Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
2013
Networking With XP Professional
Sardar Azeem
Azeem_aag2000@yahoo.com contact
03135879331
MCSE 2013
Sardar Azeem Page 1 3/27/2013
Introduction
Contents:
Attended Installation
Upgrading To Windows XP Professional
Additional Installation Methods
RIS Installations
Troubleshooting Setup
Disk Management
Using the Disk Management Tool
File Systems Overview
Using the Files and Settings Transfer Wizard
Managing Users Accounts
Managing Groups
TCP/IP Protocol
Troubleshooting TCP/IP
Remote Assistance
NWLink IPX/SPX/NetBIOS Compatible Transport Protocol
Understanding DNS
Configuring Windows XP Professional as a DNS Client
Windows XP Professional in Active Directory Environments
Understanding Compression and Encrypted File Systems
Attended Install of Windows XP Professional
Running the Setup program - Partitions and formats the hard disk (if required) for
the installation to proceed and copies the files necessary to run the Setup Wizard.
Running the Setup Wizard - Requests setup information about the local
workstation where the installation is taking place.
Completing the installation - This final phase copies files to the hard drive and
configures the final stages of the setup.
There are some noted differences in the Windows XP Professional installation and
older Windows NT4 and Windows Professional installations.
The design of the installation program assumes that your system has the ability to
boot directly from a CD-ROM or that you will use a Windows 95/98/ME boot floppy to
begin installing from a CD. The ability to directly create setup floppies has been
dropped from Windows XP. Setup boot disks are available only by download from
Microsoft. The Setup boot disks are available so that you can run Setup on
computers that do not support a bootable CD-ROM.
There are six Windows XP Setup boot floppy disks. These disks contain the files and
drivers that are required to access the CD-ROM drive through generic PCI drivers and
begin the Setup process.
Setup will not prompt the user to specify the name of an installation folder unless
you are performing an unattended installation or using winnt32 to perform a clean
installation.
By default, the Setup Wizard installs the Windows XP Professional operating system
files in the WINDOWS folder. If this folder exists on the partition you have chosen for
the install, setup will warn you that you are about to overwrite the current operating
system installed on that partition. In order to keep it (e.g. dual or multi booting
scenario) you would need to choose another partition for the installation.
To start the Setup program, insert the Windows XP Professional installation CD-ROM
in your CD-ROM drive
If an operating system is detected on the hard drive, the following message will
appear:
In this scenario, you would need to press any key on the keyboard to continue with
the CDROM installation.
After the computer starts, a minimal version of Windows XP Profe ssional is copied
into memory. This version of Windows XP Professional starts the Setup program.
After all of the files are copied and the system is restart ed, the text-mode portion of
Setup is started which prompts you to read and accept a licensing agreement.
You would select "F8-I agree" to continue. (If you elect not to accept the agreement,
the installation will end)
Once a partition has been selected the next step is to select a f ile system for the new
partition. Next, Setup formats the partition with the selected file system. (This would
assume that a file system didn't currently exist. In this example, one already does
and it is formatted in NTFS so I have elected to leave it as is. Any formatting done
here during setup will destroy any existing data on the partitions formatted.)
From here Setup copies files to the hard disk and saves configuration information.
Setup restarts the computer once the file copy is completed and then starts the
Windows XP Professional Setup Wizard, the graphical user interface (GUI) portion of
Setup.
The GUI-based Windows XP Professional Setup Wizard is the next stage of the
installation process.
Regional settings - In this section you are able to customize settings to your
language and where you live as well as setup Windows XP Professional to use
multiple languages and regional settings.
Personalize your Software - In this sec tion you can enter the name of the person
and the organization to which this copy of Windows XP Professional is licensed. This
can be your own name and nothing in the organization field or the name of the
company in both places if this installation is being performed in a place of business.
Software installed on the system later will often use this information for product
registration and document identification.
Your Product Key - This page is where you enter your 25-character product key in
order to install the software.
Computer Name And Administrator Password - Here you enter a name for the
computer or use the auto generated one that Windows XP Professional provided.
The computer name will always display in all uppercase letters, no matter how you
type it. The name is not case sensitive.
In the Administrator Password box on the same screen, you will enter the password
to be used for the administrator account and in the Confirm Password box you will
re-enter it to make sure that it is entered correctly.
If the passwords do not match, the above error message will appear and you will
need to enter them again.
Modem Dialing Information - This section will begin only if an installed modem
has been found on your system.
Enter the correct country or region if it is not selected. (It should match your
selection from the Regional settings page.) Type your area code or city code and
any number you might need to dial to get an outside line. You can also select either
tone or pulse dialing on this page as well.
Date and Time Settings - This section of Setup allows you to verify that the correct
date, time and time zone are entered and whether or not the system should adjust
itself automatically at the daylight savings times events each year.
Network Settings - The next section of setup deals entirely with installing the
Windows XP Professional networking components on your system.
processes:
Detect network adapter cards - The Setup Wizard detects and configures any
network adapter cards installed on the computer. By default, it attempts to locate a
DHCP server on the network. If none is found it will use an Automatic Private IP
Addressing (APIPA) IP address. (The APIPA IP address feature of Windows XP
Professional automatically configures a unique IP address from the range
169.254.0.1 to 169.254.255.255 and a subnet mask of 255.255.0.0 when TCP/IP is
configured for dynamic addressing and a DHCP server is not available.)
Select networking components - The Setup Wizard prompts you to choose typical
or customized settings for networking components.
You can install other clients, services, and network protocols during the Windows XP
Professional installation by choosing CUSTOM, but it is recommended that you wait
until after the installation has completed to add additional services. (The exception
would be if the lack of these services would prevent the system from coming online
After installing the networking components, Setup starts the final steps of the
installation process, which include:
Installs Start menu items - Shortcuts that will appear on the Start menu are
installed and configured during this stage.
Registers components - The configuration settings that you specified earlier
during the install are configured now.
Saves the configuration - The Setup Wizard saves your entered configuration
settings. Once the system is restarted, the computer uses this configuration
by default.
Removes temporary files - Any files used by the Setup Wizard that are no
longer needed are deleted.
Restarts the computer - The computer is automatically restarted. This is the
final step of the Setup Wizard.
Upon restart, the computer will either boot directly to Windows XP Professional or it
will bring up the operating system selection window (the text of the BOOT.INI file) if
you have more than one operating system installed.
After you start Windows XP for the first time, you will come to the Welcome to
Microsoft Windows screen to finish setting up your computer. Click on the Green
NEXT arrow at the bottom right hand corner of the display.
The system will then check to see how you will connect to the Internet. If Windows
cannot detect the settings it will prompt you for input. (You can also select SKIP to
by pass this section).
The Windows Product Activation screen appears next. Windows Product Activation
has been designed by Microsoft it protect their intellectual property as much as
possible from software piracy. According to Microsoft through the setup feature, you
do not need to send any information at all when you activate the product, not even a
name. This step is required, at this time or within the first 30 days.
If you decide to skip this registration step now, you will only be able to use Windows
XP Professional for 30 days. At that time, the operating system will not function
without activating the product. You will have no other option but to either blow the
partition away and reinstall the OS for another 30 days or activate the software.
If you skip this step, Windows XP will periodically remind us during our 30-day period
to Activate the product.
The next screen we are brought to is the Internet Access screen, which allows us to
configure our Internet connection at this time as well. You do have the option to skip
this step as well.
The next screen that appears is the User Setup screen. On this setup page you are
able to enter the name of each person that will have local access to this computer. If
you choose to do this now, Windows XP Professional would create a separate user
account for each name entered.
These names would first appear on the Welcome Screen in alphabetical order. At that
point, users would be able to select their name from the Welcome screen to use the
computer. The local administrator can use User Accounts in the system Control Panel
to assign these users with passwords and system permission limits. It is also where
additional users can be created, in lieu of doing here or in addition to entering some
here.
Best of luck in your studies and please feel free to contact me with any questions on
my article and remember, "If a bad guy can alter the operating system on your
computer, it may not be your computer anymore"
The following direct upgrade paths are supported by Microsoft and are considered
viable for both the Windows XP Professional and Windows XP Home operating
systems.
Microsoft Windows 98
Currently, there are no supported direct upgrade paths for the following Microsoft
operating systems:
Microsoft Windows 95
[NOTES FROM THE FIELD] - I often get the question, "how do you know all of this
stuff", when I am working with desktop or system admins. The t ruth is, I often do
not know the information off the top of my head. Sometimes I do, and it is often due
to the fact that many people throughout the course of the year come to ask me
different questions and because many of them are repetitive I often have immediate
recall of them. Many times, (more often than not) I don't remember the answer, but
I have a vague idea of where I looked it up when I was asked it before and I head
right "battle" is knowing where to look up the information when you need it. If y ou
can do that, you're ahead of the game and ahead of most other people you might
work with.
Once you are certain that the operating system you're currently using can be directly
upgraded to Windows XP Professional, you then need to be sure that the inst alled
system hardware meets the minimum Windows XP Professional hardware
requirements by verifying all of the hardware is on theHardware Compatibility List
(HCL) at the Microsoft website.
Windows XP Professional supports only the devices listed in the HCL. If your
hardware isn't listed, contact the hardware manufacturer and request a Windows XP
Professional driver.
Support means that while the operating system may load and run on unsupported
hardware and software, any issues that come up with the system will not be covered
(i.e. supported) by Microsoft Technical Support if you should need to engage them.
You can test the computer for compatibility by using the Windows XP Professional
Compatibility tool. During a system upgrade you will see the option for this on the
introductory screen. (You also run the tool from the command line by typing
<CDROM DRIVE>:\i386\w innt32 /checkupgradeonly. You can perform just the check
and then exit the tool without installing the operating system, if you wish.)
If you have AUTORUN enabled on your system the Welcome to Microsoft Windows XP
setup screen will appear.
Before you can begin a network installation of Windows XP Professional, you need to
copy the Windows XP Professional installation files to a server, normally a file or
distribution server, and share out the directory so that people who need to perform
an over the network installation can attach to the share. (These people will also need
the proper level of Folder and NTFS permissions to attach to the share.)
The distribution server share will need to contain the installation files from the I386
folder on the Windows XP Professional CD-ROM.
From the target system, you connect to this shared directory and then run the Setup
program.
The target system needs to be prepared ahead of time in order to be successful with
an over the network installation. First, you need to create a FAT or FAT32 partition
on the target computer of at least 1.5 GB of disk space and format it ahead of time
and you also need to either boot from a client diskette that includes a network client
that enables the target computer to connect to the distribution server or install the
client directly to the local system hard drive with some sort of system installed, such
as formatting the hard drive with a Windows 9x boot disk with the "s" switch.
(FORMAT /S Copies system files to the formatted disk to make a boot disk. This also
works on a local hard drive).
The preferred method is to boot from a client diskette that includes a network client
that enables the target computer to connect to the distribution server.
(As we continue from here, we will assume we are using the preferred methods of
installation. As variables come up, I will mention them as a side note.)
The Setup program copies the installation files to the target computer, which is why
you need to create a FAT or FAT32 partition on the target computer of at least 1.5
GB of disk space and format it ahead of time.
You begin from the target computer by booting from a floppy disk that includes a
network client that can be used to connect to the distribution server. Once the
network client on the target computer is started, you connect to the shared folder on
the distribution server that contains the Windows XP Professional insta llation files
and Run WINNT.EXE to start the Setup program.
[NOTES FROM THE FIELD] - WINNT.EXE is used for an installation using MS-DOS
or Windows 3.0 or later versions on the source system. WINNT32.EXE is run for an
installation using Microsoft Windows 95, Windows 98, Microsoft Windows Me,
Windows NT 4, or Windows 2000 Professional.
Running WINNT.EXE from the shared folder does creates the $Win_nt$.~ls
temporary folder on the target computer and the Windows XP Professional
installation files are copied from the shared folder on the distribution server to the
$Win_nt$.~ls folder on the target computer. Once all of the files are copied to the
target system, setup will reboot the local computer and begin installing the Windows
XP Professional operating system.
Switch Function
/a Enables accessibility options.
Specifies an optional folder to be copied and saved. The folder remains after
/r[:folder]
Setup is finished.
Specifies the optional folder to be copied. The folder is deleted after Setup is
/rx[:folder]
finished.
Specifies the source location of Windows XP Professional files. This must
/s[:sourcepath] be a full path x:\[path] or \\server\share\[path]. The default is the current folder
location
Specifies a drive to contain temporary setup files and directs the Setup
program to install Windows XP Professional on that drive. If you do not
/t[:tempdrive]
specify a drive, Setup attempts to locate the drive with the most available
space by default.
Performs an unattended installation. (Requires the /s switch.) The answer file
/u[:script_file] provides answers to some or all of the prompts that the end user normally
responds to during Setup.
Indicates an identifier (id) that Setup uses to specify how a Uniqueness
Database File (UDF) modifies an answer file. The /udf parameter overrides
/udf:id[,UDF_file] values in the answer file, and the identifier determines which values in the
UDF file are used. If you do not specify a UDF_file, Setup prompts you to
insert a disk that contains the $UNIQUE$.UDB file.
Switch Function
Checks your computer for upgrade compatibility for Windows XP
Professional.
0 (severe errors)
/debug[level] [:file_name] 1 (errors)
2 (warnings)
3 (information)
4 (detailed information for debugging)
location specified must be available or the installation will fail. You can
use a maximu m of eight /s switches.
Copies Setup startup files to a hard disk and marks the drive as active.
You can then install the drive in another computer. When you start that
computer, Setup starts at the next phase. Using /syspart requires the
/syspart:[drive_letter] /tempdrive switch. You can use syspart on computers running Windows
NT 4, Windows 2000, Windows XP Professional, or Windows 2000
Server. You cannot use it on computers running Windows 95, Windows
98, or Windows Me.
Places temporary files on the specified drive and installs Windows XP
/tempdrive:drive_letter
Professional on that drive.
Performs an unattended installation. The answer file provides your
custom specifications to Setup. If you don't specify an answer file, all
user settings are taken from the previous installation. You can specify the
/unattend [number]: number of seconds between the time that Setup finishes copying the files
[answer_file] and when it restarts with [number]. You can specify the number of
seconds only on computers running Windows 98, Windows Me,
Windows NT 4, or Windows 2000 that are upgrading to a newer version
of Windows XP Professional.
Indicates an identifier (id) that Setup uses to specify how a UDF modifies
an answer file. The UDF file overrides values in the answer file, and the
/udf:id[,udb_file] identifier determines which values in the UDF file are used. If you do not
specify a UDF file, Setup prompts you to insert a disk that contains the
$UNIQUE$.UDF file.
For the most part, an over the network installation of Windows XP Professional from
this point forward is almost perfectly identical to installing Windows XP Professional
from a CD-ROM to a clean hard disk. For more information, you can take a look at
my article Attended Install of Windows XP Professional.
Using the Windows Setup Manager will help you automate certain Windows XP
Professional installations. In order to use the Windows Setup Manager you need to
install the Windows XP Professional Deployment Tools from the Windows XP
Professional CD-ROM.
To start, you need to log on with a user account that is a member of the
Administrators group and insert the Windows XP Professional CD-ROM in the CD-
ROM drive. (If you have AUTORUN enabled the Welcome To Microsoft Windows XP
screen, shown below, will appear. Click Exit to close it).
Open the Windows Explorer and create the folder where the files can be extracted to.
The E:\Setup Tools folder in our example will be used to contain the files extracted
from DEPLOY.CAB on the Windows XP Professional CD-ROM. (You can also choose to
create a new folder to where you want to extract the files when you open the CAB
files. We have performed this step ahead of t ime in the example)
The Select a Destination window will open. Select the E:\Setup Tools folder we
created earlier as the point where to extract the tools to. (Or, as I mentioned before,
you could select Make New Folder at this point as well).
When you have finished, the following files will appear in the folder.
Clicking Next will bring up the New Or Existing Answer File page. Since we do not
have an existing answer file, we will elect to create a new one and continue.
We are then presented with three different options on the Product to Install pa ge.
Since we are creating an answer file for a Windows Unintended Installation (which is
selected by default) we will keep this setting and continue.
On the Platform page we will choose our platform for the answer file. (This will be
Windows XP Professional, but you are supplied with the options for Windows XP
Home Edition and Windows 2002 Server, Advanced Server or Data Center when you
use setupmgr.exe, the Windows System Manager, from the Windows XP Professional
CDROM).
On the User Interaction Level page, the following five options are displa yed:
Provide Defaults. This setting causes default selections to appear to the end user as
the operating system installs itself on a workstation. The user can accept the default
answers or change any of the answers supplied by the script.
Fully Automated. A Fully Automated installation does not allow the user the chance
to review or change the answers supplied by the script.
