Windows Server 2008. Справочник Администратора (Уильям Р. Станек) 2008

William R.
Stanek
Windows
Server 2008
Administrators
Pocket Consultant
Windows
Server 2008
2008
681.3.06
32.973.26018.2
76
.
76
Windows Server 2008. / . . . :

; . : -, 2008. 688 . : .
ISBN 978-5-7502-0370-3 ( )
ISBN 978-5-9775-0009-8 (-)
Windows Server 2008.
,
, . Windows Server 2008,
, .
Active Directory , , . : , , DHCP- DNS-. , , .
20 ,
- .
681.3.06
32.973.26018.2
2008-2012, Translation Russian Edition Publishers.
Authorized Russian translation of the English edition of Windows Server 2008 Administrator's Pocket Consultant,
ISBN 9780735624375 William R. Stanek.
This translation is published and sold by permission of OReilly Media, Inc., which owns or controls all rights to publish
and sell the same.
2008-2012, , -.
Windows Server 2008 Administrator's
Pocket Consultant, ISBN 9780735624375 William R. Stanek.
OReilly Media, Inc.,
.
2008-2012, , ,
-.
Microsoft, , , :
http://www.microsoft.com/about/legal/en/us/IntellectualProperty/Trademarks/EN-US.aspx
Microsoft / .
.
, , , ,
, , .

-

................................................................................................. XVI
......................................................................................................... XVII
I Windows Server 2008 ...............1

1 Windows Server 2008 .......................... 2
Windows Server 2008 Windows Vista .................................................................................2
Windows Server 2008 .......................................................................................4
......................................................................................6
.................................................................................................6
............................................................................................7
, ...................................8
Active Directory ............................................................................................................8
.................................................... 10
Active Directory ................................................. 11
..................................................................................................... 12
DNS ................................................................................................................................................. 12
WINS .............................................................................................................................................. 14
LLMNR .......................................................................................................................................... 16
............................................................................................... 17
Windows PowerShell .................................................................................................................. 18
2 Windows Server 2008 ........................................... 20

, Windows Server 2008 ......................................... 21
Windows Server 2008 ........................................ 28
Windows Server 2008 .......................................................................................... 30
......................................................................................................................... 31
....................................................................................................... 33

.................................................................................................................. 34
............................................... 34
.................................. 38
............................................................. 39
, ,
..................................................................................... 39
, ............................................. 41
.................................................................. 42
................................................................................................ 43
................................................................................... 45
Windows Server 2008 ....................................... 46
3 Windows Server 2008 ................................ 48

.............................................................................................. 49
............................................................................................................ 51
........................................................................................ 55
Windows ................................................................................. 59
................................................................. 60
VI
........................................................................................... 60
................................................................................ 63
................................. 65
............................................................. 66
................................................................... 69
4 , ..................................... 70
, ........................ 70
.......................................................................................................................... 71
.................................................................................................... 71
............................................................................................. 72
................................................................................................... 75
............................................................................................... 76
............................................................................ 78
............................................................ 80
................................................................................... 81
, , ......................................................................... 83
..................................................................................................... 83
..................................................................................... 84
.................................................................................... 86
.................................................................................. 87
.................................................................................................................... 88
.......................................................... 90
....................................................................................... 92
.......................................................................... 94
................................................................................................... 96
........................................................................................ 96
................................................... 98
? ...................................................................................... 98
..................................................................................................... 99
(Reliability And Performance)......... 99
................................................................................... 103
............................................................................................ 105
................................................................................ 110
........................................... 111
......................................................................112
........................................................ 112
................................................ 114
- ....................................................... 115
......................................................... 116
5 .............. 118
.............................................................................................................121
........................................................................................ 121
? ............................................... 123
? .................................................................... 123
......................................... 124
.................................................................................125
...................................................127
....................................................................... 127
................................... 128
LGPO ..................................................................................................................... 130
.................................................................. 130
, ........................................131
VII
.......................................... 131
.............................................................................. 132
.................................................................................. 134
............................ 135
................................................................................... 137
GPO ............................................................................................... 138
GPO ................................................................... 140
............... 140
, ......................................................... 142
.....................145
...................................................................................... 145
...................................... 148
......................................... 149
, ................................................... 151
............................................... 152

................................................................................................................ 154
........................................ 154
................................................................. 155
............................................................................... 155
GPO .......................................................................................... 158
............................................................ 159
......................................................................... 160

....................................................................................161
........................................... 161
................................................ 166
...................................................................................................... 169

........................................................................................................................... 176
............................................................... 177
6 ...................................... 182
........................................................................................................182
(Security Templates)
(Security Configuration and Analysis) ......... 184
................................................................. 185
, ......................................... 192
.................. 196
.......................................................................................197
......................................................................................... 198
.......................................... 203
................................................. 203
....................................................................... 204
.................. 204
II
Windows Server 2008...........................................................................207
7 Active Directory .............................................. 208
Active Directory ...........................................................................................208
Active Directory DNS ........................................................................................................... 208
, .................... 209
Windows Server 2008 Windows NT 4.0 ........................................................................... 210
VIII
..........................................................................................211
......................................................................................................................................... 211
........................................................................................................................... 212
.......................................................................................................................... 215
....................................................................................................................... 216
Active Directory .................................................................................217

Active Directory Windows 2000 217
.......................................................................................................... 218
....................................................................... 221
................................................................................................................223
.................................................................................... 223
................................................................................ 224
.......................................................... 225
Active Directory ............................................................................................ 226
Active Directory LDAP........................................................................................................ 227
.......................................................................................................... 228
8 Active Directory ........... 230

Active Directory ...........................................................................230
Active Directory ............................................................ 230
Active Directory ....................................................... 231
Active Directory ..................................................................... 232
Active Directory
(Active Directory Users And Computers) ........................................................................233
Active Directory
(Active Directory Users And Computers)............................................. 233
................................................................................ 234
.......................................................................................................... 235
...................................................................... 236
............................................................. 238
, .....................................244
.............................................................. 244
.................................................................... 246
......................................... 247
...................................................................... 248
............................................................................... 248
................................................................ 249
........................................................................................ 251
.................................... 252
...........................................................................................252
....................................................................................................... 252
.................................................. 253
.................................................................. 253
.............................................................................................. 253
..............................................................................................................253
.......................................................................................................................... 254
................................................................................................................... 255
........................................................... 256
....................................................................................................... 257
........................................................................................ 259
Active Directory .......................................................................................... 261
ADSI (ADSI Edit) ............................................................... 261
............................................................................ 263
Active Directory ................................................................ 265
IX
9 ...................................... 267
Windows Server 2008..................................................................267
................................................................................... 267
.......................................................................................... 269
...............................269
........................................................................................... 270
............................................................................................................. 271
...............................................276
................................................................... 276
..................................................... 277
....................................................................... 279
...................................................... 279
............................................................................................279
............................................................................................................................... 280
......................................................................................................... 284
Active Directory...................................................... 285
...............................................291
.................................................................................................. 292
................................................................................. 293
10 ........................................... 296
......................................296
............................................................................ 296
............................................................................. 298
..............................................................................300
................................................................................................ 301
......................................................... 303
Kerberos ............................................................................................... 305
..........................................................................................306
....................................................................... 307
........................................................................ 309
....................................................................309
.................................................................................. 310
................................................................................ 312
................................................................................313
.............................................................................................. 314
.................................. 315
......................................................................316
....................................................................................... 316
.................................................................................. 317
............................ 317
11 ....... 319
...............................................319
...................................................................................... 319
Active Directory .......................................................... 321
.................................................................322
............................................................................................. 323
......................................................................................................................... 324
............................................................................................... 325
......................................326
......................................................... 326
..................................................................... 328
VPN ..................... 329

................................................ 331
.........................................................................333
, ................................................ 333
.............. 336
.......................................340
....................................... 341
........................................... 342
................................................................................... 343
...................................................... 344
................................................................................ 344
....................................................................... 345
............................................................346
................................................ 347
............... 348
......... 349
,
........................................................................................ 349
..................................................................350
Active Directory .................................................352
III Windows Server 2008 .......355

12 ....................... 356
(File Services) ...............................................356
...............................................................................................362
................................................................................................................... 363
........................................................ 364
(Disk Management) .................................................... 365
.............................................................................................................. 368
................................................................................... 370
....................................................................................................................... 371
.........................................................373
............................................................ 373
........................................................... 374
....................................................................................................... 375
................................................................. 377
...................................................................................................... 377
........................................................................... 377
.................................................................................................379
............................................................................................... 379
................................................................................. 380
.................................................................................................... 383
..................................................384
.................................................................................... 384
................................................................................ 385
................................................................................................. 386
NTFS ........................................................ 387
............................................................................... 389
............................................................................................ 391
........................................................................................................ 394
....................................................................................................... 396
............................................................................................ 398
........................................................... 399
XI
............................................................... 401
.............................................................................. 402
13 RAID ............ 404

.............................................................................................................404
.................................................................................................. 405
............................................................................................................................ 406
........................................................................................ 411
................................................................................................................. 411
RAID .....411
RAID Windows Server 2008 .....................................................................413
RAID 0: ............................................................................................................... 413
RAID 1: ........................................................................................................ 414
RAID 5: .................................................... 417
RAID .........................................................417
.................................................................. 417
.......................................... 418
.................................................. 419
......................................................................................................... 420
............................. 420
.............................. 420
LUN ..............................................421
SAN Fibre Channel .................................. 423
SAN iSCSI .................................................. 424
................................................................... 425
, , LUN .................................................. 425

SAN (Storage Manager For SANs) ................................................................... 426
14 ................................... 427
.................................................427
..............................................................431
................................................................... 431
........................................ 435
............................................................. 437
............................................................................................. 440
.................................................... 440
.............................................................. 441
15 , ........................................ 444
.........................................................................444
..............................................................................448
.................................................................................................... 449
........................................................................................................... 451
................................................................... 454
..................................................................454
................................................................................................. 455
............................................................................. 455
........................................................................... 456
........................................... 457
.............................................................................. 458
.........................................................................................458
............................................................................................... 458
............................................................ 459
XII
............................................................. 460
.................................................................... 461
.................................................................................... 462
....................................................... 463
NFS ........................................................................................463
.........................................................................................................................465
....................................................................................... 465
....................................................................................................... 466
........................................................................................... 467
................................................................... 467
........................................................................................................ 468
................................................................................................. 468
.......................................................................................469
............................................................................................... 469
.................................................................................................. 470
, ......................................................470
........................................................................................ 470
.................................................................................... 471
.......................................................................................................... 472
...............................................................................................473
.......................................................................... 473
.......................................................................... 477
..................................................................................................479
................................................................................................... 479
............................................................................................................. 481
............................................................................................................................. 484
Active Directory ......................................................................................... 484
NTFS .........................................................................................................485
NTFS ............................................................................... 486
NTFS ....................................................................... 488
NTFS-................................................... 490
.......................................................................................................... 492
....................................................................................... 493
....................................................................................... 494
NTFS .................................................. 495
NTFS ..................................................................................... 496
............................................................................496
............................................ 496
........................................................................... 498
.............................................................. 500
16 ....................................... 501
..........................................................501
............................................................................................... 501
................................................................................................... 502
................................................................................. 503
.............................................................................................. 504
............................................................................................ 505
.................................................. 506
.............................................................................................. 507
: .................................................................................................508
........................................................... 509
Windows Server..................................... 509
XIII
.......................................................................... 512
Wbadmin ............................................................................................. 514
.................................................................................................................517
.............................................................................. 518
................................................ 520
Wbadmin ............................................ 522
.................................................................................................. 524
.................................. 526
............................................................................... 529
.......................................................... 530
........................................................ 531
Active Directory........................................................................................ 531
.......................................... 532
, , ..................... 535
........................................................................537
........................................... 537
EFS ..................................................................... 538
...............539
.............................................................................. 540
................................................................. 541
IV Windows Server 2008 .........543

17 TCP/IP ......................................................... 544
Windows Server 2008..........................................................................544
Windows Vista Windows Server 2008 .......548
TCP/IP ......................................................................................................550
TCP/IP .....................................................................................................551
IP- .................................................................................... 552
IP- ........................................... 554
........................................................................................... 555
..........................................................................557
, ................... 557
....................................................... 557
.......................................................................... 558
18 ....... 559
(Print Services) ..................................................559
............................................................................................. 559
.......................................................................................................................... 560
.................................................................................................. 562
........................................... 563
(Print Management)....................................................563
.............................................................................................................565

(Print Management) ................................................................................................................. 566
................... 566
................................................................................ 571
................................................................................... 573
..................................................................... 575
......................................................................................... 577
.................................................................. 579
.................................... 581
................................................................................ 582
XIV
..............................................................................................583
.................................................. 583
Active Directory...................................................................... 583
................................................................................... 584
- .......... 585
................................................................................................... 585
............................................... 586
.................................................... 587
................................................................ 588
............................................................................................................. 590
.......................................................... 590
...................................................................................590
Spool NTFS ............................................... 591
............................................................................................ 591
.......................................................................................... 592
............................................. 592
.............................592
............................................................................... 592
........................................................... 593
......................................................................................................... 593
, ........... 593
............................................................... 594
...................................................................... 594
.............................................................. 594
............................................................... 594
19 DHCP ........................................................... 595

DHCP .....................................................................................................................595
IPv4 ................................................................... 595
IPv6 ................................................................... 596
IP- ....................................................................................... 599
....................................................................................................................... 600
DHCP-....................................................................................................601
DHCP ........................................................................................... 601
DHCP ........................................................................................................ 604
DHCP-................................................................. 605
DHCP- ................................................................................... 605
DHCP- Active Directory ........................................................... 606
DHCP- ..................................................................................................606
DHCP-
IP- ....................................................................................................... 606
DHCP .......................................................................................... 607
DHCP .................................................................. 607
DHCP DNS .................................................................................................... 609
DHCP NAP .................................................................................................... 610
IP- ........................................................................... 613
DHCP ................................................ 613
DHCP ...........................................................................................614
........................................................................ 614
.............................................................................. 615
, ......................................625
............................................................................................. 625
......................................................................... 626
XV
....................................................................................... 626
DHCP- ......................................................................................... 626
................................................................................. 628
.................................................................................. 628
DHCP ....................................................628
DHCP ............................................................................................................. 629
DHCP ............................................................ 629
DHCP
...................................................................................................................... 630
DHCP .......................................................................................................... 630
............................................................................ 631
20 DNS ........................................................................ 632

DNS ...................................................................................................................632
Active Directory DNS .................................................................................. 632
DNS ........................................................................................................................ 634
DNS- ..........................................................636
DNS-........................................................................................................638
DNS- (DNS Server)....................................... 639
DNS- ................................................................................... 641
DNS- ..................................................................... 643
......................................................................................... 644
................................................................................................ 646
DNS- ...............................................................................................647
DNS (DNS Manager) ... 648
DNS..................................................................................... 649
DNS- ....................................................................................... 649
.......................................................................... 649
........................................................... 649
.............................................................................................. 651
DNS- ................................................................................................651
........................................................................... 652
DNS- CNAME ......................................................................... 653
...................................................................................... 654
...................................................................................................... 655
DNS-.............................................................................. 656
...........................................................657
................................................................................... 657
........................................................................... 659
........................................... 660
............................................................................................................... 661
............................................... 661
DNS- ..................................662
IP- DNS- ........................................... 662
DNS- ......................................................... 662
............................................ 665
DNS ........................ 665
DNS- .................................................................................................... 666
......................................................................................................... 668

, .
, , Windows Server
2003 Windows Server 2008 Windows Server 2008.

. , Windows Vista
, , .
Windows Server 2008, ,
Windows
Server.
.
. ,
.
Pocket Consultants ( )
. , . ,
. , Windows Server 2008.
, ,
, . , . ,
Microsoft Press, , Microsoft Press
.
(Karen Szall) (Denise Bankaitis)
, .
,
. - (Martin DelRe) ,
.
( ),
. . , Microsoft Press
, , . (Randall Galloway),
(Curtis Philips), (Becka McKay) (Andrea Fox).

1994
65 . , Windows Server, . Windows Server 2008
Windows Server. ,
Windows Server , Windows Vista. , Windows Server 2008
Windows Vista. ,
: Windows Server 2008
.
Windows Server, ,
- . Windows Server 2008 -,
- , . ,
Windows Server 2008 - , , .
, , , Windows Server 2008
, .
, , , Windows Server 2008. ,
,
Windows Server 2008,
.
Windows Server 2008 Windows Server 2008.
, , , ,
. , . ,
, , Windows
Server 2008. Windows Server 2008.
, Windows Server 2008 .
XVIII
, . ,
.
-, .

Windows Server 2008 Windows Server 2008 Standard, Enterprise, Web
Datacenter. :
Windows;
, ;
, Windows Server ;
, Windows Server .
, ,
Windows
Server.
Windows Server, . Windows, , , , , .
, Windows. Windows, ( ,
Microsoft Press).

, .
, .
,
,
Windows Server 2008. 20 ,
.
, .
, : , ,
.
, Windows Server
2008 Windows. , .
XIX
Windows.
,
, . ,
.
, , ,
Windows Server. , , . , ,
.
,
,
. . ,
, . .
Windows Server 2008
. (Computer Configuration) (User Configuration)
: (Policies) (Preferences).
, .
, , , \\ : \
Windows (User Configuration\Policies\Administrative Templates: Policy Definitions\Windows
Components) - \ \ Windows (User Configuration\Administrative Templates\Windows Components).
, Windows Server
2008 Windows. williamstanek@aol.com. .
XX

,
, Windows Server 2008.
, , . , , . :
. ,
Windows, .
, Windows . ,
, .
.
-
, Windows Server (http://www.microsoft.com/
windowsserver/), (http://support.
microsoft.com) , .
- (http://www.williamstanek.com/windows). Windows Server 2008, Windows Server 2008.
,
. ( )
: http:/www.microsoft.com/mspress/support.
,
Microsoft Press :
:
Microsoft Press
Attn: Windows Server 2008 Administrators Pocket Consultant Editor
One Microsoft Way
Redmond, WA 98052-6399
:
mspinput@microsoft.com
, . -
http://www.microsoft.com/support.

Windows Server 2008
1. Windows Server 2008 .................................. 2

2. Windows Server 2008 ..................................................... 20
3. Windows Server 2008......................................... 48
4. , ............................................ 70
5. ..................... 118
6.
............................................. 182

Windows Server 2008
Windows Server 2008 , ,

(), ,
Windows Server 2003 SP1 Windows Server 2003
Release 2. Windows Server 2008
Windows Vista, .
, , , . , Windows
Server 2008
Windows Vista.
. , , .
, , Windows Server 2008,
, , , ,
.
Windows Server 2008 Windows Vista

Windows Server 2008, Windows Vista,
:
, , ,
,
. Windows Server 2008. -
Windows Server 2008
WIM (Windows Imaging Format),

, .
MS-DOS Windows PE 2.0 (Windows
Preinstallation Environment 2.0), , , . Windows Pre-Boot Environment ,
.
Windows, Windows Vista, .
(User Account Control, UAC) , . UAC
,
. , , , ( )
.
. , , , , .
Windows Vista Windows 2008 Server
. ,
Windows 2008 Server
Windows Vista. , . Windows 2008 Server , Windows
Experience Index. Windows Server 2008
,
, . Windows
, Windows 2008 Server
. ,
Windows 2008 Server Windows Aero (Aero Glass,
Flip, 3D Flip ..), Windows, - Windows
, . .
Windows Vista Windows Server 2008 ,
, UAC .
Microsoft Windows Vista. ( , -
Windows Server 2008
, 2008), .
Windows, ,
, ,
,
, .
, .
Windows Server 2008

Windows Server 2008
Standard Edition, Enterprise Edition Datacenter Edition.
:
Windows Server 2008 Standard Edition Windows Server 2003.
, . Standard Edition
(symmetric multiprocessing, SMP), 4
32- 32 64- .
Windows Server 2008 Enterprise Edition
, Standard Edition,
,
, , Active Directory.
, 64- ,
(non-uniform memory
access, NUMA). Enterprise Edition
32 RAM x86 2 64 .
Windows Server 2008 Datacenter Edition . , 64 86 2 64- . 8 ;
64 .
Windows Web Server 2008 - - -, . , Microsoft .NET Framework, Microsoft Internet
Information Services (IIS), ASP.NET,
. , Active Directory, .
,
Windows Server 2008
. Windows Web Server 2008 2 2 .

. , , Windows Server 2008
. , Web Server Active Directory,
Windows Web Server 2008 (
Active Directory).
64-
Windows. 32- ,
86, 64- , 64.
64- Itanium (IA-64) Windows
. Itanium Windows Server 2008,
. IA-64 .
Windows Server 2008, , :

;
,
;
, , , Windows Server 2008, , .
Windows Server 2008 Windows Server
2008 : Windows Server 2008 Standard Edition, Windows
Server 2008 Enterprise Edition, Windows Server 2008 Datacenter Edition Windows Web
Server 2008.
.
Windows Server 2008 (Start)

:

Windows. (Start) .
(Administrative Tools)
,
(Start), (Programs), (Administrative Tools). , (Start),
(Settings) (Control Panel).
. , , (Start) (Computer), .
Windows Server 2008
(Administrative
Tools) , (Start)
(Administrative Tools). , (Start) (Control Panel).

Windows Vista, Windows Server 2008 , , (Network and Sharing Center), (Network
Map) . . 1-1
(Network and Sharing Center).
. 1-1. (Network and Sharing Center)

,

(Sharing
and Discovery). ,
, , , . ( ) ,
( )
Windows Server 2008
, , , , .
15.
Windows Vista Windows Server 2008
:
, .
, .

.
.
, ,
. , .

, .
, , : .
, ,
, .

, TCP/IP
. (WAN) Windows
Server 2008 TCP/IP. . TCP/IP
.
TCP IP
, . Windows
Server 2008, Windows Vista, IP-
IPv4 IPv6 .
IPv4 32- . IPv6 128- .
32- IPv4 , , , 127.0.0.1 192.168.10.52.
, 8 32- . IPv4- , . IPv4-
(MAC) .
Windows Server 2008
128- IPv6- 16- , .

, , FEC0:0:0:02BC:FF:BECB:FE4F:961D. IPv6- 64
, 64 . IPv6- , : (::).
FEC0::02BC:FF:BECB:
FE4F:961D. . , FFE8:0:0:0:0:0:0:1 FFE8::1.
, IPv4, IPv6, . .
IPv6 .
IP- Windows Vista Windows Server 2008
TCP/IP (Next Generation TCP/IP stack). IPv4 IPv6.
,

Windows Server 2008 , , .
.
, . ,
.
. ,
.
Active Directory
Windows Server 2008, Windows 2000 Windows Server 2003, . :
,
. Windows NT ,
, , ,
. , Windows NT
SAM (Security Account Manger), Windows 2000
Windows Server , (data store). ,
Windows Server 2008
, ,
, , , .
, Active Directory, Active Directory, Windows NT. Active Directory
, .
, .
Active Directory Windows Server 2008
. :
Active Directory (Active Directory Certificate
Services, AD CS) , .
, , AD CS . ,

,
.
, , ,
.
Active Directory (Active Directory Domain Services,
AD DS) ,
, . .
, , , . AD DS Active Directory
, , Active Directory, AD DS
Active Directory.
Active Directory (Active Directory Federation Services, AD FS) . AD FS - (
-) ( ). AD FS

, , Internet Explorer.
10
Windows Server 2008
Active Directory (Active

Directory Lightweight Directory Services, AD LDS)
,
, AD DS . AD LDS , . ,
, ,
AD LDS.
Active Directory (Active Directory Rights
Management Services, AD RMS) . , ,
- . AD RMS ,
, . ,
.
.
,
.
, . ,
, , .
, .

Window Server 2008 ,
AD DS.
(read-only domain controller, RODC) ,
Active Directory, . RODC-
, . RODC
, .
RODC
, .
RODC ( Kerberos Target), RODC ,
Windows Server 2008
11
Windows Server 2008. RODC ,

, .
RODC ,
.
RODC -
. RODC
. RODC
Windows Server 2003, Windows Server 2008
.
Active Directory
(Services)
AD DS, ,
. AD DS, ,
, ,
Active Directory,
. AD DS
, . , - .
,
.
Active Directory Windows Server 2008, RODC.
Active Directory , Windows Server 2008
:
Active Directory Active Directory , , Windows 2000 Server Windows Server 2003.
.
Active Directory Active Directory .
.
. , .

, - . , . , Active Directory (Ntds.dit)
12
Windows Server 2008
. ,
AD DS, , , .
,
Active Directory.
AD DS, , , , (FRS), Kerberos (KDC) .
, , Active Directory .
Active Directory, AD DS.

Windows .
IP-, .
.
: DNS, WINS LLMNR.
.
DNS
DNS IP-. , , computer84.cpandl.com,
IP-, . DNS TCP/IP WINS, DHCP Active Directory. DHCP, 19, IP- TCP/IP.
DNS ,
( ).
,
. computer84.cpandl.com
computer84, cpandl
com.
DNS- , , . -
Windows Server 2008
13
, . ,
cpandl.com, . . . ,
jacob.hr.cpandl.
com. jacob , hr cpandl.com .
Active Directory DNS . Active Directory DNS
, Active Directory DNS.
Active Directory
DNS,
DNS-. , Active Directory DNS
. . DNS Active Directory. .

. DNS
.dns, %SystemRoot%\System32\Dns. DNS DNS-, DNS-
. , DNS
DHCP, DNS- , DNS . DHCP , DNS-
.
,
Active Directory. DNS Active
Directory dnsZone.
Active Directory,
, DHCP
. , DNS Server, . ,
DNS DHCP, DNS-
. DNS
Active Directory.
DNS ,
DNS Active Directory. DNS
Active Directory. .
14
Windows Server 2008
DNS , Active Directory, ,

DNS.
DNS , DNS-
. DNS IP- DNS-, ,
.
DHCP DHCP DNS. , DHCP- DNS-
DNS-, 19. Active Directory, DNS. DNS ;
. DNS- 20.
DNS RODC,
, DNS, ForestDNSZones
DomainDNSZones. RODC , DNS-. ,
Active Directory, DNS- RODC . , RODC
, Active Directory.
DNS RODC, DNS-, .
WINS
WINS , IP-.
, , COMPUTER84, IP-, Microsoft . WINS
Windows Windows 2000 , NetBIOS TCP/IP, ,
NET.
, WINS .
WINS - : WINS- WINS-,
. WINS-
NetBIOS.
IP- NetBIOS WINS
LMHOSTS. , Windows 2000, WINS .
Windows 2000 DNS,
WINS : Windows 2000 , Windows 2000
NetBIOS-.
Windows Server 2008
15
WINS,
WINS. IP- WINS. IP- WINS, . WINS
,

IP-. ,
WINS . -WINS-,
, IP-.
WINS, ,
:
IP-
WINS. IP-
, WINS
.
.
,
. , .
.
, ,
, IP- , . WINS.
WINS,
.
. , :
B- ( ) IP- . , , , IP-, .
.
P- ( )
IP- WINS-. IP-, ,
.
M- ( ) . WINS B-. , P-. B- , , .
16
Windows Server 2008
H- ( )
. , ( ) .
P- , . WINS
.
WINS-, Windows
P-. WINS- , . Windows- DNS LMHOSTS HOSTS.
DNS 20.
DHCP IP-, DHCP-. ,
19. .
LLMNR
LLMNR (Link-Local Multicast Name Resolution) IPv4,
IPv6 ,
DNS, WINS. WINS -,
,
IPv6. DNS, , , .
LLMNR, Windows Vista,
Windows Server 2008, IPv6 IPv4 ,
, , ,
, ,
- DNS-.
LLMNR DNS, , DNS- . NetBIOS, LLMNR WINS. DNS , LLMNR
. LLMNR ,
.
WINS, LLMNR , ,
COMPUTER84, IP-. LLMNR Windows Vista Windows Server 2008. LLMNR, DNS
. , Widows Vista
Windows Server 2008 :
1. DNS-. ,
DNS-. , LLMNR.
Windows Server 2008
17
2. UDP-, IP- . .
3. , LLMNR
,
-. , . ,
IP-.
LLMNR .
IP-,
. LLMNR, ,
, .
LLMNR
. ,
. ,
.
LLMNR Window Vista Windows Server 2008.
LLMNR , HKLM/SYSTEM/
CurrentControlSet/Services/Dnscache/Parameters/EnableMulticast . ,
HKLM/SYSTEM/CurrentControlSet/Services/Tcpip/Parameters/GUID_/
EnableMulticast . GUID_ GUID , LLMNR. LLMNR, 1. LLMNR
.

Windows Server 2008 . :
. , , . ,
. .
. (Administrative Tools).

. Windows Server 2008.
18
Windows Server 2008

.
, NET,
NET HELP , , NET HELP SEND. Windows
.
Windows PowerShell
Windows PowerShell
, cmdlet- . PowerShell . , :
1. (Server Manager) (Start) (Administrative Tools) (Server
Manager).
2. (Features)
(Add Features).
3. Windows PowerShell.
4. (Next) (Install).
PowerShell .

. PowerShell,
(Start). PowerShell ,
, (powershell.exe) %SystemRoot%\System32\WindowsPowerShell\,
PowerShell, , v.1.0 v.1.1.
PowerShell, cmdlet-,
, . cmdlet . cmdlet- -. cmdlet-,
. , get-variable Windows PowerShell.
cmdlet- :
Get , , .
Set .
Enable .
Disable .
New , , .
Remove .
Windows Server 2008
19
cmdlet-,
PowerShell help *.*.
, help , , help get-variable.
cmdlet- , cmdlet-. , PowerShell get-item path alias. :
new-item path alias: value:
,
. :
new-item path alias:sm value:c:\windows\system32\compmgmtlauncher.exe
sm .
PowerShell, sm Enter.
Windows Server 2008
Windows Server 2008, .

, ,
, .
:
Windows Server
2008 Standard, Enterprise Datacenter .
, . . , .
Windows
Server 2008 Standard, Enterprise Datacenter , .
, .
, , , .
.
. , .
, , , ,
, , .
Windows Server 2008
21
, Windows Server 2008

Windows Server 2008 .
, :
, . , ,
Active Directory Domain Services, .
,
. .
, , DNS DHCP,
, .
, , Network Policy, Access Services Active Directory
Certificate Services, , .
,
. , , BitLocker Drive Encryption Windows PowerShell,
.
,
.
,
MMC (Server Manager) ServerManagerCmd.exe.
, ,
. . , , ,
, ,
, , ,
.
, , , ,
. , ,
. . 2-1 ,
22
Windows Server 2008
. 2-1. Windows Server 2008
DHCP-
(DHCP Server)
IP-. DHCP- IP TCP/IP

.
DNS- (DNS
Server)
DNS ,
IP-. DNS

Active Directory.
Windows SharePoint
Services
, . SharePoint , ,
- IIS.
, ,

- (IIS)
(Web Server (IIS))
- -. -, -, , . , -, ASP.NET .NET Framework 3.0.

- IIS 7 ( Information Server 7.0
Administrators Pocket Consultant)

Active Directory
(Active Directory
Domain Services,
AD DS)
, , ,

. AD

(Application Server)
, ASP.NET, Enterprise Services .NET Framework 3.0.

, Information Server 7.0
Administrators Pocket Consultant (Microsoft Press, 2007)
Active
Directory (Active Directory Lightweight
Directory Services,
AD LDS)
,
AD DS .
Windows Server 2008
23
. 2-1. ()
UDDI
(Universal Description Discovery
Integration Services,
UDDI)
-, , .
:
UDDI (UDDI Services Database) -
UDDI (UDDI Services Web Application)

(Print Services)

.
: (Print Server), LPD
(LPD Service) (Internet Printing)

(Network Policy
and Access Services,
NPAS)
.
: (Network Policy
Server, NPS), (Routing and Remote Access Services, RRAS), (Remote Access Service),
(Routing), (Health
Registration Authority)
(Host Credential Authorization Protocol, HCAP)
Windows
(Windows Deployment Services, WDS)
Windows.
: (Deployment Server)
(Transport Server)
Active
Directory (Active
Directory Certificate
Services, AD CS)
, . : (Certification Authority),
(Certification Authority Web
Enrollment), (Online Certificate Status
Protocol)
(Microsoft Simple Certificate Enrollment Protocol, MSCEP)

(Terminal Services)
, Windows-, .
,
, . : (Terminal Server),
(TS Licensing), (TS
Session Broker), (TS Gateway)
- (TS Web Access)

Active Directory
(Active Directory
Rights Management
Services, AD RMS)
, , -
.
: Active Directory
(Active Directory Rights Management Server)
(Identity Federation Support)
24
Windows Server 2008
. 2-1. ()

Active Directory
(Active Directory
Federation Services,
AD FS)

AD DS, .
: (Federation Service), -
(Federation Service Proxy), - (AD FS Web Agents),
, (Claims-aware Agent)
Windows (Windows Token-based
Agent)

(File Services)
,
.
. : (File Server),
DFS (Distributed
File System), DFS (DFS Namespace),
DFS (DFS Replication),
(File Server Resource Manager),
NFS (Services for Network File System), Windows (Windows Search Service),
Windows Server 2003 (Windows Server 2003 File Services),
(File Replication Service, FRS)
(Indexing Service)
- (Fax
Server)

. , ,
, , .

. 2-2 , Windows Server 2008. Windows,

. ,
, Windows Server (Windows Server
Backup).
Windows Server 2008
25
.NET
Framework 3.0 (.NET
Framework 3.0)
API- .NET Framework 3.0

. : .NET
Framework 3.0, XPS (XPS Viewer)
WCF (Windows Communication Foundation
Activation Components)

BitLocker (BitLocker
Drive Encryption)

,
. TPM (Trusted Platform Module)
BitLocker
(BitLocker Drive Encryption) Startup Key
TPM-only.
BITS [Background
Intelligent Transfer
Service (BITS) Server
Extensions)
.
BITS-,
. BITS

(Connection Manager
Administration Kit
(CMAK))
(Desktop
Experience)
Windows Vista.
Windows Vista Windows Media Player,
Windows Photo Gallery.
,

(Failover Clustering)
,
.
,
.

(Group Policy
Management)
GPMC (Group Policy Management

Console)

(Internet
Printing Client)
, HTTP
-
26
Windows Server 2008
. 2-2. ()
LPR-
(Line Printer Remote
(LPR) Port Monitor)
LPR, ,
UNIX

(Message Queuing)

. .
(Multipath I/O
(MPIO))

(Network
Load Balancing, NLB)
IP,
. -
PRNL
(Peer Name Resolution
Protocol, PNRP)
LLMNR (Link-Local
Multicast Name Resolution)
. , ,
LLMNR

(Remote Assistance)
(Remote
Server Administration
Tools, RSAT)
Windows
Server 2008. ,

(Removable
Storage Manager, RSM)

(Removable Storage Manager)
RPC HTTP (Remote

Procedure Call (RPC)
over HTTP Proxy)
RPC- HTTP .
RPC over HTTP VPN-

TCP/IP (Simple TCP/
IP Services)
TCP/IP,
, Character Generator, Daytime, Discard, Echo Quote
of the Day
SMTP (Simple
Mail Transfer Protocol
(SMTP) Server)
SMTP
.

SMTP-. ,
,Microsoft Exchange Server 2007
Windows Server 2008
27
. 2-2. ()
SAN
(Storage Manager for
SANs)

SAN (Storage Manager for SANs)
,
(Storage Area Network, SAN).
,

(Logical Unit Number, LUN) iSCSI. SAN
Visual Disk Services (VDS)
UNIX (Subsystem for UNIX-based

Applications, SUA)
UNIX-. -

Windows
(Windows Internal
Database)
SQL Server 2005 Embedded Edition.

Windows, , , AD RMS,
UDDI, WSUS (Windows Server Update
Services,), Windows SharePoint (System Resource Manager)
Windows PowerShell
Windows PowerShell
Windows

Windows
(Windows Process
Activation Service)
-, HTTP
Windows Recovery
Environment
, ,

Windows
Server (Windows
Server Backup)

(Windows
System Resource
Manager, WSRM)
WINS- (WINS
Server)
WINS , IP-.
WINS-

(Wireless Networking)
28
Windows Server 2008

Windows Server 2008
, .
Windows Server 2008, . ,
, AD DS, DNS-, DHCP-,
. .

.

.
. , :
Windows (Windows Logon)
;
(Notepad) ;
(Regedit);
(Task Manager) ;
.
, ,
Windows (Windows Logon).
.
,
.
, ,
NET USER
NET LOCALGROUP .
Windows Core Server
.
, , :
1. Ctrl+Shift+Esc, (Task Manager).
2. (Applications)
(New Task).
Windows Server 2008
29
3. (Create New Task) (Open) cmd OK.

cmd notepad.exe regedit.exe,
(Notepad) .
.
, control.cpl.
Windows (Windows Logon)
, Ctrl+Alt+Delete.
, : ,
, ,
.
. ,
, .
Windows Core Server
, . , .NET
Framework. .NET Framework , , PowerShell.
, ,
. Windows Core Server . . 2-3 , , .
. 2-3. Windows Core Server
Control desk.cpl
Control intl.cpl
Control sysdm.cpl
Control timedate.cpl
Cscript slmgr.vbs ato
DiskRaid.exe
RAID
ipconfig /all
IP
NetDom
RenameComputer
OCList.exe
OCSetup.exe
PNPUtil.exe
30
Windows Server 2008
. 2-3. ()
Scregedit.wsf
. /cli
ServerWerOptin.exe
Windows
SystemInfo
WEVUtil.exe
Wmic datafile where

name=FullFilePath
get version
Wmic nicconfig index=9 call enabledhcp
IP-
IP-
Wmic nicconfig
index=9 call enable
static(IPAddress),
(SubnetMask)
IP-
Wmic nicconfig
index=9 call setgate
ways(GatewayIPAd
dress)
Wmic product get

name /value

MSI
Wmic product where

name=Name call
uninstall
MSI
Wmic qfe list
Wusa.exe PatchName.
msu /quiet
Windows Server 2008

Windows Server 2008 . Windows Server 2008,
. , Windows Server 2008, ,
.
Windows Server 2008 ,

. ,
. -
Windows Server 2008
31

,
.

8 . 40

80 .
, ,
. 10% .

1. . , DVD- Windows Server 2008 ,
. ,
. DVD- Windows Server 2008,
. ,
Setup.exe.
DVD- , BIOS
2. , , . .
, . , . ,
(Next).
3. (Install Now), . ,
, .
(Go Online to Get the
Latest Updates for Installation) (Do Not Get Latest Updates for Installation).
4. Windows Server 2008
.
,
(Next). Windows (Activate
32
Windows Server 2008
Windows When Im Online), .

Windows Server 2008 . ,
, , , Windows Server 2008.
. , .
5. , (Select The Operating System You Want To Install) (Next).

6. Windows Server 2008 Windows. , (I Accept the License Terms) (Next).
7. (Which Type Of Installation Do
You Want) . ,
( ) (Custom
(Advanced)).
DVD-, Windows, .
, , ,
.
8. Windows (Where Do You
Want To Install Windows) ,
. .
Windows (Where Do You Want To Install Windows),
:
,
,
, ,
. (Next), . , ( ).

, ,
.
BIOS , , .
FAT
Windows Server 2008
33
FAT32 .
, NTFS. ,
(.
).
9. Windows, ,
Windows.old, . OK.
10. (Next), . Windows Server 2008
, . . .
, , (Initial Configuration Tasks)
, , .

Windows Server 2008
, . , ,
, ,
,
Windows.

Windows.old, . ,
Windows Server 2008 , .
:
1. . DVD- Windows Server 2008. . ,
Setup.exe.
2. ,
, , . .
, .
3. (Install Now). , .
34
Windows Server 2008

.
,
(Next). Windows (Activate
Windows When Im Online), .
5. , (Select The Operating System You Want To Install) (Next).
6. Windows Server 2008 Windows. , (I Accept The License Terms)
(Next).
You Want) .
8. . ,
.
, , .
. , ,
(Initial Configuration Tasks)
, , .

, -
.
. ,

.

,
MINWINPC,
.
Windows (Where Do You Want To Install
Windows), Shift+F10. . 2-4, MINWINPC
,
Windows Server 2008
. 2-4. , MINWINPC
ARP
IP-
ARP
ASSOC
ATTRIB
CALL
CD/CHDIR
CHKDSK
CHKNTFS
.
,

CHOICE
CLS
CMD
COLOR
CONVERT
FAT NTFS
COPY
DATE
DEL
DIR
DISKPART
,

DISKPART
DOSKEY
,
Windows
ECHO
ENDLOCAL
ERASE
EXIT
EXPAND
FIND
FOR
FORMAT
35
36
Windows Server 2008
. 2-4. ()
FTYPE
GOTO
Windows ,

HOSTNAME
IF
IPCONFIG
TCP/IP
LABEL
MD/MKDIR
MORE
MOUNTVOL
MOVE
NBTSTAT
NetBIOS
NET
ACCOUNTS
NET
COMPUTER
NET CONFIG
SERVER
NET CONFIG
WORKSTATION
NET
CONTINUE
NET FILE
NET GROUP
NET LOCAL
GROUP
NET NAME
NET PAUSE
NET PRINT
NET SEND
NET SESSION
NET SHARE
NET START
NET
STATISTICS
Windows Server 2008
37
. 2-4. ()
NET TIME
NET USE
NET USER
NET VIEW
NETSH
NETSTAT
PATH
PATHPING
PAUSE
PING
POPD
, PUSHD
PRINT
PROMPT
Windows
PUSHD
RD/RMDIR
RECOVER
REG ADD
REG
COMPARE
REG COPY
REG DELETE
REG QUERY
(
)
REG RESTORE
REG SAVE
REGSVR32
DLL
REM
REN
38
Windows Server 2008
. 2-4. ()
SET
Windows.

SETLOCAL
SFC
SHIFT
START
SUBST
TIME
TITLE
TRACERT
TYPE
VER
Windows
VERIFY
VOL

, . , , - .
(
), , .
Windows (Where
Do You Want To Install Windows). :
1. Shift+F10, .
2. diskpart.
3. , list disk.
4. select disk , , .
5. , clean.
6. , exit, DiskPart.
7. exit, .
8. Windows (Install Windows)
(Back), .
Windows Server 2008
39

You Want) ( )
(Custom (Advanced)), .
Want To Install Windows) , . (Disk Options),
, ,
.
11. (New). (Size)
(Apply).

Windows (Where Do You Want
To Install Windows) . , ,
, - .
, :
Want To Install Windows) (Load Drivers).
2. , OK.
.
,
(Next).
, (Browse), (Browse For Folder),
OK. (Next).
(Rescan),
. , (Back)
Windows (Install Windows), .
, ,

(Drive Options)
Windows (Where Do You Want to Install Windows),
:
(New) . .
(Format) ,
.
40
Windows Server 2008
(Delete) .
(Extend) .
, .

, .
, , ,
, . ,
, .
,
.
, :
Want To Install Windows) (Drive Options), .
2. , ,
(New).
3. (Size) , (Apply), .

. , . ,
. ( ,
) , .
, :
2. , .
3. (Format). ,
. OK, .

, , . ,
, .
. , .
Windows Server 2008
41
, :
2. , .
3. (Delete). , . OK, .

Windows Server 2008 8 . , . ,

.
,
NTFS 5.2 . , , , .
, :
2. , .
3. (Extend). (Size)
(Apply),
.
4. , .
OK, .
,
, (Server Manager).
, , .
ServerManagerCmd.exe
, (Server Manager).

, , ,
servermanagercmd query.
, , ,
. install remove, ,
. , ,
servermanagercmd install nlb. allSubFeatures, .
42
Windows Server 2008

, (Roles) .
(Roles) (Roles Summary),
(. 2-1). -,
.
(Roles) ,
, :
. , , ,
: 6, 2 (System Services:
6 Running, 2 Stopped);
,
24 , . , 2 ,
8 , 14 24
(2 error(s), 8 warning(s), 14 informational in the last 24 hours);
.
. 2-1.
Windows Server 2008
43
, , (Action)
(Refresh). , (Configure Refresh)
, OK.
, . 24
. (View Event Properties),
. ,
, ,
. ,
(Stop), (Start) (Restart).
, ,
, (Restart).

4.

(Roles) ,
, .
(Roles Summary)
.
, :
1. , , | | (Start | Administrative Tools | Server Manager).
2. (Roles), (Add Roles). .
(Before You Begin), (Next).
,
(Skip This Page By Default).
3. (Select Server Roles)
, . , . (Add Required
Features), . (Next).
44
Windows Server 2008
,
. , . . Active Directory (Active Directory Domain Services) .
, DCPROMO.exe (. 7). , DNS-,
Active Directory (Active Directory Domain Services),
DCPROMO DNS-
. Windows Core Server ,
FSMO (Flexible Single Master Operations)
Active Directory.
4. , . ,
:
,
, .
, (Add
Required Role Services), . (Cancel),
.
, , , .
, .
(Remove Dependent Role Services),
, .
5. (Confirm Installation
Options) ,
(Print, E-Mail, Or Save This Information),
Internet Explorer.

. (Install), .
6. ,
(Installation Results).
, , .
- , :
) Internet Explorer, ( ) (Full Log
Windows Server 2008
1.
2.
3.
4.
5.
45
(Troubleshooting Only)) ,
(Notepad).
) Ctrl+F, ,
(, 2009-08-30), (Find
Next), .
)
.
, :
, , | | (Start | Administrative Tools | Server Manager).
(Roles), (Remove Roles). .
,
(Skip This Page By Default).
(Remove Server Roles)
, , (Next).
, ,
, .
(Remove Dependent Role),
.
(Confirm Removal
Selections) , , (Remove).
,
(Removal Results). , ,
. -
, , .

