Title: Introduce the Windows Server 2003 family of operating systems
1Goals
- Introduce the Windows Server 2003 family of
operating systems - Explore the features of Windows Server 2003
- Introduce Windows Server 2003 operating system
architecture - Understand workgroups and domains
- Introduce Windows Server 2003 network services
- Understand Windows Server 2003 network protocols
- Introduce Windows Server 2003 network security
services
2Introducing the Windows Server 2003 Family of
Operating Systems
(Skill 1)
- Windows Server 2003 products
- Standard Edition for small to medium-sized
businesses - Enterprise Edition for mission-critical server
workloads - Datacenter Edition for medium to large-sized
organizations that require high levels of
scalability and reliability - Web Edition for dedicated Web serving and
hosting also a platform for building and hosting
Web applications
3(Skill 1)
Figure 1-1 The four main products in the Windows
Server 2003 family
4Exploring the Features of Windows Server 2003
(Skill 2)
- Active Directory
- Network security
- Automatic installation and configuration
- Familiar appearance and easy server management
- Security from unauthorized logon
- Network protocols
- Connectivity
- Multi-lingual capabilities
- Web-based Enterprise Management (WBEM)
5Exploring the Features of Windows Server 2003 (2)
(Skill 2)
- Automatic detection of Plug and Play hardware
devices - Volume Shadow Copy/Restore service
- Command line management
- Intelligent File Systems
- Encrypting File System (EFS)
- Distributed File System (Dfs)
- File Replication Service (FRS)
- Microsoft Management Console (MMC)
- Group Policy and Group Policy Management Console
6(Skill 2)
Figure 1-2 Windows Server 2003 features
7(Skill 2)
Figure 1-3 File Server Management console
8(Skill 2)
Figure 1-4 Scheduling a Volume Shadow Copy
9(Skill 2)
Figure 1-5 The Group Policy Management console
10Overview of Windows Server 2003 Operating System
Architecture
(Skill 3)
- Modular structure with each module contributing
specific functionality - Basically the same for Standard, Enterprise,
Datacenter, and Web Editions - Two primary layers
- User mode
- Kernel mode
11Overview of Windows Server 2003 Operating System
Architecture (2)
(Skill 3)
- User mode layer
- Consists of a set of components known as
subsystems, responsible for relaying input/output
requests to the appropriate kernel mode driver
through the Input/Output (I/O) system services - Environmental subsystems provide APIs
- Integral subsystems
- Perform various functions such as the creation of
security tokens and monitoring user rights and
permissions - Run in user mode, but perform essential operating
system functions
12Overview of Windows Server 2003 Operating System
Architecture (3)
(Skill 3)
- Kernel mode layer
- Operates in a protected area of memory
- Provides services to user mode subsystems, which
functionally protects and isolates the hardware
from the software
13(Skill 3)
Figure 1-6 User mode and kernel mode layers
14Overview of Windows Server 2003 Operating System
Architecture (4)
(Skill 3)
- Kernel mode layer components
- Executive
- Microkernel
- Hardware Abstraction Layer (HAL)
- Set of kernel mode drivers
- Executive Services are responsible for performing
I/O requests and object management
15Overview of Windows Server 2003 Operating System
Architecture (5)
(Skill 3)
- Executive Services key components
- I/O Manager
- Security Reference Monitor
- Interprocess Communication (IPC) Manager
- Virtual Memory Manager (VMM)
- Process Manager
- Plug and Play (PnP) Manager
- Power Manager
- Window Manager and the Graphical Device Interface
(GDI) - Object Manager
16Overview of Windows Server 2003 Operating System
Architecture (6)
(Skill 3)
- Microkernel
- Core of the operating system
- Manages the computers processors
- Handles scheduling, interrupts, exception
dispatching, and CPU synchronization - Hardware Abstraction Layer (HAL)
- Hides the hardware interface details from the end
user by acting as an interface between the user
and the hardware devices - Handles I/O interfaces, interrupt controls, and