Hide Pages. This setting causes default selections to be hidden. Pages for which the
script supplies all answers are hidden from the user.
Read Only. Pages for which the script supplies all answers are viewable by the user
but the user cannot change the answers.
GUI Attended. The text-mode portion of the installation is automated, but the user
must supply the answers for the GUI-mode portion of the installation.
On the Distribution Folder page you can create a distribution folder on your local
computer or network containing the required source files. You can add files to this
distribution folder to further customize your installation.
For this demonstration we will select, No This Answer File Will Be Used To Install
From A CD, and then click Next to continue.
On the License Agreement page you will need to select the checkbox to accept the
terms of the License Agreement in order to successfully continue.
The next page that comes up is the Customize the Software page. As you can see
here and in the left hand column, all of the prompts are exactly like the ones you
would expect to see during an attended install. You are answering them all here, just
once, for use each time in the future.
The last entry of the General Settings section is Providing the Product Key. Click here
to view the image.
During a fully automated install, you must supply a Product Key or you will receive
an error message.
If you were to use Provide Defaults or GUI Attended user interaction levels, you
would be allowed to leave this page blank. Also, if you provide a bogus key on the
Product Key page, the Wizard will continue, but, the fully automated install will halt
when it reaches this point, as the key is invalid.
The next page that is presented starts the Network Settings section of the answer
file. Click here to view the image.
The first entry is for Computer names. Here, you can enter as many different
workstation names and you want, import them from a text file, or allow the
installation program to auto generate names based on your organization name.
[NOTES FROM THE FIELD] - If multiple computer names were specified in the
computers to be installed section, the setup wizard c reates a *.UDB file. The
Uniqueness Database File (UDB) provides you the ability to specify individually
specific computer parameters automatically. The UDB modifies an answer file by
overriding values in the answer file, when you run Setup with the /udf:id[,UDB_file]
switch. The file overrides values in the answer file, and the identifier (id) determines
which values in the .udb file are used.
The Administrator Password page is next and has two options, (of which only the
second is available):
(Because we selected the User Interaction level of Fully Automated, the Prompt The
User For An Administrative Password option is grayed out).
Enter any password that you want. Click here to view the image.
There is also two other options on this page, to encrypt the Administrator's password
in the answer file and to have the Administrator log on automatically.
You can also set the number of times you want the Administrator to log on
automatically when the computer is restarted.
We will leave these blank continue from here. Click here to view the image.
The Networking Components page is where we can elect to keep the typical settings
or to choose to customize them. We will leave the default selection of Typical and
select NEXT to continue.
The final page of the Network Settings section is the Workgroup or Domain page.
Image
Here you can choose whether or not the answer file will put the newly installed
system into a workgroup or a domain. As with an attended install, if we elect to
choose a domain, we need may need to create a computer account in the domain if
this hasn't already been done.
We will be using the WORKGROUP option, so we will enter a name and continue.
(The WORKGROUP "workgroup" is supplied by default, just as DOMAIN in under the
Windows Server domain option)
The last a final phase of the process is the Advanced Settings section. Image
Next is the Regional Setting section, which allows us to either use the default
regional settings for Windows XP Professional from the CDROM we're installing from
or to choose another. Image
We are also given the option to add support for other languages. Image
In the Browser and Shell Settings section we can elect to use the default Internet
Explorer settings or use an auto configuration script created by the Internet Explorer
Administration Kit. Image
We could also set Proxy, Home page and other Browser settings at this time as well.
We will keep the defaults and continue.
[NOTES FROM THE FIELD] - The version of Internet Explorer that is deployed with
Windows XP Professional is 6. At the time of this writing, there is one security hotfix
that should be installed on systems that use Internet Explorer and that is
Q313675.exe.
The next option of the Advanced Settings section is the Installation Folder window.
Image
Here you can elect to install Windows XP Professional to one of three options as
listed, only the third being a variable of your choice.
[NOTES FROM THE FIELD] - While I cannot find the specific Q article at this time,
here is the Windows 2000 Professional article that outlines my next point. Other than
the above method of using the answer file, there is no way on a clean installation of
Windows XP Professional to choose the installation folder. The folder for Windows XP
Professional will always default t o \Windows. (DRIVE LETTER being the only variable
that you can set without the answer file.) Windows 2000 Professional installed to the
WINNT directory by default.
The next section allows you to automatically setup networked printers on the target
systems if you wish. Image
You can also configure run once commands to run the first time a user logs on.
Image
The last step in the Advanced Settings section is the Additional Commands option. It
allows you to add any commands you wish to run at the end of the unattended
installation before Setup restarts the system and runs Windows XP Pro fessional for
the first time. Image
The Windows Setup Manager then will create the answer file with the settings you
have provided with all of your previous entries to a place on the local system as a
text file. (The default location is the folder where the Setup Tools were extracted to.)
The unattend.bat file that was created from our input here is below.
@rem SetupMgrTag
@echo off
rem
rem This is a SAMPLE batch script generated by the Setup Manager Wizard.
rem If this script is moved from the location where it was generated, it may have to
be modified.
rem
set AnswerFile=.\unattend.txt
set SetupFiles=J:\i386
The unattend.txt file that was created from our input here is below.
;SetupMgrTag
[Data]
AutoPartition=1
MsDosInitiated="0"
UnattendedInstall="Yes"
[Unattended]
UnattendMode=FullUnattended
OemSkipEula=Yes
OemPreinstall=No
TargetPath=XPPRO
[GuiUnattended]
AdminPassword="RedSox:Rule"
EncryptedAdminPassword=NO
OEMSkipRegional=1
TimeZone=35
OemSkipWelcome=1
[UserData]
ProductID=XXXXX-XXXXX-XXXXX-XXXXX-XXXXX
FullName="Jason Zandri"
OrgName="Gunderville"
ComputerName=*
[Identification]
JoinWorkgroup=DRINKOFTEN
[Networking]
InstallDefaultComponents=Yes
[NOTES FROM THE FIELD] - Because we didn't choose the option to encrypt the
Administrator password earlier on the Administrator Password page of the Network
settings section, anyone that has access to read the unattend.txt can see what the
default administrator password for an installation is. This can be a serious issue in
large environments where the passwords are not reset on a regular basis.
If encryption were selected the entry in the [GuiUnattended] section would look like
this.
[GuiUnattended]
AdminPassword=
f8a2b8ccdf88c616332ed3251640d370c1d991ef0f617f3e7879bc923d175c5a
EncryptedAdminPassword=Yes
Well, that's a wrap for this week.
RIS relies on the DNS service for locating both the directory service and client
DNS
computer accounts.
DHCP The DHCP service is required so that client computers that can receive an IP address.
Active
RIS relies on the Active Directory service in for locating the RIS servers.
Directory
The shared volume where the RIS data is installed cannot be on the same drive that
is running Windows 2000 Server. The volume must be large enough to hold the RIS
software and the various Windows XP Professional images that are installed and that
volume must be formatted with the NTFS 5 file system.
You begin the RIS server setup by logging on to the server with an account that has
administrative permissions, and go to the Control Panel and select Add/Remove
Programs. From here you will need to choose Add/Remove Windows Components
and make sure that you have either the Windows I386 directory available for the
installation or the Windows 2000 Server CDROM.
From this point, the remainder of the installation is automatic. (If the I386 source
files cannot be found the system will prompt you to locate them.)
When the installation is completed, you'll need to restart your server to configure
your RIS services.
You need to go back into the Control Panel and choose Add/Remove Windows
Components again in order to start the configuration. (You can also type RIsetup
from the run line or a command prompt as well.)
Click on Configure to begin. This will launch the Welcome to the Remote Installation
Services Setup Wizard, as shown below. (The window below is the first thing you will
see if you choose to type RIsetup from the run line or a command prompt.)
Once you continue you will be prompted with the default Remote Installation folder
location of D:\RemoteIstall. You can elect to keep the default path or browse to a
new location.
The volume you opt to use must be large enough to hold the RIS software and the
various Windows XP Professional images that will be installed and the volume must
be formatted with the NTFS 5 file system.
By default, Remote Installat ion Services servers do not respond to requests for
service from client computers. There are two settings available to use on the server.
If you select the Respond to clients requesting service option, Remote Installation
Services is enabled and will respond to client computers requesting service.
Additionally, if you select the Do not respond to unknown client computers option,
Remote Installation Services will respond only to known (prestaged) client
computers.
You will also need to provide a name for the Windows installation image folder, as
well as a friendly description for each image you install on the RIS server.
The last step the wizard performs is actually a series of events, as outlined in the
image above. Once the final step is completed, the setup wizard starts the required
services for RIS to run. The server is complete at this point and will service client
requests for CD-based installs.
Additional details of RIS configuration and administration from this point forward
actually goes beyond the scope of what is required for installing Windows XP
Professional CD-based installs via RIS. For additional information on RIS for Windows
XP Professional, you can visit the Microsoft Website
Client computers that support remote installation must either meet the Net PC
specification (which is, effectively, a system which can perform a network boot) or
have a network adapter card with a PXE boot ROM and BIOS support for starting
from the PXE boot ROM.
Some client computers that have certain supported PCI network adapter cards can
use the remote installation boot disk as well.
This support is somewhat limited and can only be used with certain motherboards, as
the BIOS settings for booting the system from the network needs to be configurable.
The RIS service provides the Windows 2000 Remote Boot Disk Generator if your
system does support starting from the PXE boot ROM. You can create a Remote Boot
Disk by typing <DRIVE LETTER> RemoteInst \Admin\i386\rbfg in the RUN box or at a
command prompt. (The drive letter is the drive where you installed the RIS services
and will vary from server to server).
The boot disk simulates the PXE boot process on your system when your network
card does not have the required PXE boot ROM for a RIS installation. (Again, only a
small number of PCI network cards currently support using the Remote Boot Disk.
This includes mainly 3COM and a small cross section of other major vendors.)
The user account used to perform a RIS installation must be assigned the user right
of Log On as a Batch Job. The users must also be assigned permission to create
computer accounts in the domain they are joining if this has not been done ahead of
time. There are other factors as well, such as prestaging a client. For the purposes of
this overview, we will go through a "plain vanilla" RIS installation from a boot floppy.
When the client system starts from the boot floppy you would press F12 when
prompted to boot from the network.
The Client Installation Wizard will start and you will need to supply a valid user name
and password for the domain you're joining as well as the DNS name of the domain.
Once this is done you can press Enter to continue.
You are then given the option of performing an Automatic Setup, Custom Setup, or
to Restart a Previous Setup Attempt, or use the Maintenance and Troubleshooting
Tools installed on the RIS server. You would choose one of the options and then
press Enter.
The next screen will show a number of RIS images (including the default CD-based
image) that you can use. (The number will depend on what has been placed on t he
server by the administrator and whether or not you have the proper access
permission to read them.) Choose an image and then press Enter.
You will be presented with one last opportunity to verify that the settings are correct.
Once you're sure that they are, you would press Enter to begin the RIS installation.
When it is complete, Windows XP Professional will be deployed to the client system
and available for use upon restart.
Best of luck in your studies and please feel free to contact me with any questions on
my column and remember,
If you allow a bad guy to upload programs to your Web site, it's not your Web site
anymore.
Windows XP Professional supports only the devices listed in the HCL. If your
hardware isn't listed, contact the hardware manufacturer and request a Windows XP
Professional driver or replace the hardware to avoid potential issues.
Support means that while the operating system may load and run on unsupported
hardware and software, any issues that come up with the system will not be covered
(i.e. supported) by Microsoft Technical Support if you should need to engage them.
If this has been done beforehand and issues do arise, there are a couple of
"textbook" events that can be looked at first that will cover some of the more
common problems you might encounter during installation and these will generally
be what is at issue most of the time.
You can also try using a different computer and CD-ROM drive. If you can read the
CD-ROM on a different computer, you can perform an over-the-network installation if
that option is available to you.
If one of your Setup disks is not working, download a different set of Setup disks.
(The ability to directly create setup floppies has been dropped from Windows XP.
Setup boot disks are available only by download from Microsoft. The Setup boot
disks are available so that you can run Setup on computers that do not support a
bootable CD-ROM. There are six Windows XP Setup boot floppy disks. These disks
contain the files and drivers that are required to access the CD-ROM drive through
generic PCI drivers and begin the Setup process.
You may also find that the Windows XP Professional setup program is unable to copy
files from the CD-ROM. In this event, it may be possible to either replace the drive
with a supported drive (as this is usually the issue) or you can attempt your
installation via a different method such as installing over the network (as mentioned
above) or by copying the files to the local drive first, outside of the installation
program, as sometimes the copy failure only crops up after the Windows XP
Insufficient disk space errors - The current minimum hardware requirements for
Windows XP Professional at the time of this writing is as follows:
If you do not have 1.5GB of available hard disk space on a single partition, you will
not be able to complete the installation in most cases.
You can use the setup program to create additional partitions that are large enough
for the installation if there is enough space on the drive or you can elect to delete
existing data on the current partition to make enough room for the installation.
[NOTES FROM THE FIELD] - For the purpose of the Windows XP Exam you need
not remember the exact contents of these files, they are supplied here so that you
can get an overview of what would be in them commonly.
Error codes are often cryptic, whether in a log file or the system event viewer but
taking the time to understand what error has occurred and why, will help you bet ter
understand and troubleshoot the system.
The list below outlines the purpose of each file, and also a portion of the file contents
for you to examine.
Action Log (SETUPACT.LOG) - The action log records the actions that the Setup
program performs in chronological order and is saved as SETUPACT.LOG. Click here
for the sample log.
The setup log that I have available from my system is 165KB in size and too large to
post here in its entirety, but I have cut a few sections out so that you can see what
some of the entries look like.
As I mentioned before, the log file is much larger and has a lot more to it, but this
cross section gives you an idea of what is there.
Error Log (SETUPERR.LOG) - The error log shows any errors that occurred during
setup and their severity level. If errors do occur, the log viewer displays the error log
at the end of setup.
The log will be created even if no errors occur. (I do not have anything available to
show you from the error log as mine is empty. Sorry.)
[Paths]
TargetDirectory = "\WINDOWS"
TargetDevice = "\Device\Harddisk0\Partition3"
SystemPartitionDirectory = "\"
SystemPartition = "\Device\Harddisk0\Partition1"
[Signature]
Version = "WinNt5.1"
[Files.SystemPartition]
NTDETECT.COM = "NTDETECT.COM","b28f "
ntldr = "ntldr","3a7b2"
[Files.WinNt]
\WINDOWS\system32\drivers\kbdclass.sys = "kbdclass.sys","e756"
\WINDOWS\system32\drivers\mouclass.sys = "mouclass.sys","8cd9"
\WINDOWS\system32\drivers\usbuhci.sys = "usbuhci.sys","11ded"
\WINDOWS\system32\drivers\usbport.sys = "usbport.sys","22ffd"
\WINDOWS\system32\drivers\usbd.sys = "usbd.sys","40af "
\WINDOWS\system32\drivers\hidparse.sys = "hidparse.sys","acd7"
\WINDOWS\system32\drivers\hidclass.sys = "hidclass.sys","88de"
\WINDOWS\system32\drivers\usbhub.sys = "usbhub.sys","ee45"
\WINDOWS\system32\drivers\intelide.sys = "intelide.sys","dec0"
\WINDOWS\system32\drivers\pci.sys = "pci.sys","1a257"
\WINDOWS\system32\drivers\oprghdlr.sys = "oprghdlr.sys","b001"
(The whole remainder of the file looked as it does above, detailing drivers and path
information for the whole system).
This article will cover Disk Management tools that are available in Windows XP
Professional.
You can use both tools to convert disks, as well as format current partitions and
unallocated space. You can also check on the status of fixed and removable disks
and their associated properties.
Disk Management
Normally, you will need to be a local administrator to perform most system
configuration functions (even just taking a look at the current configuration settings)
on a Windows XP Professional system, and in some cases, there may be a local
policy set by some other administrator or if your system is in a Domain, a Domain
policy setting which may prevent you from performing some actions.
To open the Disk Management MMC, you can select Start, right -click My Computer,
and then click Manage, which will open the Computer Management MMC. Under the
Storage icon, click Disk Management to open the Disk Management MMC.
You can also type compmgmt.msc in the RUN box or from a command line to launch
the Computer Management MMC.
[NOTES FROM THE FIELD] - What your Start Menu options look like all depend on
how you have the menu set. If you are using the Classic Start Menu, you would not
see My Computer as a selection to right click on. Your options would be to click Start,
select Administrative Tools and then select Computer Management. Not a whole lot
different, but perhaps just enough to confuse you.
The Windows XP Professional exam rarely tests you on Classic anything. You need to
know how to get from Windows XP Professional settings to Classic and back, but in
90% of the cases you're going to find instructions laid out in the Windows XP
Professional vein. I will do my best to point out alternatives in the [NOTES FROM
THE FIELD] section as I have done here.
