Вы находитесь на странице: 1из 686

William R.

Stanek

Windows
Server 2008

Administrators
Pocket Consultant

Windows
Server 2008

2008

681.3.06
32.973.26018.2
76
.
76

Windows Server 2008. / . . . :


; . : -, 2008. 688 . : .
ISBN 978-5-7502-0370-3 ( )
ISBN 978-5-9775-0009-8 (-)
Windows Server 2008.
,
, . Windows Server 2008,
, .
Active Directory , , . : , , DHCP- DNS-. , , .
20 ,
- .
681.3.06
32.973.26018.2
2008-2012, Translation Russian Edition Publishers.
Authorized Russian translation of the English edition of Windows Server 2008 Administrator's Pocket Consultant,
ISBN 9780735624375 William R. Stanek.
This translation is published and sold by permission of OReilly Media, Inc., which owns or controls all rights to publish
and sell the same.
2008-2012, , -.
Windows Server 2008 Administrator's
Pocket Consultant, ISBN 9780735624375 William R. Stanek.
OReilly Media, Inc.,
.
2008-2012, , ,
-.
Microsoft, , , :
http://www.microsoft.com/about/legal/en/us/IntellectualProperty/Trademarks/EN-US.aspx
Microsoft / .
.
, , , ,
, , .

Windows Server 2008.



-


................................................................................................. XVI
......................................................................................................... XVII

I Windows Server 2008 ...............1


1 Windows Server 2008 .......................... 2
Windows Server 2008 Windows Vista .................................................................................2
Windows Server 2008 .......................................................................................4
......................................................................................6
.................................................................................................6

............................................................................................7
, ...................................8
Active Directory ............................................................................................................8
.................................................... 10
Active Directory ................................................. 11

..................................................................................................... 12
DNS ................................................................................................................................................. 12
WINS .............................................................................................................................................. 14
LLMNR .......................................................................................................................................... 16

............................................................................................... 17
Windows PowerShell .................................................................................................................. 18

2 Windows Server 2008 ........................................... 20


, Windows Server 2008 ......................................... 21
Windows Server 2008 ........................................ 28
Windows Server 2008 .......................................................................................... 30
......................................................................................................................... 31

....................................................................................................... 33

.................................................................................................................. 34
............................................... 34
.................................. 38
............................................................. 39
, ,
..................................................................................... 39

, ............................................. 41
.................................................................. 42
................................................................................................ 43
................................................................................... 45
Windows Server 2008 ....................................... 46

3 Windows Server 2008 ................................ 48


.............................................................................................. 49
............................................................................................................ 51
........................................................................................ 55
Windows ................................................................................. 59
................................................................. 60

VI

........................................................................................... 60
................................................................................ 63
................................. 65
............................................................. 66

................................................................... 69
4 , ..................................... 70
, ........................ 70
.......................................................................................................................... 71
.................................................................................................... 71
............................................................................................. 72
................................................................................................... 75
............................................................................................... 76
............................................................................ 78
............................................................ 80

................................................................................... 81
, , ......................................................................... 83
..................................................................................................... 83
..................................................................................... 84
.................................................................................... 86
.................................................................................. 87

.................................................................................................................... 88
.......................................................... 90
....................................................................................... 92
.......................................................................... 94
................................................................................................... 96
........................................................................................ 96

................................................... 98
? ...................................................................................... 98
..................................................................................................... 99
(Reliability And Performance)......... 99
................................................................................... 103
............................................................................................ 105
................................................................................ 110
........................................... 111

......................................................................112
........................................................ 112
................................................ 114
- ....................................................... 115
......................................................... 116

5 .............. 118
.............................................................................................................121
........................................................................................ 121
? ............................................... 123
? .................................................................... 123
......................................... 124

.................................................................................125
...................................................127
....................................................................... 127
................................... 128
LGPO ..................................................................................................................... 130
.................................................................. 130

, ........................................131

VII

.......................................... 131
.............................................................................. 132
.................................................................................. 134
............................ 135
................................................................................... 137
GPO ............................................................................................... 138
GPO ................................................................... 140
............... 140
, ......................................................... 142

.....................145
...................................................................................... 145
...................................... 148
......................................... 149
, ................................................... 151
............................................... 152

................................................................................................................ 154
........................................ 154
................................................................. 155
............................................................................... 155
GPO .......................................................................................... 158
............................................................ 159
......................................................................... 160


....................................................................................161
........................................... 161
................................................ 166
...................................................................................................... 169

........................................................................................................................... 176
............................................................... 177

6 ...................................... 182
........................................................................................................182
(Security Templates)
(Security Configuration and Analysis) ......... 184
................................................................. 185
, ......................................... 192
.................. 196

.......................................................................................197
......................................................................................... 198
.......................................... 203
................................................. 203
....................................................................... 204
.................. 204

II
Windows Server 2008...........................................................................207
7 Active Directory .............................................. 208
Active Directory ...........................................................................................208
Active Directory DNS ........................................................................................................... 208
, .................... 209
Windows Server 2008 Windows NT 4.0 ........................................................................... 210

VIII

..........................................................................................211
......................................................................................................................................... 211
........................................................................................................................... 212
.......................................................................................................................... 215
....................................................................................................................... 216

Active Directory .................................................................................217


Active Directory Windows 2000 217
.......................................................................................................... 218
....................................................................... 221

................................................................................................................223
.................................................................................... 223
................................................................................ 224
.......................................................... 225
Active Directory ............................................................................................ 226
Active Directory LDAP........................................................................................................ 227
.......................................................................................................... 228

8 Active Directory ........... 230


Active Directory ...........................................................................230
Active Directory ............................................................ 230
Active Directory ....................................................... 231
Active Directory ..................................................................... 232

Active Directory
(Active Directory Users And Computers) ........................................................................233
Active Directory
(Active Directory Users And Computers)............................................. 233
................................................................................ 234
.......................................................................................................... 235
...................................................................... 236
............................................................. 238

, .....................................244
.............................................................. 244
.................................................................... 246
......................................... 247
...................................................................... 248
............................................................................... 248
................................................................ 249
........................................................................................ 251
.................................... 252

...........................................................................................252
....................................................................................................... 252
.................................................. 253
.................................................................. 253
.............................................................................................. 253

..............................................................................................................253
.......................................................................................................................... 254
................................................................................................................... 255
........................................................... 256
....................................................................................................... 257
........................................................................................ 259
Active Directory .......................................................................................... 261
ADSI (ADSI Edit) ............................................................... 261
............................................................................ 263
Active Directory ................................................................ 265

IX

9 ...................................... 267
Windows Server 2008..................................................................267
................................................................................... 267
.......................................................................................... 269

...............................269
........................................................................................... 270
............................................................................................................. 271

...............................................276
................................................................... 276
..................................................... 277
....................................................................... 279
...................................................... 279

............................................................................................279
............................................................................................................................... 280
......................................................................................................... 284
Active Directory...................................................... 285

...............................................291
.................................................................................................. 292
................................................................................. 293

10 ........................................... 296
......................................296
............................................................................ 296
............................................................................. 298

..............................................................................300
................................................................................................ 301
......................................................... 303
Kerberos ............................................................................................... 305

..........................................................................................306
....................................................................... 307
........................................................................ 309

....................................................................309
.................................................................................. 310
................................................................................ 312

................................................................................313
.............................................................................................. 314
.................................. 315

......................................................................316
....................................................................................... 316
.................................................................................. 317
............................ 317

11 ....... 319
...............................................319
...................................................................................... 319
Active Directory .......................................................... 321

.................................................................322
............................................................................................. 323
......................................................................................................................... 324
............................................................................................... 325

......................................326
......................................................... 326
..................................................................... 328

VPN ..................... 329


................................................ 331

.........................................................................333
, ................................................ 333
.............. 336

.......................................340
....................................... 341
........................................... 342
................................................................................... 343
...................................................... 344
................................................................................ 344
....................................................................... 345

............................................................346
................................................ 347
............... 348
......... 349
,
........................................................................................ 349

..................................................................350
Active Directory .................................................352

III Windows Server 2008 .......355


12 ....................... 356
(File Services) ...............................................356
...............................................................................................362
................................................................................................................... 363
........................................................ 364
(Disk Management) .................................................... 365
.............................................................................................................. 368
................................................................................... 370
....................................................................................................................... 371

.........................................................373
............................................................ 373
........................................................... 374
....................................................................................................... 375
................................................................. 377
...................................................................................................... 377
........................................................................... 377

.................................................................................................379
............................................................................................... 379
................................................................................. 380
.................................................................................................... 383

..................................................384
.................................................................................... 384
................................................................................ 385
................................................................................................. 386
NTFS ........................................................ 387
............................................................................... 389
............................................................................................ 391
........................................................................................................ 394
....................................................................................................... 396
............................................................................................ 398
........................................................... 399

XI

............................................................... 401
.............................................................................. 402

13 RAID ............ 404


.............................................................................................................404
.................................................................................................. 405
............................................................................................................................ 406
........................................................................................ 411
................................................................................................................. 411

RAID .....411
RAID Windows Server 2008 .....................................................................413
RAID 0: ............................................................................................................... 413
RAID 1: ........................................................................................................ 414
RAID 5: .................................................... 417

RAID .........................................................417
.................................................................. 417
.......................................... 418
.................................................. 419
......................................................................................................... 420
............................. 420
.............................. 420

LUN ..............................................421
SAN Fibre Channel .................................. 423
SAN iSCSI .................................................. 424
................................................................... 425
, , LUN .................................................. 425

SAN (Storage Manager For SANs) ................................................................... 426

14 ................................... 427
.................................................427
..............................................................431
................................................................... 431
........................................ 435
............................................................. 437
............................................................................................. 440
.................................................... 440
.............................................................. 441

15 , ........................................ 444
.........................................................................444
..............................................................................448
.................................................................................................... 449
........................................................................................................... 451
................................................................... 454

..................................................................454
................................................................................................. 455
............................................................................. 455
........................................................................... 456
........................................... 457
.............................................................................. 458

.........................................................................................458
............................................................................................... 458
............................................................ 459

XII

............................................................. 460
.................................................................... 461
.................................................................................... 462
....................................................... 463

NFS ........................................................................................463
.........................................................................................................................465
....................................................................................... 465
....................................................................................................... 466
........................................................................................... 467
................................................................... 467
........................................................................................................ 468
................................................................................................. 468

.......................................................................................469
............................................................................................... 469
.................................................................................................. 470

, ......................................................470
........................................................................................ 470
.................................................................................... 471
.......................................................................................................... 472

...............................................................................................473
.......................................................................... 473
.......................................................................... 477

..................................................................................................479
................................................................................................... 479
............................................................................................................. 481
............................................................................................................................. 484
Active Directory ......................................................................................... 484

NTFS .........................................................................................................485
NTFS ............................................................................... 486
NTFS ....................................................................... 488
NTFS-................................................... 490
.......................................................................................................... 492
....................................................................................... 493
....................................................................................... 494
NTFS .................................................. 495
NTFS ..................................................................................... 496

............................................................................496
............................................ 496
........................................................................... 498
.............................................................. 500

16 ....................................... 501
..........................................................501
............................................................................................... 501
................................................................................................... 502
................................................................................. 503
.............................................................................................. 504
............................................................................................ 505
.................................................. 506
.............................................................................................. 507

: .................................................................................................508
........................................................... 509
Windows Server..................................... 509

XIII

.......................................................................... 512
Wbadmin ............................................................................................. 514

.................................................................................................................517
.............................................................................. 518
................................................ 520
Wbadmin ............................................ 522
.................................................................................................. 524
.................................. 526
............................................................................... 529
.......................................................... 530
........................................................ 531
Active Directory........................................................................................ 531
.......................................... 532
, , ..................... 535

........................................................................537
........................................... 537
EFS ..................................................................... 538

...............539
.............................................................................. 540
................................................................. 541

IV Windows Server 2008 .........543


17 TCP/IP ......................................................... 544
Windows Server 2008..........................................................................544
Windows Vista Windows Server 2008 .......548
TCP/IP ......................................................................................................550
TCP/IP .....................................................................................................551
IP- .................................................................................... 552
IP- ........................................... 554
........................................................................................... 555

..........................................................................557
, ................... 557
....................................................... 557
.......................................................................... 558

18 ....... 559
(Print Services) ..................................................559
............................................................................................. 559
.......................................................................................................................... 560
.................................................................................................. 562
........................................... 563

(Print Management)....................................................563
.............................................................................................................565

(Print Management) ................................................................................................................. 566
................... 566
................................................................................ 571
................................................................................... 573
..................................................................... 575
......................................................................................... 577
.................................................................. 579
.................................... 581
................................................................................ 582

XIV

..............................................................................................583
.................................................. 583
Active Directory...................................................................... 583
................................................................................... 584
- .......... 585
................................................................................................... 585
............................................... 586
.................................................... 587
................................................................ 588
............................................................................................................. 590
.......................................................... 590

...................................................................................590
Spool NTFS ............................................... 591
............................................................................................ 591
.......................................................................................... 592
............................................. 592

.............................592
............................................................................... 592
........................................................... 593
......................................................................................................... 593
, ........... 593
............................................................... 594
...................................................................... 594
.............................................................. 594
............................................................... 594

19 DHCP ........................................................... 595


DHCP .....................................................................................................................595
IPv4 ................................................................... 595
IPv6 ................................................................... 596
IP- ....................................................................................... 599
....................................................................................................................... 600

DHCP-....................................................................................................601
DHCP ........................................................................................... 601
DHCP ........................................................................................................ 604
DHCP-................................................................. 605
DHCP- ................................................................................... 605
DHCP- Active Directory ........................................................... 606

DHCP- ..................................................................................................606
DHCP-
IP- ....................................................................................................... 606
DHCP .......................................................................................... 607
DHCP .................................................................. 607
DHCP DNS .................................................................................................... 609
DHCP NAP .................................................................................................... 610
IP- ........................................................................... 613
DHCP ................................................ 613

DHCP ...........................................................................................614
........................................................................ 614
.............................................................................. 615

, ......................................625
............................................................................................. 625
......................................................................... 626

XV

....................................................................................... 626
DHCP- ......................................................................................... 626
................................................................................. 628
.................................................................................. 628

DHCP ....................................................628
DHCP ............................................................................................................. 629
DHCP ............................................................ 629
DHCP
...................................................................................................................... 630
DHCP .......................................................................................................... 630
............................................................................ 631

20 DNS ........................................................................ 632


DNS ...................................................................................................................632
Active Directory DNS .................................................................................. 632
DNS ........................................................................................................................ 634

DNS- ..........................................................636
DNS-........................................................................................................638
DNS- (DNS Server)....................................... 639
DNS- ................................................................................... 641
DNS- ..................................................................... 643
......................................................................................... 644
................................................................................................ 646

DNS- ...............................................................................................647
DNS (DNS Manager) ... 648
DNS..................................................................................... 649
DNS- ....................................................................................... 649
.......................................................................... 649
........................................................... 649
.............................................................................................. 651

DNS- ................................................................................................651
........................................................................... 652
DNS- CNAME ......................................................................... 653
...................................................................................... 654
...................................................................................................... 655
DNS-.............................................................................. 656

...........................................................657
................................................................................... 657
........................................................................... 659
........................................... 660
............................................................................................................... 661
............................................... 661

DNS- ..................................662
IP- DNS- ........................................... 662
DNS- ......................................................... 662
............................................ 665
DNS ........................ 665
DNS- .................................................................................................... 666

......................................................................................................... 668


, .
, , Windows Server
2003 Windows Server 2008 Windows Server 2008.

. , Windows Vista
, , .
Windows Server 2008, ,
Windows
Server.
.
. ,
.
Pocket Consultants ( )
. , . ,
Windows Server 2008.
. , Windows Server 2008.
, ,
, . , . ,
Microsoft Press, , Microsoft Press
.
(Karen Szall) (Denise Bankaitis)
, .
,
. - (Martin DelRe) ,
.
( ),
. . , Microsoft Press
, , . (Randall Galloway),
(Curtis Philips), (Becka McKay) (Andrea Fox).

Windows Server 2008.


1994
65 . , Windows Server, . Windows Server 2008
Windows Server. ,
Windows Server , Windows Vista. , Windows Server 2008
Windows Vista. ,
: Windows Server 2008
.
Windows Server, ,
- . Windows Server 2008 -,
- , . ,
Windows Server 2008 - , , .
, , , Windows Server 2008
, .
, , , Windows Server 2008. ,
,
Windows Server 2008,
.
Windows Server 2008 Windows Server 2008.
, , , ,
. , . ,
, , Windows
Server 2008. Windows Server 2008.
, Windows Server 2008 .

XVIII

, . ,
.
-, .


Windows Server 2008 Windows Server 2008 Standard, Enterprise, Web
Datacenter. :
Windows;
, ;
, Windows Server ;
, Windows Server .
, ,
Windows
Server.
Windows Server, . Windows, , , , , .
, Windows. Windows, ( ,
Microsoft Press).


, .
, .
,
,
Windows Server 2008. 20 ,
.
, .
, : , ,
.
, Windows Server
2008 Windows. , .

XIX

Windows.
,
, . ,
.
, , ,
Windows Server. , , . , ,
.

,
,
. . ,
, . .
Windows Server 2008
. (Computer Configuration) (User Configuration)
: (Policies) (Preferences).
, .
, , , \\ : \
Windows (User Configuration\Policies\Administrative Templates: Policy Definitions\Windows
Components) - \ \ Windows (User Configuration\Administrative Templates\Windows Components).

, Windows Server
2008 Windows. williamstanek@aol.com. .

XX


,
, Windows Server 2008.
, , . , , . :
. ,
Windows, .
, Windows . ,
, .
.
-
, Windows Server (http://www.microsoft.com/
windowsserver/), (http://support.
microsoft.com) , .
- (http://www.williamstanek.com/windows). Windows Server 2008, Windows Server 2008.

,
. ( )
: http:/www.microsoft.com/mspress/support.
,
Microsoft Press :
:
Microsoft Press
Attn: Windows Server 2008 Administrators Pocket Consultant Editor
One Microsoft Way
Redmond, WA 98052-6399
:
mspinput@microsoft.com
, . -
http://www.microsoft.com/support.


Windows Server 2008

1. Windows Server 2008 .................................. 2


2. Windows Server 2008 ..................................................... 20
3. Windows Server 2008......................................... 48
4. , ............................................ 70
5. ..................... 118
6.

............................................. 182


Windows Server 2008

Windows Server 2008 , ,


(), ,
Windows Server 2003 SP1 Windows Server 2003
Release 2. Windows Server 2008
Windows Vista, .
, , , . , Windows
Server 2008
Windows Vista.
Windows Server 2008, ,
. , , .
, , Windows Server 2008,
, , , ,
.

Windows Server 2008 Windows Vista


Windows Server 2008, Windows Vista,
:
, , ,
,
. Windows Server 2008. -

Windows Server 2008

WIM (Windows Imaging Format),


, .
MS-DOS Windows PE 2.0 (Windows
Preinstallation Environment 2.0), , , . Windows Pre-Boot Environment ,
.
Windows, Windows Vista, .
(User Account Control, UAC) , . UAC
,
. , , , ( )
.
. , , , , .
Windows Vista Windows 2008 Server
. ,
Windows 2008 Server
Windows Vista. , . Windows 2008 Server , Windows
Experience Index. Windows Server 2008
,
, . Windows
, Windows 2008 Server
. ,
Windows 2008 Server Windows Aero (Aero Glass,
Flip, 3D Flip ..), Windows, - Windows
, . .
Windows Vista Windows Server 2008 ,
, UAC .
Microsoft Windows Vista. ( , -

Windows Server 2008

, 2008), .
Windows, ,
, ,
,
, .
, .

Windows Server 2008


Windows Server 2008
Standard Edition, Enterprise Edition Datacenter Edition.
:
Windows Server 2008 Standard Edition Windows Server 2003.
, . Standard Edition
(symmetric multiprocessing, SMP), 4
32- 32 64- .
Windows Server 2008 Enterprise Edition
, Standard Edition,
,
, , Active Directory.
, 64- ,
(non-uniform memory
access, NUMA). Enterprise Edition
32 RAM x86 2 64 .
Windows Server 2008 Datacenter Edition . , 64 86 2 64- . 8 ;
64 .
Windows Web Server 2008 - - -, . , Microsoft .NET Framework, Microsoft Internet
Information Services (IIS), ASP.NET,
. , Active Directory, .
,

Windows Server 2008

. Windows Web Server 2008 2 2 .


. , , Windows Server 2008
. , Web Server Active Directory,
Windows Web Server 2008 (
Active Directory).
64-
Windows. 32- ,
86, 64- , 64.
64- Itanium (IA-64) Windows
. Itanium Windows Server 2008,
. IA-64 .

Windows Server 2008, , :


;
,
;
, , , Windows Server 2008, , .
Windows Server 2008 Windows Server
2008 : Windows Server 2008 Standard Edition, Windows
Server 2008 Enterprise Edition, Windows Server 2008 Datacenter Edition Windows Web
Server 2008.
.

Windows Server 2008 (Start)


:

Windows. (Start) .
(Administrative Tools)
,
(Start), (Programs), (Administrative Tools). , (Start),
(Settings) (Control Panel).
. , , (Start) (Computer), .

Windows Server 2008

(Administrative
Tools) , (Start)
(Administrative Tools). , (Start) (Control Panel).


Windows Vista, Windows Server 2008 , , (Network and Sharing Center), (Network
Map) . . 1-1
(Network and Sharing Center).

. 1-1. (Network and Sharing Center)


,



(Sharing
and Discovery). ,
, , , . ( ) ,
( )

Windows Server 2008

, , , , .
15.
Windows Vista Windows Server 2008
:
, .
, .

.
.
, ,
. , .

, .
, , : .
, ,
, .


, TCP/IP
. (WAN) Windows
Server 2008 TCP/IP. . TCP/IP
.
TCP IP
, . Windows
Server 2008, Windows Vista, IP-
IPv4 IPv6 .
IPv4 32- . IPv6 128- .
32- IPv4 , , , 127.0.0.1 192.168.10.52.
, 8 32- . IPv4- , . IPv4-
(MAC) .

Windows Server 2008

128- IPv6- 16- , .


, , FEC0:0:0:02BC:FF:BECB:FE4F:961D. IPv6- 64
, 64 . IPv6- , : (::).
FEC0::02BC:FF:BECB:
FE4F:961D. . , FFE8:0:0:0:0:0:0:1 FFE8::1.
, IPv4, IPv6, . .
IPv6 .
IP- Windows Vista Windows Server 2008
TCP/IP (Next Generation TCP/IP stack). IPv4 IPv6.

,

Windows Server 2008 , , .
.
, . ,
.
. ,
.

Active Directory
Windows Server 2008, Windows 2000 Windows Server 2003, . :
,
. Windows NT ,
, , ,
. , Windows NT
SAM (Security Account Manger), Windows 2000
Windows Server , (data store). ,

Windows Server 2008

, ,
, , , .
, Active Directory, Active Directory, Windows NT. Active Directory
, .
, .
Active Directory Windows Server 2008
. :
Active Directory (Active Directory Certificate
Services, AD CS) , .
, , AD CS . ,

,
.
, , ,
.
Active Directory (Active Directory Domain Services,
AD DS) ,
, . .
, , , . AD DS Active Directory
, , Active Directory, AD DS
Active Directory.
Active Directory (Active Directory Federation Services, AD FS) . AD FS - (
-) ( ). AD FS

, , Internet Explorer.

10

Windows Server 2008

Active Directory (Active


Directory Lightweight Directory Services, AD LDS)
,
, AD DS . AD LDS , . ,
, ,
AD LDS.
Active Directory (Active Directory Rights
Management Services, AD RMS) . , ,
- . AD RMS ,
, . ,
.
.
,
.
, . ,
, , .
, .


Window Server 2008 ,
AD DS.
(read-only domain controller, RODC) ,
Active Directory, . RODC-
, . RODC
, .
RODC
, .
RODC ( Kerberos Target), RODC ,

Windows Server 2008

11

Windows Server 2008. RODC ,


, .
RODC ,
.
RODC -
. RODC
. RODC
Windows Server 2003, Windows Server 2008
.

Active Directory
(Services)
AD DS, ,
. AD DS, ,
, ,
Active Directory,
. AD DS
, . , - .
,
.
Active Directory Windows Server 2008, RODC.
Active Directory , Windows Server 2008
:
Active Directory Active Directory , , Windows 2000 Server Windows Server 2003.
.
Active Directory Active Directory .
.
. , .

, - . , . , Active Directory (Ntds.dit)

12

Windows Server 2008

. ,
AD DS, , , .
,
Windows Server 2003.
Active Directory.
AD DS, , , , (FRS), Kerberos (KDC) .
, , Active Directory .
Active Directory, AD DS.


Windows .
IP-, .
.
Windows Vista Windows Server 2008
: DNS, WINS LLMNR.
.

DNS
DNS IP-. , , computer84.cpandl.com,
IP-, . DNS TCP/IP WINS, DHCP Active Directory. DHCP, 19, IP- TCP/IP.
DNS ,
( ).
,
. computer84.cpandl.com
computer84, cpandl
com.
DNS- , , . -

Windows Server 2008

13

, . ,
cpandl.com, . . . ,
jacob.hr.cpandl.
com. jacob , hr cpandl.com .
Active Directory DNS . Active Directory DNS
, Active Directory DNS.
Active Directory
DNS,
DNS-. , Active Directory DNS
. . DNS Active Directory. .

. DNS
.dns, %SystemRoot%\System32\Dns. DNS DNS-, DNS-
. , DNS
DHCP, DNS- , DNS . DHCP , DNS-
.
,
Active Directory. DNS Active
Directory dnsZone.
Active Directory,
, DHCP
. , DNS Server, . ,
DNS DHCP, DNS-
. DNS
Active Directory.
DNS ,
DNS Active Directory. DNS
Active Directory. .

