to use a .NET passport.
The CREATE A NEW ACCOUNT option allows you to do just that.
The CHANGE THE WAY USERS LOG ON OR OFF option allows you to select either
FAST USER SWITCHING, (which is not allowed when the workstation is a member of
a domain) or using the standard USE THE WELCOME SCREEN option.

NOTES FROM THE FIELD] - Fast User Switching cannot be used if the Offline Files
option is enabled. Also, once your system is added to a domain you can no longer
use Fast User Switching, even if you log on to the workstation by using the local user
account database.
That's a wrap for this week. Be sure to check back in next week for the next article
in this series.
any questions on my column and remember

Managing Groups in Windows XP Professional
In Microsoft Windows XP Professional, you will find a number of default local groups
on your system, which can perform the following default functions as outlined;
Members of the Administrators group have complete and
unrestricted access to the computer and can perform all
administrative tasks. T he built-in Administrator account is a member
Administrators of this group by default and should the Windows XP Professional
system be joined to a domain, (or domains) the Domain Admins
group of the domain(s) joined will be added to the local
Administrators group as well.
Backup Members of the Backup Operators group can use Windows Backup
Operators (NTBACKUP) to back up and restore data to the local computer.
Being in this group allows them to override security restrictions for
the sole purpose of backing up or restoring files.
Members of the built in Guests group are limited to only having
access to specific resources for which they have been assigned
explicit permissions for and can only perform specific tasks for which
they have been assigned explicit rights.
This is nearly the same access level as members of the Users group
Guests
except for some additional restrictions.
By default, the built-in Guest account is a member of the Guests

group. When the Windows XP Professional system is joined to a
domain, (or domains) the Domain Guests group of the domain(s)
joined will be added to the local Guests group as well.
Members of the Power Users group can create and modify local user
accounts on the computer and share resources. Effectively, they are
Power Users one group lower in authority on a local system from the
Administrators group in that they possess most administrative
powers with certain restrictions.
Members of the Users Group are prevented from making accidental
or intentional system-wide changes and they are only slightly higher
in the permission scheme than the Guests Group.
Members of the Users group are limited to only having access to

specific resources for which they have been assigned explicit
permissions for and can only perform specific tasks for which they
Users have been assigned explicit rights.
When a new user is created on a Windows XP Professional system it

is added to the Users group by default.
When the Windows XP Professional system is joined to a domain,

(or domains) the Domain Users group of the domain(s) joined will
be added to the local Users group as well.

[NOTES FROM THE FIELD] - The built-in Administrator account is enabled by

default and cannot be deleted from the system. The name of the account as well as
the password can be changed, however, and this is a recommended best practice. It
is also recommended that t he default Administrator account never be used or used
as infrequently as possible and only when tasks need to be performed at an
Administrative level. If there is ever more than one Administrator on a workstation,
each one should have an account created for their use. In the event that you need to
log administrative events, this would be easier if there were a number of different
administrator accounts created rather than a single one.
The Guest account also cannot be deleted from the system, however it is DISABLED
by default and unless there is some required operational need it should stay
disabled. The only "need" for the Guest account would be a kiosk type terminal in a
lobby of an office building or hotel and in that event it could be used. If there is ever
a short time need to grant access to a temporary user to a system it's is always
worth the "aggravation" to create an account.
Also, it is not recommended to change any of the default permissions and other
settings to the built in groups. If you need to elevate or lower permissions for all
users in a built in group it is almost always better to create a new group, place all of
the intended users into that group and make adjustments there accordingly.
Using the Local Users and Groups Snap-in

Groups are used in Windows XP Professional (and other Microsoft operating systems)
as collection point for user accounts to aid in simplifying system administration by
allowing you to assign permissions and rights to the group of users rather than to
each user account individually.
Local groups are used on individual systems to assign permissions to resources on
that specific computer. Local groups are created and administered in the local
security database on Windows XP Professional systems.
You would normally need to be a local administrator to perform most system
configuration functions (even just taking a look at the current configuration settings
in some instances) on a Windows XP Professional system, and in some cases, there
may be a local policy set by some other administrator or if your system is in a
Domain, a Domain policy setting, which may prevent you from performing some
actions.
To manage local users and groups you can use the Local Users and Groups MMC and
you can access this tool a number of different ways.
One way is to select Start, right -click My Computer, and then click Manage, which
will open the Computer Management MMC. Under the System tools icon, click Local
Users and Groups to open the Local Users and Groups MMC.

If you want to directly open the Local Users and Groups MMC you can type
lusrmgr.msc from the RUN box or from a command line. This will run the tool
independently from the Computer Management MMC.

Adding GROUPS with the Local Users and Groups MMC

Some quick points to remember for local groups on Windows XP Professional
systems that are not domain members are that Local groups can contain only local
user accounts from the local security database and local groups cannot belong to any
other group. (Local groups cannot be nested one inside of the other.) For example,
user accounts can be members of both the WORKERS group and the COFFEE group
and even though every single user of one group is a member of the other, you would
not be able to add all the users to the WORKERS group and then take the WORKERS
group and put it in to the COFFEE group.
Adding a new group is as simple as selecting Groups from the left pane, right clicking
it and choosing New Group. You can also highlight Groups by left clicking it and going
up to ACTION on the menu bar and selecting New Group.
Depending on your current settings, all you need to supply in order to create a new
group is the name. In most cases the description and adding users at the time is not
required by default.
[NOTES FROM THE FIELD] - There are certain characters that cannot be used in
the name of any group on a Windows XP Professional system. These are;
\ / " [ ] : | < > + = ; , ? * @
Click here to view the image.
Using USER ACCOUNTS in the Control Panel to add users

to EXISTING groups.
[NOTES FROM THE FIELD] - You cannot create a new group using this tool. You
need to use Computer Management to create new groups. You can add users to
existing groups in a limited fashion via this method.

How USER ACCOUNTS in the Control Panel functions all depends on whether your
Windows XP Professional system is in a domain or not.
Also, how it looks depends on whether you are using the default Windows XP view or
the Classic interface.
This is the default Windows XP view.
Click here to view the image.
Below is the Classic view.
When you are in a domain and you open the USER ACCOUNTS icon in the Control
Panel you are presented with the User Accounts view as shown below on the USER
tab.

NOTES FROM THE FIELD] - The "domain" BUCKAROO in this example is the local
system and not a domain. NORTHAMERICA is a domain. The icons f or a local account
have a computer/user icon. In the above image in the Password for backup section
you can see this. A DOMAIN icon in the Users for this computer section would have a
planet/user icon combination as shown below.
In order to see the properties of an account, you would select it and click on the
properties button to see the following window.

On the Group Membership tab of the USER property sheet you would see three
selections to choose from regarding group memberships.

The OTHER drop down window lists all of the LOCAL groups that the user could
belong to.
The OTHER drop down window lists only t he local groups, regardless of whether you
have chosen a user account in the local accounts database or a domain account that
is in the domain.
From the ADVANCED tab you can perform functions such as managing passwords
that are in the local database or using the .NET PASSPORT WIZARD to add a .NET
passport to one or more Windows XP Professional user accounts..
Selecting ADVANCED from the Advanced User Management section simply launches
the Local Users and Groups MMC as if you typed lusrmgr.msc from the RUN box or
from a command line.
The secure logon section is where you would require local users to press
CTRL+ALT+DEL to begin a session.
When you are not in a domain and you open the USER ACCOUNTS icon in the Control
Panel you are presented with the User Accounts view as shown below.

To change any of the listed accounts you would select CHANGE AN ACCOUNT and
select the account you wish to change. It's here that you can change the password,
change the icon (picture) that is associated with the account or to set up the account
to use a .NET passport.
The CREATE A NEW ACCOUNT option allows you to do just that.
The CHANGE THE WAY USERS LOG ON OR OFF option allows you to select either
FAST USER SWITCHING, (which is not allowed when the workstation is a member of
a domain) or using the standard USE THE WELCOME SCREEN option.

NOTES FROM THE FIELD] - Fast User Switching cannot be used if the Offline Files
option is enabled. Also, once your system is added to a dom ain you can no longer
use Fast User Switching, even if you log on to the workstation by using the local user
account database.
As you can also see there is no place here to create a new group. As I mentioned
earlier, that would need to be handled through Computer Management.
You would need to use the Computer Management snap-in to delete local groups
from the system. Windows XP Professional uses a unique identifier value to identify
groups and their assigned permissions, so if you should delete a group fr om the local
system and then decide it was in error, creating the group "again" with the same
name will not automatically allow for all of the same permissions and access levels
for it's members.
When performing a group deletion, you only delete the group and its associated
permissions and rights, not the user accounts in it's membership.
To delete a group you would right -click the group name in the Computer
Management snap-in and then click Delete. The users would still be on the system. If
their deletion was also required as part of removing a group of summer users or
interns for example, the individual users would still need to be deleted.
Built-In System Groups

Built-in system groups exist on Windows XP Professional systems and while they do
have specific memberships that you can modify, you cannot administer the groups
directly, they are available for modification when you assign user rights and
permissions to resources. Built -in system group membership is based on how the
computer is accessed, not on who uses the computer. The list below shows the
primary built-in system groups and their default properties and characteristics.

Built-in
Description
System group
The Everyone group contains all of the users who access the
computer. The Full Control permission is assigned to the Everyone
Everyone
group (and thus all the users in it) whenever there are volumes on
the local system formatted with NTFS.
All users with valid user accounts on the local system are included
in the Authenticated Users group. When your Windows XP systems
Authenticated is a member of a domain, (or multiple domains) it includes all users
Users in the Active Directory database for that given domain. Using the
Authenticated Users group for resource and system access instead
of the Everyone group is a suggested best practice.
The Creator Owner designation comes into play when a member of
the Administrators group creates a resource, (or takes ownership of
Creator Owner
a resource) because even though an individual member may have
performed the action, the Administrators group owns the resource.
The Network Built-in System group contains any user with a
Network current connection from a remote system on the network to a
shared resource on the local system.
Members of the Interactive Built -in System group are "added" as
Interactive
they log on locally to the system.
Anonymous An Anonymous Logon user account that Windows XP Professional
Logon cannot authenticate is put into this Built -in System group.
Users are "added" to the Dialup Built-in System group once they
Dialup
establish a dial-up connection to the system..
You can set or revoke permissions to these Built -in System groups at the resource.
(e.g. share, NTFS folder, printer, etc.)