If you want to directly open the Disk Management MMC you can type diskmgmt.msc
from the RUN box or from a command line. This will run the tool independently from
the Computer Management MMC.
As you can see from the image above, we have a number of basic physical and
logical drives on the system, as well as two CD-ROM drives (not shown in the above
image).
If there were removable drives on this system, such as Jaz or ORB drives and the
like, they would appear here as well. The removable drives, as well as the CD-ROM
drives, will either show "no media" when they are empty (or some error is
preventing them from seeing inserted media) or the file system of the installed
media.
When you select a drive in the upper window (which is currently set to the default
Volume List View) by left clicking on it once, not only will it become highlighted (in
blue), but it will also become shaded in the lower part of the window (which is
currently set to the default Graphical List View).
You can change the appearance of both the top and bottom window views by
selecting VIEW from the menu and then selecting whichever (or both) views you
wish to change. Top and Bottom, along with Settings and Drive Paths are controlled
here.
You can change the colors and wallpaper for volumes and disk regions by selecting
VIEW and then SETTINGS. The APPEARANCE tab shows all of the current default
colors for the available disk regions. Even disk regions that are not currently installed
on the system are set with specific colors by default.
You can change how disk sizes are displayed on the SCALING tab. The default
settings are shown below.
DiskPart
The command line tool, DiskPart, is available in Windows XP Professional, which
allows the administrator to handle disk administrative tasks from a command
prompt.
You start your session at the command prompt by typing the following:
DISKPART>
This will put you into the DiskPart program session. If you needed to get a little more
information on DiskPart before starting your session and tried the standard
:\diskpart /?, this is all you would get:
However, if you started the program and then typed HELP, you'd get much more
information:
DISKPART> help
DISKPART>
For the most part, this command line tool is highly effective when you are using any
of the above commands via scripting. The only other time it is easy / necessary to
use it, is from the Recovery Console, as it is one of the commands that are available
from it.
[NOTES FROM THE FIELD] - Do not modify the structure of dynamic disks with the
DiskPart command line tool because you might damage your partition table within
To exit the DiskPart program simply type EXIT at the program prompt.
The Diskpart Command Line Utility is available for download from Microsoft for
Windows 2000 and it is part of the Windows 2000 Resource Kit Tools as well. (It is
included as part of Windows XP Professional.) As with any software available for use
from any version of the Resource Kits or the download site, it is not supported under
any Microsoft standard support program or service. You use it at your own peril.
This article will cover using the Disk Management tool in Windows XP Professional.
The emphasis of this first part will be on the different disk types in a Windows XP
Professional system.
To open the Disk Management MMC, you can select Start, right -click My Computer,
and then click Manage, which will open the Computer Management MMC. Under the
Storage icon, click Disk Management to open the Disk Management MMC.
You can also type compmgmt.msc in the RUN box or from a command line to launch
the Computer Management MMC.
[NOTES FROM THE FIELD] - What your Start Menu options look like all depend on
how you have the menu set. If you are using the Classic Start Menu, you w ould not
see My Computer as a selection to right click on. Your options would be to click Start,
select Administrative Tools and then select Computer Management. Not a whole lot
different, but perhaps just enough to confuse you.
I seem to continually repeat this from article to article, but it is important to stress,
the Windows XP Professional exam rarely tests you on Classic anything. You need to
know how to get from Windows XP Professional settings to Classic and back, but in
90% of the cases you're going to find instructions laid out in the Windows XP
Professional vein. I will do my best to point out alternatives in the [NOTES FROM
THE FIELD] section as I have done here.
If you want to directly open the Disk Management MMC you can type diskmgmt.msc
from the RUN box or from a command line. This will run the tool independently from
the Computer Management MMC.
Disk Management, which was introduced in the Windows 2000 line of NT -based
Windows operating systems, replaces the Disk Administrator utility found in Windows
NT 4.0.
There are two different types of disk storage in Windows 2000 and Windows XP
Professional: basic disks and dynamic disks.
Basic Disks
The number of partitions you can create on a basic disk depends on the disk's
partition style.
On master boot record (MBR) disks, you can create up to four primary pa rtitions, or
you can create up to three primary partitions and one extended partition. Within the
extended partition, you can create an unlimited number of logical drives.
[NOTES FROM THE FIELD] - You used to be limited to the number of logical drives
that could be created on a system by the number of remaining drive letters that
were available to assign to the formatted partitions. With volume mount points this is
On GUID partition table (GPT) disks, you can create up to 128 primary partitions.
Because GPT disks do not limit you to four partitions, you do not need to create
extended partitions or logical drives.
[NOTES FROM THE FIELD] - The GUID partition table (GPT) disk-partitioning
scheme is a format that is used by the Extensible Firmware Interface (EFI) in
Itanium-based computers. GUID partition table offers more advantages than master
boot record (MBR) partitioning because it allows up to 128 partitions per disk,
provides support for volumes up to 18 exabytes in size, allows primary and backup
partition tables for redundancy, and supports unique disk and partition IDs.
A primary partition of a basic disk is a portion of the physical disk that functions as
though it were a physically separate disk. On most Intel based systems this partition
is the one that is marked as active which allows the computer to start up. You can
create up to four primary partitions (sometimes called volumes) on a single disk or
three primary partitions and an extended partition with multiple logical drives.
Extended partitions allow you to create more than four individual volumes on a basic
disk. Unlike primary partitions, you do not format an extended partition with a file
system and then assign a drive letter to it. Instead, you create one or more logical
drives within the extended partition. It's the logical drive of the extended partition
that you format and assign a drive letter to. You can create an unlimit ed number of
logical drives per disk.
[NOTES FROM THE FIELD] - Volume mount points allow a volume to be mounted
on an existing folder rather than at the root of a new drive letter. Establishing a
volume mount point for an empty NTFS directory allows an administrator to create
new volumes without requiring additional drive letters.
Some of the properties and characteristics of basic disks are outlined below.
In order to convert a basic disk to dynamic you would start the Disk Management
tool and Right-click the basic disk you want to convert, click Convert to Dynamic
Disk.
You can upgrade a disk from basic storage to dynamic storage at any time without
loss of data in much the same way that you might run the CONVERT command line
utility to change a FAT or FAT32 partition to NTFS without losing any data. Along the
same lines, all data on a dynamic disk will be lost when you convert it to a basic disk
just as you would going from NTFS "back" to FAT or FAT32.
In order to convert a basic disk to a dynamic disk there needs to be 1 MB of free disk
space for the upgrade to succeed. T his 1 MB of free disk space is needed to hold the
configuration data for the dynamic disk structure.
There is a very good article on the Microsoft Web site entitled Description of Disk
Groups in Windows Disk Management (Q222189). While it is based off of the
Windows 2000 line of operat ing systems it is still for the most part pertinent and a
good read.
Dynamic Disks
The dynamic disk format can be accessed only by Windows 2000 and Windows XP
Professional operating systems.
You convert basic disks to dynamic by using the Disk Manage ment snap-in or the
DiskPart command line utility. When you convert a basic disk to dynamic, all existing
basic volumes become dynamic volumes.
Dynamic disks provide features that basic disks do not, such as the ability to create
volumes that span multiple disks (spanned and striped volumes), and the ability to
create fault-tolerant volumes (mirrored and RAID-5 volumes).
[NOTES FROM THE FIELD] - Windows 2000 Servers and the up and coming .NET
server line provide fault tolerance on dynamic disks in the f orm of software based
(operating system) disk mirroring (RAID-1) or striping with parity (RAID-5).
Hardware devices that support fault tolerance, such as RAID controllers, can make a
Windows XP Professional fault tolerant, but it is this third party hardware solution
that is providing the fault tolerance, not the Windows XP Professional operating
system.
Windows XP Professional supports dividing dynamic disks into volumes, which can
consist of a portion, or portions, of one or more physical disks.
There are five types of dynamic volumes: simple, spanned, striped, disk mirroring
(RAID-1) and striping with parity (RAID-5). Mirrored and RAID-5 volumes are fault
tolerant and are available only on computers running the Windows 2000 Server
family of operating systems.
When you have converted a basic disk to dynamic storage, you can create Windows
XP Professional volumes, of which there are three different types that can be utilized
on the local system:
Simple volumes. All of the disk space from a single disk is used and it is not fault
tolerant.
Spanned volumes. Includes disk space from multiple disks up to a total of 32. Data is
written to a spanned volume on the first disk, completely filling the space, and
continues to the next until it is full and then the next, and so on, through each disk
that you include in the spanned volume. These volumes are not fault tolerant either.
If any one single disk in the whole entire spanned volume fails, all the data in the
entire volume is lost.
Striped volumes. Combines areas of free space from multiple hard disks (up to 32)
into one logical volume. In a striped volume, Windows XP Professional optimizes
performance by adding data to all disks at the same t ime in succession, a direct
contrast to spanned volumes. If any one single disk in the whole entire striped
volume fails, all the data in the entire volume is lost.
Some of the properties and characteristics of dynamic storage are outlined below.
[NOTES FROM THE FIELD] - Do not modify the struc ture of dynamic disks with the
DiskPart command line tool because you might damage your partition table within
the dynamic disk structure.
Just like anything else, with certain advances there are certain limitations and
drawbacks.
Laptop Limitation. Dynamic disks are not supported on laptops, removable disks,
such as Jaz or ORB drives, detachable disks that use Universal Serial Bus (USB) or
IEEE 1394 (FireWire) interfaces, or on drives connected to a shared SCSI bus. On
laptops you do not even see the option to convert basic disks to dynamic within the
Disk Management tool.
Multi-boot considerations. Dynamic volumes cannot be accessed by MS-DOS,
Windows 95, Windows 98, Windows Millennium Edition, Windows NT 4.0, or Windows
XP Home Edition operating systems that are dual-booted with Windows XP
Professional. If you want computers running these operating systems to be able to
access the data, you need to store the data on basic volumes.
Extending Volumes. When basic volumes are converted to dynamic they may or
may not have an entry in the partition table depending on whether that volume was
a system or boot partition. If the volume that was converted was originally a system
or boot partition it retains its old entry in the partition table. You can install Windows
XP Professional on that volume, however, you will be unable to extend it. If the
converted volume was not originally a system or boot volume it will not have the old
partition table entry. You won't be able to install Windows XP Professional on the
volume, but it will be possible to extend it.
Volumes converted from partitions on Windows 2000 systems have an entry in the
partition table. On Windows XP Professional systems, volumes converted from
partitions do not have an entry in the partition table unless the partitions were
originally system or boot partitions. You can see if a volume has an entry in the
partition table by right-clicking the volume in within the Disk Management tool. If the
Extend Volume option is disabled, the volume has an old entry in the partition table.
With this article I will begin focusing on the next section of material which centers on
Implementing and Conducting Administration of Resources on Windows XP
Professional, this one covering Windows XP Professional file systems.
To have a good understanding of how and why you can set up or deny access to data
on a Windows XP Professional system, you need to have an underlying
understanding of any native file security that may or may not be in place.
One place to start would be the file system the operating system is utilizing.
Windows XP Professional supports the three major computer files systems of File
Allocation Table (commonly known as FAT or FAT16), FAT32 and NTFS.
FAT16
FAT is allocated in clusters, the size of which are determined by the size of the
partition. The larger the partition, the larger the clust er size. The larger the cluster
size, the more space is "required" when using it to store data.
As you can see, with a 2GB partition size, (the maximum allowed under FAT16 in
most cases) if you were to save 50 different files, all 1024 bytes (1KB) in actual size
(or to have 50 fractions of larger files "fall over" to the next cluster by that same
amount), the amount of hard drive space used up would be 1,638,400 bytes (a little
over 1 MB), for 51,200 bytes of actual data.
You can obviously see that this is a serious problem when there are thousands of
small *.DLLs and other types of small files.
Also, with the advent of super-inexpensive hard drives that are 80GB in size, you can
see where using FAT would be an issue as well.
In summary, there are "advantages" for using the FAT file system on a Windows XP
Professional installation:
MS-DOS, Windows 95, Windows 98, Windows NT, Windows 2000, and some UNIX
operating systems can use FAT16. If there is some reason to dual boot the system,
FAT16 allows you the greatest number of options.
There are many software tools that can address problems and recover data on FAT16
volumes.
If you have a startup failure, you can start the computer by using a bootable floppy
disk to troubleshoot the problem.
FAT16 is efficient, in speed and storage, on volumes smaller than 256 MB.
(Those 50 files I mentioned above, all 1024 bytes (1KB) in actual size, would use up
"only" 409,600 bytes on a 400MB partition formatted with FAT16 and "only" 204,800
bytes on a 250MB partition.)
The root folder (usually the C:\ drive) has a limit of 512 entries. The use of long file
names can significantly reduce the number of available entries.
FAT16 is limited to 65,536 clusters, but because certain clusters are reserved, it has
a practical limit of 65,524. The largest FAT16 volume on Windows 2000 and Windows
XP Professional is limited to 4 GB and uses a cluster size of 64 KB. To maintain
compatibility with MS-DOS, Windows 95, and Windows 98, a volume cannot be
larger than 2 GB. (Those 50 files I mentioned above, all 1024 bytes (1KB) in actual
size, would use up 3,276,200 bytes of hard drive space to store 51,200 bytes of
actual data on a 4 GB FAT16 partition used in this scenario.)
FAT16 is inefficient on larger volume sizes, as the size of the cluster increases. We
have seen this in the examples above.
The boot sector is not backed up on FAT16 partitions. Because FAT16 does not
include a backup copy of critical data structures they are susceptible to single point
of failure issues, more so than other file systems.
Below is a table of Microsoft Operating systems and which file systems they can
natively access.
The maximum FAT partition that can be created and accessed by the operating
systems listed above is 2GB in most cases. 4GB FAT partitions can be created and
properly accessed only under those operating systems specifically listed above. A
dual boot NT family of operating system can create a 4GB FAT partition and a lower
level OS such as Windows 98 may be able to see data on it, however, issues will
arise when data access is attempted above the 2GB threshold that the OS normally
uses.
For more information on the Maximum Partition Size Using the FAT16 File System in
Windows XP, you can look up Q310561 at the Microsoft PSS webpage.
The "OSR" in "Windows 95 OSR2 and OSR2.5" stands for OEM Service Release.
The "OEM" in "OEM Service Release" stands for Original Equipment Manufacturer.
For more information on Accessing FAT16 Drives Larger Than 2 GB, or Maximum
Partition Size Using FAT16 File System, feel free to follow the links I have provided to
the Microsoft web site.
* There are some exceptions, but for the most part, DOS 3.3 and higher can access
up to 2GB of single partition space, as outlined in Q67321 at the Microsoft PSS
webpage. The MS-DOS Partitioning Summary (Q69912) names some exceptions and
points out the fact that some earlier versions didn't support many of today's FAT16
standards.
The maximum single file size on a FAT16 partition is 2 GB, regardless of the fact that
some OSes can have a 4GB partition.
FAT32
sizes for the most part and the fact that only Microsoft Operating systems can
natively access FAT32 and these are a reduced number from FAT16.
The FAT32 file system can support drives up to 2 terabytes in size (in theory) and
because it uses space more efficiently, FAT32 uses smaller clusters (that is, 4,096
byte clusters for drives up to 8 GB in size), resulting in more efficient use of disk
space relative to large FAT16 drives.
The 50 files I mentioned in the FAT16 section, all 1024 bytes (1KB) in actual size,
would use up only 409,600 bytes on a 16GB partition formatted with FAT16 and only
204,800 bytes on a 8GB partition. As you can see however, we are now running into
the issue with FAT32 drives with 80GB and 100GB partitions that we did a few years
ago under FAT16, wasted space. Those same 50 files would use 819,200 bytes on
either of the two large drives I mentioned. There's a Windows 2000 Professional and
XP Professional catch, however.
While the FAT32 file system can support drives up to a standard theoretical size of 2
terabytes, (it "can" be jury-rigged under Windows Millennium Edition to support
partitions of up to 8 TB). Windows 2000 Professional and XP Professional cannot
FORMAT a volume larger than 32 GB in size using their native FAT32 file system.
The FastFAT driver can mount and support volumes larger than 32 GB that use the
FAT32 file system, such as those created locally by Windows 98 or ME in dual boot
configuration, (subject to other limits listed here for Windows 98, ME and 2000 and
here for Windows XP), but you cannot CREATE one using the Format tool from within
either Windows 2000 Professional or XP Professional. If you attempt to format a
FAT32 partition larger than 32 GB, the format fails near the end of the process with
the following error message: Logical Disk Manager: Volume size too big.
The root folder on a FAT32 drive is not restricted in the number of entries in the root
folder as was FAT16.