14

Windows Server 2008

DNS , Active Directory, ,


DNS.
DNS , DNS-
. DNS IP- DNS-, ,
.
DHCP DHCP DNS. , DHCP- DNS-
DNS-, 19. Active Directory, DNS. DNS ;
. DNS- 20.
DNS RODC,
, DNS, ForestDNSZones
DomainDNSZones. RODC , DNS-. ,
Active Directory, DNS- RODC . , RODC
, Active Directory.
DNS RODC, DNS-, .

WINS
WINS , IP-.
, , COMPUTER84, IP-, Microsoft . WINS
Windows Windows 2000 , NetBIOS TCP/IP, ,
NET.
, WINS .
WINS - : WINS- WINS-,
. WINS-
NetBIOS.
IP- NetBIOS WINS
LMHOSTS. , Windows 2000, WINS .
Windows 2000 DNS,
WINS : Windows 2000 , Windows 2000
NetBIOS-.

Windows Server 2008

15

WINS,
WINS. IP- WINS. IP- WINS, . WINS
,

IP-. ,
WINS . -WINS-,
, IP-.
WINS, ,
:
IP-
WINS. IP-
, WINS
.
.
,
. , .
.
, ,
, IP- , . WINS.
WINS,
.
. , :
B- ( ) IP- . , , , IP-, .
.
P- ( )
IP- WINS-. IP-, ,
.
M- ( ) . WINS B-. , P-. B- , , .

16

Windows Server 2008

H- ( )
. , ( ) .
P- , . WINS
.
WINS-, Windows
P-. WINS- , . Windows- DNS LMHOSTS HOSTS.
DNS 20.
DHCP IP-, DHCP-. ,
19. .

LLMNR
LLMNR (Link-Local Multicast Name Resolution) IPv4,
IPv6 ,
DNS, WINS. WINS -,
,
IPv6. DNS, , , .
LLMNR, Windows Vista,
Windows Server 2008, IPv6 IPv4 ,
, , ,
, ,
- DNS-.
LLMNR DNS, , DNS- . NetBIOS, LLMNR WINS. DNS , LLMNR
. LLMNR ,
.
WINS, LLMNR , ,
COMPUTER84, IP-. LLMNR Windows Vista Windows Server 2008. LLMNR, DNS
. , Widows Vista
Windows Server 2008 :
1. DNS-. ,
DNS-. , LLMNR.

Windows Server 2008

17

2. UDP-, IP- . .
3. , LLMNR
,
-. , . ,
IP-.
LLMNR .
IP-,
. LLMNR, ,
, .
LLMNR
. ,
. ,
.
LLMNR Window Vista Windows Server 2008.
LLMNR , HKLM/SYSTEM/
CurrentControlSet/Services/Dnscache/Parameters/EnableMulticast . ,
HKLM/SYSTEM/CurrentControlSet/Services/Tcpip/Parameters/GUID_/
EnableMulticast . GUID_ GUID , LLMNR. LLMNR, 1. LLMNR
.


Windows Server 2008 . :
. , , . ,
. .
. (Administrative Tools).

. Windows Server 2008.

18

Windows Server 2008


.
, NET,
NET HELP , , NET HELP SEND. Windows
.

Windows PowerShell
Windows PowerShell
, cmdlet- . PowerShell . , :
1. (Server Manager) (Start) (Administrative Tools) (Server
Manager).
2. (Features)
(Add Features).
3. Windows PowerShell.
4. (Next) (Install).
PowerShell .

. PowerShell,
(Start). PowerShell ,
, (powershell.exe) %SystemRoot%\System32\WindowsPowerShell\,
PowerShell, , v.1.0 v.1.1.
PowerShell, cmdlet-,
, . cmdlet . cmdlet- -. cmdlet-,
. , get-variable Windows PowerShell.
cmdlet- :
Get , , .
Set .
Enable .
Disable .
New , , .
Remove .

Windows Server 2008

19

cmdlet-,
PowerShell help *.*.
, help , , help get-variable.
cmdlet- , cmdlet-. , PowerShell get-item path alias. :
new-item path alias: value:

,
. :
new-item path alias:sm value:c:\windows\system32\compmgmtlauncher.exe

sm .
PowerShell, sm Enter.

Windows Server 2008

Windows Server 2008, .


, ,
, .
:
Windows Server
2008 Standard, Enterprise Datacenter .
, . . , .
Windows
Server 2008 Standard, Enterprise Datacenter , .
, .
, , , .
.
. , .
, , , ,
, , .

Windows Server 2008

21

, Windows Server 2008


Windows Server 2008 .
, :
, . , ,
Active Directory Domain Services, .
,
. .
, , DNS DHCP,
, .
, , Network Policy, Access Services Active Directory
Certificate Services, , .
,
. , , BitLocker Drive Encryption Windows PowerShell,
.
,
.
,
MMC (Server Manager) ServerManagerCmd.exe.
, ,
. . , , ,
, ,
, , ,
.
, , , ,
. , ,
. . 2-1 ,
Windows Server 2008.

22

Windows Server 2008

. 2-1. Windows Server 2008

DHCP-
(DHCP Server)

IP-. DHCP- IP TCP/IP


.

DNS- (DNS
Server)

DNS ,
IP-. DNS

Active Directory.

Windows SharePoint
Services

, . SharePoint , ,
- IIS.
, ,

- (IIS)
(Web Server (IIS))

- -. -, -, , . , -, ASP.NET .NET Framework 3.0.


- IIS 7 ( Information Server 7.0
Administrators Pocket Consultant)


Active Directory
(Active Directory
Domain Services,
AD DS)

, , ,

. AD


(Application Server)

, ASP.NET, Enterprise Services .NET Framework 3.0.


, Information Server 7.0
Administrators Pocket Consultant (Microsoft Press, 2007)

Active
Directory (Active Directory Lightweight
Directory Services,
AD LDS)

,
AD DS .

Windows Server 2008

23

. 2-1. ()

UDDI
(Universal Description Discovery
Integration Services,
UDDI)

-, , .
:
UDDI (UDDI Services Database) -
UDDI (UDDI Services Web Application)


(Print Services)


.
: (Print Server), LPD
(LPD Service) (Internet Printing)


(Network Policy
and Access Services,
NPAS)

.
: (Network Policy
Server, NPS), (Routing and Remote Access Services, RRAS), (Remote Access Service),
(Routing), (Health
Registration Authority)
(Host Credential Authorization Protocol, HCAP)

Windows
(Windows Deployment Services, WDS)

Windows.
: (Deployment Server)
(Transport Server)

Active
Directory (Active
Directory Certificate
Services, AD CS)

, . : (Certification Authority),
(Certification Authority Web
Enrollment), (Online Certificate Status
Protocol)
(Microsoft Simple Certificate Enrollment Protocol, MSCEP)


(Terminal Services)

, Windows-, .
,
, . : (Terminal Server),
(TS Licensing), (TS
Session Broker), (TS Gateway)
- (TS Web Access)


Active Directory
(Active Directory
Rights Management
Services, AD RMS)

, , -
.
: Active Directory
(Active Directory Rights Management Server)
(Identity Federation Support)

24

Windows Server 2008

. 2-1. ()


Active Directory
(Active Directory
Federation Services,
AD FS)


AD DS, .
: (Federation Service), -
(Federation Service Proxy), - (AD FS Web Agents),
, (Claims-aware Agent)
Windows (Windows Token-based
Agent)


(File Services)

,
.
. : (File Server),
DFS (Distributed
File System), DFS (DFS Namespace),
DFS (DFS Replication),
(File Server Resource Manager),
NFS (Services for Network File System), Windows (Windows Search Service),
Windows Server 2003 (Windows Server 2003 File Services),
(File Replication Service, FRS)
(Indexing Service)

- (Fax
Server)


. , ,
, , .

. 2-2 , Windows Server 2008. Windows,


. ,
, Windows Server (Windows Server
Backup).

Windows Server 2008

25

. 2-2. Windows Server 2008

.NET
Framework 3.0 (.NET
Framework 3.0)

API- .NET Framework 3.0


. : .NET
Framework 3.0, XPS (XPS Viewer)
WCF (Windows Communication Foundation
Activation Components)


BitLocker (BitLocker
Drive Encryption)


,
. TPM (Trusted Platform Module)
BitLocker
(BitLocker Drive Encryption) Startup Key
TPM-only.

BITS [Background
Intelligent Transfer
Service (BITS) Server
Extensions)

.
BITS-,
. BITS


(Connection Manager
Administration Kit
(CMAK))

(Desktop
Experience)

Windows Vista.
Windows Vista Windows Media Player,
Windows Photo Gallery.
,


(Failover Clustering)

,
.
,
.


(Group Policy
Management)

GPMC (Group Policy Management


Console)


(Internet
Printing Client)

, HTTP
-

26

Windows Server 2008

. 2-2. ()

LPR-
(Line Printer Remote
(LPR) Port Monitor)

LPR, ,
UNIX


(Message Queuing)


. .

(Multipath I/O
(MPIO))


(Network
Load Balancing, NLB)

IP,
. -

PRNL
(Peer Name Resolution
Protocol, PNRP)

LLMNR (Link-Local
Multicast Name Resolution)
. , ,
LLMNR


(Remote Assistance)

(Remote
Server Administration
Tools, RSAT)

Windows
Server 2008. ,


(Removable
Storage Manager, RSM)


(Removable Storage Manager)

RPC HTTP (Remote


Procedure Call (RPC)
over HTTP Proxy)

RPC- HTTP .
RPC over HTTP VPN-


TCP/IP (Simple TCP/
IP Services)

TCP/IP,
, Character Generator, Daytime, Discard, Echo Quote
of the Day

SMTP (Simple
Mail Transfer Protocol
(SMTP) Server)

SMTP
.

SMTP-. ,
,Microsoft Exchange Server 2007

Windows Server 2008

27

. 2-2. ()

SAN
(Storage Manager for
SANs)


SAN (Storage Manager for SANs)
,
(Storage Area Network, SAN).
,

(Logical Unit Number, LUN) iSCSI. SAN
Visual Disk Services (VDS)

UNIX (Subsystem for UNIX-based


Applications, SUA)

UNIX-. -


Windows
(Windows Internal
Database)

SQL Server 2005 Embedded Edition.


Windows, , , AD RMS,
UDDI, WSUS (Windows Server Update
Services,), Windows SharePoint (System Resource Manager)

Windows PowerShell

Windows PowerShell
Windows


Windows
(Windows Process
Activation Service)

-, HTTP

Windows Recovery
Environment

, ,


Windows
Server (Windows
Server Backup)


(Windows
System Resource
Manager, WSRM)

WINS- (WINS
Server)

WINS , IP-.
WINS-


(Wireless Networking)

28

Windows Server 2008


Windows Server 2008
Windows Server 2008,
, .
Windows Server 2008, . ,
, AD DS, DNS-, DHCP-,
. .


.

.
. , :
Windows (Windows Logon)
;
(Notepad) ;
(Regedit);
(Task Manager) ;
.
, ,
Windows (Windows Logon).
.
,
.
, ,
NET USER
NET LOCALGROUP .
Windows Core Server
.
, , :
1. Ctrl+Shift+Esc, (Task Manager).
2. (Applications)
(New Task).

Windows Server 2008

29

3. (Create New Task) (Open) cmd OK.



cmd notepad.exe regedit.exe,
(Notepad) .
.
, control.cpl.
Windows (Windows Logon)
, Ctrl+Alt+Delete.
, : ,
, ,
.
. ,
, .
Windows Core Server
, . , .NET
Framework. .NET Framework , , PowerShell.
, ,
. Windows Core Server . . 2-3 , , .
. 2-3. Windows Core Server

Control desk.cpl

Control intl.cpl

Control sysdm.cpl

Control timedate.cpl

Cscript slmgr.vbs ato

DiskRaid.exe

RAID

ipconfig /all

IP

NetDom
RenameComputer

OCList.exe

OCSetup.exe

PNPUtil.exe

30

Windows Server 2008

. 2-3. ()

Scregedit.wsf

. /cli

ServerWerOptin.exe

Windows

SystemInfo

WEVUtil.exe

Wmic datafile where


name=FullFilePath
get version

Wmic nicconfig index=9 call enabledhcp

IP-
IP-

Wmic nicconfig
index=9 call enable
static(IPAddress),
(SubnetMask)

IP-

Wmic nicconfig
index=9 call setgate
ways(GatewayIPAd
dress)

Wmic product get


name /value


MSI

Wmic product where


name=Name call
uninstall

MSI

Wmic qfe list

Wusa.exe PatchName.
msu /quiet

Windows Server 2008


Windows Server 2008 . Windows Server 2008,
. , Windows Server 2008, ,
.
Windows Server 2008 ,

. ,
. -

Windows Server 2008

31

, Windows Server 2008 .


,
.

8 . 40

80 .
, ,
. 10% .


Windows Server 2008 :
1. . , DVD- Windows Server 2008 ,
. ,
. DVD- Windows Server 2008,
. ,
Setup.exe.
DVD- , BIOS

2. , , . .
Windows Server 2008 ,
, . , . ,
(Next).
3. (Install Now), . ,
, .
(Go Online to Get the
Latest Updates for Installation) (Do Not Get Latest Updates for Installation).
4. Windows Server 2008
.
,
(Next). Windows (Activate

32

Windows Server 2008

Windows When Im Online), .


Windows Server 2008 . ,
, , , Windows Server 2008.
. , .

5. , (Select The Operating System You Want To Install) (Next).


6. Windows Server 2008 Windows. , (I Accept the License Terms) (Next).
7. (Which Type Of Installation Do
You Want) . ,
Windows Server 2008 ,
( ) (Custom
(Advanced)).
DVD-, Windows, .
, , ,
.
8. Windows (Where Do You
Want To Install Windows) ,
. .
Windows (Where Do You Want To Install Windows),
:
,
,
, ,
. (Next), . , ( ).

, ,
.
BIOS , , .
FAT

Windows Server 2008

33

FAT32 .
, NTFS. ,
(.
).
9. Windows, ,
Windows.old, . OK.
10. (Next), . Windows Server 2008
, . . .
, , (Initial Configuration Tasks)
, , .


Windows Server 2008
, . , ,
, ,
,
Windows.

Windows.old, . ,
Windows Server 2008 , .
:
1. . DVD- Windows Server 2008. . ,
Setup.exe.
2. ,
, , . .
Windows Server 2008 ,
, .
3. (Install Now). , .

34

Windows Server 2008

4. Windows Server 2008


.
,
(Next). Windows (Activate
Windows When Im Online), .
5. , (Select The Operating System You Want To Install) (Next).
6. Windows Server 2008 Windows. , (I Accept The License Terms)
(Next).
7. (Which Type Of Installation Do
You Want) .
8. . ,
.
Windows Server 2008.
, , .
. , ,
(Initial Configuration Tasks)
, , .



, -
.
. ,

.


,
MINWINPC,
.
Windows (Where Do You Want To Install
Windows), Shift+F10. . 2-4, MINWINPC
,
Windows Server 2008.

Windows Server 2008

. 2-4. , MINWINPC

ARP

IP-
ARP

ASSOC

ATTRIB

CALL

CD/CHDIR

CHKDSK

CHKNTFS

.
,

CHOICE

CLS

CMD

COLOR

CONVERT

FAT NTFS

COPY

DATE

DEL

DIR

DISKPART

,

DISKPART

DOSKEY

,
Windows

ECHO

ENDLOCAL

ERASE

EXIT

EXPAND

FIND

FOR

FORMAT

35

36

Windows Server 2008

. 2-4. ()

FTYPE

GOTO

Windows ,

HOSTNAME

IF

IPCONFIG

TCP/IP

LABEL

MD/MKDIR

MORE

MOUNTVOL

MOVE

NBTSTAT

NetBIOS

NET
ACCOUNTS

NET
COMPUTER

NET CONFIG
SERVER

NET CONFIG
WORKSTATION

NET
CONTINUE

NET FILE

NET GROUP

NET LOCAL
GROUP

NET NAME

NET PAUSE

NET PRINT

NET SEND

NET SESSION

NET SHARE

NET START

NET
STATISTICS

Windows Server 2008

37

. 2-4. ()

NET TIME

NET USE

NET USER

NET VIEW

NETSH

NETSTAT

PATH

PATHPING

PAUSE

PING

POPD

, PUSHD

PRINT

PROMPT

Windows

PUSHD

RD/RMDIR

RECOVER

REG ADD

REG
COMPARE

REG COPY

REG DELETE

REG QUERY

(
)

REG RESTORE

REG SAVE

REGSVR32

DLL

REM

REN

38

Windows Server 2008

. 2-4. ()

SET

Windows.

SETLOCAL

SFC

SHIFT

START

SUBST

TIME

TITLE

TRACERT

TYPE

VER

Windows

VERIFY

VOL


, . , , - .
(
), , .
Windows (Where
Do You Want To Install Windows). :
1. Shift+F10, .
2. diskpart.
3. , list disk.
4. select disk , , .
5. , clean.
6. , exit, DiskPart.
7. exit, .
8. Windows (Install Windows)
(Back), .

Windows Server 2008

39

9. (Which Type Of Installation Do


You Want) ( )
(Custom (Advanced)), .
10. Windows (Where Do You
Want To Install Windows) , . (Disk Options),
, ,
.
11. (New). (Size)
(Apply).


Windows (Where Do You Want
To Install Windows) . , ,
, - .
, :
1. Windows (Where Do You
Want To Install Windows) (Load Drivers).
2. , OK.
.
,
(Next).
, (Browse), (Browse For Folder),
OK. (Next).
(Rescan),
. , (Back)
Windows (Install Windows), .

, ,

(Drive Options)
Windows (Where Do You Want to Install Windows),
:
(New) . .
(Format) ,
.

40

Windows Server 2008

(Delete) .
(Extend) .
, .

, .
, , ,
, . ,
, .
,
.
, :
1. Windows (Where Do You
Want To Install Windows) (Drive Options), .
2. , ,
(New).
3. (Size) , (Apply), .

. , . ,
. ( ,
) , .
, :
1. Windows (Where Do You
Want To Install Windows) (Drive Options), .
2. , .
3. (Format). ,
. OK, .

, , . ,
, .
. , .

Windows Server 2008

41

, :
1. Windows (Where Do You
Want To Install Windows) (Drive Options), .
2. , .
3. (Delete). , . OK, .

Windows Server 2008 8 . , . ,


.
,
NTFS 5.2 . , , , .
, :
1. Windows (Where Do You
Want To Install Windows) (Drive Options), .
2. , .
3. (Extend). (Size)
(Apply),
.
4. , .
OK, .

,
, (Server Manager).
, , .
ServerManagerCmd.exe
, (Server Manager).

, , ,
servermanagercmd query.
, , ,
. install remove, ,
. , ,
servermanagercmd install nlb. allSubFeatures, .

42

Windows Server 2008


, (Roles) .
(Roles) (Roles Summary),
(. 2-1). -,
.
(Roles) ,
, :
. , , ,
: 6, 2 (System Services:
6 Running, 2 Stopped);
,
24 , . , 2 ,
8 , 14 24
(2 error(s), 8 warning(s), 14 informational in the last 24 hours);
.

. 2-1.

Windows Server 2008

43

, , (Action)
(Refresh). , (Configure Refresh)
, OK.

, . 24
. (View Event Properties),
. ,
, ,
. ,
(Stop), (Start) (Restart).
, ,
, (Restart).

4.


(Roles) ,
, .
(Roles Summary)
.
, :
1. , , | | (Start | Administrative Tools | Server Manager).
2. (Roles), (Add Roles). .
(Before You Begin), (Next).
,
(Skip This Page By Default).
3. (Select Server Roles)
, . , . (Add Required
Features), . (Next).

44

Windows Server 2008

,
. , . . Active Directory (Active Directory Domain Services) .
, DCPROMO.exe (. 7). , DNS-,
Active Directory (Active Directory Domain Services),
DCPROMO DNS-
. Windows Core Server ,
FSMO (Flexible Single Master Operations)
Active Directory.

4. , . ,
:
,
, .
, (Add
Required Role Services), . (Cancel),
.
, , , .
, .
(Remove Dependent Role Services),
, .
5. (Confirm Installation
Options) ,
(Print, E-Mail, Or Save This Information),
Internet Explorer.

. (Install), .
6. ,
(Installation Results).
, , .
- , :
) Internet Explorer, ( ) (Full Log

Windows Server 2008

1.

2.

3.

4.

5.

45

(Troubleshooting Only)) ,
(Notepad).
) Ctrl+F, ,
(, 2009-08-30), (Find
Next), .
)
.
, :
, , | | (Start | Administrative Tools | Server Manager).
(Roles), (Remove Roles). .
(Before You Begin), (Next).
,
(Skip This Page By Default).
(Remove Server Roles)
, , (Next).
, ,
, .
(Remove Dependent Role),
.
(Confirm Removal
Selections) , , (Remove).
,
(Removal Results). , ,
. -
, , .



, (Roles)
. ,
, (Installed)
(Not Installed).
(Add Role Services)
(Remove Role Services) .
, .
.

46

Windows Server 2008

, :
1. , , | | (Start | Administrative Tools | Server Manager).
2. (Roles) .
(Add Role Services). .
3. (Select Role Services)
. ,
. , (Next) (Install).
, :
1. , , | | (Start | Administrative Tools | Server Manager).
2. (Roles) . (Remove Role Services). .
3. (Select Role Services) , .
, . , , ,
, . (Remove Dependent Role Service),
.
4. , (Next) (Remove).

Windows Server 2008


Windows
Windows (Add/Remove
Windows Components) (Add Or
Remove Programs). Windows Server 2008
.
, :
1. , | | (Start | Administrative Tools | Server Manager).
2. (Features) (Add Features), .
(Before You Begin), -

Windows Server 2008

3.

4.

1.

2.

3.

4.

47

(Next). ,
(Skip This
Page By Default).
(Select Features)
, . ,
.
(Add Required Features),
.
, , (Next)
(Install).
, :
, | | (Start | Administrative Tools | Server Manager).
(Features) (Remove Features) .
(Before You Begin), (Next). ,
(Skip This
Page By Default).
(Select Features) , . ,
. ,
, ,
, .
(Remove Dependent
Feature), .
, , (Next)
(Remove).


Windows Server 2008

Microsoft Windows,
. Windows Server
2008 ,
, (Initial Configuration Tasks)
(Server
Manager) .
(Initial Configuration Tasks)
, . , (Initial
Configuration Tasks), (Computer Management)
, . , :
;
;
, ;

;
;
.
,
(System).
:
;
,
;
;
.

Windows Server 2008

49


(Initial Configuration Tasks), . 3-1, . Windows Server
2008
. ,
,
(Do Not Show This Window At Logon)
. , (Start), oobe
(Search) Enter.

. 3-1. (Initial Configuration Tasks)


(Initial Configuration Tasks) :


(Set Time Zone) , (Date And Time).
, (Change
Time Zone), OK.
(Date And Time),
/ (Adjust Date/Time).
, .
(Configure Networking) , (Network Connections).

50

Windows Server 2008

, , (Properties)
.
IPv4, IPv6.
(Network Connections), (Manage Network
Connections) (Tasks)
(Network And Sharing Center).
(Provide Computer Name And Domain)
(System Properties) (Computer
Name). , (Change), , OK. ,
WORKGROUP.
(System Properties)
(Computer Name), (System)
(Change Settings) ,
(Computer Name, Domain, And Workgroup Settings).
(Enable Automatic Updating And Feedback) , Windows . ,
. ,
Windows (Windows Error Reporting) .
(Customer Experience Improvement Program). ,
,
Windows.
(Download And Install Updates) , Windows (Windows Update) ,
( ), ( ).
.

Windows (Windows Update), .
(Add Roles) (Add Roles Wizard),

Windows Server 2008

51

.
. (Server Manager)

(Roles).
(Add Features)
(Add Features Wizard).
.
(Server Manager)
(Features).
(Enable Remote Desktop) ,
(System Properties) (Remote). (Remote Desktop),
, OK.
. , (System Properties)
(Remote),
(System)
(Remote Settings) (Tasks).
Windows (Configure Windows Firewall) , Windows (Windows
Firewall). , (Change Settings). Windows . ,
Windows (Windows Firewall), .
. .


(Server Manager) .
, ,
. (Server Manager)
:
(Start),
(Administrative Tools) (Server Manager).
(Server Manager) .
. 3-2, , (Computer Management).

52

Windows Server 2008

. :
(Roles) , ,
.
, , , 24 ,
,
. , .
(Features) , , .
, .
(Diagnostics)
, .
(Configuration) .
(Storage)
.

. 3-2. (Server Manager)


. (Server Manager),
.
(Computer Information) , -

Windows Server 2008

53

, .
:
(Change System Properties)
, (System
Properties), .
(View Network Connections) ,
(Network Connections), .
(Configure Remote Desktop) ,
(System Properties) (Remote).
.
(Initial Configuration Tasks),
. .

(Security Information) Windows (Windows Firewall), Windows (Windows Update),


, Internet Explorer (Internet Explorer Enhanced Security
Configuration). :
Windows (Go To Windows Firewall) Windows
(Windows Firewall With Advanced Security), ,
.
(Configure Updates) ,
Windows (Windows Update),
( ) ( ).
(Check For New Roles) , ,
.
(Run Security Configuration
Wizard) ,
(Security Configuration Wizard), , , .
, 5,
.

54

Windows Server 2008

. ,
.
Internet Explorer
(Configure IE ESC) , Internet Explorer (IE ESC).
,
, , .
Internet Explorer, Internet
Explorer . IE ESC . IE ESC
, .
IE ESC
, . , Internet Explorer.
: (Internet) (High),
(Trusted Sites) (Medium),
(Local Intranet) (Medium-Low),
(Restricted) (High). Internet
Explorer:
(Enhanced Security Configuration),
, - , - , , , ,
, , .

(Roles Summary) , . :
(Go To Roles) (Roles) .
(Add Roles) (Add
Roles Wizard), .
(Remove Roles)
(Remove Roles Wizard), .
(Features Summary) , .
:
(Add Features)
(Add Features Wizard), .
(Remove Features)
(Remove Features Wizard), .