TCP/IP Protocol Within Windows XP Professional
This article will cover the TCP/IP Protocol within Windows XP Prof essional.
The Transmission Control Protocol/Internet Protocol is a network communication
protocol. It can be used as a communications protocol on private networks and it is
the default protocol in use on the internet. When you set up any system to have
direct access to the Internet, whether it is via dial-up or one of the high speed
technologies in use today, your system will need to utilize the TCP/IP protocol
whether it is a Windows based system or not.
Also, if the given system needs to communicate to other TCP/IP systems on the local
LAN or WAN it will need to utilize the TCP/IP protocol as well.
[NOTES FROM THE FIELD] - Indirectly connected computers, such as those on a
LAN that hit the internet via certain default gateways, certain types of routers, Proxy
Servers, ISA Servers or other indirect means, do not necessarily need to use the
TCP/IP protocol. The need only use the network protocol in use for their LAN, where
that LAN protocol would communicate with the directly connecting mechanism,
(default gateway, router, Proxy Server or other direct device). That directly
connected device would need to use the internet default protocol of TCP/IP.
TCP/IP is technically made up of two protocols. The upper layer, Transmission
Control Protocol, on the sending system is responsible for breaking down the data
into smaller packets to be transmitted over the network, (local and internet), while
the TCP layer on the receiving node reassembles the packets it receives back into the
original data structure.
The lower layer, Internet Protocol, addresses each individual packet so that it gets
delivered to the correct node. Each routing device on the network, be it a hardware
router or a server system that is performing routing functions, will check the
destination address to see where to forward the message.
[NOTES FROM THE FIELD] - This is just a basic overview of TCP/IP and I didn't
want to get too involved with it here within this article. There is bountiful information
on TCP/IP all over the internet and before pouring through the RFCs I would first
suggest you try TCP/IP Frequently Asked Questions or TCP/IP Protocol Suite -
Questions & Answers.
The TCP/IP Model
The TCP/IP suite of protocols maps to a four-layer conceptual model which is based
off of the seven layer Open System Interconnection (OSI) protocol model.
The detailed function of each layer of the Open System Interconnection (OSI)
protocol model is beyond the scope of this topic, however, the 60 second overview is
as follows:
Physical Layer - Defines the interface between the medium and the device. This
layer also transmits bits (ones and zeros) and defines how the data is transmitted
over the physical medium. Some examples of Network Components found at this
layer are Multiplexers, Passive Hubs, Active Hubs, Repeaters and other types of
signal Amplifiers

Data Link Layer - This layer is actually divided into to sublayers, Logical Link
Control, which mainly handles error correction and flow control and Media Access
Control, which mainly handles the communication with the network adapter card.
Some examples of Network Components found at the Data Link layer are Bridges,
Switches and certain Advanced Cable Testers.
Network Layer - This OSI layer is responsible for translating logical network
address and names such as computernames to their MAC addresses and for
addressing and routing data packets over the network. If routers at this layer can’t
forward the data frames as large as the source node has sent, this OSI layer will
break down the data into smaller units that the devices can handle. Some examples
of Protocols found at the Network Layer are IP, ARP, RARP, ICMP, RIP, OSFP, IGMP,
IPX, NWLink and NetBEUI. Some examples of Network Components found at this
layer are Brouters, Routers, some types of ATM Switches and Frame Relay hardware.
Transport Layer - The Transport Layer adds an additional connection below the
Session layer and helps manage data flow control between nodes on the network.
This layer divides the data into packets on the sending node and the transport layer
of the receiving node reassembles t he message from packets. The Transport Layer
provides error-checking to guarantee error-free data delivery by requesting
retransmission if some packets don’t arrive error-free. It also sends acknowledgment
of successful transmissions back to the sending node. Some examples of Protocols
found at this layer are TCP, ARP, RARP, SPX and NWLink. Some examples of Network
Components found at the Transport Layer are Gateways and certain types of
Brouters.
Session Layer - This OSI layer, as the name implies, establishes, maintains and
ends sessions between transmitting nodes across the network and manages which
node can transmit data at a certain time and for how long. Some examples of
Protocols found at this layer are Names Pipes, NetBIOS Names, RPC and Mail Slots.
Some examples of Network Components found at the Session Layer are Gateways
and certain types of Proxy Servers.
Presentation Layer - The Presentation Layer technically performs the translation of
the data from the way applications understand it to the way networks understand it
on the transmission end and then back on the receiving node. It is responsible for
protocol conversions, data encryption / decryption, and data compression /
decompression where the network is considered. Some examples of Network
Components found at the Presentation Layer are Gateways and certain types of
Redirectors. There are no Protocols that normally operate in this layer.
Application - The Application Layer of the OSI model allows access to network
services for applications specifically written to run over the network, such as email
and file transfer programs such as FTP. There are many Protocols found at the
Application Layer, some of which include FTP, TFTP, BOOTP, SNMP, SMTP, TELNET,
NCP, and SMB.
The TCP/IP suite four-layer conceptual model is as follows;
Network Interface Layer - This layer effectively puts the frames on the wire from
the sending node and pulls frames off the wire at the receiving node and basically
correlates to the Physical Layer of the OSI model.
Internet Layer - Internet layer protocol of the TCP/IP suite encapsulate packets
into Internet datagrams. There are four Internet protocols that operate at this layer.
The Internet Layer basically (but not entirely) correlates to the Network Layer of the
OSI model.

Internet Protocol provides connectionless packet delivery for all other

protocols and does not guarantee packet arrival or correct packet sequence
IP nor does it acknowledge packet delivery. IP has the main responsibility of
addressing and routing packets between nodes and it does not try to recover
from network errors.
Address Resolution Protocol maps IP addresses to a physical machine
addresses (MAC addresses) that are located on the LAN. IP broadcasts a
special ARP inquiry packet containing the IP address of the destination
ARP system. The system that owns the IP address replies by se nding its physical
address to the requester. The MAC sublayer communicates directly with the
network adapter card and is responsible for delivering error-free data between
network.
Internet Control Message Protocol is a message control and error-reporting
protocol used between network nodes. Higher level protocols use the
ICMP
information in these datagrams to recover from any transmission or other
errors.
The Internet Group Management Protocol provides a way for nodes to report
their multicast group membership to nearby multicast routers. Multicasting
allows nodes to send content to multiple other nodes within that multicast
IGMP group by sending IP multicast traffic to a single MAC address but by allowing it
to be processed by multiple nodes. IGMP is part of the Network layer of the
OSI model. Windows XP Professional supports multicast for things such as
Windows 2000 Server NetShow Services.
Transport Layer - The two Transport layer protocols provide communication

sessions between computers and these sessions can be connection oriented or
connectionless, as outlined below. The Transport Layer basically (but not entirely)
correlates to the Transport Layer of the OSI model.
Transmission Control Protocol is a connection-oriented protocol that provides
reliable communication by assigning a sequence number to each segment of
data that is transmitted so that the receiving host can send an
TCP acknowledgment (ACK) to verify that the data was received. If an ACK is not
received, the data is retransmitted. TCP guarantees the delivery of packets,
ensures proper sequencing of the data, and provides a checksum feature that
validates both the packet header and its data for accuracy.
User Datagram Protocol is a connectionless protocol that does not guarantee
the delivery or the correct sequencing of packets. Applications that use UDP
UDP
typically transfer small amounts of data at once and the data sent is usually
not considered critical. TFTP (Trivial File Transfer Protocol) uses UDP.
Application Layer - The Application Layer is where applications that are specifically
written to operate over networks, gain their access. There are two TCP/IP services,
Winsock and the NetBIOS over TCP/IP (NetBT) interface, that network applications
most commonly use on Windows XP Professional networks. The Application Layer
basically (but not entirely) correlates to the Application Layer of the OSI model.
Winsock is the standard interface used for socket -based applications and
TCP/IP protocols. Winsock allows the net work application to bind to a
Winsock
specific port and IP address on a node, initiate and accept a connection,
send and receive data, and close then close the connection.

NetBIOS over TCP/IP is the standard interface for NetBIOS services,

including name, datagram, and session services. It also provides a
standard interface between NetBIOS-based applications and TCP/IP
NetBT protocols and is the network component that performs computer name to
IP address mapping name resolution. There are currently four NetBIOS
over TCP/IP name resolution methods: b-node, p-node, m-node and h-
node.
Internet Protocol Addressing Overview

protocol. It can be used as a communications protocol on priv ate networks and it is
TCP/IP version 4 (IPv4) addresses are made of up four 8-bit fields (octets) and
are 32-bits in size total. Microsoft TCP/IP version 4 supports the standard classes of
address, which defines which bits are used for the network ID and which bits are
used for the host ID. There are five TCP/IP version 4 (IPv4) addresses, although for
the most part, only the A, B, and C classes are used. The system of IP address
classes described here form the basis for IP address assignment. Classless Inter-
Domain Routing (CIDR) addressing is now being used more often and I will cover
that later in the article. Classless Inter-Domain Routing is making the IP address
classes in their current for "less defined", for lack of a better term. Still, the classes
form the base of any addressing scheme.
TCP/IP version 4 address are made of both a network ID and a host ID. The network
ID address identifies the physical network where the hosts exist. The host ID address
identifies the individual TCP/IP host on a network. The host ID must be unique on
the internal network, that is, no two nodes on a given network can have the same
network ID AND host ID.
[NOTES FROM THE FIELD] - You can have two hosts with the IP host name of
112.12.44 if one is on network 10 and another is on network 11. (The full IP
addresses of these hosts would be 10.112.12.44 and 11.112.12.44. The subnet
mask would be 255.0.0.0.) You cannot assign both of these nodes the host address
of 112.12.44 if they are both on network 10 or both on network 11.
The "division" point between the network ID and the host ID is called the subnet
mask. The subnet mask is used to determine where the network number in an IP
address ends and the node number in an IP address begins.
The bits in a subnet mask are set consecutively from left to right and there can be no
"skips" in the setting structure. The subnet mask of 255.255.128.0 is valid because
all eight bits are set in the first two octets and the first bit of the next octet is also
set. (11111111.11111111.10000000.00000000). The subnet mask of 255.255.64.0
is not valid because there is a "missing" bit that is not allowed.

(11111111.11111111.01000000.00000000).
[NOTES FROM THE FIELD] - The left most bit in a TCP/IP version 4 address is
called the Most Significant Bit (MSB) and has the highest value. The right most bit in
a TCP/IP version 4 address is called the Least Significant Bit (LSB) and has the
lowest value.
I have detailed subnet masks in a little more detail in a following section.
The value of the bits, in order from the Most Significant Bit (MSB) to the Least
Significant Bit (LSB) are 128, 64, 32, 16, 8, 4, 2, 1. These numerical designations
are what make up the TCP/IP version 4 address. Each set bit (noted by a "1") are
added together to give you the address. The TCP/IP version 4 address of
171.144.62.12 converts t o a binary number of
10101011.10010000.00111110.00001100 and a hexadecimal number of
AB.90.3E.0C
[NOTES FROM THE FIELD] - While it's important to know that the TCP/IP version 4
address converts to a binary number or a hexadecimal number it is not often used in
day to day operations of the MCSA/MCSE. It is more so for the Network
Administrator. For the 70-270 exam, concentrate on the different classes of
addresses, how subnet masks work, Classless Inter -Domain Routing (CIDR)
addressing and a basic understanding of the binary conversion of a TCP/IP version 4
address. Basically, know the Most Significant Bit (MSB) and the Least Significant Bit
(LSB) and the order of numbers.
The way I remember it was to remember that the Least Significant Bit (LSB) of each
octet was "1" and each place to the left of it doubled in value up to the end of the
octet on the far left. After the DOT I would start back to "1"
TCP/IP version 6 (IPv6) addresses are a set of specifications from the Internet
Engineering Task Force (IETF) and has been designed to overcome the current
shortage of addresses under TCP/IP version 4. TCP/IP version 6 also has some other
built in improvements that goes beyond the scope of the discussion here. The single
most important thing you will need to know for the 70-270 exam (a little more depth
may be needed for the upcoming Exam 70-275: Installing, Configuring and
Administering Microsoft .NET Server and Exam 70-276: Implementing and
Administering a Microsoft .NET Server Network Infrastructure) is that IPv6 addresses
are 128 bits in length as opposed to 32 bits under IPv4.
Classless Inter-Domain Routing (CIDR) is a newer way to allocate IP addresses

that is more flexible than with the original Class addressing scheme used in the past.
This makes it so that the utilization of the number of remaining available Internet
addresses has been increased. CIDR is now the routing system used by virtually all
gateway hosts on the Internet's backbone network.
The original Internet Protocol defines IP addresses in five classes, Classes A through
E. Each of these classes allowed the use of one portion of the 32-bit Internet address
scheme to the network address and the remaining portion to the nodes on the
network. One of the main reason for the IP address shortage was in the situation
where many companies needed more than 254 host machines that were allowed
under the Class C scheme but far fewer than the 65,533 host addresses of the Class
B scheme. They would request a unique B Class address but often ended up not

using many of the addresses within their allotted block. This meant that many
addresses with their pool were unutilized. This is one of the main reasons the IP
address pool was drying up and for this reason the big push was on for TCP/IP
version 6 (IPv6) and its 128-bit address. Because many of the Internet authorities
realized that it would be some time before IPv6 was in widespread use, Classless
Inter-Domain Routing was born.
Using Classless Inter-Domain Routing, each IP address has a network prefix that
identifies either a collection of network gateways or an individual gateway. The
length of the network prefix is also specified as part of the IP address and varies
depending on the number of bits that are needed (rather than any arbitrary class
assignment structure). A destination IP address or route that describes many
possible destinations has a shorter prefix and is said to be less specific. A longer
prefix describes a destination gateway more specifically. Routers are required to use
the most specific or longest network prefix in the routing table when forwarding
packets.
A Classless Inter-Domain Routing network address looks like this: 201.44.112.00/18
201.44.112.00 is the address of the network and the "18" says that the first 18 bits
are the network part of the address, leaving the last 14 bits for the address of the
node. (Effectively, the 18 is the subnet mask from the "old" style of address classes.)
Classless Inter-Domain Routing lets one routing table entry represent a collection of
networks that exist in the forward path that don't need to be specified on that
particular gateway. This collecting of networks in a single address is sometimes
referred to as a supernet as by their definition they mean the same thing.
Classless Inter-Domain Routing is supported by The Border Gateway Protocol, the

prevailing exterior (interdomain) gateway protocol. (The older exterior or
interdomain gateway protocols, Exterior Gateway Protocol and Routing Information
Protocol, do not support Classless Inter-Domain Routing.) Classless Inter-Domain
Routing is also supported by the OSPF interior or intradomain gateway protocol.
Subnet Masks - Implementing subnewtorks (commonly referred to as subnets in

the field) helps to control network traffic. Every node on t he same physical Ethernet
network sees all the packets of data sent out on the network. Often this has the
result of multiple collisions causing network performance to be slow. Routers or
gateways are used to separate networks into subnets. Subnet masks on each of the
nodes allow the nodes on the same subnetwork to continue to communicate with one
another and to the routers or gateways they use to send their messages.
Subnet masks allows you to identify the network ID and the host (node) ID of an IP
address.
Given the following example of a default B Class subnet mask:
10011110.00010101.00111001.01101111 158.21.57.111
11111111.11111111.00000000.00000000 255.255.000.000
--------------------------------------------------------
10010110.11010111.00000000.00000000 158.21.000.000
we can determine that the network ID is 158.21 and the host ID is 57.111