FAT32 is a more robust file system than FAT16 was. FAT32 has the ability to relocate
the root directory and use the backup copy of the FAT instead of the default copy. In
addition, the boot record on FAT32 drives has been expanded to include a bac kup of
critical data structures. This means that FAT32 volumes are less susceptible to a
single point of failure than FAT16 volumes.
Just as there were disadvantages to the FAT16 file system, so there are in FAT32 as
well:
FAT32 volumes are not accessible from any other operating systems other than
certain Microsoft ones.
FAT32 partition sizes are limited to 32GB in size using the native FAT32 file system
format tools under Windows 2000 and Windows XP. (The maximum size is 127.5 GB
practical and 2TB standard theoretical.)
Below is a table of Microsoft Operating systems which support native access to the
FAT32 file system.
[NOTES FROM THE FIELD] - There is no test requirement to memorize the FAT32
tables either, but again, it's good to understand the "how and why" of it. Also, it is
never a "best practice" to dual boot any workstation or server that has sensitive data
on it with any file system installed that cannot secure those files or any operating
system that threatens that security. This would include the FAT32 file system.
For answers to some common questions about the FAT32 File System, you can look
up Q253774 at the Microsoft PSS webpage.
For more information on the Limitations of FAT32 File System on Windows 98, ME
and 2000, you can look up Q184006 at the Microsoft PSS webpage. You can find the
information for the limitations of the FAT32 File System in Windows XP information
available at Q314463. You will also find the maximum partition sizes, both practical
and theoretical listed there as well.
The maximum single file size on a FAT32 partition is 4 GB, regardless of the size of
the partition.
NTFS
NTFS is the preferred file system for all computers running Windows XP Professional.
If you are running Windows NT 4.0 Service Pack 4 or later, you can read basic
volumes formatted by using NTFS 5 locally on dual boot systems. Windows 2000 and
Windows XP Professional can read NTFS 5 on both basic and dynamic volumes.
(Computers systems accessing either version of NTFS across networks are not
affected. Version differences are usually only considered in local / dual boot
situations.)
Detailed information on these features can be found in both the Microsoft Windows
XP Professional Resource Kit Documentation and online.
If you are running Windows XP Professional in a dual boot scenario with a system
running Windows NT 4.0 Service Pack 4 or later, most of the NTFS 5 features are not
available. Most read and write operations are permitted provided as they do not
attempt to make use of most NTFS 5 features.
Issues that may occur under this type of configuration may include some of the
following:
Windows NT4 cannot perform any operations that make use of reparse points.
When you run Windows NT4 on a multiple-boot configuration that also runs
Windows XP Professional, Windows NT4 ignores disk quotas implemented by
Windows XP Professional.
Windows NT4 cannot perform any operations on files encrypted by Windows
XP Professional.
Windows NT4 cannot perform any operations on sparse files.
Windows NT4 ignores the change journal setup under Windows XP
Professional.
The NTFS file system can support drives up to 16 exabytes, in theory, but beca use
partition tables on basic disks (disks that include a master boot record) only support
partition sizes up to 2 terabytes, you would need to use dynamic volumes to create
NTFS partitions over 2 terabytes in size.
in the partition table, so dynamic volumes are not subject to the 2-terabyte physical
limit imposed by the partition table. This is why dynamic NTFS volumes can be as
large as the maximum volume size supported by NTFS.
NTFS volumes are not locally accessible from MS-DOS, Windows 95, Windows
98 and Windows Millennium Edition operating syst ems.
Many advanced features of NTFS included with version 5 are not available in
Windows NT.
On small partitions with mostly small files, the overhead of managing the
NTFS file system can cause a slight performance drop in comparison to FAT.
Floppy disks cannot be formatted as NTFS
[NOTES FROM THE FIELD] - There is no test requirement to memorize the NTFS
tables either, but again, it's good to understand the "how and why" of it. Also, it is
never a "best practice" to dual boot any workstation or server that has sensitive data
on it with any file system installed that cannot secure those files or any operating
system that threatens that security. This would include even NTFS if older versions
and newer versions of NTFS are running and one "degrades" the security strength of
the other.
For more detailed answers to questions about the NTFS File System, you can look up
the information in the Microsoft Windows XP Professional Resource Kit
Documentation, which can also be found online.
Well, that's a wrap for this week. On my way out the door I'd like to drop one more
table into your lap and a few more bullet points.
Partition Size FAT16 cluster size FAT32 cluster size NTFS cluster size
7 MB-16 MB 2 KB (FAT12) Not supported 512 bytes
17 MB-32 MB 512 bytes Not supported 512 bytes
33 MB-64 MB 1 KB 512 bytes 512 bytes
65 MB-128 MB 2 KB 1 KB 512 bytes
129 MB-256 MB 4 KB 2 KB 512 bytes
257 MB-512 MB 8 KB 4 KB 512 bytes
513 MB-1,024 MB 16 KB 4 KB 1 KB
1,025 MB-2 GB 32 KB 4 KB 2 KB
2 GB-4 GB 64 KB 4 KB 4 KB
The Windows XP Professional Files and Settings Transfer Wizard can be used to
simplify the task of moving data files and personal settings from your old computer
to your new one.
By utilizing this helpful tool properly, you won't have to reconfigure all of your
personal settings on your new system because you will be able to move your old
settings, such as display, Outlook Express, dial-up connections, Internet Explorer, as
well as your folder and taskbar options to your new system. You c an also use the
Wizard to move specific files and / or specific folders to your new system as well.
This can include the My Documents, My Pictures, and Favorites folders.
You should connect your new system and your old system together in some way, in
order to perform the transfer with the least amount of difficulty.
You can use a null modem cable if you have one that is long enough to connect the
two systems and you will need an available serial port on both systems as well.
The preferred option would be to have NICs installed in both systems and have them
connected via a crossover cable or through a hub.
After the physical connection between the two systems is est ablished and working
properly, you can run the Wizard.
To open the Files and Settings Transfer Wizard you can click Start, select All
Programs, select Accessories, select System Tools, and then click Files and Settings
Transfer Wizard.
You can also type migwiz.exe from the Run line of the start menu
[NOTES FROM THE FIELD] - What your Start Menu options look like all depend on
how you have the menu set. If you are using the Classic Start Menu, you would not
find the All Programs selection. Your options would be to click Start, select Programs,
select Accessories, select System Tools, and then click Files and Settings Transfer
Wizard. Not a whole lot different, but perhaps just enough to confuse you.
The Windows XP Professional exam rarely tests you on Classic anything. You need to
know how to get from Windows XP Professional settings to Classic and back, but in
90% of the cases you're going to find instructions laid out in the Windows XP
Professional vein. I will do my best to point out alternatives in the [NOTES FROM
THE FIELD] section as I have done here.
The first window that appears is the Welcome to the Files and Settings Transfer
Wizard startup window.
From here you would select NEXT to continue. The next screen that appears is the
WHICH COMPUTER IS THIS screen, where you would select either NEW COMPUTER,
where you would want to transfer your files and settings to, or OLD COMPUTER,
which is what you would select if the system you were working on was where the
current files and settings are that you want transferred.
[NOTES FROM THE FIELD] - The OLD COMPUTER can be running Microsoft
Windows 95, Microsoft Windows 98, Microsoft Windows 98SE, Microsoft Windows Me,
Microsoft Windows NT 4, Windows 2000, or Windows XP (32-bit). We will go through
the OLD COMPUTER settings a little later.
You will also find that if you are running a personal firewall product (I use Zone
Alarm Pro) you may find, depending on how you have it set up, that it will alert you
that the Files and Settings Transfer Wizard wants to act as server process on your
system and it wants access to the internet. This is a little misleading, as it is not
actually looking for an internet connection so much as it is looking for the local LAN.
(Notice the broadcast address.) You need to allow the Files and Settings Transfer
Wizard to act as a server process and access the network or it will not be able to
reach the remote system.
You will need to run the Files and Settings Transfer Wizard on the OLD COMPUTER
shortly (unless you have already done so) and the next screen will ask you whether
or nor you will use a Wizard Disk (which can be created by using the default se lected
"I want to create a Wizard Disk in the following drive" selection,) or you can bypass
the step if you already have a disk or intend on using the Files and Settings Transfer
Wizard from the Windows XP Professional CD-ROM.
We will elect to use the default selection, as shown above. When we click on NEXT to
continue, the Wizard asks us to make sure there's a formatted disk in the floppy
drive. Selec t OK to continue.
The Files and Settings Transfer Wizard will create the disk and when the disk is
finished it will display a window that tells you to go to the OLD COMPUTER and insert
the Wizard Disk (A:\ disk) and run the Wizard.
We would now go to the OLD COMPUTER with the floppy disk and run FASTWiz.exe,
which would expand the migwiz.cab file and run the Wizard on the OLD COMPUTER.
Once it starts, you will again see the WHICH COMPUTER IS THIS screen, however,
this time we will select OLD COMPUTER.
After selecting NEXT, you will be asked to select a transfer method. (Basically, this is
a point where the settings will go so that the NEW COMPUTER can get them. It can
be via an across the wire transfer, sent to a share point or to a floppy disk or other
removable media. We will use the D:\ drive.)
The Files and Settings Transfer Wizard will then ask you whether you want to
migrate settings only, files only or both. You can also elect to choose a custom list of
files and settings as well. This could be used if you only needed some of the files and
/ or some of the settings.
The following files types can be transferred: *.asf (Windows Media Audio/Video file),
*.asx (Windows Media Audio/Video shortcut), *.AU (AU format sound), *.avi (video
clip), *.cov (fax cover page file), *.cpe (fax cover page file), *.doc (WordPad
document), *.eml (Internet e-mail message), *.m3u (M3U file), *.mid (MIDI
sequence), *.midi (MIDI sequence), *.mp2 (Movie File MPEG), *.mp3 (MP3 Format
Sound), *.mpa (Movie File MPEG), *.mpeg (Movie File MPEG), *.MSWMM (Windows
Movie Maker Project), *.nws (Internet News Message), *.rft (Rich Text Format),
*.snd (AU Sound Format), *.wav (Wave Sound), *.wm (Windows Media Audio/Video
file), *.wma (Windows Media Audio file), *.wri (Write document).
When you select NEXT, the Files and Settings Transfer Wizard will begin the
collection.
I ran the default selection of both files and settings on my 2 GHZ Pentium 4 system,
which has three SCSI-3 18.2 GB 10,000 RPM hard drives, set up as individual basic
drives and one ATA-100 80GB IDE hard drive, also set up as an individual basic
drive, all using the NTFS file system.
Of all of that space, almost 135GB total, I have data on about 62 GB. The process
took about an hour an fifteen minutes to complete and while I could use my system
while all of this was going on, it was a little sluggish as migwiz.exe wanted as much
system resources as it could get it's hands on, often pegging the processor. (Memory
seemed to stay pretty constant at around 128MB of my physical 512MB of PC800
memory being used.)
As you can also see, there is a 2 GB limitation to the DAT files. Once you exceed this
amount the Wizard will automatically start another file an enumerate it.
Once the process is completed the Completing the Collection Phase window will
display with the above message. This page would indicate any files and settings that
you had selected that the Wizard could not collect. You would have to manually
transfer these files and settings or they will not be transferred to your NEW
COMPUTER. (There were none in our example.) Click FINISH to close the Wizard on
the OLD COMPUTER.
Now that we have finished the process on the OLD COMPUTER, we can head back
over to the NEW COMPUTER and continue from the last screen we were presented
with there. (SHOWN BELOW)
We would select NEXT to arrive at the WHERE ARE THE FILES AND SETTINGS page.
Since we elected to use the D:\ drive, this is where we would point the Wizard to and
select NEXT to continue.
The Wizard will begin the transfer by organizing the files and settings for transfer
and then complete the process.
Once this last step finishes the transfer of files and settings will be complete.
In the meantime, best of luck in your studies and please feel free to contact me with
any questions on my column and remember,
"Out of date virus software is only marginally better than none at all."
In Microsoft Windows XP Professional, you will find one of three different accounts in
use on any given system.
Local user accounts allow you to log on to the local system and access
resources there. If you needed to access any type of resource beyond the
local system, you would need to provide additional credentials in most cases.
Local accounts authenticate to the local security database.
Domain user accounts allow you to log on to the domain the user account
belongs to in order to access network resources. You may be able to access
resources in other domains depending on how the trust relationships are
defined or if any modifications have been made to them. Domain accounts
authenticate to a domain controller and to the domain security database.
Built-in user accounts allow you to perform administrative tasks on the local
system and sometimes they can access local or network resources, depending
on their configuration on the network. This too, is dependant on how trust
relationships are defined or if any modifications have been made to them. The
only two accounts created by default on a stand alone Windows XP
Professional clean installation are Administrator and Guest.
The Guest account also cannot be deleted from the system, however it is DISABLED
by default and unless there is some required operational need it should stay
disabled. The only "need" for the Guest account would be a kiosk type terminal in a
lobby of an office building or hotel and in that event it could be used. If there is ever
a short time need to grant access to a temporary user to a system it's is always
worth the "aggravation" to create an account.
You can also type compmgmt.msc in the RUN box or from a command line to launch
the Computer Management MMC.
[NOTES FROM THE FIELD] - What your Start Menu options look like all depend on
how you have the menu set. If you are using the Classic Start Menu, you would not
see My Computer as a selection to right click on. Your options would be to click Start,
select Administrative Tools and then select Computer Management. Not a whole lot
different, but perhaps just enough to confuse you.
I seem to continually repeat this from article to article, but it is important to stress,
the Windows XP Professional exam rarely tests you on Classic anything. You need to
know how to get from Windows XP Professional settings to Classic and back, but in
90% of the cases you're going to find instructions laid out in the Windows XP
Professional vein. I will do my best to point out alternatives in the [NOTES FROM
THE FIELD] section as I have done here.
If you want to directly open the Local Users and Groups MMC you can type
lusrmgr.msc from the RUN box or from a command line. This will run the tool
independently from the Computer Management MMC.
You can also launch the Control Panel and select the User Acc ounts icon as well.
[NOTES FROM THE FIELD] - User Accounts and the Local Users and Groups MMC
both function differently while performing the same task. I will cover the User
Accounts functionality separately.
Adding USERS with the Local Users and Groups MMC
Adding a user is as simple as selecting Users from the left pane, right clicking it and
choosing New User. You can also highlight Users by left clicking it and going up to
ACTION on the menu bar and selecting New User.
Depending on your current settings, all you may need to supply in order to create a
user account is a user account name. The full user name, description, and passwords
are not required by default.
To set a password where one isn't used or to change one that is currently set, you
would right click on the given account and choose SET PASSWORD.
You can also right click on the given account and choose ALL TASKS which leads you
to the single SET PASSWORD option as well.
You can also select the user with a single left click and go to ACTION in the menu to
bring up the same ALL TASKS / SET PASSWORD options as well.
[NOTES FROM THE FIELD] - Passwords are not required by default but are always
a recommended best practice.
There may be a local policy set by some other administrator or if your system is in a
Domain, a Domain policy setting, which may force you to use settings that are NOT
normally required by default.
For example, if you try to create an account that has a password policy in place and
you do not meet the minimum requirements for password creation, you will be
presented with an error message that looks like this;
All that is required for creating a Group is the name. Descriptions do not need to be
entered for the group nor do you need to add any members.
Using USER ACCOUNTS in the Control Panel.
How USER ACCOUNTS in the Control Panel functions all depends on whether your
Windows XP Professional system is in a domain or not.
Also, how it looks depends on whether you are using the default Windows XP view or
the Classic interface.
This is the default Windows XP view.
When you are in a domain and you open the USER ACCOUNTS icon in the Control
Panel you are presented with the User Accounts view as shown below on the USER
tab.
NOTES FROM THE FIELD] - The "domain" BUCKAROO in this example is the local
system and not a domain. NORTHAMERICA is a domain. The icons for a local account
have a computer/user icon. In the above image in the Password for backup section
you can see this. A DOMAIN icon in the Users for this computer section would have a
planet/user icon combination as shown below.
In order to see the properties of an account, you would select it and click on the
properties button to see the following window.
On the Group Membership tab of the USER property sheet you would see three
selections to choose from regarding group memberships.
The OTHER drop down window lists all of the LOCAL groups that the user could
belong to.
The OTHER drop down window lists only the local groups, regardless of whether you
have chosen a user account in the local accounts database or a domain account that
is in the domain.
You can change the password for a given account from the USER tab by selecting the
account and clicking the RESET PASSWORD button, which will bring up the RESET
PASSWORD window as shown below.
From the ADVANCED tab you can manage passwords that are in the local database.
By selecting the MANAGE PASSWORDS button you will open the Stored User Names
and Passwords where you can add, remove or view the properties of an account.