Windows Server 2008

55

(Resources And Support)


(Customer Experience Improvement Program)
Windows (Windows Error Reporting).
- ,
:
(Configure CEIP) CEIP.
.
Windows.
, CEIP, ,
. ,

, . CEIP, Windows.
Windows (Configure Windows Error
Reporting) , Windows (Windows Error Reporting, WER). , ,
. , . , (Problem Reports And Solutions)
.


(System) . (System)
. . 3-3, (System)
, :
Windows (Windows Edition)
. .
(System) , , (32- 64-).
, (Computer
Name, Domain, And Workgroup Settings) , -

56

Windows Server 2008

, . -
, (Change Settings), (Change)
(System Properties).
Windows (Windows Activation) ,
, .
Windows Server 2008 , , , .
, (Change Product Key) .

. 3-3. (System)

(System) , :
(Device Manager);
(Remote Settings);
(Advanced System Settings).
Windows Server 2008, , , ,
. Windows Server 2008
, . Windows Server 2008 , ,
Windows (Activate Windows Now)
Windows (Windows Activation).

Windows Server 2008

57

Windows , , . ,
:
1. (System) .
2. Windows (Windows Activation)
(System) (Change Product Key).
3. Windows (Windows Activation) .
4. (Next). ,
.

(System Properties). (System), (Change
Settings) ,
(Computer Name, Domain, And Workgroup Settings). ,
(System Properties).

(Computer Name)
(Computer Name)
.
. ,
DNS-, Active Directory. ,
.
,
:
1. (Computer Name) (System Properties) (Change).

(Computer Name/Domain Changes).
2. , (Workgroup) , .
3. , (Domain)
, .
4. , OK, Windows.
OK.

58

Windows Server 2008

5. ,
, OK.
6. . OK.
7. (Close) (Restart Now).
, :
1. (Computer Name) (System Properties) (Change).

(Computer Name/Domain Changes).
2. (Computer
Name).
3. . OK.
4. (Close) (Restart Now).

(Hardware)
(Hardware)
(System Properties) (Device
Manager) Windows. (Device Manager), MMC, .
Windows Server 2008
, Windows.
, ,
Windows (Windows Update
Driver Settings)
, (Ask
Me Each Time I Connect A New Device Before Checking For Drivers)
(Never
Check For Drivers When I Connect A Device). OK.
(Hardware)
. Windows
Server 2008, Active Directory . , Windows Server 2008
- . - , (System Configuration)
.
(Administrative Tools).
2 Microsoft Windows Vista.
( , -, 2008).

Windows Server 2008

59

(Advanced)
(Advanced) (System)
Windows, , ,
, , .
Windows

Windows Server 2008 , , . Windows,


:
1. (Advanced)
(System Properties)
(Settings) (Performance). (Performance Options).
2. (Visual Effects). :
(Let Windows Choose Whats
Best For My Computer) .
, ,
(Adjust For Best Appearance).
, - Windows
.
(Adjust For Best Appearance) .
.
.
, - .
(Adjust For Best Performance) , , ,
.
.
(Custom) . ,
Windows .
3. ,
(Apply). OK, .

60

Windows Server 2008

, Windows Server 2008.


, ( , ,
). , :
1. (Advanced)
(System Properties)
(Settings) (Performance). (Performance Options).
2. (Performance Options)
(Advanced).
3. (Processor Scheduling)
:
(Programs)
. , Windows Server 2008.
, (Background Services)
.
Windows Server 2008,
, , .
4. OK.


(RAM) .
Intel 386. RAM . , , 1024 , . , RAM.
,
.
. , . , .
PAGEFILE.SYS.

Windows Server 2008

61

Windows Server 2008


, . Windows Server 2008 ,
. , ( ). , ,
. ,
( ). RAM 8
. , 1024
(Total Paging File Size For
All Drives) 2048 . 8
. , .

, :
1. (Advanced)
(System Properties)
(Settings) (Performance). (Performance Options).
2. (Performance Options)
(Advanced).
(Change), (Virtual Memory), . 3-4. :
[ ] (Drive [Volume Label]) ()
(Paging File Size (MB)) .
(
). , .
(Paging File Size For Each
Drive) ,
. (Space Available)
, .
(Total Paging File Size
For All Drives)
, .
, ,
( ).

62

Windows Server 2008

. 3-4.

3. Windows Server 2008


. ,
(Automatically
Manage Paging File Size For All Drives).
4. (Drive) , .
5. (Custom Size)
(Initial Size) (Maximum
Size).
6. (Set) .
7. 46 , .
,
STOP. ,
, .
, , . , 1
1 .

8. OK. PAGEFILE.SYS, (Yes).


9. ,
, ,
. OK.
10. OK, . (System), , . (Restart).

Windows Server 2008

63

Windows Server 2008 , :


1. (Advanced)
(System Properties)
(Settings) (Performance). (Performance Options).
2. (Performance Options)
(Advanced).
(Change), (Virtual Memory).
3.
(Automatically Manage Paging File Size For All Drives).
4. OK, .
,
, ,
. OK. (System), , . (Restart). .

(Data Execution Prevention, DEP) .


, .
, ,
.
, , , .
32- Windows DEP, Advanced Micro Devices (AMD)
NX (no-execute page-protection).
PAE (Physical Address Extension). NX
64- Windows.

DEP , DEP, (System):


1. (Advanced)
(System Properties) (Settings) (Performance),
(Performance Options).
2. (Performance Options)
(Data
Execution Prevention). ,
DEP.

64

Windows Server 2008

3. DEP, :
DEP Windows
(Turn On DEP For Essential Windows Programs And Services Only)
,
.
DEP ,
(Turn On DEP For All Programs Except Those I Select)
. , (Add), ,
.
4. OK.
DEP ,
, :
1. (Advanced)
(System Properties) (Settings) (Performance),
(Performance Options).
2. (Performance Options)
(Data
Execution Prevention).
3. -,
(Add),
(Open).
4. ( ), .
5. ,
(Remove).
6. OK, .
DEP DEP,
. , , NX.
, ,
, ,

.
, NX.
, .
STATUS_ACCESS_
VIOLATION. , . ,

Windows Server 2008

65

, ,
, , .
,
.
, 32-
. 64- ,
, .

ATTEMPTED_EXECUTE_OF_NOEXECUTE_MEMORY.

Windows , , , , . , Windows
, . , , .
(Environment Variables), . 3-5. ,
(System Properties), (Advanced) (Environment Variables).

. 3-5.

, :

66

Windows Server 2008

1. (New) (User Variables) (System Variables).



(New User Variable) (New System
Variable).
2. (Variable Name) .
(Variable Value) .
3. OK.

, :
1. (User
Variables) (System Variables).
2. (Edit). (Edit User Variable)
(Edit System Variable).
3. (Variable Value)
OK.
, (Delete).

.

.


(Startup and Recovery),
. 3-6. ,
(System Properties), (Advanced)
(Settings) (Startup and Recovery).
(System Startup) (Startup And Recovery) .
, , , (Default Operating System). Windows (Windows Boot Manager).

Windows Server 2008

67

. 3-6.

Windows Server 2008


30 .
:
,
(Time To
Display List Of Operating Systems).
,
(Time To Display
List Of Operating Systems) .
.
, , ,
.

. , . ,
(Time To Display Recovery Options
When Needed), , (Time To Display Recovery
Options When Needed) .
(System Failure)
(Write Debugging Information)
(Startup And Recovery). -

68

Windows Server 2008

STOP. , (System
Failure) :
(Write An Event To The System
Log) ,
(Event Viewer).
(Automatically Restart) ,
.
. , , , .
, , , , .

(Write Debugging Information) ,


. . :
(None) , .
(Small Memory Dump)
, .
64 .
(Kernel Memory Dump) , Windows. Windows.
, .
%SystemRoot%\Minidump, %SystemRoot%\MEMORY.DMP.

(Overwrite Any Existing File), STOP.
,
.
( , ), , ,
. , 4 ,
4 .
, ,
678 892 . ,
5 (4 1 ).

Windows Server 2008

69

(Remote)
(Remote)
(System Properties) (Remote Assistance)
(Remote Desktop). 5.



DLL, . DLL Regsvr32 .
, DLL, regsvr32 .dll, :
regsvr32 mylibs.dll

DLL, regsvr32 /u
.dll, :
regsvr32 /u mylibs.dll

(Windows File Protection) .


DLL, Windows Server 2008 ,
Windows.
Windows Server 2008.

.
: , , , , , ,
.

,

, , Microsoft Windows Server 2008
. , ,
(interactive).
,
, , . ,
, , (foreground).
(background).
, , ,
, . ,
. .
.

71


(Task Manager).
:
Ctrl+Shift+Esc.
Ctrl+Alt+Del (Task
Manager).
(Start), taskmgr
(Search) Enter.
(Task Manager).
.


. 4-1 (Applications) .
, .
:
,
(End Task).
, (Switch To).
, (New
Task) .
(Run) (Start).

. 4-1. (Applications) Windows


,

72

Windows Server 2008

(Status) ,
. (Not Responding) , , , .
. ,
, .

, , :
;
;
;
;
;
;
(Processes).
(Go To Process) , . ,
(Processes).


(Processes) . 4-2.
, , , , ( ), .
,
(Show Processes From All Users).
(Processes)
. ,
, , . :
(Image Name) , .
(User Name) ,
.
(CPU) ,
( ).
( ) (Memory (Private Working
Set)) , .
(Description) .

73

. 4-2. (Processes)

(View) (Select
Columns), (Processes).
, :
(Base Priority) ,
. , ,
(Set Priority) : (Low), (Below Normal), (Normal),
(Above Normal), (High) (RealTime). .
.
(CPU Time) , . ,
,
,
.
(Handle Count) ,
. ,
. , , Microsoft Internet Information Services
(IIS), . .

74

Windows Server 2008

(I/O Reads), (I/O Writes) .


, . , ,
.
.
(Page Faults) ,
,
.
, (soft page fault).
, (hard page fault).
.
.
(Paged Pool),
(Nonpaged Pool)
, , . , . ,
. , .
(Peak Memory Usage)
, . . , , Microsoft SQL Server,
, .
(Thread Count) , . . .
.
,
, .

(System Idle Process). .
, ,
(System Idle Process) . 99 (CPU)
(System Idle Process) , 99% .

75

,
. ,
.
,
(Applications) (Go
To Process). ,
, .
.

:
(Applications) (End Task);
(Processes) (End Process)
;

(Processes)
(End Process Tree).


(Services)
. , (PID), , . . 4-3,
.
, .
(Status), :
(Running) (Stopped).

. 4-3. (Services)

76

Windows Server 2008

(Group) , :
,
. , ,
LocalService, LocalServiceNoNetwork (
) LocalSystemNetworkRestricted (
).
, svchost.exe, ,
k. , RemoteRegistry
svchost.exe k regsvc. (Group) regsvc.
,
, :
;
;
(Processes).


(Performance)
(. 4-4).
. , (Performance Monitor),
.

. 4-4. (Performance)

77

(Performance)

(Performance) :
(CPU Usage) .
(CPU Usage History) . .
(Memory) ,
.
(Physical Memory
Usage History) .
,
. . 4-4
(Performance) ,
.
, (Performance).
.
, , .
,
, . .


(View):
(Update Speed) , . (Low) ,
(Normal) , (High) .
(CPU History) , . , , ( ) .
(Show Kernel Times)
, .
(
).

78

Windows Server 2008

, ,
. , IIS 7
, , ,
, . ,
, ,
.

:
() (Physical Memory (MB))
. (Total)
, (Cached)
, , (Free) .
, . ,
, 5%
.
() (Kernel Memory (MB)) ,
.
. (Nonpaged).
(Paged).
, , (Total).
(System) .
(Handles) - , .
(Threads) . .
(Processes) .
(Up Time) , .
(Page File) .
10%
, , ,
( ,
).


(Networking)
. ,
, .

79

, (Networking) (. 4-5).
,
, .
. ,
(View), (Network Adapter
History) (Bytes Sent),
(Bytes Received) . , , .

. 4-5. (Networking)

(Networking)
.
,
. :
(Adapter Name) (Network Connections).
(Network Utilization)
, .
, 100 10 10- .
(Link Speed) .
(State) .

80

Windows Server 2008

50% ,
. , . ; , . ,
. ,
, .
.

(View) (Select Columns),


,
(Networking).
:
(Bytes Sent Throughput)
, .
(Bytes Received Throughput) , .
(Bytes Throughput)
, .
(Bytes Sent) , .
(Bytes Received) , .
(Bytes) ,
.



. .
,
.
Windows Server 2008
. (Task Manager)

.
(Users), . 4-6.
, .
, ,
, . , , Console.
, , RDP-TCP

81

RDP TCP . , :
(Connect) .
(Disconnect) ,
.
(Log Off) .
.
(Remote Control)
. Ctrl+*.
(Send Message) , .

. 4-6. (Users)



.
(Services) .
(Services), :
1. (Start) (Administrative Tools), (Server
Manager). (Server Manager)
.

82

Windows Server 2008

2. (Server Manager) (Configuration).


3. (Services),
, (. 4-7). :
(Name) . , .
. , , , 2.
(Description) .
(Status) ,
( ).
(Startup Type) . . .
, .
(Log On As) , .
.

. 4-7. (Services)

83

(Services) : . ,
(Services). .
(Start), .
(Restart)
, , . , .
, . Windows Server 2008 ,
.

, ,
, Windows Server 2008. , :
1. (Server Manager) (Configuration).
2. (Services).
3. (Start), (Stop) (Pause).
(Restart), .
, (Resume)
.
, ,
- , . ,
. ,
. Windows Server 2008
, , . .


Windows Server 2008 .
. :
1. (Server Manager) (Configuration).
2. (Services), ,
, (Properties).
3. (General)
(Startup Type) (. 4-8).

84

Windows Server 2008

(Automatic) .
( ) (Automatic (Delayed Start))
, .
(Manual) .
(Disabled) .
4. OK.
,
.
, .
.
. , (Log On) .
(Enable)
(Disable).

. 4-8.


Windows Server 2008 , :
1. (Server Manager) (Configuration).

85

2. (Services), ,
, (Properties).
3. (Log On), . 4-9.
4. (Local System
Account),
( ).
, (Allow Service To Interact With Desktop),
.
5. (This Account), , .
.

(Browse).
6. OK.

. 4-9. (Log On)



, ,
.
, . ,
, ,
. , .
, .
, , . .

86

Windows Server 2008


Windows Server 2008 . , .
, :
1. (Server Manager) (Configuration).
2. (Services), ,
, (Properties).
3. (Recovery),
. 4-10.
Windows Server 2008 . .
, , DCOM- (DCOM Server
Process Launcher) (Group Policy Client), . .

. 4-10. (Recovery) ,

4. , . :

87

(Take No Action) ,
.
(Restart the Service) ,
.
(Run a Program) , Windows. ,
, , .
(Restart the Computer) . , .
, .
: .

5. , . ,
(Run Program).
, .
- .
6. OK.


.
, , , -
(Worldwide Web Publishing Service), Simple Mail Transfer Protocol (SMTP)
FTP- (File Transfer Protocol (FTP) Publishing
Service), . ,
,
.
, . ,
,
. , .

88

Windows Server 2008

, .
, ,
.
, :
1. (Server Manager) (Configuration).
2. (Services), ,
, (Properties).
3. (General)
(Startup Type) (Disabled).
, . ,
. ,
(Stop) (General)
(Properties) OK.


,
.
Windows Server 2008 Windows (Windows Event Log).
:
Windows (Windows logs) , , , .
(Applications and Services logs) ,
.
Windows :
(Security Log) , . %SystemRoot%\
System32\Winevt\Logs\Security.evtx.
(Manage Auditing and the
Security Log). (Administrators).
10.

(Setup Log) , . %SystemRoot%\System32\Winevt\Logs\Setup.evtx.

89

(Forwarded Events)
, , . %SystemRoot%\System32\
Config\FordwardedEvents.evtx.
(Application) , , , Microsoft SQL Server.
%SystemRoot%\System32\Winevt\Logs\Application.evtx.
(System Log) , , , . %SystemRoot%\System32\
Winevt\Logs\System.evtx.

, .
, . , , , ,
, . ,
(Manage Auditing and the Security
Log).
(Administrators). 10.

:
DFS (DFS Replication)
DFS. %SystemRoot%\System32\Winevt\Logs\DfsReplication.evtx.
(Directory Service) ,
Active Directory. %SystemRoot%\System32\Winevt\Logs\
Directory Service.evtx.
(File Replication Service) . %SystemRoot%\System32\Winevt\Logs\File Replication
Service.evtx.
(Hardware Events) , , .
%SystemRoot%\System32\Config\Hardware.evtx.
DNS- (DNS Server) DNS-, DNS.
%SystemRoot%\System32\Winevt\Logs\DNS Server.evtx.
Microsoft\Windows ,
Windows. -

90

Windows Server 2008

. , . , .
Windows PowerShell , Windows PowerShell. %SystemRoot%\System32\Winevt\Logs\Windows
PowerShell.evtx.


, :
1. (Diagnostics) .
2. (Event Viewer). :
,
(Custom Views)
(Administrative Events).
, .
,
(Custom Views), (Server Roles)
.
.
,
Windows (Windows Logs),
(Applications And Services Logs) .
, , ,
(Application) (System).
3. (Source) ,
.
. 4-11,
(Event Viewer) , ,
.
,
. . :
(Information) , .
(Audit Success) , .

91

(Audit Failure) , .
(Warning) .
(Error) .
,
. ,
, .

. 4-11. (Event Viewer)


, , :
(Source) , , .
(Event ID) , , .
(Task Category) ,
(None),
.
(User) , , .

92

Windows Server 2008

(Computer) , .
(Description) .
(Data) ,
.


(Event Viewer) .
(Custom Views).
(Administrative Events), . (Server Roles)
, ,
.
, :
1. (Diagnostics)
(Event Viewer).
2. (Custom Views). (Action) (Create Custom View).
, . 4-12.
3. (Logged) (Last Hour), 12 (Last 12 Hours),
24 (Last 24 Hours), 7 (Last 7 Days)
30 (Last 30 Days).
4. (Event Level)
, . (Verbose), .
5.
:
(Event logs)
. ,
. .
(Event Sources)
. ,
.
.

93

. 4-12. ,

6. (User) (Computer(s))
. , .
7. OK. (Save Filter To Custom View),
. 4-13.

. 4-13.

8. .
9. , . (Custom Views). , (New Folder),
OK.

94

Windows Server 2008

10. OK, (Save Filter To Custom View).


, . .
, ,
:
1. (Diagnostics)
(Event Viewer).
2. Windows (Windows Logs)
(Applications And Services Logs). .
3. , .
(Action) (Filter Current Log). ,
. 4-12.
4. (Logged) (Last Hour), 12 (Last 12 Hours),
24 (Last 24 Hours), 7 (Last 7 Days)
30 (Last 30 Days).
5. (Event Level)
, . (Verbose), .
6. (Event Sources) , . , .
7. (User) (Computer(s))
. , .
8. OK. , .
.
, (Clear Filter)
(Action).


, , . . ,
.
, :
1. (Diagnostics)
(Event Viewer).

95

2. Windows (Windows Logs)


(Applications And Services Logs).
3. , ,
(Properties). , . 4-14.

. 4-14.

4. .
(Maximum Log Size). , .
%SystemRoot%\System32\Winevt\Logs.
5. . :
(Overwrite Events As
Needed (Oldest Events First)) . ,
.
,
(Archive The Log When Full, Do Not Overwrite Events) Windows ,
. .
( ) (Do Not
Overwrite Events (Clear Logs Manually)) -

96

Windows Server 2008

, .
6. OK.
, , , (Archive The Log When Full, Do Not Overwrite
Events). ,
.


, , :
1. (Diagnostics) (Event Viewer).
2. Windows (Windows Logs)
(Applications And Services Logs).
3. (Clear Log).
4. (Save And Clear), . (Clear),
.


, , , . ,
, . Windows .

:
.evtx (Event
Viewer).
(.txt)
.
(.csv) .
XML.
- . :

97

,18.05.2008 09:43:24,EventLog,6005,,
.
,18.05.2008 09:40:04,Microsoft-Windows-Time-Service,134,,Ntp-
- DNS

:
, ,, , ,

Windows ,
,
(Archive The Log When Full, Do Not Overwrite Events). , :
1. (Diagnostics)
(Event Viewer).
2. Windows (Windows Logs)
(Applications And Services Logs).
3. , ,
(Save
Events As).
4. (Save As)
.
5. (Save As Type)
(*.evtx) (Event Files (*.evtx)).
(Save).
,
, . ,
. ,
2009 , 2009.
.evtx.
,
(Event Viewer). ,
, (
). , , . ,
.evtx, ,
(Event Viewer)
(Save As).

,
. -

98

Windows Server 2008

(Event Viewer).
:
1. (Server Manager)
(Event Viewer).
(Open Saved Log File).
2. (Open)
.
(Event Logs Files). ,
.evtx, .evt .etl.
.
3. (Open). Windows
(Open Saved Log).
4. .
5. , .
(Saved Logs). , (New Folder). OK.
6. OK,
(Open Saved Log). .
(Event
Viewer), (Delete) (Action). (Yes).
- , .


.
, . , , ,
.

?
. ,
,
.

. ,
, . , , . , , , ,
,

99


, ,
. ,
. , , , .
, . ,
, :
1. , .
2. .
3. .
4. .
5. .
.
. , .
:
(Performance Monitor)
, .
, .
(Reliability Monitor) ,

.
,
. (System), (Security) (Application), .


(Reliability And Performance)
(Reliability And Performance).
,

100

Windows Server 2008

(Start), (Administrative Tools) (Reliability


And Performance Monitor). (Server Manager)
(Diagnostics).
(Diagnostics) (Reliability And Performance). . 4-15, :
(CPU Usage)
. , ,
, , , , .
(Disk Usage) ,
, . ,
, , -, , , , ,
, ,
, -
.
(Network Usage)
. , ,
, , , , IP-, , ,
, .
(Memory Usage) . , ,
,
, , , ,
.

101

. 4-15.

(Monitoring Tools)
(Reliability And Performance) :
(Performance Monitor);
(Reliability Monitor).
(Performance Monitor) (counter) .

.
. 4-16, (Performance
Monitor) .
1 , . (Performance Monitor),
, . (Performance
Monitor) ,
.

102

Windows Server 2008

. 4-16.

(Reliability And Performance) (Reliability


Monitor), . 4-17.
.

, , , , . ,
.
,
, , (Application Failure)
(Hardware Failure),
, .

103

. 4-17.


(Performance Monitor) . ,
. (Add Counters).
(Performance Monitor), (Add)
(Available Counters).
(Show Description)
.
(Performance Monitor)
. , (Processor) ,
. ,
, .

104

Windows Server 2008

, :
1. (Reliability And Performance) (Monitoring Tools) (Performance Monitor).
2. (Performance Monitor) . (View
Current Activity) Ctrl+T.
(Line),
(Histogram Bar) (Report),
(Change Graph Type) Ctrl+G.

. 4-18.

3. , (Add)
Ctrl+I.
(Add Counters), . 4-18.
4. (Select Counters From Computer) UNC- , , ,
\\CorpServer84, (Local
Computer).
,
(Performance Monitor
Users) . ,
(Performance Log Users)
.

105

5. (Available Counters) .
, . , ,
, .
6. ,
. (All Instances), ,
.
7. ,
, (Add), . 57, .
8. , .

. , , ,
.


Windows Server 2008 (data collector
set) (report). , .
,
, . Windows.
.
. , :
;
;

:
.
(Reliability And Performance)
(Data Collector
Sets) (Reports), . . 4-19, () .
, ,
.

106

Windows Server 2008

. 4-19.

, (Reliability
And Performance Monitor),
(Administrative Tools),
(Data Collector Sets).
.

, (User
Defined) (System), .
,
. (Trace) , .
(Performance Counter) ,
. (Configuration) ,
.
,
(Event Trace Sessions). , , (Stop).
, , (Startup Event Trace Sessions).
,

107

(Start As Event
Trace Session). ,
(Delete).
, , (Save Template).
(Save As) ,
(Save).
XML-, .
,
(Delete). ,
. .

.
,
15 .
, :
1. (Reliability And Performance Monitor) (Data Collector
Sets), (User-Defined),
(New) (Data Collector Set).
2. (Create New Data
Collector Set Wizard) , , .
3. (Create Manually) (Next).
4. (What Type
Of Data Do You Want To Include) (Create Data Logs).
(Performance Counter)
(Next).
5.
(Which Performance Counters Would You Like To Log) (Add).
(Add Counter), . OK.
6. ,
, , , . ,
. , 15--

108

Windows Server 2008

, 15 . (Next).
7. (Where Would You Like
The Data To Be Saved) ,
, , (Browse). (Next).
%SystemRoot%\
PerfLogs\Admin. .
, , . ,
, .

8. (Create Data Collector


Set) (Run As)
(Default). ,
.
, (Change).
OK. \
, , CPANDL\WilliamS
WilliamS CPANDL.
9. (Open Properties For This Data Collector Set)
(Finish). ,
(Properties).
10. . ,
(Schedule) (Add).
(Active Range), (Start
Time) .
11. . (Stop
Condition), ,
, , ,
( ).
12. , OK.

.
.
(Task)
(Properties).

109

, . , .
, :
1. (Reliability And Performance Monitor) (Data
Collector Sets), (User-Defined)
(New)
(Data Collector Set).
2. (Create New Data
Collector Set Wizard) , , -.
3. (Create Manually) (Next).
4. (What Type
Of Data Do You Want To Include)
(Create Data Logs)
(Event Trace Data). (Next).
5. (Which Event Trace Providers Would You Like To Enable)
(Add). , , Active Directory Domain Services: Core, .
(Properties) (Edit), , . . (Next).
6. 712 .

. , :
1. (Reliability And Performance Monitor) (Data
Collector Sets), (User-Defined)
(New)
(Data Collector Set).
2. (Create New Data
Collector Set Wizard) , , AD.
3. (Create Manually) (Next).