Network Address : 158.21.0.0
Subnet Address : 158.21.0.0

Subnet Mask : 255.255.0.0
Subnet bit mask : nnnnnnnn.nnnnnnnn.hhhhhhhh.hhhhhhhh
Subnet Bits : 16
Host Bits : 16
Possible Number of Subnets : 1
Hosts per Subnet : 65534
Additional bits can be added to the subnet mask for a given class of addresses to
subnet networks further.
Given the following example of a B Class address using an additional bit s ubnet
mask:
10011110.00010101.00111001.01101111 158.21.57.111
11111111.11111111.11110000.00000000 255.255.240.000 Subnet Mask
--------------------------------------------------------
10010110.11010111.00010000.00000000 150.215.016.000 Network address
Subnet Mask : 255.255.240.0

Subnet bit mask : nnnnnnnn.nnnnnnnn.nnnnhhhh.hhhhhhhh
Subnet Bits : 20
Host Bits : 12
Possible Number of Subnets : 16
Hosts per Subnet : 4094
we can see that rather than having the single subnet and 65534 Hosts per Subnet
allowed under the default subnet mask we are able to have up to 16 subnets with up
to 4094 Hosts per Subnet by using a Subnet Mask of 255.255.240.000.
Selected Subnet : 158.21.0.0/255.255.240.0

Usable Addresses : 4094
Host range : 158.21.0.1 to 158.21.15.254
Broadcast : 158.21.15.255
Subnet Mask Subnet Host Range Broadcast

158.21.0.1 to
158.21.0.0 255.255.240.0 4094 158.21.15.255
158.21.15.254
158.21.16.1 to
158.21.16.0 255.255.240.0 4094 158.21.31.255
158.21.31.254
158.21.32.1 to
158.21.32.0 255.255.240.0 4094 158.21.47.255
158.21.47.254
158.21.48.1 to
158.21.48.0 255.255.240.0 4094 158.21.63.255
158.21.63.254
158.21.64.1 to
158.21.64.0 255.255.240.0 4094 158.21.79.255
158.21.79.254

158.21.80.1 to
158.21.80.0 255.255.240.0 4094 158.21.95.255
158.21.95.254
158.21.96.1 to
158.21.96.0 255.255.240.0 4094 158.21.111.255
158.21.111.254
158.21.112.1 to
158.21.112.0 255.255.240.0 4094 158.21.127.255
158.21.127.254
158.21.128.1 to
158.21.128.0 255.255.240.0 4094 158.21.143.255
158.21.143.254
158.21.144.1 to
158.21.144.0 255.255.240.0 4094 158.21.159.255
158.21.159.254
158.21.160.1 to
158.21.160.0 255.255.240.0 4094 158.21.175.255
158.21.175.254
255.255.240.0 158.21.176.1 to
158.21.176.0 4094 158.21.191.255
158.21.191.254
158.21.192.1 to
158.21.192.0 255.255.240.0 4094 158.21.207.255
158.21.207.254
158.21.208.1 to
158.21.208.0 255.255.240.0 4094 158.21.223.255
158.21.223.254
158.21.224.1 to
158.21.224.0 255.255.240.0 4094 158.21.239.255
158.21.239.254
158.21.240.1 to
158.21.240.0 255.255.240.0 4094 158.21.255.255
158.21.255.254
[NOTES FROM THE FIELD] - A subnet address cannot be all 0's or all 1's.
TCP/IP Class A Address Overview
The "A" class addressing scheme has an official start address of 0.0.0.0 and an
official last address of 127.255.255.255.
Not all of these address can be used and you will OFTEN see conflicting information
on this.
1.0.0.1 to 126.255.255.254 is the range of IP addresses that are included in the "A"
class addressing scheme that are the useable range for node assignment
126.255.255.255 is a broadcast address and in most case cannot be assigned.

(There are exceptions to the rule.)
The local host will use 0.0.0.0 when it cannot reach a DHCP server when it is set to
use one and cannot assign itself an address using APIPA.
1.0.0.1 to 126.255.255.254 is the useable range.
There are 126 Class A networks total, each allowed to have up to 16,777,214 hosts
The 127.x.x.x range is used for internal host loopback

There are three IP network addresses reserved for private netw orks. 10.0.0.0 -
10.255.255.255 with the subnet mask 255.0.0.0 is the range for Class A IP
addresses.
They can be used by anyone setting up internal IP networks, such as a lab or home
LAN behind a NAT or proxy server or a router. It is always safe to use these because
routers on the Internet will never forward packets coming from these addresses.
These addresses are defined in RFC 1918.
While 10.0.0.0 - 10.255.255.255 addresses with the subnet mask 255.0.0.0 are
available to only internal IP networks, they are still considered part of the Class "A"
range.
TCP/IP Class B Address Overview
The "B" class addressing scheme has an official start address of 128.0.0.0 and an
on this.
128.0.0.1 to 191.255.255.254 is the range of IP addresses that are included in the

"B" class addressing scheme that are the useable range for node assignment.
There are three IP network addresses reserved for private networks. 172.16.0.0 -
172.31.255.255 with the subnet mask 255.240.0.0 is the range for Class B IP
addresses.
While 172.16.0.0 - 172.31.255.255 addresses with the subnet mask 255.240.0.0 are
available to only internal IP networks, they are still considered part of the Class "B"
range.
TCP/IP Class C Address Overview
The "C" class addressing scheme has an official start address of 192.0.0.0 and an
on this.
192.0.0.1 to 223.255.255.254 is the range of IP addresses that are included in the

"C" class addressing scheme that are the useable range for node assignment.

There are three IP network addresses reserved for private networks. 192.168.0.0 -
192.168.255.255 with the subnet mask 255.255.0.0 is the range for Class C IP
addresses.
While 192.168.0.0 - 192.168.255.255 addresses with the subnet mask 255.255.0.0

are available to only internal IP networks, they are still considered part of the Class
"C" range.
TCP/IP Class D Address Overview
The IP version 4 addresses of 224.0.0.0 through 239.255.255.255 are set aside

through IANA (Internet Assigned Numbers Authority) as a special class of addresses
for Multicast uses. At the present, ISPs are unable to allocate Class D address space
to their customers. These addresses must be allocated through IANA.
Class D addresses are only required if you wish to be a multicast source. You can still
receive multicast data without the need for a separate Class D address.
TCP/IP Class E Address Overview
The IP version 4 addresses of 240.0.0.0 to 254.255.255.255 are set aside through

IANA (Internet Assigned Numbers Authority) as a special class of addresses for
experimental and future use.
The IP address of 255.255.255.255 broadcasts to all hosts on the local network and
therefore, is not to be considered as part of the E class of IP addresses.
"The fact that the grass is greener on the other side of the fence is directly
proportional to how much manure is being used on the property"

Troubleshooting TCP/IP in Windows XP Professional
This article will continue with covering the TCP/IP Protocol within Windows XP
Professional, specifically, troubleshooting of the network protocol under Windows XP
Professional.

protocol. It can be used as a communications protocol on private networks and it is
Windows XP Professional offers several native programs to use to help in

troubleshooting TCP/IP.
PING - Ping can be used to test your TCP/IP connection by sending a message to
the remote node or gateway from a local system. (It can also be used to test the
loopback locally only to see if it is working correctly.) If the remote node or gateway
receives the message, it responds with a reply message. The reply consists of the
remote's IP address, the number of bytes in the message, how long it took to reply -
given in milliseconds (ms), the length of time-to-live (TTL) in seconds and it will also
show any pack loss in terms of percentages.
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:

Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
Usage: ping [-t] [-a] [-n count] [-l size] [-f] [-i TTL] [-v TOS]
[-r count] [-s count] [[-j host-list] | [-k host-list]]
[-w timeout] target_name
Switches:

 -t Ping the specified host until stopped. To see statistics and continue - type
Control-Break; To stop - type Control-C.
 -a Resolve addresses to hostnames.
 -n count Number of echo requests to send.
 -l size Send buffer size.
 -f Set Don't Fragment flag in packet.
 -i TTL Time To Live.
 -v TOS Type Of Service.
 -r count Record route for count hops.
 -s count Timestamp for count hops.
 -j host-list Loose source route along host -list.
 -k host-list Strict source route along host -list.
 -w timeout Timeout in milliseconds to wait for each reply.
ARP - Displays and modifies the IP-to-Physical address translation tables used by
address resolution protoc ol (ARP).
ARP -s inet_addr eth_addr [if_addr]

ARP -d inet_addr [if_addr]
ARP -a [inet_addr] [-N if_addr]
 -a Displays current ARP entries by interrogating the current protocol data. If

inet_addr is specified, the IP and Physical addresses for only the spec ified
computer are displayed. If more than one network interface uses ARP, entries
for each ARP table are displayed.
 -g Same as -a.
 inet_addr Specifies an internet address.
 -N if_addr Displays the ARP entries for the network interface specified by
if_addr.
 -d Deletes the host specified by inet_addr. inet_addr may be wildcarded with
* to delete all hosts.
 -s Adds the host and associates the Internet address inet _addr with the
Physical address
 eth_addr. The Physical address is given as 6 hexadecimal bytes separated by
hyphens. The entry is permanent.
 eth_addr Specifies a physical address.
 if_addr If present, this specifies the Internet address of the interface whose
address translation table should be modified. If not present, the first
applicable interface will be used.
Example:
> arp -s 157.55.85.212 00-aa-00-62-c6-09 .... Adds a static entry.
> arp -a .... Displays the arp table.
IPCONFIG - Use the ipconfig command to get the local system's basic IP
configuration information, including the IP address, subnet mask, and default
gateway.
The IPCONFIG/all switch produces a detailed configuration report for all interfaces,
including any configured remote access adapters.

USAGE: ipconfig [/? | /all | /renew [adapter] | /release [adapter] | /flushdns |

/displaydns | /registerdns | /showclassid adapter | /setclassid adapter [classid] ]
 /all Display full configuration information.