When you select the .NET PASSPORT WIZARD, the wizard will start and allow you to
add a .NET passport to one or more Windows XP Professional user accounts.
Selecting ADVANCED from the Advanced User Management section simply launches
the Local Users and Groups MMC as if you typed lusrmgr.msc from the RUN box or
from a command line.
The secure logon section is where you would require local users to press
CTRL+ALT+DEL to begin a session.
When you are not in a domain and you open the USER ACCOUNTS icon in the Control
Panel you are presented with the User Accounts view as shown below.
To change any of the listed accounts you would select CHANGE AN ACCOUNT and
select the account you wish to change. It's here that you can change the passw ord,
change the icon (picture) that is associated with the account or to set up the account
to use a .NET passport.
The CREATE A NEW ACCOUNT option allows you to do just that.
The CHANGE THE WAY USERS LOG ON OR OFF option allows you to select either
FAST USER SWITCHING, (which is not allowed when the workstation is a member of
a domain) or using the standard USE THE WELCOME SCREEN option.
NOTES FROM THE FIELD] - Fast User Switching cannot be used if the Offline Files
option is enabled. Also, once your system is added to a domain you can no longer
use Fast User Switching, even if you log on to the workstation by using the local user
account database.
That's a wrap for this week. Be sure to check back in next week for the next article
in this series.
In the meantime, best of luck in your studies and please feel free to contact me with
any questions on my column and remember
In Microsoft Windows XP Professional, you will find a number of default local groups
on your system, which can perform the following default functions as outlined;
Members of the Administrators group have complete and
unrestricted access to the computer and can perform all
administrative tasks. T he built-in Administrator account is a member
Administrators of this group by default and should the Windows XP Professional
system be joined to a domain, (or domains) the Domain Admins
group of the domain(s) joined will be added to the local
Administrators group as well.
Backup Members of the Backup Operators group can use Windows Backup
Operators (NTBACKUP) to back up and restore data to the local computer.
Being in this group allows them to override security restrictions for
the sole purpose of backing up or restoring files.
Members of the built in Guests group are limited to only having
access to specific resources for which they have been assigned
explicit permissions for and can only perform specific tasks for which
they have been assigned explicit rights.
This is nearly the same access level as members of the Users group
Guests
except for some additional restrictions.
The Guest account also cannot be deleted from the system, however it is DISABLED
by default and unless there is some required operational need it should stay
disabled. The only "need" for the Guest account would be a kiosk type terminal in a
lobby of an office building or hotel and in that event it could be used. If there is ever
a short time need to grant access to a temporary user to a system it's is always
worth the "aggravation" to create an account.
Also, it is not recommended to change any of the default permissions and other
settings to the built in groups. If you need to elevate or lower permissions for all
users in a built in group it is almost always better to create a new group, place all of
the intended users into that group and make adjustments there accordingly.
You can also type compmgmt.msc in the RUN box or from a command line to launch
the Computer Management MMC.
[NOTES FROM THE FIELD] - What your Start Menu options look like all depend on
how you have the menu set. If you are using the Classic Start Menu, you would not
see My Computer as a selection to right click on. Your options would be to click Start,
select Administrative Tools and then select Computer Management. Not a whole lot
different, but perhaps just enough to confuse you.
I seem to continually repeat this from article to article, but it is important to stress,
the Windows XP Professional exam rarely tests you on Classic anything. You need to
know how to get from Windows XP Professional settings to Classic and back, but in
90% of the cases you're going to find instructions laid out in the Windows XP
Professional vein. I will do my best to point out alternatives in the [NOTES FROM
THE FIELD] section as I have done here.
If you want to directly open the Local Users and Groups MMC you can type
lusrmgr.msc from the RUN box or from a command line. This will run the tool
independently from the Computer Management MMC.
Depending on your current settings, all you need to supply in order to create a new
group is the name. In most cases the description and adding users at the time is not
required by default.
[NOTES FROM THE FIELD] - There are certain characters that cannot be used in
the name of any group on a Windows XP Professional system. These are;
How USER ACCOUNTS in the Control Panel functions all depends on whether your
Windows XP Professional system is in a domain or not.
Also, how it looks depends on whether you are using the default Windows XP view or
the Classic interface.
This is the default Windows XP view.
Click here to view the image.
When you are in a domain and you open the USER ACCOUNTS icon in the Control
Panel you are presented with the User Accounts view as shown below on the USER
tab.
NOTES FROM THE FIELD] - The "domain" BUCKAROO in this example is the local
system and not a domain. NORTHAMERICA is a domain. The icons f or a local account
have a computer/user icon. In the above image in the Password for backup section
you can see this. A DOMAIN icon in the Users for this computer section would have a
planet/user icon combination as shown below.
In order to see the properties of an account, you would select it and click on the
properties button to see the following window.
On the Group Membership tab of the USER property sheet you would see three
selections to choose from regarding group memberships.
The OTHER drop down window lists all of the LOCAL groups that the user could
belong to.
The OTHER drop down window lists only t he local groups, regardless of whether you
have chosen a user account in the local accounts database or a domain account that
is in the domain.
From the ADVANCED tab you can perform functions such as managing passwords
that are in the local database or using the .NET PASSPORT WIZARD to add a .NET
passport to one or more Windows XP Professional user accounts..
Selecting ADVANCED from the Advanced User Management section simply launches
the Local Users and Groups MMC as if you typed lusrmgr.msc from the RUN box or
from a command line.
The secure logon section is where you would require local users to press
CTRL+ALT+DEL to begin a session.
When you are not in a domain and you open the USER ACCOUNTS icon in the Control
Panel you are presented with the User Accounts view as shown below.
To change any of the listed accounts you would select CHANGE AN ACCOUNT and
select the account you wish to change. It's here that you can change the password,
change the icon (picture) that is associated with the account or to set up the account
to use a .NET passport.
The CREATE A NEW ACCOUNT option allows you to do just that.
The CHANGE THE WAY USERS LOG ON OR OFF option allows you to select either
FAST USER SWITCHING, (which is not allowed when the workstation is a member of
a domain) or using the standard USE THE WELCOME SCREEN option.
NOTES FROM THE FIELD] - Fast User Switching cannot be used if the Offline Files
option is enabled. Also, once your system is added to a dom ain you can no longer
use Fast User Switching, even if you log on to the workstation by using the local user
account database.
As you can also see there is no place here to create a new group. As I mentioned
earlier, that would need to be handled through Computer Management.
You would need to use the Computer Management snap-in to delete local groups
from the system. Windows XP Professional uses a unique identifier value to identify
groups and their assigned permissions, so if you should delete a group fr om the local
system and then decide it was in error, creating the group "again" with the same
name will not automatically allow for all of the same permissions and access levels
for it's members.
When performing a group deletion, you only delete the group and its associated
permissions and rights, not the user accounts in it's membership.
To delete a group you would right -click the group name in the Computer
Management snap-in and then click Delete. The users would still be on the system. If
their deletion was also required as part of removing a group of summer users or
interns for example, the individual users would still need to be deleted.
Built-in
Description
System group
The Everyone group contains all of the users who access the
computer. The Full Control permission is assigned to the Everyone
Everyone
group (and thus all the users in it) whenever there are volumes on
the local system formatted with NTFS.
All users with valid user accounts on the local system are included
in the Authenticated Users group. When your Windows XP systems
Authenticated is a member of a domain, (or multiple domains) it includes all users
Users in the Active Directory database for that given domain. Using the
Authenticated Users group for resource and system access instead
of the Everyone group is a suggested best practice.
The Creator Owner designation comes into play when a member of
the Administrators group creates a resource, (or takes ownership of
Creator Owner
a resource) because even though an individual member may have
performed the action, the Administrators group owns the resource.
The Network Built-in System group contains any user with a
Network current connection from a remote system on the network to a
shared resource on the local system.
Members of the Interactive Built -in System group are "added" as
Interactive
they log on locally to the system.
Anonymous An Anonymous Logon user account that Windows XP Professional
Logon cannot authenticate is put into this Built -in System group.
Users are "added" to the Dialup Built-in System group once they
Dialup
establish a dial-up connection to the system..
You can set or revoke permissions to these Built -in System groups at the resource.
(e.g. share, NTFS folder, printer, etc.)
This article will cover the TCP/IP Protocol within Windows XP Prof essional.
The Transmission Control Protocol/Internet Protocol is a network communication
protocol. It can be used as a communications protocol on private networks and it is
the default protocol in use on the internet. When you set up any system to have
direct access to the Internet, whether it is via dial-up or one of the high speed
technologies in use today, your system will need to utilize the TCP/IP protocol
whether it is a Windows based system or not.
Also, if the given system needs to communicate to other TCP/IP systems on the local
LAN or WAN it will need to utilize the TCP/IP protocol as well.
[NOTES FROM THE FIELD] - Indirectly connected computers, such as those on a
LAN that hit the internet via certain default gateways, certain types of routers, Proxy
Servers, ISA Servers or other indirect means, do not necessarily need to use the
TCP/IP protocol. The need only use the network protocol in use for their LAN, where
that LAN protocol would communicate with the directly connecting mechanism,
(default gateway, router, Proxy Server or other direct device). That directly
connected device would need to use the internet default protocol of TCP/IP.
TCP/IP is technically made up of two protocols. The upper layer, Transmission
Control Protocol, on the sending system is responsible for breaking down the data
into smaller packets to be transmitted over the network, (local and internet), while
the TCP layer on the receiving node reassembles the packets it receives back into the
original data structure.
The lower layer, Internet Protocol, addresses each individual packet so that it gets
delivered to the correct node. Each routing device on the network, be it a hardware
router or a server system that is performing routing functions, will check the
destination address to see where to forward the message.
[NOTES FROM THE FIELD] - This is just a basic overview of TCP/IP and I didn't
want to get too involved with it here within this article. There is bountiful information
on TCP/IP all over the internet and before pouring through the RFCs I would first
suggest you try TCP/IP Frequently Asked Questions or TCP/IP Protocol Suite -
Questions & Answers.
The TCP/IP Model
The TCP/IP suite of protocols maps to a four-layer conceptual model which is based
off of the seven layer Open System Interconnection (OSI) protocol model.
The detailed function of each layer of the Open System Interconnection (OSI)
protocol model is beyond the scope of this topic, however, the 60 second overview is
as follows:
Physical Layer - Defines the interface between the medium and the device. This
layer also transmits bits (ones and zeros) and defines how the data is transmitted
over the physical medium. Some examples of Network Components found at this
layer are Multiplexers, Passive Hubs, Active Hubs, Repeaters and other types of
signal Amplifiers
Data Link Layer - This layer is actually divided into to sublayers, Logical Link
Control, which mainly handles error correction and flow control and Media Access
Control, which mainly handles the communication with the network adapter card.
Some examples of Network Components found at the Data Link layer are Bridges,
Switches and certain Advanced Cable Testers.
Network Layer - This OSI layer is responsible for translating logical network
address and names such as computernames to their MAC addresses and for
addressing and routing data packets over the network. If routers at this layer can’t
forward the data frames as large as the source node has sent, this OSI layer will
break down the data into smaller units that the devices can handle. Some examples
of Protocols found at the Network Layer are IP, ARP, RARP, ICMP, RIP, OSFP, IGMP,
IPX, NWLink and NetBEUI. Some examples of Network Components found at this
layer are Brouters, Routers, some types of ATM Switches and Frame Relay hardware.
Transport Layer - The Transport Layer adds an additional connection below the
Session layer and helps manage data flow control between nodes on the network.
This layer divides the data into packets on the sending node and the transport layer
of the receiving node reassembles t he message from packets. The Transport Layer
provides error-checking to guarantee error-free data delivery by requesting
retransmission if some packets don’t arrive error-free. It also sends acknowledgment
of successful transmissions back to the sending node. Some examples of Protocols
found at this layer are TCP, ARP, RARP, SPX and NWLink. Some examples of Network
Components found at the Transport Layer are Gateways and certain types of
Brouters.
Session Layer - This OSI layer, as the name implies, establishes, maintains and
ends sessions between transmitting nodes across the network and manages which
node can transmit data at a certain time and for how long. Some examples of
Protocols found at this layer are Names Pipes, NetBIOS Names, RPC and Mail Slots.
Some examples of Network Components found at the Session Layer are Gateways
and certain types of Proxy Servers.
Presentation Layer - The Presentation Layer technically performs the translation of
the data from the way applications understand it to the way networks understand it
on the transmission end and then back on the receiving node. It is responsible for
protocol conversions, data encryption / decryption, and data compression /
decompression where the network is considered. Some examples of Network
Components found at the Presentation Layer are Gateways and certain types of
Redirectors. There are no Protocols that normally operate in this layer.
Application - The Application Layer of the OSI model allows access to network
services for applications specifically written to run over the network, such as email
and file transfer programs such as FTP. There are many Protocols found at the
Application Layer, some of which include FTP, TFTP, BOOTP, SNMP, SMTP, TELNET,
NCP, and SMB.
The TCP/IP suite four-layer conceptual model is as follows;
Network Interface Layer - This layer effectively puts the frames on the wire from
the sending node and pulls frames off the wire at the receiving node and basically
correlates to the Physical Layer of the OSI model.
Internet Layer - Internet layer protocol of the TCP/IP suite encapsulate packets
into Internet datagrams. There are four Internet protocols that operate at this layer.
The Internet Layer basically (but not entirely) correlates to the Network Layer of the
OSI model.
Application Layer - The Application Layer is where applications that are specifically
written to operate over networks, gain their access. There are two TCP/IP services,
Winsock and the NetBIOS over TCP/IP (NetBT) interface, that network applications
most commonly use on Windows XP Professional networks. The Application Layer
basically (but not entirely) correlates to the Application Layer of the OSI model.
Winsock is the standard interface used for socket -based applications and
TCP/IP protocols. Winsock allows the net work application to bind to a
Winsock
specific port and IP address on a node, initiate and accept a connection,
send and receive data, and close then close the connection.
Also, if the given system needs to communicate to other TCP/IP systems on the local
LAN or WAN it will need to utilize the TCP/IP protocol as well.
TCP/IP version 4 (IPv4) addresses are made of up four 8-bit fields (octets) and
are 32-bits in size total. Microsoft TCP/IP version 4 supports the standard classes of
address, which defines which bits are used for the network ID and which bits are
used for the host ID. There are five TCP/IP version 4 (IPv4) addresses, although for
the most part, only the A, B, and C classes are used. The system of IP address
classes described here form the basis for IP address assignment. Classless Inter-
Domain Routing (CIDR) addressing is now being used more often and I will cover
that later in the article. Classless Inter-Domain Routing is making the IP address
classes in their current for "less defined", for lack of a better term. Still, the classes
form the base of any addressing scheme.
TCP/IP version 4 address are made of both a network ID and a host ID. The network
ID address identifies the physical network where the hosts exist. The host ID address
identifies the individual TCP/IP host on a network. The host ID must be unique on
the internal network, that is, no two nodes on a given network can have the same
network ID AND host ID.
[NOTES FROM THE FIELD] - You can have two hosts with the IP host name of
112.12.44 if one is on network 10 and another is on network 11. (The full IP
addresses of these hosts would be 10.112.12.44 and 11.112.12.44. The subnet
mask would be 255.0.0.0.) You cannot assign both of these nodes the host address
of 112.12.44 if they are both on network 10 or both on network 11.
The "division" point between the network ID and the host ID is called the subnet
mask. The subnet mask is used to determine where the network number in an IP
address ends and the node number in an IP address begins.
The bits in a subnet mask are set consecutively from left to right and there can be no
"skips" in the setting structure. The subnet mask of 255.255.128.0 is valid because
all eight bits are set in the first two octets and the first bit of the next octet is also
set. (11111111.11111111.10000000.00000000). The subnet mask of 255.255.64.0
is not valid because there is a "missing" bit that is not allowed.
(11111111.11111111.01000000.00000000).
[NOTES FROM THE FIELD] - The left most bit in a TCP/IP version 4 address is
called the Most Significant Bit (MSB) and has the highest value. The right most bit in
a TCP/IP version 4 address is called the Least Significant Bit (LSB) and has the
lowest value.
The value of the bits, in order from the Most Significant Bit (MSB) to the Least
Significant Bit (LSB) are 128, 64, 32, 16, 8, 4, 2, 1. These numerical designations
are what make up the TCP/IP version 4 address. Each set bit (noted by a "1") are
added together to give you the address. The TCP/IP version 4 address of
171.144.62.12 converts t o a binary number of
10101011.10010000.00111110.00001100 and a hexadecimal number of
AB.90.3E.0C
[NOTES FROM THE FIELD] - While it's important to know that the TCP/IP version 4
address converts to a binary number or a hexadecimal number it is not often used in
day to day operations of the MCSA/MCSE. It is more so for the Network
Administrator. For the 70-270 exam, concentrate on the different classes of
addresses, how subnet masks work, Classless Inter -Domain Routing (CIDR)
addressing and a basic understanding of the binary conversion of a TCP/IP version 4
address. Basically, know the Most Significant Bit (MSB) and the Least Significant Bit
(LSB) and the order of numbers.