, (Roles)
. ,
, (Installed)
(Not Installed).
(Add Role Services)
(Remove Role Services) .
, .
.
46
Windows Server 2008
, :
2. (Roles) .
(Add Role Services). .
3. (Select Role Services)
. ,
. , (Next) (Install).
, :
2. (Roles) . (Remove Role Services). .
3. (Select Role Services) , .
, . , , ,
, . (Remove Dependent Role Service),
.
4. , (Next) (Remove).
Windows Server 2008

Windows
Windows (Add/Remove
Windows Components) (Add Or
Remove Programs). Windows Server 2008
.
, :
1. , | | (Start | Administrative Tools | Server Manager).
2. (Features) (Add Features), .
(Before You Begin), -
Windows Server 2008
3.
4.
1.
2.
3.
4.
47
(Next). ,
(Skip This
Page By Default).
(Select Features)
, . ,
.
(Add Required Features),
.
, , (Next)
(Install).
, :
, | | (Start | Administrative Tools | Server Manager).
(Features) (Remove Features) .
(Before You Begin), (Next). ,
(Skip This
Page By Default).
(Select Features) , . ,
. ,
, ,
, .
(Remove Dependent
Feature), .
, , (Next)
(Remove).

Windows Server 2008
Microsoft Windows,
. Windows Server
2008 ,
, (Initial Configuration Tasks)
(Server
Manager) .
(Initial Configuration Tasks)
, . , (Initial
Configuration Tasks), (Computer Management)
, . , :
;
;
, ;

;
;
.
,
(System).
:
;
,
;
;
.
Windows Server 2008
49

(Initial Configuration Tasks), . 3-1, . Windows Server
2008
. ,
,
(Do Not Show This Window At Logon)
. , (Start), oobe
(Search) Enter.
. 3-1. (Initial Configuration Tasks)

(Initial Configuration Tasks) :

(Set Time Zone) , (Date And Time).
, (Change
Time Zone), OK.
(Date And Time),
/ (Adjust Date/Time).
, .
(Configure Networking) , (Network Connections).
50
Windows Server 2008
, , (Properties)
.
IPv4, IPv6.
(Network Connections), (Manage Network
Connections) (Tasks)
(Network And Sharing Center).
(Provide Computer Name And Domain)
(System Properties) (Computer
Name). , (Change), , OK. ,
WORKGROUP.
(System Properties)
(Computer Name), (System)
(Change Settings) ,
(Computer Name, Domain, And Workgroup Settings).
(Enable Automatic Updating And Feedback) , Windows . ,
. ,
Windows (Windows Error Reporting) .
(Customer Experience Improvement Program). ,
,
Windows.
(Download And Install Updates) , Windows (Windows Update) ,
( ), ( ).
.

Windows (Windows Update), .
(Add Roles) (Add Roles Wizard),
Windows Server 2008
51
.
. (Server Manager)

(Roles).
(Add Features)
(Add Features Wizard).
.
(Server Manager)
(Features).
(Enable Remote Desktop) ,
(System Properties) (Remote). (Remote Desktop),
, OK.
. , (System Properties)
(Remote),
(System)
(Remote Settings) (Tasks).
Windows (Configure Windows Firewall) , Windows (Windows
Firewall). , (Change Settings). Windows . ,
Windows (Windows Firewall), .
. .

(Server Manager) .
, ,
. (Server Manager)
:
(Start),
(Administrative Tools) (Server Manager).
(Server Manager) .
. 3-2, , (Computer Management).
52
Windows Server 2008
. :
(Roles) , ,
.
, , , 24 ,
,
. , .
(Features) , , .
, .
(Diagnostics)
, .
(Configuration) .
(Storage)
.
. 3-2. (Server Manager)

. (Server Manager),
.
(Computer Information) , -
Windows Server 2008
53
, .
:
(Change System Properties)
, (System
Properties), .
(View Network Connections) ,
(Network Connections), .
(Configure Remote Desktop) ,
(System Properties) (Remote).
.
(Initial Configuration Tasks),
. .
(Security Information) Windows (Windows Firewall), Windows (Windows Update),

, Internet Explorer (Internet Explorer Enhanced Security
Configuration). :
Windows (Go To Windows Firewall) Windows
(Windows Firewall With Advanced Security), ,
.
(Configure Updates) ,
Windows (Windows Update),
( ) ( ).
(Check For New Roles) , ,
.
(Run Security Configuration
Wizard) ,
(Security Configuration Wizard), , , .
, 5,
.
54
Windows Server 2008
. ,
.
Internet Explorer
(Configure IE ESC) , Internet Explorer (IE ESC).
,
, , .
Internet Explorer, Internet
Explorer . IE ESC . IE ESC
, .
IE ESC
, . , Internet Explorer.
: (Internet) (High),
(Trusted Sites) (Medium),
(Local Intranet) (Medium-Low),
(Restricted) (High). Internet
Explorer:
(Enhanced Security Configuration),
, - , - , , , ,
, , .
(Roles Summary) , . :
(Go To Roles) (Roles) .
(Add Roles) (Add
Roles Wizard), .
(Remove Roles)
(Remove Roles Wizard), .
(Features Summary) , .
:
(Add Features)
(Add Features Wizard), .
(Remove Features)
(Remove Features Wizard), .
Windows Server 2008
55
(Resources And Support)

(Customer Experience Improvement Program)
Windows (Windows Error Reporting).
- ,
:
(Configure CEIP) CEIP.
.
Windows.
, CEIP, ,
. ,

, . CEIP, Windows.
Windows (Configure Windows Error
Reporting) , Windows (Windows Error Reporting, WER). , ,
. , . , (Problem Reports And Solutions)
.

(System) . (System)
. . 3-3, (System)
, :
Windows (Windows Edition)
. .
(System) , , (32- 64-).
, (Computer
Name, Domain, And Workgroup Settings) , -
56
Windows Server 2008
, . -
, (Change Settings), (Change)
(System Properties).
Windows (Windows Activation) ,
, .
Windows Server 2008 , , , .
, (Change Product Key) .
. 3-3. (System)
(System) , :
(Device Manager);
(Remote Settings);
(Advanced System Settings).
Windows Server 2008, , , ,
. Windows Server 2008
, . Windows Server 2008 , ,
Windows (Activate Windows Now)
Windows (Windows Activation).
Windows Server 2008
57
Windows , , . ,
:
1. (System) .
2. Windows (Windows Activation)
(System) (Change Product Key).
3. Windows (Windows Activation) .
4. (Next). ,
.

(System Properties). (System), (Change
Settings) ,
(Computer Name, Domain, And Workgroup Settings). ,
(Computer Name)
(Computer Name)
.
. ,
DNS-, Active Directory. ,
.
,
:
1. (Computer Name) (System Properties) (Change).

(Computer Name/Domain Changes).
2. , (Workgroup) , .
3. , (Domain)
, .
4. , OK, Windows.
OK.
58
Windows Server 2008
5. ,
, OK.
6. . OK.
7. (Close) (Restart Now).
, :
1. (Computer Name) (System Properties) (Change).

(Computer Name/Domain Changes).
2. (Computer
Name).
3. . OK.
4. (Close) (Restart Now).
(Hardware)
(Hardware)
(System Properties) (Device
Manager) Windows. (Device Manager), MMC, .
Windows Server 2008
, Windows.
, ,
Windows (Windows Update
Driver Settings)
, (Ask
Me Each Time I Connect A New Device Before Checking For Drivers)
(Never
Check For Drivers When I Connect A Device). OK.
(Hardware)
. Windows
Server 2008, Active Directory . , Windows Server 2008
- . - , (System Configuration)
.
(Administrative Tools).
2 Microsoft Windows Vista.
( , -, 2008).
Windows Server 2008
59
(Advanced)
(Advanced) (System)
Windows, , ,
, , .
Windows
Windows Server 2008 , , . Windows,

:
1. (Advanced)
(System Properties)
(Settings) (Performance). (Performance Options).
2. (Visual Effects). :
(Let Windows Choose Whats
Best For My Computer) .
, ,
(Adjust For Best Appearance).
, - Windows
.
(Adjust For Best Appearance) .
.
.
, - .
(Adjust For Best Performance) , , ,
.
.
(Custom) . ,
Windows .
3. ,
(Apply). OK, .
60
Windows Server 2008

, ( , ,
). , :
1. (Advanced)
(System Properties)
2. (Performance Options)
(Advanced).
3. (Processor Scheduling)
:
(Programs)
, (Background Services)
.
, , .
4. OK.

(RAM) .
Intel 386. RAM . , , 1024 , . , RAM.
,
.
. , . , .
PAGEFILE.SYS.
Windows Server 2008
61
Windows Server 2008

, . Windows Server 2008 ,
. , ( ). , ,
. ,
( ). RAM 8
. , 1024
(Total Paging File Size For
All Drives) 2048 . 8
. , .
, :
1. (Advanced)
(System Properties)
(Advanced).
(Change), (Virtual Memory), . 3-4. :
[ ] (Drive [Volume Label]) ()
(Paging File Size (MB)) .
(
). , .
(Paging File Size For Each
Drive) ,
. (Space Available)
, .
(Total Paging File Size
For All Drives)
, .
, ,
( ).
62
Windows Server 2008
. 3-4.

. ,
(Automatically
Manage Paging File Size For All Drives).
4. (Drive) , .
5. (Custom Size)
(Initial Size) (Maximum
Size).
6. (Set) .
7. 46 , .
,
STOP. ,
, .
, , . , 1
1 .
8. OK. PAGEFILE.SYS, (Yes).

9. ,
, ,
. OK.
10. OK, . (System), , . (Restart).
Windows Server 2008
63
Windows Server 2008 , :

1. (Advanced)
(System Properties)
(Advanced).
(Change), (Virtual Memory).
3.
(Automatically Manage Paging File Size For All Drives).
4. OK, .
,
, ,
. OK. (System), , . (Restart). .
(Data Execution Prevention, DEP) .

, .
, ,
.
, , , .
32- Windows DEP, Advanced Micro Devices (AMD)
NX (no-execute page-protection).
PAE (Physical Address Extension). NX
64- Windows.
DEP , DEP, (System):

1. (Advanced)
(System Properties) (Settings) (Performance),
(Performance Options).
(Data
Execution Prevention). ,
DEP.
64
Windows Server 2008
3. DEP, :
DEP Windows
(Turn On DEP For Essential Windows Programs And Services Only)
,
.
DEP ,
(Turn On DEP For All Programs Except Those I Select)
. , (Add), ,
.
4. OK.
DEP ,
, :
1. (Advanced)
(System Properties) (Settings) (Performance),
(Performance Options).
(Data
Execution Prevention).
3. -,
(Add),
(Open).
4. ( ), .
5. ,
(Remove).
6. OK, .
DEP DEP,
. , , NX.
, ,
, ,

.
, NX.
, .
STATUS_ACCESS_
VIOLATION. , . ,
Windows Server 2008
65
, ,
, , .
,
.
, 32-
. 64- ,
, .

ATTEMPTED_EXECUTE_OF_NOEXECUTE_MEMORY.

Windows , , , , . , Windows
, . , , .
(Environment Variables), . 3-5. ,
(System Properties), (Advanced) (Environment Variables).
. 3-5.
, :
66
Windows Server 2008
1. (New) (User Variables) (System Variables).

(New User Variable) (New System
Variable).
2. (Variable Name) .
(Variable Value) .
3. OK.

, :
1. (User
Variables) (System Variables).
2. (Edit). (Edit User Variable)
(Edit System Variable).
3. (Variable Value)
OK.
, (Delete).

.

.

(Startup and Recovery),
. 3-6. ,
(System Properties), (Advanced)
(Settings) (Startup and Recovery).
(System Startup) (Startup And Recovery) .
, , , (Default Operating System). Windows (Windows Boot Manager).
Windows Server 2008
67
. 3-6.
Windows Server 2008

30 .
:
,
(Time To
Display List Of Operating Systems).
,
(Time To Display
List Of Operating Systems) .
.
, , ,
.

. , . ,
(Time To Display Recovery Options
When Needed), , (Time To Display Recovery
Options When Needed) .
(System Failure)
(Write Debugging Information)
(Startup And Recovery). -
68
Windows Server 2008
STOP. , (System
Failure) :
(Write An Event To The System
Log) ,
(Event Viewer).
(Automatically Restart) ,
.
. , , , .
, , , , .
(Write Debugging Information) ,

. . :
(None) , .
(Small Memory Dump)
, .
64 .
(Kernel Memory Dump) , Windows. Windows.
, .
%SystemRoot%\Minidump, %SystemRoot%\MEMORY.DMP.

(Overwrite Any Existing File), STOP.
,
.
( , ), , ,
. , 4 ,
4 .
, ,
678 892 . ,
5 (4 1 ).
Windows Server 2008
69
(Remote)
(Remote)
(System Properties) (Remote Assistance)
(Remote Desktop). 5.

DLL, . DLL Regsvr32 .
, DLL, regsvr32 .dll, :
regsvr32 mylibs.dll
DLL, regsvr32 /u
.dll, :
regsvr32 /u mylibs.dll
(Windows File Protection) .

DLL, Windows Server 2008 ,
Windows.
.
: , , , , , ,
.
,

, , Microsoft Windows Server 2008
. , ,
(interactive).
,
, , . ,
, , (foreground).
(background).
, , ,
, . ,
. .
.
71

(Task Manager).
:
Ctrl+Shift+Esc.
Ctrl+Alt+Del (Task
Manager).
(Start), taskmgr
(Search) Enter.
(Task Manager).
.

. 4-1 (Applications) .
, .
:
,
(End Task).
, (Switch To).
, (New
Task) .
(Run) (Start).
. 4-1. (Applications) Windows

,
72
Windows Server 2008
(Status) ,
. (Not Responding) , , , .
. ,
, .
, , :
;
;
;
;
;
;
(Processes).
(Go To Process) , . ,
(Processes).

(Processes) . 4-2.
, , , , ( ), .
,
(Show Processes From All Users).
(Processes)
. ,
, , . :
(Image Name) , .
(User Name) ,
.
(CPU) ,
( ).
( ) (Memory (Private Working
Set)) , .
(Description) .
73
. 4-2. (Processes)

(View) (Select
Columns), (Processes).
, :
(Base Priority) ,
. , ,
(Set Priority) : (Low), (Below Normal), (Normal),
(Above Normal), (High) (RealTime). .
.
(CPU Time) , . ,
,
,
.
(Handle Count) ,
. ,
. , , Microsoft Internet Information Services
(IIS), . .
74
Windows Server 2008
(I/O Reads), (I/O Writes) .

, . , ,
.
.
(Page Faults) ,
,
.
, (soft page fault).
, (hard page fault).
.
.
(Paged Pool),
(Nonpaged Pool)
, , . , . ,
. , .
(Peak Memory Usage)
, . . , , Microsoft SQL Server,
, .
(Thread Count) , . . .
.
,
, .

(System Idle Process). .
, ,
(System Idle Process) . 99 (CPU)
(System Idle Process) , 99% .
75
,
. ,
.
,
(Applications) (Go
To Process). ,
, .
.

:
(Applications) (End Task);
(Processes) (End Process)
;

(Processes)
(End Process Tree).

(Services)
. , (PID), , . . 4-3,
.
, .
(Status), :
(Running) (Stopped).
. 4-3. (Services)
76
Windows Server 2008
(Group) , :
,
. , ,
LocalService, LocalServiceNoNetwork (
) LocalSystemNetworkRestricted (
).
, svchost.exe, ,
k. , RemoteRegistry
svchost.exe k regsvc. (Group) regsvc.
,
, :
;
;
(Processes).

(Performance)
(. 4-4).
. , (Performance Monitor),
.
. 4-4. (Performance)

77
(Performance)
(Performance) :
(CPU Usage) .
(CPU Usage History) . .
(Memory) ,
.
(Physical Memory
Usage History) .
,
. . 4-4
(Performance) ,
.
, (Performance).
.
, , .
,
, . .

(View):
(Update Speed) , . (Low) ,
(Normal) , (High) .
(CPU History) , . , , ( ) .
(Show Kernel Times)
, .
(
).
78
Windows Server 2008
, ,
. , IIS 7
, , ,
, . ,
, ,
.
:
() (Physical Memory (MB))
. (Total)
, (Cached)
, , (Free) .
, . ,
, 5%
.
() (Kernel Memory (MB)) ,
.
. (Nonpaged).
(Paged).
, , (Total).
(System) .
(Handles) - , .
(Threads) . .
(Processes) .
(Up Time) , .
(Page File) .
10%
, , ,
( ,
).

(Networking)
. ,
, .
79
, (Networking) (. 4-5).
,
, .
. ,
(View), (Network Adapter
History) (Bytes Sent),
(Bytes Received) . , , .
. 4-5. (Networking)
(Networking)
.
,
. :
(Adapter Name) (Network Connections).
(Network Utilization)
, .
, 100 10 10- .
(Link Speed) .
(State) .
80
Windows Server 2008
50% ,
. , . ; , . ,
. ,
, .
.
(View) (Select Columns),

,
(Networking).
:
(Bytes Sent Throughput)
, .
(Bytes Received Throughput) , .
(Bytes Throughput)
, .
(Bytes Sent) , .
(Bytes Received) , .
(Bytes) ,
.

. .
,
.
Windows Server 2008
. (Task Manager)

.
(Users), . 4-6.
, .
, ,
, . , , Console.
, , RDP-TCP
81
RDP TCP . , :
(Connect) .
(Disconnect) ,
.
(Log Off) .
.
(Remote Control)
. Ctrl+*.
(Send Message) , .
. 4-6. (Users)

.
(Services) .
(Services), :
1. (Start) (Administrative Tools), (Server
Manager). (Server Manager)
.
82
Windows Server 2008
2. (Server Manager) (Configuration).

3. (Services),
, (. 4-7). :
(Name) . , .
. , , , 2.
(Description) .
(Status) ,
( ).
(Startup Type) . . .
, .
(Log On As) , .
.
. 4-7. (Services)

83
(Services) : . ,
(Services). .
(Start), .
(Restart)
, , . , .
, . Windows Server 2008 ,
.
, ,
, Windows Server 2008. , :
2. (Services).
3. (Start), (Stop) (Pause).
(Restart), .
, (Resume)
.
, ,
- , . ,
. ,
, , . .

. :
2. (Services), ,
, (Properties).
3. (General)
(Startup Type) (. 4-8).
84
Windows Server 2008
(Automatic) .
( ) (Automatic (Delayed Start))
, .
(Manual) .
(Disabled) .
4. OK.
,
.
, .
.
. , (Log On) .
(Enable)
(Disable).
. 4-8.

Windows Server 2008 , :
85
2. (Services), ,
, (Properties).
3. (Log On), . 4-9.
4. (Local System
Account),
( ).
, (Allow Service To Interact With Desktop),
.
5. (This Account), , .
.

(Browse).
6. OK.
. 4-9. (Log On)

, ,
.
, . ,
, ,
. , .
, .
, , . .
86
Windows Server 2008

Windows Server 2008 . , .
, :
2. (Services), ,
, (Properties).
3. (Recovery),
. 4-10.
Windows Server 2008 . .
, , DCOM- (DCOM Server
Process Launcher) (Group Policy Client), . .
. 4-10. (Recovery) ,

4. , . :
87
(Take No Action) ,
.
(Restart the Service) ,
.
(Run a Program) , Windows. ,
, , .
(Restart the Computer) . , .
, .
: .
5. , . ,
(Run Program).
, .
- .
6. OK.

.
, , , -
(Worldwide Web Publishing Service), Simple Mail Transfer Protocol (SMTP)
FTP- (File Transfer Protocol (FTP) Publishing
Service), . ,
,
.
, . ,
,
. , .
88
Windows Server 2008
, .
, ,
.
, :
2. (Services), ,
, (Properties).
3. (General)
(Startup Type) (Disabled).
, . ,
. ,
(Stop) (General)
(Properties) OK.

,
.
Windows Server 2008 Windows (Windows Event Log).
:
Windows (Windows logs) , , , .
(Applications and Services logs) ,
.
Windows :
(Security Log) , . %SystemRoot%\
System32\Winevt\Logs\Security.evtx.
(Manage Auditing and the
Security Log). (Administrators).
10.
(Setup Log) , . %SystemRoot%\System32\Winevt\Logs\Setup.evtx.
89
(Forwarded Events)
, , . %SystemRoot%\System32\
Config\FordwardedEvents.evtx.
(Application) , , , Microsoft SQL Server.
%SystemRoot%\System32\Winevt\Logs\Application.evtx.
(System Log) , , , . %SystemRoot%\System32\
Winevt\Logs\System.evtx.

, .
, . , , , ,
, . ,
(Manage Auditing and the Security
Log).
(Administrators). 10.
:
DFS (DFS Replication)
DFS. %SystemRoot%\System32\Winevt\Logs\DfsReplication.evtx.
(Directory Service) ,
Active Directory. %SystemRoot%\System32\Winevt\Logs\
Directory Service.evtx.
(File Replication Service) . %SystemRoot%\System32\Winevt\Logs\File Replication
Service.evtx.
(Hardware Events) , , .
%SystemRoot%\System32\Config\Hardware.evtx.
DNS- (DNS Server) DNS-, DNS.
%SystemRoot%\System32\Winevt\Logs\DNS Server.evtx.
Microsoft\Windows ,
Windows. -
90
Windows Server 2008
. , . , .
Windows PowerShell , Windows PowerShell. %SystemRoot%\System32\Winevt\Logs\Windows
PowerShell.evtx.

, :
1. (Diagnostics) .
2. (Event Viewer). :
,
(Custom Views)
(Administrative Events).
, .
,
(Custom Views), (Server Roles)
.
.
,
Windows (Windows Logs),
(Applications And Services Logs) .
, , ,
(Application) (System).
3. (Source) ,
.
. 4-11,
(Event Viewer) , ,
.
,
. . :
(Information) , .
(Audit Success) , .
91
(Audit Failure) , .
(Warning) .
(Error) .
,
. ,
, .
. 4-11. (Event Viewer)

, , :
(Source) , , .
(Event ID) , , .
(Task Category) ,
(None),
.
(User) , , .
92
Windows Server 2008
(Computer) , .
(Description) .
(Data) ,
.

(Event Viewer) .
(Custom Views).
(Administrative Events), . (Server Roles)
, ,
.
, :
1. (Diagnostics)
(Event Viewer).
2. (Custom Views). (Action) (Create Custom View).
, . 4-12.
3. (Logged) (Last Hour), 12 (Last 12 Hours),
24 (Last 24 Hours), 7 (Last 7 Days)
30 (Last 30 Days).
4. (Event Level)
, . (Verbose), .
5.
:
(Event logs)
. ,
. .
(Event Sources)
. ,
.
.
93
. 4-12. ,

6. (User) (Computer(s))
. , .
7. OK. (Save Filter To Custom View),
. 4-13.
. 4-13.
8. .
9. , . (Custom Views). , (New Folder),
OK.
94
Windows Server 2008
10. OK, (Save Filter To Custom View).

, . .
, ,
:
1. (Diagnostics)
(Event Viewer).
2. Windows (Windows Logs)
(Applications And Services Logs). .
3. , .
(Action) (Filter Current Log). ,
. 4-12.
4. (Logged) (Last Hour), 12 (Last 12 Hours),
24 (Last 24 Hours), 7 (Last 7 Days)
30 (Last 30 Days).
5. (Event Level)
, . (Verbose), .
6. (Event Sources) , . , .
7. (User) (Computer(s))
. , .
8. OK. , .
.
, (Clear Filter)
(Action).

, , . . ,
.
, :
1. (Diagnostics)
(Event Viewer).
95

(Applications And Services Logs).
3. , ,
(Properties). , . 4-14.
. 4-14.
4. .
(Maximum Log Size). , .
%SystemRoot%\System32\Winevt\Logs.
5. . :
(Overwrite Events As
Needed (Oldest Events First)) . ,
.
,
(Archive The Log When Full, Do Not Overwrite Events) Windows ,
. .
( ) (Do Not
Overwrite Events (Clear Logs Manually)) -
96
Windows Server 2008
, .
6. OK.
, , , (Archive The Log When Full, Do Not Overwrite
Events). ,
.

, , :
1. (Diagnostics) (Event Viewer).
3. (Clear Log).
4. (Save And Clear), . (Clear),
.

, , , . ,
, . Windows .

:
.evtx (Event
Viewer).
(.txt)
.
(.csv) .
XML.
- . :
97
,18.05.2008 09:43:24,EventLog,6005,,
.
,18.05.2008 09:40:04,Microsoft-Windows-Time-Service,134,,Ntp-
- DNS
:
, ,, , ,

Windows ,
,
(Archive The Log When Full, Do Not Overwrite Events). , :
1. (Diagnostics)
(Event Viewer).
3. , ,
(Save
Events As).
4. (Save As)
.
5. (Save As Type)
(*.evtx) (Event Files (*.evtx)).
(Save).
,
, . ,
. ,
2009 , 2009.
.evtx.
,
(Event Viewer). ,
, (
). , , . ,
.evtx, ,
(Event Viewer)
(Save As).
,
. -
98
Windows Server 2008
(Event Viewer).
:
1. (Server Manager)
(Event Viewer).
(Open Saved Log File).
2. (Open)
.
(Event Logs Files). ,
.evtx, .evt .etl.
.
3. (Open). Windows
(Open Saved Log).
4. .
5. , .
(Saved Logs). , (New Folder). OK.
6. OK,
(Open Saved Log). .
(Event
Viewer), (Delete) (Action). (Yes).
- , .

.
, . , , ,
.
?
. ,
,
.

. ,
, . , , . , , , ,
,
99

, ,
. ,
. , , , .
, . ,
, :
1. , .
2. .
3. .
4. .
5. .
.
. , .
:
(Performance Monitor)
, .
, .
(Reliability Monitor) ,

.
,
. (System), (Security) (Application), .

(Reliability And Performance)
(Reliability And Performance).
,
100
Windows Server 2008
(Start), (Administrative Tools) (Reliability

And Performance Monitor). (Server Manager)
(Diagnostics).
(Diagnostics) (Reliability And Performance). . 4-15, :
(CPU Usage)
. , ,
, , , , .
(Disk Usage) ,
, . ,
, , -, , , , ,
, ,
, -
.
(Network Usage)
. , ,
, , , , IP-, , ,
, .
(Memory Usage) . , ,
,
, , , ,
.
101
. 4-15.
(Monitoring Tools)
(Reliability And Performance) :
(Performance Monitor);
(Reliability Monitor).
(Performance Monitor) (counter) .

.
. 4-16, (Performance
Monitor) .
1 , . (Performance Monitor),
, . (Performance
Monitor) ,
.
102
Windows Server 2008
. 4-16.
(Reliability And Performance) (Reliability

Monitor), . 4-17.
.

, , , , . ,
.
,
, , (Application Failure)
(Hardware Failure),
, .
103
. 4-17.

(Performance Monitor) . ,
. (Add Counters).
(Performance Monitor), (Add)
(Available Counters).
(Show Description)
.
(Performance Monitor)
. , (Processor) ,
. ,
, .
104
Windows Server 2008
, :
1. (Reliability And Performance) (Monitoring Tools) (Performance Monitor).
2. (Performance Monitor) . (View
Current Activity) Ctrl+T.
(Line),
(Histogram Bar) (Report),
(Change Graph Type) Ctrl+G.
. 4-18.
3. , (Add)
Ctrl+I.
(Add Counters), . 4-18.
4. (Select Counters From Computer) UNC- , , ,
\\CorpServer84, (Local
Computer).
,
(Performance Monitor
Users) . ,
(Performance Log Users)
.
105
5. (Available Counters) .
, . , ,
, .
6. ,
. (All Instances), ,
.
7. ,
, (Add), . 57, .
8. , .

. , , ,
.

Windows Server 2008 (data collector
set) (report). , .
,
, . Windows.
.
. , :
;
;

:
.
(Reliability And Performance)
(Data Collector
Sets) (Reports), . . 4-19, () .
, ,
.
106
Windows Server 2008
. 4-19.
, (Reliability
And Performance Monitor),
(Administrative Tools),
(Data Collector Sets).
.

, (User
Defined) (System), .
,
. (Trace) , .
(Performance Counter) ,
. (Configuration) ,
.
,
(Event Trace Sessions). , , (Stop).
, , (Startup Event Trace Sessions).
,
107
(Start As Event
Trace Session). ,
(Delete).
, , (Save Template).
(Save As) ,
(Save).
XML-, .
,
(Delete). ,
. .

.
,
15 .
, :
1. (Reliability And Performance Monitor) (Data Collector
Sets), (User-Defined),
(New) (Data Collector Set).
2. (Create New Data
Collector Set Wizard) , , .
3. (Create Manually) (Next).
4. (What Type
Of Data Do You Want To Include) (Create Data Logs).
(Performance Counter)
(Next).
5.
(Which Performance Counters Would You Like To Log) (Add).
(Add Counter), . OK.
6. ,
, , , . ,
. , 15--
108
Windows Server 2008
, 15 . (Next).
7. (Where Would You Like
The Data To Be Saved) ,
, , (Browse). (Next).
%SystemRoot%\
PerfLogs\Admin. .
, , . ,
, .
8. (Create Data Collector

Set) (Run As)
(Default). ,
.
, (Change).
OK. \
, , CPANDL\WilliamS
WilliamS CPANDL.
9. (Open Properties For This Data Collector Set)
(Finish). ,
(Properties).
10. . ,
(Schedule) (Add).
(Active Range), (Start
Time) .
11. . (Stop
Condition), ,
, , ,
( ).
12. , OK.

.
.
(Task)
(Properties).
109
, . , .
, :
1. (Reliability And Performance Monitor) (Data
Collector Sets), (User-Defined)
(New)
(Data Collector Set).
2. (Create New Data
Collector Set Wizard) , , -.
4. (What Type
Of Data Do You Want To Include)
(Create Data Logs)
(Event Trace Data). (Next).
5. (Which Event Trace Providers Would You Like To Enable)
(Add). , , Active Directory Domain Services: Core, .
(Properties) (Edit), , . . (Next).
6. 712 .

. , :
1. (Reliability And Performance Monitor) (Data
Collector Sets), (User-Defined)
(New)
(Data Collector Set).
2. (Create New Data
Collector Set Wizard) , , AD.
110
Windows Server 2008
4. (What Type
Of Data Do You Want To Include)
(Create Data Logs) (System Configuration Information). (Next).
5. (Which
Registry Keys Would You Like To Record) (Add).
, . . (Next).
6. 712 .

,
. ,
, . ,
, : .

(Reliability And Performance Monitor),
(Reports), ,
. . .
.
, . ,
(Stop). .
, :
1. , (Properties) Ctrl+Q. :
(Performance Monitor Properties).
2. (Source).
3. .
(Data Source) (Log Files)
(Add),
(Select Log File). .
4. . (Time Range), (Total Range)
.
5. (Data) .
, -
111
(Remove). (Add),
(Add Counter)
.
,
. , ,
, .
6. OK.
(Change Graph Type).

, .

.
.
, :
1. (Reliability And Performance Monitor) (Data Collector
Sets), (User-Defined)
(New) (Data Collector Set).
2. (Create New Data
Collector Set Wizard) , , -.
4. (What Type
Of Data Do You Want To) (Performance Counter Alert) (Next).
5. (Which Performance Counters Would You Like To Monitor) (Add),
(Add Counters) , . , OK.
6. (Performance
Counters) (Alert When Value Is) , . ,
(Above) (Below).
. ( -
112
Windows Server 2008
). , ,
95%, (Above)
95. .
7. 812 .

, , , , .
:
;
;
-;
.

,
, , . ,
.
, , , .

.

. Active Directory, , , .
, ,
, . , 3.
, , , , . . 4-1 ,
, ( ).
113
. 4-1. ,
\
(Memory\
Available Kbytes)

, , .
.
, ,
. , ,
5%
.
,
.
75%
\
/
(Memory\ Page
Faults/sec)
\
(Memory\
Committed Bytes)
\ / (Memory\
Pages Input/sec)
\
/
(Memory\ Page
Reads/sec )
, ,
.
- ,
.
,
.

.

. \
/ (Page Faults/sec)
.
\ / (Pages Input/
sec) ,
. \
/ (Page Reads/sec) , .
\ / (Pages Input/
sec)
\ /
(Page Reads/sec)
.
,
114
Windows Server 2008
. 4-1. ()
\ (Memory\
Pool Paged Bytes)

.

,
,
.

,
.

, ,
.
, ,

\ (Memory\
Pool Nonpaged
Bytes)

.
, ,
. , , , , . ,
, , SQL Server, .
,
.
, , . 4-2, , .
. 4-2. ,
\

(System\Processor
Queue Length)
,
. ,
.

2 ,

115
. 4-2. ()
\% (Processor\
% Processor Time)
,

.
, .

- ,

-
-
. , - , . ,
,
.
-, , .
.
,
/.
, . 4-3.
. 4-3. ,
\%

(PhysicalDisk\%
Disk Time)
%
(% Disk Time) , .

% (Processor\%
Processor Time)
\
/
(Network Interface
Connection\Bytes
Total/sec)
116
Windows Server 2008
. 4-3. ()
\
/
(PhysicalDisk\Disk
Writes/sec)

-. ,

. , ,
. ,
RAID
\
/
(PhysicalDisk\Disk
Reads/sec)
\

(PhysicalDisk\Avg.
Disk Write Queue
Length)
\

(PhysicalDisk\Avg.
Disk Read Queue
Length)
\

(PhysicalDisk\
Current Disk Queue
Length)

, ,
.
.
: , , .
, , , . , .
.
117
. 10/100, . :
, 10 /,
.
, :
\ / (Network\Bytes Received/
sec)
\ / (Network\Bytes Sent/sec)
\ / (Network\Bytes Total/sec)
\ (Network\ Current Bandwidth)

50% , , ,
. ,
, , , . ,
\% (PhysicalDisk\% Disk Time) \%
(Processor\% Processor Time). , , , , . .
,
.
, ,
?
-
Microsoft Windows Server 2008 , , .
. , (Remote Server Administration Tools). ,
(Wireless Networking). Windows Server 2008
, Windows Vista.
,
:
(Automatic Updates)
. Windows Update Microsoft Update, .
Windows Server 2008 , . Windows (Windows Update) .
, (Start), (Control
Panel), (Security) Windows (Windows Update). ,
, .
Windows (Windows Firewall)
119
Windows (Windows Firewall) Windows (Windows Firewall With Advanced Security). . ,

Windows (Windows Firewall)
(Network And Internet) . ,
Windows (Windows Firewall With
Advanced Security) (Administrative Tools).
(Desktop Experience)
Windows Vista. ,
Windows Server 2008
.
, : Windows (Windows Calendar), Windows (Windows Defender), Windows (Windows Mail), Windows Media (Windows Media Player), Windows (Windows
Photo Gallery), Windows (Windows Sidebar) Windows
SideShow.
Windows (Windows Time)
. . Windows Time ,
.
, .
,
(Date And Time).
Windows (Windows Defender) . Windows (Windows Defender) .
Windows (Windows Defender) .
Windows (Windows Defender) (Desktop Experience),
(All Programs).
(Task Scheduler) ,
, . Windows Server 2008, Windows Vista, . (Server Manager). , (Configuration), (Task Scheduler)
(Task Scheduler Library).
120
Windows Server 2008
(Remote Assistance) .
, ,

.
, (Remote) (System Properties). ,
(System and Maintenance) (System)
(Remote Settings) (Tasks).
(Remote Desktop) .
Windows Server 2008 (Remote Desktop) , .
(Remote) (System Properties).
, (System
and Maintenance) (System)
(Remote Settings) (Tasks). (Remote Desktop Connection). (Start),
(All Programs), (Accessories)
(Remote Desktop Connection).
BitLocker (BitLocker Drive Encryption) .
, .
BitLocker , TPM, .
,
BitLocker (BitLocker Drive Encryption).
. Microsoft Windows Vista. .
( , -, 2008).
, . , (System Resource Manager) ,
. (Terminal Services) ,
. Windows (Windows Deployment
121
Services) Windows.
, (Group Policy).
Windows Server 2008
. (Computer Configuration) (User Configuration)
: (Policies) (Preferences).
, .
, , , \\ : \
Windows (User Configuration\Policies\Administrative Templates: Policy Definitions\Windows
Components) - \ \ Windows (User Configuration\Administrative Templates\Windows Components).

, , , . :
Windows,
, ,
(Start). .
, , .
.
. .
, , ,
. 2 .
, .

.
, ,
. , , (local group policy) .
Active Directory.
122
Windows Server 2008
,
Active Directory. Active Directory (sites),
(organizational units).
NewYorkMain, CaliforniaMain WashingtonMain.
WashingtonMain SeattleEast, SeattleWest,
SeattleNorth SeattleSouth. , SeattleEast Information Services, Engineering Sales.
,
Windows 2000, Windows XP Professional, Windows Vista,
Windows Server 2003 Windows Server 2008. Windows
NT 4.0 (System Policy
Editor, Poledit.exe). Windows 95 Windows 98 , Sysvol
.

(Group Policy Object, GPO)
. , GPO.
, - . - , GPO
, : .
(container) , . , , . ,
, , ,
. , , . GPO , GPO
.
: . ,
.
, . ,
.
, , , . ,
.
123
?
, :
1. .
2. .
3. .
4. .
5. .
, , . , , .
, .
, .
?
, ,
:
;
.
, .
. , :
1. Windows Server 2008 .
.
.
,
. ,
.
3. Ctrl+Alt+Del, .
.
.
. ,
.
Netlogon.
124
Windows Server 2008
6. Windows Server 2008 , .

7. .
, , gpupdate.
.
, , , , .
,
. gpupdate /logoff, .
, .
, gpupdate /boot.

Windows 2000
,
Windows 2000 . ,
Windows -
. , . Windows, ,
Windows XP Professional Windows Server 2003.
.
, , Windows 2000, , Windows 2000, Windows XP Professional, Windows Server 2003,
Windows Vista Windows Server 2008. , , , , Windows XP Professional, ,
Windows 2000, , Windows Vista,
Windows 2000 Windows XP Professional.
,
Windows? . (Settings)
(Supported On), Windows.
,
(Requirements).
, Windows. .
125

, Active
Directory
(Group Policy Management, GPMC). GPMC Windows
Server 2008 .
Windows Vista -
. GPMC (Administrative Tools).
GPO GPMC,
(Group Policy Management
Editor), .
,
. , , :
GPO (Group Policy Starter GPO Editor) . ,
GPO
. , GPO .
(Local Group Policy
Object Editor) . ,
GPO ,
, .
Windows, , Windows Server 2003,
(Group Policy Object Editor, GPOE),
.
Group Policy Object Editor, Group Policy Management Editor, Group Policy
Starter GPO Editor Local Group Policy Object Editor . , . ,
,
. GPOE.
Windows Vista Windows Server 2008 , Windows Vista
Windows Server 2008. Windows Vista Windows
Server 2008 GPOE GPMC,
XML ADMX.
126
Windows Server 2008
ADMX
. GPO, ADMX, Windows Vista Windows Server 2008.
.
.
ADMX- XML, , .

, , . , ADMX-
.
ADMX , ,
.admx .adml.
GPO.

, .
, .
ADMX, , %SystemRoot%\
PolicyDefinitions. ADMX-
%SystemRoot%\PolicyDefinitions\. ISO, , EN-US .
,
ADMX- . GPO ADMX-, . ,
.
ADMX-
Sysvol (%SystemRoot%\Sysvol\Domain\
Policies). ,
GPO. GPO
, ADMX . ,
, . GPO Windows Vista Windows Server 2008,
ADM, ADMX GPO .
.
Windows Server 2008
DFS.
GPO,
GPO .
Windows Server 2003, Windows Server 2008
Windows
127
.
Windows , , .
Windows Server 2008
userenv.dll.
. Userenv . , . (Event
Viewer) \Microsoft\
Windows\GroupPolicy (Applications And Services Logs\Microsoft\Windows\GroupPolicy).
ICMP (ping) Windows Server 2008 (Network Location Awareness, NLA).
, . NLA
,
.

Windows Server 2008 (Local Group Policy Object, LGPO) ( , ).
LGPO. Windows Server 2008
LGPO LGPO,
.
.

LGPO , , .

,
. LGPO
.
LGPO, , ,
GPO.
,
.
Windows Server 2008
:
128
Windows Server 2008
LGPO, , .
- . ,
.

.
LGPO :
,
.
LGPO
, GPO
GPO. Windows Server 2008 , ,
. . -.
(Not Configured), . , LGPO Windows Server 2008,
(Turn Off Local (Group Policy
Objects) Processing) GPO.
\ \\ (Computer Configuration\Administrative
Templates\System\Group Policy).

, Windows 2000
, ,
.
LGPO
gpedit.msc /gpcomputer: %ComputerName%
MMC- GPOE . %ComputerName%

. , .
, :
gpedit.msc /gpcomputer: RemoteComputer
129
RemoteComputer - FQDN- .
, :
gpedit.msc /gpcomputer: corpsvr82
, , :
1. (Start), mmc (Search)
Enter.
2. (File) (Add/Remove Snap-In).
3. (Add or Remove
Snap-Ins) (Group
Policy Object Editor) (Add).
4. (Select Group
Policy Object) .
(Finish) OK.
. 5-1, .
MMC
LGPO. (Add or Remove Snap-Ins) , .
. 5-1.
130
Windows Server 2008
LGPO
%SystemRoot%\System32\
GroupPolicy Windows Server 2008. :
Machine Script HKEY_LOCAL_MACHINE
Registry.pol.
User Script
HKEY_CURRENT_USER Registry.pol.
! ; . . Windows,
(Tools) (Folder Options),
(View), (Show Hidden files and Folders),
() (Hide Protected Operating System Files (Recommended)), (Yes) OK.

Local Group Policy Object. .
,
:
Enter. (File) (Add/Remove Snap-In).
2. (Add or Remove
Snap-Ins) (Group
Policy Object Editor) (Add).
3. (Select Group
Policy Object) (Browse).
(Browse For a Group Policy Object) (Users).
4. , , (Users). :
(Administrators),
.
131
(Non-Administrators),
.
, .
5. OK. , .
.
, - %SystemRoot%\System32\GroupPolicyUsers Windows Server 2008. LGPO , %SystemRoot%\
System32\GroupPolicyUsers User, Script
, Registry.pol HKEY_CURRENT_USER.
,

Active Directory,
Active Directory. , .
, .
, .

Active Directory
:
(Default Domain Controllers Policy) GPO Domain Controllers.
GPO (
). .
(Default Domain Policy)
GPO Active Directory .
, .
, ,
Domain
Controllers. , Domain Controllers
GPO. ,
GPO GPO -
132
Windows Server 2008
. GPO
.
, ,
,
Kerberos. GPO :
(Accounts: Rename Administrator Account), :
(Accounts: Rename Guest Account), :
(Network Security: Force Logoff When Logon Hours Expire)
: SID (Network Access: Allow
Anonymous SID/Name Translation). GPO
.
, .
GPO
Domain Controllers .
GPO
.
, %SystemRoot%\ Sysvol\Domain\Policies.
,
.
GUID . :
Machine ( Script) HKEY_LOCAL_MACHINE Registry.pol.
User ( Script) HKEY_CURRENT_USER Registry.pol.
! ; .

GPMC (Start), (Administrative Tools) (Group Policy Management). . 5-2, (Group Policy Management), (Forest). ,
, .
, -
133
(Group Policy Management) (Add

Forest). (Add Forest) OK.
. 5-2. GPMC GPO ,
(Forest) :
(Domains) .
, .
,
(Domains)
(Show Domains).
(Show Domains) ,
, OK.
(Sites) . . .
(Sites)
(Show Sites). (Show Sites) , , OK.
(Group Policy Modeling) (Group Policy Modeling Wizard),
.
.
134
Windows Server 2008
(Group Policy Results)

(Group Policy Results
Wizard).
, ,
GPO . GPO, , , GPO, .
GPO, (Group Policy Objects) .
: GPO
, , GPO .
GPMC, Active Directory,
, PDC, GPO .
LDAP,
Sysvol SMB (Server Message Block). PDC - , , ,
GPMC
, , . ,
(Change Domain Controller).
(Change Domain Controller)
(Current Domain Controller) , .
(Change To) OK.

GPO,
GPMC (Edit). . 5-3,
:
(Computer Configuration) , ,
.
(User Configuration) , ,
.
(Computer
Configuration) (User Configuration) . , :
(Software Settings) . (Software Settings) .
135
Windows (Windows Settings) , .

(Administrative Templates)
, Windows . , .

. .
. 2 .
. 5-3.

. .
. , , . HKEY_
LOCAL_MACHINE,
HKEY_CURRENT_USER.
(Administrative Templates) .
, , , .
(Computer Configuration) (User Configuration) . Windows, .
(Administrative Templates) :
136
Windows Server 2008
Windows (Windows components)

Windows,
(Event Viewer), Internet Explorer, (Task Scheduler), Windows (Windows Installer)
Windows (Windows Updates).
(Start menu and taskbar) (Start)
.
(Shared folders)
DFS.
(Control Panel)
.
(Printers) , ,
.
(Desktop) Windows .
(Network)
, DNS .
(System)
, , , , . .
,
(Administrative Templates).
:
(Not Configured) ; .
(Enabled) ,
.
(Disabled) (
- ). .
, , :
1. (Administrative Templates) (Computer
Configuration) (User Configuration),
.
2. , .
.
3.
(Properties),
.
137
4. (Explain),
. , .
5. ,
(Settings) :
(Not Configured) .
(Enabled) .
(Disabled) .
6. (Settings) OK.
.
.