 /release Release the IP address for the specified adapter.
 /renew Renew the IP address for the specified adapter.
 /flushdns Purges the DNS Resolver cache.
 /registerdns Refreshes all DHCP leases and re-registers DNS names
 /displaydns Display the contents of the DNS Resolver Cache.
 /showclassid Displays all the dhcp class IDs allowed for adapter.
 /setclassid Modifies the dhcp class id.
The default is to display only the IP address, subnet mask and default gateway for
each adapter bound to TCP/IP.
For Release and Renew, if no adapter name is specified, then the IP address leases
for all adapters bound to TCP/IP will be released or renewed.
NBTSTAT - NetBT Statistics (Nbtstat.exe) is used for t roubleshooting network

NetBIOS names over TCP/IP (NetBT) resolution problems from the command line. It
displays protocol statistics and current TCP/IP connections that are using NetBT.
When a network is functioning, NetBT resolves NetBIOS names to IP addresses. It

uses several options for NetBIOS name resolution, including local cache lookup,
WINS server query, broadcast, Lmhosts and Hosts file lookup, and DNS server
query.
Displays protocol statistics and current TCP/IP connections using NBT

(NetBIOS over TCP/IP).
NBTSTAT [ [-a RemoteName] [-A IP address] [-c] [-n] [-r] [-R] [-RR] [-s] [-S]
[interval] ]
 -a (adapter status) Lists the remote machine's name table given its name
 -A (Adapter status) Lists the remote machine's name table given its IP
address.
 -c (cache)Lists NBT's cache of remote [machine] names and their IP
addresses
 -n (names)Lists local NetBIOS names.
 -r (resolved) Lists names resolved by broadcast and via WINS
 -R (Reload) Purges and reloads the remote cache name table
 -S (Sessions) Lists sessions table with the destination IP addresses
 -s (sessions) Lists sessions table converting destination IP addresses to
computer NETBIOS names.
 -RR(ReleaseRefresh) Sends Name Release packets to WINS and then, starts
Refresh
 RemoteName - Remote host machine name.

 IP address - Dotted decimal representation of the IP address.
 interval - Redisplays selected statistics, pausing interval seconds between
each display. Press Ctrl+C to stop redisplaying statistics.

NETSTAT - Netstat (Netstat.exe) displays TCP/IP protocol statistics and active

connections to and from your computer from the command line and also provides an
option to display the number of bytes sent and received, as well as network packets
dropped (if any).
NETSTAT [-a] [-e] [-n] [-o] [-s] [-p proto] [-r] [interval]
 -a Displays all connections and listening ports.

 -e Displays Ethernet statistics. This may be combined with the -s option.
 -n Displays addresses and port numbers in numerical form.
 -o Displays the owning process ID assoc iated with each connection.
 -p proto Shows connections for the protocol specified by proto; proto may be
any of: TCP, UDP TCPv6, or UDPv6. If used with the –s option to display per-
protocol statistics, proto may be any of: IP, IPv6, ICMP, ICMPv6, TCP, TCP v6,
UDP, or UDPv6.
 -r Displays the routing table.
 -s Displays per-protocol statistics. By default, statistics are shown for IP,
IPv6, ICMP, ICMPv6, TCP, TCPv6, UDP, and UDPv6; the -p option may be
used to specify a subset of the default.
 interval Redisplays selected statistics, pausing interval seconds between each
display. Press CTRL+C to stop redisplaying statistics. If omitted, netstat will
print the current configuration information once.
ROUTE - You can use the route command line tool to display t he current IP routing
table and add or delete IP routes.
ROUTE [-f] [-p] [command] [destination] [MASK netmask] [gateway] [METRIC

metric] [IF interface]
 -f Clears the routing tables of all gateway entries. If this is used in

conjunction with one of the commands, the tables are cleared prior to running
the command.
 -p When used with the ADD command, makes a route persistent across boots
of the system. By default, routes are not preserved when the system is
restarted. Ignored for all other commands, which always affect the
appropriate persistent routes.
commands
 PRINT Prints a route

 ADD Adds a route
 DELETE Deletes a route
 CHANGE Modifies an existing route
 destination - Specifies the host.

 MASK -Specifies that the next parameter is the 'netmask' value.
 netmask - Specifies a subnet mask value for this route entry. If not specified,
it defaults to 255.255.255.255.
 gateway - Specifies gateway.
 interface - Specifices the interface number for the specified route.
 METRIC - Specifies the metric, ie. cost for the destination.

All symbolic names used for destination are looked up in the network database file
NETWORKS. The symbolic names for gateway are looked up in the host name
database file HOSTS.
If the command is PRINT or DELETE. Destination or gateway can be a wildcard,

(wildcard is specified as a star '*'), or the gateway argument may be omitted.
If Dest contains a * or ?, it is treated as a shell pattern, and only matching

destination routes are printed. The '*' matches any string, and '?' matches any one
char. Examples: 157.*.1, 157.*, 127.*, *224*.
Invalid MASK generates an error, that is when (DEST & MASK) != DEST.
Example> route ADD 157.0.0.0 MASK 155.0.0.0 157.55.80.1 IF 1 The route addition
failed: The specified mask parameter is invalid. (Destination & Mask) != Destination.
Examples:
route PRINT
route ADD 157.0.0.0 MASK 255.0.0.0 157.55.80.1 METRIC 3 IF 2
destination^ mask^ gateway^ metric^ ^Interface
If IF is not given, it tries to find the best interface for a given gateway.
route PRINT 112* .... Only prints those matching 112*

route CHANGE 112.0.0.0 MASK 255.0.0.0 112.89.8.5 METRIC 2 IF 2
CHANGE is used to modify gateway and/or metric only.
HOSTNAME - Hostname is used to show the local computer's host name for
authentication by the Remote Copy Protocol (RCP), Remote Shell (RSH), and Remote
Execution (REXEC) tools
TRACERT - Tracert is sometimes used to verify that IP addressing has been

correctly configured on a client. It will basically show the route taken to reach a
remote system
Usage: tracert [-d] [-h maximum_hops] [-j host-list] [-w timeout] target_name
Options:
 -d Do not resolve addresses to hostnames.

 -h maximum_hops Maximum number of hops to search for target.
 -j host-list Loose source route along host-list.
 -w timeout Wait timeout milliseconds for each reply.
PATHPING - Pathping also shows the route taken to reach a remote system as does
TRACERT but PATHPING does so with more detail and allows for more functionality
as well.
Usage: pathping [-g host-list] [-h maximum_hops] [-i address] [-n] [-p period] [-q
num_queries] [-w timeout] [-P] [-R] [-T] [-4] [-6] target_name

Options:
 -g host-list Loose source route along host-list

 -h maximum_hops Maximum number of hops to search for target.
 -i address Use the specified source address.
 -n Do not resolve addresses to hostnames.
 -p period Wait period milliseconds between pings.
 -q num_queries Number of queries per hop.
 -w timeout Wait timeout milliseconds for each reply.
 -P Test for RSVP PATH connectivity.
 -R Test if each hop is RSVP aware.
 -T Test connectivity to each hop with Layer-2 priority tags.
 -4 Force using IPv4.
 -6 Force using IPv6.
There are additional tools that can be used to test TCP/IP connectivity. They are
standard use tools for the TCP/IP protocol. FTP
- FTP is the File Transfer Protocol and it is used to transfer files from system to
system.
Internet Explorer interconnectivity allows for a Windows Explorer type of GUI

environment for the file transfer by allowing func tionality of file and folder views and
drag and drop / copy and paste.
The command line FTP allows for more functionality. FTP is considered to be a
connected session using Transmission Control Protocol (TCP).
FTP commands are listed in the table below.
! delete literal prompt send

? debug ls put status
append dir mdelete pwd trace
ascii disconnect mdir quit type
bell get mget quote user
binary glob mkdir recv verbose
bye hash mls remotehelp
cd help mput rename
close lcd open rmdir
FTP [-v] [-d] [-i] [-n] [-g] [-s:filename] [-a] [-w:windowsize] [-A] [host]
 -v Suppresses display of remote server responses.

 -n Suppresses auto-login upon initial connection.
 -i Turns off interactive prompting during multiple file transfers.
 -d Enables debugging.

 -g Disables filename globbing (see GLOB command).

 -s:filename - Specifies a text file containing FTP commands; the commands
will automatically run after FTP starts.
 -a Use any local interface when binding data connection.
 -A - login as anonymous.
 -w:buffersize - Overrides the default transfer buffer size of 4096.
 host - Specifies the host name or IP address of the remote host to connect to.
[NOTES FROM THE FIELD] - Use mget and mput commands take y/n/q for
yes/no/quit.
Use Control-C to abort actively executing commands.
TFTP - The Trivial File Transfer Protocol allows for the connectionless transfer of files
to and from systems using User Datagram Protocol (UDP).
[NOTES FROM THE FIELD] - User Datagram Protocol (UDP) is a connectionless

protocol that does not guarantee delivery of data packets between hosts and is used
when data transfer acknowledgments are not required. It can transmit only small
portions of data at a time because it is not capable of segmenting and reassembling
frames and does not implement sequence numbers.
While TFTP is limited in functionality, there are still some command line switches that
can be used to tailor its performance.
TFTP [-i] host [GET | PUT] source [destination]
 -i Specifies binary image transfer mode (also called octet). In binary image
mode the file is moved literally, byte by byte. Use this mode when
transferring binary files.
 host - Specifies the local or remote host.
 GET - Transfers the file destination on the remote host to the file source on
the local host.
 PUT - Transfers the file source on the local host to the file destination on the
remote host.
 source - Specifies the file to transfer.
 destination - Specifies where to transfer the file.
TELNET - Telnet is a terminal emulation program, which allows user to perform

commands on a remote computer from a command window.
telnet [-a][-e escape char][-f log file][-l user][-t term][host [port]]
 -a Attempt automatic logon. Same as -l option except uses the currently

logged on user's name.
 -e Escape character to enter telnet client prompt.
 -f File name for client side logging
 -l Specifies the user name to log in with on the remote system. Requires that
the remote system support the TELNET ENVIRON option.
 -t Specifies terminal type. Supported term types are vt100, vt52, ansi and
vtnt only.
 host - Specifies the hostname or IP address of the remote computer to
connect to.

 port - Specifies a port number or service name.
RCP - RCP copies files to and from computer running the RCP service. RCP uses the
Transmission Control Protocol (TCP) to utilize the connected and reliable delivery of
data between the client and the host and can be scripted in a batch file and does not
require a password. The remote host must be running the RSHD service, and the
user’s username must be configured in the remote host’s .rhosts file. RCP is one of
the r-commands available on all UNIX systems.
[NOTES FROM THE FIELD] - Microsoft’s implementation of TCP/IP includes the RCP
client software but not rshd services.
RCP [-a | -b] [-h] [-r] [host][.user:]source [host][.user:] path\destination
 -a Specifies ASCII transfer mode. This mode converts the EOL characters to a
carriage return for UNIX and a carriage return/line feed for personal
computers. This is the default transfer mode.
 -b Specifies binary image transfer mode.
 -h Transfers hidden files.
 -r Copies the contents of all subdirectories; destination must be a directory.
 host Specifies the local or remote host. If host is specified as an IP address
OR if host name contains dots, you must specify the user.
 .user: Specifies a user name to use, rather than the current user name.
 source Specifes the files to copy.
 path\destination Specifies the path relative to the logon directory on the
remote host. Use the escape characters (\ , ", or ') in remote paths to use
wildcard characters on the remote host.
RSH - RSH is a TCP/IP utility that enables clients to run commands directly on
remote hosts running the RSH service without having to log on to the remote host.
RSH is one of the UNIX r-commands that are available on all UNIX systems.
[NOTES FROM THE FIELD] - Microsoft’s implementation of TCP/IP includes the

RSH client software but not the RSH service. If a user on a computer running in a
Windows domain tries to use RSH to run a command on a remote UNIX server that is
running the RSH daemon, the domain controller is required by the RSH client in
order to resolve the username of the user.
REXEC - REXEC runs commands on remote hosts running the REXEC service and
authenticates the user name on the remote host before executing the specified
command.
REXEC host [-l username] [-n] command
 host Specifies the remote host on which to run command.

 -l username Specifies the user name on the remote host.
 -n Redirects the input of REXEC to NULL.
 command Specifies the command to run.
FINGER - FINGER is a TCP/IP utility used for viewing information about a user on a
system running the finger service.

Typing the command finger jason@windowsxp.2000trainers.com displays information

about user Jason on a server called windowsxp.2000trainers.com.
FINGER [-l] [user]@host [...]
 -l Displays information in long list format.

 user Specifies the user you want information about. Omit the user parameter
to display information about all users on the specified host.
 @host Specifies the server on the remote system whose users you want
information about.
[NOTES FROM THE FIELD] - Microsoft’s implementation of TCP/IP includes the

FINGER client software but not the FINGER service. You are able to run the FINGER
client on a machine running a Windows operating system that is connected to the
Internet in order to obtain results from a remote UNIX server running the FINGER
daemon as a FINGER gateway.