The way I remember it was to remember that the Least Significant Bit (LSB) of each
octet was "1" and each place to the left of it doubled in value up to the end of the
octet on the far left. After the DOT I would start back to "1"
TCP/IP version 6 (IPv6) addresses are a set of specifications from the Internet
Engineering Task Force (IETF) and has been designed to overcome the current
shortage of addresses under TCP/IP version 4. TCP/IP version 6 also has some other
built in improvements that goes beyond the scope of the discussion here. The single
most important thing you will need to know for the 70-270 exam (a little more depth
may be needed for the upcoming Exam 70-275: Installing, Configuring and
Administering Microsoft .NET Server and Exam 70-276: Implementing and
Administering a Microsoft .NET Server Network Infrastructure) is that IPv6 addresses
are 128 bits in length as opposed to 32 bits under IPv4.
The original Internet Protocol defines IP addresses in five classes, Classes A through
E. Each of these classes allowed the use of one portion of the 32-bit Internet address
scheme to the network address and the remaining portion to the nodes on the
network. One of the main reason for the IP address shortage was in the situation
where many companies needed more than 254 host machines that were allowed
under the Class C scheme but far fewer than the 65,533 host addresses of the Class
B scheme. They would request a unique B Class address but often ended up not
using many of the addresses within their allotted block. This meant that many
addresses with their pool were unutilized. This is one of the main reasons the IP
address pool was drying up and for this reason the big push was on for TCP/IP
version 6 (IPv6) and its 128-bit address. Because many of the Internet authorities
realized that it would be some time before IPv6 was in widespread use, Classless
Inter-Domain Routing was born.
Using Classless Inter-Domain Routing, each IP address has a network prefix that
identifies either a collection of network gateways or an individual gateway. The
length of the network prefix is also specified as part of the IP address and varies
depending on the number of bits that are needed (rather than any arbitrary class
assignment structure). A destination IP address or route that describes many
possible destinations has a shorter prefix and is said to be less specific. A longer
prefix describes a destination gateway more specifically. Routers are required to use
the most specific or longest network prefix in the routing table when forwarding
packets.
201.44.112.00 is the address of the network and the "18" says that the first 18 bits
are the network part of the address, leaving the last 14 bits for the address of the
node. (Effectively, the 18 is the subnet mask from the "old" style of address classes.)
Classless Inter-Domain Routing lets one routing table entry represent a collection of
networks that exist in the forward path that don't need to be specified on that
particular gateway. This collecting of networks in a single address is sometimes
referred to as a supernet as by their definition they mean the same thing.
Subnet masks allows you to identify the network ID and the host (node) ID of an IP
address.
10011110.00010101.00111001.01101111 158.21.57.111
11111111.11111111.00000000.00000000 255.255.000.000
--------------------------------------------------------
10010110.11010111.00000000.00000000 158.21.000.000
we can determine that the network ID is 158.21 and the host ID is 57.111
Additional bits can be added to the subnet mask for a given class of addresses to
subnet networks further.
Given the following example of a B Class address using an additional bit s ubnet
mask:
10011110.00010101.00111001.01101111 158.21.57.111
11111111.11111111.11110000.00000000 255.255.240.000 Subnet Mask
--------------------------------------------------------
10010110.11010111.00010000.00000000 150.215.016.000 Network address
we can see that rather than having the single subnet and 65534 Hosts per Subnet
allowed under the default subnet mask we are able to have up to 16 subnets with up
to 4094 Hosts per Subnet by using a Subnet Mask of 255.255.240.000.
158.21.80.1 to
158.21.80.0 255.255.240.0 4094 158.21.95.255
158.21.95.254
158.21.96.1 to
158.21.96.0 255.255.240.0 4094 158.21.111.255
158.21.111.254
158.21.112.1 to
158.21.112.0 255.255.240.0 4094 158.21.127.255
158.21.127.254
158.21.128.1 to
158.21.128.0 255.255.240.0 4094 158.21.143.255
158.21.143.254
158.21.144.1 to
158.21.144.0 255.255.240.0 4094 158.21.159.255
158.21.159.254
158.21.160.1 to
158.21.160.0 255.255.240.0 4094 158.21.175.255
158.21.175.254
255.255.240.0 158.21.176.1 to
158.21.176.0 4094 158.21.191.255
158.21.191.254
158.21.192.1 to
158.21.192.0 255.255.240.0 4094 158.21.207.255
158.21.207.254
158.21.208.1 to
158.21.208.0 255.255.240.0 4094 158.21.223.255
158.21.223.254
158.21.224.1 to
158.21.224.0 255.255.240.0 4094 158.21.239.255
158.21.239.254
158.21.240.1 to
158.21.240.0 255.255.240.0 4094 158.21.255.255
158.21.255.254
[NOTES FROM THE FIELD] - A subnet address cannot be all 0's or all 1's.
The "A" class addressing scheme has an official start address of 0.0.0.0 and an
official last address of 127.255.255.255.
Not all of these address can be used and you will OFTEN see conflicting information
on this.
1.0.0.1 to 126.255.255.254 is the range of IP addresses that are included in the "A"
class addressing scheme that are the useable range for node assignment
The local host will use 0.0.0.0 when it cannot reach a DHCP server when it is set to
use one and cannot assign itself an address using APIPA.
There are 126 Class A networks total, each allowed to have up to 16,777,214 hosts
There are three IP network addresses reserved for private netw orks. 10.0.0.0 -
10.255.255.255 with the subnet mask 255.0.0.0 is the range for Class A IP
addresses.
They can be used by anyone setting up internal IP networks, such as a lab or home
LAN behind a NAT or proxy server or a router. It is always safe to use these because
routers on the Internet will never forward packets coming from these addresses.
While 10.0.0.0 - 10.255.255.255 addresses with the subnet mask 255.0.0.0 are
available to only internal IP networks, they are still considered part of the Class "A"
range.
The "B" class addressing scheme has an official start address of 128.0.0.0 and an
official last address of 191.255.255.255.
Not all of these address can be used and you will OFTEN see conflicting information
on this.
The local host will use 0.0.0.0 when it cannot reach a DHCP server when it is set to
use one and cannot assign itself an address using APIPA.
There are three IP network addresses reserved for private networks. 172.16.0.0 -
172.31.255.255 with the subnet mask 255.240.0.0 is the range for Class B IP
addresses.
They can be used by anyone setting up internal IP networks, such as a lab or home
LAN behind a NAT or proxy server or a router. It is always safe to use these because
routers on the Internet will never forward packets coming from these addresses.
While 172.16.0.0 - 172.31.255.255 addresses with the subnet mask 255.240.0.0 are
available to only internal IP networks, they are still considered part of the Class "B"
range.
The "C" class addressing scheme has an official start address of 192.0.0.0 and an
official last address of 223.255.255.255.
Not all of these address can be used and you will OFTEN see conflicting information
on this.
The local host will use 0.0.0.0 when it cannot reach a DHCP server when it is set to
use one and cannot assign itself an address using APIPA.
There are three IP network addresses reserved for private networks. 192.168.0.0 -
192.168.255.255 with the subnet mask 255.255.0.0 is the range for Class C IP
addresses.
They can be used by anyone setting up internal IP networks, such as a lab or home
LAN behind a NAT or proxy server or a router. It is always safe to use these because
routers on the Internet will never forward packets coming from these addresses.
Class D addresses are only required if you wish to be a multicast source. You can still
receive multicast data without the need for a separate Class D address.
The IP address of 255.255.255.255 broadcasts to all hosts on the local network and
therefore, is not to be considered as part of the E class of IP addresses.
"The fact that the grass is greener on the other side of the fence is directly
proportional to how much manure is being used on the property"
This article will continue with covering the TCP/IP Protocol within Windows XP
Professional, specifically, troubleshooting of the network protocol under Windows XP
Professional.
Also, if the given system needs to communicate to other TCP/IP systems on the local
LAN or WAN it will need to utilize the TCP/IP protocol as well.
PING - Ping can be used to test your TCP/IP connection by sending a message to
the remote node or gateway from a local system. (It can also be used to test the
loopback locally only to see if it is working correctly.) If the remote node or gateway
receives the message, it responds with a reply message. The reply consists of the
remote's IP address, the number of bytes in the message, how long it took to reply -
given in milliseconds (ms), the length of time-to-live (TTL) in seconds and it will also
show any pack loss in terms of percentages.
Usage: ping [-t] [-a] [-n count] [-l size] [-f] [-i TTL] [-v TOS]
[-r count] [-s count] [[-j host-list] | [-k host-list]]
[-w timeout] target_name
Switches:
-t Ping the specified host until stopped. To see statistics and continue - type
Control-Break; To stop - type Control-C.
-a Resolve addresses to hostnames.
-n count Number of echo requests to send.
-l size Send buffer size.
-f Set Don't Fragment flag in packet.
-i TTL Time To Live.
-v TOS Type Of Service.
-r count Record route for count hops.
-s count Timestamp for count hops.
-j host-list Loose source route along host -list.
-k host-list Strict source route along host -list.
-w timeout Timeout in milliseconds to wait for each reply.
ARP - Displays and modifies the IP-to-Physical address translation tables used by
address resolution protoc ol (ARP).
Example:
> arp -s 157.55.85.212 00-aa-00-62-c6-09 .... Adds a static entry.
> arp -a .... Displays the arp table.
IPCONFIG - Use the ipconfig command to get the local system's basic IP
configuration information, including the IP address, subnet mask, and default
gateway.
The IPCONFIG/all switch produces a detailed configuration report for all interfaces,
including any configured remote access adapters.
The default is to display only the IP address, subnet mask and default gateway for
each adapter bound to TCP/IP.
For Release and Renew, if no adapter name is specified, then the IP address leases
for all adapters bound to TCP/IP will be released or renewed.
NBTSTAT [ [-a RemoteName] [-A IP address] [-c] [-n] [-r] [-R] [-RR] [-s] [-S]
[interval] ]
-a (adapter status) Lists the remote machine's name table given its name
-A (Adapter status) Lists the remote machine's name table given its IP
address.
-c (cache)Lists NBT's cache of remote [machine] names and their IP
addresses
-n (names)Lists local NetBIOS names.
-r (resolved) Lists names resolved by broadcast and via WINS
-R (Reload) Purges and reloads the remote cache name table
-S (Sessions) Lists sessions table with the destination IP addresses
-s (sessions) Lists sessions table converting destination IP addresses to
computer NETBIOS names.
-RR(ReleaseRefresh) Sends Name Release packets to WINS and then, starts
Refresh
NETSTAT [-a] [-e] [-n] [-o] [-s] [-p proto] [-r] [interval]
ROUTE - You can use the route command line tool to display t he current IP routing
table and add or delete IP routes.
commands
All symbolic names used for destination are looked up in the network database file
NETWORKS. The symbolic names for gateway are looked up in the host name
database file HOSTS.
Invalid MASK generates an error, that is when (DEST & MASK) != DEST.
Example> route ADD 157.0.0.0 MASK 155.0.0.0 157.55.80.1 IF 1 The route addition
failed: The specified mask parameter is invalid. (Destination & Mask) != Destination.
Examples:
route PRINT
route ADD 157.0.0.0 MASK 255.0.0.0 157.55.80.1 METRIC 3 IF 2
destination^ mask^ gateway^ metric^ ^Interface
If IF is not given, it tries to find the best interface for a given gateway.
HOSTNAME - Hostname is used to show the local computer's host name for
authentication by the Remote Copy Protocol (RCP), Remote Shell (RSH), and Remote
Execution (REXEC) tools
Usage: tracert [-d] [-h maximum_hops] [-j host-list] [-w timeout] target_name
Options:
PATHPING - Pathping also shows the route taken to reach a remote system as does
TRACERT but PATHPING does so with more detail and allows for more functionality
as well.
Usage: pathping [-g host-list] [-h maximum_hops] [-i address] [-n] [-p period] [-q
num_queries] [-w timeout] [-P] [-R] [-T] [-4] [-6] target_name
Options:
There are additional tools that can be used to test TCP/IP connectivity. They are
standard use tools for the TCP/IP protocol. FTP
- FTP is the File Transfer Protocol and it is used to transfer files from system to
system.
The command line FTP allows for more functionality. FTP is considered to be a
connected session using Transmission Control Protocol (TCP).
FTP [-v] [-d] [-i] [-n] [-g] [-s:filename] [-a] [-w:windowsize] [-A] [host]
[NOTES FROM THE FIELD] - Use mget and mput commands take y/n/q for
yes/no/quit.
Use Control-C to abort actively executing commands.
TFTP - The Trivial File Transfer Protocol allows for the connectionless transfer of files
to and from systems using User Datagram Protocol (UDP).
While TFTP is limited in functionality, there are still some command line switches that
can be used to tailor its performance.
-i Specifies binary image transfer mode (also called octet). In binary image
mode the file is moved literally, byte by byte. Use this mode when
transferring binary files.
host - Specifies the local or remote host.
GET - Transfers the file destination on the remote host to the file source on
the local host.
PUT - Transfers the file source on the local host to the file destination on the
remote host.
source - Specifies the file to transfer.
destination - Specifies where to transfer the file.
RCP - RCP copies files to and from computer running the RCP service. RCP uses the
Transmission Control Protocol (TCP) to utilize the connected and reliable delivery of
data between the client and the host and can be scripted in a batch file and does not
require a password. The remote host must be running the RSHD service, and the
user’s username must be configured in the remote host’s .rhosts file. RCP is one of
the r-commands available on all UNIX systems.
[NOTES FROM THE FIELD] - Microsoft’s implementation of TCP/IP includes the RCP
client software but not rshd services.
-a Specifies ASCII transfer mode. This mode converts the EOL characters to a
carriage return for UNIX and a carriage return/line feed for personal
computers. This is the default transfer mode.
-b Specifies binary image transfer mode.
-h Transfers hidden files.
-r Copies the contents of all subdirectories; destination must be a directory.
host Specifies the local or remote host. If host is specified as an IP address
OR if host name contains dots, you must specify the user.
.user: Specifies a user name to use, rather than the current user name.
source Specifes the files to copy.
path\destination Specifies the path relative to the logon directory on the
remote host. Use the escape characters (\ , ", or ') in remote paths to use
wildcard characters on the remote host.
RSH - RSH is a TCP/IP utility that enables clients to run commands directly on
remote hosts running the RSH service without having to log on to the remote host.
RSH is one of the UNIX r-commands that are available on all UNIX systems.
REXEC - REXEC runs commands on remote hosts running the REXEC service and
authenticates the user name on the remote host before executing the specified
command.
FINGER - FINGER is a TCP/IP utility used for viewing information about a user on a
system running the finger service.
Remote Assistance is a convenient way for level two system technicians (and in
certain cases, knowledgeable friends and associates) to connect to your Windows XP
system and either walk you through any problems you are having locally or to allow
them to take care of it for you.
After Enterprise users log a call to a central help desk either via the phone or the
Enterprise's current trouble call system, (or by one of the ways mentioned later in
this article) Remote Assistance allows the appropriate person to log into your system
to view what you see on your computer screen and chat online with you in real time
through the use of Windows Messenger about what you both see on the local
system. (It is also possible for them to be speaking over the te lephone with you
about what is seen on the local system as well.) If the task is "too difficult" to walk
the user through, the support person can "take over" the session and complete the
task remotely.
On some corporate WANs, firewalls might stop you from using Remote Assistance
depending on whic h ports are being filtered at the firewall.
Remote Assistance runs over the top of Terminal Services technology and uses the
same TCP port used by Terminal Services: port 3389.
Remote Assistance will not work if outbound traffic from TCP port 3389 is blocked.
If you are using Network Address Translation (NAT) in a home environment, you can
use Remote Assistance without any special configurations. However, if you have a
personal firewall or similar lockdowns in your home environment, you will have the
same issues as in a corporate environment, Remote Assistance will not work if
outbound traffic from TCP port 3389 is blocked.
Also, Microsoft Windows XP Professional or Windows XP Home Edition are the only
two systems that can use this functionality. The user requesting assistance and the
user providing the assistance must both be using systems running one of the
versions of Windows XP.
Remote Assistance configuration is accessed and settings are enabled via the System
Properties page on a Windows XP system either by selecting it from the Start Menu
[NOTES FROM THE FIELD] - What your Start Menu options look like all depend on
how you have the menu set. If you are using the Classic Start Menu, you would not
see My Computer as a selection to right click on.