110

Windows Server 2008

4. (What Type
Of Data Do You Want To Include)
(Create Data Logs) (System Configuration Information). (Next).
5. (Which
Registry Keys Would You Like To Record) (Add).
, . . (Next).
6. 712 .


,
. ,
, . ,
, : .

(Reliability And Performance Monitor),
(Reports), ,
. . .
.
, . ,
(Stop). .
, :
1. , (Properties) Ctrl+Q. :
(Performance Monitor Properties).
2. (Source).
3. .
(Data Source) (Log Files)
(Add),
(Select Log File). .
4. . (Time Range), (Total Range)
.
5. (Data) .
, -

111

(Remove). (Add),
(Add Counter)
.
,
. , ,
, .

6. OK.
(Change Graph Type).



, .

.
.
, :
1. (Reliability And Performance Monitor) (Data Collector
Sets), (User-Defined)
(New) (Data Collector Set).
2. (Create New Data
Collector Set Wizard) , , -.
3. (Create Manually) (Next).
4. (What Type
Of Data Do You Want To) (Performance Counter Alert) (Next).
5. (Which Performance Counters Would You Like To Monitor) (Add),
(Add Counters) , . , OK.
6. (Performance
Counters) (Alert When Value Is) , . ,
(Above) (Below).
. ( -

112

Windows Server 2008

). , ,
95%, (Above)
95. .
7. 812 .


, , , , .
:
;
;
-;
.


,
, , . ,
.
, , , .

.

. Active Directory, , , .
, ,
, . , 3.
, , , , . . 4-1 ,
, ( ).

113

. 4-1. ,

\
(Memory\
Available Kbytes)


, , .
.
, ,
. , ,
5%
.
,
.
75%

\
/
(Memory\ Page
Faults/sec)

\
(Memory\
Committed Bytes)

\ / (Memory\
Pages Input/sec)
\
/
(Memory\ Page
Reads/sec )

, ,
.
- ,
.
,
.

.

. \
/ (Page Faults/sec)
.
\ / (Pages Input/
sec) ,
. \
/ (Page Reads/sec) , .
\ / (Pages Input/
sec)
\ /
(Page Reads/sec)
.
,

114

Windows Server 2008

. 4-1. ()

\ (Memory\
Pool Paged Bytes)


.

,
,
.

,
.

, ,
.
, ,

\ (Memory\
Pool Nonpaged
Bytes)


.
, ,
. , , , , . ,
, , SQL Server, .
,
.
, , . 4-2, , .
. 4-2. ,

\

(System\Processor
Queue Length)

,
. ,
.

2 ,

115

. 4-2. ()

\% (Processor\
% Processor Time)

,

.
, .

- ,

-
-
. , - , . ,
,
.
-, , .
.
,
/.
, . 4-3.
. 4-3. ,

\%

(PhysicalDisk\%
Disk Time)

%
(% Disk Time) , .

% (Processor\%
Processor Time)
\
/
(Network Interface
Connection\Bytes
Total/sec)

116

Windows Server 2008

. 4-3. ()

\
/
(PhysicalDisk\Disk
Writes/sec)


-. ,

. , ,
. ,
RAID

\
/
(PhysicalDisk\Disk
Reads/sec)
\

(PhysicalDisk\Avg.
Disk Write Queue
Length)
\

(PhysicalDisk\Avg.
Disk Read Queue
Length)
\


(PhysicalDisk\
Current Disk Queue
Length)



, ,
.
.
: , , .
, , , . , .
.

117

. 10/100, . :
, 10 /,
.
, :
\ / (Network\Bytes Received/
sec)
\ / (Network\Bytes Sent/sec)
\ / (Network\Bytes Total/sec)
\ (Network\ Current Bandwidth)

50% , , ,
. ,
, , , . ,
\% (PhysicalDisk\% Disk Time) \%
(Processor\% Processor Time). , , , , . .
,
.

, ,
?
-
Microsoft Windows Server 2008 , , .
. , (Remote Server Administration Tools). ,
(Wireless Networking). Windows Server 2008
, Windows Vista.
,
:
(Automatic Updates)
. Windows Update Microsoft Update, .
Windows Server 2008 , . Windows (Windows Update) .
, (Start), (Control
Panel), (Security) Windows (Windows Update). ,
, .
Windows (Windows Firewall)
. Windows Server 2008

119

Windows (Windows Firewall) Windows (Windows Firewall With Advanced Security). . ,


Windows (Windows Firewall)
(Network And Internet) . ,
Windows (Windows Firewall With
Advanced Security) (Administrative Tools).
(Desktop Experience)
Windows Vista. ,
Windows Server 2008
.
, : Windows (Windows Calendar), Windows (Windows Defender), Windows (Windows Mail), Windows Media (Windows Media Player), Windows (Windows
Photo Gallery), Windows (Windows Sidebar) Windows
SideShow.
Windows (Windows Time)
. . Windows Time ,
.
, .
,
(Date And Time).
Windows (Windows Defender) . Windows (Windows Defender) .
Windows (Windows Defender) .
Windows (Windows Defender) (Desktop Experience),
(All Programs).
(Task Scheduler) ,
, . Windows Server 2008, Windows Vista, . (Server Manager). , (Configuration), (Task Scheduler)
(Task Scheduler Library).

120

Windows Server 2008

(Remote Assistance) .
, ,

.
, (Remote) (System Properties). ,
(System and Maintenance) (System)
(Remote Settings) (Tasks).
(Remote Desktop) .
Windows Server 2008 (Remote Desktop) , .
(Remote) (System Properties).
, (System
and Maintenance) (System)
(Remote Settings) (Tasks). (Remote Desktop Connection). (Start),
(All Programs), (Accessories)
(Remote Desktop Connection).
BitLocker (BitLocker Drive Encryption) .
, .
BitLocker , TPM, .
,
BitLocker (BitLocker Drive Encryption).
Windows Vista Windows Server 2008
. Microsoft Windows Vista. .
( , -, 2008).
, . , (System Resource Manager) ,
. (Terminal Services) ,
. Windows (Windows Deployment

121

Services) Windows.
Windows Server 2008,
, (Group Policy).
Windows Server 2008
. (Computer Configuration) (User Configuration)
: (Policies) (Preferences).
, .
, , , \\ : \
Windows (User Configuration\Policies\Administrative Templates: Policy Definitions\Windows
Components) - \ \ Windows (User Configuration\Administrative Templates\Windows Components).


, , , . :
Windows,
, ,
(Start). .
, , .
.
. .
, , ,
. 2 .
, .


.
, ,
. , , (local group policy) .
Active Directory.

122

Windows Server 2008

,
Active Directory. Active Directory (sites),
(organizational units).
NewYorkMain, CaliforniaMain WashingtonMain.
WashingtonMain SeattleEast, SeattleWest,
SeattleNorth SeattleSouth. , SeattleEast Information Services, Engineering Sales.
,
Windows 2000, Windows XP Professional, Windows Vista,
Windows Server 2003 Windows Server 2008. Windows
NT 4.0 (System Policy
Editor, Poledit.exe). Windows 95 Windows 98 , Sysvol
.

(Group Policy Object, GPO)
. , GPO.
, - . - , GPO
, : .
(container) , . , , . ,
, , ,
. , , . GPO , GPO
.
: . ,
.
, . ,
.
, , , . ,
.

123

?
, :
1. .
2. .
3. .
4. .
5. .
, , . , , .
, .
, .

?
, ,
:
;
.
, .
. , :
1. Windows Server 2008 .
.
.
2. Windows Server 2008 .
,
. ,
.
3. Ctrl+Alt+Del, .
, Windows Server 2008 .
4. Windows Server 2008 .
.
.
5. Windows Server 2008 .
. ,
.
Netlogon.

124

Windows Server 2008

6. Windows Server 2008 , .


7. .
, , gpupdate.
.
, , , , .
,
. gpupdate /logoff, .
, .
, gpupdate /boot.


Windows 2000
,
Windows 2000 . ,
Windows -
. , . Windows, ,
Windows XP Professional Windows Server 2003.
.
, , Windows 2000, , Windows 2000, Windows XP Professional, Windows Server 2003,
Windows Vista Windows Server 2008. , , , , Windows XP Professional, ,
Windows 2000, , Windows Vista,
Windows 2000 Windows XP Professional.
,
Windows? . (Settings)
(Supported On), Windows.
,
(Requirements).
, Windows. .

125


, Active
Directory
(Group Policy Management, GPMC). GPMC Windows
Server 2008 .
Windows Vista -
. GPMC (Administrative Tools).
GPO GPMC,
(Group Policy Management
Editor), .
,
. , , :
GPO (Group Policy Starter GPO Editor) . ,
GPO
. , GPO .
(Local Group Policy
Object Editor) . ,
GPO ,
, .
Windows, , Windows Server 2003,
(Group Policy Object Editor, GPOE),
.
Group Policy Object Editor, Group Policy Management Editor, Group Policy
Starter GPO Editor Local Group Policy Object Editor . , . ,
,
. GPOE.
Windows Vista Windows Server 2008 , Windows Vista
Windows Server 2008. Windows Vista Windows
Server 2008 GPOE GPMC,
XML ADMX.

126

Windows Server 2008

ADMX
. GPO, ADMX, Windows Vista Windows Server 2008.

.
.
ADMX- XML, , .

, , . , ADMX-
.
ADMX , ,
.admx .adml.
GPO.


, .
, .
Windows Vista Windows Server 2008
ADMX, , %SystemRoot%\
PolicyDefinitions. ADMX-
%SystemRoot%\PolicyDefinitions\. ISO, , EN-US .
,
ADMX- . GPO ADMX-, . ,
.
ADMX-
Sysvol (%SystemRoot%\Sysvol\Domain\
Policies). ,
GPO. GPO
, ADMX . ,
, . GPO Windows Vista Windows Server 2008,
ADM, ADMX GPO .
.
Windows Server 2008
DFS.
GPO,
GPO .
Windows Server 2003, Windows Server 2008
Windows

127

.
Windows , , .
Windows Server 2008
userenv.dll.
. Userenv . , . (Event
Viewer) \Microsoft\
Windows\GroupPolicy (Applications And Services Logs\Microsoft\Windows\GroupPolicy).
ICMP (ping) Windows Server 2008 (Network Location Awareness, NLA).
, . NLA
,
.


Windows Server 2008 (Local Group Policy Object, LGPO) ( , ).
LGPO. Windows Server 2008
LGPO LGPO,
.
.


LGPO , , .

,
. LGPO
.
LGPO, , ,
GPO.
,
.
Windows Server 2008
:

128

Windows Server 2008

LGPO, , .
- . ,
.

.
LGPO :
,
.
LGPO
, GPO
GPO. Windows Server 2008 , ,
. . -.
(Not Configured), . , LGPO Windows Server 2008,
(Turn Off Local (Group Policy
Objects) Processing) GPO.
\ \\ (Computer Configuration\Administrative
Templates\System\Group Policy).


, Windows 2000
, ,
.
LGPO
gpedit.msc /gpcomputer: %ComputerName%

MMC- GPOE . %ComputerName%


. , .
, :
gpedit.msc /gpcomputer: RemoteComputer

129

RemoteComputer - FQDN- .
, :
gpedit.msc /gpcomputer: corpsvr82

, , :
1. (Start), mmc (Search)
Enter.
2. (File) (Add/Remove Snap-In).
3. (Add or Remove
Snap-Ins) (Group
Policy Object Editor) (Add).
4. (Select Group
Policy Object) .
(Finish) OK.
. 5-1, .
MMC
LGPO. (Add or Remove Snap-Ins) , .

. 5-1.

130

Windows Server 2008

LGPO
%SystemRoot%\System32\
GroupPolicy Windows Server 2008. :
Machine Script HKEY_LOCAL_MACHINE
Registry.pol.
User Script
HKEY_CURRENT_USER Registry.pol.
! ; . . Windows,
(Tools) (Folder Options),
(View), (Show Hidden files and Folders),
() (Hide Protected Operating System Files (Recommended)), (Yes) OK.



Local Group Policy Object. .
,
:
1. (Start), mmc (Search)
Enter. (File) (Add/Remove Snap-In).
2. (Add or Remove
Snap-Ins) (Group
Policy Object Editor) (Add).
3. (Select Group
Policy Object) (Browse).
(Browse For a Group Policy Object) (Users).
4. , , (Users). :
(Administrators),
.

131

(Non-Administrators),
.
, .
5. OK. , .
.
, - %SystemRoot%\System32\GroupPolicyUsers Windows Server 2008. LGPO , %SystemRoot%\
System32\GroupPolicyUsers User, Script
, Registry.pol HKEY_CURRENT_USER.

,

Active Directory,
Active Directory. , .
, .
, .


Active Directory
:
(Default Domain Controllers Policy) GPO Domain Controllers.
GPO (
). .
(Default Domain Policy)
GPO Active Directory .
, .
, ,
Domain
Controllers. , Domain Controllers
GPO. ,
GPO GPO -

132

Windows Server 2008

. GPO
.
, ,
,
Kerberos. GPO :
(Accounts: Rename Administrator Account), :
(Accounts: Rename Guest Account), :
(Network Security: Force Logoff When Logon Hours Expire)
: SID (Network Access: Allow
Anonymous SID/Name Translation). GPO
.
, .
GPO
Domain Controllers .
GPO
.
, %SystemRoot%\ Sysvol\Domain\Policies.
,
.
GUID . :
Machine ( Script) HKEY_LOCAL_MACHINE Registry.pol.
User ( Script) HKEY_CURRENT_USER Registry.pol.
! ; .


GPMC (Start), (Administrative Tools) (Group Policy Management). . 5-2, (Group Policy Management), (Forest). ,
, .
, -

133

(Group Policy Management) (Add


Forest). (Add Forest) OK.

. 5-2. GPMC GPO ,

(Forest) :
(Domains) .
, .
,
(Domains)
(Show Domains).
(Show Domains) ,
, OK.
(Sites) . . .
(Sites)
(Show Sites). (Show Sites) , , OK.
(Group Policy Modeling) (Group Policy Modeling Wizard),
.
.

134

Windows Server 2008

(Group Policy Results)


(Group Policy Results
Wizard).
, ,
GPO . GPO, , , GPO, .
GPO, (Group Policy Objects) .
: GPO
, , GPO .
GPMC, Active Directory,
, PDC, GPO .
LDAP,
Sysvol SMB (Server Message Block). PDC - , , ,
GPMC
, , . ,
(Change Domain Controller).
(Change Domain Controller)
(Current Domain Controller) , .
(Change To) OK.


GPO,
GPMC (Edit). . 5-3,
:
(Computer Configuration) , ,
.
(User Configuration) , ,
.
(Computer
Configuration) (User Configuration) . , :
(Software Settings) . (Software Settings) .

135

Windows (Windows Settings) , .


(Administrative Templates)
, Windows . , .

. .
. 2 .

. 5-3.



. .
. , , . HKEY_
LOCAL_MACHINE,
HKEY_CURRENT_USER.
(Administrative Templates) .
, , , .
(Computer Configuration) (User Configuration) . Windows, .
(Administrative Templates) :

136

Windows Server 2008

Windows (Windows components)


Windows,
(Event Viewer), Internet Explorer, (Task Scheduler), Windows (Windows Installer)
Windows (Windows Updates).
(Start menu and taskbar) (Start)
.
(Shared folders)
DFS.
(Control Panel)
.
(Printers) , ,
.
(Desktop) Windows .
(Network)
, DNS .
(System)
, , , , . .
,
(Administrative Templates).
:
(Not Configured) ; .
(Enabled) ,
.
(Disabled) (
- ). .
, , :
1. (Administrative Templates) (Computer
Configuration) (User Configuration),
.
2. , .
.
3.
(Properties),
.

137

4. (Explain),
. , .
5. ,
(Settings) :
(Not Configured) .
(Enabled) .
(Disabled) .
6. (Settings) OK.
, Windows Server 2008
.
.


(central store) Sysvol
.
ADMX, . .
, , , PDC, GPOE GPMC
.
,
.
:
1. ,
Windows %SystemRoot%\
Domain\Policies.
2. Windows Explorer %SystemRoot%\Domain\Policies\PolicyDefinitions ,
.
ISO -, , EN-US .
3. ADMX Windows Vista. ,
Windows Vista Business . :
ADMX-, ,
%SystemRoot%\PolicyDefinitions Windows Vista

138

Windows Server 2008

(%SystemRoot%\Domain\
Policies\PolicyDefinitions).
ADMX-, ,
%SystemRoot%\PolicyDefinitions\ . ,
ADMX , %SystemRoot%\PolicyDefinitions\
EN-US %SystemRoot%\Domain\Policies\PolicyDefinitions\
EN-US .
4. ADMX Windows Server 2008.
,
Windows Server 2008 .
:
ADMX-, ,
%SystemRoot%\PolicyDefinitions Windows Vista
(%SystemRoot%\Domain\
Policies\PolicyDefinitions).
ADMX-, ,
%SystemRoot%\PolicyDefinitions\ . ,
ADMX , %SystemRoot%\PolicyDefinitions\
EN-US %SystemRoot%\Domain\Policies\PolicyDefinitions\
EN-US .
5.
Sysvol. ,
. ,
.

GPO

Active Directory . GPO
, , . .
, , GPO. : GPO , , ,
Active Directory ,
.
GPO , ,
:

139

1. GPMC ,
(Domains).
2. (Group
Policy Objects) (New).
(New GPO)
GPO, , Secure Workstation GPO.
GPO, (Source Starter
GPO). OK, (Group Policy Objects) GPO.
3. GPO
(Edit).
.
4. GPMC , . (Linked
(Group Policy Objects)) GPO,
( ).
5. , GPO (Link An Existing
GPO). GPO (Select GPO) OK. GPO

, .
GPO :
1. GPMC , , GPO,
GPO (Create A GPO In This Domain,
And Link It Here).
2. (New GPO) GPO, , Secure Workstation GPO.
GPO,
(Source Starter GPO). OK, GPO (Group Policy Objects)
, .
3. GPO
(Edit).
. GPO
,
.

140

Windows Server 2008

GPO
GPO GPMC,
GPO.
GPO GPO, . GPO ,
.
GPO, :
1. GPMC ,
(Domains).
2. (Starter GPOs) (New).
GPO (New Starter GPO) GPO, , General Management User GPO.
GPO OK.
3. GPO
(Edit).
.



Active Directory .
:
GPO ;
, GPO, ;
GPO
(Resultant Set of Policy, RSoP).
Active Directory GPO. , GPO, .
GPMC, GPO ,
(Group Policy Objects)
(Delegation). , GPO .
GPO,
(Add). ,
(Select User, Computer, Or Group) OK.
GPMC ,
. -

141

, , ,
(Delegation),
. 5-4. (Permission) . :
GPO (Link GPOs) , GPO , .
(Perform Group Policy
Modeling Analyses) , .
(Read Group Policy Results Data) ,
RSoP, .

. 5-4.

, , :
1. GPMC , (Delegation) .
2. (Permission) , .
3. (Add). ,
(Select User, Computer, Or Group) OK.
4. (Add Group Or
User) . -

142

Windows Server 2008

,

(This Container And All Child Containers).
, (This
Container Only). OK.
GPO, GPMC
(Delegation).
:
(Read)
GPO .
(Edit Settings) GPO . GPO .
, (Edit Settings, Delete, Modify Security)
GPO , GPO .
GPO, :
1. GPMC , (Delegation) .
2. GPO ,
(Add). ,
(Select User, Computer, Or Group) OK.
3. (Add Group
Or User) OK.

,
,
, . : ,
.
. , .
,
, .
:
;
( );
( );
( ).

143

. :
,
. ,
.
.
( ).
, . ,
, . .
( ).
, ,
, :
1. GPMC , .
2.
(Linked (Group Policy Objects)), . 5-5. .

. 5-5.

3. (Move Link Up) (Move Link Down)


.

144

Windows Server 2008

4. (Group Policy
Inheritance) , .
. ,
, .
,
, .
, .
,
, . , ,

( ).
,
. ,
, .
, .
GPMC,

(Block Inheritance). ,
. GPMC
, .
,
. , . , ,
.

. , .
GPMC, ,
, GPO (Enforced). , GPO ,

145

, GPO (Enforced). ,
. GPMC , .
(Scope) . (Enforced)
(Yes), . 5-6.
,
(Location) (Scope),
,
. (Link
Enabled) . (Enforced) .

. 5-6.



,
. , , .
.
.


, , ,
. :

146

Windows Server 2008

;
;
;
.
.
.
, , . ,
, .

, . 5 ,
90 ,
. , ,
( ) 90 120 .
, . , ,
,
. ,
. , -
.
. 16 (960 ) .
30- , (
960 990 ). , ,
, , . ,
.
.

. , , .

147

, , 20- 180- .
.
, :
1. GPMC , , (Edit).
GPO , .
2. (Group Policy Refresh Interval For Domain
Controllers) \
\\ (Computer Configuration\Administrative Templates\System\Group Policy).
, . 5-7.

. 5-7.

3. (Enabled). (Minutes). 5 59 .
4. (Minutes) . , ,
,
. OK.
, ,
.
, , , .

148

Windows Server 2008


, :
1. GPMC , , (Edit).
GPO ,
.
2. (Group Policy Refresh Interval For Computers)
\ \\ (Computer Configuration\Administrative
Templates\System\Group Policy). , ,
. 5-7.
3. (Enabled). (Minutes). 60 240 .
4. (Minutes) . , ,
,
. OK.
, , , , , ,
. ,
. ,
, . ,
, . :
.


. ,
. , .
Gpupdate.
. gpupdate
, ,
. . , /Force.
,
gpupdate /target:computer. , gpupdate /target:user.

149

Gpupdate
. , . /Logoff, /Boot.


, , , Active Directory
.

, , .

, :
1. GPMC (Group Policy Modeling), (Group Policy Modeling Wizard)
(Next) .
2. (Domain Controller Selection)
(Show Domain
Controllers In This Domain) , .
. , (This Domain Controller)
. (Next).
3. (User And Computer
Selection), . 5-8,
.
(Next):
, , , . (User Information)
(Container), (Browse) .
(Computer Information),
.
,
.

150

Windows Server 2008

(User Information) (User), (Browse) .


(Computer Information),
.

. 5-8.

4. (Advanced Simulation Options)


( , ) (Next).
5. (User Security Groups)
. , , ,
CorpManagers, (Security Groups). (Next).
6. (Computer Security
Groups)
. , ,
,
RemoteComputers, (Security Groups). (Next).
7. WMI.
,
WMI.
. (Next), .

151

8. (Next).
, (Finish).
(. 5-9).

. 5-9.

9. , .
(Computer Configuration Summary),
(User Configuration
Summary).

,
GPMC , .
.
GPMC.
,
. , GPMC
.

. , , .
, ,
.
,
. , -

152

Windows Server 2008

.
,
. ,
, .
, .
.
,
:
1. GPMC
(Group Policy Objects) (New). (New GPO)
GPO OK. GPO
(Group Policy Objects).
2.
(Import Settings). (Import Settings Wizard).
3. (Next), GPO (Backup GPO). GPO, .
4. (Backup Location)
(Browse). OK. (Next).
5. ,
GPO (Source GPO).
(Next).
6. UNC-, .
,
.
7. (Next) (Finish), . , OK.


GPO. GPMC
, :
1. GPMC
(Group Policy Objects).
,
(Group Policy Objects) (Back Up
All). ,
(Back Up).

153

2. (Back Up
Group Policy Object) (Browse) GPO.
3. (Description)
(Backup).
4. (Backup). , OK.
, ,
.
.
.
GPMC , . GPMC
,
.
,
, .
, :
1. GPMC
(Group Policy Objects) (Manage
Backups). .
2. (Browse), OK.
3. GPO (Backup Policy Objects) . ,
GPO (Show Only The Latest Version Of Each
GPO).
4. GPO, . , (View Settings). (Restore) , OK.
5. (Restore). ,
. GPO, ,
,
. .

154

Windows Server 2008




. , , ,
(). , ,
.
GPMC,
Group Policy Results) (Group Policy
Results Wizard). .


.
,
. GPO
.
, :
1. GPMC , .
2.
(Details) .
3. GPO (GPO Status)
OK, GPO:
(All Settings Disabled) .
(Computer
Configuration Settings Disabled)
. .
(Enabled) .
(User Configuration Settings Disabled) . .

155


.
. . ,
GPO ,
GPO .
,
. ,

GPO , .
GPO
(loopback processing).
,
:
1. GPMC
(Edit).
2. (User Group Policy Loopback Processing
Mode) \ \\ (Computer Configuration\Administrative Templates\System\Group Policy).
.
3. (Enabled), (Mode) OK:
(Replace) ,
GPO ,
GPO . ,
GPO ,
.
(Merge) GPO , GPO ,
GPO .
GPO , GPO .



. ,
, .

156

Windows Server 2008

, ,
.
, 500 / ( ), .
.

(Group Policy Slow Link Detection) \
\\ (Computer
Configuration\Administrative Templates\System\Group Policy).
, 500 /.
, , ,
384 /. , .
.
:
(Wireless Policy Processing);
EFS (EFS Recovery Policy Processing);
(Disk Quota Policy Processing);
Internet Explorer (Internet Explorer
Maintenance Policy Processing);
(Folder Redirection Policy
Processing);
(Scripts Policy Processing);
(Software Installation Policy
Processing);
IP- (IP Security Policy Processing).

(Security Policy Processing). 16 , .

. ,
(Do Not Apply During Periodic Background Processing).
, -

157

, .
,
.
,
:
1. GPMC (Edit).
2 .
(Group Policy Slow Link Detection) \ \\ (Computer Configuration\Administrative Templates\System\Group Policy).
3. (Enabled), . 5-10,
(Connection Speed). OK.

. 5-10.

,
, :
1. GPMC (Edit).
2. \ \\ (Computer Configuration\Administrative Templates\System\Group Policy).