multiprocessor communication mechanisms
17Overview of Windows Server 2003 Operating System
Architecture (7)
(Skill 3)
- Kernel mode drivers
- Translate I/O requests into hardware functions
- Are modular components each with a well-defined
and specific set of functionality requirements - Three main classifications
- Lowest-level drivers control peripheral devices
- Intermediate drivers are device type-specific
- Highest-level drivers are file system drivers
18(Skill 3)
Figure 1-7 Components of Executive Services
19(Skill 3)
Figure 1-8 Classifications of kernel mode drivers
20Introducing Workgroup and Domains
(Skill 4)
- Windows Server 2003 operating system supports
workgroups and domains, the two basic network
model types that enable users to share common
resources - A workgroup or peer-to-peer network is a logical
group of computers that are interconnected,
generally over a local area network (LAN) - A domain is a logical grouping of network
computers that share a central directory database
21Introducing Workgroup and Domains (2)
(Skill 4)
- Workgroup features
- The administration of user accounts and resource
security in a workgroup is decentralized - To gain access to resources on any computer in
the workgroup, user must have an account on that
computer - Workgroup limitations
- A workgroup model is practical only in smaller
environments where computers are in close
proximity - Microsoft recommends that a workgroup consist of
less than 10 computers
22(Skill 4)
Figure 1-9 Workgroup model
23Introducing Workgroup and Domains (3)
(Skill 4)
- Domain features
- Active Directory database
- Stores information about how the network is
structured and organized - Enables users to identify and locate resources on
the network - Domain controller
- Windows Server 2003 computer on which Active
Directory resides - Manages security-related aspects of user/domain
interactions
24Introducing Workgroup and Domains (4)
(Skill 4)
- Domain advantages
- Centralized security and administration means
that a change to any object within the domain is
available to the entire domain - Provide a single logon process for users to gain
access to network resources, such as file, print,
and application resources
25(Skill 4)
Figure 1-10 Domain model
26Introducing Network Services in Windows Server
2003
(Skill 5)
- Dynamic Host Configuration Protocol (DHCP)
- Domain Name System (DNS)
- Windows Internet Name Service (WINS)
- Virtual Private Networks (VPN)
- Routing and Remote Access Service (RRAS)
- Internet Authentication Service (IAS) and Load
Balancing - Internet Connection Firewall (ICF)
27Introducing Network Services in Windows Server
2003 (2)
(Skill 5)
- Dynamic Host Configuration Protocol (DHCP)
- Provides the standard used by DHCP servers on the
network - DHCP servers manage the dynamic allocation of IP
addresses and the related configuration details
for DHCP-enabled clients on your network - Domain Name System (DNS)
- Main name resolution service for Windows Server
2003 - Enables access to computers on a TCP/IP network
using the domain name
28Introducing Network Services in Windows Server
2003 (3)
(Skill 5)
- Windows Internet Name Service (WINS)
- Assigns or maps an IP address to a computer name
so network users can find a computer on a TCP/IP
network using the NetBIOS name - WINS server database provides a lookup directory
- Virtual Private Networks (VPNs)
- Provide connections to private networks, such as
a LAN, through a non-secure communication channel
like the Internet - Use tunneling and encryption to create a virtual
tunnel for secure information exchange
29Introducing Network Services in Windows Server
2003 (4)
(Skill 5)
- Routing and Remote Access Service (RRAS)
- Allows remote or mobile workers to connect to a
firms networks so that they can work as if their
computers were physically connected to the
network - Workers connect to the LAN via modem or Virtual
Private Network (VPN) - IAS RADIUS and Load Balancing
- Internet Authentication Service (IAS) is Windows
Server 2003s Remote Authentication Dial-In User