I seem to continually repeat this from article to article, but it is important to stress,
the Windows XP Professional exam rarely tests you on Classic anything. You need to
know how to get from Windows XP Professional settings to Classic and back, but in
90% of the cases you're going to find instructions laid out in the Windows XP
Professional vein. I will do my best to point out alternatives in the [NOTES FROM
THE FIELD] section as I have done here.
Local Administrators and certain permitted individuals have the rights to make
configuration settings for the local systems to allow or prevent remote assistance
invitations. Once the system is properly configured by the Administrator, any user
can make a request for remote assistance.
After the Properties page has been brought up for a local system, it can be set to
allow Remote Assistance invitations by selecting the Allow Remote Assistance
invitations to be sent from this computer checkbox on the Remote tab.
Once this option is set the Advanced button becomes available which displays the
Remote Assistance Settings dialog box when selected.
[NOTES FROM THE FIELD] - The default settings are shown in the image above.
You can configure the Invitation settings in the drop down menu of numbers in a
range from 1 to 99 and the definition box to the right can be set to MINUTES,
HOURS, or DAYS.
There are many different ways to solicit help via Remote Assistance. I will outline the
main ways to ask via the local system.
You can ask for Remote Assistance via the Windows Messenger by logging in to the
Windows Messenger and going to Actions on the Menu bar and selecting Ask for
Remote Assistance.
This allows you to select a person from your list of contacts, provided they are online
at the time.
You can also select the Other tab to enter the e-mail address of another person to
contact.
The invitation from the My Contacts list will show up in the conversation window.
Also, if you already have a conversation session established with the person you
want to request help from, you can simply select the Ask for Remote Assistance
button from the I want to....menu.
Once the person accepts the invitation you will see a dialog box asking you to
confirm permission. In order for the session to continue you would need to click Yes.
They can then operate on your system at whatever level of control that has been
allowed. (Either view or full control.)
[NOTES FROM THE FIELD] - The client requesting the remote session maintains
ultimate control of the session even thought they have granted temporary controlling
access to the invitee. Although you relinquish control of your computer temporarily,
you retain control over the Remote Assistance session itself. The client requesting
the remote session can end the session immediately by clicking the Stop Control
button or pressing the ESC key.
You can also initiate a session via Help and Support from the Start Menu.
This will open the Help and Support Center where you can ask for assistanc e from
the main menu.
From here you can select Invite someone to help you which will open the next
screen to select either a Windows Messenger user or allow you to make a solicitation
by email.
You can select a user from the list and click the Invite this person button which will
bring up the Web Page Dialog box.
[NOTES FROM THE FIELD] - This box will stay open until it is accepted on the
remote end or cancelled on the requesting end.
When you save the invitation, you can elect to require the recipient to use a
password. (You will have to get this password to the recipient, it is not sent from this
tool.)
You can also elect Get Help from Microsoft from the Support menu, which allows
you to choose assistance options from Microsoft.
If you choose to Ask a Microsoft Support Professional for help, you'll need to
agree to the End User License Agreement, after which you'll be prompted through a
series of questions to assist you in your troubleshooting effort.
[NOTES FROM THE FIELD] - While I have personally never used this option, I did
fire it up to see how it functioned and it appeared to work just the Windows
Hardware Troubleshooters, where a number of "canned" questions are asked, which
lead to the next question and so on, building the "path" of questioning from the
previous answers. I can't really tell you if you have a "live" Microsoft support person
on the other end, at least not for the number of questions I walked through anyway.
You can also choose to Go to a Windows Web site Forum from the Support menu
and choose the Go to Windows Newsgroups in an attempt to resolve any system
issues you might be having on your own by utilizing information posted there.
Windows clients can be c onfigured to use NWLink to access client and server
applications running on Novell NetWare servers and / or on intranets where IPX/SPX
or NWLink is the protocol of choice. Windows clients running NWLink and the Client
Service for NetWare or NWLink and Gateway Service for NetWare can connect to
NetWare servers and utilize their file and print services.
NetWare clients can access client and server applications running on Windows 2000
servers by using the protocol as well. NetWare clients running IPX with NetBIOS,
Named Pipes, or Windows Sockets can connect to systems running Windows 2000
with NWLink installed and utilize applications and services on those systems.
NetWare clients running IPX can also connect to systems running Windows 2000
Server with NWLink and File and Print Services for NetWare installed for file and print
services.
Winsock supports existing NetWare applications written to comply with the NetWare
IPX/SPX Sockets interface and NetBIOS over IPX supports communication between
NetWare clients running NetBIOS and systems running Windows XP Professional and
NWLink NetBIOS
[NOTES FROM THE FIELD] - NWLink is not installed by default during the
installation of any of the current Windows client and server operating systems. By
default, you must be a member of the Administrators group to install protocols on
any given system.
Installing NWLink
The easiest way to go about it is to right click My Network Places from the Start
Menu and select Properties.
[NOTES FROM THE FIELD] - (Long time readers are sick of this, but I can't
mention it enough.) What your Start Menu options look like all depend on how you
have the menu set. If you are using the Classic Start Menu, you would not see My
Network Places as a selection to right click on.
I seem to continually repeat this from article to article, but it is important to stress,
the Windows XP Professional exam rarely tests you on Classic anything. You need to
know how to get from Windows XP Professional settings to Classic and back, but in
90% of the cases you're going to find instructions laid out in the Windows XP
Professional vein. I will do my best to point out alternatives in the [NOTES FROM
THE FIELD] section as I have done here.
Once you have opened the Properties of My Network Places you will see the
Network Connections box, as shown below.
In order to add the protocol from here you would need to right click the installed LAN
adapter and select Properties.
Click on Install to open the Select Network Component Type. Since we want to
install a protocol, we will select Protocol and click ADD
Next you will see the Select Network Protocol window where you will be able to
select NWLink IPX/SPX/NetBIOS Compatible Transport Protocol. Once you have done
this and clicked OK the protocol will be installed.
[NOTES FROM THE FIELD] - Windows XP does not require you to restart the
computer after you install new protocols MOST of the time. What you may find that
you need to do is to Disable and then Enable the network adapter to finalize all the
settings. When it is practical, you should restart the system. If you have connectivity
issues with the newly installed protocol, or even the currently installed ones, you're
not going to be able to be sure where to start troubleshooting if you haven't
rebooted the system.
Configuring NWLink
Once NWLink has been installed you need to properly configure it. By default,
NWLink automatically detects the frame type used on the LAN because it is set to
auto detect the network frame type. If NWLink detects no network traffic or if
multiple frame types are detected as in use, NWLink sets the frame type to 802.2.
Each frame type on a IPX network formats data differently for transmission and the
different types are incompatible with each other. Multiple frame types can be used,
but in order for all computers on a network to successfully communicate with one
another they must use the same frame type.
You can determine which external network number, frame type, and internal network
number your routers are using by typing ipxroute config at a command prompt.
The Ipxroute utility manages the source routing variables of NWLink and is installed
only if the NWLink transport protocol is bound to a network adapter.
Any changes made with IPXroute are valid for the current session only. When you log
off, the settings are lost. To permanently change NWLink settings, you must set
them in the registry.
H:\>ipxroute config
Legend
======
- down wan line
NWLink IPX Routing and Source Routing Control Program v2.00 included in Windows
2000 and Windows XP displays and modifies information about the routing tables
used by IPX.
H:\>ipxroute
Broadcast (FFFF FFFF FFFF) Addresses are sent SINGLE ROUTE BROADCAST
Multicast (C000 xxxx xxxx) Addresses are sent SINGLE ROUTE BROADCAST
Servers displays the SAP table for the specified server type. Server type is a 16-bit
integer value. If no type is specified, servers of all types are shown. The displayed
list is sorted by server name.
Resolve resolves the name of the given adapter to its guid or friendly version.
You can configure the frame type you wish to use manually by right clicking the
adapter you want to configure and going to the properties page.
On the General tab of the property page for the adapter you would select the
NWLink IPX/SPX/NetBIOS Compatible Transport Protocol and click the Properties
button.
On the General tab of the property page for the protocol you can manually select a
frame type from the drop down window in the Adapter section.
[NOTES FROM THE FIELD] - Windows XP does not require you to restart the
computer after you change the frame type MOST of the time. What you may find
that you need to do is to Disable and then Enable the network adapter to finalize all
the settings, as the system may not have "let go" the auto configured frame type.
When it is practical, you should restart the system. If you have connectivity issues
with the newly set frame type, or even other currently installed protocols, you're no t
going to be able to be sure where to start troubleshooting if you haven't rebooted
the system.
On Ethernet networks, the standard frame type for NetWare 2.2 and NetWare 3.11 is
802.3. For NetWare 3.12 and later, the default is 802.2.
The different network topologies and the frame types supported by NWLink are
outlined in the table below.
That's a wrap for this week. Be sure to check back in next week for the next article
in this series.
In the meantime, best of luck in your studies and please feel free to contact me with
any questions on my column and remember,
"Married people may in fact live longer than single people, but it seems that they are
more willing to die."
That's a wrap for this week. Be sure to check back in next week for the next article
in this series.
In the meantime, best of luck in your studies and please feel free to contact me with
any questions on my column and remember,
"I have yet to figure out why people put suits in a garment bag and put garments in
a suitcase"
[NOTES FROM THE FIELD] - Being able to install DNS is not a requirement for the
70-270 exam. Understanding the functionality of DNS and how it affects Windows XP
Professional clients in workgroups and within domains is.
In the next few weeks in my Learn Active Directory in 15 Minutes a Week series of
articles I will cover DNS in more depth, including a more in depth view of installing
DNS.
The Microsoft Domain Name System (DNS) is the name resolution service that
resolves Uniform Resource Locator names (URLs) and other DNS names into their
“true” dotted decimal format. http://www.zandri.net translates into a specific
Internet Protocol (IP) address and it is that address resolution that allows you to
reach the server destination you are looking for.
There are two different types of DNS lookup, forward and reverse. A forward lookup
query resolves a DNS name to an IP address and is the most common DNS query. A
reverse lookup query resolves an IP address to a name.
A DNS name server can resolve a query only for a zone for which it has authority.
When DNS servers receive a resolution request, they attempt to locate the requested
information in their own database.
There are two types of queries that can be performed in DNS: Iterative and
Recursive.
A DNS resolution query made from a client to a DNS server where the server returns
the best answer that it can provide based on its local cache or stored zone data is
called an Iterative query. If the server performing the Iterative query does not have
an exact match for the name request, it provides a pointer to an authoritative server
in another level of the domain namespace. The client system will then query that
server and so on and will continue this process until it locates a server that is
authoritative for the requested name or until an error is returned such as name not
found or a time-out condition is met.
A DNS resolution query made from a client to a DNS server in which the server
assumes the full workload and responsibility for providing a complete answer to the
query is called a recursive query.
The server, if it cannot resolve the resolution from it's own database will then
perform separate iterative queries to other servers (on behalf of the client) to assist
in returning an answer to the recursive query and will continue this process until it
locates a server that is authoritative for the requested name or until an error is
Client computers send recursive queries to DNS servers in most cases and usually
the DNS server is set up to make iterative queries to provide an answer to the client.
First the client computer generates a request for the IP address of www.zandri.net
by sending a recursive query to the DNS server that it is configured to use in its
network configuration. (We'll call this server LOCALCFG)
The second step is for LOCALCFG DNS server that has received a recursive query to
look it its local database. If it does find that answer locally it is returned. If it is
unable to locate an entry for www.zandri.net in its own database, it sends an
iterative query to a DNS server that is authoritative for the root of the local domain.
(We'll call this server LOCALROOT)
If the LOCALROOT DNS server, which is authoritative for the root domain, has the
answer in its local database it sends a response to LOCALCFG. If the LOCALROOT
DNS server is unable to locate an entry for www.zandri.net in its database, it sends a
reply to the querying DNS server (LOCALCFG) with the IP addresses of DNS servers
that are authoritative for the .net domain. (If it were .com you would be sent the IP
addresses of DNS servers that are authoritative for the COM domain. If it were .org
you would be sent the IP addresses of DNS servers that are authoritative for the
ORG domain and so on.) We'll call this server DNSNET.
The DNS server that received the client recursive query (LOCALCFG) sends an
iterative query to a server that is authoritative for the .net domain (DNSNET).
If the DNS server that is authoritative for the .net domain (DNSNET) has an entry for
www.zandri.net in its local cache it will return it to LOCALCFG. If DNSNET is unable
to locate an entry for www.zandri.net in its database, it sends a reply to the querying
DNS server (LOCALCFG) with the IP addresses of DNS servers that are authoritative
for the zandri.net domain. (We'll call this server ZANDRIDNS).
The DNS server that received the client recursive query (LOCALCFG) sends an
iterative query to a server that is authoritative for the zandri.ne t domain.
(ZANDRIDNS)
The DNS server that is authoritative for the zandri.net domain (ZANDRIDNS) locates
an entry for www.zandri.net in its database and sends a reply to the querying DNS
server (LOCALCFG) with the IP address of www.zandri.net.
The DNS server (LOCALCFG) that received the recursive query sends a reply to the
client computer with the IP address of www.zandri.net.
If you have any questions, comments or even constructive criticism, please feel free
to drop me a note.
I want to write solid technical articles that appeal to a large range of readers and
skill levels and I can only be sure of that through your feedback.
Windows 2000 Domain Name System (DNS) servers maintain a distributed database
used to translate computer names to Internet Protocol (IP) addresses on
Transmission Control Protocol/Internet Protocol (TCP/IP) networks which includes the
internet.
[NOTES FROM THE FIELD] - Being able to install DNS is not a requirement for the
70-270 exam. Understanding the functionality of DNS and how it affects Windows XP
Professional clients in workgroups and within domains is.
In the next few weeks in my Learn Active Directory in 15 Minutes a Week series of
articles I will cover DNS in more depth, including a more in depth view of installing
DNS.
The Microsoft Domain Name System (DNS) is the name resolution service that
resolves Uniform Resource Locator names (URLs) and other DNS names into their
“true” dotted decimal format. http://www.zandri.net translates into a specific
Internet Protocol (IP) address and it is that address resolution that allows you to
reac h the server destination you are looking for.
For this reason you are going to need to be sure that TCP/IP is installed on the client
system you wish to configure as a DNS client.
[NOTES FROM THE FIELD] - There are other methods available for configuring
TCP/IP name resolution on Windows XP Professional clients. Most of these will not
work on the internet or on networks for Active Directory purposes. Windows Internet
Name Servic e (WINS) can perform NetBIOS-to-IP name resolution and Hosts and
Lmhosts files can be manually configured to provide host -to-IP and NetBIOS-to-IP
name resolution. It is also possible (but usually not desirable) to use b-node
broadcasts to perform NetBIOS name resolution within the local subnet.
In the Network Connections window you would right click your Local Area Connection
(which is the default location to set the local system as a DNS client) and choose
Properties.
On the property page for the Local Area Connection you would highlight the TCP/IP
protocol on the general tab and select the Properties button.
The image below shows a client configured to use the DHCP (as the Obtain an IP
address automatically radio button is set) or APIPA service (in the event the DHCP
server is unavailable). This is also the default selection for the TCP/IP properties at
operating system installation and/or protocol installation when the Typical Settings
radio button is selected.
The client can be configured to use a static (fixed) or dynamic IP address. In either
case, configuring the system as a DNS client is exactly the same.
When you select the Obtain DNS Server Address Automatically option, your
network's Dynamic Host Configuration Protocol (DHCP) server will provide the IP
address of a DNS server to the client.
When you elect to choose Use The Following DNS Server Addresses, you will
manually list the IP address of the Preferred DNS Server and the optional Alternate
DNS Server address that you want the client to use.
You can also click on the Advanced button and enter these values as well as some
other settings.
You can set the client's DNS server addresses in the upper box and arrange them in
order of use from top to bottom (the first two entries of which will be any settings
you provided on the main TCP/IP page) by entering them with the Add button and
using the arrows on the right side to change their order.
There are also other sections on this property page where more settings can be
configured. The Append Primary And Connection Specific DNS Suffixes option
is selected by default and this setting tells the DNS resolver to append the client
name to the primary domain name, as well as the domain name defined in the DNS
Domain Name field. The resolver then searches for the Fully Qualified Domain Name.
If the search for the Fully Qualified Domain Name fails, the DNS resolver will use the
entry (if any) supplied in the DNS Suffix For This Connection text box.
If the DHCP server has been enabled to configure this connection and you do not
specify a DNS suffix, the connection is assigned by the DHCP server. If you specify a
DNS suffix, it is used instead.