158

Windows Server 2008

3. , . (Enabled), . 5-11,
.
. , , :
(Allow
Processing Across A Slow Network Connection) ,

(Do Not
Apply During Periodic Background Processing) .
,
(Process Even If The Group Policy Objects Have Not Changed)
,
.
4. OK.

. 5-11.

GPO
GPO GPMC:
GPO, GPO;
GPO .
, , ,
GPO . GPO , . GPMC -

159

GPO, GPO
(Delete). , OK. GPO , ,
(Group Policy Objects),
.
GPO, . (Group Policy Objects)
, .
GPO
( ). GPMC GPO ,
(Group Policy Objects), GPO
(Delete).
GPO, OK.


, , ( ), . , GPO , :
1. GPMC (Group Policy Results)
(Group Policy Results Wizard).
(Next) .
2. (Computer Selection) (This Computer), . , (Another Computer)
(Browse). : (Select Computer)
(Check Names). , OK.
3. (User Selection) , . .
(Next).
4. (Next).
, (Finish).
, .
5. .
, , (Computer Configuration Summary)
(User Configuration Summary).

160

Windows Server 2008

Gpresult. :
, ,
, IPSec ;
;
, ,
;
GPO, GPO, .
Gpresult :
gpresult /s /user \

, , \ ,
. , CorpPC85 tedg CPANDL, :
gpresult /s corppc85 /user cpandl\tedg

.
/v . /z , GPO,
.
Gpresult , HTML
/H XML /X.
:
gpresult /s corppc85 /user cpandl\tedg /h gpreport.html
gpresult /s corppc85 /user cpandl\tedg /x gpreport.xml


Active Directory.
- , . ,
GPMC GPO .
,
DCGPOFIX. , , , DCGPOFIX ,
DCGPOFIX.
DCGPOFIX, .

161

DCGPOFIX , . , , . . (Remote Installation Services,


RIS), EFS.
.
.
DCGPOFIX, , . dcgpofix . DCGPOFIX Active Directory, DCGPOFIX Active
Directory. , DCGPOFIX
. /Ignoreschema, DCGPOFIX Active Directory.
,
. DCGPOFIX .

. dcgpofix /target:domain, dcgpofix /target:dc.



.
:
;
;
;
;
.


Windows Server 2008
.
,
. Windows XP Professional Windows Application Data,
(Start Menu), (Desktop), (My
Documents) (My Pictures). Windows Vista

162

Windows Server 2008

Windows AppData, (Desktop),


(Start Menu), (Documents), (Pictures),
(Music), (Videos), (Favorites), (Contacts),
(Downloads), (Links), (Searches)
(Saved Games).
:
. ,
( 15).

, :
1. GPMC GPO , (Edit).
.
2. (User Configuration),
Windows (Windows Settings)
(Folder Redirection).
3. (Folder Redirection)
, , ,
AppData(Roaming), (Properties). , . 5-12.
4. (Target) () (Basic
Redirect Everyones Folder To The Same Location).

. 5-12. AppData(Roaming)

163

5. (Target Folder Location) . ,


:
(Redirect To
The Users Home Directory)
. %HomeDrive%
%HomePath%.
(Create
A Folder For Each User Under The Root Path)
, (Root
Path).
%UserName%. \\Zeta\UserDocuments,
WilliamS \\Zeta\
UserDocuments\WilliamS.
(Redirect To The Following
Location) ,
(Root Path).

, , \\Zeta\UserData\%UserName%\docs.
,
(Redirect To The Local Userprofile Location) . %UserProfile%.
6. (Settings),
, , OK.
(Grant The User
Exclusive Rights To)
.
... (Move The Contents Of ... To
The New Location) ( ).

,
:
1. GPMC GPO , (Edit).
.
2. (User Configuration),
Windows (Windows Settings)
(Folder Redirection).

164

Windows Server 2008

3. (Folder Redirection)
, , ,
Application Data, (Properties).
4. (Target)
(AdvancedSpecify
Locations For Various User Groups). . 5-13,
(Security Group Membership).

. 5-13.

5. (Add), (Specify Group And Location).


(Edit), .
6. (Security Group Membership)
,
, (Browse),
.
7. ,
, :
(Redirect To
The Users Home Directory)
. %HomeDrive%
%HomePath%.

165

(Create
A Folder For Each User Under The Root Path)
, (Root
Path).
%UserName%. \\Zeta\UserDocuments,
WilliamS \\Zeta\
UserDocuments\WilliamS.
(Redirect To The Following
Location) ,
(Root Path).

, , \\Zeta\UserData\%UserName%\docs.
, (Redirect To The Local Userprofile Location)
. %UserProfile%.
OK. 57 ,
.
, (Settings),
, ,
OK.
(Grant The User
Exclusive Rights To)
.
... (Move The Contents Of ... To
The New Location) ( ).


. :
1. GPMC GPO , (Edit).
.
2. (User Configuration),
Windows (Windows Settings)
(Folder Redirection).
3. (Folder Redirection)
, ,
(Properties).
4. (Settings) (Policy Removal).
:

166

Windows Server 2008

(Leave The Folder In


The New Location When Policy Is Removed)
.
.
(Redirect The Folder Back To The Local
Userprofile Location When Policy Is Removed) . .
5. (Target). (Policy Removal),
(Apply).
6. , (Not Configured).
7. , (Security
Group Membership) (Remove). OK.


Windows Server 2008 :
(Computer Startup) .
(Computer Shutdown) .
(User Logon)
.
(User Logoff) .
.bat
.cmd WSH (Windows Script Host). WSH Windows Server 2008, , , VBScript, -.
WSH (scripting engine),
. Windows Server 2008 VBScript JScript, .

. , , .

167

, :
1. Machine\Scripts\
Startup Machine\Scripts\Shutdown . %SystemRoot%\Sysvol\Domain\Policies .
2. GPMC GPO , (Edit). .
3. (Computer Configuration)
Windows (Windows Settings), (Scripts).
4. ,
(Startup) (Properties).
,
(Shutdown) (Properties). , , . 5-14.

. 5-14. ,

5. (Show Files).
Policies,
.
6. (Add),
(Add A Script). (Script Name)
, Machine\Scripts\Startup
Machine\Scripts\Shutdown . -

168

Windows Server 2008

(Script Parameters)
WSH. .
7. , . (Up)
(Down).
8. ,
... (Script... For) (Edit).
9. , ... (Script...
For) (Remove).

:

, , .
Active Directory
(Active Directory Users And Computers).
. 11.
.
, :
1. User\Scripts\
Logon User\Scripts\Logoff .
%SystemRoot%\Sysvol\Domain\Policies .
2. GPMC GPO , (Edit). .
3. (User Configuration)
Windows (Windows Settings), (Scripts).
4. ,
(Logon) (Properties). , (Logoff) (Properties).
, , . 5-15.

169

. 5-15. ,

5. (Show Files).
Policies,
.
6. (Add), (Add A Script). (Script Name) , User\Scripts\Logon
User\Scripts\Logoff .
(Script Parameters)
WSH.
.
7.
, .
(Up)
(Down).
8. ,
... (Script... For) (Edit).
9. , ... (Script...
For) (Remove).


(Software Installation). , ,
, Systems Management Server
(SMS), -

170

Windows Server 2008

, Windows 2000 .

. ,
\ \ (Computer
Configuration\Software Settings\Software Installation).
,
\ \
(User Configuration\Software Settings\Software Installation).
:
,
. , .
.
,
. , .
.
,

(Programs And Features). , . .
,
, . :
, ;
;
.
(Software Installation)
GPO. GPO
, GPO . .
GPO ,
,
, .

171

, ,
. , ,
Microsoft Office,
. Microsoft Office Setup /a
. ,

(Software Installation).
,
(Software Installation), , .
.

(Software Installation) Windows (.msi) ZAW Down-level Application


Packages (.zap). .msi.
.msi, .zap.
,
, ,
.
(Software Installation) ( ) ,
, .
.mst, , .
, :
1. GPMC GPO,
, (Edit).
2. \ \ (Computer Configuration\
Software Settings\Software Installation) \ \ (User Configuration\Software Settings\Software Installation)
.
3. (Software Installation). (New)
(Package).
4. (Open) , , (Open).

172

Windows Server 2008

(Windows Installer Packages). ,


ZAW Down-Level Application (ZAW Down-Level Application Packages).

5. (Deploy Software), . 5-16, OK:


(Published) .
(Assigned) .
(Advanced)
.

. 5-16.


:
1. GPMC GPO,
, (Edit).
2. \ \ (Computer Configuration\
Software Settings\Software Installation) \ \ (User Configuration\Software Settings\Software Installation)
.
3. .
.
4. (Deployment), . 5-17,

:

(Auto-Install This Application By
File Extension Activation) , -

173

, . .
, ,
(Uninstall This Application When
It Falls Out Of The Scope Of Management) ,
.
(Do Not Display This Package In
The Add/Remove Programs Control Panel)
. .
(Install This
Application At Logon)
.
.
(Installation User
Interface Options) . (Maximum)
.
(Basic) , .

. 5-17.

5. OK.

174

Windows Server 2008

, Windows,
:
1. .msi .msp ,
,
.msi. .
2. GPMC GPO, , (Edit).
3. \ \ (Computer Configuration\
Software Settings\Software Installation) \ \ (User Configuration\Software Settings\Software Installation)
.
4. .
(All Tasks) (Redeploy Application).
5. (Yes) . , GPO, .
, Windows, :
1. GPMC GPO, , (Edit).
2. \ \ (Computer Configuration\
Software Settings\Software Installation) \ \ (User Configuration\Software Settings\Software Installation)
.
3. (All
Tasks) (Remove). OK, , .
4. .zap-
.

, :

175

1. .msi .msp ,
,
.msi. .
2. GPMC GPO, , (Edit).
3. \ \ (Computer Configuration\
Software Settings\Software Installation) \ \ (User Configuration\Software Settings\Software Installation)
.
4. (Software Installation). (New)
(Package). , .
5.
(Properties). (Upgrades) (Add).
(Add Upgrade Package) :
, GPO,

(Current Group Policy Object) (Package To Upgrade).
GPO,
(A Specific GPO), (Browse) GPO (Browse For A
Group Policy Object).
(Package To Upgrade).
6. . , ,
(Uninstall The Existing Package, Then Install The Upgrade
Package). ,

(Package Can Upgrade Over The Existing Package).
7. OK, (Add Upgrade Package). ,

(Required Upgrade For Existing Packages). OK, .

176

Windows Server 2008



(certificate revocation list, CRL) ,
(certificate authority, CA).
Windows Server 2008,
Active Directory.
.
CA
(autoenrollment). , ,
, .

. ,

.
: (Certificate Services ClientAutoEnrollment
Settings) \
Windows\ \ (Computer Configuration\Windows Settings\Security Settings\Public Key Policies).

(User Configuration).
,
:
1. GPMC GPO
(Edit).
2. Windows\ \ (Windows Settings\
Security Settings\Public Key Policies) (User Configuration) (Computer
Configuration).
3. : (Certificate Services ClientAutoEnrollment Settings).
,
(Configuration Model) (Disabled),
OK . , (Configuration Model) (Enabled).
4. , , .

177

5. , , (Update Certificates That Use Certificate Templates).


6.
,
(Expiration Notification) . , , , 10%
.
7. OK.



, , GPO.

,
:
(Auto Download
And Schedule The Install)
. , ,
. .
(Auto Download
And Notify For Install) , ,
. .
, , , .
(Notify For Download And Notify
For Install) ,
. ,
. , ,
, .
(Allow Local
Admin To Choose Setting)
.

178

Windows Server 2008

.
, :
1. GPMC GPO
(Edit).
2. \ \ Windows\
Windows (Computer Configuration\Administrative Templates\Windows
Components\Windows Update).
3.
(Configure Automatic Updates). , (Enabled). , (Disabled), OK
.
4. (Configure Automatic Update).
5. (Auto Download And Schedule The Install),
. OK, .

,
.
,
. ,
:
1. GPMC GPO
(Edit).
2. \ \ Windows\
Windows (Computer Configuration\Administrative Templates\Windows
Components\Windows Update).
3. (Allow Automatic Updates Immediate Installation).
(Enabled) OK.
.
, , :

179

1. GPMC GPO
(Edit).
2. \ \ Windows\
Windows (Computer Configuration\Administrative Templates\Windows
Components\Windows Update).
3. , , (Allow
Non-Administrators To Receive Update Notifications).
(Enabled) OK.

:
Windows (Windows Automatic Updates) Windows
. ,
. \ \ (User Configuration\Administrative Templates\System).
ADM- (Turn Off Automatic Update Of ADM Files)
. , ,
. , ,
. \ \\
(User Configuration\Administrative Templates\System\Group Policy).
,
ADM
(Always Use Local ADM Files For The Group Policy
Object Editor).
Windows
(Remove Access To Use All Windows Update Features) Windows. , , .
Windows (Windows Update)
(Start) Internet Explorer (Tools),
(Device Manager).
\ \ Windows\ Windows (User Configuration\Administrative Templates\Windows
Components\Windows Update).

180

Windows Server 2008

, , ,

.
(Specify Intranet Microsoft
Update Service Location), .
:
WSUS (Windows Server Update Services),
-,
Microsoft Internet Information Services (IIS), ,
,
.
, 80.
, , - .

. .
( IIS-) , .
, :
1. ,
GPO, .
\ \ Windows\ Windows (Computer Configuration\
Administrative Templates\Windows Components\Windows Update).
2.
(Specify Intranet Microsoft Update Service Location).
(Enabled).
3. URL (Set The Intranet Update Service For Detecting Updates). URL http://_, , http://CorpUpdateServer01, . 5-18.
4. URL
(Set The Intranet Statistics Server).
.
,
, . , URL .

181

. 5-18.

5. OK. GPO , Windows 2000 Service Pack 3


, Windows XP Service Pack 1 ,
Windows Server 2003, Windows Vista Windows Server 2008 .
,
.

, ,
. . , .


(security template) .
, .
, , :
, Kerberos.
,
.
.
.

.

.
, .
Windows Server
2008 .
(Computer Configuration) (User Configuration). \ Windows\ (Computer

183

Configuration\Windows Settings\Security Settings). , , , , , IP.

, ,
. %SystemRoot%\Security\
Templates. (Security Templates), . 6-1.

. 6-1. (Security Templates)

. ,
, :
dc security
.
setup security .
securedc .
securews .
hisecdc .
hisecws .
, ,
, .
,
.

184

Windows Server 2008

(Security Templates) . (Security Configuration and Analysis).


,
. , . , , ,
.
,
:
1. (Security Templates) .
2. .
3. (Security
Configuration and Analysis) .
4. .
5. (Security Configuration And Analysis) , .


(Security Templates)
(Security Configuration and Analysis)
, :
1. (Start), mmc
(Search) Enter.
2. (File)
(Add/Remove Snap-In).
3. (Add Or Remove
Snap-Ins) (Security Templates) (Add).
4. (Security Configuration and Analysis) (Add). OK.
(Security Templates)
%SystemDrive%\Users\%UserName%\Documents\Security\Templates. , :
1. (Security Templates)
(Action)
(New Template Search Path).

185

2. (Browse For Folder)


, , %SystemRoot%\Security\Templates. OK.
, . , :
1. (Security Templates) , ,
(New Template).
2. .
3. , .
, .


, .
,

, Kerberos.
,
. , .
10, 4.
, , :
1. (Security Templates)
(Account Policies) (Local Policies). , , (Password Policy)
(Account Lockout Policy).
2. . (Computer Setting) .
3. ,
, . 6-2. , (Explain).
, (Define This Policy Setting In The
Template). , .

186

Windows Server 2008

. 6-2.

4. , , .
5. . (Suggested Value Changes)
,
. , (Account Lockout Threshold) Windows
(Reset Account Lockout Counter After) (Account Lockout Duration),
. 6-3.

. 6-3.

(Restricted
Groups) , ,

187

. ,
:
1. (Security Templates)
(Restricted Groups).
. ,
.
2. ,
(Restricted Groups)
(Add Group).
(Add Group)
(Browse).
3. : (Select Groups) , , (Check Names). , . , .
4. (Add Members)
. .
,
(Remove). , , .
5. (Add Groups)
, , .
, ,
( ,
).
, , , .
6. OK, .
, :
1. (Security Templates)
(Restricted Groups). .
, ,
.
2. , , (Delete). ,
(Yes).

188

Windows Server 2008


. , , :
1. (System Services) , . , . , :
,
(Startup) (Not Defined).
:
(Automatic), (Manual)
(Disabled).
,
(Permission)
(Not Defined). (Configured).
2. ,
, . 6-4.
, (Define This Policy Setting In The Template).
, .

. 6-4.

3. , (Automatic), (Manual) (Disabled).


:
.

189

, .
, .
, .
,
, .
, . .
4. , , (Edit Security)
(Security
For).
, .
5. .


.
, . , :
1. (Security Templates)
(Registry) (File System). .
2. ,
(. 6-5).
3. , (Do Not Allow
Permissions On This Key To Be Replaced) OK.
.
4. , (Configure This Key Then).
:
(Propagate Inheritable Permissions To All) ,
,
.
, .
(Replace Existing Permissions On All With Inheritable Permissions) ,

190

Windows Server 2008

,
.
, .
5. (Edit Security). (Security For) . ,
NTFS. 15.
6. , .

. 6-5.

,
:
1. (Security Templates)
(Registry), (Add Key).
(Select Registry Key), . 6-6.
2. , ,
. CLASSES_ROOT HKEY_
CLASSES_ROOT . .
3. (Database Security
For) . , NTFS.
15.
4. . (Add Object). ,
(Do Not Allow Permissions On This Key To Be Replaced)
. .

191

. 6-6. ,

4. , (Configure This Key Then).


:
(Propagate Inheritable Permissions To All) ,
,
. ,
.
(Replace Existing Permissions On All With Inheritable Permissions) ,
,
. , .
5. .
,
:
1. (Security Templates) (File System)
(Add File). (Add A File Or Folder), . 6-7.
2. .
3. (Database Security
For) . , NTFS.
15.

192

Windows Server 2008

4. . (Add Object). ,
(Do
Not Allow Permissions On This Key To Be Replaced) .
.

. 6-7. ,

5. ,
, (Configure This Key
Then). :

(Propagate Inheritable Permissions To All) ,
,
.
, .

(Replace Existing Permissions On All
With Inheritable Permissions) , ,
. , .
6. .

,
, (Security
Configuration and Analysis) , . -

193

.
, .
,
.
(Security Configuration and Analysis) ,
. , . ,
,
.
, . GPO .
.

(Security Configuration and


Analysis) , .

, .
, :
1. (Security Configuration and Analysis).
2.
(Security Configuration and Analysis)
(Open Database). .
3. %SystemDrive%\Users\%UserName%\Documents\Security\Database. . (File Name) , , Current Config Comparison,
(Open).
(Security Database Files) .sdb.
4. (Import Template)
%SystemDrive%\Users\%UserName%\
Documents\Security\Templates.
. , , (Open).
.inf.
5.
(Security Configuration and Analysis) (Analyze Computer Now).
OK, .

194

Windows Server 2008

6. . , ,
(Security Configuration and Analysis)
(View Log File).
(Security Configuration and
Analysis)
. . 6-8,
, ,
(Database Setting).
(Computer Setting). , (Not Analyzed).
, :
1. (Security Configuration
and Analysis) , .
2. , . 6-9,
(Computer Setting).
(Explain).
3. , (Define This Policy Setting
In The Database). , .
4. , .
5. . ,
(Security Configuration and Analysis)
(Save).

. 6-8.

195

. 6-9.

,
,
. , .

Secedit. :
secedit /generaterollback /cfg /rbk /log

,
, , ,
.
dc
security:
secedit /generaterollback /cfg dc security.inf /rbk dc-orig.inf /log
rollback.log

,
(Security Configuration and Analysis)
(Configure Computer Now).
, . , (Security Configuration
and Analysis) (View Log File).
.

196

Windows Server 2008

, . , :
1. (Security Configuration
and Analysis)
(Security Configuration and Analysis)
(Import Template).
2. (Import Template) .
3. (Clear
This Database Before Importing) (Open).
4.
(Security Configuration and Analysis)
(Configure Computer Now). .
, . .



, . (GPO), , .
, GPO,
.

(Computer Configuration). , . ,

. , , ,
. GPO
.
:
; .
, .
.

197

,
.
.
,
.
, , ,
.
GPO
. , .
.
GPO Active Directory,
, GPO. GPO .

GPO ,
:
1. . ,
, GPO, Active Directory.
\ Windows\
(Computer Configuration\Windows Settings\
Security Settings).
2. (Security
Settings)
(Import Policy).
3. (Import Policy From)
(Open).
4. , , , .
GPO .
- .


(Security Configuration Wizard)
.
.xml, , ,
.

198

Windows Server 2008

, . , ,
, , , .
, .
(Security Configuration Wizard) :
;
;
;
.
. .


(Security Configuration Wizard) ,
.
.
,
.
(Security Configuration Wizard) :
(Role-Based Service Configuration)
, .
(Network Security) Windows
.
(Registry Settings) .
(Audit Policy) .
(Save Security Policy)
.
.
, :
1. (Security Configuration Wizard). (Start),

199

(Administrative Tools) (Security


Configuration Wizard).
(Next).
2. (Configuration Action)
(. 6-10). (Create A New Security
Policy). (Next).

. 6-10. ,

3. (Select Server) ,
, , , , . .
, (Browse). : (Select Computer) (Check Names). .
4. (Next).
. (View Configuration Database)
(Processing Security
Configuration Database), .
, (Next).
5. .
, ,
(Role-Based Service Configuration). (Next).

200

Windows Server 2008

6. (Select Server Roles),


. 6-11, . , , , .
, , . , ,
.

. 6-11.

7. (Select Client Features)


,
. , ,
, . .
, .
8. (Select Administration And Other Options) , . ,
, , . , . ,
.
9. (Select Additional Services)
,
. ,
, , .

201

10. (Handling Unspecified


Services) , , , , .
. ,
(Disable The Service). (Next).
11. (Confirm Service
Changes) , .
, .
12. (Network Security) (Next). (Network Security Rules) ,
, , .
, ,
. ,
(Next).
13. (Registry Settings)
(Next).
SMB (Require SMB Security Signatures) SMB. ,
. . .
14. (Outbound
Authentication Methods) , . ,
(Domain Accounts). .
, , (Domain Accounts)
(Local Accounts On The
Remote Computers). , . (Next).
15. (Outbound Authentication Using Domain Accounts)
, . Windows XP Professional
Windows, , . -

202

Windows Server 2008

,
. (Next).
16. (Registry Settings Summary)
,
. ,
. (Next).
17. (Audit Policy)
(Next). (System Audit Policy)
. (Do Not Audit). ,
(Audit Successful Activities). , , (Audit Successful And Unsuccessful Activities). (Next).
18. (Audit Policy Summary) , .
, .
(Next).
19. (Save Security Policy) (Next).
(Security Policy File Name)
. (View Security
Policy). , .
20. , (Include Security Templates).
(Include Security Templates)
(Add). (Open)
, .

. , , , . , -. OK.
21. %SystemRoot%
\Security\Msscw\Policies.
(Browse) . (Save).
(Security Policy File Name).
22. (Next). -

203

(Apply Security Policy) ,


. (Next) (Finish).


(Security Configuration Wizard)
.
:
1. (Security Configuration
Wizard). (Start), (Administrative Tools) (Security
Configuration Wizard).
(Next).
2. (Configuration Action) (Edit
An Existing Security Policy) (Browse). (Open) , , (Next).
XML-.
3. 322 , .


(Security Configuration
Wizard) .
:
1. (Security Configuration
Wizard). (Start), (Administrative Tools) (Security
Configuration Wizard).
(Next).
2. (Configuration Action) (Apply An Existing Security Policy) (Browse).
(Open) ,
, (Next). XML-.
3. (Select Server) ,
. .
, (Browse).
: (Select Computer)
(Check Names). .

204

Windows Server 2008

4. (Next). (Apply Security Policy) (View Security Policy), .


.
5. (Next), . , (Next)
(Finish).


(Security Configuration Wizard)
.
:
1. (Security Configuration
Wizard). (Start), (Administrative Tools) (Security
Configuration Wizard).
(Next).
2. (Configuration Action)
(Rollback The Last Applied Security Policy
(Next).
3. (Select Server) , . .
, (Browse).
: (Select Computer)
(Check Names). .
4. (Next).
(Rollback Security Configuration)
(View Rollback File) .
, .
5. (Next), . , (Next) (Finish).




. ,
, .

205

, transform
Scwcmd GPO, ,
, . GPO .

:
scwcmd transform /p: /g:GPO

XML- , GPO GPO. :


scwcmd transform /p:c:\users\wrs\documents\fspolicy.xml /g:FileServer GPO

GPO, , :
1. GPMC , .
(Linked Group
Policy Objects) GPO, ( ).
2. , GPO,
GPO (Link An Existing GPO). (Select GPO) GPO .
GPO .
GPO, Active Directory, , GPO.
:
1. GPMC , .
(Linked Group
Policy Objects) GPO, .
2. GPO.
(Link Enabled) ,
. .

II


Windows Server 2008

7.

Active Directory ..................................................... 208

8.

Active Directory ................ 230

9.

............................................. 267

10. ..................................................... 296


11. ............... 319

Active Directory

Active Directory
, .
.
Active Directory, , ,
,
. ,
Active Directory, .

Active Directory
Windows 2000 Active Directory Windows. Active Directory.
Active Directory
.

Active Directory DNS


Active Directory DNS (Domain Name
System) ,
, .
DNS ,
, . , DNS
, , zeta.microsoft.com, IP-, ,
192.168.19.2. DNS Active Directory
.
(Fully Qualified Domain Name,
FQDN), , zeta.microsoft.com. zeta , microsoft , com .
(top-level domain) DNS , , , -

Active Directory

209

. , ca .
(, com ) (, mil ).
, , microsoft.com, ,
. , , . , , ,
FQDN- jacob.seattle.microsoft.com. jacob , seattle
, microsoft.com .
.
DNS Active Directory, Active Directory DNS .
DNS 20.
Windows Server 2008 Active Directory . Active Directory,
. Active Directory, (Start) dcpromo
(Search). DNS , . ,
Active Directory , .
:
;
, Sysvol;
, DNS;
Active Directory.