(central store) Sysvol
.
ADMX, . .
, , , PDC, GPOE GPMC
.
,
.
:
1. ,
Windows %SystemRoot%\
Domain\Policies.
2. Windows Explorer %SystemRoot%\Domain\Policies\PolicyDefinitions ,
.
ISO -, , EN-US .
3. ADMX Windows Vista. ,
Windows Vista Business . :
ADMX-, ,
%SystemRoot%\PolicyDefinitions Windows Vista
138
Windows Server 2008
(%SystemRoot%\Domain\
Policies\PolicyDefinitions).
ADMX-, ,
%SystemRoot%\PolicyDefinitions\ . ,
ADMX , %SystemRoot%\PolicyDefinitions\
EN-US %SystemRoot%\Domain\Policies\PolicyDefinitions\
EN-US .
4. ADMX Windows Server 2008.
,
:
ADMX-, ,
%SystemRoot%\PolicyDefinitions Windows Vista
(%SystemRoot%\Domain\
Policies\PolicyDefinitions).
ADMX-, ,
%SystemRoot%\PolicyDefinitions\ . ,
ADMX , %SystemRoot%\PolicyDefinitions\
EN-US %SystemRoot%\Domain\Policies\PolicyDefinitions\
EN-US .
5.
Sysvol. ,
. ,
.
GPO

Active Directory . GPO
, , . .
, , GPO. : GPO , , ,
Active Directory ,
.
GPO , ,
:
139
1. GPMC ,
(Domains).
2. (Group
Policy Objects) (New).
(New GPO)
GPO, , Secure Workstation GPO.
GPO, (Source Starter
GPO). OK, (Group Policy Objects) GPO.
3. GPO
(Edit).
.
4. GPMC , . (Linked
(Group Policy Objects)) GPO,
( ).
5. , GPO (Link An Existing
GPO). GPO (Select GPO) OK. GPO

, .
GPO :
1. GPMC , , GPO,
GPO (Create A GPO In This Domain,
And Link It Here).
2. (New GPO) GPO, , Secure Workstation GPO.
GPO,
(Source Starter GPO). OK, GPO (Group Policy Objects)
, .
3. GPO
(Edit).
. GPO
,
.
140
Windows Server 2008
GPO
GPO GPMC,
GPO.
GPO GPO, . GPO ,
.
GPO, :
1. GPMC ,
(Domains).
2. (Starter GPOs) (New).
GPO (New Starter GPO) GPO, , General Management User GPO.
GPO OK.
3. GPO
(Edit).
.

Active Directory .
:
GPO ;
, GPO, ;
GPO
(Resultant Set of Policy, RSoP).
Active Directory GPO. , GPO, .
GPMC, GPO ,
(Group Policy Objects)
(Delegation). , GPO .
GPO,
(Add). ,
(Select User, Computer, Or Group) OK.
GPMC ,
. -
141
, , ,
(Delegation),
. 5-4. (Permission) . :
GPO (Link GPOs) , GPO , .
(Perform Group Policy
Modeling Analyses) , .
(Read Group Policy Results Data) ,
RSoP, .
. 5-4.
, , :
1. GPMC , (Delegation) .
2. (Permission) , .
3. (Add). ,
4. (Add Group Or
User) . -
142
Windows Server 2008
,

(This Container And All Child Containers).
, (This
Container Only). OK.
GPO, GPMC
(Delegation).
:
(Read)
GPO .
(Edit Settings) GPO . GPO .
, (Edit Settings, Delete, Modify Security)
GPO , GPO .
GPO, :
1. GPMC , (Delegation) .
2. GPO ,
(Add). ,
3. (Add Group
Or User) OK.
,
,
, . : ,
.
. , .
,
, .
:
;
( );
( );
( ).
143
. :
,
. ,
.
.
( ).
, . ,
, . .
( ).
, ,
, :
1. GPMC , .
2.
(Linked (Group Policy Objects)), . 5-5. .
. 5-5.
3. (Move Link Up) (Move Link Down)

.
144
Windows Server 2008
4. (Group Policy
Inheritance) , .
. ,
, .
,
, .
, .
,
, . , ,

( ).
,
. ,
, .
, .
GPMC,

(Block Inheritance). ,
. GPMC
, .
,
. , . , ,
.

. , .
GPMC, ,
, GPO (Enforced). , GPO ,
145
, GPO (Enforced). ,
. GPMC , .
(Scope) . (Enforced)
(Yes), . 5-6.
,
(Location) (Scope),
,
. (Link
Enabled) . (Enforced) .
. 5-6.

,
. , , .
.
.

, , ,
. :
146
Windows Server 2008
;
;
;
.
.
.
, , . ,
, .

, . 5 ,
90 ,
. , ,
( ) 90 120 .
, . , ,
,
. ,
. , -
.
. 16 (960 ) .
30- , (
960 990 ). , ,
, , . ,
.
.

. , , .
147
, , 20- 180- .
.
, :
1. GPMC , , (Edit).
GPO , .
2. (Group Policy Refresh Interval For Domain
Controllers) \
\\ (Computer Configuration\Administrative Templates\System\Group Policy).
, . 5-7.
. 5-7.
3. (Enabled). (Minutes). 5 59 .
4. (Minutes) . , ,
,
. OK.
, ,
.
, , , .
148
Windows Server 2008

, :
1. GPMC , , (Edit).
GPO ,
.
2. (Group Policy Refresh Interval For Computers)
\ \\ (Computer Configuration\Administrative
Templates\System\Group Policy). , ,
. 5-7.
3. (Enabled). (Minutes). 60 240 .
4. (Minutes) . , ,
,
. OK.
, , , , , ,
. ,
. ,
, . ,
, . :
.

. ,
. , .
Gpupdate.
. gpupdate
, ,
. . , /Force.
,
gpupdate /target:computer. , gpupdate /target:user.
149
Gpupdate
. , . /Logoff, /Boot.

, , , Active Directory
.

, , .

, :
1. GPMC (Group Policy Modeling), (Group Policy Modeling Wizard)
(Next) .
2. (Domain Controller Selection)
(Show Domain
Controllers In This Domain) , .
. , (This Domain Controller)
. (Next).
3. (User And Computer
Selection), . 5-8,
.
(Next):
, , , . (User Information)
(Container), (Browse) .
(Computer Information),
.
,
.
150
Windows Server 2008
(User Information) (User), (Browse) .

(Computer Information),
.
. 5-8.
4. (Advanced Simulation Options)

( , ) (Next).
5. (User Security Groups)
. , , ,
CorpManagers, (Security Groups). (Next).
6. (Computer Security
Groups)
. , ,
,
RemoteComputers, (Security Groups). (Next).
7. WMI.
,
WMI.
. (Next), .
151
8. (Next).
, (Finish).
(. 5-9).
. 5-9.
9. , .
(Computer Configuration Summary),
(User Configuration
Summary).
,
GPMC , .
.
GPMC.
,
. , GPMC
.

. , , .
, ,
.
,
. , -
152
Windows Server 2008
.
,
. ,
, .
, .
.
,
:
1. GPMC
(Group Policy Objects) (New). (New GPO)
GPO OK. GPO
(Group Policy Objects).
2.
(Import Settings). (Import Settings Wizard).
3. (Next), GPO (Backup GPO). GPO, .
4. (Backup Location)
(Browse). OK. (Next).
5. ,
GPO (Source GPO).
(Next).
6. UNC-, .
,
.
7. (Next) (Finish), . , OK.

GPO. GPMC
, :
1. GPMC
(Group Policy Objects).
,
(Group Policy Objects) (Back Up
All). ,
(Back Up).
153
2. (Back Up
Group Policy Object) (Browse) GPO.
3. (Description)
(Backup).
4. (Backup). , OK.
, ,
.
.
.
GPMC , . GPMC
,
.
,
, .
, :
1. GPMC
(Group Policy Objects) (Manage
Backups). .
2. (Browse), OK.
3. GPO (Backup Policy Objects) . ,
GPO (Show Only The Latest Version Of Each
GPO).
4. GPO, . , (View Settings). (Restore) , OK.
5. (Restore). ,
. GPO, ,
,
. .
154
Windows Server 2008

. , , ,
(). , ,
.
GPMC,
Group Policy Results) (Group Policy
Results Wizard). .

.
,
. GPO
.
, :
1. GPMC , .
2.
(Details) .
3. GPO (GPO Status)
OK, GPO:
(All Settings Disabled) .
(Computer
Configuration Settings Disabled)
. .
(Enabled) .
(User Configuration Settings Disabled) . .
155

.
. . ,
GPO ,
GPO .
,
. ,

GPO , .
GPO
(loopback processing).
,
:
1. GPMC
(Edit).
2. (User Group Policy Loopback Processing
Mode) \ \\ (Computer Configuration\Administrative Templates\System\Group Policy).
.
3. (Enabled), (Mode) OK:
(Replace) ,
GPO ,
GPO . ,
GPO ,
.
(Merge) GPO , GPO ,
GPO .
GPO , GPO .

. ,
, .
156
Windows Server 2008
, ,
.
, 500 / ( ), .
.

(Group Policy Slow Link Detection) \
\\ (Computer
Configuration\Administrative Templates\System\Group Policy).
, 500 /.
, , ,
384 /. , .
.
:
(Wireless Policy Processing);
EFS (EFS Recovery Policy Processing);
(Disk Quota Policy Processing);
Internet Explorer (Internet Explorer
Maintenance Policy Processing);
(Folder Redirection Policy
Processing);
(Scripts Policy Processing);
(Software Installation Policy
Processing);
IP- (IP Security Policy Processing).

(Security Policy Processing). 16 , .

. ,
(Do Not Apply During Periodic Background Processing).
, -
157
, .
,
.
,
:
1. GPMC (Edit).
2 .
(Group Policy Slow Link Detection) \ \\ (Computer Configuration\Administrative Templates\System\Group Policy).
3. (Enabled), . 5-10,
(Connection Speed). OK.
. 5-10.
,
, :
1. GPMC (Edit).
2. \ \\ (Computer Configuration\Administrative Templates\System\Group Policy).
158
Windows Server 2008
3. , . (Enabled), . 5-11,
.
. , , :
(Allow
Processing Across A Slow Network Connection) ,

(Do Not
Apply During Periodic Background Processing) .
,
(Process Even If The Group Policy Objects Have Not Changed)
,
.
4. OK.
. 5-11.
GPO
GPO GPMC:
GPO, GPO;
GPO .
, , ,
GPO . GPO , . GPMC -
159
GPO, GPO
(Delete). , OK. GPO , ,
(Group Policy Objects),
.
GPO, . (Group Policy Objects)
, .
GPO
( ). GPMC GPO ,
(Group Policy Objects), GPO
(Delete).
GPO, OK.

, , ( ), . , GPO , :
1. GPMC (Group Policy Results)
(Group Policy Results Wizard).
(Next) .
2. (Computer Selection) (This Computer), . , (Another Computer)
(Browse). : (Select Computer)
(Check Names). , OK.
3. (User Selection) , . .
(Next).
4. (Next).
, (Finish).
, .
5. .
, , (Computer Configuration Summary)
(User Configuration Summary).
160
Windows Server 2008
Gpresult. :
, ,
, IPSec ;
;
, ,
;
GPO, GPO, .
Gpresult :
gpresult /s /user \
, , \ ,
. , CorpPC85 tedg CPANDL, :
gpresult /s corppc85 /user cpandl\tedg
.
/v . /z , GPO,
.
Gpresult , HTML
/H XML /X.
:
gpresult /s corppc85 /user cpandl\tedg /h gpreport.html
gpresult /s corppc85 /user cpandl\tedg /x gpreport.xml

Active Directory.
- , . ,
GPMC GPO .
,
DCGPOFIX. , , , DCGPOFIX ,
DCGPOFIX.
DCGPOFIX, .
161
DCGPOFIX , . , , . . (Remote Installation Services,

RIS), EFS.
.
.
DCGPOFIX, , . dcgpofix . DCGPOFIX Active Directory, DCGPOFIX Active
Directory. , DCGPOFIX
. /Ignoreschema, DCGPOFIX Active Directory.
,
. DCGPOFIX .

. dcgpofix /target:domain, dcgpofix /target:dc.

.
:
;
;
;
;
.

Windows Server 2008
.
,
. Windows XP Professional Windows Application Data,
(Start Menu), (Desktop), (My
Documents) (My Pictures). Windows Vista
162
Windows Server 2008
Windows AppData, (Desktop),

(Start Menu), (Documents), (Pictures),
(Music), (Videos), (Favorites), (Contacts),
(Downloads), (Links), (Searches)
(Saved Games).
:
. ,
( 15).

, :
1. GPMC GPO , (Edit).
.
2. (User Configuration),
Windows (Windows Settings)
(Folder Redirection).
3. (Folder Redirection)
, , ,
AppData(Roaming), (Properties). , . 5-12.
4. (Target) () (Basic
Redirect Everyones Folder To The Same Location).
. 5-12. AppData(Roaming)
163
5. (Target Folder Location) . ,

:
(Redirect To
The Users Home Directory)
. %HomeDrive%
%HomePath%.
(Create
A Folder For Each User Under The Root Path)
, (Root
Path).
%UserName%. \\Zeta\UserDocuments,
WilliamS \\Zeta\
UserDocuments\WilliamS.
(Redirect To The Following
Location) ,
(Root Path).

, , \\Zeta\UserData\%UserName%\docs.
,
(Redirect To The Local Userprofile Location) . %UserProfile%.
6. (Settings),
, , OK.
(Grant The User
Exclusive Rights To)
.
... (Move The Contents Of ... To
The New Location) ( ).

,
:
.
164
Windows Server 2008
, , ,
Application Data, (Properties).
4. (Target)
(AdvancedSpecify
Locations For Various User Groups). . 5-13,
(Security Group Membership).
. 5-13.
5. (Add), (Specify Group And Location).

(Edit), .
6. (Security Group Membership)
,
, (Browse),
.
7. ,
, :
(Redirect To
The Users Home Directory)
. %HomeDrive%
%HomePath%.
165
(Create
A Folder For Each User Under The Root Path)
, (Root
Path).
%UserName%. \\Zeta\UserDocuments,
WilliamS \\Zeta\
UserDocuments\WilliamS.
(Redirect To The Following
Location) ,
(Root Path).

, , \\Zeta\UserData\%UserName%\docs.
, (Redirect To The Local Userprofile Location)
. %UserProfile%.
OK. 57 ,
.
, (Settings),
, ,
OK.
(Grant The User
Exclusive Rights To)
.
... (Move The Contents Of ... To
The New Location) ( ).

. :
.
, ,
(Properties).
4. (Settings) (Policy Removal).
:
166
Windows Server 2008
(Leave The Folder In

The New Location When Policy Is Removed)
.
.
(Redirect The Folder Back To The Local
Userprofile Location When Policy Is Removed) . .
5. (Target). (Policy Removal),
(Apply).
6. , (Not Configured).
7. , (Security
Group Membership) (Remove). OK.

(Computer Startup) .
(Computer Shutdown) .
(User Logon)
.
(User Logoff) .
.bat
.cmd WSH (Windows Script Host). WSH Windows Server 2008, , , VBScript, -.
WSH (scripting engine),
. Windows Server 2008 VBScript JScript, .

. , , .
167
, :
1. Machine\Scripts\
Startup Machine\Scripts\Shutdown . %SystemRoot%\Sysvol\Domain\Policies .
2. GPMC GPO , (Edit). .
3. (Computer Configuration)
Windows (Windows Settings), (Scripts).
4. ,
(Startup) (Properties).
,
(Shutdown) (Properties). , , . 5-14.
. 5-14. ,
5. (Show Files).
Policies,
.
6. (Add),
(Add A Script). (Script Name)
, Machine\Scripts\Startup
Machine\Scripts\Shutdown . -
168
Windows Server 2008
(Script Parameters)
WSH. .
7. , . (Up)
(Down).
8. ,
... (Script... For) (Edit).
9. , ... (Script...
For) (Remove).

:

, , .
Active Directory
(Active Directory Users And Computers).
. 11.
.
, :
1. User\Scripts\
Logon User\Scripts\Logoff .
%SystemRoot%\Sysvol\Domain\Policies .
2. GPMC GPO , (Edit). .
3. (User Configuration)
Windows (Windows Settings), (Scripts).
4. ,
(Logon) (Properties). , (Logoff) (Properties).
, , . 5-15.
169
. 5-15. ,
5. (Show Files).
Policies,
.
6. (Add), (Add A Script). (Script Name) , User\Scripts\Logon
User\Scripts\Logoff .
(Script Parameters)
WSH.
.
7.
, .
(Up)
(Down).
8. ,
... (Script... For) (Edit).
9. , ... (Script...
For) (Remove).

(Software Installation). , ,
, Systems Management Server
(SMS), -
170
Windows Server 2008
, Windows 2000 .

. ,
\ \ (Computer
Configuration\Software Settings\Software Installation).
,
\ \
(User Configuration\Software Settings\Software Installation).
:
,
. , .
.
,
. , .
.
,

(Programs And Features). , . .
,
, . :
, ;
;
.
(Software Installation)
GPO. GPO
, GPO . .
GPO ,
,
, .
171
, ,
. , ,
Microsoft Office,
. Microsoft Office Setup /a
. ,

(Software Installation).
,
(Software Installation), , .
.

(Software Installation) Windows (.msi) ZAW Down-level Application

Packages (.zap). .msi.
.msi, .zap.
,
, ,
.
(Software Installation) ( ) ,
, .
.mst, , .
, :
1. GPMC GPO,
, (Edit).
2. \ \ (Computer Configuration\
Software Settings\Software Installation) \ \ (User Configuration\Software Settings\Software Installation)
.
3. (Software Installation). (New)
(Package).
4. (Open) , , (Open).
172
Windows Server 2008
(Windows Installer Packages). ,

ZAW Down-Level Application (ZAW Down-Level Application Packages).
5. (Deploy Software), . 5-16, OK:

(Published) .
(Assigned) .
(Advanced)
.
. 5-16.

:
1. GPMC GPO,
, (Edit).
.
3. .
.
4. (Deployment), . 5-17,

:

(Auto-Install This Application By
File Extension Activation) , -
173
, . .
, ,
(Uninstall This Application When
It Falls Out Of The Scope Of Management) ,
.
(Do Not Display This Package In
The Add/Remove Programs Control Panel)
. .
(Install This
Application At Logon)
.
.
(Installation User
Interface Options) . (Maximum)
.
(Basic) , .
. 5-17.
5. OK.
174
Windows Server 2008
, Windows,
:
1. .msi .msp ,
,
.msi. .
2. GPMC GPO, , (Edit).
.
4. .
(All Tasks) (Redeploy Application).
5. (Yes) . , GPO, .
, Windows, :
.
3. (All
Tasks) (Remove). OK, , .
4. .zap-
.

, :
175
1. .msi .msp ,
,
.msi. .
.
4. (Software Installation). (New)
(Package). , .
5.
(Properties). (Upgrades) (Add).
(Add Upgrade Package) :
, GPO,

(Current Group Policy Object) (Package To Upgrade).
GPO,
(A Specific GPO), (Browse) GPO (Browse For A
Group Policy Object).
(Package To Upgrade).
6. . , ,
(Uninstall The Existing Package, Then Install The Upgrade
Package). ,

(Package Can Upgrade Over The Existing Package).
7. OK, (Add Upgrade Package). ,

(Required Upgrade For Existing Packages). OK, .
176
Windows Server 2008

(certificate revocation list, CRL) ,
(certificate authority, CA).
Active Directory.
.
CA
(autoenrollment). , ,
, .

. ,

.
: (Certificate Services ClientAutoEnrollment
Settings) \
Windows\ \ (Computer Configuration\Windows Settings\Security Settings\Public Key Policies).

(User Configuration).
,
:
1. GPMC GPO
(Edit).
2. Windows\ \ (Windows Settings\
Security Settings\Public Key Policies) (User Configuration) (Computer
Configuration).
3. : (Certificate Services ClientAutoEnrollment Settings).
,
(Configuration Model) (Disabled),
OK . , (Configuration Model) (Enabled).
4. , , .
177
5. , , (Update Certificates That Use Certificate Templates).

6.
,
(Expiration Notification) . , , , 10%
.
7. OK.

, , GPO.

,
:
(Auto Download
And Schedule The Install)
. , ,
. .
(Auto Download
And Notify For Install) , ,
. .
, , , .
(Notify For Download And Notify
For Install) ,
. ,
. , ,
, .
(Allow Local
Admin To Choose Setting)
.
178
Windows Server 2008
.
, :
1. GPMC GPO
(Edit).
2. \ \ Windows\
Windows (Computer Configuration\Administrative Templates\Windows
Components\Windows Update).
3.
(Configure Automatic Updates). , (Enabled). , (Disabled), OK
.
4. (Configure Automatic Update).
5. (Auto Download And Schedule The Install),
. OK, .

,
.
,
. ,
:
1. GPMC GPO
(Edit).
2. \ \ Windows\
3. (Allow Automatic Updates Immediate Installation).
(Enabled) OK.
.
, , :
179
1. GPMC GPO
(Edit).
2. \ \ Windows\
3. , , (Allow
Non-Administrators To Receive Update Notifications).
(Enabled) OK.

:
Windows (Windows Automatic Updates) Windows
. ,
. \ \ (User Configuration\Administrative Templates\System).
ADM- (Turn Off Automatic Update Of ADM Files)
. , ,
. , ,
. \ \\
(User Configuration\Administrative Templates\System\Group Policy).
,
ADM
(Always Use Local ADM Files For The Group Policy
Object Editor).
Windows
(Remove Access To Use All Windows Update Features) Windows. , , .
Windows (Windows Update)
(Start) Internet Explorer (Tools),
(Device Manager).
\ \ Windows\ Windows (User Configuration\Administrative Templates\Windows
180
Windows Server 2008
, , ,

.
(Specify Intranet Microsoft
Update Service Location), .
:
WSUS (Windows Server Update Services),
-,
Microsoft Internet Information Services (IIS), ,
,
.
, 80.
, , - .

. .
( IIS-) , .
, :
1. ,
GPO, .
\ \ Windows\ Windows (Computer Configuration\
Administrative Templates\Windows Components\Windows Update).
2.
(Specify Intranet Microsoft Update Service Location).
(Enabled).
3. URL (Set The Intranet Update Service For Detecting Updates). URL http://_, , http://CorpUpdateServer01, . 5-18.
4. URL
(Set The Intranet Statistics Server).
.
,
, . , URL .
181
. 5-18.

5. OK. GPO , Windows 2000 Service Pack 3

, Windows XP Service Pack 1 ,
Windows Server 2003, Windows Vista Windows Server 2008 .
,
.
, ,
. . , .

(security template) .
, .
, , :
, Kerberos.
,
.
.
.

.

.
, .
Windows Server
2008 .
(Computer Configuration) (User Configuration). \ Windows\ (Computer
183
Configuration\Windows Settings\Security Settings). , , , , , IP.
, ,
. %SystemRoot%\Security\
Templates. (Security Templates), . 6-1.
. 6-1. (Security Templates)
. ,
, :
dc security
.
setup security .
securedc .
securews .
hisecdc .
hisecws .
, ,
, .
,
.
184
Windows Server 2008
(Security Templates) . (Security Configuration and Analysis).

,
. , . , , ,
.
,
:
1. (Security Templates) .
2. .
3. (Security
Configuration and Analysis) .
4. .
5. (Security Configuration And Analysis) , .

(Security Configuration and Analysis)
, :
1. (Start), mmc
(Search) Enter.
2. (File)
(Add/Remove Snap-In).
3. (Add Or Remove
Snap-Ins) (Security Templates) (Add).
4. (Security Configuration and Analysis) (Add). OK.
%SystemDrive%\Users\%UserName%\Documents\Security\Templates. , :
1. (Security Templates)
(Action)
(New Template Search Path).
185
2. (Browse For Folder)

, , %SystemRoot%\Security\Templates. OK.
, . , :
1. (Security Templates) , ,
(New Template).
2. .
3. , .
, .

, .
,

, Kerberos.
,
. , .
10, 4.
, , :
(Account Policies) (Local Policies). , , (Password Policy)
(Account Lockout Policy).
2. . (Computer Setting) .
3. ,
, . 6-2. , (Explain).
, (Define This Policy Setting In The
Template). , .
186
Windows Server 2008
. 6-2.
4. , , .
5. . (Suggested Value Changes)
,
. , (Account Lockout Threshold) Windows
(Reset Account Lockout Counter After) (Account Lockout Duration),
. 6-3.
. 6-3.
(Restricted
Groups) , ,
187
. ,
:
(Restricted Groups).
. ,
.
2. ,
(Restricted Groups)
(Add Group).
(Add Group)
(Browse).
3. : (Select Groups) , , (Check Names). , . , .
4. (Add Members)
. .
,
(Remove). , , .
5. (Add Groups)
, , .
, ,
( ,
).
, , , .
6. OK, .
, :
(Restricted Groups). .
, ,
.
2. , , (Delete). ,
(Yes).
188
Windows Server 2008

. , , :
1. (System Services) , . , . , :
,
(Startup) (Not Defined).
:
(Automatic), (Manual)
(Disabled).
,
(Permission)
(Not Defined). (Configured).
2. ,
, . 6-4.
, (Define This Policy Setting In The Template).
, .
. 6-4.
3. , (Automatic), (Manual) (Disabled).

:
.
189
, .
, .
, .
,
, .
, . .
4. , , (Edit Security)
(Security
For).
, .
5. .

.
, . , :
(Registry) (File System). .
2. ,
(. 6-5).
3. , (Do Not Allow
Permissions On This Key To Be Replaced) OK.
.
4. , (Configure This Key Then).
:
(Propagate Inheritable Permissions To All) ,
,
.
, .
(Replace Existing Permissions On All With Inheritable Permissions) ,
190
Windows Server 2008
,
.
, .
5. (Edit Security). (Security For) . ,
NTFS. 15.
6. , .
. 6-5.
,
:
(Registry), (Add Key).
(Select Registry Key), . 6-6.
2. , ,
. CLASSES_ROOT HKEY_
CLASSES_ROOT . .
3. (Database Security
For) . , NTFS.
15.
4. . (Add Object). ,
(Do Not Allow Permissions On This Key To Be Replaced)
. .
191
. 6-6. ,
4. , (Configure This Key Then).

:
,
. ,
.
(Replace Existing Permissions On All With Inheritable Permissions) ,
,
. , .
5. .
,
:
1. (Security Templates) (File System)
(Add File). (Add A File Or Folder), . 6-7.
2. .
3. (Database Security
For) . , NTFS.
15.
192
Windows Server 2008
4. . (Add Object). ,
(Do
Not Allow Permissions On This Key To Be Replaced) .
.
. 6-7. ,
5. ,
, (Configure This Key
Then). :

,
.
, .

(Replace Existing Permissions On All
With Inheritable Permissions) , ,
. , .
6. .
,
, (Security
Configuration and Analysis) , . -
193
.
, .
,
.
(Security Configuration and Analysis) ,
. , . ,
,
.
, . GPO .
.
(Security Configuration and

Analysis) , .

, .
, :
1. (Security Configuration and Analysis).
2.
(Open Database). .
3. %SystemDrive%\Users\%UserName%\Documents\Security\Database. . (File Name) , , Current Config Comparison,
(Open).
(Security Database Files) .sdb.
4. (Import Template)
%SystemDrive%\Users\%UserName%\
Documents\Security\Templates.
. , , (Open).
.inf.
5.
(Security Configuration and Analysis) (Analyze Computer Now).
OK, .
194
Windows Server 2008
6. . , ,
(View Log File).
(Security Configuration and
Analysis)
. . 6-8,
, ,
(Database Setting).
(Computer Setting). , (Not Analyzed).
, :
1. (Security Configuration
and Analysis) , .
2. , . 6-9,
(Computer Setting).
(Explain).
3. , (Define This Policy Setting
In The Database). , .
4. , .
5. . ,
(Save).
. 6-8.
195
. 6-9.
,
,
. , .

Secedit. :
secedit /generaterollback /cfg /rbk /log
,
, , ,
.
dc
security:
secedit /generaterollback /cfg dc security.inf /rbk dc-orig.inf /log
rollback.log
,
(Configure Computer Now).
, . , (Security Configuration
and Analysis) (View Log File).
.
196
Windows Server 2008
, . , :
and Analysis)
(Import Template).
2. (Import Template) .
3. (Clear
This Database Before Importing) (Open).
4.
(Configure Computer Now). .
, . .

, . (GPO), , .
, GPO,
.

(Computer Configuration). , . ,

. , , ,
. GPO
.
:
; .
, .
.
197
,
.
.
,
.
, , ,
.
GPO
. , .
.
GPO Active Directory,
, GPO. GPO .
GPO ,
:
1. . ,
, GPO, Active Directory.
\ Windows\
(Computer Configuration\Windows Settings\
Security Settings).
2. (Security
Settings)
(Import Policy).
3. (Import Policy From)
(Open).
4. , , , .
GPO .
- .

(Security Configuration Wizard)
.
.xml, , ,
.
198
Windows Server 2008
, . , ,
, , , .
, .
(Security Configuration Wizard) :
;
;
;
.
. .

(Security Configuration Wizard) ,
.
.
,
.
(Security Configuration Wizard) :
(Role-Based Service Configuration)
, .
(Network Security) Windows
.
(Registry Settings) .
(Audit Policy) .
(Save Security Policy)
.
.
, :
1. (Security Configuration Wizard). (Start),
199
(Administrative Tools) (Security

Configuration Wizard).
(Next).
2. (Configuration Action)
(. 6-10). (Create A New Security
Policy). (Next).
. 6-10. ,
3. (Select Server) ,
, , , , . .
, (Browse). : (Select Computer) (Check Names). .
4. (Next).
. (View Configuration Database)
(Processing Security
Configuration Database), .
, (Next).
5. .
, ,
(Role-Based Service Configuration). (Next).
200
Windows Server 2008
6. (Select Server Roles),

. 6-11, . , , , .
, , . , ,
.
. 6-11.
7. (Select Client Features)

,
. , ,
, . .
, .
8. (Select Administration And Other Options) , . ,
, , . , . ,
.
9. (Select Additional Services)
,
. ,
, , .
201
10. (Handling Unspecified

Services) , , , , .
. ,
(Disable The Service). (Next).
11. (Confirm Service
Changes) , .
, .
12. (Network Security) (Next). (Network Security Rules) ,
, , .
, ,
. ,
(Next).
13. (Registry Settings)
(Next).
SMB (Require SMB Security Signatures) SMB. ,
. . .
14. (Outbound
Authentication Methods) , . ,
(Domain Accounts). .
, , (Domain Accounts)
(Local Accounts On The
Remote Computers). , . (Next).
15. (Outbound Authentication Using Domain Accounts)
, . Windows XP Professional
Windows, , . -
202
Windows Server 2008
,
. (Next).
16. (Registry Settings Summary)
,
. ,
. (Next).
17. (Audit Policy)
(Next). (System Audit Policy)
. (Do Not Audit). ,
(Audit Successful Activities). , , (Audit Successful And Unsuccessful Activities). (Next).
18. (Audit Policy Summary) , .
, .
(Next).
19. (Save Security Policy) (Next).
(Security Policy File Name)
. (View Security
Policy). , .
20. , (Include Security Templates).
(Include Security Templates)
(Add). (Open)
, .

. , , , . , -. OK.
21. %SystemRoot%
\Security\Msscw\Policies.
(Browse) . (Save).
(Security Policy File Name).
22. (Next). -
203
(Apply Security Policy) ,

. (Next) (Finish).

.
:
Wizard). (Start), (Administrative Tools) (Security
(Next).
2. (Configuration Action) (Edit
An Existing Security Policy) (Browse). (Open) , , (Next).
XML-.
3. 322 , .

(Security Configuration
Wizard) .
:
(Next).
2. (Configuration Action) (Apply An Existing Security Policy) (Browse).
(Open) ,
, (Next). XML-.
3. (Select Server) ,
. .
, (Browse).
: (Select Computer)
(Check Names). .
204
Windows Server 2008
4. (Next). (Apply Security Policy) (View Security Policy), .

.
5. (Next), . , (Next)
(Finish).

.
:
(Next).
2. (Configuration Action)
(Rollback The Last Applied Security Policy
(Next).
3. (Select Server) , . .
, (Browse).
: (Select Computer)
(Check Names). .
4. (Next).
(Rollback Security Configuration)
(View Rollback File) .
, .
5. (Next), . , (Next) (Finish).

. ,
, .
205
, transform
Scwcmd GPO, ,
, . GPO .

:
scwcmd transform /p: /g:GPO
XML- , GPO GPO. :

scwcmd transform /p:c:\users\wrs\documents\fspolicy.xml /g:FileServer GPO
GPO, , :
1. GPMC , .
(Linked Group
Policy Objects) GPO, ( ).
2. , GPO,
GPO (Link An Existing GPO). (Select GPO) GPO .
GPO .
GPO, Active Directory, , GPO.
:
1. GPMC , .
(Linked Group
Policy Objects) GPO, .
2. GPO.
(Link Enabled) ,
. .
II

Windows Server 2008
7.
Active Directory ..................................................... 208
8.
Active Directory ................ 230
9.
............................................. 267
10. ..................................................... 296

11. ............... 319
Active Directory
Active Directory
, .
.
Active Directory, , ,
,
. ,
Active Directory, .
Active Directory
Windows 2000 Active Directory Windows. Active Directory.
Active Directory
.
Active Directory DNS

Active Directory DNS (Domain Name
System) ,
, .
DNS ,
, . , DNS
, , zeta.microsoft.com, IP-, ,
192.168.19.2. DNS Active Directory
.
(Fully Qualified Domain Name,
FQDN), , zeta.microsoft.com. zeta , microsoft , com .
(top-level domain) DNS , , , -
Active Directory
209
. , ca .
(, com ) (, mil ).
, , microsoft.com, ,
. , , . , , ,
FQDN- jacob.seattle.microsoft.com. jacob , seattle
, microsoft.com .
.
DNS Active Directory, Active Directory DNS .
DNS 20.
Windows Server 2008 Active Directory . Active Directory,
. Active Directory, (Start) dcpromo
(Search). DNS , . ,
Active Directory , .
:
;
, Sysvol;
, DNS;
Active Directory.

, , Active Directory Active Directory.
Active Directory DNS ,
.
,

1, , Windows Server 2008, (read-only domain controller, RODC).
DNS- RODC- DNS (read-only DNS, RODNS). :
RODC , DNS, ForestDNSZones DomainDNSZones.
RODNS-. -
210
II
Windows Server 2008
RODNS- ,

, Active Directory.
DNS-, .
DNS-, . RODNS- DNS-,
. DNS-. .
, RODC-.
RODC.
:
Active Directory (Active Directory
Domain Services, AD DS) Windows Server 2008 Windows
Server 2003 Windows 2000 Server
(schema operations master) , adprep /forestprep.
AD DS Windows Server 2008
Windows Server 2003 Windows Server 2000, (infrastructure master) ,
adprep /domainprep /gpprep.
AD DS RODC
, adprep /rodcprep.
Windows Server 2008 Windows NT 4.0

Windows Server 2008
Windows NT 4.0. ,
Windows NT Server 4.0,
Windows Server 2008, Windows NT Server 4.0 Windows Server 2008.
:
Windows NT Server 4.0 Windows Server 2008;
Windows NT Server 4.0
Windows NT Server 4.0 Windows 2000 Server
Windows Server 2003. , Windows NT Server 4.0 - PDC.
Active Directory
211

Active Directory ,
. , . :
(organizational unit) , ,
.
(domain) .
(domain tree)
.
(domain forest) , .
, .
:
(subnet) IP- .
(site) . .
Active Directory . Active Directory . , microsoft.com,

microsoft.com seattle.microsoft.com ny.microsoft.com.
,
.
, .
, .
InterNIC (http://www.
internic.net).
. . , ,
(. 7-1). , , ,
, , .
212
II
Windows Server 2008

10.1.31.0/24
10.1.32.0/24
10.1.11.0/24
10.1.12.0/24
-
10.1.1.0/24
10.1.2.0/24
-e
10.1.21.0/24
10.1.22.0/24

10.1.41.0/24
10.1.42.0/24
. 7-1. (WAN)
9.
, Windows Server 2008, Active Directory
.
.
, :
Windows 2000 ( ) (Windows 2000 mixed) , Windows NT 4.0
Windows Server. ,
Windows NT 4.0 Windows
Server 2008, Windows Server 2008
Windows NT 4.0.
Windows 2000 ( ) (Windows 2000 native) , Windows 2000
.

.

Active Directory DNS-, , microsoft.com.
, , (forest). DNS
, .
Active Directory
213
(tree),
. 7-2. msnbc.
com seattle.msnbc.com ny.msnbc.com, ,
, . , .
msnbc.com
ny.msnbc.com
seattle.msnbc.com
hr.seattle.msnbc.com
it.seattle.msnbc.com
hr.ny.msnbc.com
it.ny.msnbc.com
. 7-2.
DNS-, . . 7-3,
. msnbc.com microsoft.com
.
msnbc.com
ny.msnbc.com
seattle.msnbc.com
hr.seattle.msnbc.com
it.seattle.msnbc.com
microsoft.com
sf.microsoft.com
eng.sf.microsoft.com
bus.sf.microsoft.com
miami.microsoft.com
bus.miami.microsoft.com
. 7-3.
Active Directory (Active Directory Domains And

Trusts), . 7-4. MMC, (Administrative Tools).
.
214
II
Windows Server 2008
. 7-4. , Active
Directory (Active Directory Domains And Trusts)
.
, :
Windows 2000 ,
Windows NT 4.0 Windows Server.
Windows NT
4.0 Windows Server 2008, Windows Server
2008 Windows NT 4.0.
Windows Server 2003 Windows Server 2003 Windows Server 2008.
Windows Server 2003
Active Directory, Windows 2000. , Active Directory.
, . , , , .
Windows Server 2008
Active Directory Windows Server
2003 . ,
, . , FRS DFS-.
PDC Windows Server 2008.
Active Directory
215
, ,
. , . ,
microsoft.com
HumanResources, IT, Engineering Marketing.
, , , OnlineSales, ChannelSales PrintSales Marketing.
, ,
. , seattle.microsoft.
com .
ny.microsoft.com.
,
. :

, .
.

.
,
. , , , .
Directory Users And Computers)
(. 7-5). MMC.
. 7-5. Active Directory (Active Directory Users And

Computers) , ,

216
II
Windows Server 2008

IP-.
. ,
. Active Directory
, . IP-
.
. , IP-,
IP- .
/ , , 192.168.19.0/24. 192.168.19.9 255.255.255.0
192.168.19.0/24.
, . , Windows Server
2008 .
. ,
(well connected). ,
. , , . :
,
, ,
. ,
,
.
,
. , ,

.
. , , - (bridghead server). - ,
, .
Active
Directory (Active Directory Sites And Services), . 7-6. MMC,
Active Directory
217
. 7-6. Active Directory

(Active Directory Sites And Services)
Active Directory
Windows Server 2008 Active Directory,
DNS, Active Directory DNS . Active
Directory , . DNS ,
, . Windows Server 2008 DNS
, , zeta.microsoft.com,
IP-, , 172.16.18.8. DNS
DNS 20.
Active Directory Windows 2000

, Windows 2000, Windows XP Windows Vista
Active Directory.
Active Directory ,
, .
, , ,
.
.
, Windows 2000 Server, Windows
Server 2003 Windows Server 2008,
.
, Active Directory.
, Active Directory,
, .
Active Directory -
218
II
Windows Server 2008
.
dcpromo.exe.
. , .

.

. ,

. -,
. , . ,
,
(operations master). FSMO (flexible single master
operations), .
.
, Windows 2000,
Windows XP Professional, Windows Vista, Windows Server 2003 Windows
Server 2008, . , Active Directory
.
, , .

(global catalog, GC) Active
Directory. , . ,
,
. Windows Server 2003 Windows Server
2008 . .

, Windows NT, Windows
2000, Windows XP, Windows Vista, Windows Server 2003 Windows Server
2008, . Active
Directory , :
Windows 2000 ( ) (Windows 2000 mixed) Windows Server 2008. Windows Server
2008, Windows Server 2008
Windows NT.
Active Directory
219
, ,
Active Directory, , , , (key distribution center, KDC) Kerberos.
Windows 2000 ( ) (Windows 2000 native)
, Windows Server 2008, Windows Server 2003 Windows 2000.
Windows NT . , , Kerberos.
Windows Server 2003 Windows Server 2003 , Windows
Server 2008 Windows Server 2003. Windows NT Windows 2000 . ,
Windows Server 2003, Active Directory, , ,
, Kerberos.
Windows Server 2008 Windows Server 2008 , Windows Server
2008. Windows NT, Windows 2000
Active Directory, DFS, .
Windows 2000
(primary domain
controller, PDC), (backup domain controller,
BDC) Windows NT
Windows 2000, Windows 2000.
Windows 2000, Windows Server
2003 Windows Server 2008. Windows 2000
. ,
,
Windows NT, Windows NT.
Windows 2000, :
Kerberos v5,
NTLM .
PDC BDC
Windows NT.
220
II
Windows Server 2008
Windows NT.
Windows 2000
.
Windows Server 2003
Windows NT, Windows Server 2003.

Windows 2000 Windows Server 2003 Windows Server 2008.
, Windows 2000, .
Adprep.exe ,
,
. , , . Adprep i386
, , dsquery server -hasfsmo schema. :
CN=CORPSERVER01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,
CN=Configuration,DC=microsoft,DC=com.
, COPRSERVER01
microsoft.com.
,
, dsquery server -hasfsmo infr.
,
Active Directory.
Windows Server
2003 Windows Server 2008
. Windows
Server 2003, ,
Windows NT, Windows NT
Windows 2000 .
Windows Server 2008
Windows NT Windows 2000,

Windows Server 2008. Windows Server 2003 Windows Server 2008. Windows Server 2008.
, Windows Server 2003, Windows Server 2008,
Active Directory
221
Adprep.exe. ,
:
1. Sources\Adprep Windows Server
2008 adprep /forestprep. , adprep /rodcprep.
, , .
2. Sources\Adprep Windows
Server 2008 adprep /domainprep.
, .
, .
,
Active Directory. Windows Server 2008 .
Windows NT,
Windows NT, Windows 2000 Windows Server 2003
.

, Windows Server 2003,
Active Directory, , , ,
Kerberos.
:
;
, Windows Server
2008;
;
;

.
222
II
Windows Server 2008
, Windows Server 2003,

Active Directory,
, , , ,
.

, . 15 .
, .
.
( ).
, :
1. (Start) (Administrative Tools) Active Directory
(Active Directory Domains And Trusts).
2. , , (Raise
Domain Functional Level). (Raise Domain Functional Level), .
3. (Raise). , .
4. OK, .
.
, :
1. (Start) (Administrative Tools) Active Directory
(Active Directory Domains And Trusts).
2. Active Directory (Active Directory Domains And Trusts) (Raise Forest Functional Level).
(Raise Forest Functional Level),
.
3.
(Raise). ,
.
4. OK,
.
.
Active Directory
223

Active Directory .
.
, Active Directory, , ,
.
,
.
. , , ,
, .

Active Directory, .
, Active Directory.
.

. .
Windows Server 2008
(application directory partitions).
, ,
, , ,
. , DNS , DNS .
,
. Active Directory, Windows Server
2008, .
, ,
, .

,
, , .
(directory),
Active Directory.
Ntds.dit, Active Directory.
224
II
Windows Server 2008
NTFS,
. , ,
(Sysvol).
, . , ,
.
.
, . .
, ,
:
: , , .
: ,
, .
, . , Windows Server
2008, , .
,
.

,
,
.

. , , .
, . , .
,
. , . . ,
Active Directory
225

. .
, ,
, .
, . , .
,
,
.
.
, .
, .
, . , .
, .

.
, ,
, ,
.
.
. .
,
.
.

, , .
, .

. .
, , -
226
II
Windows Server 2008
,
. .
, , , . -,
, ,
8.
,
.
.
. , . , :
.
.

.
, ,
.
.
, , IP . ,
Windows Server 2008, , , . , . ,
Windows Server 2008, Windows Server 2008. , ,
8.
Active Directory
(FRS DFS), : , .
. . ,
.
, :
Active Directory
227
;
;
.
,
, ( )
.
, :
1. A.
, . ,
.
2. A. , . ,
, . .
.
3. A ,
.
,
. .
4. B .
A B
,
. A , . B.
Active Directory LDAP

(Lightweight Directory Access
Protocol, LDAP) TCP/IP-.

. LDAP
, .
Active Directory LDAP , Active Directory,
. LDAP Active Directory.
228
II
Windows Server 2008
LDAP ,
. Active Directory .
ADSI
(Active Directory Service Interface), API LDAP, RFC 1823.
ADSI Windows Script Host Active
Directory.

,
.
, . ,
.
Active Directory :
(schema master) . , . ,
,
dsquery server -hasfsmo schema.
(domain naming master) . , .
, , dsquery server -hasfsmo name.
,
, .
Active Directory :
RID (relative ID master) . , , , ,
,
RID. , RID,
dsquery server -hasfsmo rid.
PDC (PDC emulator)
, PDC Windows NT. Windows NT,
. -
Active Directory
229
, PDC ,
dsquery server -hasfsmo pdc.
(infrastructure master)
, . ,
,
. ,
, dsquery server -hasfsmo infr.
.
, RID,
PDC .
, , ,
. , .
, .
. ,
RID, PDC . .
,
. , .
, .

,
, .
. , .
. . , .
. .
RID PDC,
. , , , RID
PDC . ,
, . .