Windows XP Remote Assistance
Remote Assistance is a convenient way for level two system technicians (and in
certain cases, knowledgeable friends and associates) to connect to your Windows XP
system and either walk you through any problems you are having locally or to allow
them to take care of it for you.
After Enterprise users log a call to a central help desk either via the phone or the
Enterprise's current trouble call system, (or by one of the ways mentioned later in
this article) Remote Assistance allows the appropriate person to log into your system
to view what you see on your computer screen and chat online with you in real time
through the use of Windows Messenger about what you both see on the local
system. (It is also possible for them to be speaking over the te lephone with you
about what is seen on the local system as well.) If the task is "too difficult" to walk
the user through, the support person can "take over" the session and complete the
task remotely.
[NOTES FROM THE FIELD] - The minimum system requirements needed to

properly utilize Remote Assistance as outlined by Microsoft are that both connecting
systems must be using either Windows Messenger or another MAPI-compliant e-mail
account such as Microsoft Outlook or Outlook Express.
Both systems will need network connectivity, either via the internet or a corporate
WAN/LAN.
On some corporate WANs, firewalls might stop you from using Remote Assistance
depending on whic h ports are being filtered at the firewall.
Remote Assistance runs over the top of Terminal Services technology and uses the
same TCP port used by Terminal Services: port 3389.
Remote Assistance will not work if outbound traffic from TCP port 3389 is blocked.
If you are using Network Address Translation (NAT) in a home environment, you can
use Remote Assistance without any special configurations. However, if you have a
personal firewall or similar lockdowns in your home environment, you will have the
same issues as in a corporate environment, Remote Assistance will not work if
outbound traffic from TCP port 3389 is blocked.
Also, Microsoft Windows XP Professional or Windows XP Home Edition are the only
two systems that can use this functionality. The user requesting assistance and the
user providing the assistance must both be using systems running one of the
versions of Windows XP.
Remote Assistance configuration is accessed and settings are enabled via the System
Properties page on a Windows XP system either by selecting it from the Start Menu

by right clicking My Computer and choosing Properties or by selecting My Computer

from the Windows Explorer and right clicking My Computer and choosing Properties.
see My Computer as a selection to right click on.
Local Administrators and certain permitted individuals have the rights to make
configuration settings for the local systems to allow or prevent remote assistance
invitations. Once the system is properly configured by the Administrator, any user
can make a request for remote assistance.
After the Properties page has been brought up for a local system, it can be set to
allow Remote Assistance invitations by selecting the Allow Remote Assistance
invitations to be sent from this computer checkbox on the Remote tab.

Once this option is set the Advanced button becomes available which displays the
Remote Assistance Settings dialog box when selected.

[NOTES FROM THE FIELD] - The default settings are shown in the image above.
You can configure the Invitation settings in the drop down menu of numbers in a
range from 1 to 99 and the definition box to the right can be set to MINUTES,
HOURS, or DAYS.
The default option of Allow This Computer To Be Controlled Remotely is

selected and allows the person offering the assistance to take over the full control of
the local system. Clearing this check box allows the remote user only the ability to
view a remote session. (Think of it as a "Read Only" session).
Remote Assistance via the Windows Messenger
There are many different ways to solicit help via Remote Assistance. I will outline the
main ways to ask via the local system.
You can ask for Remote Assistance via the Windows Messenger by logging in to the
Windows Messenger and going to Actions on the Menu bar and selecting Ask for
Remote Assistance.
This allows you to select a person from your list of contacts, provided they are online
at the time.

You can also select the Other tab to enter the e-mail address of another person to
contact.
The invitation from the My Contacts list will show up in the conversation window.

Also, if you already have a conversation session established with the person you
want to request help from, you can simply select the Ask for Remote Assistance
button from the I want to....menu.
Once the person accepts the invitation you will see a dialog box asking you to
confirm permission. In order for the session to continue you would need to click Yes.
They can then operate on your system at whatever level of control that has been
allowed. (Either view or full control.)
[NOTES FROM THE FIELD] - The client requesting the remote session maintains
ultimate control of the session even thought they have granted temporary controlling
access to the invitee. Although you relinquish control of your computer temporarily,
you retain control over the Remote Assistance session itself. The client requesting
the remote session can end the session immediately by clicking the Stop Control
button or pressing the ESC key.
Remote Assistance via the Help and Support Center
You can also initiate a session via Help and Support from the Start Menu.

This will open the Help and Support Center where you can ask for assistanc e from
the main menu.
Selecting Invite a friend to connect to your computer with Remote Assistance

from the Ask a friend to help section (from the Support menu on the left section
of the screen, not shown in the above image) will bring you to the next Help and
Support Center window.

From here you can select Invite someone to help you which will open the next
screen to select either a Windows Messenger user or allow you to make a solicitation
by email.

You can select a user from the list and click the Invite this person button which will
bring up the Web Page Dialog box.
[NOTES FROM THE FIELD] - This box will stay open until it is accepted on the
remote end or cancelled on the requesting end.
You can also elect to save your invitation as a file.

When you save the invitation, you can elect to require the recipient to use a
password. (You will have to get this password to the recipient, it is not sent from this
tool.)
Click here for the image.
You can also elect Get Help from Microsoft from the Support menu, which allows
you to choose assistance options from Microsoft.
Click here for the image.
If you choose to Ask a Microsoft Support Professional for help, you'll need to
agree to the End User License Agreement, after which you'll be prompted through a
series of questions to assist you in your troubleshooting effort.
[NOTES FROM THE FIELD] - While I have personally never used this option, I did
fire it up to see how it functioned and it appeared to work just the Windows
Hardware Troubleshooters, where a number of "canned" questions are asked, which
lead to the next question and so on, building the "path" of questioning from the
previous answers. I can't really tell you if you have a "live" Microsoft support person
on the other end, at least not for the number of questions I walked through anyway.
You can also choose to Go to a Windows Web site Forum from the Support menu
and choose the Go to Windows Newsgroups in an attempt to resolve any system
issues you might be having on your own by utilizing information posted there.

NWLink IPX/SPX/NetBIOS Compatible Transport Protocol
NWLink IPX/SPX/NetBIOS Compatible Transport Protocol is the Microsoft

implementation of Novell's Internetwork Packet Exchange/Sequenced Packet
Exchange (IPX/SPX) protocol.
Windows clients can be c onfigured to use NWLink to access client and server
applications running on Novell NetWare servers and / or on intranets where IPX/SPX
or NWLink is the protocol of choice. Windows clients running NWLink and the Client
Service for NetWare or NWLink and Gateway Service for NetWare can connect to
NetWare servers and utilize their file and print services.
NetWare clients can access client and server applications running on Windows 2000
servers by using the protocol as well. NetWare clients running IPX with NetBIOS,
Named Pipes, or Windows Sockets can connect to systems running Windows 2000
with NWLink installed and utilize applications and services on those systems.
NetWare clients running IPX can also connect to systems running Windows 2000
Server with NWLink and File and Print Services for NetWare installed for file and print
services.
NWLink supports Winsock and NetBIOS over IPX networking application

programming interfaces (APIs) which provide interprocess communication (IPC)
services.
Winsock supports existing NetWare applications written to comply with the NetWare
IPX/SPX Sockets interface and NetBIOS over IPX supports communication between
NetWare clients running NetBIOS and systems running Windows XP Professional and
NWLink NetBIOS
In order for any of this to occur on an intranet, the NWLink IPX/SPX/NetBIOS

Compatible Transport Protocol needs to be installed and properly configured on the
Windows XP Professional system..
[NOTES FROM THE FIELD] - NWLink is not installed by default during the
installation of any of the current Windows client and server operating systems. By
default, you must be a member of the Administrators group to install protocols on
any given system.
Windows 95 installed NWLink by default during the operating system installation.
Installing NWLink
There are a number of different ways to go about beginning the installation of

NWLink on a Windows XP Professional system. All of the methods end up bringing
you to Network Connections.
The easiest way to go about it is to right click My Network Places from the Start
Menu and select Properties.

[NOTES FROM THE FIELD] - (Long time readers are sick of this, but I can't
mention it enough.) What your Start Menu options look like all depend on how you
have the menu set. If you are using the Classic Start Menu, you would not see My
Network Places as a selection to right click on.
Once you have opened the Properties of My Network Places you will see the
Network Connections box, as shown below.

In order to add the protocol from here you would need to right click the installed LAN
adapter and select Properties.

Click on Install to open the Select Network Component Type. Since we want to
install a protocol, we will select Protocol and click ADD
Next you will see the Select Network Protocol window where you will be able to
select NWLink IPX/SPX/NetBIOS Compatible Transport Protocol. Once you have done
this and clicked OK the protocol will be installed.
[NOTES FROM THE FIELD] - Windows XP does not require you to restart the
computer after you install new protocols MOST of the time. What you may find that

you need to do is to Disable and then Enable the network adapter to finalize all the
settings. When it is practical, you should restart the system. If you have connectivity
issues with the newly installed protocol, or even the currently installed ones, you're
not going to be able to be sure where to start troubleshooting if you haven't
rebooted the system.
Configuring NWLink
Once NWLink has been installed you need to properly configure it. By default,
NWLink automatically detects the frame type used on the LAN because it is set to
auto detect the network frame type. If NWLink detects no network traffic or if
multiple frame types are detected as in use, NWLink sets the frame type to 802.2.
Each frame type on a IPX network formats data differently for transmission and the
different types are incompatible with each other. Multiple frame types can be used,
but in order for all computers on a network to successfully communicate with one
another they must use the same frame type.
You can determine which external network number, frame type, and internal network
number your routers are using by typing ipxroute config at a command prompt.
IPXroute.exe is a command-line utility that allows Administrators the ability to

modify the NWLink IPX/SPX/NetBIOS Compatible Transport Protocol (NWLink)
settings that affect routing. The Ipxroute utility provides the same functionality as
the Route.exe command-line utility that is supplied by Novell for its MS-DOS-based
clients.
The Ipxroute utility manages the source routing variables of NWLink and is installed
only if the NWLink transport protocol is bound to a network adapter.
Any changes made with IPXroute are valid for the current session only. When you log
off, the settings are lost. To permanently change NWLink settings, you must set
them in the registry.
H:\>ipxroute config
NWLink IPX Routing and Source Routing Control Program v2.00
Num Name Network Node Frame

===================================================
1. IpxLoopbackAdapter 1234cdef 000000000002 [802.2]
2. Local Area Connection 00000000 006097dead6b [EthII]
3. NDISWANIPX 00000000 9a2f20524153 [EthII] -
Legend
======
- down wan line
NWLink IPX Routing and Source Routing Control Program v2.00 included in Windows
2000 and Windows XP displays and modifies information about the routing tables
used by IPX.

H:\>ipxroute
NWLink IPX Routing and Source Routing Control Program v2.00
DEFault Node (Unknown) Addresses are sent SINGLE ROUTE BROADCAST
Broadcast (FFFF FFFF FFFF) Addresses are sent SINGLE ROUTE BROADCAST
Multicast (C000 xxxx xxxx) Addresses are sent SINGLE ROUTE BROADCAST
IPX Routing Options

-------------------
IPXROUTE servers [/type=xxxx]
Servers displays the SAP table for the specified server type. Server type is a 16-bit
integer value. If no type is specified, servers of all types are shown. The displayed
list is sorted by server name.
IPXROUTE ripout network
Ripout discovers the reachability of "network" (specified in host order) by consulting

the IPX Stack's route table and sending out a rip request if necessary.
IPXROUTE resolve guid|name adapter-name
Resolve resolves the name of the given adapter to its guid or friendly version.
Source Routing Options

----------------------
IPXROUTE board=n clear def gbr mbr remove=xxxxxxxxxxxx

IPXROUTE config
 board=n - Specify the board number to check.

 clear - Clear the source routing table
 def - Send packets that are destined for an unknown address to the ALL
ROUTES broadcast (Default is SINGLE ROUTE broadcast).
 gbr - Send packets that are destined for the broadcast address (FFFF FFFF
FFFF) to the ALL ROUTES broadcast (Default is SINGLE ROUTE broadcast).
 mbr - Send packets that are destined for a multicast address (C000 xxxx
xxxx) to the ALL ROUTES broadcast (Default is SINGLE ROUTE broadcast).
 remove=xxxx - Remove the given mac address from the source routing
table.
 config - Displays information on all the bindings that IPX is configured for.
All parameters should be separated by spaces.
You can configure the frame type you wish to use manually by right clicking the
adapter you want to configure and going to the properties page.