, , Active Directory Active Directory.
Active Directory DNS ,
.

,

1, , Windows Server 2008, (read-only domain controller, RODC).
DNS- RODC- DNS (read-only DNS, RODNS). :
RODC , DNS, ForestDNSZones DomainDNSZones.
RODNS-. -

210

II

Windows Server 2008

RODNS- ,

, Active Directory.
DNS-, .
DNS-, . RODNS- DNS-,
. DNS-. .
Windows Server 2008,
, RODC-.
RODC.
:
Active Directory (Active Directory
Domain Services, AD DS) Windows Server 2008 Windows
Server 2003 Windows 2000 Server
(schema operations master) , adprep /forestprep.
AD DS Windows Server 2008
Windows Server 2003 Windows Server 2000, (infrastructure master) ,
adprep /domainprep /gpprep.
AD DS RODC
, adprep /rodcprep.

Windows Server 2008 Windows NT 4.0


Windows Server 2008
Windows NT 4.0. ,
Windows NT Server 4.0,
Windows Server 2008, Windows NT Server 4.0 Windows Server 2008.
:
Windows NT Server 4.0 Windows Server 2008;
Windows NT Server 4.0
Windows Server 2008.
Windows NT Server 4.0 Windows 2000 Server
Windows Server 2003. , Windows NT Server 4.0 - PDC.

Active Directory

211


Active Directory ,
. , . :
(organizational unit) , ,
.
(domain) .
(domain tree)
.
(domain forest) , .
, .
:
(subnet) IP- .
(site) . .

Active Directory . Active Directory . , microsoft.com,


microsoft.com seattle.microsoft.com ny.microsoft.com.
,
.
, .
, .
InterNIC (http://www.
internic.net).
. . , ,
(. 7-1). , , ,
, , .

212

II

Windows Server 2008


10.1.31.0/24
10.1.32.0/24

10.1.11.0/24
10.1.12.0/24
-

10.1.1.0/24
10.1.2.0/24

-e

10.1.21.0/24
10.1.22.0/24



10.1.41.0/24
10.1.42.0/24

. 7-1. (WAN)
9.
, Windows Server 2008, Active Directory
.

.
, :
Windows 2000 ( ) (Windows 2000 mixed) , Windows NT 4.0
Windows Server. ,
Windows NT 4.0 Windows
Server 2008, Windows Server 2008
Windows NT 4.0.
Windows 2000 ( ) (Windows 2000 native) , Windows 2000
.
Windows Server 2003 ,
Windows Server 2003 Windows Server 2008.
Windows Server 2008 ,
Windows Server 2008.

.


Active Directory DNS-, , microsoft.com.
, , (forest). DNS
, .

Active Directory

213

(tree),
. 7-2. msnbc.
com seattle.msnbc.com ny.msnbc.com, ,
, . , .
msnbc.com

ny.msnbc.com

seattle.msnbc.com

hr.seattle.msnbc.com

it.seattle.msnbc.com

hr.ny.msnbc.com

it.ny.msnbc.com

. 7-2.

DNS-, . . 7-3,
. msnbc.com microsoft.com
.
msnbc.com

ny.msnbc.com

seattle.msnbc.com

hr.seattle.msnbc.com

it.seattle.msnbc.com

microsoft.com

sf.microsoft.com

eng.sf.microsoft.com

bus.sf.microsoft.com

miami.microsoft.com

bus.miami.microsoft.com

. 7-3.

Active Directory (Active Directory Domains And


Trusts), . 7-4. MMC, (Administrative Tools).
.

214

II

Windows Server 2008

. 7-4. , Active
Directory (Active Directory Domains And Trusts)

.
, :
Windows 2000 ,
Windows NT 4.0 Windows Server.
Windows NT
4.0 Windows Server 2008, Windows Server
2008 Windows NT 4.0.
Windows Server 2003 Windows Server 2003 Windows Server 2008.
Windows Server 2008 Windows Server 2008.
Windows Server 2003
Active Directory, Windows 2000. , Active Directory.
, . , , , .
Windows Server 2008
Active Directory Windows Server
2003 . ,
, . , FRS DFS-.
Windows Server 2008 ,
PDC Windows Server 2008.

Active Directory

215

, ,
. , . ,
microsoft.com
HumanResources, IT, Engineering Marketing.
, , , OnlineSales, ChannelSales PrintSales Marketing.
, ,
. , seattle.microsoft.
com .
ny.microsoft.com.
,
. :

, .
.

.
,
. , , , .
Active Directory (Active
Directory Users And Computers)
(. 7-5). MMC.
(Administrative Tools).

. 7-5. Active Directory (Active Directory Users And


Computers) , ,

216

II

Windows Server 2008


IP-.
. ,
. Active Directory
, . IP-
.
. , IP-,
IP- .
/ , , 192.168.19.0/24. 192.168.19.9 255.255.255.0
192.168.19.0/24.
, . , Windows Server
2008 .

. ,
(well connected). ,
. , , . :
,
, ,
. ,
,
.
,
. , ,

.
. , , - (bridghead server). - ,
, .
Active
Directory (Active Directory Sites And Services), . 7-6. MMC,
(Administrative Tools).

Active Directory

217

. 7-6. Active Directory


(Active Directory Sites And Services)

Active Directory
Windows Server 2008 Active Directory,
DNS, Active Directory DNS . Active
Directory , . DNS ,
, . Windows Server 2008 DNS
, , zeta.microsoft.com,
IP-, , 172.16.18.8. DNS
DNS 20.

Active Directory Windows 2000



, Windows 2000, Windows XP Windows Vista
Active Directory.
Active Directory ,
, .
, , ,
.
.
, Windows 2000 Server, Windows
Server 2003 Windows Server 2008,
.
, Active Directory.
, Active Directory,
, .
Active Directory -

218

II

Windows Server 2008

.
dcpromo.exe.
. , .

.

. ,

. -,
. , . ,
,
(operations master). FSMO (flexible single master
operations), .
.
, Windows 2000,
Windows XP Professional, Windows Vista, Windows Server 2003 Windows
Server 2008, . , Active Directory
.
, , .

(global catalog, GC) Active
Directory. , . ,
,
. Windows Server 2003 Windows Server
2008 . .


, Windows NT, Windows
2000, Windows XP, Windows Vista, Windows Server 2003 Windows Server
2008, . Active
Directory , :
Windows 2000 ( ) (Windows 2000 mixed) Windows Server 2008. Windows Server
2008, Windows Server 2008
Windows NT.

Active Directory

219

, ,
Active Directory, , , , (key distribution center, KDC) Kerberos.
Windows 2000 ( ) (Windows 2000 native)
, Windows Server 2008, Windows Server 2003 Windows 2000.
Windows NT . , , Kerberos.
Windows Server 2003 Windows Server 2003 , Windows
Server 2008 Windows Server 2003. Windows NT Windows 2000 . ,
Windows Server 2003, Active Directory, , ,
, Kerberos.
Windows Server 2008 Windows Server 2008 , Windows Server
2008. Windows NT, Windows 2000
Windows Server 2003 .
Active Directory, DFS, .
Windows 2000

(primary domain
controller, PDC), (backup domain controller,
BDC) Windows NT
Windows 2000, Windows 2000.
Windows 2000, Windows Server
2003 Windows Server 2008. Windows 2000
. ,
,
Windows NT, Windows NT.
Windows 2000, :
Kerberos v5,
NTLM .
PDC BDC
Windows NT.

220

II

Windows Server 2008

Windows NT.
Windows 2000
.
Windows Server 2003

Windows NT, Windows Server 2003.


Windows 2000 Windows Server 2003 Windows Server 2008.
Windows Server 2003.
, Windows 2000, .
Adprep.exe ,
Windows Server 2003.
,
. , , . Adprep i386
Windows Server 2003.
, , dsquery server -hasfsmo schema. :

CN=CORPSERVER01,CN=Servers,CN=Default-First-Site-Name,CN=Sites,
CN=Configuration,DC=microsoft,DC=com.
, COPRSERVER01
microsoft.com.
,
, dsquery server -hasfsmo infr.

,
Active Directory.
Windows Server
2003 Windows Server 2008
. Windows
Server 2003, ,
Windows NT, Windows NT
Windows 2000 .
Windows Server 2008

Windows NT Windows 2000,


Windows Server 2008. Windows Server 2003 Windows Server 2008. Windows Server 2008.
, Windows Server 2003, Windows Server 2008,

Active Directory

221

Adprep.exe. ,
Windows Server 2008.
:
1. Sources\Adprep Windows Server
2008 adprep /forestprep. , adprep /rodcprep.
, , .
2. Sources\Adprep Windows
Server 2008 adprep /domainprep.
, .
, .
Windows Server 2008,
,
Active Directory. Windows Server 2008 .
Windows Server 2008, ,
Windows NT,
Windows NT, Windows 2000 Windows Server 2003
.


, Windows Server 2003,
Active Directory, , , ,
Kerberos.
:
;
, Windows Server
2008;
;
;

.

222

II

Windows Server 2008

, Windows Server 2003,


Active Directory,
, , , ,
.

, . 15 .
, .
.
( ).

, :
1. (Start) (Administrative Tools) Active Directory
(Active Directory Domains And Trusts).
2. , , (Raise
Domain Functional Level). (Raise Domain Functional Level), .
3. (Raise). , .
4. OK, .
.
, :
1. (Start) (Administrative Tools) Active Directory
(Active Directory Domains And Trusts).
2. Active Directory (Active Directory Domains And Trusts) (Raise Forest Functional Level).
(Raise Forest Functional Level),
.
3.
(Raise). ,
.
4. OK,
.
.

Active Directory

223


Active Directory .
.
, Active Directory, , ,
.
,
.
. , , ,
, .

Active Directory, .
, Active Directory.
.

. .
Windows Server 2008
(application directory partitions).
, ,
, , ,
. , DNS , DNS .
,
. Active Directory, Windows Server
2008, .
, ,
, .


,
, , .
(directory),
Active Directory.
Ntds.dit, Active Directory.

224

II

Windows Server 2008

NTFS,
Windows Server 2008.
. , ,
(Sysvol).
, . , ,
.
.
, . .
, ,
:
: , , .
: ,
, .
, . , Windows Server
2008, , .
,
.


,
,
.

. , , .
, . , .

,
. , . . ,

Active Directory

225


. .
, ,
, .
, . , .
,
,
.
.
, .
, .
, . , .
, .

.
, ,
, ,
.
.
. .
,
.
.

, , .
, .



. .
, , -

226

II

Windows Server 2008

,
. .
, , , . -,
, ,
8.
,
.
.
. , . , :
.
.

.
, ,
.
.
, , IP . ,
Windows Server 2008, , , . , . ,
Windows Server 2008, Windows Server 2008. , ,
8.

Active Directory
(FRS DFS), : , .
. . ,
.
, :

Active Directory

227

;
;
.
,
, ( )
.
, :
1. A.
, . ,
.
2. A. , . ,
, . .
.
3. A ,
.
,
. .
4. B .
A B
,
. A , . B.

Active Directory LDAP


(Lightweight Directory Access
Protocol, LDAP) TCP/IP-.

. LDAP
, .
Active Directory LDAP , Active Directory,
. LDAP Active Directory.

228

II

Windows Server 2008

LDAP ,
. Active Directory .
ADSI
(Active Directory Service Interface), API LDAP, RFC 1823.
ADSI Windows Script Host Active
Directory.


,
.
, . ,
.
Active Directory :
(schema master) . , . ,
,
dsquery server -hasfsmo schema.
(domain naming master) . , .
, , dsquery server -hasfsmo name.
,
, .
Active Directory :
RID (relative ID master) . , , , ,
,
RID. , RID,
dsquery server -hasfsmo rid.
PDC (PDC emulator)
, PDC Windows NT. Windows NT,
. -

Active Directory

229

, PDC ,
dsquery server -hasfsmo pdc.
(infrastructure master)
, . ,
,
. ,
, dsquery server -hasfsmo infr.
.
, RID,
PDC .
, , ,
. , .
, .
. ,
RID, PDC . .
,
. , .
, .

,
, .
. , .
. . , .
. .
RID PDC,
. , , , RID
PDC . ,
, . .


Active Directory

Active Directory
, Active Directory. , ,
. ,
Active Directory, , .

Active Directory
Active Directory , , .

Active Directory
Active Directory MMC. Active Directory:
Active Directory (Active Directory Users
And Computers) , , .
Active Directory (Active Directory Domains And
Trusts) , .
Active Directory (Active Directory Sites And Services) .
(Group Policy Management)
.
MMC
Windows, .
, ,

Active Directory

231

, 445
TCP. Windows:
(Windows Firewall: Allow Remote Administration Exception) \ \\ \
Windows\ (Computer Configuration\Administrative
Templates\Network\Network Connections\Windows Firewall\Domain Profile) netsh firewall set portopening
tcp 445 smb enable. 840634
(http://support.microsoft.com/default.aspx?scid=kb;en-us;840634).

Active Directory (Administrative Tools).


MMC. , Windows Server 2008, .
(Add Feature Wizard).
-, :
Ctrl, , .
Shift, .
, , ,
.
, ,
, , (Properties).

Active Directory
Active Directory
:
ADPREP Windows 2000 Windows 2003. adprep /forestprep adprep /domainprep, .
Windows Server 2003 SP1 , Windows Server 2008 . adprep /domainprep /gpprep. (ACE)
(GPO) Sysvol,
.
. , NT (NTFRS) . adprep /domainprep
/gpprep .

232

II

Windows Server 2008

DSADD Active Directory , , ,


.
dsadd /?, ,
dsadd computer /?.
DSGET , , , , Active Directory.
dsget /?, , dsget server /?.
DSMOVE
, .
dsmove /?.
DSQUERY Active Directory , , , , , ,
.
dsquery /?.
DSRM Active Directory. dsrm /?.
NTDSUTIL
, , , Active Directory. ntdsutil /?.

Active Directory
Windows Server 2008
Active Directory. . 8-1 , Active Directory.
. 8-1. Active Directory

ADSI Edit

Adsiedit.msc


Active Directory ,

Active Directory

Ldp.exe

LDAP
Active Directory

Dsacls.exe

ACL
Active Directory

Dfsutil.exe


(DFS)

Active Directory

233

. 8-1. ()

DNS

Dnscmd.exe

,
DNS

Repadmin.exe


Windows

Netdom.exe

Active Directory
(Active Directory Users And Computers)
Active Directory (Active Directory
Users And Computers) Active
Directory. , , , .
Active Directory
(Active Directory Users And Computers)
(Administrative Tools). ,
Active Directory
(Active Directory Users And Computers) .

Active Directory
(Active Directory Users And Computers)
Active Directory
(Active Directory Users And Computers) ,
. (. 8-1).
,
. , ,
.
Active Directory (Active Directory Users And Computers) :
(Saved Queries) , Active Directory.
Builtin .
Computers .
Domain Controllers .

234

II

Windows Server 2008

ForeignSecurityPrincipals . ,
.
Users .
Active Directory (Active
Directory Users And Computers) ,
. (View) (Advanced
Features). :
LostAndFound . .
NTDS Quotas .
Program Data Active Directory
Microsoft.
System .
, . . 8-1
: , , ,
.

. 8-1. Active Directory (Active Directory Users And


Computers)


.
Active Directory (Active
Directory Users And Computers) ,
, .
, .
,
.

Active Directory

235

, :
1. Active Directory
(Active Directory Users And Computers) (Change Domain Controller).
2. (Change Domain Controller), . 8-2, , .

. 8-2.

3. (Change To) . (Any Writable Domain Controller).


,
. ,
, .
4. Active Directory (Active Directory
Users And Computers), (Save This Setting For The Current Console).
5. OK.
(Change Domain Controller) , ,
, .
GC, , .


Active Directory (Active Directory
Users And Computers) -

236

II

Windows Server 2008

.
:
1. Active Directory (Active Directory Users And Computers) (Change Domain).
2. (Change Domain)
.
(Browse). OK.
3.
Active Directory (Active Directory Users
And Computers),
(Save This Domain Setting For The Current Console).
4. OK.


Active Directory (Active Directory
Users And Computers) ,
, .
, :
1. , ,
(Find). (Find),
. 8-3.

. 8-3. Active Directory

2. (Find) . :
, (Users, Contacts And Groups)
, ,
.

Active Directory

237

(Computers)
, .
(Printers) , .
(Shared Folders)
.
(Organizational Units)
.
(Custom Search)
LDAP.
(Common Queries)
, ,

.
3. (In) ,
. , ,
Computers, .
, Active Directory (Entire
Directory).
4. (Find Now). . 8-4.
. .

. 8-4. .

238

II

Windows Server 2008

(Find) . (Name). .
, ,
, , , . .


Active Directory . .
Active Directory (Active Directory
Users And Computers),
Computers, Domain Controllers, .

, , , . Computers Domain Controllers


. ,
Active Directory
(Active Directory Users And Computers).

Active Directory
(Active Directory Users And Computers)

: . Active Directory
(Active Directory Users And Computers)
, :
1. Active Directory (Active Directory Users And Computers) , .
2. (New) (Computer). (New Object Computer Wizard),
. 8-5. .
3.
(Domains Admins).

, (Change) : (Select User Or Group).

Active Directory

239

.

.

4. Windows NT,
-Windows 2000 (Assign This Computer Account As A PreWindows
2000 Computer).
5. (Next), (Finish).

. 8-5.

(managed)
,
Windows. Active Directory (Active
Directory Users And Computers), :
1. 14 .
(Next), (Managed).
2. (This Is A Managed
Computer) GUID/UUID . GUID/UUID BIOS;
. (Next).
3. - (Host Server) -,
, -.
-,
(The Following Remote Installation Server) (Find). (Find)
(Find Now) -

240

II

Windows Server 2008

. -, ,
OK.
4. (Next) (Finish).

, :
1. Active Directory (Active Directory Users And Computers).
.
2. ,
.
3. , , (Properties).
, .
,

, Active Directory ,
.
, ,
:
1. Active Directory (Active Directory Users And Computers). , . .
2. (Delete),
. (Yes), .
3. (Disable Account), . (Yes), .
4. (Enable Account),
.
, , , .
(Sessions) (Computer Management).

, . , ,
.
, 30 , ,

Active Directory

241


. 30 . . , Netlogon

3210 5722.
.
Active Directory (Active Directory Users
And Computers)
(Reset Account). (
), .
NETDOM. 325850 (http://support.
microsoft.com/default.aspx?scid=kb;en-us;325850).
, :
1. . netdom
resetpwd /s: /ud:\ /pd:*, ,
, \ , , *
, .
2. . NETDOM
.

.
3. .
.
, Kerberos (Kerberos Key Distribution Center)
.
,
Kerberos (Kerberos Key Distribution Center) .


Computers, Domain Controllers ,
. , Active Directory (Active
Directory Users And Computers)
.

242

II

Windows Server 2008

, :
1. Active Directory (Active Directory Users And Computers).
2. ,
.
3.
(Move). , . 8-6.
4. (Move) , . OK.

. 8-6. (Move)

(Computer Management)
.
(Computer Management)
Active Directory (Active Directory
Users And Computers), (Manage).
(Computer Management) .


Windows NT, Windows 2000, Windows XP, Windows Server
2003 Windows Server 2008 .
Windows 95 Windows 98
.

Active Directory

243

Windows 95 Windows 98
Active Directory.
, . . TCP/IP
17. TCP/IP
.
DHCP, WINS DNS, IP- .
, .
Widows Server 2008
(Authenticated Users). , , , , . ,
, .
, , Windows NT ,
. Windows 2000
Windows XP ,
, , . Ldp.exe Windows Server 2008 Support
Tools ( ms-DS-MachineAccountQuota)
, , .

- .

, , . , . . ,
Windows Vista
Windows Server 2008,
(Computer Name) 3. Windows 2000 Professional, Windows 2000 Server,
Windows XP Professional Windows Server 2003.
,
, . , , . , , ,
Windows, , .

244

II

Windows Server 2008

. ,
TCP/IP DNS- ( 17).

,

Active Directory
, 7.


Active
Directory . , , , , . ,
, , ,
, 7.
, , .
, Active Directory
DNS. ,

. , , . , .
, Windows Server 2003 Windows Server
2008 . .
, , ,
, , . .
, , .

, :
1. , .
(Roles) (Add Roles) . (Add Roles
Wizard). (Before You Begin), (Next).
2. (Select Server Roles)
Active Directory (Active Directory Domain
Services), (Next) (Install).

Active Directory

245

3. (Start), dcpromo
(Search) Enter.
Active Directory (Active Directory Domain Services Installation Wizard).
4. ,
Active Directory. ,
. :
(Directory Service) , , Sysvol, DNS,
Active Directory.
, :
1. , .
(Start), dcpromo (Search)
Enter. Active Directory (Active Directory Domain Services Installation Wizard).
2. , . .
3. (Roles)
(Remove Roles) . (Remove Roles Wizard). (Before You Begin),
(Next).
4. (Remove Server Roles)
Active Directory (Active Directory Domain
Services), (Next). , (Finish).
! DCPROMO
. 332199 ,
dcpromo /forceremoval. FSMO ,
.
, . , , 216498
(http://support.microsoft.com/kb/216498/en-us).
. Windows Server 2003 Windows
Server 2008. ,
, Windows Server 2003
Windows Server 2008. ,

246

II

Windows Server 2008


. ,
.



Active Directory (Active Directory Users And Computers). RID, PDC .

7.
Active Directory (Active Directory Domains And Trusts),
Active Directory (Active Directory Schema). FSMO,
netdom query fsmo.

, :
1. Active Directory (Active Directory Users And Computers) Active Directory (Active Directory Users And Computers). (All Tasks)
(Operations Masters).
(Operations Masters), . 8-7.

. 8-7. (Operations Masters)


Active Directory

247

2. (Operations Masters) . RID


RID. PDC PDC.
(Infrastructure) .
, :
1. Active Directory (Active Directory Users And Computers).
Active Directory (Active
Directory Users And Computers) (Change Domain Controller).
2. (Change Domain Controller) (This Domain
Controller), , OK.
3. Active Directory
(Active Directory Users And Computers).
(All Tasks) (Operations Masters).
4. (Operations Masters)
RID, PDC (Infrastructure) , .
5. (Change). OK.



Active Directory
(Active Directory Domains And Trusts). .
, , , . ,
Active Directory (Active Directory Domains And Trusts) .

, :
1. Active Directory (Active Directory Domains And Trusts).
Active Directory (Active Directory Domains
And Trusts) Active Directory
(Change Active Directory Domain Controller).

248

II

Windows Server 2008

2. (Change Active Directory


Domain Controller)
(This Domain Controller), ,
, OK.
3. Active Directory (Active Directory Domains And Trusts) (Operations Master).
(Change Operations Master).
4. (Domain Naming Operations Master) .

(Change).
5. (Close).


Active Directory (Active Directory Schema), Windows Server 2008. regsvr32 schmmgmt.dll.
, :
1. Active Directory (Active Directory Schema)
MMC.
2. Active Directory
(Active Directory Schema) Active Directory (Change Domain Controller).
3.
(Any Domain Controller), Active Directory
. (Specify Name) , , zeta.seattle.cpandl.com.
4. OK.
Active Directory (Active Directory Schema) (Operations Master).
5. (Change Schema Master) (Change). OK (Close).


NETDOM.
FSMO
Ntdsutil.exe. Ntdsutil.
exe Active Directory.
:

Active Directory

249

1. FSMO.
netdom query fsmo.
2. ,
. .
3. (Start), (Run),
cmd (Open) OK.
4. ntdsutil.
.
5. roles, .
6. fsmo maintenance connections.
server connections connect to server FQDN- , FSMO, :
connect to server engdc01.technology.adatum.com

7. , quit, server connections. fsmo maintenance


transfer :
pdc PDC;
rid master RID;
infrastructure master ;
schema master ;
domain naming master .
8. fsmo maintenance quit, quit ntdsutil.


, , , , RID.
, , , RID .
! , , ,
, .

Windows Server 2008. FSMO , , Active Directory .
216498 (http://support.microsoft.com/default.aspx?scid=kb;en-us;216498).

, ,

250

II

Windows Server 2008

. Active Directory

(USN). , ,
- .
USN , ,
. , . , ,
.
Windows Server 2008 Repadmin
Active Directory. USN
,
:
repadmin /showutdvec

FQDN- ,
, , :
repadmin /showutdvec server252.cpandl.com dc=cpandl,dc=com

USN :
Default-First-Site-Name\SERVER252 @ USN 45164 @ Time 2008-03-30 14:25:36
Default-First-Site-Name\SERVER147 @ USN 45414 @ Time 2008-03-30 14:25:36

Server252 , ,
, USN,
Server252, .
USN, Server252, ,

.
Repadmin /Syncall.
:
1. netdom query fsmo,
FSMO.
2. , , ,
, .
, (, , ).
3. ,
. .
4. .

Active Directory

251

5. ntdsutil.
6. ntdsutil roles, .
7. fsmo maintenance connections.
server connections connect to server FQDN- , FSMO, :
connect to server engdc01.technology.adatum.com

8. , quit, server connections. fsmo maintenance seize


, :
pdc PDC;
rid master RID;
infrastructure master ;
schema master ;
domain naming master .
9. fsmo maintenance quit, quit ntdsutil.


, 7.

. ,
, ,
, . .
, :
1. Active Directory (Active Directory Sites
And Services) , .
2. Servers , .
3. NTDS Settings
(Properties).
4. , (Global Catalog)
(General).
5. ,
(Global Catalog) (General).

252

II

Windows Server 2008

! , .
, Active Directory.


. , Windows Server 2008, , ,
.
,
7.

, :
1. Active Directory (Active Directory Sites
And Services) , .
2. NTDS Site Settings (Properties).
3. , (Enable Universal Group Membership Caching) (Site Settings). (Refresh Cache
From) , .
.
4. ,
(Enable Universal Group Membership Caching)
(Site Settings).
5. OK.