Active Directory
Active Directory
, Active Directory. , ,
. ,
Active Directory, , .
Active Directory
Active Directory , , .
Active Directory
Active Directory MMC. Active Directory:
Active Directory (Active Directory Users
And Computers) , , .
Active Directory (Active Directory Domains And
Trusts) , .
Active Directory (Active Directory Sites And Services) .
(Group Policy Management)
.
MMC
Windows, .
, ,
Active Directory
231
, 445
TCP. Windows:
(Windows Firewall: Allow Remote Administration Exception) \ \\ \
Windows\ (Computer Configuration\Administrative
Templates\Network\Network Connections\Windows Firewall\Domain Profile) netsh firewall set portopening
tcp 445 smb enable. 840634
(http://support.microsoft.com/default.aspx?scid=kb;en-us;840634).
Active Directory (Administrative Tools).

MMC. , Windows Server 2008, .
(Add Feature Wizard).
-, :
Ctrl, , .
Shift, .
, , ,
.
, ,
, , (Properties).
Active Directory
Active Directory
:
ADPREP Windows 2000 Windows 2003. adprep /forestprep adprep /domainprep, .
Windows Server 2003 SP1 , Windows Server 2008 . adprep /domainprep /gpprep. (ACE)
(GPO) Sysvol,
.
. , NT (NTFRS) . adprep /domainprep
/gpprep .
232
II
Windows Server 2008
DSADD Active Directory , , ,

.
dsadd /?, ,
dsadd computer /?.
DSGET , , , , Active Directory.
dsget /?, , dsget server /?.
DSMOVE
, .
dsmove /?.
DSQUERY Active Directory , , , , , ,
.
dsquery /?.
DSRM Active Directory. dsrm /?.
NTDSUTIL
, , , Active Directory. ntdsutil /?.
Active Directory
Windows Server 2008
Active Directory. . 8-1 , Active Directory.
ADSI Edit
Adsiedit.msc

Active Directory ,

Active Directory
Ldp.exe
LDAP
Active Directory
Dsacls.exe
ACL
Active Directory
Dfsutil.exe

(DFS)

Active Directory
233
. 8-1. ()
DNS
Dnscmd.exe
,
DNS
Repadmin.exe

Windows
Netdom.exe
Active Directory
(Active Directory Users And Computers)
Users And Computers) Active
Directory. , , , .
Active Directory
(Administrative Tools). ,
Active Directory
(Active Directory Users And Computers) .
Active Directory
Active Directory
(Active Directory Users And Computers) ,
. (. 8-1).
,
. , ,
.
Active Directory (Active Directory Users And Computers) :
(Saved Queries) , Active Directory.
Builtin .
Computers .
Domain Controllers .
234
II
Windows Server 2008
ForeignSecurityPrincipals . ,
.
Users .
Directory Users And Computers) ,
. (View) (Advanced
Features). :
LostAndFound . .
NTDS Quotas .
Program Data Active Directory
Microsoft.
System .
, . . 8-1
: , , ,
.
. 8-1. Active Directory (Active Directory Users And

Computers)

.
Directory Users And Computers) ,
, .
, .
,
.
Active Directory
235
, :
1. Active Directory
(Active Directory Users And Computers) (Change Domain Controller).
2. (Change Domain Controller), . 8-2, , .
. 8-2.
3. (Change To) . (Any Writable Domain Controller).

,
. ,
, .
4. Active Directory (Active Directory
Users And Computers), (Save This Setting For The Current Console).
5. OK.
(Change Domain Controller) , ,
, .
GC, , .

Users And Computers) -
236
II
Windows Server 2008
.
:
1. Active Directory (Active Directory Users And Computers) (Change Domain).
2. (Change Domain)
.
(Browse). OK.
3.
And Computers),
(Save This Domain Setting For The Current Console).
4. OK.

Users And Computers) ,
, .
, :
1. , ,
(Find). (Find),
. 8-3.
2. (Find) . :
, (Users, Contacts And Groups)
, ,
.
Active Directory
237
(Computers)
, .
(Printers) , .
(Shared Folders)
.
(Organizational Units)
.
(Custom Search)
LDAP.
(Common Queries)
, ,

.
3. (In) ,
. , ,
Computers, .
, Active Directory (Entire
Directory).
4. (Find Now). . 8-4.
. .
. 8-4. .

238
II
Windows Server 2008
(Find) . (Name). .
, ,
, , , . .

Active Directory . .
Users And Computers),
Computers, Domain Controllers, .

, , , . Computers Domain Controllers

. ,
Active Directory

Active Directory
: . Active Directory
, :
1. Active Directory (Active Directory Users And Computers) , .
2. (New) (Computer). (New Object Computer Wizard),
. 8-5. .
3.
(Domains Admins).

, (Change) : (Select User Or Group).
Active Directory
239
.

.
4. Windows NT,
-Windows 2000 (Assign This Computer Account As A PreWindows
2000 Computer).
5. (Next), (Finish).
. 8-5.
(managed)
,
Windows. Active Directory (Active
Directory Users And Computers), :
1. 14 .
(Next), (Managed).
2. (This Is A Managed
Computer) GUID/UUID . GUID/UUID BIOS;
. (Next).
3. - (Host Server) -,
, -.
-,
(The Following Remote Installation Server) (Find). (Find)
(Find Now) -
240
II
Windows Server 2008
. -, ,
OK.
4. (Next) (Finish).

, :
1. Active Directory (Active Directory Users And Computers).
.
2. ,
.
3. , , (Properties).
, .
,
, Active Directory ,
.
, ,
:
1. Active Directory (Active Directory Users And Computers). , . .
2. (Delete),
. (Yes), .
3. (Disable Account), . (Yes), .
4. (Enable Account),
.
, , , .
(Sessions) (Computer Management).
, . , ,
.
, 30 , ,
Active Directory
241

. 30 . . , Netlogon

3210 5722.
.
And Computers)
(Reset Account). (
), .
NETDOM. 325850 (http://support.
microsoft.com/default.aspx?scid=kb;en-us;325850).
, :
1. . netdom
resetpwd /s: /ud:\ /pd:*, ,
, \ , , *
, .
2. . NETDOM
.

.
3. .
.
, Kerberos (Kerberos Key Distribution Center)
.
,
Kerberos (Kerberos Key Distribution Center) .

Computers, Domain Controllers ,
. , Active Directory (Active
.
242
II
Windows Server 2008
, :
2. ,
.
3.
(Move). , . 8-6.
4. (Move) , . OK.
. 8-6. (Move)

(Computer Management)
.
Users And Computers), (Manage).
(Computer Management) .

Windows NT, Windows 2000, Windows XP, Windows Server
2003 Windows Server 2008 .
Windows 95 Windows 98
.
Active Directory
243
Windows 95 Windows 98
Active Directory.
, . . TCP/IP
17. TCP/IP
.
DHCP, WINS DNS, IP- .
, .
Widows Server 2008
(Authenticated Users). , , , , . ,
, .
, , Windows NT ,
. Windows 2000
Windows XP ,
, , . Ldp.exe Windows Server 2008 Support
Tools ( ms-DS-MachineAccountQuota)
, , .

- .
, , . , . . ,
Windows Vista
(Computer Name) 3. Windows 2000 Professional, Windows 2000 Server,
Windows XP Professional Windows Server 2003.
,
, . , , . , , ,
Windows, , .
244
II
Windows Server 2008
. ,
TCP/IP DNS- ( 17).
,

Active Directory
, 7.

Active
Directory . , , , , . ,
, , ,
, 7.
, , .
, Active Directory
DNS. ,

. , , . , .
, Windows Server 2003 Windows Server
2008 . .
, , ,
, , . .
, , .
, :
1. , .
(Roles) (Add Roles) . (Add Roles
Wizard). (Before You Begin), (Next).
Active Directory (Active Directory Domain
Services), (Next) (Install).
Active Directory
245
3. (Start), dcpromo
(Search) Enter.
Active Directory (Active Directory Domain Services Installation Wizard).
4. ,
Active Directory. ,
. :
(Directory Service) , , Sysvol, DNS,
Active Directory.
, :
1. , .
(Start), dcpromo (Search)
Enter. Active Directory (Active Directory Domain Services Installation Wizard).
2. , . .
3. (Roles)
(Remove Roles) . (Remove Roles Wizard). (Before You Begin),
(Next).
4. (Remove Server Roles)
Active Directory (Active Directory Domain
Services), (Next). , (Finish).
! DCPROMO
. 332199 ,
dcpromo /forceremoval. FSMO ,
.
, . , , 216498
(http://support.microsoft.com/kb/216498/en-us).
. Windows Server 2003 Windows
Server 2008. ,
Windows Server 2008. ,
246
II
Windows Server 2008

. ,
.

Active Directory (Active Directory Users And Computers). RID, PDC .

7.
Active Directory (Active Directory Domains And Trusts),
Active Directory (Active Directory Schema). FSMO,
netdom query fsmo.
, :
1. Active Directory (Active Directory Users And Computers) Active Directory (Active Directory Users And Computers). (All Tasks)
(Operations Masters).
(Operations Masters), . 8-7.
. 8-7. (Operations Masters)

Active Directory
247
2. (Operations Masters) . RID

RID. PDC PDC.
(Infrastructure) .
, :
Directory Users And Computers) (Change Domain Controller).
2. (Change Domain Controller) (This Domain
Controller), , OK.
3. Active Directory
(All Tasks) (Operations Masters).
4. (Operations Masters)
RID, PDC (Infrastructure) , .
5. (Change). OK.

Active Directory
(Active Directory Domains And Trusts). .
, , , . ,
Active Directory (Active Directory Domains And Trusts) .
, :
1. Active Directory (Active Directory Domains And Trusts).
Active Directory (Active Directory Domains
And Trusts) Active Directory
(Change Active Directory Domain Controller).
248
II
Windows Server 2008
2. (Change Active Directory

Domain Controller)
(This Domain Controller), ,
, OK.
3. Active Directory (Active Directory Domains And Trusts) (Operations Master).
(Change Operations Master).
4. (Domain Naming Operations Master) .

(Change).
5. (Close).

Active Directory (Active Directory Schema), Windows Server 2008. regsvr32 schmmgmt.dll.
, :
1. Active Directory (Active Directory Schema)
MMC.
2. Active Directory
(Active Directory Schema) Active Directory (Change Domain Controller).
3.
(Any Domain Controller), Active Directory
. (Specify Name) , , zeta.seattle.cpandl.com.
4. OK.
Active Directory (Active Directory Schema) (Operations Master).
5. (Change Schema Master) (Change). OK (Close).

NETDOM.
FSMO
Ntdsutil.exe. Ntdsutil.
exe Active Directory.
:
Active Directory
249
1. FSMO.
netdom query fsmo.
2. ,
. .
3. (Start), (Run),
cmd (Open) OK.
4. ntdsutil.
.
5. roles, .
6. fsmo maintenance connections.
server connections connect to server FQDN- , FSMO, :
connect to server engdc01.technology.adatum.com
7. , quit, server connections. fsmo maintenance

transfer :
pdc PDC;
rid master RID;
infrastructure master ;
schema master ;
domain naming master .
8. fsmo maintenance quit, quit ntdsutil.

, , , , RID.
, , , RID .
! , , ,
, .

Windows Server 2008. FSMO , , Active Directory .
216498 (http://support.microsoft.com/default.aspx?scid=kb;en-us;216498).
, ,
250
II
Windows Server 2008
. Active Directory

(USN). , ,
- .
USN , ,
. , . , ,
.
Windows Server 2008 Repadmin
Active Directory. USN
,
:
repadmin /showutdvec
FQDN- ,
, , :
repadmin /showutdvec server252.cpandl.com dc=cpandl,dc=com
USN :
Default-First-Site-Name\SERVER252 @ USN 45164 @ Time 2008-03-30 14:25:36
Default-First-Site-Name\SERVER147 @ USN 45414 @ Time 2008-03-30 14:25:36
Server252 , ,
, USN,
Server252, .
USN, Server252, ,

.
Repadmin /Syncall.
:
1. netdom query fsmo,
FSMO.
2. , , ,
, .
, (, , ).
3. ,
. .
4. .
Active Directory
251
5. ntdsutil.
6. ntdsutil roles, .
7. fsmo maintenance connections.
server connections connect to server FQDN- , FSMO, :
connect to server engdc01.technology.adatum.com
8. , quit, server connections. fsmo maintenance seize

, :
pdc PDC;
rid master RID;
infrastructure master ;
schema master ;
domain naming master .
9. fsmo maintenance quit, quit ntdsutil.

, 7.

. ,
, ,
, . .
, :
1. Active Directory (Active Directory Sites
And Services) , .
2. Servers , .
3. NTDS Settings
(Properties).
4. , (Global Catalog)
(General).
5. ,
(Global Catalog) (General).
252
II
Windows Server 2008
! , .
, Active Directory.

. , Windows Server 2008, , ,
.
,
7.

, :
And Services) , .
2. NTDS Site Settings (Properties).
3. , (Enable Universal Group Membership Caching) (Site Settings). (Refresh Cache
From) , .
.
4. ,
(Enable Universal Group Membership Caching)
(Site Settings).
5. OK.

7,
, . .
, .

. ,
, ,
. .
Active Directory
253
, :
1. Active Directory (Active Directory Users And Computers) , .
(New) (Organizational Unit).
2. OK.
3. .

:
2. , ,
(Properties).

,
:
1. Active Directory (Active Directory Users And Computers) ,
.
2. , (Delete).
(Yes), .
3. ,
(Rename). Enter.

, Active Directory (Active
Directory Users And Computers) .
:
1. Active Directory (Active Directory Users And Computers) ,
. (Move).
2. (Move)
, . OK.

Active Directory Active Directory
254
II
Windows Server 2008
.
Default-First-Site-Name, DEFAULTIPSITELINK.

. .
:
1. .
2. .
3. .
4. . .
.

,
. , :
And Services) Sites (New Site).
2. (New Object Site), . 8-8, , , ChicagoSite.
, .
. 8-8.
3. ,
. , ,
, .
Active Directory
255
4. OK. , .
OK.
5. , .
.
Active Directory (Active Directory Sites And Services)
(Rename).
Enter.

, , . ,
, IP- , . ,
.
, :
And Services) Subnet (New Subnet). (New Object Subnet),
. 8-9.
. 8-9.
256
II
Windows Server 2008
2. (Prefix) IPv4 IPv6

: , ,
. , 192.168.5.0,
24 , 192.168.5.0/24.
3. , , OK.
. Active Directory (Active Directory Sites And Services)
Subnets (General)
(Site).

, , . , .
, ,
, .
.
, IP-
IP- .
; , .
,
, . :
dsquery server -s | dsget server site
FQDN- , :
dsquery server -s server241.cpandl.com | dsget server site
, ,
.
, :
And Services) , ,
Servers. , .
2. (Move). (Move
Server) , , OK.
Active Directory
257
, , .
, , ,
.

IP-, . ,
.
(site link)
. , ,
.
, , .
24 7
. ,
, ,
.
,
(cost), . 100.
,
.
, , .

RPC IP SMTP. IP RPC IP,
, Active Directory.
RPC IP
.
SMTP
, .
. ,
. SMTP ,
.
SMTP, .
SMTP, . IP .
258
II
Windows Server 2008
,
:
And Services) Sites Inter-Site Transports.
2. , (IP SMTP),
(New Site Link).
3. (New Object Site
Link), . 8-10, , , ChicagotoSeattleLink.
, .
. 8-10.
4. (Sites Not In This Site Link) , , (Add),

(Sites In This Site Link). ,
. . OK.
, , . ,
:
And Services)
(Properties).
2.
(General). (Cost)
. 100.
Active Directory
259
3. (Replicate Every) . 180 .

4. 24 , 7 .
, (Change Schedule) (Schedule For). OK.
, ,
:
And Services)
(Properties).
2.
(General). (Sites Not In This Site
Link) , , (Add),
(Sites In This Site Link). ,
.
3. ,
, (Remove), (Sites Not In This Site
Link). ,
, OK.

. , . . ,
.
,
, ,
, .
, .
,
,
. ,
.
, . , ,
, .
, , . -
260
II
Windows Server 2008
, , . .
,
, .
Active Directory . , ,
, , . :
2. , (IP SMTP),
(Properties).
3. , (Bridge All Site Links)
OK.
.
4. , (Bridge All Site Links)
OK. , .
,
, :
2. , (IP SMTP),
(New Site Link Bridge).
3. (New Object
Site Link Bridge) . , .
4. , (Site Links Not In
This Site Link Bridge) , ,
(Add), ,
(Site Links In This Site Link Bridge).
, . . OK.
, , :
1. Active Directory (Active Directory Sites And
Services) ,
, (Properties).
Active Directory
261
2. (General). , (Site Links

Not In This Site Link Bridge) ,
, (Add),
, (Site Links In This Site
Link Bridge). , .
3. , (Site Links In This Site
Link Bridge) ,
, (Remove),
, (Site Links Not In This Site
Link Bridge). , . OK.
Active Directory
Active Directory
. , ,
.
ADSI (ADSI Edit)

Active Directory ADSI (ADSI Edit). . ,
,
, (Configuration)
RootDSE. , .
ADSI (ADSI Edit)
MMC, :
Enter.
3. (Add Or Remove
Snap-Ins) ADSI (ADSI Edit) (Add). OK.
, :
1. MMC
ADSI (ADSI Edit) (Connect To).
(Connection Settings), . 8-11.
262
II
Windows Server 2008
. 8-11.
2. (Connection Settings)

(Select A Well Known Naming Context). ,
.
3. OK, . (Select Or Type A Domain Or Server)
,
, , , FileServer252.
cpandl.com:389. 389 LDAP.
. 8-12. ,

, , . . 8-12,
Active Directory
263
.

.

.

(Iter-Site Topology Generator, ISTG) . , ISTG
, , .
ISTG , .
, ISTG,
:
And Services) Sites, ,
ISTG.
2. NTDS Site Settings. ISGT
(Inter-Site
Topology Generator).
-
, ISTG
. , ISTG -
,
.
ISTG - Active
Directory, , . , .
, -, , . -, . , :
repadmin /bridgeheads site:
, :
repadmin /bridgeheads site:SacramentoSite
- , ,
264
II
Windows Server 2008
- . ,
ISTG -. - , ,
-.
. ISTG .
ISTG - .
-
. , -
.
, , ISTG (Directory Services) .
-,
:
And Services) , ,
Servers. ,
-,
(Properties).
2.
(Transports Available For Inter-Site Data Transfer) , .
(Add).
IP SMTP, . OK.
-, .
, .
, -
ISTG -.
, :
And Services) , -,
(Properties).
2. -
(This Server Is A Preferred Bridgehead Server
For The Following Transports) (Remove).
OK.
Active Directory
265
Active Directory

, , - . , .
Active
Directory, . , Active Directory
, LDAP, DNS, Kerberos v5 RPC.
, . Active
Directory TCP UDP. :
LDAP 389 TCP UDP 686 TCP .
3268 TCP. Kerberos v5 88 TCP UDP.
DNS 53 TCP UDP.
SMB IP 445 TCP UDP.
, Sysvol Active Directory
(FRS), (DFS).

.
Active Directory
(update sequence number, USN).
,
, .
, .
. uSNChange,
USN, .
USN,
USN . USN . USN ,
, ,
. USN
, .
266
II
Windows Server 2008
Repadmin. Repadmin, ,
, . DCList :
* .
* ,
.
Site: .
Gc: .
Repadmin , ,
, . . 8-2.
. 8-2.

(Knowledge Consistency Check, KCC)

repadmin /kcc DCList [/async]
-
DCList.
repadmin /bridgeheads DCList ]

[/verbose]
repadmin /showoutcalls DCList
repadmin /showtrust DCList
, KCC
repadmin /failcache DCList
repadmin /showconn DCList
repadmin /showctx DCList
ISTG
repadmin istg DCList [/verbose]
repadmin /showrepl DCList
repadmin /replsummary DCList
repadmin /showcert DCList
repadmin /queue DCList

ISTG Keep Alive
repadmin /latency DCList

[/verbose]

Windows Server 2008. 8 ,
.
.

. ,
, , ,
.

.

. ,
. , , .
Windows Server 2008

Windows Server 2008 , . .

Windows Server 2008 , . , ,
,
Active Directory.
, , , , .
268
II
Windows Server 2008
Windows Server 2008 . Windows 2000, Active Directory

Kerberos v5.
NTLM .
NTLM, : LAN Manager
(Network Security: LAN Manager Authentication Level).

NTLMv2 (Send NTLMv2 Response Only),

NTLM Version 2, . ,
Active Directory .
Windows Server
2008 (Single Sign-On),
:
1. , - .
2. .
, .
Active Directory,
.
3.
.
, , ( ). ,
,
.
Windows Server 2008 Active Directory
(Active Directory Federation Services, ADFS), . , ,
.
,
-, .
(Federated Authorization).
, ,
.
269

Active Directory -
. , , ,
. , :
, ;
, ;
;
.

(access control entry, ACE). Active Directory
. ,
. ,
(Domain Admins) , .
, :
.
.
ACE , .

Windows Server 2008 ( ).
.
.
. .
Windows Server 2008 InetOrgPerson.
, , -, . InetOrgPerson
X.500 LDAP
, .
InetOrgPerson, .
, . InetOrgPerson
InetOrgPerson, , , .
InetOrgPerson - -
270
II
Windows Server 2008

And Computers) User.

, Active Directory. . Active Directory
,
. ,
. (Local
Users And Groups).

.
(SAM) Active
Directory .
.
.
,
.
Windows Server 2008 wrstanek,
cpandl.com,
wrstanek@cpandl.com. Windows Windows 2000
CPANDL\wrstanek.
Active Directory, (fuly qualified domain name,
FQDN). FQDN- DNS- ,
, , . cpandl.com\users\wrstanek DNS cpandl.com ( ) users
wrstanek.

. . .
, -
271
- .

Windows Server
2008 ,
(security identifier, SID) , .
SID
(relative identifier, RID), RID.
Windows Sever 2008 SID .
.
, , - , .
.
SID .
, SID,
,
.

. ,
, . , ,
. ,
, .
, , .
Active Directory
,
\_. , cpandl\gmarketing
gmarketing cpandl.
FQDN- DNS- , , , .
cpandl.com\users\gmarketing cpandl.com
DNS- , users , gmarketing
.
272
II
Windows Server 2008
, ,
, . , marketing,
. , , ,
. , .
.

,
. (Local Users And Groups).
,
. Active Directory (Active
Directory Users And Computers).
,
. . Active Directory (Active
, ,
, .
.
Active Directory
(domain local), (built-in
local), (global) (universal) .
, , . ,
. ,
.
, .
.
, .

, .
,
,
273
, .
, .
,
,
.
,
. Active Directory Windows 2000 Windows Server 2008.
.
. . .
.
, .
, .
,
. 9-1. 10.
. 9-1.
Windows 2000

,
;

Windows 2000
274
II
Windows Server 2008
. 9-1. ()
, , SID. ,
, , .
, .
Windows Server 2008 . SID ,
SID , .
. :

.
,
.
, , .
.
.
, .
,
.
,
. , :
275
. , ,
.

. , .
. .
.
,
,
.
, ,
, . .
, .
, .
, , -.
, . Seattle, Chicago NY. :
( ). . ,
-, .
MarketingPrinter MarketingData.
, . , -.
, , - .
, :
1. . Seattle GMarketing . Chicago
GMarketing .
, NY GMarketing -.
2.
. LocalMarketingPrinter,
276
II
Windows Server 2008
LocalMarketingData. Seattle, Chicago NY .

3. UMarketing .
Seattle\GMarketing, Chicago\GMarketing NY\
GMarketing.
4. UMarketing LocalMarketingPrinter LocalMarketingData .
.

Windows Server 2008
. . :
(built-in) , , .
(predefined)
, .
(implicit) , .
,
, .

Windows Server 2008
:
(Local System) .
(Administrators)
. ,
, .
(LocalSystem) .
. , ,
LocalService NetworkService.
LocalService , . (Users) ,
NetworkService,
. -
277
,
.
NetworkService , .
(Users) , ,
(LocalSystem), , LocalService. ,
,
.

.
, .
IIS ,
IUSR_hostname, hostname .
IUSR_hostname IIS. Active Directory,
IIS . ISS
.

Windows Server 2008 , (Administrator)
(Guest). , .
Active Directory.
.
(Administrator)
(Administrator) , , .
. Active Directory
(Administrator)
. (Administrator), ,
. (Administrator), .
14.

, . ,
(Administrator),
278
II
Windows Server 2008
, . , , .
,
(Administrator) . , , . (Administrator) : (Administrators),
(Domain Admins), (Domain Users), (Enterprise Admins), -
(Group Policy Creator Owners) (Schema
Admins).
.

(Administrator) , ,
. . ,
.
(Administrators).
, (Administrator).
, , . (Administrator).

, .
(Administrator) .
(Guest)
,
, , .
, ,
. , Windows
Server 2008 .
(Guest)
(Domain Guests) (Guests). ,
,
(Everyone). (Everyone) . (Everyone) .
(Guest),
, .
(Administrator),
.
279

Windows Server 2008 . , ,
(Administrators).

Windows NT
, . , ,
(Interactive). Windows 2000 -
. - , ,
.
, (special identity).
,
, , , , . ,
.
.

, . ,
,
. , .
(priviledge) .
, . .
(logon right) .
, .
.
(built-in capabilities)
. -
280
II
Windows Server 2008
,
, .

, . .
, (Administrators), ,
.
(access permission) , . , .

. 15.

. . ,
, .
,
.

. , , . , ,
.
.
. 9-2 ,
. 10.

(Back Up
Files And Directories)

(Lock Pages
In Memory)

(Restore Files And
Directories)
281
. 9-2. ()

(Perform Volume
Maintenance Tasks)

(Add Workstations To
Domain)

(Shut Down
The System)

(Load And Unload
Device Drivers)

Plug and Play.
,

(Replace A
Process Level Token)

(Modify An
Object Label)
, , ,
, .
. ,
,
, ,

(Modify Firmware
Environment Values)

(Change The
System Time)

(Change The
Time Zone)
(Impersonate A Client
After Authentication)
-
.

282
II
Windows Server 2008
. 9-2. ()

(Adjust
Memory Quotas For
A Process)

(Bypass
Traverse Checking)
,
,
.

(Remove Computer
From Docking Station)

(Debug Programs)
(Force Shutdown
Of A Remote System)
(Profile A
Single Process)
(Profile System
Performance)

(Act As Part Of The
Operating System)

. , ,
(LocalSystem),

(Enable User
And Computer Accounts
To Be Trusted For
Delegation)

,
(
)

(Synchronize Directory
Service Data)
283
. 9-2. ()

(Take Ownership Of
Files Or Other Objects)
Active Directory

(Generate
Security Audits)

(Create Global
Objects)
.

LocalService NetworkService

(Create A
Token Object)
-,
.
(LocalSystem),

(Create Permanent
Shared Objects)
.
,
(Create
Symbolic Link)
, ,
.
,
. ,

(Create
A Pagefile)

(Increase
Scheduling Priority)

,
( )

(Increase A Process
Working Set)

, . , .

(Manage Auditing
And Security Log)
284
II
Windows Server 2008

(logon right) , . , .
. 9-3 . , , 10.

(Log On As A Batch
Job)

(Log On As A Service)
.
(LocalSystem)
. , ,

(Access Credential Manager
As A Trusted Caller)

(Credential Manager).
, ,
-,

(Access This Computer
From The Network)

(Deny Logon Through
Terminal Services)

(Deny Logon Locally)

(Allow Log On Locally)

.
.

(Administrators), (Account
Operators), (Backup Operators),
(Print Operators)
(Server Operators).

(Deny
Access To This Computer
From The Network)
285
. 9-3. ()

(Deny
Logon As Batch Job)
(Deny Logon As
Service)

(Allow Log On Through
Terminal Services)
Active Directory
Active Directory . .
9-4
Active Directory ( , ). ,
, (Everyone), , (Guests). ,
(Guests)
, - , (Everyone).

(Back Up Files And Directories)
(Administrators),
(Server Operators),
(Backup Operators)

(Restore Files And
Directories)
(Administrators),
(Server Operators),
(Backup Operators)

(Log On As A Batch Job)
(Administrators),
(Backup Operators),
(Performance
Log Users), IIS_IUSRS
(Perform Volume
Maintenance Tasks)
(Administrators)

(Add Workstations To
Domain)
(Authenticated Users)
286
II
Windows Server 2008
. 9-4. ()

(Access This Computer From The
Network)
(Everyone), (Autentifica-ted Users), (Administrators), -Windows 2000 (Pre-Windows

2000 Compatible Access),
(ENTERPRISE
DOMAIN CONTROLLERS)

(Shut Down
The System)
(Administrators),
(Server Operators),
(Print Operators), (Backup
Operators)

(Load And Unload
Device Drivers)
(Administrators),
(Print Operators)

(Replace A Processlevel Token)
LOCAL SERVICE, NETWORK SERVICE

(Modify Firmware
Environment Values)
(Administrators)

(Change The System Time)
LOCAL SERVICE, (Administrators), (Server Operators)

(Change The Time Zone)
LOCAL SERVICE, (Administrators), (Server Operators)
(Impersonate
A Client After Authentication)
LOCAL SERVICE, NETWORK SERVICE,

(Administrators), IIS_IUSRS,
(SERVICE)

(Administrators),
(Account Operators),
(Server Operators), (Print
Operators), (Backup
Operators)
(Adjust Memory Quotas For

A Process)

(Administrators)

(Bypass Traverse Checking)
(Everyone), (Authentica-ted Users), LOCAL SERVICE, NETWORK

SERVICE, (Administrators),
-Windows 2000 (Pre-Windows 2000
Compatible Access)
(Remove Computer From Docking Station)
(Administrators)
287
. 9-4. ()
(Debug
Programs)
(Administrators)
(Force Shutdown From A Remote System)
(Administrators),
(Server Operators)

(Profile Single Process)
(Administrators)
(Profile System Performance)
(Administrators)

(Allow Log
On Through Terminal Services)
(Administrators)

(Enable User And Computer Accounts
To Be Trusted For Delegation)
(Administrators)
(Take Ownership Of
(Administrators)

(Generate Security Audits)

(Create Global Objects)

(Administrators),
(SERVICE)

(Create Symbolic Links)
(Administrators)

(Create A Pagefile)
(Administrators)
(Increase Scheduling
Priority)
(Administrators)

(Increase A Process
Working Set)
(Users)

(Manage Auditing
And Security Log)
(Administrators)
288
II
Windows Server 2008
. 9-5
. , .
. 9-5.

(Access This Computer From The
Network)
(Everyone), (Administrators), (Users),

(Backup Operators)
(Adjust Memory Quotas For

A Process)

(Administrators)

(Administrators), (Users), (Backup

Operators)

(Allow Log
On Through Terminal Services)
(Administrators), (Remote Desktop Users)

(Back Up Files And Directories)
(Administrators),
(Backup Operators)

(Bypass Traverse Checking)
(Everyone), LOCAL SERVICE, NETWORK

SERVICE, (Administrators),
(Users),
(Backup Operators)

(Change The System Time)
LOCAL SERVICE,
(Administrators)

(Change The Time Zone)
LOCAL SERVICE,
(Administrators)

(Create A Pagefile)
(Administrators)

(Create Global Objects)

(Administrators),
(SERVICE)

(Create Symbolic Links)
(Administrators)
(Debug
Programs)
(Administrators)
(Force Shutdown From A Remote System)
(Administrators)

(Generate Security Audits)
(Impersonate A
Client After Authentication)

(Administrators), IIS_IUSRS,
(SERVICE)
289
. 9-5. ()

(Increase A Process
Working Set)
(Users)
(Increase Scheduling
Priority)
(Administrators)

(Load And Unload
Device Drivers)
(Administrators)

(Log On As A Batch Job)
(Administrators),
(Backup Operators),
(Performance
Log Users), IIS_IUSRS

(Manage Auditing
And Security Log)
(Administrators)

(Modify Firmware
Environment Values)
(Administrators)
(Perform Volume
Maintenance Tasks)
(Administrators)
(Profile Single Process)
(Administrators)
(Profile
System Performance)
(Administrators)

(Remove
Computer From Docking Station)
(Administrators)

(Replace A Process-level Token)
(Restore Files And

Directories)
(Administrators),
(Backup Operators)

(Shut Down The System)
(Administrators),
(Backup Operators)
(Take Ownership Of
(Administrators)
290
II
Windows Server 2008
. 9-6 ,
. , , (Administrator), ,
(Administrators), (Server Operators),
(Account Operators), (Backup Operators)
(Print Operators). (Account Operators)
.
. 9-6.
(Perform Cryptographic Operations)
Administrators),
(Cryptographic
Operators)

(Modify The
Membership Of A
Group)
(Administrators),
(Account Operators)
(Monitor
Performance Logs)
(Administrators), (Performance
Monitor Users)

(Assign
User Rights)
(Administrators)

(Reset Passwords On
User Accounts)
(Administrators),
(Account Operators)

(Create And
Delete Groups)
(Administrators),
(Account Operators)

(Create
And Delete Printers)
(Administrators),
(Server Operators),
(Print
Operators)
291
. 9-6. ()
,
(Create,
Delete, And Manage
User Accounts)
(Administrators),
(Account Operators)
(Manage
Performance Logs)
(Administrators),
(Performance Log Users)

(Manage Network
Configuration)
(Administrators),
(Network
Configuration Operators)
(Manage
Printers)

(Print
Operators)

(Manage Group
Policy Links)

,
,

(Administrators)

(Read Event
Logs)
(Administrators), (Event Log

Readers)

(Read All User
Information)

(Account
Operators)

.
, . .
292
II
Windows Server 2008

,
, , ,
, . : (Administrators),
(Domain Admins) (Enterprise Admins). . 9-7 .
. 9-7.

(Administrators)
Active
Directory
(Administrator),
(Domain Admins),

(Enterprise
Admins)
(Administrators)
(Administrators)
, ,
(Administrator)
(Administrators)
(Domain
Admins)
Active
Directory
(Administrator)
(Administrators)
(Enterprise
Admins)
Active
Directory
(Administrator)
(Administrators)
(Administrator)
(Domain Admins) (Enterprise
Admins) (Administrators).
(Administrator) .
(Domain Admins) . (Enterprise Admins)
. (Enterprise Admins) (Administrators).
293
(Administrators) ,
( ).
.
, . (Administrators).
(Domain Admins) ,
.
,
(Administrators).
- ,
.
Windows Server 2008
(Administrator) (Domain
Admins). , , , ,
. ,
(Administrator) (Domain Admins).
(Enterprise Admins)
,
(Administrators). - , .
Windows Server 2008
(Administrator)
(Enterprise Admins). , , , ,
. ,
(Administrator) (Enterprise Admins).

Windows Server 2008 , . . , Active Directory.
:
Proxy , . .
Self .
294
II
Windows Server 2008
System Windows Server 2008. , .

(Anonymous Logon)
,
. , , , .
(Everyone) (Everyone) , , , . .
- (Creator Group) Windows Server 2008
, , , ()
.
(Interactive) , .
.
(Enterprise Domain Controllers)
, . .
(Restricted) .
(Batch) , .
, , , .
(Terminal Server User)
, .
.
(Authenticated Users)
, .
(Network) ,
.
.
(Service) , .
295
- (Creator Owner)
, .
Windows Server 2008 , .
(Dial-Up) , . ,
.
10
.
Windows Server 2008
, . , , :
Users And Computers) Active Directory.
(Local Users And Groups)
.
,
.

.
, . ,
,
.

.
. (display name) ,
.
(logon name) . ,
9.
10
297
, , ,
:

.
.
64 .
, .

:
, .
256 , (
64 ).
Windows
2000. 20 .
Windows 2000
.
Windows 2000 , , .
:
/\[];|=,+*?<>

, , , .
.
, . , (Administrator)
(Administrator), (administrator)
(ADMINISTRATOR).
. , , , , ,
.
,
, -
298
II
Windows Server 2008
, .
:
;
;
;
;
.

, , ,
20 . -, .
-
.

. .

, 127 Active Directory

14 Windows NT. ( ),
. Windows Server 2008 .
.
.
,
. ,
, . , , , happidays, ,
, haPPy2Days&, Ha**y!dayS h*PPY%d*ys.
, ,
. ,
: 99 10?. , , . .
, ,
, .
, .
.
10
299
,
.
5. ,
.
GPO . GPO- Default Domain Policy. Default
Domain Policy GPO, , :
1.
(Computer Configuration), Windows (Windows Settings), (Security Settings) (Account Policies), . 10-1.
, .
, , .
, . GPO 1,
.
. 10-1.
(Account Policies)
2. (Password Policy), (Account

Lockout Policy) Kerberos (Kerberos Policy). , (Properties). , . 10-2.
300
II
Windows Server 2008
Kerberos , .
,
.
.10-2.
3. () ( ). , , .
(Define This Policy
Setting), .
.
(Enabled) (Disabled).
(Enabled) , .
(Disabled) .
, - . , (Disable Log On As A Service)
(Log On As A Service).

, : ,
Kerberos. ,
.
10
301

:
(Enforce Password History).
(Maximum Password Age).
(Minimum Password Age).
(Minimum Password Length).
(Passwords Must Meet
Complexity Requirements).
, (Store Password Using Reversible Encryption For All Users In The Domain).
.
(Enforce Password History)
(Enforce Password History)

. . (password history) Windows Server 2008
24 .
,
(Passwords Remembered). , .

(Enforce Password History), . , .
(Minimum Password Age),
.
(Maximum Password Age)
(Maximum Password Age)

, . .
, . ,
, .
0 999.
. .

.
30, 60 90 . ,
120, 150 180 .
302
II
Windows Server 2008
Windows Server 2008

. 30 ,
, .
(Minimum Password Age)
(Minimum Password Age)

, ,
. ,
,
.
, . 3
7 . , ,
, . ,
. , .
(Minimum Password Length)
(Minimum Password Length) .

, .
(
), , , .
, . : , .
, 14
.

(Passwords Must Meet Complexity Requirements)

.
, , .
, ,
: , , .
, (Passwords Must
Meet Complexity Requirements).
10
303
, (Store Password
Using Reversible Encryption For All Users In The Domain)
. , . , , . ,
(Store Password Using Reversible Encryption For All
Users In The Domain).
,
. , , .

, .

,
:
(Account Lockout Threshold).
(Account Lockout
Duration).
(Reset Account Lockout Counter
After).
.
(Account Lockout Threshold)
(Account Lockout Threshold) ,

. ,
.

- . ,
. ,
, . ,
, Windows Server 2008 . ,
(Single Log-On)
0 999.
. , .
.
304
II
Windows Server 2008
: , . 7 15. ,
.

(Account Lockout Duration)
(Account Lockout
Duration) , , . 1 99999
, , .

. .

, . , , .
,
Active Directory (Active Directory Users And Computers). (Account)
(Account Is Locked Out).
(Reset Account
Lockout Counter After)
Windows Server 2008 . , , ,

,
. , ,
. (Reset
Account Lockout Counter After).
. , .
(Reset Account
Lockout Counter After), 1 99999 .
(Account Lockout Threshold),
, .
. ,
.
(Reset Account
Lockout Counter After) , .
10
305
. ,
, Ctrl+Alt+Delete.
Kerberos
Kerberos v5 Active Directory. Kerberos v5 (ticket), , .
, :
(Enforce User Logon
Restrictions).
(Maximum Lifetime For Service
Ticket).
(Maximum Lifetime For
User Ticket).

(Maximum Lifetime For User Ticket Renewal).
(Maximum
Tolerance For Computer Clock Synchronization).
.
, Kerberos.
, .
Kerberos .

(Enforce User Logon Restrictions)
(Enforce User
Logon Restriction) , . ,
,
. ,
, .

(Maximum Lifetime
For Service Ticket)
(Maximum Lifetime For User Ticket) , . 600
, 10 .
306
II
Windows Server 2008
.
0 99999 , 0
99999 . .
, ,
(Maximum Lifetime For User Ticket Renewal). , 0 99999 .
.

(Maximum Tolerance For Computer Clock Synchronization)
Kerberos, , , .
.
.
,
,
. 0 99999.
,
, .

9 . ,
.
,
. , .
, , , . , ,
, .
.
(Local Policies) . , .
Active
Directory. , .
,
.
,
:
10
307
1. , . (Computer
Configuration), Windows (Windows Settings), (Security Settings) (Local
Policies).
2. (User Rights Assignment).
, (Properties). (Properties).
3. . 14
. 16 .

, ,
:
1. , ,
. 10-3. , (Define These Policy
Settings).
. 10-3.
2. ,
(Add User Or Group).
(Add User Or Group) -
308
II
Windows Server 2008
(Browse). : , (Select Users, Computers, Or

Groups), . 10-4.
Windows,
: , (Select Users, Computers, Or Groups),
.
TCP 445. \
\\ \ Windows\
(Computer Configuration\Administrative Templates\Network\Network Connections\
Windows Firewall\Domain Profile).
Windows: (Windows Firewall: Allow Remote Administration
Exception) (Enabled). : netsh firewall set portopening
tcp 445 smb enable. 840634
(http://support.microsoft.com/default.aspx?scid=kb;en-us;840634).
. 10-4.
3. , ,
(Check Names).
.
(Object Types) ,
(Groups) OK.
4. , OK. (Add User Or Group). OK.
5. . ,
(Remove).
6. , OK.
10
309

, :
1. (. . 10-5).
, , .
2. ,
.
, (Remove).
3. , (Add User
Or Group).
(Add User Or Group) (Browse). : ,
(Select Users, Computers, Or Groups), . 10-4.
.
. 10-5.

,
, . Active Directory
(Active Directory Users And Computers). (Local
Users And Groups).
310
II
Windows Server 2008

:
, ,
,
(New) (User). (New Object User Wizard), . 10-6.
.

And Computers) , ,
(Copy). (Copy
Object User Wizard), , , (New Object User Wizard). ,
.
11.

(New Object User Wizard) (Copy
Object User Wizard), :
1.
(. 10-6).
, . .
. 10-6.
10
311
2. (Full Name).
,
64 .
3. (User Logon Name)
. , .
.
4. 20
Windows 2000. . , Windows.
. 10-7. (New
Object User Wizard)
5. (Next). , .10-7,
. :
(Password) .
.
(Confirm Password) . , .
(User Must
Change Password At Next Logon) ,
.
(User Cannot Change Password) ,
.
(Password Never Expires)
, -
312
II
Windows Server 2008
. .

.
(Account Is Disabled)
, .
.
6. (Next) (Finish), . . (Back),
.
, . .

(Local Users And Groups). , :
1. (Click Start), (All Programs), (Administrative Tools)
(Computer Management).
2. (Computer
Management)
(Connect To Another Computer). ,
. .
3. (System Tools) (Local Users And Groups).
4. (Users) (New User). , . 10-8. :
(User Name) .
.
(Full Name) , ,
William R. Stanek.
(Description) . ,
, , -.
.
(Password) .
.
(Confirm Password) . , .
10
313
(User Must
Change Password At Next Logon) ,
.
(User Cannot Change
Password) ,
.
(Password Never Expires)
,
.
.
, .

.
. 10-8.

5. , (Create).

.
Users And Computers). (Local Users And Groups).
, ,
. :
314
II
Windows Server 2008
,
, ,
. ,
, , , -.
,
.
, , . ,
, .

, :
1. Active Directory (Active
Directory Users And Computers). ,
,
(New) (Group). (New Object Group), . 10-9.
. 10-9. (New Object Group)

2. .
, . .
64 .
3. 20
Windows 2000. .
Windows.
10
315
4. ( ,
).
5. ( ).
6. OK, . ,
.
.

(Local Users And Groups). :
1. (Click Start), (All Programs), (Administrative Tools)
2. (Computer
Management)
(Connect To Another Computer). , . .
3. (System Tools) (Local Users And Groups).
4. (Groups) (New Group).
(New Group), . 10-10.
. 10-10. (New Group)

5. , (Add),
. : (Select Users).
316
II
Windows Server 2008
6. (Name) (Check Names).

OK. ,
. OK.
7. ,
(Remove).
8. ,
(Create).

Active Directory
, :

(Domain Users). .
(Domain Computers). .
(Domain Controllers). .
:
;
;
.

, (Add To Group).
: (Select Groups),
: (Select Users Or Groups),
. ,
.
,
:
1. , Active Directory (Active
.
2. (Member Of).
10
317
3. , (Add). : (Select
Groups). , .
4. ,
(Remove).
5. OK.
,
:
Directory Users And Computers) , .
, Ctrl,
. , Shift, .
2. (Add To Group).
: (Select Groups). , .
3. OK.

. , :
1. Active Directory (Active Directory Users And Computers). .
2. (Members).
3. (Add). : , (Select Users,
Computers, Or Groups). , ,
.
4. ,
(Remove).
5. OK.

Macintosh, (primary group). -
318
II
Windows Server 2008
Macintosh
, ,
Windows Server 2008 Macintosh .
, , , (Domain
Users) (Domain Computers).
, :
1.
And Computers). .
2. (Member Of)
3. (Member Of)
.
4. (Set Primary Group).
, , . , . :
1. (Member Of)
(Set Primary Group).
2. (Member Of)
(Remove).
11
, ,
. , ,
. , .

Active Directory . , ,
.
.

, :
1. Active Directory (Active Directory Users and Computers). .
2. (General), . 11-1. :
(First Name), (Initials), (Last Name) .
(Display Name) , Active Directory.
(Description) .
(Office) .
(Telephone Number)
.
320
II
Windows Server 2008
, , (Other)
() (Phone Number (Others)).
. (E-Mail) .
- (Web Page) URL
.
-, ,
(Other) -
() (Web Page Address
(Others)).
. 11-1.
(Send Mail)
(Open Home Page) Active Directory (Active Directory Users and Computers), . (E-Mail) - (Web Page).
.
3. (Address) . ,

.
,
. . , , ,
.
11
321
4. (Telephones). , ,
, , -.
5. , (Other)
.
6. (Organization).
, .
7. ,
(Change) : (Select User Or Contact).
, .
8. (Apply) OK, .
Active Directory
Active Directory, :
1. Active Directory (Active Directory Users and Computers)
(Find).
2. (In) : ,
(Find Users, Contacts, And Groups). , Active Directory (Entire Directory).
,
(Browse).
3. , (Users, Contacts, and Groups)
, , .
322
II
Windows Server 2008
4. (Find Now), .
, . 11-2. , .
5. ,
(Properties).