On the General tab of the property page for the adapter you would select the
NWLink IPX/SPX/NetBIOS Compatible Transport Protocol and click the Properties
button.

On the General tab of the property page for the protocol you can manually select a
frame type from the drop down window in the Adapter section.
[NOTES FROM THE FIELD] - Windows XP does not require you to restart the
computer after you change the frame type MOST of the time. What you may find
that you need to do is to Disable and then Enable the network adapter to finalize all
the settings, as the system may not have "let go" the auto configured frame type.
When it is practical, you should restart the system. If you have connectivity issues
with the newly set frame type, or even other currently installed protocols, you're no t
going to be able to be sure where to start troubleshooting if you haven't rebooted
the system.
On Ethernet networks, the standard frame type for NetWare 2.2 and NetWare 3.11 is
802.3. For NetWare 3.12 and later, the default is 802.2.
The different network topologies and the frame types supported by NWLink are
outlined in the table below.
Ethernet II, 802.3, 802.2, and Subnetwork Access Protocol

Ethernet supports
(SNAP), which defaults to 802.2
Token Ring supports 802.5 and SNAP

Fiber Distributed Data Interface

802.2 and SNAP
(FDDI) supports
in this series.
"Married people may in fact live longer than single people, but it seems that they are
more willing to die."
in this series.
"I have yet to figure out why people put suits in a garment bag and put garments in
a suitcase"

Domain Name System Overview
Domain Name System (DNS) servers maintain a distributed database used to

translate computer names to Internet Protocol (IP) addresses on Transmission
Control Protocol/Internet Protocol (TCP/IP) networks which includes the internet.
[NOTES FROM THE FIELD] - Being able to install DNS is not a requirement for the
70-270 exam. Understanding the functionality of DNS and how it affects Windows XP
Professional clients in workgroups and within domains is.
In the next few weeks in my Learn Active Directory in 15 Minutes a Week series of
articles I will cover DNS in more depth, including a more in depth view of installing
DNS.
The Microsoft Domain Name System (DNS) is the name resolution service that
resolves Uniform Resource Locator names (URLs) and other DNS names into their
“true” dotted decimal format. http://www.zandri.net translates into a specific
Internet Protocol (IP) address and it is that address resolution that allows you to
reach the server destination you are looking for.
Lookup Queries and Lookup Types
There are two different types of DNS lookup, forward and reverse. A forward lookup
query resolves a DNS name to an IP address and is the most common DNS query. A
reverse lookup query resolves an IP address to a name.
A DNS name server can resolve a query only for a zone for which it has authority.
When DNS servers receive a resolution request, they attempt to locate the requested
information in their own database.
There are two types of queries that can be performed in DNS: Iterative and
Recursive.
A DNS resolution query made from a client to a DNS server where the server returns
the best answer that it can provide based on its local cache or stored zone data is
called an Iterative query. If the server performing the Iterative query does not have
an exact match for the name request, it provides a pointer to an authoritative server
in another level of the domain namespace. The client system will then query that
server and so on and will continue this process until it locates a server that is
authoritative for the requested name or until an error is returned such as name not
found or a time-out condition is met.
A DNS resolution query made from a client to a DNS server in which the server
assumes the full workload and responsibility for providing a complete answer to the
query is called a recursive query.
The server, if it cannot resolve the resolution from it's own database will then
perform separate iterative queries to other servers (on behalf of the client) to assist
in returning an answer to the recursive query and will continue this process until it
locates a server that is authoritative for the requested name or until an error is

returned such as name not found or a time-out condition is met.
Client computers send recursive queries to DNS servers in most cases and usually
the DNS server is set up to make iterative queries to provide an answer to the client.
The following is an example of the query process of a client computer making a

request to a DNS server to resolve the address web address of www.zandri.net.
First the client computer generates a request for the IP address of www.zandri.net
by sending a recursive query to the DNS server that it is configured to use in its
network configuration. (We'll call this server LOCALCFG)
The second step is for LOCALCFG DNS server that has received a recursive query to
look it its local database. If it does find that answer locally it is returned. If it is
unable to locate an entry for www.zandri.net in its own database, it sends an
iterative query to a DNS server that is authoritative for the root of the local domain.
(We'll call this server LOCALROOT)
If the LOCALROOT DNS server, which is authoritative for the root domain, has the
answer in its local database it sends a response to LOCALCFG. If the LOCALROOT
DNS server is unable to locate an entry for www.zandri.net in its database, it sends a
reply to the querying DNS server (LOCALCFG) with the IP addresses of DNS servers
that are authoritative for the .net domain. (If it were .com you would be sent the IP
addresses of DNS servers that are authoritative for the COM domain. If it were .org
you would be sent the IP addresses of DNS servers that are authoritative for the
ORG domain and so on.) We'll call this server DNSNET.
The DNS server that received the client recursive query (LOCALCFG) sends an
iterative query to a server that is authoritative for the .net domain (DNSNET).
If the DNS server that is authoritative for the .net domain (DNSNET) has an entry for
www.zandri.net in its local cache it will return it to LOCALCFG. If DNSNET is unable
to locate an entry for www.zandri.net in its database, it sends a reply to the querying
DNS server (LOCALCFG) with the IP addresses of DNS servers that are authoritative
for the zandri.net domain. (We'll call this server ZANDRIDNS).
The DNS server that received the client recursive query (LOCALCFG) sends an
iterative query to a server that is authoritative for the zandri.ne t domain.
(ZANDRIDNS)
The DNS server that is authoritative for the zandri.net domain (ZANDRIDNS) locates
an entry for www.zandri.net in its database and sends a reply to the querying DNS
server (LOCALCFG) with the IP address of www.zandri.net.
The DNS server (LOCALCFG) that received the recursive query sends a reply to the
client computer with the IP address of www.zandri.net.
If you have any questions, comments or even constructive criticism, please feel free
to drop me a note.
I want to write solid technical articles that appeal to a large range of readers and
skill levels and I can only be sure of that through your feedback.

Configuring Windows XP Professional as a DNS Client
Windows 2000 Domain Name System (DNS) servers maintain a distributed database
used to translate computer names to Internet Protocol (IP) addresses on
Transmission Control Protocol/Internet Protocol (TCP/IP) networks which includes the
internet.
[NOTES FROM THE FIELD] - Being able to install DNS is not a requirement for the
70-270 exam. Understanding the functionality of DNS and how it affects Windows XP
Professional clients in workgroups and within domains is.
In the next few weeks in my Learn Active Directory in 15 Minutes a Week series of
articles I will cover DNS in more depth, including a more in depth view of installing
DNS.
The Microsoft Domain Name System (DNS) is the name resolution service that
resolves Uniform Resource Locator names (URLs) and other DNS names into their
“true” dotted decimal format. http://www.zandri.net translates into a specific
Internet Protocol (IP) address and it is that address resolution that allows you to
reac h the server destination you are looking for.
For this reason you are going to need to be sure that TCP/IP is installed on the client
system you wish to configure as a DNS client.
[NOTES FROM THE FIELD] - There are other methods available for configuring
TCP/IP name resolution on Windows XP Professional clients. Most of these will not
work on the internet or on networks for Active Directory purposes. Windows Internet
Name Servic e (WINS) can perform NetBIOS-to-IP name resolution and Hosts and
Lmhosts files can be manually configured to provide host -to-IP and NetBIOS-to-IP
name resolution. It is also possible (but usually not desirable) to use b-node
broadcasts to perform NetBIOS name resolution within the local subnet.
To configure your Windows XP Professional system as a DNS client you need to

either go to the Control Panel and click Network And Internet Connections or go to
My Network Places on the start menu, right click it and choose Properties.

In the Network Connections window you would right click your Local Area Connection
(which is the default location to set the local system as a DNS client) and choose
Properties.
On the property page for the Local Area Connection you would highlight the TCP/IP
protocol on the general tab and select the Properties button.

The image below shows a client configured to use the DHCP (as the Obtain an IP
address automatically radio button is set) or APIPA service (in the event the DHCP
server is unavailable). This is also the default selection for the TCP/IP properties at
operating system installation and/or protocol installation when the Typical Settings
radio button is selected.
The client can be configured to use a static (fixed) or dynamic IP address. In either
case, configuring the system as a DNS client is exactly the same.

[NOTES FROM THE FIELD] - Windows XP Professional, like Windows 98 and

Windows 2000, uses Automatic Private IP Addressing which will provide DHCP clients
an IP address and limited network connectivity (usually the same subnet only) in the
event a DHCP server is unavailable. The Automatic Private IP Addressing feature
uses the reserved 169.254.0.0 through 169.254.255.255 IP address range and is
enabled by default, but it can be disabled by configuring the settings on the client to
use an alternate configuration if a DHCP server cannot be located.
When you select the Obtain DNS Server Address Automatically option, your
network's Dynamic Host Configuration Protocol (DHCP) server will provide the IP
address of a DNS server to the client.
When you elect to choose Use The Following DNS Server Addresses, you will
manually list the IP address of the Preferred DNS Server and the optional Alternate
DNS Server address that you want the client to use.
You can also click on the Advanced button and enter these values as well as some
other settings.

You can set the client's DNS server addresses in the upper box and arrange them in
order of use from top to bottom (the first two entries of which will be any settings
you provided on the main TCP/IP page) by entering them with the Add button and
using the arrows on the right side to change their order.
There are also other sections on this property page where more settings can be
configured. The Append Primary And Connection Specific DNS Suffixes option
is selected by default and this setting tells the DNS resolver to append the client
name to the primary domain name, as well as the domain name defined in the DNS
Domain Name field. The resolver then searches for the Fully Qualified Domain Name.
If the search for the Fully Qualified Domain Name fails, the DNS resolver will use the
entry (if any) supplied in the DNS Suffix For This Connection text box.
If the DHCP server has been enabled to configure this connection and you do not
specify a DNS suffix, the connection is assigned by the DHCP server. If you specify a
DNS suffix, it is used instead.
The Append Parent Suffixes Of The Primary DNS Suffix check box is enabled by
default and this configuration causes the DNS resolver to drop the leftmost portion of
the primary DNS suffix and attempt to use the resulting domain name. If this fails, it
continues dropping the next leftmost name and repeating this process until only two

names such as 2000Trainers and COM remain. Rather than do this, you might opt to
set the Append These DNS Suffixes (In Order) radio button which will allow you
to specify a list of domains for the DNS resolver to try. The DNS resolver will attempt
each one of these suffixes, one at a time and in the order you specified in the text
box. Any attempts are limited to the domains that you have listed in here.
You can also select the Register This Connection's Addresses In DNS check box
which will cause the client itself to attempt to dynamically register the IP addresses
via DNS with its full computer name as shown on the Computer Name tab of the
System properties page.
The last available option to set from this property page is the Use This
Connection's DNS Suffix In DNS Registration check box which uses DNS
dynamic updates to register the IP addresses and the connection-specific domain
name. The connection-specific name is the computer name, (the first label of the full
computer name specified in the Computer Name tab), and the DNS suffix of this
connection. If the Register This Connection's Addresses In DNS check box is
selected, this registration enabled here is in addition to the DNS registration of the
full computer name.
skill levels and I can only be sure of that through your feedback. Until next time,
best of luck in your studies and remember,
I remember how my mother taught me RELIGION - "You better pray that will come
out of the carpet."