7,
, . .
, .



. ,
, ,
. .

Active Directory

253

, :
1. Active Directory (Active Directory Users And Computers) , .
(New) (Organizational Unit).
2. OK.
3. .


:
1. Active Directory (Active Directory Users And Computers).
2. , ,
(Properties).


,
:
1. Active Directory (Active Directory Users And Computers) ,
.
2. , (Delete).
(Yes), .
3. ,
(Rename). Enter.


, Active Directory (Active
Directory Users And Computers) .
:
1. Active Directory (Active Directory Users And Computers) ,
. (Move).
2. (Move)
, . OK.


Active Directory Active Directory

254

II

Windows Server 2008

.
Default-First-Site-Name, DEFAULTIPSITELINK.

. .
:
1. .
2. .
3. .
4. . .
.


,
. , :
1. Active Directory (Active Directory Sites
And Services) Sites (New Site).
2. (New Object Site), . 8-8, , , ChicagoSite.
, .

. 8-8.

3. ,
. , ,
, .

Active Directory

255

4. OK. , .
OK.
5. , .
.
Active Directory (Active Directory Sites And Services)
(Rename).
Enter.


, , . ,
, IP- , . ,
.
, :
1. Active Directory (Active Directory Sites
And Services) Subnet (New Subnet). (New Object Subnet),
. 8-9.

. 8-9.

256

II

Windows Server 2008

2. (Prefix) IPv4 IPv6


: , ,
. , 192.168.5.0,
24 , 192.168.5.0/24.
3. , , OK.
. Active Directory (Active Directory Sites And Services)
Subnets (General)
(Site).


, , . , .
, ,
, .
.
, IP-
IP- .
; , .
,
, . :
dsquery server -s | dsget server site

FQDN- , :
dsquery server -s server241.cpandl.com | dsget server site

, ,
.
, :
1. Active Directory (Active Directory Sites
And Services) , ,
Servers. , .
2. (Move). (Move
Server) , , OK.

Active Directory

257

, , .
, , ,
.


IP-, . ,
.
(site link)
. , ,
.
, , .
24 7
. ,
, ,
.
,
(cost), . 100.
,
.
, , .

RPC IP SMTP. IP RPC IP,
, Active Directory.
RPC IP
.
SMTP
, .
. ,
. SMTP ,
.
SMTP, .
SMTP, . IP .

258

II

Windows Server 2008

,
:
1. Active Directory (Active Directory Sites
And Services) Sites Inter-Site Transports.
2. , (IP SMTP),
(New Site Link).
3. (New Object Site
Link), . 8-10, , , ChicagotoSeattleLink.
, .

. 8-10.

4. (Sites Not In This Site Link) , , (Add),


(Sites In This Site Link). ,
. . OK.
, , . ,
:
1. Active Directory (Active Directory Sites
And Services)
(Properties).
2.
(General). (Cost)
. 100.

Active Directory

259

3. (Replicate Every) . 180 .


4. 24 , 7 .
, (Change Schedule) (Schedule For). OK.
, ,
:
1. Active Directory (Active Directory Sites
And Services)
(Properties).
2.
(General). (Sites Not In This Site
Link) , , (Add),
(Sites In This Site Link). ,
.
3. ,
, (Remove), (Sites Not In This Site
Link). ,
, OK.


. , . . ,
.
,
, ,
, .
, .
,
,
. ,
.
, . , ,
, .
, , . -

260

II

Windows Server 2008

, , . .
,
, .
Active Directory . , ,
, , . :
1. Active Directory (Active Directory Sites
And Services) Sites Inter-Site Transports.
2. , (IP SMTP),
(Properties).
3. , (Bridge All Site Links)
OK.
.
4. , (Bridge All Site Links)
OK. , .
,
, :
1. Active Directory (Active Directory Sites
And Services) Sites Inter-Site Transports.
2. , (IP SMTP),
(New Site Link Bridge).
3. (New Object
Site Link Bridge) . , .
4. , (Site Links Not In
This Site Link Bridge) , ,
(Add), ,
(Site Links In This Site Link Bridge).
, . . OK.
, , :
1. Active Directory (Active Directory Sites And
Services) ,
, (Properties).

Active Directory

261

2. (General). , (Site Links


Not In This Site Link Bridge) ,
, (Add),
, (Site Links In This Site
Link Bridge). , .
3. , (Site Links In This Site
Link Bridge) ,
, (Remove),
, (Site Links Not In This Site
Link Bridge). , . OK.

Active Directory
Active Directory
. , ,
.

ADSI (ADSI Edit)


Active Directory ADSI (ADSI Edit). . ,
,
, (Configuration)
RootDSE. , .
ADSI (ADSI Edit)
MMC, :
1. (Start), mmc (Search)
Enter.
2. (File) (Add/Remove Snap-In).
3. (Add Or Remove
Snap-Ins) ADSI (ADSI Edit) (Add). OK.
, :
1. MMC
ADSI (ADSI Edit) (Connect To).
(Connection Settings), . 8-11.

262

II

Windows Server 2008

. 8-11.

2. (Connection Settings)

(Select A Well Known Naming Context). ,
.
3. OK, . (Select Or Type A Domain Or Server)
,
, , , FileServer252.
cpandl.com:389. 389 LDAP.

. 8-12. ,

, , . . 8-12,

Active Directory

263

.

.

.


(Iter-Site Topology Generator, ISTG) . , ISTG
, , .
ISTG , .
, ISTG,
:
1. Active Directory (Active Directory Sites
And Services) Sites, ,
ISTG.
2. NTDS Site Settings. ISGT
(Inter-Site
Topology Generator).
-
, ISTG
. , ISTG -
,
.
ISTG - Active
Directory, , . , .
, -, , . -, . , :
repadmin /bridgeheads site:

, :
repadmin /bridgeheads site:SacramentoSite

- , ,

264

II

Windows Server 2008

- . ,
ISTG -. - , ,
-.
. ISTG .
ISTG - .
-
. , -
.
, , ISTG (Directory Services) .
-,
:
1. Active Directory (Active Directory Sites
And Services) , ,
Servers. ,
-,
(Properties).
2.
(Transports Available For Inter-Site Data Transfer) , .
(Add).
IP SMTP, . OK.
-, .
, .
, -
ISTG -.
, :
1. Active Directory (Active Directory Sites
And Services) , -,
(Properties).
2. -
(This Server Is A Preferred Bridgehead Server
For The Following Transports) (Remove).
OK.

Active Directory

265

Active Directory

, , - . , .
Active
Directory, . , Active Directory
, LDAP, DNS, Kerberos v5 RPC.
, . Active
Directory TCP UDP. :
LDAP 389 TCP UDP 686 TCP .
3268 TCP. Kerberos v5 88 TCP UDP.
DNS 53 TCP UDP.
SMB IP 445 TCP UDP.
, Sysvol Active Directory
(FRS), (DFS).

.
Active Directory
(update sequence number, USN).
,
, .
, .
. uSNChange,
USN, .
USN,
USN . USN . USN ,
, ,
. USN
, .

266

II

Windows Server 2008

Repadmin. Repadmin, ,
, . DCList :
* .
* ,
.
Site: .
Gc: .
Repadmin , ,
, . . 8-2.
. 8-2.


(Knowledge Consistency Check, KCC)

repadmin /kcc DCList [/async]

-
DCList.

repadmin /bridgeheads DCList ]


[/verbose]

repadmin /showoutcalls DCList

repadmin /showtrust DCList

, KCC

repadmin /failcache DCList

repadmin /showconn DCList

repadmin /showctx DCList

ISTG

repadmin istg DCList [/verbose]

repadmin /showrepl DCList

repadmin /replsummary DCList

repadmin /showcert DCList

repadmin /queue DCList


ISTG Keep Alive

repadmin /latency DCList


[/verbose]


Windows Server 2008. 8 ,
.
.

. ,
, , ,
.

.

. ,
. , , .

Windows Server 2008


Windows Server 2008 , . .


Windows Server 2008 , . , ,
,
Active Directory.
, , , , .

268

II

Windows Server 2008

Windows Server 2008 . Windows 2000, Active Directory


Kerberos v5.
NTLM .
NTLM, : LAN Manager
(Network Security: LAN Manager Authentication Level).

NTLMv2 (Send NTLMv2 Response Only),

NTLM Version 2, . ,
Active Directory .
Windows Server
2008 (Single Sign-On),
:
1. , - .
2. .
, .
Active Directory,
.
3.
.
, , ( ). ,
,
.
Windows Server 2008 Active Directory
(Active Directory Federation Services, ADFS), . , ,
.
,
-, .
(Federated Authorization).
, ,
.

269


Active Directory -
. , , ,
. , :
, ;
, ;
;
.

(access control entry, ACE). Active Directory
. ,
. ,
(Domain Admins) , .
, :
.
.
ACE , .



Windows Server 2008 ( ).
.
.
. .
Windows Server 2008 InetOrgPerson.
, , -, . InetOrgPerson
X.500 LDAP
, .
InetOrgPerson, .
, . InetOrgPerson
Windows Server 2008.
InetOrgPerson, , , .
InetOrgPerson - -

270

II

Windows Server 2008

Active Directory (Active Directory Users


And Computers) User.


Windows Server 2008 :
, Active Directory. . Active Directory
(Active Directory Users And Computers).
,
. ,
. (Local
Users And Groups).

.
(SAM) Active
Directory .

.
Windows Server 2008 :
.
,
.
Windows Server 2008 wrstanek,
cpandl.com,
wrstanek@cpandl.com. Windows Windows 2000
CPANDL\wrstanek.
Active Directory, (fuly qualified domain name,
FQDN). FQDN- DNS- ,
, , . cpandl.com\users\wrstanek DNS cpandl.com ( ) users
wrstanek.

. . .
, -

271

- .

Windows Server
2008 ,
(security identifier, SID) , .
SID
(relative identifier, RID), RID.
Windows Sever 2008 SID .
.
, , - , .
, Windows Server 2008
.
SID .
, SID,
,
.


, Windows Server 2008
. ,
, . , ,
. ,
, .
, , .
Active Directory
,
\_. , cpandl\gmarketing
gmarketing cpandl.
FQDN- DNS- , , , .
cpandl.com\users\gmarketing cpandl.com
DNS- , users , gmarketing
.

272

II

Windows Server 2008

, ,
, . , marketing,
. , , ,
. , .
.

Windows Server 2008 :


,
. (Local Users And Groups).
,
. Active Directory (Active
Directory Users And Computers).
,
. . Active Directory (Active
Directory Users And Computers).
, ,
, .
.

Active Directory
(domain local), (built-in
local), (global) (universal) .
, , . ,
. ,
.
, .
.
, .

, .
,
,

273

, .
, .
,
,
.
,
. Active Directory Windows 2000 Windows Server 2008.
.
. . .
.
, .
, .

,
. 9-1. 10.
. 9-1.

Windows 2000

,
;

Windows 2000

274

II

Windows Server 2008

. 9-1. ()

, , SID. ,
, , .
, .
Windows Server 2008 . SID ,
SID , .
. :

.
,
.
, , .
.
.

, .
,
.
,
. , :

275

. , ,
.

. , .
. .
.
,
,
.
, ,
, . .
, .

, .
, , -.
, . Seattle, Chicago NY. :
( ). . ,
-, .
MarketingPrinter MarketingData.
, . , -.
, , - .
, :
1. . Seattle GMarketing . Chicago
GMarketing .
, NY GMarketing -.
2.
. LocalMarketingPrinter,

276

II

Windows Server 2008

LocalMarketingData. Seattle, Chicago NY .


3. UMarketing .
Seattle\GMarketing, Chicago\GMarketing NY\
GMarketing.
4. UMarketing LocalMarketingPrinter LocalMarketingData .
.


Windows Server 2008
. . :
(built-in) , , .
(predefined)
, .
(implicit) , .
,
, .


Windows Server 2008
. Windows Server 2008
:
(Local System) .
(Administrators)
. ,
, .
(LocalSystem) .
. , ,
LocalService NetworkService.
LocalService , . (Users) ,
NetworkService,
. -

277

,
.
NetworkService , .
(Users) , ,
(LocalSystem), , LocalService. ,
,
.

.
, .
IIS ,
IUSR_hostname, hostname .
IUSR_hostname IIS. Active Directory,
IIS . ISS
.


Windows Server 2008 , (Administrator)
(Guest). , .
Active Directory.
.
(Administrator)

(Administrator) , , .
. Active Directory
(Administrator)
. (Administrator), ,
. (Administrator), .
14.

, . ,
(Administrator),

278

II

Windows Server 2008

, . , , .

,
(Administrator) . , , . (Administrator) : (Administrators),
(Domain Admins), (Domain Users), (Enterprise Admins), -
(Group Policy Creator Owners) (Schema
Admins).
.

(Administrator) , ,
. . ,
.
(Administrators).
, (Administrator).
, , . (Administrator).

, .
(Administrator) .

(Guest)

,
, , .
, ,
. , Windows
Server 2008 .
(Guest)
(Domain Guests) (Guests). ,
,
(Everyone). (Everyone) . (Everyone) .
(Guest),
, .
(Administrator),
.

279



Windows Server 2008 . , ,
(Administrators).


Windows NT
, . , ,
(Interactive). Windows 2000 -
. - , ,
.
, (special identity).
,
, , , , . ,
.
.


, . ,
,
. , .
Windows Server 2008 :
(priviledge) .
, . .
(logon right) .
, .
.
(built-in capabilities)
. -

280

II

Windows Server 2008

,
, .

, . .
, (Administrators), ,
.
(access permission) , . , .

. 15.

. . ,
, .
,
.


. , , . , ,
.
.
. 9-2 ,
. 10.
. 9-2. Windows Server 2008


(Back Up
Files And Directories)


(Lock Pages
In Memory)


(Restore Files And
Directories)

281

. 9-2. ()



(Perform Volume
Maintenance Tasks)



(Add Workstations To
Domain)


(Shut Down
The System)



(Load And Unload
Device Drivers)


Plug and Play.
,


(Replace A
Process Level Token)


(Modify An
Object Label)

, , ,
, .
. ,
,
, ,



(Modify Firmware
Environment Values)


(Change The
System Time)


(Change The
Time Zone)

(Impersonate A Client
After Authentication)

-
.

282

II

Windows Server 2008

. 9-2. ()


(Adjust
Memory Quotas For
A Process)


(Bypass
Traverse Checking)

,
,
.


(Remove Computer
From Docking Station)


(Debug Programs)

(Force Shutdown
Of A Remote System)

(Profile A
Single Process)

(Profile System
Performance)



(Act As Part Of The
Operating System)



. , ,
(LocalSystem),



(Enable User
And Computer Accounts
To Be Trusted For
Delegation)


,
(
)


(Synchronize Directory
Service Data)

283

. 9-2. ()


(Take Ownership Of
Files Or Other Objects)

Active Directory


(Generate
Security Audits)


(Create Global
Objects)

.

LocalService NetworkService


(Create A
Token Object)

-,
.
(LocalSystem),



(Create Permanent
Shared Objects)

.
,

(Create
Symbolic Link)

, ,
.
,
. ,


(Create
A Pagefile)


(Increase
Scheduling Priority)


,
( )



(Increase A Process
Working Set)


, . , .


(Manage Auditing
And Security Log)

284

II

Windows Server 2008


(logon right) , . , .
. 9-3 . , , 10.
. 9-3. Windows Server 2008


(Log On As A Batch
Job)


(Log On As A Service)

.
(LocalSystem)
. , ,




(Access Credential Manager
As A Trusted Caller)


(Credential Manager).
, ,
-,


(Access This Computer
From The Network)



(Deny Logon Through
Terminal Services)


(Deny Logon Locally)


(Allow Log On Locally)


.
.

(Administrators), (Account
Operators), (Backup Operators),
(Print Operators)
(Server Operators).


(Deny
Access To This Computer
From The Network)

285

. 9-3. ()

(Deny
Logon As Batch Job)

(Deny Logon As
Service)



(Allow Log On Through
Terminal Services)

Active Directory
Active Directory . .
9-4
Active Directory ( , ). ,
, (Everyone), , (Guests). ,
(Guests)
, - , (Everyone).
. 9-4. Active Directory


(Back Up Files And Directories)

(Administrators),
(Server Operators),
(Backup Operators)


(Restore Files And
Directories)

(Administrators),
(Server Operators),
(Backup Operators)


(Log On As A Batch Job)

(Administrators),
(Backup Operators),
(Performance
Log Users), IIS_IUSRS

(Perform Volume
Maintenance Tasks)

(Administrators)


(Add Workstations To
Domain)

(Authenticated Users)

286

II

Windows Server 2008

. 9-4. ()


(Access This Computer From The
Network)

(Everyone), (Autentifica-ted Users), (Administrators), -Windows 2000 (Pre-Windows


2000 Compatible Access),
(ENTERPRISE
DOMAIN CONTROLLERS)


(Shut Down
The System)

(Administrators),
(Server Operators),
(Print Operators), (Backup
Operators)


(Load And Unload
Device Drivers)

(Administrators),
(Print Operators)


(Replace A Processlevel Token)

LOCAL SERVICE, NETWORK SERVICE


(Modify Firmware
Environment Values)

(Administrators)


(Change The System Time)

LOCAL SERVICE, (Administrators), (Server Operators)


(Change The Time Zone)

LOCAL SERVICE, (Administrators), (Server Operators)

(Impersonate
A Client After Authentication)

LOCAL SERVICE, NETWORK SERVICE,


(Administrators), IIS_IUSRS,
(SERVICE)


(Allow Log On Locally)

(Administrators),
(Account Operators),
(Server Operators), (Print
Operators), (Backup
Operators)

(Adjust Memory Quotas For


A Process)

LOCAL SERVICE, NETWORK SERVICE,


(Administrators)


(Bypass Traverse Checking)

(Everyone), (Authentica-ted Users), LOCAL SERVICE, NETWORK


SERVICE, (Administrators),
-Windows 2000 (Pre-Windows 2000
Compatible Access)

(Remove Computer From Docking Station)

(Administrators)

287

. 9-4. ()

(Debug
Programs)

(Administrators)

(Force Shutdown From A Remote System)

(Administrators),
(Server Operators)


(Profile Single Process)

(Administrators)

(Profile System Performance)

(Administrators)


(Allow Log
On Through Terminal Services)

(Administrators)


(Enable User And Computer Accounts
To Be Trusted For Delegation)

(Administrators)

(Take Ownership Of
Files Or Other Objects)

(Administrators)


(Generate Security Audits)

LOCAL SERVICE, NETWORK SERVICE


(Create Global Objects)

LOCAL SERVICE, NETWORK SERVICE,


(Administrators),
(SERVICE)


(Create Symbolic Links)

(Administrators)


(Create A Pagefile)

(Administrators)

(Increase Scheduling
Priority)

(Administrators)


(Increase A Process
Working Set)

(Users)


(Manage Auditing
And Security Log)

(Administrators)

288

II

Windows Server 2008

. 9-5
. , .
. 9-5.


(Access This Computer From The
Network)

(Everyone), (Administrators), (Users),


(Backup Operators)

(Adjust Memory Quotas For


A Process)

LOCAL SERVICE, NETWORK SERVICE,


(Administrators)


(Allow Log On Locally)

(Administrators), (Users), (Backup


Operators)


(Allow Log
On Through Terminal Services)

(Administrators), (Remote Desktop Users)


(Back Up Files And Directories)

(Administrators),
(Backup Operators)


(Bypass Traverse Checking)

(Everyone), LOCAL SERVICE, NETWORK


SERVICE, (Administrators),
(Users),
(Backup Operators)


(Change The System Time)

LOCAL SERVICE,
(Administrators)


(Change The Time Zone)

LOCAL SERVICE,
(Administrators)


(Create A Pagefile)

(Administrators)


(Create Global Objects)

LOCAL SERVICE, NETWORK SERVICE,


(Administrators),
(SERVICE)


(Create Symbolic Links)

(Administrators)

(Debug
Programs)

(Administrators)

(Force Shutdown From A Remote System)

(Administrators)


(Generate Security Audits)

LOCAL SERVICE, NETWORK SERVICE

(Impersonate A
Client After Authentication)

LOCAL SERVICE, NETWORK SERVICE,


(Administrators), IIS_IUSRS,
(SERVICE)

289

. 9-5. ()


(Increase A Process
Working Set)

(Users)

(Increase Scheduling
Priority)

(Administrators)


(Load And Unload
Device Drivers)

(Administrators)


(Log On As A Batch Job)

(Administrators),
(Backup Operators),
(Performance
Log Users), IIS_IUSRS


(Manage Auditing
And Security Log)

(Administrators)


(Modify Firmware
Environment Values)

(Administrators)

(Perform Volume
Maintenance Tasks)

(Administrators)

(Profile Single Process)

(Administrators)

(Profile
System Performance)

(Administrators)


(Remove
Computer From Docking Station)

(Administrators)


(Replace A Process-level Token)

LOCAL SERVICE, NETWORK SERVICE

(Restore Files And


Directories)

(Administrators),
(Backup Operators)


(Shut Down The System)

(Administrators),
(Backup Operators)

(Take Ownership Of
Files Or Other Objects)

(Administrators)

290

II

Windows Server 2008

. 9-6 ,
. , , (Administrator), ,
(Administrators), (Server Operators),
(Account Operators), (Backup Operators)
(Print Operators). (Account Operators)
.
. 9-6.

(Perform Cryptographic Operations)

Administrators),
(Cryptographic
Operators)


(Modify The
Membership Of A
Group)

(Administrators),
(Account Operators)

(Monitor
Performance Logs)

(Administrators), (Performance
Monitor Users)


(Assign
User Rights)

(Administrators)


(Reset Passwords On
User Accounts)

(Administrators),
(Account Operators)


(Create And
Delete Groups)

(Administrators),
(Account Operators)


(Create
And Delete Printers)

(Administrators),
(Server Operators),
(Print
Operators)

291

. 9-6. ()

,
(Create,
Delete, And Manage
User Accounts)

(Administrators),
(Account Operators)

(Manage
Performance Logs)

(Administrators),
(Performance Log Users)


(Manage Network
Configuration)

(Administrators),
(Network
Configuration Operators)

(Manage
Printers)

(Administrators), (Server Operators),


(Print
Operators)



(Manage Group
Policy Links)


,
,

(Administrators)


(Read Event
Logs)

(Administrators), (Event Log


Readers)



(Read All User
Information)

(Administrators), (Server Operators),


(Account
Operators)


.
Windows Server 2008.
, . .

292

II

Windows Server 2008


,
, , ,
, . : (Administrators),
(Domain Admins) (Enterprise Admins). . 9-7 .
. 9-7.

(Administrators)

Active
Directory

(Administrator),
(Domain Admins),

(Enterprise
Admins)

(Administrators)

(Administrators)

, ,

(Administrator)

(Administrators)

(Domain
Admins)

Active
Directory

(Administrator)

(Administrators)

(Enterprise
Admins)

Active
Directory

(Administrator)

(Administrators)

(Administrator)
(Domain Admins) (Enterprise
Admins) (Administrators).
(Administrator) .
(Domain Admins) . (Enterprise Admins)
. (Enterprise Admins) (Administrators).

293

(Administrators) ,
( ).
.
, . (Administrators).
(Domain Admins) ,
.
,
(Administrators).
- ,
.
Windows Server 2008
(Administrator) (Domain
Admins). , , , ,
. ,
(Administrator) (Domain Admins).

(Enterprise Admins)
,
(Administrators). - , .
Windows Server 2008
(Administrator)
(Enterprise Admins). , , , ,
. ,
(Administrator) (Enterprise Admins).


Windows Server 2008 , . . , Active Directory.
:
Proxy , . .
Self .

294

II

Windows Server 2008

System Windows Server 2008. , .


(Anonymous Logon)
,
. , , , .
(Everyone) (Everyone) , , , . .
- (Creator Group) Windows Server 2008
, , , ()
.
(Interactive) , .
.
(Enterprise Domain Controllers)
, . .
(Restricted) .
(Batch) , .
, , , .
(Terminal Server User)
, .
.
(Authenticated Users)
, .
(Network) ,
.
.
(Service) , .
, Windows Server 2008.

295

- (Creator Owner)
, .
Windows Server 2008 , .
(Dial-Up) , . ,
.

10

.
Windows Server 2008
, . , , :
Active Directory (Active Directory
Users And Computers) Active Directory.
(Local Users And Groups)
.
,
.


.
, . ,
,
.



.
. (display name) ,
.
(logon name) . ,
9.

10

297

, , ,
:

.
.
64 .
, .

:
, .
256 , (
64 ).
Windows
2000. 20 .
Windows 2000
.
Windows 2000 , , .
:
/\[];|=,+*?<>

, , , .
.
Windows Server 2008 ,
, . , (Administrator)
(Administrator), (administrator)
(ADMINISTRATOR).

. , , , , ,
.
,
, -

298

II

Windows Server 2008

, .
:
;
;
;
;
.

, , ,
20 . -, .
-
.


. .

, 127 Active Directory


14 Windows NT. ( ),
. Windows Server 2008 .
.
.
,
. ,
, . , , , happidays, ,
, haPPy2Days&, Ha**y!dayS h*PPY%d*ys.
, ,
. ,
: 99 10?. , , . .
, ,
, .
, .
.

10

299

,
.
5. ,
.
GPO . GPO- Default Domain Policy. Default
Domain Policy GPO, , :
1.
(Computer Configuration), Windows (Windows Settings), (Security Settings) (Account Policies), . 10-1.
, .
, , .
, . GPO 1,
.

. 10-1.
(Account Policies)

2. (Password Policy), (Account


Lockout Policy) Kerberos (Kerberos Policy). , (Properties). , . 10-2.

300

II

Windows Server 2008

Kerberos , .
,
.

.10-2.

3. () ( ). , , .
(Define This Policy
Setting), .
.
(Enabled) (Disabled).
(Enabled) , .
(Disabled) .
, - . , (Disable Log On As A Service)
(Log On As A Service).