, , .
, Active Directory
(Active Directory Users and Computers) (Profile), . 11-3. :
(Profile Path) ,
.
, ,
.
.
. 11-3. (Profile)
(Logon Script)
, . 5.
11
323
(Home Folder) .
,
, .

,
, . , . :
%SystemRoot% , ,
C:\Windows. (Profile)
.
%UserName% , , wrstanek.
(Profile)
.
%HomeDrive% , , , , C:. .
%HomePath% , , \Users\Mkg\Georgej. .
%Processor_Architecture% ,
, , x86. .
. 11-4. (Profile) ,
, ,
324
II
Windows Server 2008
. 11-4 . ,
%UserName%
.
, ,
.

,
. , ,
. , .
, ,
.
,
.
(Startup).
Microsoft
Windows, :
Windows Script Host .vbs, .js .;
.bat;
.cmd;
.exe.
.
. , .
, :
1. Active Directory (Active Directory Users and Computers) (Profile).
2. (Logon Script).
, , , \\Zeta\User_
Logon\Eng.vbs.
.
5.
, ,
, Windows. ,
. , ,
11
325
. NET USE.
:
net use lpt1: \\zeta\techmain
net use G: \\gamma\corp\files
, , LPT1, , G. VBScript, , ,
Network. :
Option Explicit
Dim wNetwork, printerPath
Set wNetwork = WScript.CreateObject(WScript.Network)
printerPath = \\zeta\techmain
wNetwork.AddWindowsPrinterConnection printerPath
wNetwork.SetDefaultPrinter printerPath
wNetwork.MapNetworkDrive G:, \\gamma\corpfiles
Set wNetwork = vbEmpty
Set printerPath = vbEmpty
AddWindowsPrinterConnection TechMain Zeta, SetDefaultPrinter .

MapNetworkDrive G.

, . , .

.
. ,
, .
, . .
. Active Directory (Active

Directory Users and Computers) . -
326
II
Windows Server 2008
- ,
.
,
:
2. (Home Folder)
(Local Path)
, , C:\Home\%UserName%.
, :
2. (Home Folder)
(Connect) .
. , , . .
3. UNC- , , \\Gamma\
User_Dirs\%UserName%. , .
, Windows Server 2008 . , , ,
, \Users\Default. .

,
, , .

Windows Server , . ,
,
.

: . -
11
327
, ,
.
, . , :

.

, :
1. Active Directory (Active Directory Users and Computers) (Account).
2. (Logon Hours).

(Logon Hours), . 11-5. . , .
3. ,
(Logon Permitted)
(Logon Denied).
11-1
(Logon Hours).
. 1-1. (Logon Hours)

(All)

(Logon Permitted)

(Logon Denied)
, . , 9 17, .
.
328
II
Windows Server 2008
. 11-5.
, :
1. . , 5.
2. (Computer Configuration), Windows (Windows Settings),
(Security Settings)
(Local Policies). (Security
Options).
3. :
(Network Security: Force Logoff When Logon Hours Expire).
.
4. (Define
This Policy Setting) (Enabled). OK.

Windows Server 2008 , , , .
,
.
,

.
.
11
329
.
.
.

Windows 95 Windows 98.
.
, , :
(Account).
2. (Log On To),
(Logon Workstations).
3. (The Following Computers), . 11-6.
4. (Add).
.
5. ,
(Edit) (Remove).
. 11-6. , ,

VPN
Windows Server 2008
(Dial-In) .
330
II
Windows Server 2008
(VPN). . 11-7, NPS.

.
, (Allow Access)
(Deny Access). ,
, :
1.
(Network Policy and Access Services).
2. , GPO , .

(User Configuration), (Administrative Templates) (Network). (Network Connections)
, .
3. (Computer Management)
(Services And Applications) (Routing And Remote Access).
.
, , .
(Dial-In), . 11-7.
1. , (Verify Caller-ID)
. ,
.
2. :
(No Callback)
. , ,
, .
(Set By Caller) ,
. ,
,
.
.
(Always Callback To)
. ,
.
.
.
11
331
,
.
.
3. IP- ,
IP- (Assign Static IP Address) (Apply
Static Routes). IP- 17.
. 11-7.

(Account)
.
:
(User Must
Change Password At Next Logon)
.
(User Cannot Change Password) .
(Password Never Expires) , .
332
II
Windows Server 2008
! . , .
, (Store Password
Using Reversible Encryption) .
,
.
- (Smart Card Is Required For Interactive Logon) -
. ,
.
(Account Is Sensitive And Cannot Be Delegated) ,
Kerberos.
, .
Kerberos DES
(Use Kerberos DES Encryption Types For This Account) ,
DES.
128- Kerberos AES (This Account Supports Kerberos AES 128 Bit Encryption)
128- AES.
256-
Kerberos AES (This Account Supports Kerberos AES 256 Bit Encryption) 256- AES.
Kerberos (Do Not Require
Kerberos Preauthentication) ,
. Kerberos v5.
Kerberos.
AES DES . Windows DES.
Windows Vista Windows Server 2008 AES, ,
DES. Windows Vista Windows Server 2008,
, 128-, 256-
, , ,
128- .
11
333

,
.
. ,
, ,
. VGA
. . .
Windows Server 2008
:
Active Directory (Active Directory Users and Computers).
,
(System)
.
.
,
, , , , .
,
. , , , (local). , ,
, . ,
, , , ,
, .
, .
(roaming). .
, , Windows 2000, Windows Server
2003 Windows Server 2008. , . .
334
II
Windows Server 2008
, EFS,
, ,
, .
, ,
.
.
,
, , .
, , (mandatory).
.
. , , , ,
,
.
, . , ,
- , ,
.
, .
Windows XP,
. Windows XP . ,
. 893243
http://support.microsoft.com/default.aspx?scid=kb;en-us;893243.
Windows 2000
, (Profile
Path) . Windows Vista Windows
Server 2008 %%\Users\
%%\Ntuser.dat, , C:\Users\wrstanek\Ntuser.dat.
,
.

Windows
2000, Windows Server 2003 Windows Server 2008. , EFS, . ,
.
11
335
,
, :
, (Everyone) , , (Change) (Read) .
2. Active Directory (Active Directory Users And Computers) (Profile).
(Profile Path) \\ \
\ , , \\Zeta\User_Profiles\
Georgej, Zeta , User_Profiles Georgej
.
3. , Ntuser.dat, , \\Zeta\User_Profiles\Georgej\Ntuser.dat.

,
. NTFS ,
. . Ctrl Shift,

(Properties). . ,
%UserName%, , \\Zeta\User_Profiles\%UserName%.
4. .
, . ,
, .
,
.

Windows
Server 2008. ,
, :
1. 1-3 .
2. Ntuser.dat Ntuser.man. , .
Ntuser.dat .
.man, Windows Server 2008,
.
336
II
Windows Server 2008

,
(System) .
(Start) (Control Panel).

(System And Maintenance), (System) (Advanced System Settings),
(User Profiles) (Settings).
. 11-8 (User
Profiles), , . .
:
(Name) , ,
. , ADATUM\Wrstanek ,
adatum, wrstanek.
. 11-8. (Users Profiles)

, ,
(Account Deleted)
(Account Unknown). .
11
337
(Size) , ,
.
(Type) ( ).
(Status) , ,
.
(Modified) .

,
, , . , .
.
, , .

,
. (System)
. :
1. . (System And Maintenance), (System)
(Advanced System Settings). (System Properties)
(Settings) (User Profiles).
2. , (Profiles Stored On
This Computer) , (. 11-8).
3. (Copy To).
(Copy Profile To),
. 11-9. , georgej \\Zeta\User_Profiles\Georgej.
. 11-9. (Copy To)

338
II
Windows Server 2008
4. . (Permitted To Use) (Change) : (Select User Or Group)

.
5. OK, (Copy To).
Windows .

,
, .
.
, Windows Server 2008 ,
. (,
).

.
, :
1. . (System And
Maintenance), (System) (Advanced System Settings).
(System Properties) (Settings)
(User Profiles).
2. , (Profiles Stored
On This Computer) , .
3. (Copy To). (Copy Profile To).
4. (Permitted To Use) (Change) :
(Select User Or Group) .
5. OK, (Copy To).
Windows .

. Windows Server 2008 , , . , ,

, .
11
339
. ,
, , .
, :
1. ,
, (System).
2. (Advanced System Settings). (System Properties)
(Settings) (User Profiles).
3. , ,
(Delete). (Yes), .
, . (, ), ,
, . ,
, .
.
Windows Server 2008

:
, . ,
. :
;
Active Directory (Active Directory Users and Computers).

(System)
. (Change
Type). :
,
, . , .
(
)
. Windows Server 2008 -
340
II
Windows Server 2008
, . , .
, .

Directory Users and Computers). ,
(Local Users And Groups).
Active Directory
. ,
,
. :
(Find).
2. (Find) (Custom Search). (Find) (Custom Search).
3. (In) .
, Active Directory (Entire
Directory).
4. (Field) (User)
(-Windows 2000) (Logon Name (Pre-Windows 2000)).
: (-Windows 2000)
(Logon Name (PreWindows 2000)), (Logon Name). ,
Windows 2000 .
5. (Condition) (Present)
(Add). , (Yes).
6. (Find Now). .
7. , .
8. , ,
(Disable Account).
11
341
, : (Add To Group),
(Enable Account), (Disable Account), (Delete)
(Move).
,
Active Directory. (Field) (Computer)
(-Windows 2000) (Computer Name (Pre-Windows
2000)). , (Field)
(Group) (-Windows 2000)
(Group Name (Pre-Windows 2000)).

(, , ),
. , , , .

.
10, .
, Windows Server 2008 SID,
. SID
.
SID ,

. Windows Server 2008 SID .

. , (kima) , , , kimr. kima kimr
. , ,
, -,
kimr, kima .
Active
Directory (Active Directory Users and
Computers) (Rename User), .
, :
1. Active Directory (Active Directory Users and Computers) ,
.
342
II
Windows Server 2008
2. (Rename). . Backspace Delete, , Enter,

(Rename User).
3. OK. , , , ,
.
4. SID ,
. , , , -
, :

,
.

, .

,
.

. ,
, . Windows.

.
, :
1. Active Directory (Active Directory Users and Computers) ,
, (Copy).
(Copy
Object User).
2. . .
, Active
Computers) . , ,
11
343
, .
:
, , ,
(Address);
, (Organization);
, (Account Options) (Account);
, ;
;
;
;
.
`

, . ,
%UserName%, .

Windows Server 2008 CSVDE,
Active Directory. CSVDE
-. CSVDE :
i ( ).
f .
s (
).
v .
u Unicode (
Unicode).
- LDAP .
. :
DN,objectClass,sAMAccoutName,sn,givenName,userPrincipalName
CN=William Stanek,OU=Eng,DC=cpandl,DC=com,user,williams,William,Stanek,
williams@cpandl.com
, newusers.csv. Active Directory,

:
344
II
Windows Server 2008
csvde -i -f newusers.csv
, CSVDE -. , ,
:
d RootDN , , d OU=Sales,DC=
domain,DC=local. , .
l .
r LDAP, , r (objectClass=user).
m (SAM),
Active Directory.
(
), :
csvde -f newusers.csv
, . ,
, RootDN , :
csvde -f newusers.csv -d OU=Service,DC=cpandl,DC=com r
(objectClass=user)

. , ,
SID SID .
. Delete. OK (Yes).
Windows Server 2008
, .
, . Windows-, .
.

. , .
,
:
11
345

2.
(Reset Password) (Set Password).
3. .
, .
4.
(Account Is Locked Out)
(Unlock Account).
(Account) .

, .
, ,
. , , .
. , , ,
.


Users and Computers) . , :
2.
(Enable Account).

, dsquery user disabled.
, :
346
II
Windows Server 2008
2.
(Unlock Account).
(Account) .

, . ,
. 10.
.
.
, :
1. Active Directory (Active Directory Users and Computers).
2.
(Account).
3. (Account Expires)
(End Of) . ,
.

Users and Computers) . ,
:
, Ctrl , .
,
Shift, .
,
. :
(Add To A Group) : (Select Group) , .
(Disable Account) .
(Enable Account) .
(Move)
.
11
347
(Properties)

(Properties). . 11-10,
(Properties For Multiple Objects)
:
.
DNS- ( , UPN),
, , , .
, ,
. , ,
.
. 11-10.

(Profile). ,

Users and Computers). , %UserName%, . ,
348
II
Windows Server 2008
%UserName%.cmd, Windows
,
. , bobs, janew ericl : Bobs.cmd, Janew.cmd Ericl.cmd.
. 11-11 . %UserName%
,
.
,
, ,
. ,
.
. 11-11. %UserName%

Active
Computers), .
:
1. Active Directory (Active Directory Users and Computers) , .
11
349
2. (Properties).
(Account).
3. (Logon Hours) . ,
.

, . ,
, .

(Logon Workstations).
, :
1. Active Directory (Active Directory Users and Computers) , .
2. (Properties).
(Account).
3. (Computer Restrictions)
(Log On To).
4. , (All Computers).
,
,
(The Following Computers), ( ). OK,

.
,

,
, .
(Account). , , , .
:
, . , (Password Never Ex-
350
II
Windows Server 2008
pires), OK .
, , . ,
(Account Is
Disabled), , ,
OK .
,
(Account Expires), .
(Never) .
(End Of).

,
. , ,
and Computers) (Enable
Account).
, dsquery user disabled. , dsmod user UserDN disabled no.
,

. ,
.
, .
GPO ,
\ Windows\ \ \ (Computer Configuration\
Windows Settings\Security Settings\Local Policies\Audit Policy).
, .
, , , . , ,
11
351
. , , .
10 .
, Windows 2000 Windows
Server 2003, , , , , Kerberos (Maximum Tolerance For Computer Clock Synchronization). 5 .
, .
:
,
, .
, , , .
, .
, (Logon Locally),
10.
,
, , . ,
. , ,
, .
, , , , , ,
.
, , , .
,
.
,
, .
, , .
352
II
Windows Server 2008
Active Directory
, Active Directory , .
Active Directory ,
. Active Directory , .
, , .

Active Directory, :
1. Active Directory (Active Directory Users and Computers). (View) (Advanced Features). , , ,
(Properties).
2. (Security). (. 11-12),
.
, ,
.
3.
(Group Or User Names). , :
.
(Permissions)
.
,
, .
4. ,
, (Add). :
, (Select Users, Computers,
Or Groups), , .
5. (Group Or User Names)
(Permissions). , .
6. , OK.
! ,
Active Directory Active Directory. ,
.
11
353
. 11-12. (Security)
Active Directory, :
1. Active Directory (Active Directory Users and Computers). (View) (Advanced Features). , , ,
(Properties).
2. (Security) (Advanced),
.
3. , (Edit).
4. , OK.
III

Windows Server 2008
12. .............................. 356

13. RAID................... 404
14. .......................................... 427
15. , ............................................... 444
16. ............................................... 501
12
. , .
, .
. C,
. C, C:\.

.

(Map Network Drive) Windows.
.
.
13 . 14 , .
(File Services)
.
,
. Windows Server . Windows Server
2008 ,
(File Services) .
. 12-1 (File
Services). , , :
12
357
Windows Server (Windows Server Backup)

SAN (Storage Manager for SANs) (SAN).
- (Multipath IO)
.
- .
. 12-1. (File Services)

(Share and Storage
Management)
(Share and Storage Management)

.

,
.

(LUN) (SAN)

DFS (Distributed
File System (DFS))

DFS (DFS Namespaces) DFS (DFS Replication). DFS
.
DFS Sysvol
DFS
(DFS Namespaces)
, , .
, ,
DFS (DFS
Replication)

. . RDC (Remote Differential Compression)
, . DFS
DFS (DFS Namespaces)
358
III
Windows Server 2008
. 12-1. ()

(File
Server Resource Manager
(FSRM))

, .
FSRM
,
(file screening)
NFS (Services
For Network File System)

Windows UNIX.
NFS
Windows Server 2008 UNIX
NFS
Windows
(Windows Search Service)

,
Windows.
, ,

Windows Server 2003
(Windows Server 2003 File
Services)
,
Windows Server 2008
Windows Server 2003

(File Replication
Service (FRS))

,
FRS.
DFS Windows 2000.
,
FRS,

RFS

(Indexing Service)

.

.

(File Services) , :
1. (Server Manager)
(Roles) (Add Roles). (Add Roles Wizard).
12
359
.
,
(Add Role Services).
(Roles)
(File Services)
(Add Role Services). 3. ,
.

(File Services)
(Next).
3. (Select Role Services)
. . 12-1.
UNIX
NFS (Services For Network File System).
(Next).
4. DFS ,
.
DFS (DFS Namespaces) :
DFS (Create A DFS Namespace) , ,
. , , CorpData. , ,

.
(Select Namespace
Type) , :
, .

, ,
5000 DFS-.
50000 DFS-,
.
360
III
Windows Server 2008
(Configure Namespace)
,
, DFS-,
. (Add).
(Add Folder To
Namespace) (Browse).
(Browse For Shared Folders)
OK.
OK. .
,
.
, OK, .
DFS (DFS Namespaces) . DFS (DFS Namespaces), DFS (DFS Replication)

,
DFS (DFS Management). (Administrative Tools). 15.
5. (File Server Resource Manager)

. , :
12
361

(Configure Storage Usage Monitoring) ,
,
. (Options),
,
.
85%.
(Set Report Options)

,
. ,
.
.
%SystemDrive%\
StorageReports. ,
(Browse)
(Browse For Folders). ,
.
SMTP, .
362
III
Windows Server 2008
.
.
(Administrative Tools). 14.
6. Windows (Windows Search Service), . , ,

. ,
, ,
.
. .
.
Windows (Windows Search Service) (Indexing Options)
.
7. , (Next).
(Confirm Installation Options). (Install),
.
, (Installation Results). , .
(File Services) , ,
(Roles)
(File Services). ,
(Role Services).
(Add Role Services) , , 3.

,
, . Microsoft
Windows Server 2008 . , ,
, , .
, , .
, .
,
. , . Windows Server 2008 -
12
363
RAID,
.

, .
, ,
.
100 1 . Windows Server 2008
, , SCSI, ATA SATA.
SCSI, PATA SATA , . SCSI SCSI, ATA ATA, . . .
,
. .
:
.
,
-.
, , ,
Ultra320 SCSI SATA II,
. , 15000 /
45%50% - ,
10000 /, .
3,5 25%
30% , 4,7 .
, :

, .
(mean time to failure, MTTF) , .
, .
.
, Ultra320 SCSI 15000
/, ,
MTTF. , Maxtor Atlas 15K II
98 ,
364
III
Windows Server 2008
Seagate Cheetah 15K.4 96 /.

1,4 .
(/).
1,5 / 188 /, 3,0 /
375 /. (maximum external transfer
rate) .
.
Seagate Barracuda 7200 SATA II 7200 /
58 /.
8,5 1 ,
SATA II 7200 /. , Ultra320
SCSI , -.
, ,
.
. , , . ,
. , 15K , .
Maxtor Atlas 15K II, Seagate Cheetah 15K.4 70C
( ).

, , , . (partition) , . : (Master Boot
Record, MBR) - (GUID Partition Table, GPT). Windows Server 2008
32- 64- MBR, GPT. GPT Windows Server x86 x64.
, , .

,
.
.
MBR ()
.
MBR . ,
12
365
.
,
. , .
, .
.
GPT Itanium.
2 x86 x64, , Itanium. GPT MBR . GPT
. ,

. GPT- 18 () 128 .
GPT MBR, .
(Disk Management)
(Disk Management) . (Computer Management)
(Server Manager). ,
MMC. (Disk Management) (Computer
Management) (Server Manager),
(Storage).
(Disk Management) : (Disk List), (Graphical
View) (Volume List).
(Disk Management). ,
.
.
DISKPART.

(Disk Management), .
, , .
, (Unallocated).
366
III
Windows Server 2008
. 12-1 (Volume List) , (Graphical View)

. . :
, (View), (Top) .
, (View), (Bottom) .
, (View) (Bottom) (Hidden).
. 12-1. (Disk Management)

.


(Basic) , Windows. Windows.
(Dynamic)
. , Windows 2000 .
(Removable)
,
. exFAT, FAT16, FAT32 NTFS.
12
367
exFAT Windows Vista SP1 , Windows Server

2008. exFAT FAT (FAT12/16
FAT32). FAT32, exFAT FAT32 4- 32 . exFAT
32768 .
exFAT .
, exFAT . ., .
, exFAT Mac OS Linux Windows.

(Disk Management),
(Properties).
,
. 12-2 , , .
Windows (Windows Explorer), (File) (Properties).
. 12-2. (General)
(Properties)
368
III
Windows Server 2008

NTFS, FAT, FAT32 exFAT.

. USB FireWire. ,
USB
FireWire , , .
USB FireWire, USB 1.0, USB 1.1,
USB 2.0, FireWire 400 FireWire 800.
USB 2.0 ,
480 /. 10 30 /. , , ,
. USB- ,
, .
, USB- , .
, USB 2.0 USB
1.0. , USB 1.0.
USB 1.0, 1.1 2.0 . USB- , .
USB 2.0 -, . USB- , USB-. , , . USB,
.
FireWire (IEEE 1394) .
, , .
USB, FireWire,
, FireWire 400 FireWire 800. FireWire 400 (IEEE 1394a)
400 /, FireWire 800 (IEEE 1394b) 800 /.
FireWire 800 FireWire 400 ,
FireWire 400.
FireWire 400 FireWire 800 ,
( , ).
FireWire 400 , FireWire, IEEE 1394a
12
369
IEEE 1394b. FireWire

, .
FireWire FireWire 400
.
FireWire . FireWire 400 .

, .
, USB 2.0 FireWire 400,
USB 2.0, FireWire 400 FireWire 800.
.

. :
(Open)
(Explore), Windows (Windows Explorer).

(Format), , . , .
(Properties) .
(General) (Properties)
, .
, . ,
(Properties) (Customize). ,
. , (Documents)
(Pictures And Videos)
.

. , : , . .
.
NTFS
, .
exFAT, FAT FAT32
, .
370
III
Windows Server 2008

. .
, ,
. ,
(Disk Management) (Action) (Rescan Disks).
.
, .
,
. ,
. , ( , ),
(Disk Management).
(Initialize And Convert
Disk Wizard).
(Initialize And Convert Disk Wizard), :
1. (Next) . (Select Disks To Initialize)
. , .
2. (Next),
(Select Disks To Convert). , , .
. , (Next).
3.
,
. , (Finish).
. , .
, .
(Initialize And Convert Disk Wizard),
(Disk
Management). (Disk List)
,
(Not Initialized).

12
371
(Initialize Disk).
, OK.
.

. (Disk Management)

(Graphical View) (Volume List). . 12-2
.
. 12-2.
(Online)
.
, . ,

.
-
()
(Online (Errors))
,

(Reactivate Disk).
, ,
.

(Offline)
.

.

(Missing),

,
. ,

.

( )

(Reactivate Disk).
(Foreign)
, .

,
,

(Import Foreign
Disks)
372
III
Windows Server 2008
. 12-2. ()

(Unreadable)
. ,
,
. ,

FireWire/
USB -,

.
,
- .

,

-.
, (Action) (Rescan Disks).
,
(Unrecognized)
.
,
Windows

, .

, . Windows Server
2008,

(Initialize Disk)

(Not Initialized)

.

,
Windows

, .

, . Windows Server
2008,

(Initialize Disk)
12
373
. 12-2. ()

(No Media)

CD-ROM- .

CD-ROM-
-, . FireWire/
USB
( )

, Windows.
Windows.
Windows Server 2008. .
,
Windows 2000 .
.

Windows Server 2008, . Windows Server 2008 , , .
. , .
.
, .
.
.
, , .
, C D,
Windows NT 4.0, Windows Server 2008.
374
III
Windows Server 2008
C , D.
.

. :
, ;
;
;
.
:
, , ,
RAID-5;
;
;
;
RAID-5;
;
( );
:
, ;
;
.

,
:
(crash dump) , .
%SystemRoot%, .
(active) ,
.
.
(boot) . .
(system) , , . .
(page file) , . -
12
375

.
x86 (Disk Management).
,
(Mark Partition As Active).
. , , .

Windows.
Windows.
Windows 2000
. , , , UNIX.
, Windows.
.
Windows Server 2008
.
. .

. .

, ,
Windows.
Windows 2000 .
MBR-, , 1 . (Disk
Management)
,
. .
GPT
. GPT- , Windows, , , ,
.
:
, 512
. , .
376
III
Windows Server 2008

.
.
, , , RAID5. .
,
Windows. , Windows Server 2008.
, , ,
RAID-5. .
.
, :
1. (Disk Management)
, ,
(Disk List) (Graphical View). (Convert To Dynamic Disk).
2. (Convert To
Dynamic Disk) , . , ,
RAID-5, , . OK.
3. (Disks To Convert) . :
(Name) .
(Disk Contents) ,
, , .
(Will Convert) . ,
. , .
(Details) .
(Convert) .
4. , (Convert).
, Windows,
. (Yes), .
5. ,
, ,
(Disk Management) .
12
377
.
(Convert
To Basic Disk). , .

() (Online
(Errors)) (Offline),
, :
, ,
(Reactivate Disk) .
2. , . , , .
, ,
.

, , (Unreadable). (Action)
(Rescan Disks).

, .
, , ,
. ,
.
1. (Disk Management) , .
, .
.
, BitLocker. BitLocker , , .
378
III
Windows Server 2008
2. . . Plug and Play .

,
.
3. ,
, . , , ,
. , . ,
, , .
, :
1.
(Computer Management). (Device
Manager).
(Disk Drives).
. , , (Uninstall).
, ,
(Properties).
(Volumes) (Populate). .
2. (Disk Management) (Computer Management) . , ,
(Remove Disk).
3. , .
,
, . ,
,
. .
(Action)
(Rescan Disks). ,
(Foreign)
(Import). .
12
379
, .
, . ,
. ,
, .

. (Disk Management).

Windows Server 2008 MBR-
. , MBR-: , .
.
.
. ,
. ,
600 200 . GPT- 128 .

. , . ,
, C, .
,
.
. MS-DOS, , C, Windows Server 2008 . , C Z.
A . , B,
C Z. , CD-, Zip- . ,
, 24. , .
24 .
, . . ,
, E:\Data1, E:\Data2 E:\Data3. -
380
III
Windows Server 2008
, .
,
, NTFS.
, (Disk Management) . , - ,
- .
(Disk Management). , (View) (Settings).

Windows Server 2008
(Disk Management) , .
.
, .
(Disk Management) , :
1. (Disk
Management)
(New Simple Volume).
(New Simple Volume Wizard).
(Next).
2. (Specify Volume Size),
. 12-3,
(). (Next).
. 12-3.
(Specify Volume Size)
12
381
3. (Assign Drive Letter Or

Path), . 12-4, (Next). :
(Assign The Following Drive Letter)
,
, .
NTFS- (Mount In The Following
Empty NTFS Folder) NTFS-.
, (Browse).
(Do Not Assign A Drive
Letter Or Drive Path) ,
, .
.
.
, , . . .
. 12-4. (Assign Drive Letter Or Path)

4. (Format Partition), . 12-5, , . ,

(Format This Volume
With The Following Settings) :
(File System) : FAT, FAT32
NTFS.
NTFS. FAT FAT32,
NTFS. NTFS FAT FAT32 .
382
III
Windows Server 2008
(Allocation Unit Size)

.

.
. ,
, , 512 1024
.
.
(Volume Label) ,
(New Volume).
, Windows (Windows
Explorer), (Properties)
(General).
(Perform A Quick Format) Windows Server 2008 ,
.
,
. (Disk Management)
.
(Enable File And Folder Compression) . NTFS-. NTFS
,
, .
,
. ,
.
. 12-5.
(Format Partition)
12
383
5. (Next), (Finish).

. , ,
, .
,
(Format).
(Format), . 12-6.
. 12-6.
(Format)
:
(Volume Label) , .
(File System) : exFAT, FAT,
FAT32 NTFS. FAT MS-DOS,
Microsoft Windows 3.1, Windows 95, Windows 98 Windows Me.
NTFS Microsoft
Windows NT Windows.
.

. . ,
, , 512 1024 .

.
(Perform A Quick Format) Windows
Server 2008 , . , .
(Disk Management)
.
384
III
Windows Server 2008
(Enable File And Folder Compression) . NTFS-. NTFS

,
, .
, .
,
.
OK.
, (Disk Management) . OK, .
.

(Disk Management) .
, ,
. , Windows Server 2008
, , NTFS-,
.
Windows Server 2008, Windows Vista,
, NTFS-.
- USB
NTFS. Windows Vista SP1 ,
, NTFS.

, ,
NTFS-.
. . , .
, .
Windows , , . ,
. 223188 ,
(http://support.microsoft.com/kb/223188/en-us). , ,
.
12
385
,
(Disk Management) , ,
(Change Drive Letter And Paths). ,
. 12-7. :
(Add),
NTFS- (Mount In The
Following Empty NTFS Folder),
(Browse), .

(Remove), (Yes).
(Add), (Assign The Following Drive
Letter) .

(Change).
(Assign The Following Drive Letter) .
(Remove), (Yes).
. 12-7. (Change Drive Letter And

Paths)
Windows Server
2008 . , ,
(Disk Management) , (Yes).

.
FAT FAT32 11 . NTFS 32 .
, FAT FAT32 , , * / \ [ ] : ; | = , . + ? < >. , NTFS
.
386
III
Windows Server 2008

Windows Server 2008, , Windows (Windows Explorer),
.

(Disk Management) Windows (Windows Explorer).

(Disk Management), :
1. (Properties).
2. (General) (Properties)

. OK.
Windows (Windows
Explorer), :
1.
(Properties).

. OK.

, .
, , .
, .
. Windows Server 2008 , .
.
, ,
:
, , , (Explore). Windows (Windows
Explorer)
.
, : (Delete Partition), (Delete Volume) (Delete Logical Drive).
12
387
3. , (Yes).
. , :
1. ,
.
2. .
NTFS
Windows Server 2008 FAT NTFS. Convert %SystemRoot%.
, .
, , Windows Server 2008
NTFS FAT. NTFS
FAT FAT.
Convert
Convert . , :
convert /FS:NTFS
, . ,
NTFS D. :
convert D: /FS:NTFS
Convert:
convert /FS:NTFS [/V] [/X] [/CvtArea:_] [/NoSecurity]
/FS:NTFS
NTFS
/V
/X
/CvtArea: _

NTFS
/NoSecurity

(Everyone)
Convert
Convert , ,
. Intel x86
388
III
Windows Server 2008
NTFS. .
.
NTFS, . (Yes),
.
. !
.
NTFS Convert , .
, 25% . , 200
, Convert 50 .
, Convert , . , Convert . .
( ).

.
, /CvtArea,
(master file table, MFT) MFT. ?
MFT
. - MFT
. MFT,
MFT.
, , MFT ( 12,5% ).
, MFT , , .
FSUtil. -,
MFT. NTFS,
- /CvtArea.
FSUtil - Temp.txt 1,5 :
fsutil file createnew c:\temp.txt 1500000000
- MFT
C NTFS, :
convert c: /fs:ntfs /cvtarea:temp.txt
12
389
, - . NTFS,
MFT.

Windows Server 2008 Ntldr Boot.ini.
Windows (Windows Boot Manager).
Windows MS-DOS, . Windows
Server 2008 , .
(Disk Management) DiskPart.
.
.

, , . ,

.
! , .
, NTFS. . , FAT
FAT32. ,
.
, :
, ,
(Shrink Volume). , .
2. (Shrink), . 12-8,
. :
() (Total Size Before Shrink In MB) .
.
() (Size Of Available Shrink
Space In MB) , .
390
III
Windows Server 2008
,
, , , .
, ,
, .
() (Amount of Space To Shrink
In MB) .
,
.
, , ,
10% .
() (Total Size After Shrink In
MB) .
.
. 12-8.
3. (Shrink), .

:
(Extend
Volume). , .
2. (Extend Volume Wizard)
(Next).
3. (Select Disks) , .
.
.
4. , .
:
, (Add),
(Selected).
12
391
(Selected)
() (Select
The Amount Of Space In MB)
, .
5. (Next),
(Finish).

Windows Server 2008
.
:
Transactional NTFS;
Self-Healing NTFS.
Transactional NTFS NTFS . , .
, .

.
, ,
, .
, , (Kernel Transaction Manager, KTM).

.
.
, .
NTFS- Check Disk. Windows, Windows Server 2008
Self-Healing NTFS,
.
, , .
Windows Server 2008
.
NTFS (Self-Healing NTFS) Check Disk, :
Check Disk .
, . , Self-Healing
392
III
Windows Server 2008
NTFS .
Self-Healing NTFS
, , .
Self-Healing NTFS ,
.
Self-Healing NTFS ,
, Chkdsk.exe,
,
(USN).
Verification, Waiting For Repair Completion Progress Status.
Self-Healing NTFS , , NTFS-.

, Self-Healing NTFS .
Self-Healing NTFS, .
Check Disk (Chkdsk.exe) ,
FAT, FAT32 NTFS. Check Disk
, , ,

.
Check Disk , .
Check Disk . ,
, , .
Check Disk
Check Disk ,
. ,
E:
chkdsk E:
E :
chkdsk /f E:
Check Disk ,
. , Check Disk . (Yes),
.
12
393
Check Disk:
chkdsk [[[]_]]] [/F] [/V] [/R] [/X] [/I] [/C] [/L[:]]
Check Disk:
FAT/FAT32:
/F
/V
FAT/FAT32:
. NTFS: (
)
/R

(
/F)
/L:
NTFS:
/X
(
/F).
/I
NTFS:
/C
NTFS:
Check Disk
Check Disk
Windows (Windows Explorer) (Disk Management). :
1. (Properties).
2. (Properties) (Tools)
(Check Now).
. 12-9. Check Disk
3. . 12-9, :
(Start),
.

. (Start).
394
III
Windows Server 2008

.
.
, , . Windows
Server 2008

(Disk Defragmenter). ,
.
, :
1. (Server Manager) (Storage) (Disc Management).
(Properties).
2. (Tools) (Defragment Now). (Disk Defragmenter) , ,
. , .
3. (Disk Defragmenter) (Defragment Now).
OK.
. (Cancel Defragmentation).

01.00. , .
:
1. (Server Manager) (Storage) (Disc Management).
(Properties).
2. (Tools) (Defragment Now).
(Disk Defragmenter), . 12-10.
12
395
. 12-10. (Disk Defragmenter)

3. (Run On A Schedule) OK. .

4. ,
(Run On A Schedule). .
5. , (Modify Schedule).
(Modify Schedule), . 12-11, OK. (How Often) (Daily), (Weekly)
(Monthly). (What Day) , . ,
(What Time) , .
. 12-11.
396
III
Windows Server 2008
6. , , (Select Volumes).
(Advanced Options) . .
.
(Disks To Defragment) ,
,
, .
OK.
2. OK, .
Windows Vista SP1 , Windows
Server 2008 . , .

NTFS Windows Server 2008 .
. ,
, . , , .
,
, . . ,
. .
. , Windows
Server 2008 , .
, :
1. Windows (Windows Explorer) (Disk Management) , , (Properties).
2. (Compress
Drive To Save Disk Space) OK.

, Windows Server 2008 . ,

:
12
397
1. Windows (Windows Explorer) , , (Properties).

(Advanced). (Advanced Attributes) (Compress Contents To Save
Disk Space), . 12-12. OK.
. 12-12. ,
(Compress Contents To Save Disk Space)
(Advanced Attributes)
Windows Server 2008

, . Windows Server 2008 , , .
. (Apply
Changes To This Folder, Subfolders, And Files) OK. , , .
,
. NTFS- . ,
.
, :
1. Windows (Windows Explorer) (Disk Management) , , (Properties).
398
III
Windows Server 2008
2. (Compress Drive
To Save Disk Space) OK.
Windows
. .
, , . , 150 , 70
.
, :
1. Windows (Windows Explorer) , , (Properties).
(Advanced). (Advanced Attributes) (Compress Contents To Save Disk
Space). OK.
Windows Server 2008 . , .
, .
(Apply Changes To This Folder, Subfolders, And Files)
OK.
Windows Server 2008 . Compact.exe, Expand.exe.

NTFS
.
(EFS).
,
. . , ,
,
.
, . NTFS .
, .
12
399

.
, , ,
. .
, .
.
, , , , , ,
( ). , , , , .
.
(EFS). EFS . ,
EFS .
.
, , ,
.

.
, .
,
16.
, ,
.
EFS , .
.
, . ,
. ,

FAT FAT32 (
).
400
III
Windows Server 2008
(recovery agent).
, . ,

.
Windows Server 2008 EFS. .
.
.
EFS :

Windows Server 2008. . ,

.

, . .
,
, .
, .
EFS . EFS
.

NTFS- Windows Server 2008 . , ,

. ,
. , ,
.
.

:
12
401
2. (Properties) (General)
(Advanced). (Encrypt Contents To Secure
Data). OK.
, , .
, .
.
Windows Server 2008 , . Windows Server 2008

, .
, . (Apply
Changes To This Folder, Subfolders, And Files) OK.
NTFS- , , .
FAT FAT32, .
, .

, ,
, , .
, NTFS- .
.
:

NTFS-
NTFS- . , FAT FAT32,
,
. FAT FAT32 .
- NTFS-
NTFS-, ,
, , .
.
402
III
Windows Server 2008
FAT FAT32, . FAT FAT32 .

, , , .
(Properties). (Properties)
(General) (Advanced). (Encrypt Contents To Secure Data)
.

. , .
, , :
1. ,
, , . 5.
2. (Computer Configuration),
Windows (Windows Settings), (Security Settings), (Public Key Policies),
(Encrypting File System) (Encrypted Data Recovery Agents).
3. , , , ,
, , .
4. ,
(Encrypting File
System)
(Add Data Recovery Agent). (Add Recovery Agent Wizard), , ,
. (Next).
5. (Select Recovery Agents)
(Browse Directory) , .
,
.
(Certificates)
EFS (EFS Recovery Agent). ,
.
12
403
6. , Delete. (Yes),
. ( , ),
EFS , .

, :
1. Windows (Windows Explorer) .
2. (Properties) (General)
(Advanced). (Encrypt Contents To Secure Data).
OK.
Windows Server 2008
. , Windows
Server 2008 .
, ,
(Apply Changes To This Folder, Subfolders, And Files) OK.
Cipher.exe, Windows Server 2008.
cipher , .
13

RAID
Microsoft
Windows Server 2008 . (RAID).
(volume set) . , ,
. , , (simple). ,
, (spanned).
RAID ,
RAID 0, 1 5. RAID
, .
RAID- , Windows 2000 .

Windows, . , Windows
, .

. , .
,
, . , ,
. . (RAID5) ,
, .
RAID
13
405

(Disk Management)
, . . 13-1 :
(Layout) , , , .
(Type) .
(File System) ,
: FAT, FAT32 NTFS.
(Status) . (Graphical View)
(Healthy), (Failed Redundancy) . .
(Capacity) .
. 13-1. (Disk Management)

,
. , Windows Server 2008 C Windows
Vista D.
( 12):
406
III
Windows Server 2008
;
;
(
);
, , , ;
;
, .

, .
.
:
, . .

32 .
, .
, . , .
.
(Graphical View) (Volume List)
(Disk Management). . 13-1
.
. 13-1.
(Data
Incomplete)

.
,

,
,

(Data
Not Redundant)

. ,

RAID-5
RAID
13
407
. 13-1. ()
(Failed)
,
.

(Reactivate Volume).
(Failed Redundancy)

.

RAID-5
,
. .
, ,

RAID-5
(Formatting)
(Healthy)
( )
(Healthy (At
Risk))
Windows
, .

(Reactivate Volume).
, ,

(
)
(Healthy
(Unknown
Partition))
. ,
,

(Initializing)
408
III
Windows Server 2008
. 13-1. ()
(Regenerating)
,

RAID-5

.

(Healthy)
(Resynching)

.

(Healthy)
(Stale
Data)

,
.
, ,

(Failed Redundancy)
(Unknown)
.
,

.

.

,

FAT, FAT32 NTFS.
, , ,
NTFS. . ,
.
. , .
, NTFS.
:
1. (Disk
Management)
(New Spanned Volume). (Next).
2. (Select Disks), .
13-2. , ,
.
RAID
13
409
3. (Available).
(Add), (Selected). , (Selected) (Remove).
! Windows, Windows Server 2008 ,
.
.
(Yes), ,
, .
. 13-2. (Select Disks) ,

4. (Selected)
() (Select The Amount Of Space In MB)
. (Maximum available space) .
(Total Volume Size)
. (Next).
,
, .
. , , . ,
.
5. , , (Next). :
410
III
Windows Server 2008
(Assign The Following Drive Letter) , ,

.
NTFS- (Mount In The Following
Empty NTFS Folder) ,
. NTFS-
(Browse), .
(Dont Assign A Drive
Letter Or Drive Path) ,
, .
.
6. , (. 13-3), :
(File System) .
NTFS.
.

.
. ,
, , 512 1024
.
.
(Volume Label) .
(Perform A Quick Format) Windows Server 2008 ,
.
,
. (Disk Management)
.
(Enable File And Folder Compression) .
NTFS-. NTFS
,
, .
,
. ,
12.
7. (Next) (Finish).
RAID
13
411
. 13-3.

, , , RAID-5. , .
, ,
. , , Windows Server 2008.
, :
(Delete
Volume). , .
2. (Yes), .

.
12.

RAID
.
RAID, .
. , RAID
.
412
III
Windows Server 2008
RAID, . RAID 0
5. RAID .
Windows Server 2008 RAID 0, 1 5. RAID 0
. RAID 1 RAID 5.
. 13-2 RAID. .
. 13-2. RAID, Windows Server 2008
RAID
RAID
,
,
. , (strip).

. . ,
. (
.)
,
. .

Windows Server 2008 RAID 1

() RAID 5 ( ). .
. .

, . ,
, .
RAID
13
413
,
, ,

.
.
, ,
. 50%. , 300 ( 600 )
300 . , 33%. , RAID-5
300 ( 900 ) (
) 600 .
RAID Windows Server 2008

.
RAID.
! , , MS-DOS, RAID.

RAID- .
RAID 0:
RAID 0 ,
( )
. , (stripe). . 32 ,
,
25 . .
. , . ,
. ,
. ,
. .
16.
414
III
Windows Server 2008
!
. .

. (Disk Management) .
, . ,
50 , 150 .

:
. .
, , . .
, :
1. (Disk
Management) . (New
Striped Volume). (New
Striped Volume Wizard). (Next).
2. ,
. , , , .
3. , , . . .
RAID 1:
RAID 1
. .
.
.
, .
,
.
,
,
.
,
. ,
RAID
13
415
500 ,
. , 500 1000 .
, . .
, ,
.
.
. , ,
(disk duplexing). . 13-4
. , . .
, . . ,
. RAID .
C
. 13-4. ,

, :
1. (Disk
Management) . (New
Mirrored Volume). (New Mirrored Vol-
416
III
Windows Server 2008
ume Wizard). (Next).

2. ,
. ,

. ,
(Selected) , .
3. RAID,
. , , , .
(Healthy). (Resynching). (Disk Management).
,
. , , ,
, .

1. ,
, (Add Mirror). (Add Mirror).
(Disks), . 13-5,
(Add Mirror).
(Disk Management)
(Resynching). , , .
. 13-5.
RAID
13
417
RAID 5:
RAID 5 .
, , . (Disk
Management) ,
.
, RAID 5 RAID 1, , . , .
RAID 5, .
.
RAID .
.
.

1. (Disk
Management) . RAID-5 (New RAID-5
Volume). RAID-5 (New RAID-5 Volume Wizard). (Next).
2. ,
. ,
.
RAID-5, ,
. ,
. .
RAID

, ,
. RAID .

, :
418
III
Windows Server 2008
. . - .
, .
, .
.
, .
, - .

1.
(Break Mirrored Volume).
2. , (Yes). ,
. , (Yes).
3. Windows Server 2008 ,
.

Windows Server 2008
. ,
. , .
, MBR GPT.
.
(Failed Redundancy).
:
(Missing) (Offline), . (Disk Management),
(Reactivate Volume). (Regenerating), (Healthy).
(Healthy),
(Resynchronize Mirror).
() (Online (Errors)),

RAID
13
419
(Reactivate Volume). (Regenerating), (Healthy). (Healthy),

(Resynchronize Mirror).
(Unreadable),
. (Action) (Disk Management) (Rescan Disks). , .
, (Remove
Mirror). (Add Mirror). . ,
.

.
, , ,
. Windows . Windows Server 2008,
,
.
(Boot Manager),
.
. , ,
. ,
BCD Editor (bcdedit.exe).
, (Boot Mirror Secondary Plex) ,
. .
, ,
.
:
1. . .
2.
. , 0.
420
III
Windows Server 2008
, ,
(Add Mirror).
.
3. ,
, (Disk Management). ,
,
. .
4.
(Add Mirror). .
5. Boot.ini ,
. Boot.ini.

(Disk Management)
. , .
, :

(Remove Mirror). .
2. , .
3. . .

. , , .
,
.
.

RAID 5 .