Windows XP Professional in Active Directory Environments
Active Directory Logical Architecture
Forests
The Windows 2000 Active Directory forest is the collection of one or more Microsoft
Windows 2000 domains that share a common schema, configuration, and global
catalog. You will find all different types of clients in this setup, everything from
Windows 9x systems up to and through Windows XP Professional. You may even find
Windows NT3.51, NT4 and 2000 member servers in a Windows 2000 Forest as well.
[NOTES FROM THE FIELD] - What you will not find unless its been hacked to do so
is a Windows XP Home edition system as a member of a domain. This is not a
supported configuration. Windows XP Professional is the only version of Windows XP
that allows users to join and be managed by the domain. This is outlined in full detail
here in the Windows XP in a Domain Environment article on the Microsoft web site.
The domain namespace of the domain trees in the forest is not always a contiguous
namespace. If there is a single tree in the forest, it will have a common domain
namespace. Since there can be more than one domain tree in a forest (it is not a
requirement, but it is allowed) these different domain trees will have their own
individual contiguous namespaces.
All of the domains in a domain tree and all of the trees in a single forest have the
connectivity benefit of the two-way, transitive trust relationship, which is the default
trust relationship between Windows 2000 domains. A two-way, transitive trust, by
definition, is really the combination of a transitive trust and a two-way trust. This
complete trust between all domains in an Active Directory domain hierarchy helps to
form the forest as a single unit via its common schema, configuration, and global
catalog.
The first Windows 2000 domain installed in the forest is considered to be the forest
root domain.
[NOTES FROM THE FIELD] - Much of this information is an Exam Requirement for
both the 70-217 AND the 70-219 exams. You need to have a high understanding of
this material for the 70-270 exam.
Click here for image #1.
This image is a single Windows 2000 Forest with two domain trees. Zandri.net and
Gunderville.com are both in the same forest, yet both of their domain namespaces
have different name.
Trees
Domain trees within the Windows 2000 Active Directory forest are a set of Windows
2000 domains connected together via a two-way transitive trust, sharing a common
schema, configuration, and global catalog.
In order to be considered a true Windows 2000 domain tree, the domains must form

a contiguous hierarchical namespace with one domain being the domain root.
The first Windows 2000 domain installed in a tree is considered to be the root
domain of that tree. It would only be considered the forest root domain if it was also
the first domain in the forest.
[NOTES FROM THE FIELD] - In the above image we see that Zandri.net is linked
"down" to Gunderville.com. This is usually designed to show that it is the forest root
domain. When the domain tree Zandri.net was first installed it was installed as the
root of the Zandri.net tree and the root of the Active Directory Forest. When
Gunderville.com was first installed it was installed into an existing forest and as the
root of its own domain tree. br>
In the above image, the Zandri.net tree has two child domains installed in its tree,
Northamerica.Zandri.net and Southamerica.Zandri.net. Likewise, Gunderville.com
has two child domains installed in its tree, Northamerica.Gunderville.com and
Southamerica.Gunderville.com. This shows the contiguous hierarchical namespace
within the domain trees.
Trust Relationships
All of the domains in a domain tree and all of the trees in a single forest have the
connectivity benefit of the two-way, transitive trust relationship, which is the default
trust relationship between Windows 2000 domains. A two-way, transitive trust by
definition is really the combination of a transitive trust and a two-way trust. This
complete trust between all domains in an Active Direc tory domain hierarchy helps to
form the forest as a single unit via its common schema, configuration, and global
catalog.
Transitive trusts are a relationship that extends from one domain to the next, to the
next and so on. In the above example, Northamerica.Zandri.net indirectly trusts
Southamerica.Zandri.net because the trust relationship travels from
Northamerica.Zandri.net to Zandri.net to Southamerica.Zandri.net. Because
Northamerica.Zandri.net to Zandri.net is a direct trust and Zandri.net to
Southamerica.Zandri.net is a direct trust and all trusts in a Windows 2000 Active
Directory are transitive by default, Northamerica.Zandri.net indirectly trusts
Southamerica.Zandri.net.
This is also the same relationship of Northamerica.Zandri.net to

Southamerica.Gunderville.com. Since they are all in the same forest and connected
by a common schema, configuration, and global catalog and the fact that all
Windows 2000 Active Directory are transitive by default, the following is true:
Since Northamerica.Zandri.net directly trusts Zandri.net and Zandri.net directly

trusts Gunderville.com and Gunderville.com directly trusts
Southamerica.Gunderville.com then Northamerica.Zandri.net indirectly trusts
Southamerica.Gunderville.com.
A two-way trust can be simply looked at as two one way trusts between two
domains. When Zandri.net trusts Northamerica.Zandri.net this is a one way trust.
When Northamerica.Zandri.net trusts Zandri.net this is another one way trust. It is
considered two way because each trust the other in the same reverse manner that
they are trusted.

This would also be where Zandri.net trusts Gunderville.com and Gunderville.com

trusts Zandri.net. Since these two domain trees are in the same forest, they each
trust the other and all of their child domains. (two way and transitively.)
Again, all of the domains in a domain tree and all of the trees in a single forest have
the connectivity benefit of the two-way, transitive trust relationships, which are the
default trust relationships between Windows 2000 domains.
This IS NOT true of domains and domain trees OUTSIDE of the forest. (This is
referred to as an External trust.)
For example, if Zandri.net were corroborating a project with 2000trainers.com,

where users in the 2000trainers.com Windows 2000 domain needed access to
resources within the Zandri.net Windows 2000 domain, the domain administrator for
Zandri.net would have to manually set up a trust relationship with 2000trainers.com
where Zandri.net trusted 2000trainers.com so that users in 2000trainers.com could
gain access to the resources they needed. This would not give users in Zandri.net
access to any resources in 2000trainers.com, as the manual setup of a one way trust
does not automatically allow for the "reverse" one way trust, making
2000trainers.com trust the users of Zandri.net.
Also, the trust is in no way transitive. If there was situation where a trust was
established from Zandri.net to 2000trainers.com and there was a child domain of
2000trainers.com called Forums.2000trainers.com, users of
Forums.2000trainers.com do not gain access to any of the resources in Zandri.net,
even though those resources might be included in the common schema,
configuration, and global catalog of the 2000trainers.com Active Directory. The trust
that exists is only between 2000trainers.com and Zandri.net alone and it has been
set in this example only so that users in 2000trainers.com can access resources in
the Zandri.net domain. If access to Zandri.net is required by users of the
forums.2000trainers.com Windows 2000 domain, then another one way, external,
non-transitive trust would need to be established.

External trusts can be created between different Windows 2000 forests or to a

Windows NT domain (sometimes called a down-level domain) or a Kerberos version 5
realm.
You can combine two one-way trusts to create a two-way trust relationship, where
2000trainers.com trusts Zandri.net and Zandri.net trusts 2000trainers.com,
however, even these are NOT TRANSITIVE, since they are from different Windows
2000 Active Directory forests.
[NOTES FROM THE FIELD] - Users of the 2000trianers domain would be able to
access resources they had been give permission to in the Zandri.net domain, but this
does not necessarily allow them access to the other domains in the forest such as
Northamerica.Zandri.net, Southamerica.Zandri.net nor any of the Gunderville.com
domain tree.
If you have any questions, comments or even constructive criticism, please feel free
to drop me a note.
skill levels and I can only be sure of that through your feedback.
Until next time, best of luck in your studies and remember,
Of all the OXYMORONS there are, Found Missing and Clearly Misunderstood are two
of my favorites.

Understanding Compression and Encrypted File Systems
The Windows XP Professional operating system allows for both compression and
encryption natively within the operating system by setting given attributes on the
files and folders. Both of these functions are mutually exclusive of each other and
only one or the other can be enacted on a particular file or directory at any given
time.
[NOTES FROM THE FIELD] - What you can do is compress an entire directory and
all of the files and folders within that directory and then go in and elect to encrypt
select files which will remove the compression bit from those selections that will be
come encrypted. A file or folder cannot be both encrypted and compressed at the
same time under Windows 2000 or XP Professional natively by the operating system
itself.
There is a Compressed Folders feature within Windows XP Professional which

provides the ability to create compressed folders and view their contents much in the
manner that many other programs such as PKZip and WinZip perform. This article
deals with the operating system / attribute driven level of compression and not this
particular utility.
It is important to note that compressed folders of this nature, created through the
use of the Compressed Folders feature within Windows XP Professional, CAN be
encrypted on NTFS partitions and CAN be compressed (only) on FAT16 and FAT32
partitions.
You can compress a folder by selecting the folder, right clicking it and choosing
Properties. On the GENERAL tab of the properties page you would select the
Advanced button in order to bring up the Advanced Attributes page, as shown below.
On the Advanced Attributes page you would go down to the Compress or Encrypt

attributes section where you can choose one checkbox to compress the contents or
the other to encrypt them.
[NOTES FROM THE FIELD] - Strangely enough, the options to target are check
boxes, which normally denote the ability to choose more than one selection. (Radio
buttons are normally used in a situation where only one option from a number of
given ones can be selected.) Regardless of which, if you attempt to select both, you
will find that your second choice in this section undoes your first selection.
I think the decision to program this property page in this way stems from the fact
that you cannot unselect a radio button by clicking on it a second time as you can a
checkbox. (This is just my thought on this. This is not backed up by any facts.) If
you want to make a folder and the contents "normal" by neither encrypting them nor
compressing them, you'd clear the checkboxes.
Once you elect to compress the folder by selecting that checkbox you would click OK
and it would seem as if nothing has happened, and actually, nothing has. Until you
click APPLY or OK to the main property sheet, you will not be given any further
options for this operation.
At that time, the next options are available as shown below.
If you elect to apply changes t o the folder only, only the folder itself will become
compressed. What this means is that anything currently in the folder will keep it's
current compression state. (In most cases this would mean that the files and other
folders within that folder will remain uncompressed.) Anything added to that folder
from that point forward will become compressed as it is copied to or moved to the
folder.
[NOTES FROM THE FIELD] - Any encrypted file that is moved to or copied to that
compressed folder will remain encrypted and will NOT become compressed and
hence unencrypted. If the encrypted file that was moved to that folder is right
clicked and has the encryption attribute removed it will NOT become compressed
automatically.

The only way to compress that file is to individually right click it and choose to
compress it or to MOVE it out of and then back into the folder. Simply copying it out
to a temporary location and then back in with the OVERWRITE option will NOT cause
it to become compressed even if changes were made to the copied out version.
This means that if an encrypted document is unencrypted in a compressed folder it

will be in a normal state. If another copy of that document exists somewhere else on
the system and it is in a compressed state and editing is performed on it and then
saved and then that compressed and updated copy is copied over the older version,
that older version will still be uncompressed in that folder that is supposed to
compress all new files that are copied in. The updates to the text will be present, but
the file will still be uncompressed.
This is because the attributes to the file are not carried over with the changes to the
file itself.
This also works for the reverse, from not compressed to compressed.
If you elect to apply changes to the folder and all of the files and subfolders
contained within the folder, they will all become compressed.
If you elect to remove compression from the folder itself and choose to make the
attribute changes to the folder only, all the files in the folder that were compressed
before will remain compressed as you move them around the local system.
When you effect changes to the folder and all of the files subfolders contained within,
all of the files will be come uncompressed.

[NOTES FROM THE FIELD] - If there is a file within the folder that is to be
uncompressed that is in an encrypted state, it will stay encrypted as the encrypted
attribute of that file is not affected by the clearing of the compression attributes of
the other files around it and the fold it's in.
You can select to view compressed and encrypted files in different colors so that you
know the state of the file by quickly looking at it.
[NOTES FROM THE FIELD] - In the example above, the file denoted in blue
lettering is compressed and the one in green lettering is encrypted. This can be set
by going in to the Windows Explorer and choosing Tools and then Folder Options.
On the View tab of the pop up box is where you would select the Show encrypted of
compressed NTFS files in color checkbox to enable this feature.