The Append Parent Suffixes Of The Primary DNS Suffix check box is enabled by
default and this configuration causes the DNS resolver to drop the leftmost portion of
the primary DNS suffix and attempt to use the resulting domain name. If this fails, it
continues dropping the next leftmost name and repeating this process until only two
names such as 2000Trainers and COM remain. Rather than do this, you might opt to
set the Append These DNS Suffixes (In Order) radio button which will allow you
to specify a list of domains for the DNS resolver to try. The DNS resolver will attempt
each one of these suffixes, one at a time and in the order you specified in the text
box. Any attempts are limited to the domains that you have listed in here.
You can also select the Register This Connection's Addresses In DNS check box
which will cause the client itself to attempt to dynamically register the IP addresses
via DNS with its full computer name as shown on the Computer Name tab of the
System properties page.
The last available option to set from this property page is the Use This
Connection's DNS Suffix In DNS Registration check box which uses DNS
dynamic updates to register the IP addresses and the connection-specific domain
name. The connection-specific name is the computer name, (the first label of the full
computer name specified in the Computer Name tab), and the DNS suffix of this
connection. If the Register This Connection's Addresses In DNS check box is
selected, this registration enabled here is in addition to the DNS registration of the
full computer name.
I want to write solid technical articles that appeal to a large range of readers and
skill levels and I can only be sure of that through your feedback. Until next time,
best of luck in your studies and remember,
I remember how my mother taught me RELIGION - "You better pray that will come
out of the carpet."
Forests
The Windows 2000 Active Directory forest is the collection of one or more Microsoft
Windows 2000 domains that share a common schema, configuration, and global
catalog. You will find all different types of clients in this setup, everything from
Windows 9x systems up to and through Windows XP Professional. You may even find
Windows NT3.51, NT4 and 2000 member servers in a Windows 2000 Forest as well.
[NOTES FROM THE FIELD] - What you will not find unless its been hacked to do so
is a Windows XP Home edition system as a member of a domain. This is not a
supported configuration. Windows XP Professional is the only version of Windows XP
that allows users to join and be managed by the domain. This is outlined in full detail
here in the Windows XP in a Domain Environment article on the Microsoft web site.
The domain namespace of the domain trees in the forest is not always a contiguous
namespace. If there is a single tree in the forest, it will have a common domain
namespace. Since there can be more than one domain tree in a forest (it is not a
requirement, but it is allowed) these different domain trees will have their own
individual contiguous namespaces.
All of the domains in a domain tree and all of the trees in a single forest have the
connectivity benefit of the two-way, transitive trust relationship, which is the default
trust relationship between Windows 2000 domains. A two-way, transitive trust, by
definition, is really the combination of a transitive trust and a two-way trust. This
complete trust between all domains in an Active Directory domain hierarchy helps to
form the forest as a single unit via its common schema, configuration, and global
catalog.
The first Windows 2000 domain installed in the forest is considered to be the forest
root domain.
[NOTES FROM THE FIELD] - Much of this information is an Exam Requirement for
both the 70-217 AND the 70-219 exams. You need to have a high understanding of
this material for the 70-270 exam.
This image is a single Windows 2000 Forest with two domain trees. Zandri.net and
Gunderville.com are both in the same forest, yet both of their domain namespaces
have different name.
Trees
Domain trees within the Windows 2000 Active Directory forest are a set of Windows
2000 domains connected together via a two-way transitive trust, sharing a common
schema, configuration, and global catalog.
In order to be considered a true Windows 2000 domain tree, the domains must form
a contiguous hierarchical namespace with one domain being the domain root.
The first Windows 2000 domain installed in a tree is considered to be the root
domain of that tree. It would only be considered the forest root domain if it was also
the first domain in the forest.
[NOTES FROM THE FIELD] - In the above image we see that Zandri.net is linked
"down" to Gunderville.com. This is usually designed to show that it is the forest root
domain. When the domain tree Zandri.net was first installed it was installed as the
root of the Zandri.net tree and the root of the Active Directory Forest. When
Gunderville.com was first installed it was installed into an existing forest and as the
root of its own domain tree. br>
In the above image, the Zandri.net tree has two child domains installed in its tree,
Northamerica.Zandri.net and Southamerica.Zandri.net. Likewise, Gunderville.com
has two child domains installed in its tree, Northamerica.Gunderville.com and
Southamerica.Gunderville.com. This shows the contiguous hierarchical namespace
within the domain trees.
Trust Relationships
All of the domains in a domain tree and all of the trees in a single forest have the
connectivity benefit of the two-way, transitive trust relationship, which is the default
trust relationship between Windows 2000 domains. A two-way, transitive trust by
definition is really the combination of a transitive trust and a two-way trust. This
complete trust between all domains in an Active Direc tory domain hierarchy helps to
form the forest as a single unit via its common schema, configuration, and global
catalog.
Transitive trusts are a relationship that extends from one domain to the next, to the
next and so on. In the above example, Northamerica.Zandri.net indirectly trusts
Southamerica.Zandri.net because the trust relationship travels from
Northamerica.Zandri.net to Zandri.net to Southamerica.Zandri.net. Because
Northamerica.Zandri.net to Zandri.net is a direct trust and Zandri.net to
Southamerica.Zandri.net is a direct trust and all trusts in a Windows 2000 Active
Directory are transitive by default, Northamerica.Zandri.net indirectly trusts
Southamerica.Zandri.net.
A two-way trust can be simply looked at as two one way trusts between two
domains. When Zandri.net trusts Northamerica.Zandri.net this is a one way trust.
When Northamerica.Zandri.net trusts Zandri.net this is another one way trust. It is
considered two way because each trust the other in the same reverse manner that
they are trusted.
Again, all of the domains in a domain tree and all of the trees in a single forest have
the connectivity benefit of the two-way, transitive trust relationships, which are the
default trust relationships between Windows 2000 domains.
This IS NOT true of domains and domain trees OUTSIDE of the forest. (This is
referred to as an External trust.)
Also, the trust is in no way transitive. If there was situation where a trust was
established from Zandri.net to 2000trainers.com and there was a child domain of
2000trainers.com called Forums.2000trainers.com, users of
Forums.2000trainers.com do not gain access to any of the resources in Zandri.net,
even though those resources might be included in the common schema,
configuration, and global catalog of the 2000trainers.com Active Directory. The trust
that exists is only between 2000trainers.com and Zandri.net alone and it has been
set in this example only so that users in 2000trainers.com can access resources in
the Zandri.net domain. If access to Zandri.net is required by users of the
forums.2000trainers.com Windows 2000 domain, then another one way, external,
non-transitive trust would need to be established.
You can combine two one-way trusts to create a two-way trust relationship, where
2000trainers.com trusts Zandri.net and Zandri.net trusts 2000trainers.com,
however, even these are NOT TRANSITIVE, since they are from different Windows
2000 Active Directory forests.
[NOTES FROM THE FIELD] - Users of the 2000trianers domain would be able to
access resources they had been give permission to in the Zandri.net domain, but this
does not necessarily allow them access to the other domains in the forest such as
Northamerica.Zandri.net, Southamerica.Zandri.net nor any of the Gunderville.com
domain tree.
If you have any questions, comments or even constructive criticism, please feel free
to drop me a note.
I want to write solid technical articles that appeal to a large range of readers and
skill levels and I can only be sure of that through your feedback.
Of all the OXYMORONS there are, Found Missing and Clearly Misunderstood are two
of my favorites.
The Windows XP Professional operating system allows for both compression and
encryption natively within the operating system by setting given attributes on the
files and folders. Both of these functions are mutually exclusive of each other and
only one or the other can be enacted on a particular file or directory at any given
time.
[NOTES FROM THE FIELD] - What you can do is compress an entire directory and
all of the files and folders within that directory and then go in and elect to encrypt
select files which will remove the compression bit from those selections that will be
come encrypted. A file or folder cannot be both encrypted and compressed at the
same time under Windows 2000 or XP Professional natively by the operating system
itself.
It is important to note that compressed folders of this nature, created through the
use of the Compressed Folders feature within Windows XP Professional, CAN be
encrypted on NTFS partitions and CAN be compressed (only) on FAT16 and FAT32
partitions.
You can compress a folder by selecting the folder, right clicking it and choosing
Properties. On the GENERAL tab of the properties page you would select the
Advanced button in order to bring up the Advanced Attributes page, as shown below.
On the Advanced Attributes page you would go down to the Compress or Encrypt
attributes section where you can choose one checkbox to compress the contents or
the other to encrypt them.
[NOTES FROM THE FIELD] - Strangely enough, the options to target are check
boxes, which normally denote the ability to choose more than one selection. (Radio
buttons are normally used in a situation where only one option from a number of
given ones can be selected.) Regardless of which, if you attempt to select both, you
will find that your second choice in this section undoes your first selection.
I think the decision to program this property page in this way stems from the fact
that you cannot unselect a radio button by clicking on it a second time as you can a
checkbox. (This is just my thought on this. This is not backed up by any facts.) If
you want to make a folder and the contents "normal" by neither encrypting them nor
compressing them, you'd clear the checkboxes.
Once you elect to compress the folder by selecting that checkbox you would click OK
and it would seem as if nothing has happened, and actually, nothing has. Until you
click APPLY or OK to the main property sheet, you will not be given any further
options for this operation.
If you elect to apply changes t o the folder only, only the folder itself will become
compressed. What this means is that anything currently in the folder will keep it's
current compression state. (In most cases this would mean that the files and other
folders within that folder will remain uncompressed.) Anything added to that folder
from that point forward will become compressed as it is copied to or moved to the
folder.
[NOTES FROM THE FIELD] - Any encrypted file that is moved to or copied to that
compressed folder will remain encrypted and will NOT become compressed and
hence unencrypted. If the encrypted file that was moved to that folder is right
clicked and has the encryption attribute removed it will NOT become compressed
automatically.
The only way to compress that file is to individually right click it and choose to
compress it or to MOVE it out of and then back into the folder. Simply copying it out
to a temporary location and then back in with the OVERWRITE option will NOT cause
it to become compressed even if changes were made to the copied out version.
This is because the attributes to the file are not carried over with the changes to the
file itself.
This also works for the reverse, from not compressed to compressed.
If you elect to apply changes to the folder and all of the files and subfolders
contained within the folder, they will all become compressed.
If you elect to remove compression from the folder itself and choose to make the
attribute changes to the folder only, all the files in the folder that were compressed
before will remain compressed as you move them around the local system.
When you effect changes to the folder and all of the files subfolders contained within,
all of the files will be come uncompressed.
[NOTES FROM THE FIELD] - If there is a file within the folder that is to be
uncompressed that is in an encrypted state, it will stay encrypted as the encrypted
attribute of that file is not affected by the clearing of the compression attributes of
the other files around it and the fold it's in.
You can select to view compressed and encrypted files in different colors so that you
know the state of the file by quickly looking at it.
[NOTES FROM THE FIELD] - In the example above, the file denoted in blue
lettering is compressed and the one in green lettering is encrypted. This can be set
by going in to the Windows Explorer and choosing Tools and then Folder Options.
On the View tab of the pop up box is where you would select the Show encrypted of
compressed NTFS files in color checkbox to enable this feature.
Copying a file within the same NTFS volume causes the file to inherit the
compression state of the target folder. When you copy a compressed file to an
uncompressed folder, the file is automatically uncompressed.
Moving a file or folder within the same NTFS volume causes the file or
folder to retain its original compression state. When you move a compressed
file to an uncompressed folder, the file remains compressed.
Copying a file or folder from one NTFS volume to another causes the
file or folder to inherit the compression state of the target folder. When you
copy a compressed file from one NTFS volume to another, where the
target folder is uncompressed, the file is automatically uncompressed.
Moving a file or folder from one NTFS volume to another causes the file
or folder to inherit the compression state of the target folder. Windows XP
Professional treats a move (cut and paste) as a copy and a delete, the files
inherit the compression state of the target folder.
Moving or copying a file or folder to a FAT16 or FAT32 volume -
Windows XP Professional supports attribute driven compression only on the
NTFS file system, so when you move or copy a compressed NTFS file or folder
to a FAT volume, (12, 16 or 32) Windows XP Professional will automatically
Best practices state that you should not attempt to set the compression attribute on
software compressed files and folders such as ones set by PKZip and/or WinZip or
folders that are compressed by using the Compressed Folders feature within
Windows XP Professional because the operating system will attempt to further
compress the files. This will not yield any additional savings of space on the hard
drive and will unnecessarily burn CPU cycles in the process.
You should also attempt to compress data that is not often modified, as there is
some system overhead to uncompressing the files to open them for editing and then
compressing them again. This also is the same for files that are moved or copied
often. When a compressed file is copied, it is uncompressed, copied, and then
compressed again as a new file (depending on its final destination as outlined
above.)
[NOTES FROM THE FIELD] - What you can do is compress an entire directory and
all of the files and folders within that directory and then go in and elect to encrypt
select files which will remove the compression bit from those selections that will be
come encrypted. A file or folder cannot be both encrypted and compressed at the
same time under Windows 2000 or XP Professional natively by the operating system
itself.
It is important to note that compressed folders of this nature, created through the
use of the Compressed Folders feature within Windows XP Professional, CAN be
encrypted on NTFS partitions and CAN be compressed (only) on FAT16 and FAT32
partitions.
You can encrypt a folder by selecting the folder, right clicking it and choosing
Properties.
On the GENERAL tab of the properties page you would select the Advanced button in
order to bring up the Advanced Attributes page, as shown below.
On the Advanced Attributes page you would go down to the Compress or Encrypt
attributes section where you can choose one checkbox to compress the contents or
the other to encrypt them.
[NOTES FROM THE FIELD] - Strangely enough, the options to target are check
boxes, which normally denote the ability to choose more than one selection. (Radio
buttons are normally used in a situation where only one option from a number of
given ones can be selected.) Regardless of which, if you attempt to select both, you
will find that your second choice in this section undoes your first selection.
I think the decision to program this property page in this way stems from the fact
that you cannot unselect a radio button by clicking on it a second time as you can a
checkbox. (This is just my thought on this. This is not backed up by any facts.) If
you want to make a folder and the contents "normal" by neither encrypting them nor
compressing them, you'd clear the checkboxes.
Once you elect to encrypt the folder by selecting that checkbox you would click OK
and it would seem as if nothing has happened, and actually, nothing has. Until you
click APPLY or OK to the main property sheet, you will not be given any further
options for this operation.
If you elect to apply changes to the folder only, only the folder itself will become
encrypted. What this means is that anything currently in the folder will keep its
current state which is unencrypted. Anything added to that folder from that point
forward will become encrypted as it is copied to or moved to the folder.
Once you hit OK you will see the progress of the encryption attribute being set on all
the files and subfolders as you have selected.
[NOTES FROM THE FIELD] - Any encrypted file that is moved to or copied to a
compressed folder will remain encrypted and will NOT become compressed and
hence unencrypted.
If the encrypted file that was moved to that folder is right clicked and has the
encryption attribute removed it will NOT become compressed automatically.
The only way to compress that file is to individually right click it and choos e to
compress it or to MOVE it out of and then back into the folder AFTER the encryption
bit has been turned off for that file. Simply copying it out to a temporary location and
then back in with the OVERWRITE option will NOT cause it to become compressed
even if changes were made to the copied out version.
This is because the attributes to the file are not carried over with the changes to the
file itself.
This also works for the reverse, from not compressed to compressed.
If you elect to apply changes to the folder and all of the files and subfolders
contained within the folder, they will all become encrypted.
If you elect to remove encryption from the folder itself and choose to make the
attribute changes to the folder only, all the files in the folder that were encrypted
before will remain encrypted and if you copy them within the partition those
individual files will remain encrypted. All new files c opied to or created in that folder
will no longer have the encryption bit set.
When you effect changes to the folder and all of the files subfolders contained within,
all of the files will become decrypted.
[NOTES FROM THE FIELD] - If there is a file within the folder that is to be
uncompressed that is in an encrypted state, it will stay encrypted as the encrypted
attribute of that file is not affect ed by the clearing of the compression attributes of
the other files around it and the fold it's in.
You can select to view compressed and encrypted files in different colors so that you
know the state of the file by quickly looking at it.
[NOTES FROM THE FIELD] - In the example above, the folders denoted in blue
lettering are compressed and the ones in green lettering are encrypted. This can be
set by going in to the Windows Explorer and choosing Tools and then Folder Options.
On the View tab of the pop up box is where you would select the Show encrypted of
compressed NTFS files in color checkbox to enable this feature.
Strangely enough, when you perform this same action under Windows 2000 you will
not receive this message. You will simply be able to perform your action without the
warning.
The overall rules for encryption are as follows (and they are different than
compression):
If you should remove encryption from the parent folder only, all the files and
subfolders remain encrypted and any new files or folders moved, copied or created in
the parent folder will be in an unencrypted state.