(Failed Redundancy).
(Missing), (Offline)
() (Online (Errors)).
RAID
13
421
RAID 5
MBR GPT. RAID-5
. (Failed Redundancy).
:
(Missing) (Offline), . (Disk Management),
(Reactivate Volume). (Regenerating), (Healthy). (Healthy),
(Regenerate Parity).
() (Online (Errors)),

(Reactivate Volume). (Regenerating), (Healthy).
(Healthy), (Regenerate Parity).
(Unreadable),
. (Action) (Disk Management) (Rescan Disks). , .
,
RIAD 5. (Remove Volume). RAID 5 . , ,
, RAID 5. ,
(Repair Volume) , , .
. , -
.
LUN
(LUN) (SAN). LUN ,
, .
422
III
Windows Server 2008
, LUN .
, LUN :
.
.
.
LUN ,
. , LUN, LUN.
LUN,
LUN . , LUN
.
LUN, .
, , , .
. 13-6. Fibre Channel iSCSI SANs

SAN (Storage Manager For SANs)
Windows Server 2008

SAN (Storage Manager For SANs), . 13-6.
SAN Fibre Channel Internet Small
Computer System Interface (iSCSI), (VDS)
VDS. ,
SAN (Storage Manager For SANs) (Add Features Wizard).
,
(Administrative Tools) (Storage)
(Server Manager) SAN (Storage Manager For SANs).
RAID
13
423
SAN Fibre Channel

Fibre Channel , SAN, LUN (host bus adapter, HBA).
, LUN, , HBA- LUN. ,
SAN (Storage Manager For SANs) HBA- Fibre Channel.
, WWN-.
Fibre
Channel, :
1. SAN (Storage Manager For
SANs) LUN (LUN Management).
(Action)
(Manage Server Connections).
2. (Manage Server Connections) (Add).
3. (Add Server)
IP- .
.
4. .
5. OK. .
(Fibre Channel Ports).
, :
(Action)
2. . (Fibre Channel Ports) (Add)
WWN- .
3. .
4. OK.
Fibre Channel LUN, :
(Action)
424
III
Windows Server 2008
2. . (Fibre Channel Ports) , .

3. OK.
, , -. - .
SAN iSCSI
iSCSI LUN, iSCSI, . ,
(target).
iSCSI , . IP-,
iSCSI, , iSCSI-
, .
,
. iSCSI , LUN.
, LUN.
, SAN iSCSI, LUN
iSCSI. , LUN, SAN (Storage
Manager For SANs) iSCSI,
, , . ,
LUN.
iSCSI,
:
(Action)
2. (Manage Server Connections) (Add).
3. (Add Server) IP . .
4. .
RAID
13
425
5. OK. .
- (Initiator Adapters).
iSCSI LUN, :
(Action)
2. . - (Initiator Adapters) , .
, , -.
- .
3. OK.

iSCSI,
iSCSI (Manage iSCSI Targets). SAN (Storage Manager For SANs) LUN (LUN Management).
(Action) iSCSI (Manage iSCSI Targets). ,
, :
(Add), iSCSI.
(Add Target)
, IP-, , OK.
iSCSI
(Remove), .
(Remove Target) , OK.
, , LUN
SAN,
(Manage Server
Connections). SAN (Storage
Manager For SANs) LUN (LUN Management).
(Action)
:
LUN (Create LUN), LUN (Create LUN Wizard). -
426
III
Windows Server 2008
, LUN, ,
LUN. LUN ,
, LUN.
LUN (Create LUN),
LUN.
(Action) LUN
(Extend LUN). LUN.
(Action) LUN
(Assign LUN), LUN (Assign LUN
Wizard). , , LUN. LUN (Assign
LUN) .
(Action) LUN
(Delete LUN). LUN,
OK.

SAN (Storage Manager For SANs)
LUN , .
SAN
(Storage Manager For SANs). , . . ,
LUN , LUN .

SAN (Storage Manager For SANs), :
(Action)
2. (Manage Server Connections) (Manage Clusters).
3. (Manage Clusters)
(Add).
4. , .
5. , .
6. OK, . OK.
, (Manage Server Connections). LUN,
.
14
Windows Server 2008

. ,
NTFS, , . ,
(File Server Resource Manager), (File Services).

(file screening) .
,
15.
.
:
.

,
() .

.
, , .
.
, .
Windows Server 2008
. 14-1. (File Server Resource
Manager) .
, , .
428
III
Windows Server 2008
. 14-1.

(Block Executable Files)

(Block Audio And Video Files)

(Block Image Files)

(Block E-Mail Files)

(Monitor
Executable And System Files)
:
( );
, ;
( ,
, , , ).
. 14-2 , . (File
Server Resource Manager)
.
. 14-2.

.aac, .aif, .aifft, .asf, .asx, .au, .avi, .flac, .m3u, .mid, .midi, .mov,
.mp1, .mp2, .mp3, .mp4, .mpa, .mpe, .mpeg, .mpeg2, .mpeg3, .mpg,
.ogg, .qt, .qtw, .ram, .rm, .rmi, .rmvb, .snd, .swf, .vob, .wav, .wax,
.wma, .wmv, .wvx
.temp, .tmp, ~*
.bat, .cmd, .com, .cpl, .exe, .inf, .js, .jse, .msh, .msi, .msp, .ocx, .pif,
.pl, .scr, .vb, .vbs, .wsf, .wsh
.bak, .bck, .bkf, .old
.ace, .arc, .arj, .bhx, .bz2, .cab, .gz, .gzip, .hpk, .hqx, .jar, .lha, .lzh,
.lzx, .pak, .pit, .rar, .sea, .sit, .sqz, .tgz, .uu, .uue, .z, .zip, .zoo
.acm, .dll, .ocx, .sys, .vxd
.asc, .text, .txt
Office
.doc, .dot, .mad, .maf, .mda, .mdb, .mdm, .mdt, .mdw, .mdz, .mpd,
.mpp, .mpt, .pot, .ppa, .pps, .ppt, .pwz, .rqy, .rtf, .rwz, .slk, .vdx,
.vsd, .vsl, .vss, .vst, .vsu, .vsw, .vsx, .vtx,.wbk, .wri, .xla, .xlb, .xlc,
.xld, .xlk, .xll, .xlm, .xls, .xlt, .xlv, .xlw
14
429
. 14-2. ()

.asp, .aspx, .cgi, .css, .dhtml, .hta, .htm, .html, .mht, .php, .php3,
.shtml, .url
.bmp, .dib, .eps, .gif, .img, .jfif, .jpe, .jpeg, .jpg, .pcx, .png, .ps, .psd,
.raw, .rif, .spiff, .tif, .tiff
.eml, .idx, .mbox, .mbx, .msg, .ost, .otf, .pab, .pst

. . ,
.
- . ,
, - ,
, ,
.
. . 14-3
. ,
:

.

, .
. 14-3.

(File Screening
Audit)
. , .
,

(Large Files)
. ,
.
, .

5 .

430
III
Windows Server 2008
. 14-3. ()

(Least Recently
Accessed Files)
,
. ,
. ,
.

,
90 .

(Quota Usage)
,
.
. ,
,

(Most Recently
Accessed Files)
, . . ,
. ,
.

(Files By Owner)
. , .
,
,

(Files By File Group)
. ,
.
,

-
(Duplicate Files)
,
.

-

. (Administrative Tools)

(File Server Resource Manager)
(File Services). (File Server Resource Manager),
(. 14-1):
14
431
(Quota Management) Windows Server 2008 ( 15).

(File Screening Management) .
(Storage Reports Management) Windows Server 2008.
. 14-1. (File Server Resource Manager)

,

:
, , .
, .
:
( ), , , ( , ,
).
, .
,
.
.
.

, , .
, .
432
III
Windows Server 2008
SMTP-.
, , SMTP- , - ,
. , :
1. (File Server
Resource Manager). (Action)
(Configure Options).
(File Server Resource Manager Options).
(Email Notifications), . 14-2.
. 14-2.
(Email Notifications)
2. IP- SMTP- (SMTP Server Name Or IP

Address) FQDN- , ,
mail.cpandl.com, IP- , , 192.168.10.52.
3. - (Default Administrator Recipients)
, , filescreens@cpandl.com.
,
, . -
14
433
.
.
4. (Default From
E-Mail Address) , . , , .
5. ,
(Send Test E-Mail).
. ,
, SMTP-.
6. OK.

(File Server Resource

Manager)
:
, , ,
.
.
Local Service, Network
Service (Local System).

.
, ,
.
, ,
.
, :
1. (File Server
2.
(File Server Resource Manager Options)
(Notification Limits).
3. :
(Email Notification) .
(Event Log Notification)
, .
434
III
Windows Server 2008
(Command Notification)
.
(Report Notification) .
4. OK.

,
(File Server Resource Manager Options). ,
, , .
, .
,
:
1. (File Server
2.
(File Server Resource Manager Options)
(Storage Reports).
3. ,
(Reports) (Review Reports).
4. , (Reports) (Edit
Parameters).
5. , (Close) OK.

,
%SystemDrive%\StorageReports. ,
:
1. (File Server
2.
(File Server Resource Manager Options) (Report Locations).
3.
(Report Locations).
14
435
,
(Browse), .
4. OK.
.
.
, , ,
(File Screen Auditing Report).
.
, :
1. (File Server
2. (File Server Resource Manager Options)
(File Screen Audit).
3. , (Record File Screening Activity In
Auditing Database). , .
4. OK.

,
.
(File Server Resource Manager) .
(File Screening Management),
(File Groups).
. 14-2.
,
:
1. (File Server
Resource Manager).
(File Groups). ,
.
2. , .
, . 14-3.
436
III
Windows Server 2008
3. (Files To Include) , , ,
.pdf. , , Archive*.*. (Add). ,
.
4. (Files To Exclude) , , , .doc.
, , Report*.*. (Add). , , .
5. OK.
. 14-3.
, :
1. (File Server
Resource Manager).
(File Groups).
2. (Action)
(Create File Group).
(Create File Group Properties).
3. (File Group Name)
.
4. (Files To Include) , , ,
14
437
.pdf. , , Archive*.*. (Add). ,

.
5. (Files To Exclude) , , , .doc.
, , Report*.*. (Add). , , .
6. OK.

, , , ,
, . (File Server
Resource Manager), (File Server Resource Manager)
(File Screen Templates).
. 14-1.
, :
1. (File Server
Resource Manager).
(File Screening Management), (File Screen Templates). ,
, .
2. ,
. , . 14-4.
3. (Settings) ,
, .
4. (E-mail Message)
:
, (Send E-Mail To The Following Administrators)
. . [Admin Email]
, .
438
III
Windows Server 2008
,
, (Send E-Mail To The User Who Attempted To Save An
Unauthorized File). (Subject)
(Message Body) .
. 14-4 .
. 14-4. , , ,

5. (Event Log)
. (Send Warning To Event Log), .
(Log Entry)
. . 14-4.
6. (Report) (Generate
Reports), .
. %SystemDrive%\StorageReports\Incident.
, , . [Admin
Email] , .
7. OK.
14
439
. 14-4.

[Admin Email]
[File Screen Path]
,
, , C:\Data
[File Screen Remote

Path]
,
, , \\server\share
[File Screen System Path]
,
, , \\?\VolumeGUID
[Server Domain]
[Server]
[Source File Owner

Email]
[Source File Owner]
[Source File Path]
[Source Io Owner Email]
[Source Io Owner]
[Source Process Id]
(PID),

[Source Process Image]
[Violated File Group]
, :
1. (File Server
Resource Manager).
(File Screening Management), (File Screen Templates).
2. (Action)
(Create File Screen Template). (Create File Screen Template).
3. 48 .
440
III
Windows Server 2008

, . (File
Server Resource Manager)
.
(File Server Resource Manager) (File Screening Management),
(File Screens). ,
, .
.
, , :
1. (File Server
Resource Manager).
(File Screening Management), (File Screens).
2. (Action)
(Create File Screen).
3. (Create File
Screen) (Browse)
(Browse For Shared Folder).
4. (Derive Properties) ,
.
5. (Create).

, . NTFS,

.
, :
1. (File Server
Resource Manager).
(File Screening Management), (File Screens).
2. (Action) (Create File
Screen Exception).
14
441
3. (Create File Screen Exception) (Browse)

(Browse For Folder).
4. , .
5. OK.

, (Report) .
.
(File Server Resource Manager) .
(Storage Reports Management).
,
:
1. (File Server
Resource Manager).
(File Server Resource Manager) (Storage Reports Management).
. 14-5.
442
III
Windows Server 2008
2. (Action)
(Schedule A New Report Task). (Storage
Reports Task Properties), . 14-5.
3. (Settings), (Scope)
(Add). (Browse For Folder)
,
. , .
4. (Report Data) .
5. (Report Formats) ,
, DHTML.
6. Windows Server 2008 %SystemDrive%\StorageReports\
Scheduled.
, (Delivery) (Send
Reports To The Following Administrators).
, ,
.
7. (Schedule) (Create Schedule). (Schedule) (New) .
8. OK.
:
1. (File Server
Resource Manager).
(File Server Resource Manager) (Storage Reports Management).
2. (Action)
(Generate Reports Now).
(Storage Reports Task Properties).
3. (Settings), (Scope)
(Add). (Browse For Folder)
,
. , .
4. (Report Data) .
5. (Report Formats) ,
, DHTML.
6. Windows Server 2008 %SystemDrive%\StorageReports\Interactive. -
14
443
, (Delivery)
(Send Reports To The Following
Administrators). ,
, .
7. OK. ,
, .
OK.
15
Microsoft Windows Server 2008 :

(Public).
, , , .
, .
.
,
exFAT, FAT FAT32, NTFS. exFAT, FAT FAT32 : . ,
NTFS, : NTFS . ,
, .
, .
(Public). (Public).
(Public) , , ( ). , (Public) .
:
,
.

, , . , Windows 2008, :
15
445
, .
,
.
NTFS. .
(Public) ,
,
, %%\Users\Public.
,
, ,
(Public). (Public) (Public), .
, (Public) .
,
(Public) .

.

. (Public)
,
. (Public) .
, (Public)
, .

. Windows (Windows Explorer),
(Start) (Computer). (Public).
,
, %%\Users\Public.
(Public) ,
:
(Public Desktop)
. , (Public Desktop),
, , ,
(Public) .
(Public Documents), (Public Music),
(Public Pictures), (Public Videos)
446
III
Windows Server 2008
-. , , ,
, ,
(Public) .
(Public Downloads) . , (Public Downloads), ,
, , (Public) .
(Public) , .
(Public)
(Public), .
(Public):

, , .
, (Everyone) (Read & Execute) (Read) ,
(Read & Execute), (List Folder Contents)
(Read) .
, ,
, , .
(Everyone) (Full Control) .
, (Public).
,
, ,
. , .
(Network And Sharing
Center) . , . (On) (Off), . 15-1.
15
447
. 15-1.
(Network And Sharing Center)
,
:
1. (Network And
Sharing Center), (Start) (Network), (Network)
(Network And Sharing Center).
2. (File Sharing) . , ,
(File Sharing). ,
(Apply):
(Turn
On File Sharing), .
(Turn
Off File Sharing), .
3. (Public), , (Public Folder Sharing). , (Apply):
448
III
Windows Server 2008
, (Turn On Sharing So Anyone With Network Access Can

Open Files) (Public)
,
. Windows
.
, , (Turn On Sharing So Anyone
With Network Access Can Open, Change, And Create Files)
(Public), ,
, .
Windows .
(Turn Off Sharing)
(Public), .
, , -
(Public) .
4. (Printer Sharing)
. .
, (Apply):

(Turn On Printer Sharing), .

(Turn Off Printer Sharing), .
5. ,
, . ,
, ,
(Password Protected
Sharing). ,
(Apply):

(Select Turn On Password Protected Sharing), .

(Select Turn Off Password Protected Sharing), .

.
, , .
15
449

(Share And Storage Management). , , net share.

(Computer Management), :
1. . , (Computer Management)
(Connect To Another Computer).
(Another Computer),
IP- , ,
OK.
2. (System Tools) (Shared Folders), (Shares).
(. 15-2).
. 15-2. (Shared Folders)
(Shares) :
(Share Name) .
(Folder Path)
.
(Type) , ,
, Macintosh Windows.
(# Client Connections)
, .
(Description) .
450
III
Windows Server 2008
Windows (Type) ,
, Windows Macintosh. Macintosh (Type) ,
Macintosh.
(Share And Storage Management), :

1. . ,
(Share And Storage
Management) (Connect To Another Computer).
(Another Computer), IP- , , OK.
. 15-3. (Shares),

2. (Shares) (. 15-3).
:
(Share Name) .
(Protocol) ,
(SMB NFS).
(Local Path)
.
(Quota) , .
15
451
(File Screening) , .
(Shadow Copies)
, .
(Free Space) ()
, .
,
.
NFS UNIX. NFS
, NFS
NFS (Services for Network File System). SMB Windows.
Windows Vista Windows Server 2008 SMB version 2,
. Windows Vista SP1 , Windows
Server 2008, SMB Helper Class, Network Diagnostics
Framework (NDF). ,
.
, , ()
, ()
, ()
,
.

Windows Server 2008
Windows (Windows
Explorer), (Computer Management)
(Share And
Storage Management).
(Computer
Management),
.
(Share And Storage Management),
: NTFS,
, , . ,
, , NFS
DFS.
Windows Server
2008, (Administrators)
(Server Operators).
(Computer Management),
:
452
III
Windows Server 2008
1. . (System Tools), (Shared Folders), (Shares).

.
2. (Shares) (New Share). (Create A Shared Folder Wizard).
(Next).
3. (Folder Path) , . , , C:\Data\CorpDocuments. ,
(Browse),
(Browse For Folder). OK (Next).
, . (Yes).
4. (Share Name) , . 15-4. , .

.
. 15-4.
(Create A Shared Folder Wizard)
, Windows (Windows Explorer)
, $. ,
PrivEngData$, Windows
(Windows Explorer), Net View .
,
. ,
$ .
15
453
5. (Description). , ,
6. .
, , , (Change)

(Offline Settings).
. 15-5.
(Permissions)
7. (Next) . .
(. 15-5):
(All Users Have
Read-Only Access) . ,
.
,
(Administrators Have Full Access; Other Users Have ReadOnly Access)
. ,
. NTFS
.
,
, .
454
III
Windows Server 2008
, (Administrators Have Full Access; Other Users Have No Access)

.
(Customize Permissions) ,
.
,
.
8. (Finish). (Sharing Was Successful).
(Finish).
Windows (Windows Explorer), .
,
Active Directory. .
Active Directory, (Computer Management) (Properties).
(Publish) Active Directory (Publish This Share In Active Directory)
. OK.

. ,
, , :
4, , ,
.
5, , ,
.

.
(Read)
.
(Full Control).
15
455
NTFS , ,
. FAT .

:
(No Access)
.
(Read) :
;
;
;
.
(Change)
(Read), :
;
;
;
.
(Full Control)
(Read) (Change),
( NTFS-):
;
.
, ,
.
9.

,
:
1. (Computer Management) , .
2. (System Tools) (Shared Folders), (Shares).
4. (Share Permissions), . 15-6.
456
III
Windows Server 2008
, ,
.
. 15-6. (Share Permissions)

,

,
(Computer Management), :
1. , ,
(Properties).
2. (Share Permissions).
3. (Add). : , (Select Users, Computers, Or
Groups), . 15-7.
,
(Check Names).
, .
,
.
(Locations), .
15
457
,
OK. ,
,
.
. 15-7. ,
(Locations)
. , .
4. OK. (Group Or User Names).

5. ,
.
. ,
.
6. , OK. , NTFS,
.

, , , (Computer Management), :
1. , ,
(Properties).
, , .
4.
(Permissions).
458
III
Windows Server 2008
5. , .
, OK.

, , , :
1. , ,
(Properties).
, (Remove).
4.
. , OK.

Windows Server 2008 (administrative shares) (hidden shares),
. , Windows Server 2008. (
, $ .)
, ,
. . , :
HKLM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters\
AutoShareServer
HKLM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters\AutoShareWks
.
. 15-1 .
15
459
ADMIN$
,
.
(%SystemRoot%)
FAX$
IPC$

(IPC)
NETLOGON
Net
Logon
Net Logon

. (Everyone)
(Read)
PRINT$
. (Everyone)
(Read). ,
(Full
Control)
PUBLIC

(Public)
SYSVOL
Active
Directory
Active Directory
,

.
C$, D$, E$ . .

$.
Windows (Windows Explorer), , ,
. :
1. (Start) (Computer). (Computer)
(Map Network Drive). , . 15-8.
460
III
Windows Server 2008
2. (Drive) . .
3. (Folder) UNC- . , C$ Twiddle \\TWIDDLE\C$.
4. (Finish).
. 15-8.
,
, . , ,
. , ,
.

(Computer Management) Windows Server 2008.
Windows
Server 2008 , (Sessions).

net session :
2. (System Tools) (Shared Folders), (Sessions). . (Sessions) :
15
461
(User) , . $, .
(Computer) .
(Type) .
(# Open Files) , .
(Open Files).
(Connected Time) ,
.
(Idle Time) ,
.
(Guest) , .

. , , . ,
,
, .
.

,
net session \\ /delete
:
2. (System Tools) (Shared Folders), (Sessions).
3. ,
(Close Session).
4. (Yes).

, :
462
III
Windows Server 2008
2. (System Tools) (Shared Folders),

(Sessions).
3. (Disconnect All Sessions)
(Yes), .
, ,
. , .

, ,
, ,
(Open Files). , (Open Files) , , .
(Open Files), :
2. (System Tools) (Shared Folders), (Open Files). , :
(Open File)
. , ,
\PIPE\spools, .
(Accessed By) , .
(Type) .
. (# Locks) .
(Open Mode) , ,
, /.

,
:
1. (Computer Management) .
2. (System Tools) (Shared Folders), (Open Files).
3. , ,
(Close Open File).
4. (Yes).
15
463
, :
1. (Computer Management) .
2. (System Tools) (Shared Folders), (Open Files).
3. (Disconnect All
Open Files) (Yes), .

, :
1. (Computer Management) , ,
(Shares).
2. , ,
(Stop Sharing). (Yes).
! ,
. ,
(System) .
NFS
12
NFS (Services for Network File System).
Windows/UNIX,
Windows Server 2008 UNIX NFS.
Windows (Windows Explorer)
NFS , NTFS. , NTFS- NFS
(Share And Storage Management).
NFS Windows
(Windows Explorer), :
1. , ,
(Properties).
.
464
III
Windows Server 2008
2. NFS (NFS Sharing)

NFS (Manage NFS Sharing).
3. NFS
(NFS Advanced Sharing)
(Share This Folder), . 15-9.
. 15-9. NFS
Windows UNIX
4. (Share Name) ,
, , UNIX.
NFS
, ,
.
5. ,
, ANSI. UNIX , (Encoding).
6. NFS,
(Allow Anonymous
Access),
.
7. UNIX
NFS.
, (Permissions),
NFS (NFS Share Permissions) , OK.
, ,
.
8. OK,
.
15
465
NFS Windows (Windows

Explorer), :
1. , ,
(Properties).
.
2. NFS (NFS Sharing)
NFS (Manage NFS Sharing).
3. NFS
(NFS Advanced Sharing)
(Share This Folder).
(Share And
Storage Management) NFS NFS.
NFS (Shares) (Properties).
(Encoding) NFS (NFS Sharing).
NFS,
NFS (NFS Permissions) (Permissions).
NFS,
NFS (Shares)
(Stop Sharing). (Yes), .

, ,
.
, , .

(Previous Versions) . Windows Server
2008 , (
) .

NTFS-. , NTFS. ,
NTFS, .
.
466
III
Windows Server 2008
,
( ),
7:00 24:00. 100 .
,
. , , .
, (Shadow
Copies). , ,
Windows (Windows Explorer) (Computer Management). (Properties)
(Shadow Copies).
(Select A Volume) :
(Volume) NTFS- .
(Next Run Time) (Disabled) .
(Shares) .
(Used) , .

(Shadow Copies Of Selected Volume), .

NTFS-, :
1. (Computer Management).
.
2. (Storage)
(Disk Management). .
3. (Disk Management), (All Tasks)
(Configure Shadow Copies).
4. (Shadow Copies)
(Select A Volume) , .
5. (Settings),
. , OK.
6. , ,
(Enable). (Yes), .
15
467
, ,
.
, ,
OK, (Settings).

(Previous Versions) .
, :
1. , . (Properties)
(Previous Versions).
2. . . , ,
:
(Open) Windows
(Windows Explorer).
(Copy)
(Copy Items),
.
(Restore)
.

. , , ,
, .
,
:
.
2. (Storage).
(Disk
Management), (All Tasks) (Configure Shadow Copies).
3. (Shadow Copies)
468
III
Windows Server 2008
4. (Shadow Copies Of Selected Volume). , , (Revert).

5. ,
(Check Here If You Want To Revert This Volume),
(Revert Now). OK.

, , .
. .
, :
.
2. (Storage).
(Disk Management), (All Tasks)
(Configure Shadow Copies).
3. (Shadow Copies)
(Shadow Copies
Of Selected Volume) , ,
(Delete Now).

, . , .
, :
.
2. (Storage).
(Disk
Management), (All Tasks) (Configure Shadow Copies).
3. (Shadow Copies)
(Select A Volume) , ,
(Disable).
4. (Yes), . OK.
15
469

. ,
.

,
.

Windows Server 2008
NET USE:
net use \\\
*, , \\\ UNC-
, :
net use g: \\ROMEO\DOCS
net use * \\ROMEO\DOCS

, /Persistent:Yes.
Windows Vista,
:
1.
Windows (Windows Explorer).
2. (Tools)
(Map Network Drive). .
3. (Drive) .
4. (Folder) UNC- .
, DOCS ROMEO,
\\ROMEO\DOCS. , (Browse). , OK,
(Browse For Folder).
5. , ,
(Reconnect At Logon). , .
6. ,
(Different User Name)
470
III
Windows Server 2008
. OK,
(Connect As).
7. (Finish), .

:
1.
2. (Tools) (Disconnect Network Drive). (Disconnect Network Drive).
3. , , OK.
,
Windows Server 2008 - . , , NTFS- Active Directory. NTFS
. Active Directory
, ,
, .
.

NTFS- Active Directory,
. . ,
. 15-2.

NTFS
Windows (Windows Explorer)
Server
Windows (Windows Explorer),

Windows
(Registry Editor)

(Security Configuration Tool Set)
(Printers)
15
471

. , . , .
. , , . , ,
. , .
.
(Administrators),
, .
:

(Administrators), ,
- .

(Take Ownership),
.
,
.
, :
1. . , Windows (Windows Explorer).
2. , .
3. (Properties). (Security).
4. (Advanced Security Settings), (Advanced).
5. (Owner) (Edit),
(Owner), . 15-10.
6. (Change Owner To)
OK.
,
, ,
(Replace Owner On Subcontainers And Objects).
, :
.
472
III
Windows Server 2008
. 15-10. (Owner)

.
. . , C:\
C:\Data C:\Backups. ,
C:\Data C:\Backups, , C:\.
.
. , . .
, :
1. .
2. , .
3. , . , , .

, :
1. . , Windows (Windows Explorer).
2. , .
15
473
4. (Advanced), (Advanced Security
Settings).
5. (Permissions) (Edit),
(Permissions).
6. ,
(Include Inheritable Permissions From This
Objects Parent). OK.

NTFS ,
. , :
1. Windows (Windows Explorer)
.
3. , , . , .

. 15-3.
(Full Control),
(Modify), (Read & Execute), (Read)
(Write). (Full Control),
(Modify), (Read & Execute), (List Folder Contents), (Read) (Write).
(Read)
(Write)

(Read & Execute)

,
;

474
III
Windows Server 2008
. 15-3. ()

(List Folder
Contents)

,
;

(Modify)
(Full
Control)
, ,

,
,

, :
(Read). .

(Read).
, .
, .
. . 15-4 ,
.
,
. , :
, , , .
, , , ,
. , GeorgeJ (Read) Techies, (Modify), GeorgeJ
(Modify). Techies, ,
(Administrators), (Full Control), GeorgeJ .
15
475
. 15-4.

(Full
Control)
(Modify)

(Read
& Execute)
/

(Traverse Folder /
Execute File)
/

(List Folder / Read
Data)

(Read Attributes)

(Read Extended
Attributes)

/
(Create Files/Write
Data)

/
(Create Folders/
Append Data)

(Write Attributes)

(Write Extended
Attributes)

(Delete
Subfolders and Files)
(Delete)

(Read Permissions)

(Change Permissions)

(Take Ownership)
(Read)
(Write)
476
III
Windows Server 2008
. 15-5 , .
:
,
, (Reset Permissions On All Child Objects And Enable Propagation Of
Inheritable Permissions).
.
.
. 15-5.

(Read)
(Write)
(Full
Control)
(Modify)

(Read &
Execute)

(List Folder
Contents)
/
(Traverse Folder/Execute File)
/ (List Folder
/Read Data)

(Read Attributes)
(Read Extended
Attributes)

/
(Create Files/
Write Data)

/
(Create Folders
/Append Data)

(Write Attributes)
15
477
. 15-5. ()

(Full
Control)
(Modify)
(Write Extended
Attributes)

(Delete
Subfolders And
Files)
(Delete)
(Read
Permissions)
(Change
Permissions)

(Take Ownership)

(Read &
Execute)

(List Folder
Contents)
(Read)
(Write)

, :
.
2. (Properties).
(Security).
3. (Edit), (Security), . 15-11.
4. , ,
(Group Or User Names).
:
, .
478
III
Windows Server 2008
(Permissions)
.
.
, .
. 15-11.
(Security)
5. , , (Add).
: , (Select Users,
Computers, Or Groups), . 15-12.
. 15-12. , ,

6. ,
(Check Names).
, .
15
479
,
. (Locations), .
,
OK. ,
,
.
(Locations)
. , .
7. , ,
. (Permissions), . , .
8. , OK.

, Windows Server
2008, , , , ,
. ,
, ,
.
(Event Viewer).
, ,
, (Administrators), , (Manage Auditing And Security Log).

. - . ,
Active Directory.
, . .
GPO, , :
480
III
Windows Server 2008
1. (Computer Configuration),
Windows (Windows Settings), (Security Settings) (Local Policies). (Audit Policy), . 15-13.
. 15-13.
2. :
(Audit Logon Events)
, ,
.
(Audit Object Access)
, , ,
Active Directory.
(Audit Directory Service Access)
Active Directory.
.
(Audit Policy Change)
, .
(Audit Privilege Use)
,
.
(Audit Privilege Use)
, , ,
.
.
(Audit Process Tracking) .

(Audit System Events)
, , ,
.
15
481
(Audit Account Logon Events) ,

.
(Audit Account Management)
, ,
.
3. ,
(Properties).
.
4. (Define These Policy Settings), (Success),
(Failure) .
, , .
, , .
5. , OK.
(Security Event)
:
560 562, ;
592 593, .

(Audit Object Access), , .
.
NTFS-.
, :
, .
(Properties).
2. (Security) (Advanced).
(Advanced Security Settings).
3. (Auditing) (Edit).

, . 15-14.
482
III
Windows Server 2008
. 15-14. (Auditing)
4. , , , (Include Inheritable Auditing Entries

From This Objects Parent).
5. ,
,
,
(Replace all existing inheritable auditing entries on all descendants with inheritable auditing entries from this object).
6. (Auditing Entries) ,
, .
, (Auditing Entries) (Remove).
7. , (Add)
: , (Select User, Computer, Or Group) . OK,
(Auditing Entry For), . 15-15.
15
483
. 15-15. ,
, (Everyone).
( ), .
8. (Apply Onto).
9. (Successful) (Failed)
( ) , . ,
, . ,
, . , ,
, . 15-5,
. :
(Write Attributes) ;
(Write Extended Attributes)
;
(Delete Subfolders and Files) ;
(Delete) ;
(Change Permissions) .
10. , OK.
, .
484
III
Windows Server 2008

(Audit Object Access), .
, .
, :
1. regedit.
2. , .
(Edit) (Permissions).
3. (Permissions For)
(Advanced). (Advanced Security Settings)
(Auditing).
4. (Add). : ,
(Select User, Computer, Or Group)
(Everyone), (Check Names) OK.
5. (Auditing Entry For)
, . :
(Set Value) ;
(Create Subkey) ;
(Delete) .
6. OK.
7. OK,
.
Active Directory
(Audit Object Access), Active Directory.
.
Active Directory,
:
Directory Users And Computers) (View)
(Advanced Features), , .
2. , ,
(Properties).
3. (Security) (Advanced).
4. (Advanced Security Settings) (Auditing).
5.
6.
7.
8.
9.
15
485
,
, , (Include Inheritable Auditing Entries
From This Objects Parent).
(Auditing Entries) ,
, .
, (Auditing Entries) (Remove).
, (Add)
: , (Select User, Computer, Or Group) . OK,
(Auditing Entry For).
(Apply Onto).
(Successful) (Failed)
( ) , . ,
, . , ,
.
, OK.
, .
NTFS
NTFS Windows
Server 2008 . . ,
.
Windows Server 2008
. , , .

, ,
.
NTFS.
NTFS. FAT FAT32.
486
III
Windows Server 2008
NTFS
NTFS, , , ,
.
NTFS :
(disk quota limit) ,
, .
(disk quota warning)
.
. ,
. ,
, .
.
NTFS ,
.
, .
. , , ,
20 100 .
, , 5 25 , .
. ,
9095% .
NTFS
. , , .
. , , 1, ,
. , , . .
,
. , -
15
487
( ).
NTFS :

, .
Windows , Windows. .
.
,
. , .
, , , .
.
. :

.
,
.
. , ,
, .
SID. , .
SID , Windows Server
2008 SID
.
Active Directory.
, .
. , . (Refresh)
(View) F5.
488
III
Windows Server 2008
NTFS
NTFS . ,
, .
, .
, NTFS, \
\\ (Computer Configuration\Administrative Templates\System\Disk Quotas). . 15-6.
. 15-6. NTFS

(Enable Disk Quotas)

NTFS-

(Enforce Disk Quota Limit)

.

.
,
(Quota) NTFS-

(Default Quota Limit And
Warning Level)

(Log Event When Quota Limit
Exceeded)
,

(Log Event When Quota Warning
Level Exceeded)

(Apply Policy To
Removable Media)
,
NTFS- .
,

. , ,
. -
15
489
NTFS. ,
:
1. , , . \ \ (Computer Configuration\Administrative Templates\System) (Disk
Quotas).
2. (Enable Disk
Quotas). (Setting)
(Enabled) OK.
3. (Enforce Disk
Quota Limit).
NTFS- , (Enabled).
(Disabled) . OK.
4.
(Default Quota Limit And Warning Level). , . 15-16,
(Enabled).
. 15-16.
(Default Quota
Limit And Warning Level)
5. (Default Quota Limit)

,
.
. 5001000 .
490
6.
7.
8.
9.
III
Windows Server 2008
, ,
, .

.
,
(Setting). 90% . ,
1000 900 .
OK.
(Log Event When Quota Limit Exceeded).
(Application), (Enabled) OK.
, (Log Event When
Quota Warning Level Exceeded).
(Application), (Enabled) OK.
(Apply Policy To Removable Media)
(Disabled),
.
, \ \\ (Computer Configuration\Administrative Templates\System\Group
Policy), (Disk
Quota Policy Processing). (Enabled)
, (Process
Even If The Group Policy Objects Have Not Changed). OK.
NTFS-
NTFS
NTFS-.
,
(Enforce Disk Quota Limit), . , (Quota) NTFS-, .
NTFS-,
:
.
15
491
2. (Storage)
(Disk Management). , , .
3. (Volume List) (Graphical View) ,
, (Properties).
4. (Quota)
(Enable Quota Management), . 15-17.
, (Quota) ,
.
.
. 15-17. ,

(Quota),
(Status) . . ,
, (Status) ,
. ,
, (Status) , . , .
5. , (Limit Disk Space To),

, , , ,
492
III
Windows Server 2008
. (Set Warning Level To). , 90-95% .

, . (Quota Entries).
, .
6.
,
(Deny Disk Space To Users Exceeding Quota Limit).
,
( ).
7. , (Log Event). OK, .
8. , . OK, Windows Server 2008
.
, , ,
,
(Application).

. , ,
, . , ,
, . ,
.
,
.
.
, :
.
2. (Storage)
(Disk Management). , , .
15
493
3. (Volume List) (Graphical View) ,

, (Properties).
4. (Quota) (Quota Entries). .
, , . OK ,
. , ,
.

,
. . , , , , . . ,
. -
, .
. , , ,
,
, .
, :
, . , ,
, . ,
, .
(, ). , ,
, , .
, :
1. (Quota Entries),
.
. , F5
(View) (Refresh).
2. , .
(Quota) (New Quota Entry).
: (Select Users).
3. (Check Names). ,
OK. ,
. , OK.
494
III
Windows Server 2008
4. , (Add New Quota Entry), . 15-18. ,

(Do Not Limit Disk
Usage). , (Limit Disk
Space To) . OK.
. 15-18. (Add New Quota Entry)

, ,

, . , , .
, .

, :
1. (Quota Entries),
. . ,
F5 (View) (Refresh).
2. , ,
Delete (Quota)
(Delete Quota Entry). Shift Ctrl
.
3. (Yes), .
(Disk Quota) , .
4. , (List Files Owned By)
, . ,
.
15
495
Shift
Ctrl. :
(Permanently Delete Files)
(Delete).
(Yes),
(Take Ownership Of Files)
, ,
(Take Ownership).
(Move Files To) ,
.
, (Browse),
(Browse For Folder). ,
(Move).
5. , OK. , .
NTFS
, .
NTFS. , :
1. (Quota Entries),
. . ,
F5 (View) (Refresh).
2. (Quota) (Export).
(Export Quota Settings).
, , , (File
Name). (Save).
.
. , ,
.
3. (Quota) (Close),
(Quota Entries).
(Connect To Another
Computer). (Select Computer)
, , , ,
.
496
III
Windows Server 2008
5. .
(Quota) (Quota Entries). (Quota Entries) .
6. (Quota) (Import). (Import Quota Settings)
. (Open).
7. ,
. , (Yes), , (No), .
NTFS
, .
, . . , , .
, :
.
2. ,
.
3. (Quota) (Enable Quota Management). OK. OK.

Windows Server 2008 (File
Server Resource Manager). .
NTFS, . ,
. : NTFS
.

Windows Server 2008 . ( ) ( ).
15
497
,
. ,
,
.
. , ,
.
Windows Server 2008 . 15-7.
(File Server Resource Manager) . , , .
. 15-7.

100
(100 MB Limit)
100
200

(200 MB Limit
Reports To User)
200
, ,
200
50
(200 MB Limit With
50 MB Extension)
200
DIRQUOTA
,
, 50

250 (250 MB
Extended Limit)
250
,

200 250

200
(Monitor 200 GB
Volume Usage)
200
500 (Monitor 500 MB Share)
500
:
.
.
.
498
III
Windows Server 2008
.
100%. 100% . ,
, 85% 90% ,
100% .
, , .
,
, .

,
, . (File Server Resource Manager) .
(Quota Management)
(Quota Templates). . 15-7.
. 15-19. ,
, :
1. (File Server Resource
Manager) (Quota Management)
(Quota Templates).
15
499
, .
2. ,
. , . 15-19.
3. (Settings) ,
. . , (Edit).
, (Add).
4. , OK, .
,
:
(Quota Templates).
2. (Action)
(Create Quota Template).
(Create Quota Template).
3. (Settings) ,
. , . (Limit). : , ,
.
4. (Add), .
(Add Threshold)
, (Generate Notifications When Usage Reaches).
100%.
5. (E-mail Message)
:
,
(Send EMail To The Following Administrators)
, . [Admin
Email] ,
.
,
, (Send E-Mail To The
User Who Exceeded The Threshold).
(Subject)
(Message Body).
. 14-6.
6. (Event Log)
. -
500
III
Windows Server 2008
(Send Warning To Event Log)

(Log Entry).
. 14-6.
7. (Report) (Generate
Reports), . . %SystemDrive%\StorageReports\Incident. ,
. [Admin
Email] ,

8. 57, .
9. , OK.

.
(File Server Resource Manager) . (Quota Management) (Quotas).
,
, .
,
, :
(Quotas).
2. (Action)
(Create Quota).
3. (Create Quota) . (Browse)
(Browse For Folder) , , C:\Data. OK.
4. (Derive
Properties From This Quota Template) ,
.
5. (Create).
16
, . .
, ,
. .

.
. , . ...
, . , .

. , ,
. :
? , . , , , ,
. .
, , ,
. ,
.
? , , .
,
.
502
III
Windows Server 2008
?
. , , , .
? . ,
.
, .
?
.
. , , .
? .
(), . , , .
? , ,
.
? ,
. . .
?
. ,
.

. ,
, , , , . .
Windows (Windows
Explorer), (Archive). ,
, .
, .
:
, , (Archive).
(Archive)
16
503
. , , .
(Archive).
(Archive)
. .
, .
(Archive) , . , .
.
, . (Archive) , .
. (Archive) . , .
. , .
(Archive) .
,
, .

, , .
. . , .

.

.
, . 16-1. , ,
( ,
).
,
504
III
Windows Server 2008
( , , , ).
. 16-1.

, , .
.

. . , .
,
:
, . ?
.
?
16
505

?
, .
?
?

, , , . ,
,
.
:
()
, . , .
, , .
24 72 . . .
DAT DAT
. DAT.
DLT SDLT. SDLT 320 600 160 300 320 600
. LTO. LTO-3 400
800 .

, .
, .
DAT DLT,
SDLT LTO. DLT 45
. ,
.
. SDLT LTO 100 , .

, -
506
III
Windows Server 2008
, .
,
.
.
. RAID,
.
, Windows .
. 20 500 /,
40 2 /.
, ,

. ,
. .
.
.
, DAT,
.

. . , ,
.

.
, , .
. 5 (
). ,
. ,
.
, , .
, 8 5 . 24/7,
16
507
.
14 : 7 .
. .

. , .
.

:
, . ,
(Administrative
Tools). ,
(Server Manager).
, Wbadmin.
Wbadmin
.
wbadmin /?.
Windows , , - , .

Windows Server (Windows Server Backup). , , .
Windows Server (Windows Server Backup) .
Windows Server (Windows Server Backup) VSS (Volume
Shadow Copy Service) , , .
,
.
Windows Server (Windows
Server Backup) , -
508
III
Windows Server 2008
. ,
, DVD . DVD
. DVD , , .
Windows Server (Windows
Server Backup) .
.
Windows Server (Windows Server

Backup) .
,
, ,
. ,
Windows Server (Windows Server Backup) Windows, , .
, .
VSS Windows Server (Windows Server Backup)
, ,
Microsoft SQL Server Windows SharePoint Services.
Backup) .
,
.
,
.
. ,
. ,
:
Windows
Server 2008 Windows
Server (Windows Server Backup). , ,
, .
16
509

Windows Server
Windows Server 2008, 32-, 64-.
Windows Server 2008
Core. , Windows Server
Core, .
Windows, :
1. (Server Manager) (Features) (Add Features).
2. (Select Features)
Windows (Windows Server
Backup Features). Windows Server (Windows Server Backup)
(Command-Line Tools). (Next).
3. (Install). (Close). (Administrative
Tools) Windows Server
(Windows Server Backup).
Backup) (Wbadmin.exe) , (Ntbackup.exe). Ntbackup.exe Windows Server
2008 . Ntbackup.
exe , Windows.
Windows Server
Windows Server
(Windows Server Backup), ,
(. 16-1). ,
(Backup Once) (Backup Schedule).
510
III
Windows Server 2008
. 16-1. Windows Server ,

.
(Administrators) (Backup Operators)

. , , ,
(Read), (Read & Execute), (Modify)
(Full Control).
,
, .

, (Domain Administrators)
.
,
:
, .

.
. , .
16
511
Windows Server VSS.

Windows Server (Windows Server Backup) ,
.
,

. ,
,
, . Windows Server (Windows
Server Backup),
. ,

,
. , . Windows
Server , (Task Scheduler) Wbadmin .
Windows Server
(Windows Server Backup) . , :
1. Windows Server (Windows Server Backup). (Action)
(Connect To
Another Computer).
2. (Another Computer), IP-. , (Browse),
OK.
3. (Finish), .
Windows Server
(Windows Server Backup)
. (Archive), .
,
.
, :
512
III
Windows Server 2008
(Configure Performance Settings).

(Optimize Backup Performance), . 16-2.
2. , OK:

(Always Perform Full Backup)
.

(Always Perform Incremental Backup)
.
(Custom),
,
.
3. , . (Action)
(Backup Once). ,
(Action)
(Backup Schedule).
. 16-2.

Wbadmin
Windows Server .
,
, , .
16
513
(Backup CommandLine Tools), , Wbadmin

%SystemRoot%\System32\. , :
1. (Start) (All
Programs) (Accessories).
2. (Command
Prompt) (Run As
Administrator).
3. Wbadmin
.
Wbadmin , . 16-2.
. 16-2. Wbadmin
DELETE SYSTEMSTATEBACKUP
DISABLE BACKUP
ENABLE BACKUP
GET DISKS

, , ,
GUID,
GET ITEMS
GET STATUS
GET VERSIONS
,
,

START BACKUP
.
, ,

START RECOVERY
START SYSTEMSTATEBACKUP
START SYSTEMSTATERECOVERY
STOP JOB
514
III
Windows Server 2008
Wbadmin,
:
, wbadmin /?.
, wbadmin
/?, , ,
wbadmin stop job /?.
, . :
wbadmin get versions [-backupTarget:{ | }]
[-machine:]
backupTarget machine. ,
,
:
wbadmin get versions
F: :
wbadmin get versions -backuptarget:f:
F: Server96 :
wbadmin get versions -backuptarget:f: -machine:server96
backupTarget machine.
backuptarget , . , , F:, , , \\FileServer32\backups\Server85.
machine , .
Wbadmin
Wbadmin .