If you copy an attribute set compressed file to a FAT16 or a FAT32 partition or to a

floppy disk, it will lose its compression attribute.
The overall rules for compression are as follows:
 Copying a file within the same NTFS volume causes the file to inherit the
compression state of the target folder. When you copy a compressed file to an
uncompressed folder, the file is automatically uncompressed.
 Moving a file or folder within the same NTFS volume causes the file or
folder to retain its original compression state. When you move a compressed
file to an uncompressed folder, the file remains compressed.
 Copying a file or folder from one NTFS volume to another causes the
file or folder to inherit the compression state of the target folder. When you
copy a compressed file from one NTFS volume to another, where the
target folder is uncompressed, the file is automatically uncompressed.
 Moving a file or folder from one NTFS volume to another causes the file
or folder to inherit the compression state of the target folder. Windows XP
Professional treats a move (cut and paste) as a copy and a delete, the files
inherit the compression state of the target folder.
 Moving or copying a file or folder to a FAT16 or FAT32 volume -
Windows XP Professional supports attribute driven compression only on the
NTFS file system, so when you move or copy a compressed NTFS file or folder
to a FAT volume, (12, 16 or 32) Windows XP Professional will automatically

uncompress the file or folder. If you need to maintain some level of

compression in this scenario you can use the Compressed Folders feature
within Windows XP Professional.
 Moving or copying a compressed file or folder to a floppy disk or other
removable media - Windows XP Professional supports attribute driven
compression only on the NTFS file system, so when you move or copy a
compressed NTFS file or folder to most types of removable media, Windows
XP Professional will automatically uncompress the file or folder because most
forms of removable media do not support the NTFS file system. If you need to
maintain some level of compression in this scenario you can us e the
Compressed Folders feature within Windows XP Professional.
Best practices state that you should not attempt to set the compression attribute on
software compressed files and folders such as ones set by PKZip and/or WinZip or
folders that are compressed by using the Compressed Folders feature within
Windows XP Professional because the operating system will attempt to further
compress the files. This will not yield any additional savings of space on the hard
drive and will unnecessarily burn CPU cycles in the process.
You should also attempt to compress data that is not often modified, as there is
some system overhead to uncompressing the files to open them for editing and then
compressing them again. This also is the same for files that are moved or copied
often. When a compressed file is copied, it is uncompressed, copied, and then
compressed again as a new file (depending on its final destination as outlined
above.)
[NOTES FROM THE FIELD] - What you can do is compress an entire directory and
all of the files and folders within that directory and then go in and elect to encrypt
select files which will remove the compression bit from those selections that will be
come encrypted. A file or folder cannot be both encrypted and compressed at the
same time under Windows 2000 or XP Professional natively by the operating system
itself.
There is a Compressed Folders feature within Windows XP Professional which

provides the ability to create compressed folders and view their contents much in the
manner that many other programs such as PKZip and WinZip perform. This article
deals with the operating system / attribute driven level of compression and not this
particular utility.
It is important to note that compressed folders of this nature, created through the
use of the Compressed Folders feature within Windows XP Professional, CAN be
encrypted on NTFS partitions and CAN be compressed (only) on FAT16 and FAT32
partitions.
You can encrypt a folder by selecting the folder, right clicking it and choosing
Properties.

On the GENERAL tab of the properties page you would select the Advanced button in
order to bring up the Advanced Attributes page, as shown below.

On the Advanced Attributes page you would go down to the Compress or Encrypt
attributes section where you can choose one checkbox to compress the contents or
the other to encrypt them.

[NOTES FROM THE FIELD] - Strangely enough, the options to target are check
boxes, which normally denote the ability to choose more than one selection. (Radio
buttons are normally used in a situation where only one option from a number of
given ones can be selected.) Regardless of which, if you attempt to select both, you
will find that your second choice in this section undoes your first selection.
I think the decision to program this property page in this way stems from the fact
that you cannot unselect a radio button by clicking on it a second time as you can a
checkbox. (This is just my thought on this. This is not backed up by any facts.) If
you want to make a folder and the contents "normal" by neither encrypting them nor
compressing them, you'd clear the checkboxes.
Once you elect to encrypt the folder by selecting that checkbox you would click OK
and it would seem as if nothing has happened, and actually, nothing has. Until you
click APPLY or OK to the main property sheet, you will not be given any further
options for this operation.
At that time, the next options are available as shown below.

If you elect to apply changes to the folder only, only the folder itself will become
encrypted. What this means is that anything currently in the folder will keep its
current state which is unencrypted. Anything added to that folder from that point
forward will become encrypted as it is copied to or moved to the folder.
Once you hit OK you will see the progress of the encryption attribute being set on all
the files and subfolders as you have selected.
[NOTES FROM THE FIELD] - Any encrypted file that is moved to or copied to a
compressed folder will remain encrypted and will NOT become compressed and
hence unencrypted.

If the encrypted file that was moved to that folder is right clicked and has the
encryption attribute removed it will NOT become compressed automatically.
The only way to compress that file is to individually right click it and choos e to
compress it or to MOVE it out of and then back into the folder AFTER the encryption
bit has been turned off for that file. Simply copying it out to a temporary location and
then back in with the OVERWRITE option will NOT cause it to become compressed
even if changes were made to the copied out version.
This means that if an encrypted document is unencrypted in a compressed folder it

will be in a normal state, (not encrypted nor compressed). If another copy of that
document exists somewhere else on the system and it is in a compressed state and
editing is performed on that copy and then saved at that location of the hard drive
and then that compressed and updated copy is copied over the older version, that
older version will still be uncompressed in that folder that is supposed to compress
all new files that are copied in. The updates to the text will be present, but the file
will still be uncompressed.
This is because the attributes to the file are not carried over with the changes to the
file itself.
This also works for the reverse, from not compressed to compressed.
If you elect to apply changes to the folder and all of the files and subfolders
contained within the folder, they will all become encrypted.
If you elect to remove encryption from the folder itself and choose to make the
attribute changes to the folder only, all the files in the folder that were encrypted
before will remain encrypted and if you copy them within the partition those
individual files will remain encrypted. All new files c opied to or created in that folder
will no longer have the encryption bit set.
When you effect changes to the folder and all of the files subfolders contained within,
all of the files will become decrypted.

[NOTES FROM THE FIELD] - If there is a file within the folder that is to be
uncompressed that is in an encrypted state, it will stay encrypted as the encrypted
attribute of that file is not affect ed by the clearing of the compression attributes of
the other files around it and the fold it's in.
You can select to view compressed and encrypted files in different colors so that you
know the state of the file by quickly looking at it.
[NOTES FROM THE FIELD] - In the example above, the folders denoted in blue
lettering are compressed and the ones in green lettering are encrypted. This can be
set by going in to the Windows Explorer and choosing Tools and then Folder Options.

On the View tab of the pop up box is where you would select the Show encrypted of
compressed NTFS files in color checkbox to enable this feature.
If you copy an attribute set encrypted file to a FAT16 or a FAT32 partition or to a

floppy disk, it will lose its encryption attribute.
Strangely enough, when you perform this same action under Windows 2000 you will
not receive this message. You will simply be able to perform your action without the
warning.

The overall rules for encryption are as follows (and they are different than
compression):
 When moving or copying a file within the same NTFS volume an

encrypted file will not inherit the encryption state of the target folder when
that folder is unencrypted. When you copy or move an encrypted file to an
unencrypted folder, the file is still encrypted. If you have enabled a folder to
encrypt files and you move or copy an unencrypted file to it, it will become
encrypted at that point.
 When copying or moving a file or folder from one NTFS volume to
another an encrypted file will not inherit the encryption state of the target
folder when that folder is unencrypted. When you copy or move an encrypted
file to an unencrypted folder, the file is still encrypted. If you have enabled a
folder to encrypt files and you move or copy an unencrypted file to it, across
partitions, it will become encrypted at that point.
 Moving or copying a file or folder to a FAT16 or FAT32 volume -
Windows XP Professional supports attribute driven encryption only on the
NTFS file system, so when you move or copy an encrypted NTFS file or folder
to a FAT volume, (12, 16 or 32) the encryption attribut e will be lost.
 Moving or copying a compressed file or folder to a floppy disk or other
removable media - Windows XP Professional supports attribute driven
encryption only on the NTFS file system, so when you move or copy an
encrypted NTFS file or folder to most types of removable media, the
encryption attribute will be lost because most forms of removable media do
not support the NTFS file system.
If you should remove encryption from the parent folder only, all the files and
subfolders remain encrypted and any new files or folders moved, copied or created in
the parent folder will be in an unencrypted state.


Winxp Professional Networking

Caricato da

Informazioni sul documento

Titolo originale

Copyright

Formati disponibili

Condividi questo documento

Condividi o incorpora il documento

Opzioni di condivisione

Hai trovato utile questo documento?

Questo contenuto è inappropriato?

Copyright:

Formati disponibili

Winxp Professional Networking

Caricato da

Copyright:

Formati disponibili

MCSE

This article covers attended installations of Windows XP Professional from a CD-ROM.

Installing Windows XP Professional from a CD-ROM to a clean hard disk consists of

Networking components - Installs the networking components that allow the

Prepared By Sardar Azeem Computer H/w And Network Engineer abbottabad

If your computer does support booting from a CD-ROM, or if network-based

Prepared By Sardar Azeem Computer H/w And Network Engineer abbottabad

You are then prompted to select a partition on which to install Windows XP

(The above example shows a partitioned and formatted drive)

Prepared By Sardar Azeem Computer H/w And Network Engineer abbottabad

Prepared By Sardar Azeem Computer H/w And Network Engineer abbottabad

Prepared By Sardar Azeem Computer H/w And Network Engineer abbottabad

If you incorrectly type the key, an error message will be generated.

Prepared By Sardar Azeem Computer H/w And Network Engineer abbottabad

Prepared By Sardar Azeem Computer H/w And Network Engineer abbottabad

Installing Windows XP Professional networking components involves the following

Prepared By Sardar Azeem Computer H/w And Network Engineer abbottabad

The Typical (selected by default) installation includes the following options:

 Client For Microsoft Networks. Allows your computer to access network

Prepared By Sardar Azeem Computer H/w And Network Engineer abbottabad

to your network properly upon restart.)

Workgroup or Computer Domain - This section allows you to choose to join a

Prepared By Sardar Azeem Computer H/w And Network Engineer abbottabad

The Registration of your Windows XP Professional software IS NOT REQUIRED. You

Prepared By Sardar Azeem Computer H/w And Network Engineer abbottabad

Prepared By Sardar Azeem Computer H/w And Network Engineer abbottabad

At least one name needs to be entered.

This first user becomes a local administrator by default.

Prepared By Sardar Azeem Computer H/w And Network Engineer abbottabad

Upgrading To Windows XP Professional

Before we get started with a direct upgrade to Windows XP Professional we need to

Windows XP Supported Upgrade Paths

Microsoft Windows 98 Second Edition

Microsoft Windows Millennium Edition

 Windows XP Home Edition Retail (Full) Version

Microsoft Windows NT 4.0 Workstation

 Windows XP Professional Retail (Full) Version

Microsoft Windows 2000 Professional

 Windows XP Professional Retail (Full) Version

Microsoft Windows XP Home Edition

 Windows XP Professional Retail (Full) Version

All Versions of Windows NT 4.0 require Service Pack 5 to be installed prior to

Microsoft Windows 3.x

Microsoft Windows NT 3.51 Workstation

Microsoft Windows NT 3.51 Server

Microsoft Windows NT 3.51 Server with Citrix

Prepared By Sardar Azeem Computer H/w And Network Engineer abbottabad

Microsoft BackOffice Small Business Server

Having this information available or knowing where to look it up is important before

Prepared By Sardar Azeem Computer H/w And Network Engineer abbottabad

Additional Installation Methods of Windows XP Professional

This article covers the additional installation methods of Windows XP Professional of

Installing Windows XP Professional over the Network

Prepared By Sardar Azeem Computer H/w And Network Engineer abbottabad

[NOTES FROM THE FIELD] - WINNT.EXE and WINNT32.EXE can be modified by

Modifying the Setup Process Using WINNT.EXE switches

Modifying the Setup Process Using WINNT.EXE32 switches

 On Windows 98 or Windows Me upgrade checks, the default

Prepared By Sardar Azeem Computer H/w And Network Engineer abbottabad

Specifies a specific command that Setup is to run. This command is run

Each level includes the level below it.

Prepared By Sardar Azeem Computer H/w And Network Engineer abbottabad

Installing Windows XP Professional using Windows Setup Manager.