Service (RADIUS) server component - Network Load Balancing (NLB) allows certain types
of servers (mostly file/print servers and Web
servers) to scale to a much larger size than
would otherwise be possible
30Introducing Network Services in Windows Server
2003 (5)
(Skill 5)
- IAS Enhancements
- Centralize services for wireless users and logs
information to a Microsoft SQL server - Allow advanced SQL queries
- Provides new 801.1X authentication features and
cross-forest authentication - Internet Connection Firewall (ICF)
- Supplies basic protection on computers directly
connected to the Internet or on LAN segments - Designed for use in a small business
31(Skill 5)
Figure 1-11 Networking services offered by
Windows Server 2003
32(Skill 5)
Figure 1-12 Routing and Remote Access
33(Skill 5)
Figure 1-13 Internet Authentication Service
34Introducing Network Protocols
(Skill 6)
- Transmission Control Protocol/Internet Protocol
(TCP/IP) - Point-to-Point Tunneling Protocol (PPTP)
- Layer Two Tunneling Protocol (L2TP)
- Hypertext Transmission Protocol (HTTP)
35Introducing Network Protocols (2)
(Skill 6)
- Transmission Control Protocol/Internet Protocol
(TCP/IP) - Core protocol suite used by the Internet and
Windows 2003 Server networks - Scalable and routable transport protocol suite
used for both large and small networks - Enables you to route messages across networks and
between computers using different operating
systems and with widely varying structural designs
36Introducing Network Protocols (3)
(Skill 6)
- Point-to-Point Tunneling Protocol (PPTP)
- Tunneling protocol used to create secure
connections to corporate networks, over any
intermediate network - Secure connections for VPNs are created using
either PPTP or Layer Two Tunneling Protocol - Layer Two Tunneling Protocol (L2TP)
- Another tunneling protocol used to create VPNs
- Creates a tunnel but does not encrypt data
- Use in conjunction with IPSec, which provides
data encryption
37Introducing Network Protocols (4)
(Skill 6)
- Hypertext Transmission Protocol (HTTP)
- Part of the TCP/IP protocol suite
- Standard protocol used in the transmission of
data across the Internet
38(Skill 6)
Figure 1-14 Network protocols supported by
Windows Server 2003
39Introducing Network Security Services
(Skill 7)
- Kerberos v.5
- Hypertext Transmission Protocol (HTTP)
- Internet Protocol Security (IPSec)
- Encrypting File System (EFS)
- Internet Protocol Security (IPSec)
- Security configuration tools
40Introducing Network Security Services (2)
(Skill 7)
- Kerberos v.5
- A ticket-based authentication protocol
- Provides high security for authentication traffic
using digital signatures and mutual
authentication mechanisms - Public Key Infrastructure (PKI) and Microsoft
Certificate Services - PKI is a system of digital certificates and
trusted Certification Authorities (CAs) as well
as other registration authorities that issue them - Verifies and authenticates the validity of each
party in a communication exchange
41Introducing Network Security Services (3)
(Skill 7)
- Internet Protocol Security (IPSec)
- A vendor-independent encryption protocol
- The ability to sign and/or encrypt any IP packet
makes it vendor- and application-independent - Encrypting File System (EFS)
- Encrypts data stored in files and folders to
protect against unauthorized access - In the EFS encryption technique, important data
is secured using an asymmetrical cryptographic
key pair a public key and a private key
42Introducing Network Security Services (4)
(Skill 7)
- Internet Protocol Security (IPSec)
- A vendor-independent encryption protocol
- The ability to sign and/or encrypt any IP packet
makes it vendor- and application-independent - Security configuration tools
- Cost reduction tools provided by Windows Server
2003 - Include the Microsoft Management Console (MMC)
used to configure Windows Server 2003 security
settings and conduct system analysis
43(Skill 7)
Figure 1-15 Security Services provided by Windows
Server 2003
44(Skill 7)
Figure 1-16 The SNMP Service Properties dialog box
45(Skill 7)
Figure 1-17 The Manage Your Server graphical user
interface