.

, :
GET DISKS , , , GUID, .
wbadmin get disks
16
515
GET ITEMS .
wbadmin get items -version:
[-backupTarget:{ | }]
[-machine:]
GET STATUS .
wbadmin get status
GET VERSIONS ,
, .
wbadmin get versions [-backupTarget:{ | }]
[-machine:]

:
DELETE SYSTEMSTATEBACKUP .
wbadmin delete systemstateBackup [-backupTarget:{}]
[-machine:]
[-keepVersions: | -version:
|
-deleteOldest]
[-quiet]
DISABLE BACKUP .
wbadmin disable backup [-quiet]
ENABLE BACKUP
.
wbadmin enable backup [-addTarget:{}]

[-removeTarget:{}]
[-schedule:]
[-include:]
[-allCritical]
[-quiet]
START BACKUP .
, , .
wbadmin start backup [-backupTarget:{ | }]
[-include:]
516
III
Windows Server 2008
[-allCritical]
[-noVerify]
[-user:_]
[-password:]
[-noinheritAcl]
[-vssFull]
[-quiet]
STOP JOB . .
wbadmin stop job [-quiet]

:
START RECOVERY ,
.
wbadmin start recovery -version:
-items: | |
-itemType:{ | | }
[-machine:]
[-recoveryTarget: | ]
[-recursive]
[-overwrite:{ | | }]
[-notRestoreAcl]
[-skipBadClusterCheck]
[-noRollForward]
[-quiet]
START SYSTEMSTATEBACKUP
.
wbadmin start systemstateBackup -backupTarget:{}

[-quiet]
START SYSTEMSTATERECOVERY .
wbadmin start systemstateRecovery -version:
-showSummary
[-machine:]
[-recoveryTarget:]
[-authSysvol]
[-quiet]
16
517

,
. ,
Windows. , , , , .

DVD, .
, , ,
. , .
, , ,
. :
, ,
. , , ,
Windows.

, .
Windows,

. Windows
,
.
,
.
,
, .

. , :

, .
, .

,
518
III
Windows Server 2008

,
.
. , .
DVD , .
1 .
.
Windows Server
(Windows Server Backup) Wbadmin .

Backup) .
:
1. Windows Server (Windows Server
Backup) . .
2. (Action)
(Backup Schedule). (Backup Schedule Wizard). (Next).
3. (Select Backup Type), ,
(Full Server). , , .
(Full Server) (Next). (Custom)
(Next).
, ,
, . ,
, , Windows Server 2008 D,
C, .
16
519
4. (Custom), (Select Backup Items).

, ,
, , .
5. (Specify Backup Time)

. (Once
A Day) .

(More Than Once A Day),
. (Available Time)
, (Add), (Scheduled Time).
.
(Next).
6. (Select Destination Disk) , .

,
(Show All Available Disks). , .
512 , . .
7. (Next), , , . (Yes).
520
III
Windows Server 2008
8. (Destination Disk) . , ,
, , .
, . .
9. (Confirmation) , (Finish).
.
.
10. , (Close). .
Wbadmin ENABLE BACKUP. :
addTarget GUID
, . GUID , GET DISKS.
removeTarget , , GUID .
include , , GUID.
allCritical .
quiet .
ENABLE BACKUP.
21:00 C: D:, :
wbadmin enable backup -addtarget:{06d88776-0000-0000-0000-000000000000}
-schedule:18:00 include:c:,d:
6:00 21:00, :
wbadmin enable backup -addtarget:{06d88776-0000-0000-0000-000000000000}
-schedule:06:00,18:00 allcritical

, :
1. Windows Server (Windows Server Backup). . .
16
521
2. (Action)
(Backup Schedule). (Backup Schedule Wizard). (Next).
3. (Schedule Backup
Settings) (Modify Backup),
,
. 4. ,
(Stop Backup). (Next) (Finish).
.
.
- .
4. (Select Backup Type), ,

(Full Server). , , .
(Full Server) (Next). (Custom)
(Next).
, ,
, .
6. (Specify Backup Time)
. (Once
A Day) .
(More Than Once A Day),
. (Available Time) , (Add),
(Scheduled Time).
. (Next).
7. (Add Or Remove Backup Disks) ,
(Next):
(Do Nothing),
.
(Add More Disks),
.
(Select Destination Disk)
522
III
Windows Server 2008
,
. (Next),
, ,
. (Yes).
(Destination Disk)
. (Next).
(Remove
Current Disks),
.
(Remove Current Disks) ,
.
8. (Confirmation) (Finish). . (Summary) (Close).
Wbadmin
ENABLE BACKUP. addTarget removeTarget.

. .
, :
wbadmin enable backup -removetarget:{06d88776-0000-0000-0000-000000000000}
, :
wbadmin enable backup -addtarget:{41cd2567-0000-0000-0000-000000000000}
,
:
wbadmin enable backup -schedule:03:00 include:c:,d:,e:
Wbadmin
, START BACKUP
Wbadmin. :
backupTarget . UNC- , .
include , , GUID.
allCritical .
inheritAcl ,
. -
16
523
, , user,
.
noVerify , ,
, . , , .
password .
quiet .
user .
vssFull
VSS. . ,
.
START
BACKUP:
:
wbadmin start backup -backuptarget:f: -vssfull
C: D: F:
wbadmin start backup -backuptarget:f: -include:c:,d:
:
wbadmin start backup -backuptarget:f: -allcritical
C: D: :
wbadmin start backup -backuptarget:\\fileserver27\backups -include:c:,d:
-user:williams
, (Task Scheduler), :
1. (Start), (Administrative Tools) (Task Scheduler).
. .
2. (Task Scheduler)
(Create Task). (Create Task).
3. (General) .
,
(Change). :
524
4.
5.
6.
7.
III
Windows Server 2008
(Select User Or Group) , .

.
.
, .
, (Run Whether User Is Logged On Or Not).
, ,
Windows.
(Triggers) (New). (New Trigger) (Begin The Task)
(On A Schedule). OK.
(Actions) (New).
(New Action) (Action) (Start A Program).
(Programm/Script) %windir%\
System32\wbadmin.exe.
(Add Arguments) START
BACKUP , :
start backup -backuptarget:f: -include:c:,d:,e:\mountpoint,\\?\
volume{be345a23-32b2-432d-43d2-7867ff3e3432}\
8. OK, (New
Action).
9. (Conditions)
.
10. (Settings)
.
11. OK, .

, :
1. Windows Server (Windows Server Backup). . .
2. (Action)
(Backup Once). (Backup Once Wizard). (Next).
16
525
3. ,
(Backup Schedule
Wizard), (The Same Options). (Next) (Backup), . .
4. , (Different Options) (Next).
5. (Select Backup Type) (Full Server). ,
, .
, (Full Server)
(Next). (Custom) (Next).
, , , .
,
(Enable System Recovery).
(Next).
7. (Specify Destination Type)
:

(Local Drives)
(Next). (Backup
Destination) , DVD-
.
DVD- .
DVD , .
,
.
,
(Verify After Writing). (Next).

(Remote Shared Folder)
(Next). (Specify
Remote Folder) UNC- , ,
\\FileServer43\Backups. ,
,
, (Access Control)
(Inherit).
526
III
Windows Server 2008
, (Do Not
Inherit). (Next).
, ,
.
8. (Specify VSS Backup
Type) ,
VSS. VSS (Copy Backup),
. VSS (VSS Full Backup)
.
9. (Next) (Backup).
.
(Close), .

Windows Vista, Windows Server 2008 .
, . , .
Windows Server 2008 , . -
. ,
/ .
,
, , .
.
Windows Server 2008 , , ,
. Windows Server 2008 , .
,
.
16
527
.
, , Windows Server
2008 . ,
.
Windows , .

(Restart Manager). . , , .
(Problem Reports And
Solutions). ,
(Problem Reports And Solutions).
. , :
1. (Start) (Control Panel).
2.
(System Maintenance),
(Problem Reports And Solutions).
3. (Problem Reports And
Solutions) (See
Problems To Check) .
4. .
(Check For Solutions),
- .
Windows Server 2008 , - , Resource
Exhaustion Detection And Recovery. . ,
, ,
, , .
(System).
Windows . Windows
528
III
Windows Server 2008
Server 2008 , .
, , Windows Server 2008
Startup Repair Tool (StR),
.
StR ,
, . StR , ,

.
, , .
, .
, , .
, , .
, , , ,
, .
. ,
(Reliability
And Performance Monitor), 4.
, , . , , . , ,
, Windows
(Windows Memory Diagnostics) , . ,
, :
1. (Start). (Search) mdsched.
exe Enter.
2. .
16
529
3. Windows
(Windows Memory Diagnostics) .
: .
- Microsoft Online
Crash Analysis. - , , .

,
. Windows Server
2008 , , , , . , .

, . ,

.
,
:
1. .
2. F8, (Advanced Boot Options).
3. , ,
Enter. .
:
(Safe Mode)
,
. , , ,
. .
(Safe Mode With
Networking) , ,
, .
(Safe Mode
With Command Prompt) ,
, Windows
. .
(Safe Mode With
Command Prompt) Explorer .
Ctrl+Shift+Esc, (File) (Task
Manager) (New Process) explorer.exe.
530
III
Windows Server 2008
(Enable Boot Logging) , ,

.
(Enable Low Resolution Video)
(640480). , ,
.
(Last Known Good Configuration) , , Windows
. HKEY_CURRENT_
CONFIG ,
.
(Debugging Mode)
. .
(Directory Services Recovery Mode)
.
(Disable Automatic Restart On System Failure) Windows Server 2008 .
(Disable
Driver Signature Enforcement)
, .

, ,

.
, . , .

Windows Vista, Windows Server 2008
Windows
(Windows Error Recovery). .
(Safe
Mode), (Safe Mode With
16
531
Networking) (Safe
Mode With Command Prompt). Windows.
.
(Advanced Boot Options), , F8 Windows (Windows Error Recovery).

Windows Server 2008 50000 ,
x86 4
.
Wbadmin. START
SYSTEMSTATEBACKUP, START SYSTEMSTATERECOVERY
.
(Directory Services Restore).
Active Directory .
:
wbadmin start systemstatebackup -backupTarget:
, , F:.
:
wbadmin start systemstaterecovery -backupTarget:
, , , F:. , :
recoveryTarget,
.
machine, ,
.
authorsysvol
Sysvol.
Active Directory
, , . .
532
III
Windows Server 2008
Active Directory , . ,
, Active Directory. , Active Directory .
, .
! Active
Directory . , , ,
, .
Active Directory
, :
1. , .
2. . F8, (Advanced Boot Options).
3. (Directory
Services Restore Mode).
4. .
5. , ,
Ntdsutil. Active Directory.
6. . Active Directory .

, Windows Server 2008 , .
, . ,
Windows :
Windows Complete PC (Windows Complete PC
Restore)
.
16
533
, ,
.
, , , . , .
Windows (Windows Memory Diagnostics)
. : ,
.
, , , , .
X:\Sources\Recovery\StartRep.exe (Startup Repair)
, Windows
,
(BCD).
X:\Sources\Recovery\recenv.exe (Startup Recovery Options) Startup Recovery Options. , .
Windows , Windows Server (Windows
Server Backup). . . , Windows Server , .
,

.

, , .
, , ,
. ,
.

:
1. Windows CD- DVD- . ,
-. Windows.
2. (Next).
3. (Repair Your Computer). Windows .
534
4.
5.
6.
7.
8.
III
Windows Server 2008
(System Recovery Options Wizard).

, :
. (Next).
(System Recovery
Options) Windows Complete
PC (Windows Complete PC Restore). .

() (Use The Latest Available Backup (Recommended))
(Restore A Different Backup).
(Next).
, (Select The Location Of
The Backup) :
,
, (Next).
(Select The Backup
To Restore) ,
(Next).
(Advanced)
, (Next).
. (Next).
(Choose
How To Restore The Backup)
(Next):

(Format And Repartition Disks),
.
(Exclude Disks)
,
. , ,
.
(Install Drivers),
.
(Advanced), ,

.
(Finish).
Windows Complete PC (Windows Complete PC Restore) .
16
535
, ,
Windows Server 2008 , ,
. ,
, (Recovery Wizard)
Backup). , , ,
, ,
,
, .
, DVD .
, , , :
(Recover). (Recovery Wizard).
2. (Getting Started) , ( ), (Next). , FileServer18
WebServer84.
(Another Server), , .
3. , , . (Next), .
(Select Backup Location) .
(Specify Remote Folder) ,
. \WindowsImageBackup\ComputerName.
4. ,
,
(Select Backup Location) .
5. (Select Backup Date)
, .
. (Next).
6. (Select Recovery Type) :
536
III
Windows Server 2008
(Files And Folders) (Next).

(Select Items
To Recover) (Available Items)
+,
. ,
. , ,
(Next).
, ,
(Volumes) (Next).
(Select Volumes)
.
, .
(Destination Volume), ,
. (Next).

(Applications) (Next).
(Select Application)
(Application) , .
(Next). , ,
,
.
7. (Specify Recovery
Options) (Recovery
Destination) , :
( ) . , (Browse), .
,
.
8.
(When Backup Finds Existing Files And Folders) , , .
,
, .
9. (Confirmation) (Recover), .
16
537

EFS,
. , , EFS
EFS. .

.
, , .
,
. ,
.
. , , , ,
. , , ,
. .
(EFS). EFS .
, EFS . Windows XP SP1
Windows
AES. AES Windows 2000 Windows
XP SP1. , AES,
, , . IIS 7 AES .
.
,

,
.
.

, .
,

. , ,
.
538
III
Windows Server 2008
EFS ,
. ,
. ,
. , , .

FAT FAT32 (
).

(recovery agent). ,
, .
. . .
EFS :

Windows
Server 2008. .
, .

,
. .
,
, .
, , .
EFS
. ,
.
, , :
16
539
1. ,
, , . 5
2. (Computer Configuration), Windows (Windows Settings), (Security Settings)
(Public Key Policies).
(Encrypting File System), EFS. , . , , , , .
3. ,
(Encrypting
File System) (Add Data Recovery Agent).
(Add Recovery Agent Wizard),
, , .
(Next). (Select Recovery
Agents) (Browse Directory) : ,
(Find Users, Contacts, And Groups). OK, (Next) (Finish).
, . (Certificates) EFS (EFS Recovery Agent).
, .
EFS
Cipher.exe.
4. ,
Delete. (Yes),
.
, EFS , .

, ,
. , , EFS, ,
.
.
540
III
Windows Server 2008
( ) (
) , .
, .

, ,
. . ,
, .

.
.

(Certificates).
.pfx.
, :
1. , ,
. (Start), (Search)
mmc Enter. MMC.
(Add Or Remove Snap-Ins).
3. (Available Snap-Ins) (Certificates) (Add). (My User Account)
(Finish). (Certificates)
(Selected Snap-Ins).
4. OK,
(Add Or Remove Snap-Ins).
5. (Certificates Current User) (Personal), (Certificates).
, ,
(All Tasks) (Export). (Certificate Export Wizard).
6. (Next) , (Yes, Export The Private Key).
(Next).
16
541
7. (Next), , .
8. .
.
.pfx.
9. (Next) (Finish). , . OK, .

, .
, , .
, :
1. pfx-
, .
. ,
.
2. (Certificate) (My User Account),

.
3. (Certificates
Current User) (Personal).
(All Tasks)
(Import). (Certificate Import
Wizard).
4. (Next) .
5. (Open) (Browse)
.
(Open).
6. (Next).
(Next).
7. (Personal). (Next) (Finish).
, . OK.
IV

Windows Server 2008
17. TCP/IP ................................................................... 544

18. ............. 559
19. DHCP .................................................................... 595
20. DNS ................................................................................. 632
17
TCP/IP

, Microsoft Windows
Server 2008. TCP/IP. , TCP/IP , .
TCP/IP , .
TCP/IP . , ,
\ \\ (User Configuration\Administrative Templates\Network\Network
Connections) \ \\ (Computer Configuration\Administrative Templates\System\
Group Policy). 5.
Windows Server 2008

Microsoft Windows Server 2008 Windows. Windows Server 2008 , :
(Network Explorer) .
Center) .
(Network Map) ,
.
(Network Diagnostics)
.
,
:
TCP/IP
17
545
(Network Discovery) Windows

Server 2008,
.
(Network Awareness)
Windows Vista SP1 , Windows
Server 2008, . , ( , ),
,
. Windows ( ).
, ,
Windows Server 2008. Windows
:
;
.
,
. :
,
. .

.
,
.
.

.
, ,
. . , .
.
.
, . , , , ,
.
546
IV
Windows Server 2008
, Windows Server 2008 . , :

;
.
, :

;
.
(Network), . 17-1,
.
(Network Explorer), (Start)
(Network).
(Network Explorer) . , . (Turn On Network Discovery),
.
Windows.
, . , , 15.
. 17-1. (Network Explorer)
(Network And
Sharing Center), . 17-2,
. (Network And Sharing Center), (Start) (Network).
Center) (Network Explorer).
TCP/IP
17
547
. 17-2.
(Network And Sharing Center)
(Network And Sharing Center) :

.
, .
. .
. (View Full Map),
(Network Map) .
. : , . (Access)
: (Local Only),
(Local And Internet) (Internet Only).
(Connection) , .
(Customize), , ( ) . (View Status), (Local Area Connection Status).
548
IV
Windows Server 2008
. ,
, , (Apply). ,
, (Network Discovery), (Turn On Network Discovery)
(Turn Off Network Discovery).
(Apply).
(Network And
Sharing Center) .
, Windows
(Windows Network Diagnostics).
.
Center) . (Diagnose And Repair) .
Windows Vista
Windows Server 2008
Windows Vista Windows Server 2008 (IEEE 802.11)
\ Windows\
(Computer Configuration\Windows Settings\
Security Settings).
(IEEE 802.3) (Wired Network (IEEE 802.3)),
Windows Vista ,
IEEE
802.1X . (IEEE 802.11) (Wired Network (IEEE 802.11)),
Windows XP
Windows Vista , WLAN, .
Windows Vista SP1 , Windows Server
2008, .
(
Winlogon),
,
.
TCP/IP
17
549

2008, ,
:
SSTP (Secure Socket Tunneling Protocol);
SRA (Secure Remote Access);
CAPI2 (CryptoAPI Version 2);
OCSP (Online Certificate Status Protocol);
Teredo;
RDP (Remote Desktop Protocol).
SSTP
HTTP HTTPS. SRA
HTTPS.
. SSTP SRA
PPTP L2TP/IPSec.
- TCP/IP,
, NAT .
SSTP HTTP SSL (TCP- 443), -. , -, https://, HTTPS SSL.
HTTP SSL VPN-. SSTP IPv4, IPv6,
IP-. , VPN,
. .
CAPI2 PKI X.509
, . . .
OCSP.
OCSP . , CAPI2
OCSP OCSP
. OCSP OCSP. OCSP, OCSP,
. OCSP OCSP URL,
.
550
IV
Windows Server 2008
IPv4-IPv6
Windows Vista SP1 , Windows Server 2008,
, IPv6
IPv4, , Teredo. Teredo
UDP, NAT.
NAT NAT. NAT
, .
2008, RDP 6.1, RDP .
RDP
.
: ,
( ), ,
( ), , ( ).
TCP/IP
, TCP/IP . Windows Server 2008 TCP/IP
.
Windows Server
2008. TCP/IP .
TCP/IP Windows Server 2008,

:
1. (Start) (Network). (Network)
(Network
And Sharing Center) .
2. (Network And
Sharing Center) (Manage Network Connections).
3. (Network Connections)
(Properties).

(Local Area Connection Properties), . 17-3.
TCP/IP
17
551
. 17-3. TCP/IP
(Local Area Connection Properties)
4. IPv6 IPv4 . .
(Install). (Protocol)
(Add). (Select Network
Protocol) OK.
(IPv6 IPv4),
.
5. ,
(Local Area Connection Properties)
IPv6 IPv4. OK.
6.
.
TCP/IP
, . ,
.
, .
TCP/IP IP-.
Windows Server 2008 IP-:
552
IV
Windows Server 2008
IP-, ,
IP-. ,
. , IP-
Windows. .
IP-
DHCP- ( ). . IP- .
( IPv4)
DHCPv4, DHCPv4-, Windows Server 2008
IP-. IPv4 169.254.0.1 169.254.255.254
255.255.0.0. IPv4-, , .
IP-
IP- IP-
, , , . IP- . IP- , .
IPv6 IPv4. IPv6-
64 , 64 . IPv4-
, . ,
IPv4 10.0.10.0 255.255.255.0.
,
10.0.10.1 10.0.10.254. 10.0.10.255 .
, ,
IPv4-, . 17-1.
. 17-1. IPv4-

10.0.0.0
255.0.0.0
10.0.0.010.255.255.255
172.16.0.0
255.240.0.0
172.16.0.0172.31.255.255
192.168.0.0
255.255.0.0
192.168.0.0192.168.255.255
IPv4- .
TCP/IP
17
553
, IPv4-
.
PING
IP-, , DHCP. PING.

ping IP-, . ,
IPv4- 10.0.10.12 :
ping 10.0.10.12
IPv6- FEC0::02BC:FF:BECB:FE4F:961D
:
ping FEC0::02BC:FF:BECB:FE4F:961D
PING , IP- , .
PING ,
, IP- , , . PING .

.
IPv4 IPv6
. . IP :
(Network
2. (Network And Sharing Center)
(Manage Network Connections). (Network
Connections) (Properties).
3. , IP TCP/IPv6 TCP/IPv4.
4. IPv6:
IPv6-
(Use The Following IPv6 Address) IPv6- IPv6 (IPv6 Address). IPv6- .
Tab. (Subnet Prefix
Length) .
(Subnet Prefix Length) -
554
5.
6.
7.
8.
9.
IV
Windows Server 2008
.
, .
.
IPv4:
IP- (Use
The Following IP Address) IPv4- IP-
(IP Address). IPv4-
.
Tab. (Subnet Mask)
.
,
. ,
.
TCP/IP-,
, IP- (Default Gateway).
DNS.
IP- DNS-.
, OK (Close). IP-,
.
WINS IPv4-.
IP-
IP-, IP- . IP- :
(Network
Connections) . .
, . , .
(Properties).
TCP/IP
17
555
4. IPv6- (Obtain
An IPv6 Address Automatically) IP-
(Obtain An IP Address Automatically) IP-.
DNS- (Obtain DNS Server Address Automatically) DNS- (Use The Following DNS Server Addresses),
DNS-.
5. IPv4- .
(Alternate Configuration) IP- (Automatic
Private IP Address). OK, (Close)
.
6. IPv4- , , .
(Alternate Configuration) (User Configured) IP- (IP
Address) IP-. ,
. 17-1, .
7. , WINS.
, OK (Close).

Windows Server
2008 . Windows Server 2008 .
. . , Windows Server 2008 , .

.
DHCP, ,
DHCP-. IP- IP- , :
1. (Start) (Network). (Network) (Network And Sharing Center).
556
IV
Windows Server 2008
2. (Network And
(Network Connections)
(Properties).
4. (Advanced),
TCP/IP (Advanced TCP/IP Settings), . 17-4.
. 17-4.
TCP/IP (Advanced TCP/IP Settings)
5. (Default Gateway) , ( ). . (Add) (Gateway).

6. Windows Server 2008 , . (Automatic Metric) .
7. 56 .
8. OK (Close).
TCP/IP
17
557

. . .
,

,
:
2. (Network And
(Status).
(Local Area Connection Status).
3. ,
.
.
(Status).

. ,
:
2. (Network And
(Disable).
3. ,
(Network Connections) (Enable).

( , ), :
558
IV
Windows Server 2008

Connections) (Disconnect).
3. ,
(Network Connections) (Connect).

Windows Server 2008
. ,
(Network Connections), , (Rename)
.
,
.
18
, Microsoft Windows Server 2008,

:
.
.
.
(Print Services)

.
, . Windows Server . Windows Server 2008
.

:
,
,
.
,
.
.

, . . .
560
IV
Windows Server 2008
, .
,
.
, .
. Windows
Server 2008 .

.
.
, . .
, . ,
, .
,
.

.
, . , ,
, :
, . ,
. ,
.
.
, , .
.
, , ,
.
, , ,
, , .
18
561

, . Windows
Server 2008 (Winspool.drv)
, ,
, .
, , .

. , ,
Winspool.drv.

. , ,
.

.
( ) , . (job). ,
,
.
.

, , .
, .
, Windows Server 2008, . . DLL- . DLL-
, .
, . : , (), .

. , , :
\ \
(Computer Configuration\Administrative Templates\Printers).
562
IV
Windows Server 2008
\ \
\ (User Configuration\Administrative Templates\
Control Panel\Printers).
\ \
(User Configuration\Administrative Templates\
Start Menu And Taskbar).

,
(Print Services)
:
(Print Server)
(Print Management)
,
,
.
LPD (LPD Service) UNIX
LPR
.
(Internet Printing) -,
. , ,
,
IPP. - http:///Printers, , , http://PrintServer15/Printers
http://www.cpandl.com/Printers.
(Print Services) , :
1. (Server Manager)
(Roles) (Add Roles). (Add Roles Wizard). (Before You Begin),
(Next).
2. (Select Server Roles) (Print Services) (Next).
3. (Select Role Services) .
UNIX LPD (LPD
Service). (Next).
4. (Internet Printing) - (IIS) (Web Server (IIS)) Windows (Windows Process Activation
18
563
Service). , - (IIS) (Web Server (IIS)).

IIS , - Windows SharePoint. Microsoft IIS 7 Administrators Pocket Consultant (Microsoft, 2008).
5. (Next).
(Confirm Installation Options). (Install). ,
(Installation Results). ,
.

Windows Server 2008
. ,
:
1. (Start) (Network).
(Network Explorer) (Network And Sharing Center).
2. (Printer Sharing),
.
(Apply):
(Turn
On Printer Sharing), .

(Turn Off Printer Sharing),
.
(Print Management)
(Print Management)
.
(Print Services) (Print Management)
(Administrative Tools). .
(Print Management), .18-1, ,
. , . - , (Print Management)
, .
564
IV
Windows Server 2008
. 18-1. (Print Management)

(Print Management) ,
, . Windows 2000 . , ,
(Administrators)
, .
(Printers) ,
,
, .
(Printers)
(Show Extended View), ,
, , , , , .
-, - (Printer Web Page),
. -
, .
- .
(Print
Management), :
1. (Print Management)
(Print Servers) (Add/Remove Servers).
18
565
2. (Add/Remove
Servers), . 18-2,
.
. 18-2. (Print Management)
3. ,
(Add To List):

(Add Servers). .
(Browse),
(Select Print Server).
(Select Server).
4. , OK.
(Print
Management), :
(Print Servers) (Add/Remove Servers).
2. (Add/Remove
Servers) . (Remove).

.
Windows Server 2008
. Windows Server
2008, (Administrators),
566
IV
Windows Server 2008
(Print Operators) (Server Operators). .

.

(Print Management)
(Print Management) , ,
, . ,
(Print Management) ,
.
, :
1. (Print Management) (Administrative
Tools).
2. (Print Servers)
, .
3. (Add Printer).
(Network Printer Installation Wizard).
4. (Print Installation) (Search The Network For
Printers) (Next).
5. . , IP- . , ,
(Next).
6. ,
.
(Close).

, USB
. . , , ,
. , , , .
18
567
,
.
, , ,
. plug
and play, ,
. , .
,
:
1. , USB-. .
2. Windows Server 2008 ,
.
, .
3. Windows Server 2008 , , .
4. .
(Print Management) (Print Servers)
, .
(Printers) , . ,
, (Manage
Sharing). (Sharing), . 18-3.
5. (Share this
Printer), Windows Server 2008 . ,
(Share Name).
Windows NT
. Windows
2000 256 , .
,
.
6. Active Directory
. Active Directory,
Active Directory (List In The Directory).
7. , Windows Server 2008
. x86.
, -
568
IV
Windows Server 2008
(Additional Drivers). (Additional Drivers) ,

. -
Windows Server 2008, . - Windows Server 2008
Windows. OK.
. 18-3.
, Windows . :
(Print Servers) , .
2. (Printers)
(Add Printer).
(Network Printer Installation Wizard).
3. (Print Installation), .
18-4, , (Add A New Printer Using An Existing Port),
(LPT, COM USB). ,
.
Windows Server 2008 . (Next).
18
569
. 18-4.
4. (Printer Driver) :
Windows e
,

. , (Use The Printer Driver That The Wizard
Selected) .
, (Next).
, , (Use
An Existing Driver). ,
(Next).

, (Install
A New Driver). . 18-5,
. ,
HP LaserJet 8150 PCL 5.
HP, HP LaserJet 8150 PCL 5.
(Next). Windows Server 2008
.
,
(Have Disk).
, . .
570
IV
Windows Server 2008
. 18-5.
5. .
(Print Management).
6. , . ,
(Share This Printer) .
, .
7. . .
8. (Next).
9. Windows , ,
.
. , (Print Test Page)
(Finish). ,
(Add Another Printer) (Finish).
(Network Printer Installation Wizard) ,
(Printers) .
.
.
,
. .

. ,
.
18
571

,
.

. ,
, ,
.
,
:
1. (Print Management) (Print Servers) , .
2. (Printers) (Add Printer). (Network Printer Installation Wizard).
3. (Print Installation) TCP/IP- - IP-
(Add A TCP/IP Or Web Services Printer By IP Address
Or Hostname) (Next).
4. (Printer Address)
(Type Of Device) :
(Autodetect) ,
.
TCP/IP (TCP/IP Device) , , TCP/IP-.
- (Web Services Printer) , ,
.
5. IP- , , 192.168.1.90.
(Autodetect) TCP/IP (TCP/IP Device), .
.
,
. ,
.
6. (Next).
. , :
;
;
;
IP- .
572
IV
Windows Server 2008
7. , IP- , (Back) .
8. , . (Device Type) (Additional Port Information Required) (Standard)

. (Custom) (Settings),
, , SNMP.
9. (Printer Driver) :
Windows e
,
. , (Use The Printer Driver That The Wizard Selected) .
, (Next).
, , (Use
An Existing Driver). ,
(Next).

, (Install A New Driver).
. , HP LaserJet
8150 PCL 5. HP,
HP LaserJet 8150 PCL 5. (Next).
,
(Have Disk).
10. , (Print Management).
11. , .
, (Share
Name) .
,
.
12. . .
18
573
13. (Next).
14. Windows , ,
. . , (Print Test Page)
(Finish). ,
(Add Another Printer) (Finish).

(Network Printer Installation Wizard) , (Printers) .
.
.
.

,
, .
. Windows Vista, :
1. , (Start)
(Control Panel).
(Printers), .
2. (Add A
Printer), (Add Printer Wizard). , Bluetooth (A Network, Wireless Or Bluetooth Printer)
(Next).
3. (Select A
Printer), (Next).
4. (Select A Printer) , (The Printer That I
Want Isnt Listed). TCP/IP (Find A Printer By Name Or TCP/IP Address)
:

(Browse For A Printer), (Next).
(Select).
, ,
(Select A
Shared Printer By Name).
574
IV
Windows Server 2008
UNC, , \\PrintServer12\Twelfth Floor NE,

, , http://PrintServer12/Printers/
IPrinter52/.printer.
TCP/IP- ,
TCP/IP- (Add A Printer Using A TCP/IP Address Or Hostname).
(Next). ,
IP- , , 192.168.1.90.
(Autodetect) TCP/IP (TCP/IP
Device) . (Next).
5. IP- (Type A Printer Hostname Or IP Address) .
. (Next)
(Finish). .
(Printers)
.
Windows XP, :
1. , (Printers And Faxes).
2. (Add Printer),
(Add Printer Wizard).
(A Network Printer)
(Next).
3. (Specify A Printer)
. :
Active Directory (Find A Printer In The Directory) , Active
Directory.

(Type The Printer Name, Or Click Next To Browse For
A Printer) ,
.
(Connect To A Printer On The Internet Or On Your Intranet)
, URL -.
4. OK.
5. , ,
(Yes) (No), (Next).
6. (Finish), . ,
18
575
(Printers And Faxes) .

. , , HP DeskJet ENGSVR01.

,
, .
,
. , , .
Windows . .
Windows Windows Vista, :
1. (Group Policy Management
Console) GPO , , , (Edit).
.
2. :
, (Computer Configuration) Windows (Windows
Settings). (Scripts).
, (User Configuration) Windows (Windows
Settings). (Scripts).
3. PushPrinterConnections.exe %SystemRoot%\
System32 Machine\Scripts\Startup, User\Scripts\Logon User\
Scripts\Logoff . , %SystemRoot%\Sysvol\Domain\Policies.
4. (Startup) (Logon)
(Properties).
5. : (Startup Properties)
: (Logon Properties) (Show Files).
Policies, .
576
IV
Windows Server 2008
6. : (Startup Properties)
: (Logon Properties)
(Add). (Add Script).
7. (Script Name) PushPrinterConnections.
exe OK.
Windows Vista , :
(Print Servers) , .
2. (Printers).
, , (Deploy With Group Policy).
(Deploy With Group Policy), . 18-6.
. 18-6. GPO
3. (Browse).
(Browse For Group Policy Object) GPO OK.
4. (Deploy This
Printer Connection To The Following) :
,
,
(The Users That This GPO Applies To).
, ,
(The Computers That This GPO Applies To).
18
577
5. (Add).
6. 35, GPO.
7. OK, GPO. ,
.
(Details). GPO, . ,
.

(Point and
Print Restrictions) . Windows XP Professional , . Windows Vista

, . . 18-1.
. 18-1.
...
Windows XP Windows Server 2003

. Windows Vista

. Windows Vista

Windows XP
.
Windows Vista

Windows XP
.
Windows Vista

, Windows Vista Windows Server 2008 , -
578
IV
Windows Server 2008
, . , , Windows, , .
(Point and Print Restrictions), , ,
,
. ,
.
,
, .

(Point and Print Restrictions) ,
:
1. (Group Policy Management
Console) GPO , , , (Edit).
.
2. \ \ (User Configuration\
Administrative Templates\Control Panel)
(Printers).
3.
(Point and Print Restrictions).
4. : (Point
And Print Restrictions Properties), . 18-7,
(Enabled).
. 18-7.
18
579
5. , , .
,
FQDN- , . .
6. ,
. , .
.
7. Windows Vista .
.
8.
Windows Vista
. .
9. OK.

, , , ,
(Printer Migration Wizard).
.
,
, , ,
, .
, :
(Export Printers To A File). (Printer Migration Wizard).
2. ,
. (Next).
3. (Select The File Location)
(Browse).
, .
(Open).
4. .printerExport.
, (Next).
5. , (Open Event Viewer), , -
580
IV
Windows Server 2008
.
, .
(Event Viewer).
6. (Exporting) (Finish), (Printer Migration Wizard).
(Import Printers From A File).
(Printer Migration Wizard).
8. (Select The File Location)
(Browse).
(Open).
9. (Next). ,
, (Next). (Select Import Options) (Import
Mode) :
; (Keep
Existing Printers; Import Copies) , ,
. ,
.
(Overwrite Existing Printers) ,
,
.
10. (List In The Directory)
:
,
(List Printers That Were Previously Listed) Active Directory
, .
(List All Printers) Active Directory .
(Dont List Any Printers)
Active Directory.
11. (Next), . ,
(Open Event Viewer), ,
. ,

. (Event
Viewer).
18
581
12. (Importing) (Finish), (Printer Migration Wizard).

,
, .
.
(Print Management) (Custom
Filters). (Custom Filters)
,
, .
(Print Management) :
(All Printers) , , .
(All Drivers) , , .
(Printers Not Ready) , (Not Ready), , .
(Printers With Jobs) ,
, .
, :
(Custom Filters) (Add New Printer Filter). (New Filter Wizard).
2. (Printer Filter Name
And Description) . ,
, ,
(Display The Total Number Of Printers).
(Next).
3. (Define A Printer Filter) , , . ,
. (Next).
, (Queue Status). . : (Output Bin Full), (Ready), (Busy),
(Paper Jam), - (IO Active), (Initializing),
(Out Of Memory), (Not Available),
(Paper Problem), (Out Of Paper), (No Toner/Ink), -
582
IV
Windows Server 2008
(Processing), (Waiting), (Offline), (Door Open),

(Error), (Printing), (Paused), (Warming Up),
(Toner/Ink Low), (User Intervention Required), (Manual Feed Required), (Deleting).
, . , , , (Ready),
(Initializing), (Processing), (Printing), (Warming Up), (Deleting).
4. (Set Notification) ,
,
. (Finish), .
, :
(Custom Filters). , . (Properties).
2. .
:
(General) .
.
(Filter Criteria)
. .
(Notification) .
.

Windows Server 2008 (Print Spooler). , .
(Print Spooler), (Services).
(Print Spooler) :
1. (Administrative Tools)
2. , (Computer Management)
(Connect To Another Computer).
, .
18
583
3. (Services And Applications)

(Services).
4. (Print Spooler).
(Restarted). ,
(Print Spooler)
(Start). (Startup Type) (Automatic). , (Print Spooler)
(Startup Type) (Automatic).
.
. . (Print Spooler).
.
.

. , :
(Print Servers) , .
2. (Printers).
(Properties).
.

, .
, , .
, . . , Microsoft Word
(Print).

(General) ,
(Comments) (Location).
Active Directory
Active Directory
. Active Directory,
:
1. (Sharing).
584
IV
Windows Server 2008
2. Active Directory (List In Directory) OK.

Windows .

.

, :
1. (Advanced).
2. (Driver)
.
3.
, (New Driver).
(Add Printer Driver Wizard). (Next).
4. (Have Disk),
.
5. (Install From Disk)
, , (Browse),
(Locate
File). OK.
6. (Next) (Finish).

, , ,
, . ,
.
, , , .
, :
1. , ,
(Properties).
2. (Sharing) (Additional Drivers).
3. (Additional Drivers) , .
- Windows Server 2008, -
18
585
. - Windows Server 2008

Windows.
-

Windows Server 2008 - :
, ;
, , , (PostScript PCL).
- ,
:
1. (Advanced), - (Separator Page).
2. - (Separator Page)
. ,
:
Pcl.sep PCL
- .
Pscript.sep PostScript,
-.
Sysprint.sep PostScript
- .
Sysprintj.sep Sysprint.sep.
, ,
Sysprintj.sep.
3. -,
- (Separator Page) .
, ,
(Browse) - (Separator Page), %SystemRoot%\Windows\System32. -.
(Browse), , .
-.

, ,
c . (Ports).
, , .
, (Add Port). (Printer Ports) (New
586
IV
Windows Server 2008
Port). OK.
, (Delete Port).

.
(Advanced), . 18-8, . .

.
, (Advanced)
(Always Available).
,
(Available From).

(Priority) (Advanced)
. . .
. 18-8.
(Advanced)
, , ,
, , .
18
587
:
( ) (Spool
Print Documents So Program Finishes Printing Faster)
, .
(Start Printing After Last Page Is Spooled)
. -
, .
(Start Printing Immediately) ,
.
.
,
(Print Directly To The Printer). :
(Hold Mismatched Documents) ,
. , .
(Print Spooled Documents
First) , ,
, .
(Keep Printed Documents) .
, .
, . , . ,
.
(Enable Advanced
Printing Features) ( ), , .
, ,
.

.
, ,
(Manage Sharing).
(Sharing), , -
588
IV
Windows Server 2008
.
:

( ,
), (Share
This Printer) (Share
Name). OK.
, (Share Name)
OK.
,
(Share This Printer). OK.

, . , , (Security). :
(Print), (Manage Documents) (Manage Printers). . 18-2
.
:
(Administrators), (Print
Operators) (Server Operators)
.
.

.
(Everyone) .
.
(Print)
(Manage
Documents)
(Manage Printers)
,
,

18
589
. 18-2. ()
(Print)
(Manage
Documents)
(Manage Printers)
,
. . 18-3
, . .
. 18-3.

(Print)
(Print)

(Manage Documents)
(Manage
Documents)
X
X

(Manage Printers)

(Read Permissions)
(Manage Printers)
X
X

(Change Permissions)
(Take
Ownership)
590
IV
Windows Server 2008

Windows Server 2008
. :
1. (Security). (Advanced),
(Advanced Security Settings).
.
, .
2. (Auditing) (Add) , .

(Remove).
3. , (Successful) (Failed).
4. OK.

, Windows, ,
MS-DOS. ,
:
1. (General).
2. (Printer Preferences).
3. .

Windows Server 2008 : (Print Server Properties).
:
(Printers)
(File) (Server Properties)

(Server Properties) .
(Print Management)
(Properties). , (Add/Remove
Servers): (Print
18
591
Servers) (Add/
Remove Servers).
.
Spool NTFS
Spool . %SystemRoot%\System32\Spool\PRINTERS.
NTFS (Change) .
.
, :
1. : (Print Server Properties).
2. (Advanced). Spool (Spool
Folder). .
3. Spool Windows
(Windows Explorer) (Properties).
4. (Security) .

, , . ,
. ,
:
, ,
, , , , USB-. , , , .
. ,
. , .
Spool .
Spool , .
- .
592
IV
Windows Server 2008

: (Print Server Properties).
(Advanced) , .

. ,
. . . , : (Print Server
Properties) (Beep On Errors Of Remote Documents)
(Advanced).

. ,
:
(Printers) . , .
, . (Start), (Network).
, ,
(Printers) .
(Print Management)
(Print Servers). . (Printers). (Open Printer Queue).
(Print Management)
(Printers) (Show Extended View).

, . 18-9. , :
(Document Name) ;
, .
(Status) , .
18
593
(Owner)
(Pages) .
(Size) , .
(Submitted)
.
(Port) , , , LPT1, COM3,
IP- ( ).
. 18-9.

.
(Printer) (Action) (Pause Printing). , , . , .

(Pause Printing) . .

, (Printer) (Action)
(Cancel All Documents).
(Document). ,
, :
(Pause) .
(Resume) ,
.
594
IV
(Restart)
.
Windows Server 2008
, -

, ,
Delete.
, ,
.
- ,
. ,
.

,
, , , . ,
:
. (Properties).
.

. .
, :
1. . (Properties).
2. (General) . 1, 99.

. , . , :
1. . (Properties).
2. (General) (Only
From) , .
,
24.00 5.00 .
19
DHCP
, DHCP Active Directory.

DHCP TCP/IP. . DHCP ,
DHCP-.
DHCP
DHCP IP-
. DHCP, DHCP-
TCP/IP: IP-, , DNS-, WINS,
DNS- . Windows Server 2008 DHCP
IPv4 IPv6 ( , )
.
IPv4
, IPv4, DHCPv4.
DHCPv4-, IPv4-, DHCP-, 32- IPv4-
, . . ,
. DHCP-. IPv4-,
, .
DHCP, IP-,
DHCP- IPv4-.
DHCP-
( ). DHCPv4
, DHCP-
596
IV
Windows Server 2008
. DHCPv4 DHCP-. DHCP- ,

. DHCP- , ,
, .
, ,
.
, . ping ,
. IPv4. , DHCP-
, .
IPv4 :
1. IP- B 169.254.0.0
255.255.0.0, . IPv4- ARP , IPv4- .
2. , 1. . , ARP ,
IPv4-.
3. IPv4- ,
. , DHCP, .
,
.
IPv6
Microsoft Windows Vista Windows Server 2008
, (IPv4 IPv6). 1 17, IPv4 IP
, IPv6 IP. IPv6 128- . 64 ,
64 .
IPv6 DHCP:
(Stateful) DHCPv6- IPv6- DHCPv6-.
(Stateless) DHCPv6-
IP- ,
DHCPv6.
, DHCPv6- IPv6- () , DHCPv6-. DHCPv4,
DHCPv6 DHCPv6-,
DHCP
19
597
, DHCPv6-, , DHCPv6,
, ,
DHCPv6-.
DHCPv4, DHCPv6
IPv6-. DHCPv6
, :
Managed Address Configuration ( M)
1, .
Other Stateful Configuration ( O) 1,
.
DHCPv6 Window Vista, Windows Server 2008.
DHCPv6
M O . , ,
M O . IPv6 Windows XP
Windows Server 2003 DHCPv6-,
M O .
IPv6, Windows Vista Windows Server 2008, 1 M. netsh interface ipv6 set interface
managedaddress=enabled, . 1 O ,
netsh interface ipv6 set interface
otherstateful=enabled. ,
, :
netsh interface ipv6 set interface Connection 2 managedaddress=enabled
M O, :
0, , DHCPv6. .
1, DHCPv6
IP-, .
, , DHCPv6
IPv6- .
M 0, O 1, DHCPv6 .
598
IV
Windows Server 2008
, IPv6 . .
M 1, O 0, DHCPv6 IP-, . IPv6- , , , , IPv6- DNS-,
.
IPv6- , IPv4. IPv6 DHCPv6
:
1. IPv6- . IPv6- ARP , IPv6-
.
2. , 1. , , ARP- .
IPv6-.
3. IPv6- ,
. DHCP, .
.
IPv6
DHCPv6 .
DHCPv6 , , .
DHCPv4, DHCPv6
UDP. DHCPv6 UDP- 546.
- DHCPv6 UDP- 547.
DHCPv6 ,
DHCPv4 BOOTP,
.
DHCPv6 1- Msg-Type ( ). 3- Transaction-ID,
DHCPv6.
Transaction-ID DHCPv6
, . DHCPv6 . Option-Code (2 ) .
Option-Len (2 ) Option-Data .
Option-Data .
DHCP
19
599
, - . Hop-Count (1 ) -, . ,
, , . Link-Address (16 )
, , . Link-Address , . Peer-Address
(16 ) IPv6- , , ,
. Peer-Address DHCPv6. Relay Message , .
IPv6 . , DHCPv4,
DHCPv6 All_DHCP_Relay_Agents_and_Servers,
FF02::1:2. DHCPv6- , DHCPv6 .
DHCPv6-, .
, - DHCPv6 , , DHCPv6-.
IP-
IP- IPCONFIG. , ipconfig /all .
IP- ,
IP- (Autoconfiguration IP Address). IPv4- 169.254.98.59:
IP Windows
..................:
DNS-............:
........................:
IP- .......:
WINS- .............:
DNS.:
DELTA
microsoft.com
microsoft.com
Ethernet adapter :
DNS- .........:
........................: Intel Pro/1000 Network Connection
................: 23-17-C6-F8-FD-67
DHCP ....................:
..........:
IPv4-:......: 169.254.98.59
600
IV
Windows Server 2008
...................: 255.255.0.0
...................:
DNS-.....................:

(scope) IPv4 IPv6-,
. DHCP . IPv4-,
MAC- ,
IPv4-. MAC-
IPv4-. IPv6
.
, IP-,
DHCP-. , IP-
192.168.12.2 192.168.12.250 Enterprise Primary. IPv4- :
IP 1.0.0.0 126.255.255.255
B IP- 128.0.0.0 191.255.255.255
C IP- 192.0.0.0 223.255.255.255
D IP- 224.0.0.0 239.255.255.255
IP 127.0.0.1 .
IPv6-, IPv6-. FE80. FF00.

( ) :: ( ) ::1 ( ).
DHCP- . IPv4 :
(normal scope) A, B C.
(multicast scope) IP- IPv4 D. IP- , IP-.
, .
IPv6 . , , , , C.
DHCPv4 DHCPv6 DHCPv4 DHCPv6 . -
(RRAS) - DHCP. .
DHCP
19
601
DHCP-
IP- , DHCP-. (Add Roles
Wizard) DHCP-,
Active Directory.
DHCP- IP-.
DHCP
Microsoft Windows Server 2008
DHCP-, :
1. DHCP IPv4 IPv6- . ,
IPv4 IPv6-.
2. (Server Manager)
(Roles) (Add Roles).
(Add Roles Wizard). ,
(Next).
3. (Select Server Roles) DHCP- (DHCP Server) (Next).
4. (Network Bindings)
IPv4-.
, DHCPv4-, (Next).
5. IPv4 DNS- (Specify IPv4 DNS
Server Settings), . 19-1, DNS, DHCPv4-
DNS. (Parent
Domain) DNS- , , cpandl.com.
IPv4- DNS- (Preferred DNS Server)
IPv4- DNS- (Alternate DNS Server) IPv4- DNS-. (Validate),
DNS-. (Next).
6. IPv4 WINS- (Specify IPv4 WINS
Server Settings) , WINS
. , IP-
WINS- IP- WINS- (Preferred
WINS Server) IP- WINS- (Alternate
WINS Server). (Next).
602
IV
Windows Server 2008
Windows Server 2008 WINS

, Windows 2000, WINS .
IPv4 () IPv6- LLMNR (Link-Local
Multicast Name Resolution). LLMNR,
PNRP (Peer Name Resolution Protocol).
. 19-1. DNS DHCPv4-
7. DHCP- (Add Or Edit

Scopes) DHCP-,
(Add) , . DHCP , (Next).
8. DHCPv6
(Configure DHCPv6 Stateless Mode) , . , DHCPv6- IPv6- DHCPv6,
. , DHCPv6 . (Next).
9. DNS- IPv6 (Specify IPv6 DNS
Server Settings), . 19-2, DNS, DHCPv6-.
DHCP
19
603
(Parent Domain) DNS- , , cpandl.com. IPv6- DNS (Preferred DNS Server) IPv6- DNS-
(Alternate DNS Server) IPv6- DNS-. (Validate), . (Next).
. 19-2. DNS DHCPv6-
10. DHCP- (Authorize DHCP Server) DHCP- Active Directory:

(User Name) . , DHCP-, (Next),
.
,
(Use Alternate Credentials) (Specify).
Windows (Windows Security)

OK. (Next).
DHCP- ,
DHCP- AD DS (Skip Autho-
604
IV
Windows Server 2008
rization) OK. , IP- DHCP-.

11. (Install). . , , DHCP- Active
Directory .
DHCP, . .
DHCP
DHCP- IP DHCP. ,
(Start), (Administrative Tools) DHCP.
DHCP . 19-3. DHCP . , IPv4 IPv6.
, IP.
.
. 19-3. DHCP DHCP-
.
IP :
, DHCP
.
, . DHCP .
, DHCP- .
.
:
, .
.
DHCP
19
605
DHCP-
DHCP, DHCP-.
DHCP- .
:
1. DHCP
(Add Server). , . 19-4.
. 19-4. DHCP-, DHCP
2. (This Server) IP-

, DHCP-.
3. OK. DHCP .
. :
(Refresh).
DHCP-
DHCP- DHCP (DHCP Server). , ,
, \
(Configuration\Services) (Server Manager)
. , DHCP- (DHCP Server)
DHCP. , , (All Tasks) : (Start), (Stop),
(Pause), (Resume) (Restart).
DHCP-
(Server Manager), (Roles) DHCP- (DHCP
Server). , (All
Tasks) : (Start), (Stop), (Pause), (Resume) (Restart).
606
IV
Windows Server 2008
DHCP- Active Directory

DHCP- ,
Active Directory. ,
IP- . Windows Server 2008 DHCP-.
DHCP-, DHCP
(Authorize). , (Unauthorize).
DHCP-
(Server Manager), (Roles) DHCP- (DHCP Server),
(Authorize). .
F5, . DHCP- , . ,
(Roles) DHCP- (DHCP Server), (Unauthorize).
, DHCP- Active Directory
.
, DHCP , . (Authorize).
DHCP-
DHCP- IP .
PIv4 IPv6 . ,
, . , , ,
.
DHCP-
IP-
, DHCP. DHCP . ,
100 / 1000 /. DHCP 1000 /.
DHCP , :
DHCP
19
607
1. DHCP , .
IPv4 IPv6
(Properties).
2. IPv4 IPv6 (Advanced) (Bindings).
3. (Bindings)
DHCP-. DHCP-
, .
, .
4. OK.
DHCP
DHCP IPv4 IPv6. DHCP,
(Refresh) .
DHCP, .
, :
1. DHCP .
IPv4 IPv6 (Properties).
2. (General) (Automatically Update Statistics Every) . OK.
DHCP
Windows Server 2008 DHCP-
.
DHCP
DHCP- .
IPv4 IPv6
, .
DHCP %SystemRoot%\System32\DHCP.
. DhcpSrvLog-Mon.log, DhcpSrvLog-Tue.log . .
DHCP-
. DHCP
. DHCP- (DHCP
Server) . 24 .

DHCP- (DHCP Server).
.
608
IV
Windows Server 2008
DHCP
DHCP, :
1. DHCP .
2. (General)
DHCP (Enable DHCP Audit Logging). OK.
DHCP
DHCP %SystemRoot%\System32\
DHCP. DHCP, :
1. DHCP .
2. (Advanced). (Audit Log File Path)
.
(Browse).
3. OK. Windows Server 2008
DHCP- (DHCP Server). (Yes), . .

DHCP- (DHCP Server) ,

. DHCP- 70 .
.
70

DHCP ,
- .
, .
,
DHCP, HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DHCPServer\Parameters.
:
DhcpLogFilesMaxSize . 70 .
DhcpLogDiskSpaceCleanupInterval
. 60 .
DhcpLogMinSpaceOnDisk , . , .
20 .
DhcpLogMinSpaceOnDisk . .
DHCP
19
609
DHCP DNS
DNS
Active Directory . DNS, DHCP-
DNS . DHCP- DNS .
DHCP DHCP- Windows Server 2008 DNS- IP- . , Windows,
DHCP-.
DHCP- .
DNS Microsoft Windows NT 4.0
, .
WINS DHCP-, NetBIOS.
WINS. DNS- Windows Server 2008.

DNS, :
1. DHCP .
IPv4 (Properties).
. 19-5. DNS (DNS)

DNS DHCP
2. DNS (DNS). . 19-5 DNS DHCP.

.
DNS , :
610
IV
Windows Server 2008
1. DHCP .
IPv4.
2.
(Properties).
3. DNS (DNS).
. 19-5.
.
DHCP NAP
NAP (Network Access Protection) , .
NAP DHCP DHCP- (Network Policy Server, NPS).
(Network Policy Server), DHCP NAP NAP DHCP. NAP, .
NAP DHCP, :
1. , (Add Features Wizard), (Network Policy Server).
2. (Network Policy Server) NPS () (NPS (Local))
NAP (Configure NAP) .
NAP (Configure NAP Wizard).
3. (Network Connection Method)
DHCP (Dynamic Host Configuration
Protocol (DHCP)).
NAP- . . 19-6,
NAP DHCP. (Next).
4.
DHCP- (Specify NAP Enforcement Servers Running
DHCP Server) DHCP- :
(Add). RADIUS (Add New RADIUS Client)
(Friendly Name). (Address) DNS- IP- DHCP.
(Verify).
(Shared Secret)
(Generate). (Generate),
.
NAP DHCP DHCP. ,
. OK.
DHCP
19
611
5. (Next). DHCP- (Specify

DHCP Scopes) DHCP, . ,
DHCP-, NAP.
(Next).
. 19-6. DHCP-
6. NAP URL-
(Specify A NAP Remediation Server Group And URL)
(New Group),
. NAP-. URL -
, NAP.
, DHCP .
(Next).
7. NAP (Define
NAP Health Policy) , NAP. , , NAP.
NAP- . . (Next) (Finish).
NAP DHCP-
. NAP, :
612
IV
Windows Server 2008
1. DHCP .
IPv4 (Properties).
2. (Network Access Protection), . 19-7, (Enable
On All Scopes) (Disable On All Scopes),
NAP .
. 19-7. (Network Access Protection)

DHCP
DHCP- NPS,
. NPS DHCP-
NPS,
(Network Access Protection) .
, , DHCP-, NPS- .
OK.
(Full Access) DHCP-
. .
(Restricted Access) DHCP .
, .
(Drop Client Packet) .
.
NAP ,
:
DHCP
19
613
1. DHCP .
IPv4.
2.
(Properties).
3. (Network Access Protection) (Enable For This Scope)
(Disable For This Scope), NAP .
4. NAP NAP
, (Use Custom Profile) , , Alternate
NAP DHCP.
5. OK, .
IP-
DHCP IPv4-.
IP-.
IPv4-,
. ,
, , IPv4-,
:
1. DHCP .
IPv4 (Properties).
2. (Advanced) (Conflict Detection Attempts) . IP-,
DHCP- .
DHCP IP-, PING.
IPv4- IP- A, B C. DHCP- , DHCP-
IPv4-.
. .
IPv4- . , IPv4-
DHCP-: ,
, DHCP-
. , .
DHCP
DHCP, , DHCP-. , :
614
IV
Windows Server 2008
netsh dump dchp >dhcpconfig.dmp
, dhcpconfig.dmp ,
. , , :
netsh exec dhcpconfig.dmp
DHCP-
. , .
DHCP
DHCP- ,
. IP-,
. ,
: Ipv4-,
IPv4- Ipv6-.

IPv4 , Active Directory. , , . ,
,
.

, , IPv4.
, , :
1. DHCP .
IPv4 (New
Superscope). (New Superscope
Wizard). (Next).
2. (Next).
3. , ,
(Available Scopes). , Shift Ctrl.
4. (Next) (Finish).

,
. ,
:
DHCP
19
615
1. , , (Add
To Superscope).
2. (Add Scope
To A Superscope) .
3. OK.

, :
1. , , (Remove From
Superscope).
2. (Yes), . , .

,
. ,
(Activate). ,
(Deactivate).

,
. ,
, . , (Delete).
(Yes), .

DHCP-.
A, B C. D.
-,
. , , WINS, DNS, . .
IPv4-
IPv4-, :
1. DHCP . IPv4. ,
,
.
616
IV
Windows Server 2008
2. (New Scope).
(New Scope Wizard). (Next).
3. (Next).
4. (IP Address Range)
IP- (Start IP Address) IP- (End IP Address).
x.x.x.0 x.x.x.255. , , . 192.168.10.1
192.168.10.254, 192.168.10.0 192.168.10.255.
5. IP-,
(. 19-8). , .
. 19-8. IP-
(New Scope Wizard),
6. (Next).
, ,
. (Yes), , 8.
, (Back),
IP-.
7. IP-, . (Add Exclusion) IP- (Start IP Address)
IP- (End IP Address):
,
IP- (Start IP Address) IP-
(End IP Address) (Add).
IP-, , IP-.
DHCP
19
617
, .
(Excluded Address Range).
,
(Excluded Address Range)
(Remove).
8. (Next).
(Day(s)), (Hour(s)) (Minutes). . (Next).
. , DHCP, IP-,
, . .
9. DHCP DNS,
WINS, . . , , (Yes, I Want
To Configure These Options Now). , , (No, I Will Configure
These Options Later) 1014.
10. (Next). , ,
. IP- (IP Address) IP- . (Add).
.
.
,
. . (Up) (Down)
.
. 19-9. DNS DNS-

(Domain Name And DNS Servers)
618
IV
Windows Server 2008
11. (Next). . 19-9, DNS DHCP.

, .
12. IP- (IP Address) IP- DNS-.
(Add). , DNS-. ,
IP- . , (Up) (Down).
(Next).
DNS-, IP-
(Server Name) (Resolve).
IP- IP- (IP Address).
, (Add).
13. WINS. (Next).

14. , , (Yes, I Want To Activate This Scope Now)
(Next). , , (No, I Will Activate This Scope
Later) (Next).
15. (Finish), .
IPv6-
IPv6-
(New Scope Wizard). DHCP IPv6-
.
64 IPv6-. (New Scope Wizard) 64- .

. .
. .
IPv6-,
:
1. DHCP . IPv6
.
2. (New Scope).
(New Scope Wizard). (Next).
3. (Next).
4. (Scope Prefix), . 19-10,
64- . (Next).
DHCP
19
619
. 19-10.
(New Scope Wizard)
5. (Add Exclusion) IPv6-, , IPv6- (Start IPv6 Address) IPv6- (End IPv6
Address). :
,
(Exclusion Range)
IPv6- (Start IPv6 Address)
IPv6- (End IPv6 Address) (Add).
IPv6-, IPv6-
(Add).
(Excluded Address Range).
,
(Excluded Address Range)
(Remove).
6. (Next). IPv6- .
. (Scope Lease), .
19-11, (Preferred Lifetime)
(Valid Lifetime). , .
, . (Next).
620
IV
Windows Server 2008
IPv6
8 30 .
7. , (Yes) (Activate Scope Now) (Finish). (No)

(Finish).
19-11.
, :
1. DHCP . IPv4.
2.
(New Multicast Scope). (New Multicast Scope Wizard). (Next).
3. (Next).
4. IP- (Start IP Address) IP- (End
IP Address) IP- .
IP- D. ,
IP- 224.0.0.0 239.255.255.255.
5. , IP, (Time to Live, TTL). ,
. TTL 32.
, , ,
.
DHCP
19
621
6. (Next). ,
(Back), IP-.
7. (Exclusion Range) IP-, . .
, IP- (Start IP Address) IP- (End IP Address) (Add).

(Excluded Addresses).
,
(Excluded Addresses)
(Remove).
8. (Next).
(Day(s)), (Hour(s)) (Minutes). 30 . (Next).
,
. , . IP- ,
.
30 60 .
9. , (Yes) (Next). , (No)

(Next).
10. (Finish), .

TCP/IP , .
,
DNS-, , WINS .
, .
:
, ;
;
, ;
,
.
IPv4 IPv6 .

, . ,
, :
622
IV
Windows Server 2008
;
;
.

, DHCP-. ,
:
1. DHCP .
IPv4 IPv6.
2. , IPv4 IPv6
(Server Options). .
3. ,
(Server Options)
(Configure Options). : (Server Options). (Available
Options), .
(Data Entry). .
4. OK.

.
, :
1. DHCP .
2. , (Scope Options). .
3. ,
(Scope Options)
(Configure Options). : (Scope Options). (Available
Options)
(Data Entry),
. 19-12. .
4. OK.
DHCP
19
623
. 19-12. , ,
(Data Entry)
, IPv6- IPv4-.
.
,
:
1. DHCP .
2. (Reservations) .
3. , . .
4. , (Configure Options).
: (Reservation
Options). (Available Options) (Data Entry).
.

, :
1. DHCP .
IPv4 IPv6. ,
.
624
IV
Windows Server 2008
3. . :
IPv4
. IP- DHCP-.
,
. , , .
, , , IP-.

. ,
.
, .
,
(Lifetime),
(Multicast Scope Expires On) .

DHCP . .
DHCP,
(Activate).
DHCP, (Deactivate).
,
. , ,
.
BOOTP
BOOTP DHCP.
BOOTP. BOOTP
, :
1. IPv4-, , (Properties).
2. (Advanced) (Both), DHCP
BOOTP.
3. BOOTP- OK.

DHCP-. , :
DHCP
19
625
1. DHCP ,
, (Delete).
2. , (Yes).

. , DHCP-. ,
,
. .
, IP-
DHCP-, .
, , , DHCP- IP-
.
IP- DHCP
192.168.10.1 192.168.10.99
192.168.10.100 192.168.10.199
192.168.10.200 192.168.10.254
DHCP, IP-.
DHCP-.
,
, .
.

.

(Display Statistics).
:
(Total Scopes) .
(Total Addresses) IP- .
(In Use)
( ). 85%
, .
(Available) ( ).
626
IV
Windows Server 2008

IPv4- IP-.
.
IPv4-, :
1. DHCP (Address Pool)
(New Exclusion Range).
2. IP-
(Start IP Address) IP- (End IP Address)
(Add). .
, .
3. , (Close).
IPv6-, :
1. DHCP (Exclusions). (New Exclusion Range).
2. IPv6-
(Start IPv6 Address) IPv6- (End IPv6 Address) (Add).
.
, .
3. , (Close).

, .
(Address Pool) (Exclusions). (Delete).
, (Yes).
DHCP-
DHCP . , (Unlimited)
, .
, DHCP- . DHCP
IP-, ,
DHCP.
IP- ,
:
DHCP
19
627
1. DHCP (Reservations). (New Reservation).

2. (Reservation Name) ,
. .
3. IP- (IP Address) IPv4-, .
, IP- .
4. MAC- (MAC Address)

. MAC-, ipconfig /all . (Physical Address) MAC- .
, .
5. (Description) , .
6. DHCP-, BOOTP-. , ,
.
7. (Add), .
, .
8. , (Close).
IPv6- ,
:
1. DHCP (Reservations). (New Reservation).
2. (Reservation) , .
.
3. IPv6- (IPv6 Address) IPv6-,
.
, IP- .
4. DUID (Device Unique

Identifier) MAC- . MAC-, ipconfig /all .
(Physical Address) MAC- .
, .
5. IAID . , 9 .
628
IV
Windows Server 2008
6. (Description) , .
7. (Add), .
, .
8. , (Close).

, :
.
, . , ipconfig /release.
.
IP-,
. ,
ipconfig /release.

, :
1. DHCP (Reservations).
2.
(Properties). . , . ,
.

,
:
1. DHCP (Address Leases) (Reservations).
2. ,
, (Delete).
3. , (Yes).
4. DHCP.
IP-. ,
ipconfig /release.
DHCP
DHCP DHCP. %SystemRoot%\
System32\DHCP. :
DHCP
19
629
Dhcp.mdb DHCP-.
J50.log , .
J50.chk , DHCP-.
Res1.log DHCP-.
Res2.log DHCP-.
Tmp.edb DHCP-.
DHCP
%SystemRoot%\System32\DHCP DHCP. DHCP
60 .
DHCP , :
1. DHCP , , (Backup).
2. (Browse For Folder) ,
DHCP, OK.
, , , DHCP,
:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DHCPServer\Parameters
DHCP :
BackupDatabasePath DHCP. DHCP.
(Advanced)
(Database Path).
DatabaseName DHCP. DHCP.mdb.
BackupInterval . 60 .
DatabaseCleanupInterval .
60 .
DHCP
, , DHCP. DHCP
, :
1. %SystemRoot%\
System32\DHCP\backup. DHCP, , ,
(Restore).
630
IV
Windows Server 2008
2. (Browse For Folder) ,

, OK.
3. DHCP- (DHCP Server) . DHCP- DHCP- IP-.
DHCP

DHCP-,
DHCP- . .
:
1. DHCP- (DHCP Server)
.
(Services).
3. %SystemRoot%\System32\DHCP.
:
(Services).
2. DHCP- (DHCP Server) , .
3. %SystemRoot%\System32\DHCP
%SystemRoot%\System32\DHCP .
.
DHCP- (DHCP Server) , .
DHCP
DHCP Windows DHCP- (DHCP Server), ,
DHCP .
, :
(Services).
2. %SystemRoot%\System32\DHCP.
, .
! DHCPServer, DHCP. DHCP.
3. DHCP- (DHCP Server).
DHCP
19
631
4. DHCP . ,
, .
5. , ,
.
IP-
.

DHCP . , Windows, DHCP-,
. DHCP
IP- , IP-.
.
.
, :
1. DHCP
(Reconcile).
2. (Reconcile) (Verify).
3. . (Reconcile).
4. , OK.
, :
1. DHCP
(Reconcile All Scopes).
2. (Reconcile All Scopes)
(Verify).
3. . (Reconcile).
4. , OK.
20
DNS
DNS .
DNS ,
IP-, . DNS TCP/IP
WINS, DHCP Active Directory. Microsoft Windows DNS
Active Directory .
DNS
DNS ,
,
, (, ) . ,
. omega.microsoft.com, ,
microsoft , com .
DNS,
. , . , , microsoft.com,
,
. , .
. ,
,
, : jacob.hr.microsoft.com. jacob
, hr , microsoft.com .
Active Directory DNS

7, DNS Active
Directory .
Active Directory DNS , -
DNS
20
633
Active Directory (Active Directory DS) DNS.

Active Directory
DNS,
DNS-. , , DNS Active Directory.
. DNS Active Directory,
Active Directory. :
DNS .dns %SystemRoot%\
System32\Dns. DNS DNS-. DNS- ,
(zone). , DNS
DHCP, DNS-
. DNS- . , DNS-,
DHCP .
DNS Active Directory, dnsZone.
Active Directory,
DNS ,
DHCP . , DNS (DNS Server), . ,
, DNS DHCP, DNS- .
DNS- .
DNS
, Active
Directory. DNS Active Directory. ,
DNS, Active Directory,
. DNS , Active Directory, DNS
.
DNS- Windows Server DNS- , AD DS, . ,
634
IV
Windows Server 2008

DNS. DNS- Windows
Server 2008 AD DS .
DNS- , , .
DNS-, Windows
Server 2008, :
;
AD DS;
, , AD DS;
RPC;
, AD DS.
, DNS- . DNS-
, DNS-
. ,
, DNS- AD DS .
DNS
DNS , DNS.
DNS- , IP-
DNS- . DNS- , .
DNS- TCP/IP
17. DNS- .
DNS, Windows Vista Windows Server 2008, DNS- IPv4 IPv6. IPv6 DNS
FEC0:0:0:FFFF::1, FEC0:0:0:FFFF::2 FEC0:0:0:FFFF::3. IPv6- DNS- , TCP/IPv6
IPV6 ADD DNS netsh.
DNS Windows Server 2008 IPv6- IPv4-. DNS
(DNS Manager) IPv4 IPv6-, . Dnscmd
. , DNS-
IPv6,
IPv4-, IPv6-. , DNS ip6.arpa
.
DNS
20
635
DHCP, DNS.
DHCP IPv6- IPv4-, . DHCP
DNS DHCP, .
IPv4 006 DNS- (006 DNS
Servers) 015 DNS- (015 DNS Domain Name). IPv6 00023 IPv6
DNS (00023 DNS Recursive Name Server IPV6 Address)
00024 (00024 Domain Search List). ,

Active Directory, DNS. DNS
, .
DNS- , DNS-, Windows Vista Windows Server 2008,
LLMNR. ,
, . , ,
DNS- , ,
- .
,
, , .
, DNS- .
DNS,
Windows Vista Windows Server 2008, , .
, , .
, ,
.
Windows Server 2008 GlobalNames.

, (RODC). RODC-,
, DNS, , DNS
. DNS- RODC DNS. RODC , .
.
DNS
GlobalNames. -
636
IV
Windows Server 2008
, AD DS
DNS- .
GlobalNames
(SRV) (Service Location (SRV)), .
WINS, GlobalNames , CNAME
. GlobalNames , , .
LLMNR.
GlobalNames , :
1. , ,
DNS- . DNS-.
2. , DNS-, .
3. , .
4. GlobalNames,
DNS-, . , WINS.
GlobalNames , DNS- Windows Server 2008. , DNS-,
,
. GlobalNames .
DNS-
DNS- . DHCP, DNS
DHCP-. IP- DNS , DNS .
DNS DNS TCP/IP (Advanced TCP/IP Settings).
, :
Connections) (Properties).
DNS
20
637
3. DHCP , DNS-
DHCP, DNS (Obtain DNS Server Address Automatically).
DNS- (Use The Following DNS Server Addresses),
DNS- .
4. (Advanced), TCP/IP (Advanced TCP/IP
Settings). DNS.
DNS:
DNS-, (DNS Server Addresses,
In Order Of Use) IP- DNS-, . IP-
, (Add). (Remove), .
(Edit). DNS, .
, DNS- . . , .
DNS- (Append Primary And Connection Specific DNS Suffixes) .
. , Gandolf microsoft.com.
DNS gandolf.microsoft.com.
, .
(Computer Name)
DNS- (Append Parent Suffixes Of The Primary DNS Suffix)
.
.
,

. ,
DNS. , Gandolf dev.microsoft.com. DNS
gandolf.dev.microsoft.com, ,
, gandolf.microsoft.com.
638
IV
Windows Server 2008
DNS- ( ) (Append These

DNS Suffixes (In Order)) ,
DNS- . (Add), . (Remove),
. (Edit). . , DNS
. . .
, .
DNS- (DNS Suffix For This Connection)
DNS- , DNS-,
.
DNS (Register This Connections Addresses In DNS) , , IP- DNS
FQDN- . .
DNS DHCP , A (Host Address) IP, DHCP- PTR (Pointer) DHCP-. DHCP-
(A PTR) . DNS BIND 5.1 DNS-, Microsoft
Windows 2000 Server, Microsoft Windows Server 2003
Windows. Microsoft
Windows NT Server 4.
DNS- DNS
(Use This Connections DNS Suffix In DNS Registration)
, , IP-
DNS .
DNS-
Windows Server 2008 DNS-
:
, Active Directory (Active Directoryintegrated primary server) DNS,
Active Directory. DNS Active
Directory.
(primary server) DNS- , Active Directory.
DNS
.dns.
DNS
20
639
(secondary server) DNS.

DNS-,
.
DNS . .
(forwarding-only server) , DNS
. DNS , .
. , .
DNS- DNS- (DNS Server).
DNS- (DNS Server)

DNS- ,
DNS . , DNS . .
, ,
DNS , :
1. (Server Manager) (Roles)
(Add Roles). (Add Roles Wizard).
, (Next).
2. (Select Server Roles) DNS (DNS Server) (Next).
3. (Install). DNS (DNS Server) . , . DNS-.
. 20-1. DNS (DNS Manager)

DNS-
640
IV
Windows Server 2008
4. DNS (DNS Manager),

DNS (Administrative Tools). DNS (DNS Manager) . 20-1.
5. ,
. DNS DNS- (Connect To DNS Server).
:
, (This Computer) OK.
,
(The Following Computer) IP . OK.
6. DNS- DNS
(DNS Manager).
DNS- (Configure A DNS
Server). DNS- (Configure A DNS
Server Wizard). (Next).
7. (Select Configuration
Action), . 20-2,
(Configure Root Hints Only). ,
DNS.
. 20-2. DNS
8. (Next). DNS .
9. (Finish).
DNS
20
641
DNS-
DNS- Active Directory
.
. IP-.
DNS- IP- -.
DNS-
(DNS Server), :
1. DNS (DNS Manager)
, .
2. (New Zone).
(New Zone Wizard). (Next).
DNS (DNS Manager)
DNS- (DNS Server) (Server Manager). DNS.
3. (. 20-3). ,
Active Directory,
(Primary Zone) ,
Active Directory (Store The Zone In Active Directory). DNS Active Directory, (Primary Zone) Active
Directory (Store The Zone In Active Directory). (Next).
. 20-3. (New Zone Wizard)
4. Active Directory, . , 6.
642
5.
6.
7.
8.
IV
Windows Server 2008
DNS- (To All DNS Servers In This

Forest) . ,
Active Directory ,
.
Domain) , DNS .
(To All Domain
Controllers In This Domain) ,
DNS .
DNS
, DNS- (
DNS-).
(Next). (Forward Lookup Zone) (Next).
DNS- . ,
DNS. , microsoft.com, microsoft.com. (Next).
, Active
Directory, . DNS
.
. (Next).
, .
:
(Allow
Only Secure Dynamic Updates) Active
Directory, ACL, , . ,
, , ACL.
(Allow Both Nonsecure
And Secure Dynamic Updates) ,
DNS
.
(Do Not Allow Dynamic Updates) DNS.

Active Directory.
DNS
20
643
9. (Next), (Finish), . , DNS-.

10. DNS- DNS . , , microsoft.
com msn.com, , . .
11. ,
DNS-, ,
DNS-.
. -, FTP- . .
, ,
. .
,
. DNS
-. DNS- .com, .org .net
IP-, . DNS . adatum.com DNS- IP-.
TCP/IP 17.
DNS-
DNS-
. Active Directory, .
DNS , Active Directory DNS . , .
DNS- . , .
, ,
, . ,
, ,
.
, :
644
IV
Windows Server 2008

.
2.
(New Zone). (New
Zone Wizard). (Next).
3. (Zone Type) (Secondary Zone). (Next).
4. , . ,
(Forward
Lookup Zone) (Next).
5. DNS- (Next).
6. (Master Servers) IP- Enter. .
, ,
IP-.
,
.
7. (Next) (Finish). , ,
. .

IP-, IP- . . ,
192.168.10.0, 192.168.11.0 192.168.12.0,
.
, , in-addr.arpa.
10.168.192.
in-addr.arpa, 11.168.192.in-addr.arpa 12.168.192.in-addr.arpa. .
.
, :
.
2.
(New Zone). (New
Zone Wizard). (Next).
3. , Active Directory, (Primary Zone) -
DNS
4.
5.
6.
7.
20
645
, Active Directory (Store

The Zone In Active Directory). DNS
Active Directory, (Primary
Zone) Active Directory (Store The
Zone In Active Directory). (Next).

, (Secondary
Zone) (Next).
Active Directory, :
Forest) . ,
Active Directory ,
.
DNS- (To All DNS Servers In
This Domain) ,
DNS .
(To All Domain
Controllers In This Domain) ,
DNS .
DNS
, DNS- (
DNS-).
(Reverse Lookup
Zone). (Next).
,
(IPv4 IPv6) (Next). :
IPv4,
.
.
(Next).
, ,
192.168.10 192.168.11, . 168.192.in-addr.arpa,
DNS (DNS Manager) .
IPv6,
.
.
. (Next).
646
IV
Windows Server 2008
8. , Active Directory, .
DNS . . (Next).
9. , .
:
(Allow
Only Secure Dynamic Updates) Active
Directory, ACL, , . ,
, , ACL.
(Allow Both Nonsecure
And Secure Dynamic Updates) ,
DNS
.
(Do Not Allow Dynamic Updates) DNS.

Active Directory.
10. (Next), (Finish), . , DNS-.
. , .

GlobalNames ,
AD DS. DNS-
Windows Server 2008, GlobalNames
WINS . , FQDN-.
GlobalNames ,
DNS, , WINS,
IPv6. GlobalNames ,
.
DNS
20
647
GlobalNames, :
(Forward Lookup Zones) (New Zone).
(New Zone Wizard) (Next),
, AD DS. , Active Directory (Active Directory Zone
Replication Scope)
(Next). (Zone Name) GlobalNames.
(Next) (Finish).
2. DNS-
:
dnscmd /enableglobalnamessupport 1
DNS-,
GlobalNames. , (.), , dnscmd . /enableglobalnamessupport 1.
3. , ,
GlobalNames CNAME: DNS
(DNS Manager) GlobalNames,
(CNAME) (New Alias (CNAME)) .
DNS- :
1) , 2) GlobalNames, 3) DNS, 4) WINS. ,
DNS- GlobalNames, .
, DNS- GlobalNames, (SRV) (Service Location (SRV)) _globalnames._msdcs
DNS-, .
DNS-, GlobalNames.
DNS-
DNS (DNS Manager)
DNS-. . 20-4, . DNS-
. .
DNS (DNS Manager):
,
.
,
, , .
648
IV
Windows Server 2008
,
.
. 20-4. (Forward Lookup Zones)

(Reverse Lookup Zones)
(Forward Lookup Zones) (Reverse Lookup Zones)

, .
, DNS-.
DNS
(DNS Manager)
DNS- DNS
(DNS Manager), :
1. DNS
DNS- (Connect To DNS Server).
2. , (This Computer).
(The Following Computer)
IP- FQDN- ,
.
3. OK. Windows Server 2008
. .

- (RPC), .
, (Yes) .
DNS
20
649
DNS
DNS (DNS Manager), Delete. OK, . . .
DNS-
DNS- DNS- (DNS
Server). , , , DNS- (DNS Server) (Server Manager) . , DNS (DNS Server) DNS (DNS
Manager). , ,
(All Tasks)
(Start), (Stop), (Pause), (Resume)
(Restart).

DNS (DNS Manager)
. , microsoft.com.
hr.microsoft.com mis.microsoft.com.
, :
1. DNS (DNS Manager) (Forward Lookup Zones) .
2.
(New Domain).
3. OK. ,
hr.microsoft.com, hr.

DNS . -
(microsoft.com).
, , memphis.microsoft.com, newyork.microsoft.com
la.microsoft.com.
, :
1. DNS- .
2.
DNS- . DNS- , .
650
IV
Windows Server 2008
, :
2.
(New Delegation).
(New Delegation Wizard).
(Next).
3. , , hr (. 20-5) (Next).
(Fully
Qualified Domain Name).
. 20-5. ,

4. (Add).
(New Name Server Record).
5. (Server Fully Qualified Domain
Name) - DNS- , , corpserver01.memphis.adatum.com.
(Resolve). IP- IP- (IP Address).
6. 5, .
, IP- .
(Up)
(Down). OK,
7. (Next) (Finish).
DNS
20
651

DNS-.
, :
.
2. (Delete).
, (Yes).
3. Active Directory, .
Active Directory, (Yes).
DNS-
,
, Active Directory. %SystemRoot%\
System32\Dns. ,
DNS (DNS Manager).
DNS-
, .
, Active Directory DNS-, DNS-. DNS, . ,
:
A (IPv4-) - IPv4-.

IPv4- ( ),
.
AAAA (IPv6-) - IPv6-.

IPv6- ( ),
.
(CNAME) -. ,
zeta.microsoft.com www.microsoft.com.
(MX) , .
(NS) , DNS . .
(PTR) , IP- .
(SOA) , , -
652
IV
Windows Server 2008
DNS- . (SOA)
( ).

A AAAA IP, PTR .
.
, :
2. , , ( ) (New Host
(A Or AAAA)). , . 20-6.
. 20-6. (New Host)

3. , , corpserver01, IP-, ,
192.168.1.50.
4. PTR- (Create
Associated Pointer (PTR) Record).
PTR-
. ,
. (Allow Any Authenticated Users) ,
DNS- .
5. (Add Host) OK. , .

6. , (Done).
DNS
20
653
PTR-
PTR- , :
1. DNS (DNS Manager) (Reverse Lookup Zones) .
2. , , (New Pointer
(PTR)). , . 20-7.
. 20-7. PTR-
(New Resource Record)
3. IP- (Host IP Address), , 192.168.1.95,

(Host Name), , techserver09.tech.adatum.com.
OK.
DNS- CNAME
CNAME-
- -. ,
gamma.microsoft.com www.microsoft.com
ftp.microsoft.com.
CNAME-, :
2. , , (CNAME) (New Alias
(CNAME)). , . 20-8.
3. (Alias Name) -, , , www ftp.
654
IV
Windows Server 2008
4. (FQDN) (Fully Qualified

Domain Name (FQDN) For Target Host) - , .
5. OK.
. 20-8. CNAME- -

MX ,
. MX-, 0 65535,
. .
,
.
MX-, :
2. , , (MX) (New Mail
Exchanger (MX)). , 20-9.
3. , :
(Host Or Child Domain)
.
. ,
.
DNS
20
655
(FQDN) (Fully Qualified Domain Name

(FQDN)) ,
, , tech.adatum.com.
(FQDN) (Fully Qualified
Domain Name (FQDN) Of Mail Server) , ,
, corpmail.tech.adatum.com. .
(Mail Server Priority) 0 65535.
, . ,
10, 20,
30.
4. OK.
. 20-9.

NS . NS . -, ,
NS-.
NS-, :
2. DNS- , .
656
IV
Windows Server 2008
3. NS- (Properties).
(Name Servers),
. 20-10.
. 20-10.
4. (Add).
5. (Server Fully Qualified Domain
Name) - DNS- , , corpserver01.adatum.com. (Resolve).
IP-
IP- (IP Address).
6. 5, .
, IP- .
(Up)
(Down). OK,
7. OK, .
DNS-
DNS-, :
1. . .
2. DNS-, . .
OK.
DNS
20
657

, (SOA), , WINS.
DNS (DNS Manager),
:
, ,
(Properties).
(Action)
(Properties).
, WINS WINS-R.
WINS NetBIOS.
WINS-R NetBIOS.

, , . , :
, , (Properties).
2. (SOA) (Start Of Authority
(SOA)) , . 20-11.
. 20-11.
SOA-
658
IV
Windows Server 2008
(SOA) (Start Of Authority (SOA))

:
(Serial Number)
DNS. , .
, .
, , DNS- . , DNS
(
).
(Primary Server) ,
. , .
(Responsible Person)
, . hostmaster,
. hostmaster@_.com. , @
.
(Refresh Interval) , .
, . , , NS-
.
(Retry Interval) , . 10 ,
10 , .
(Expires After) ,
.
, ,
DNS-.
. TTL ( ) (Minimum (Default) TTL) . ,
. .
, , 24 .
. , ,
.
DNS
20
659
(TTL) (TTL For This Record) SOA- : : : : . , .

DNS- . Windows
Server 2008 . , ,
, ,
.
, . ,

.
, ,
, .

, :
, , (Properties).
2. (Zone Transfer),
. 20-12.
. 20-12. (Zone Transfers)

660
IV
Windows Server 2008
3. , (Name Servers), (Allow Zone Transfers)

, (Only To Servers
Listed On The Name Servers Tab).
4. , (Allow Zone Transfers)
(Only To The Following Servers).
(Edit), (Allow Zone Transfers). IP-
(IP Address), IP-
Enter. . ,
IP-.
, IP- . OK.
5. OK, .

SOA-. DNS .
,
. :
, , (Properties).
2. (Zone Transfers)
(Notify). , . 20-13.
. 20-13. ,
(Name Servers), ,
DNS
20
661
3. ,
(Name Servers),
(Automatically Notify) (Only To Servers Listed On The Name Servers Tab).
4. ,
(Automatically Notify)
(Following Servers). IP (IP Address), IP-
Enter. . ,
IP-.
, IP-.
5. OK.

Active Directory, :
, , (Properties).
2. (General) (Change)
(Type). (Change
Zone Type) .
3. Active Directory
Active Directory (Store The Zone In Active Directory).
4. Active Directory,
Active Directory (Store The Zone In Active Directory).
5. OK.

DNS-
. ,
DHCP. , .
Active Directory,
.
, DNS, ACL.
,
:
, , (Properties).
662
IV
Windows Server 2008
2. (General)
(Dynamic Updates) :
(None) .
(Nonsecure And Secure)
.
(Secure Only) Active Directory.
Active Directory.
3. OK.
DNS DHCP. DHCP DNS 19.

DNS-
DNS- . IP- DNS- . , ,
.
IP- DNS-
DNS- DNS-
IP-,
.
DNS (DNS Manager) IP-. :
(Properties).
2. (Interfaces)
IP- (Only The Following IP Addresses).
IP-, DNS-.
IP-, DNS-. DNS IP-. DNS
IP- .
3. OK.
DNS-
, .
DNS
20
663

. , DNS- .
DNS-.
DNS :
(Nonforwarders)
DNS-, ,
. , DNS-
.
(Forwarding-only) .
DNS-.
(Forwarders) ,
.
DNS.
(Conditional forwarders) , DNS. , .
( ,
). .
DNS- , :
(Properties).
2. (Advanced). , , (Disable
Recursion) . , , (Disable Recursion) .
3. (Forwarders) (Edit).
(Edit Forwarders).
4. IP- (IP Address), IP- Enter. .
, IP-.
, IP- .
5. , , ,
-
664
IV
Windows Server 2008
.
. 5 . OK.

DNS-,
. ,
(Disable Recursion) DNS- .

,
. DNS-. ,
.
, :
(Conditional Forwarders)
.
(Conditional Forwarder).
2. (New Conditional
Forwarder) , ,
, adatum.com.
3. IP- (IP Address), IP- DNS- Enter. ,
IP-.
4. DNS Active Directory Active Directory (Store This Conditional Forwarder In Active Directory)
.
DNS- (All DNS Servers In This Forest)
. , Active Directory ,
.
DNS- (All DNS Servers In This Domain) ,
DNS .
(All Domain Controllers In
This Domain) ,
DNS
.
DNS ,
DNS
20
665
DNS- (
DNS-).
5. , , ,
.

.
. OK.
6. ,
.

DNS
DNS-. ,
:
(Properties).
2. DNS (Event Logging). , (No Events).
3. OK.
DNS
, DNS- (DNS Server)
DNS-.
DNS, (Event
View) (Computer Management).
DNS
DNS. .
, :
(Properties).
2. (Debug Logging),
. 20-14,
(Log Packets For Debugging). , .
3. (File Path And Name)
, , dns.log.
%SystemRoot%\System32\Dns.
4. OK. , , (Log Packets For
Debugging).
666
IV
Windows Server 2008
. 20-14.
(Debug Logging)
DNS-
Windows Server 2008 DNS .
,
:
(Properties).
. 20-15. DNS-
DNS
20
667
2. (Monitoring),
. 20-15. . DNS ,
DNS- (A Simple Query Against This DNS Server). DNS , DNS- (A Recursive Query To Other DNS
Servers).
3. , (Test
Now). ,
(Perform Automatic Testing At
The Following Interval) , .
4. (Test
Results). , , , (Pass).
. , , .
, (Advanced) .
DNS,
10-15 . .
DNS ,
- .
. (William R. Stanek) (http://www.williamstanek.com/) . ,

, , . . 65 ,
Microsoft Exchange Server 2007 Administrators Pocket Consultant (Microsoft
Exchange Server 2007. , , , 2008) Microsoft Windows Vista Administrators Pocket Consultant
(Microsoft Windows Vista. , ,
-, 2007), Windows Server 2008 Administrators Pocket Consultant
(Windows Server 2008. , , , 2008) Windows Server 2008 Inside Out.
- 1991 .
11
.
, .
.
.

. ,
.
, Air Force Distinguished Flying Cross. - .

Windows Server 2008. Справочник Администратора (Уильям Р. Станек) 2008

Загружено:

Сведения о документе

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

Windows Server 2008. Справочник Администратора (Уильям Р. Станек) 2008

Загружено:

Авторское право:

Доступные форматы

William R.

Windows Server 2008. / . . . :

Windows Server 2008.

I Windows Server 2008 ...............1

2 Windows Server 2008 ........................................... 20

3 Windows Server 2008 ................................ 48

Active Directory .................................................................................217

8 Active Directory ........... 230

VPN ..................... 329

III Windows Server 2008 .......355

13 RAID ............ 404

IV Windows Server 2008 .........543

19 DHCP ........................................................... 595

20 DNS ........................................................................ 632

Windows Server 2008.

1. Windows Server 2008 .................................. 2

Windows Server 2008 , ,

Windows Server 2008 Windows Vista

Windows Server 2008

WIM (Windows Imaging Format),

Windows Server 2008

Windows Server 2008

Windows Server 2008

. Windows Web Server 2008 2 2 .

Windows Server 2008, , :

Windows Server 2008 (Start)

Windows Server 2008

. 1-1. (Network and Sharing Center)

Windows Server 2008

Windows Server 2008

128- IPv6- 16- , .

Windows Server 2008

Windows Server 2008

Active Directory (Active

Windows Server 2008

Windows Server 2008. RODC ,

Windows Server 2008

Windows Server 2008

Windows Server 2008

DNS , Active Directory, ,

Windows Server 2008

Windows Server 2008

Windows Server 2008

Windows Server 2008

Windows Server 2008

Windows Server 2008

Windows Server 2008, .

Windows Server 2008

, Windows Server 2008

Windows Server 2008

. 2-1. Windows Server 2008

IP-. DHCP- IP TCP/IP

- -. -, -, , . , -, ASP.NET .NET Framework 3.0.

, ASP.NET, Enterprise Services .NET Framework 3.0.

Windows Server 2008

Windows Server 2008

. 2-2 , Windows Server 2008. Windows,

Windows Server 2008

. 2-2. Windows Server 2008

API- .NET Framework 3.0

GPMC (Group Policy Management

Windows Server 2008

RPC HTTP (Remote

Windows Server 2008