, : ,
Kerberos. ,
.

10

301


:
(Enforce Password History).
(Maximum Password Age).
(Minimum Password Age).
(Minimum Password Length).
(Passwords Must Meet
Complexity Requirements).
, (Store Password Using Reversible Encryption For All Users In The Domain).
.
(Enforce Password History)

(Enforce Password History)


. . (password history) Windows Server 2008
24 .
,
(Passwords Remembered). , .

(Enforce Password History), . , .
(Minimum Password Age),
.

(Maximum Password Age)

(Maximum Password Age)


, . .
, . ,
, .
0 999.
. .

.
30, 60 90 . ,
120, 150 180 .

302

II

Windows Server 2008

Windows Server 2008


. 30 ,
, .

(Minimum Password Age)

(Minimum Password Age)


, ,
. ,
,
.
, . 3
7 . , ,
, . ,
. , .
(Minimum Password Length)

(Minimum Password Length) .


, .
(
), , , .
, . : , .
, 14
.

(Passwords Must Meet Complexity Requirements)

Windows Server 2008 . :


.
, , .
, ,
: , , .
, (Passwords Must
Meet Complexity Requirements).

10

303

, (Store Password
Using Reversible Encryption For All Users In The Domain)

. , . , , . ,
(Store Password Using Reversible Encryption For All
Users In The Domain).
,
. , , .

, .


,
:
(Account Lockout Threshold).
(Account Lockout
Duration).
(Reset Account Lockout Counter
After).
.
(Account Lockout Threshold)

(Account Lockout Threshold) ,


. ,
.

- . ,
. ,
, . ,
, Windows Server 2008 . ,
(Single Log-On)
0 999.
. , .
.

304

II

Windows Server 2008

: , . 7 15. ,
.

(Account Lockout Duration)

(Account Lockout
Duration) , , . 1 99999
, , .

. .

, . , , .
,
Active Directory (Active Directory Users And Computers). (Account)
(Account Is Locked Out).

(Reset Account
Lockout Counter After)

Windows Server 2008 . , , ,


,
. , ,
. (Reset
Account Lockout Counter After).
. , .
(Reset Account
Lockout Counter After), 1 99999 .
(Account Lockout Threshold),
, .
. ,
.
(Reset Account
Lockout Counter After) , .

10

305

. ,
, Ctrl+Alt+Delete.

Kerberos
Kerberos v5 Active Directory. Kerberos v5 (ticket), , .
, :
(Enforce User Logon
Restrictions).
(Maximum Lifetime For Service
Ticket).
(Maximum Lifetime For
User Ticket).

(Maximum Lifetime For User Ticket Renewal).
(Maximum
Tolerance For Computer Clock Synchronization).
.
, Kerberos.
, .
Kerberos .


(Enforce User Logon Restrictions)

(Enforce User
Logon Restriction) , . ,
,
. ,
, .

(Maximum Lifetime
For Service Ticket)
(Maximum Lifetime For User Ticket) , . 600
, 10 .

306

II

Windows Server 2008

.
0 99999 , 0
99999 . .
, ,
(Maximum Lifetime For User Ticket Renewal). , 0 99999 .
.


(Maximum Tolerance For Computer Clock Synchronization)
Kerberos, , , .
.
.
,
,
. 0 99999.
,
, .


9 . ,
.
,
. , .
, , , . , ,
, .
.

(Local Policies) . , .
Active
Directory. , .
,
.
,
:

10

307

1. , . (Computer
Configuration), Windows (Windows Settings), (Security Settings) (Local
Policies).
2. (User Rights Assignment).
, (Properties). (Properties).
3. . 14
. 16 .


, ,
:
1. , ,
. 10-3. , (Define These Policy
Settings).

. 10-3.

2. ,
(Add User Or Group).
(Add User Or Group) -

308

II

Windows Server 2008

(Browse). : , (Select Users, Computers, Or


Groups), . 10-4.
Windows,
: , (Select Users, Computers, Or Groups),
.
TCP 445. \
\\ \ Windows\
(Computer Configuration\Administrative Templates\Network\Network Connections\
Windows Firewall\Domain Profile).
Windows: (Windows Firewall: Allow Remote Administration
Exception) (Enabled). : netsh firewall set portopening
tcp 445 smb enable. 840634
(http://support.microsoft.com/default.aspx?scid=kb;en-us;840634).

. 10-4.

3. , ,
(Check Names).
.
(Object Types) ,
(Groups) OK.
4. , OK. (Add User Or Group). OK.
5. . ,
(Remove).
6. , OK.

10

309


, :
1. (. . 10-5).
, , .
2. ,
.
, (Remove).
3. , (Add User
Or Group).
(Add User Or Group) (Browse). : ,
(Select Users, Computers, Or Groups), . 10-4.
.

. 10-5.


,
, . Active Directory
(Active Directory Users And Computers). (Local
Users And Groups).

310

II

Windows Server 2008


:
, ,
,
(New) (User). (New Object User Wizard), . 10-6.
.

Active Directory (Active Directory Users
And Computers) , ,
(Copy). (Copy
Object User Wizard), , , (New Object User Wizard). ,
.
11.

(New Object User Wizard) (Copy
Object User Wizard), :
1.
(. 10-6).
, . .

. 10-6.

10

311

2. (Full Name).
,
64 .
3. (User Logon Name)
. , .
.
4. 20
Windows 2000. . , Windows.

. 10-7. (New
Object User Wizard)

5. (Next). , .10-7,
. :
(Password) .
.
(Confirm Password) . , .
(User Must
Change Password At Next Logon) ,
.
(User Cannot Change Password) ,
.
(Password Never Expires)
, -

312

II

Windows Server 2008

. .

.
(Account Is Disabled)
, .
.
6. (Next) (Finish), . . (Back),
.
, . .



(Local Users And Groups). , :
1. (Click Start), (All Programs), (Administrative Tools)
(Computer Management).
2. (Computer
Management)
(Connect To Another Computer). ,
. .
3. (System Tools) (Local Users And Groups).
4. (Users) (New User). , . 10-8. :
(User Name) .
.
(Full Name) , ,
William R. Stanek.
(Description) . ,
, , -.
.
(Password) .
.
(Confirm Password) . , .

10

313

(User Must
Change Password At Next Logon) ,
.
(User Cannot Change
Password) ,
.
(Password Never Expires)
,
.
.
(Account Is Disabled)
, .

.

. 10-8.

5. , (Create).


.
Active Directory (Active Directory
Users And Computers). (Local Users And Groups).
, ,
. :

314

II

Windows Server 2008

,
, ,
. ,
, , , -.
,
.
, , . ,
, .


, :
1. Active Directory (Active
Directory Users And Computers). ,
,
(New) (Group). (New Object Group), . 10-9.

. 10-9. (New Object Group)


2. .
, . .
64 .
3. 20
Windows 2000. .
Windows.

10

315

4. ( ,
).
5. ( ).
6. OK, . ,
.
.



(Local Users And Groups). :
1. (Click Start), (All Programs), (Administrative Tools)
(Computer Management).
2. (Computer
Management)
(Connect To Another Computer). , . .
3. (System Tools) (Local Users And Groups).
4. (Groups) (New Group).
(New Group), . 10-10.

. 10-10. (New Group)


5. , (Add),
. : (Select Users).

316

II

Windows Server 2008

6. (Name) (Check Names).


OK. ,
. OK.
7. ,
(Remove).
8. ,
(Create).


Active Directory
(Active Directory Users And Computers).
, :

(Domain Users). .
(Domain Computers). .
(Domain Controllers). .
Active Directory (Active
Directory Users And Computers)
:
;
;
.



, (Add To Group).
: (Select Groups),
: (Select Users Or Groups),
. ,
.
,
:
1. , Active Directory (Active
Directory Users And Computers).
.
2. (Member Of).

10

317

3. , (Add). : (Select
Groups). , .
4. ,
(Remove).
5. OK.
,
:
1. Active Directory (Active
Directory Users And Computers) , .
, Ctrl,
. , Shift, .

2. (Add To Group).
: (Select Groups). , .
3. OK.



. , :
1. Active Directory (Active Directory Users And Computers). .
2. (Members).
3. (Add). : , (Select Users,
Computers, Or Groups). , ,
.
4. ,
(Remove).
5. OK.



, Windows Server 2008
Macintosh, (primary group). -

318

II

Windows Server 2008

Macintosh
Windows Server 2008, .
, ,
Windows Server 2008 Macintosh .
, , , (Domain
Users) (Domain Computers).
, :
1.
Active Directory (Active Directory Users
And Computers). .
2. (Member Of)
3. (Member Of)
.
4. (Set Primary Group).
, , . , . :
1. (Member Of)
(Set Primary Group).
2. (Member Of)
(Remove).

11

, ,
. , ,
. , .


Active Directory . , ,
.
.


, :
1. Active Directory (Active Directory Users and Computers). .
2. (General), . 11-1. :
(First Name), (Initials), (Last Name) .
(Display Name) , Active Directory.
(Description) .
(Office) .
(Telephone Number)
.

320

II

Windows Server 2008

, , (Other)
() (Phone Number (Others)).
. (E-Mail) .
- (Web Page) URL
.
-, ,
(Other) -
() (Web Page Address
(Others)).

. 11-1.
(Send Mail)
(Open Home Page) Active Directory (Active Directory Users and Computers), . (E-Mail) - (Web Page).
.

3. (Address) . ,

.
,
. . , , ,
.

11

321

4. (Telephones). , ,
, , -.
5. , (Other)
.
6. (Organization).
, .
7. ,
(Change) : (Select User Or Contact).
, .
8. (Apply) OK, .

Active Directory
Active Directory, :
1. Active Directory (Active Directory Users and Computers)
(Find).
2. (In) : ,
(Find Users, Contacts, And Groups). , Active Directory (Entire Directory).
,
(Browse).
3. , (Users, Contacts, and Groups)
, , .

. 11-2. Active Directory

322

II

Windows Server 2008

4. (Find Now), .
, . 11-2. , .
5. ,
(Properties).


, , .
, Active Directory
(Active Directory Users and Computers) (Profile), . 11-3. :
(Profile Path) ,
.
, ,
.
.

. 11-3. (Profile)

(Logon Script)
, . 5.

11

323

(Home Folder) .
,
, .


,
, . , . :
%SystemRoot% , ,
C:\Windows. (Profile)
.
%UserName% , , wrstanek.
(Profile)
.
%HomeDrive% , , , , C:. .
%HomePath% , , \Users\Mkg\Georgej. .
%Processor_Architecture% ,
, , x86. .

. 11-4. (Profile) ,
, ,

324

II

Windows Server 2008

. 11-4 . ,
%UserName%
.
, ,
.


,
. , ,
. , .
, ,
.
,
.
(Startup).
Microsoft
Windows, :
Windows Script Host .vbs, .js .;
.bat;
.cmd;
.exe.
.
. , .
, :
1. Active Directory (Active Directory Users and Computers) (Profile).
2. (Logon Script).
, , , \\Zeta\User_
Logon\Eng.vbs.
.
5.

, ,
, Windows. ,
. , ,

11

325

. NET USE.
:
net use lpt1: \\zeta\techmain
net use G: \\gamma\corp\files

, , LPT1, , G. VBScript, , ,
Network. :
Option Explicit
Dim wNetwork, printerPath
Set wNetwork = WScript.CreateObject(WScript.Network)
printerPath = \\zeta\techmain
wNetwork.AddWindowsPrinterConnection printerPath
wNetwork.SetDefaultPrinter printerPath
wNetwork.MapNetworkDrive G:, \\gamma\corpfiles
Set wNetwork = vbEmpty
Set printerPath = vbEmpty

AddWindowsPrinterConnection TechMain Zeta, SetDefaultPrinter .


MapNetworkDrive G.


Windows Server 2008 .
, . , .

.
. ,
, .
, . .

. Active Directory (Active


Directory Users and Computers) . -

326

II

Windows Server 2008

- ,
.
,
:
1. Active Directory (Active Directory Users and Computers) (Profile).
2. (Home Folder)
(Local Path)
, , C:\Home\%UserName%.
, :
1. Active Directory (Active Directory Users and Computers) (Profile).
2. (Home Folder)
(Connect) .
. , , . .
3. UNC- , , \\Gamma\
User_Dirs\%UserName%. , .
, Windows Server 2008 . , , ,
, \Users\Default. .


Windows Server 2008 . ,
,
, , .


Windows Server , . ,
,
.

: . -

11

327

, ,
.
, . , :

Windows Server 2008 .
. Windows Server 2008
.

, :
1. Active Directory (Active Directory Users and Computers) (Account).
2. (Logon Hours).

(Logon Hours), . 11-5. . , .
3. ,
(Logon Permitted)
(Logon Denied).
11-1
(Logon Hours).
. 1-1. (Logon Hours)

(All)


(Logon Permitted)


(Logon Denied)

, . , 9 17, .
.

328

II

Windows Server 2008

. 11-5.

, :
1. . , 5.
2. (Computer Configuration), Windows (Windows Settings),
(Security Settings)
(Local Policies). (Security
Options).
3. :
(Network Security: Force Logoff When Logon Hours Expire).
.
4. (Define
This Policy Setting) (Enabled). OK.


Windows Server 2008 , , , .
,
.
,

.
.

11

329

.
.
.

Windows 95 Windows 98.
.

, , :
1. Active Directory (Active Directory Users and Computers)
(Account).
2. (Log On To),
(Logon Workstations).
3. (The Following Computers), . 11-6.
4. (Add).
.
5. ,
(Edit) (Remove).

. 11-6. , ,

VPN
Windows Server 2008
(Dial-In) .

330

II

Windows Server 2008

(VPN). . 11-7, NPS.


.
, (Allow Access)
(Deny Access). ,
, :
1.
(Network Policy and Access Services).
2. , GPO , .

(User Configuration), (Administrative Templates) (Network). (Network Connections)
, .
3. (Computer Management)
(Services And Applications) (Routing And Remote Access).
.
, , .
(Dial-In), . 11-7.
1. , (Verify Caller-ID)
. ,
.
2. :
(No Callback)
. , ,
, .
(Set By Caller) ,
. ,
,
.
.
(Always Callback To)
. ,
.
.
.

11

331

,
.
.

3. IP- ,
IP- (Assign Static IP Address) (Apply
Static Routes). IP- 17.

. 11-7.


(Account)
.
:
(User Must
Change Password At Next Logon)
.
(User Cannot Change Password) .
(Password Never Expires) , .

332

II

Windows Server 2008

! . , .

, (Store Password
Using Reversible Encryption) .
(Account Is Disabled)
,
.
- (Smart Card Is Required For Interactive Logon) -
. ,
.
(Account Is Sensitive And Cannot Be Delegated) ,
Kerberos.
, .
Kerberos DES
(Use Kerberos DES Encryption Types For This Account) ,
DES.
128- Kerberos AES (This Account Supports Kerberos AES 128 Bit Encryption)
128- AES.
256-
Kerberos AES (This Account Supports Kerberos AES 256 Bit Encryption) 256- AES.
Kerberos (Do Not Require
Kerberos Preauthentication) ,
. Kerberos v5.
Kerberos.
AES DES . Windows DES.
Windows Vista Windows Server 2008 AES, ,
DES. Windows Vista Windows Server 2008,
, 128-, 256-
, , ,
128- .

11

333


,
.
. ,
, ,
. VGA
. . .
Windows Server 2008
:
Active Directory (Active Directory Users and Computers).
,
(System)
.
.

,
Windows Server 2008 ,
, , , , .
,
. , , , (local). , ,
, . ,
, , , ,
, .
, .
(roaming). .
, , Windows 2000, Windows Server
2003 Windows Server 2008. , . .

334

II

Windows Server 2008

, EFS,
, ,
, .
, ,
.

.
,
, , .
, , (mandatory).
.
. , , , ,
,
.
, . , ,
- , ,
.
, .
Windows XP,
. Windows XP . ,
. 893243
http://support.microsoft.com/default.aspx?scid=kb;en-us;893243.

Windows 2000
, (Profile
Path) . Windows Vista Windows
Server 2008 %%\Users\
%%\Ntuser.dat, , C:\Users\wrstanek\Ntuser.dat.
,
.

Windows
2000, Windows Server 2003 Windows Server 2008. , EFS, . ,
.

11

335

,
, :
1. Windows Server 2008
, (Everyone) , , (Change) (Read) .
2. Active Directory (Active Directory Users And Computers) (Profile).
(Profile Path) \\ \
\ , , \\Zeta\User_Profiles\
Georgej, Zeta , User_Profiles Georgej
.
3. , Ntuser.dat, , \\Zeta\User_Profiles\Georgej\Ntuser.dat.

,
. NTFS ,
. . Ctrl Shift,

(Properties). . ,
%UserName%, , \\Zeta\User_Profiles\%UserName%.

4. .
, . ,
, .
,
.

Windows
Server 2008. ,
, :
1. 1-3 .
2. Ntuser.dat Ntuser.man. , .
Ntuser.dat .
.man, Windows Server 2008,
.

336

II

Windows Server 2008



,
(System) .
(Start) (Control Panel).

(System And Maintenance), (System) (Advanced System Settings),
(System Properties).
(User Profiles) (Settings).
. 11-8 (User
Profiles), , . .
:
(Name) , ,
. , ADATUM\Wrstanek ,
adatum, wrstanek.

. 11-8. (Users Profiles)



, ,
(Account Deleted)
(Account Unknown). .

11

337

(Size) , ,
.
(Type) ( ).
(Status) , ,
.
(Modified) .

,
, , . , .
.
, , .

,
. (System)
. :
1. . (System And Maintenance), (System)
(Advanced System Settings). (System Properties)
(Settings) (User Profiles).
2. , (Profiles Stored On
This Computer) , (. 11-8).
3. (Copy To).
(Copy Profile To),
. 11-9. , georgej \\Zeta\User_Profiles\Georgej.

. 11-9. (Copy To)


338

II

Windows Server 2008

4. . (Permitted To Use) (Change) : (Select User Or Group)


.
5. OK, (Copy To).
Windows .

,
, .
.
, Windows Server 2008 ,
. (,
).

.
, :
1. . (System And
Maintenance), (System) (Advanced System Settings).
(System Properties) (Settings)
(User Profiles).
2. , (Profiles Stored
On This Computer) , .
3. (Copy To). (Copy Profile To).
4. (Permitted To Use) (Change) :
(Select User Or Group) .
5. OK, (Copy To).
Windows .

. Windows Server 2008 , , . , ,


, .

11

339

. ,
, , .
, :
1. ,
, (System).
2. (Advanced System Settings). (System Properties)
(Settings) (User Profiles).
3. , ,
(Delete). (Yes), .
, . (, ), ,
. Windows Server 2008
, . ,
, .
.

Windows Server 2008


:
, . ,
. :
;
Active Directory (Active Directory Users and Computers).

(System)
. (Change
Type). :
,
, . , .
(
)
. Windows Server 2008 -

340

II

Windows Server 2008

, . , .
, .



Active Directory (Active
Directory Users and Computers). ,
(Local Users And Groups).
Active Directory
. ,
,
. :
1. Active Directory (Active Directory Users and Computers)
(Find).
2. (Find) (Custom Search). (Find) (Custom Search).
3. (In) .
, Active Directory (Entire
Directory).
4. (Field) (User)
(-Windows 2000) (Logon Name (Pre-Windows 2000)).
: (-Windows 2000)
(Logon Name (PreWindows 2000)), (Logon Name). ,
Windows 2000 .

5. (Condition) (Present)
(Add). , (Yes).
6. (Find Now). .
7. , .
8. , ,
(Disable Account).

11

341

, : (Add To Group),
(Enable Account), (Disable Account), (Delete)
(Move).

,
Active Directory. (Field) (Computer)
(-Windows 2000) (Computer Name (Pre-Windows
2000)). , (Field)
(Group) (-Windows 2000)
(Group Name (Pre-Windows 2000)).

(, , ),
. , , , .


.
10, .
, Windows Server 2008 SID,
. SID
.
SID ,

. Windows Server 2008 SID .

. , (kima) , , , kimr. kima kimr
. , ,
, -,
kimr, kima .
Active
Directory (Active Directory Users and
Computers) (Rename User), .
, :
1. Active Directory (Active Directory Users and Computers) ,
.

342

II

Windows Server 2008

2. (Rename). . Backspace Delete, , Enter,


(Rename User).
3. OK. , , , ,
.
4. SID ,
. , , , -
, :

,
.

, .

,
.

. ,
, . Windows.


.
, :
1. Active Directory (Active Directory Users and Computers) ,
, (Copy).
(Copy
Object User).
2. . .
, Active
Directory (Active Directory Users and
Computers) . , ,

11

343

, .
:
, , ,
(Address);
, (Organization);
, (Account Options) (Account);
, ;
;
;
;
.
`


, . ,
%UserName%, .


Windows Server 2008 CSVDE,
Active Directory. CSVDE
-. CSVDE :
i ( ).
f .
s (
).
v .
u Unicode (
Unicode).
- LDAP .
. :
DN,objectClass,sAMAccoutName,sn,givenName,userPrincipalName
CN=William Stanek,OU=Eng,DC=cpandl,DC=com,user,williams,William,Stanek,
williams@cpandl.com

, newusers.csv. Active Directory,


:

344

II

Windows Server 2008

csvde -i -f newusers.csv

, CSVDE -. , ,
:
d RootDN , , d OU=Sales,DC=
domain,DC=local. , .
l .
r LDAP, , r (objectClass=user).
m (SAM),
Active Directory.
(
), :
csvde -f newusers.csv

, . ,
, RootDN , :
csvde -f newusers.csv -d OU=Service,DC=cpandl,DC=com r
(objectClass=user)


. , ,
SID SID .
, Windows Server 2008 .
. Delete. OK (Yes).
Windows Server 2008
, .
, . Windows-, .
.



. , .
,
:

11

345

1. Active Directory (Active Directory Users and Computers)


(Local Users And Groups).
2.
(Reset Password) (Set Password).
3. .
, .
4.
(Account Is Locked Out)
(Unlock Account).
(Account) .


, .
, ,
. , , .
. , , ,
.

Active Directory (Active Directory


Users and Computers) . , :
1. Active Directory (Active Directory Users and Computers)
(Local Users And Groups).
2.
(Enable Account).

, dsquery user disabled.

, :
1. Active Directory (Active Directory Users and Computers)
(Local Users And Groups).

346

II

Windows Server 2008

2.
(Unlock Account).
(Account) .

, . ,
. 10.

.
.
, :
1. Active Directory (Active Directory Users and Computers).
2.
(Account).
3. (Account Expires)
(End Of) . ,
.


Active Directory (Active Directory
Users and Computers) . ,
:
, Ctrl , .
,
Shift, .
,
. :
(Add To A Group) : (Select Group) , .
(Disable Account) .
(Enable Account) .
(Move)
.

11

347

(Properties)

(Properties). . 11-10,
(Properties For Multiple Objects)
:
.
DNS- ( , UPN),
, , , .
, ,
. , ,
.

. 11-10.


(Profile). ,


Active Directory (Active Directory
Users and Computers). , %UserName%, . ,

348

II

Windows Server 2008

%UserName%.cmd, Windows
,
. , bobs, janew ericl : Bobs.cmd, Janew.cmd Ericl.cmd.
. 11-11 . %UserName%
,
.
,
, ,
. ,
.

. 11-11. %UserName%



Active
Directory (Active Directory Users and
Computers), .
:
1. Active Directory (Active Directory Users and Computers) , .

11

349

2. (Properties).
(Account).
3. (Logon Hours) . ,
.

, . ,
, .



(Logon Workstations).
, :
1. Active Directory (Active Directory Users and Computers) , .
2. (Properties).
(Account).
3. (Computer Restrictions)
(Log On To).
4. , (All Computers).
,
,
(The Following Computers), ( ). OK,

.

,

,
, .
(Account). , , , .
:
, . , (Password Never Ex-

350

II

Windows Server 2008

pires), OK .
, , . ,
(Account Is
Disabled), , ,
OK .
,
(Account Expires), .
(Never) .
(End Of).


,
. , ,
Active Directory (Active Directory Users
and Computers) (Enable
Account).
, dsquery user disabled. , dsmod user UserDN disabled no.
,

. ,
.
Windows Server 2008 .
, .
GPO ,
\ Windows\ \ \ (Computer Configuration\
Windows Settings\Security Settings\Local Policies\Audit Policy).
, .
, , , . , ,

11

351

. , , .
10 .
, Windows 2000 Windows
Server 2003, , , , , Kerberos (Maximum Tolerance For Computer Clock Synchronization). 5 .
, .
:
,
, .
, , , .
, .
, (Logon Locally),
10.
,
, , . ,
. , ,
, .
, , , , , ,
.
, , , .
,
.
,
, .
, , .

352

II

Windows Server 2008

Active Directory
, Active Directory , .
Active Directory ,
. Active Directory , .
, , .

Active Directory, :
1. Active Directory (Active Directory Users and Computers). (View) (Advanced Features). , , ,
(Properties).
2. (Security). (. 11-12),
.
, ,
.
3.
(Group Or User Names). , :
.
(Permissions)
.
,
, .
4. ,
, (Add). :
, (Select Users, Computers,
Or Groups), , .
5. (Group Or User Names)
(Permissions). , .
6. , OK.
! ,
Active Directory Active Directory. ,
.

11

353

. 11-12. (Security)

Active Directory, :
1. Active Directory (Active Directory Users and Computers). (View) (Advanced Features). , , ,
(Properties).
2. (Security) (Advanced),
.
3. , (Edit).
4. , OK.

III


Windows Server 2008

12. .............................. 356


13. RAID................... 404
14. .......................................... 427
15. , ............................................... 444
16. ............................................... 501

12

. , .
, .
. C,
. C, C:\.

.

(Map Network Drive) Windows.
.
.
13 . 14 , .

(File Services)
.
,
. Windows Server . Windows Server
2008 ,
(File Services) .
. 12-1 (File
Services). , , :

12

357

Windows Server (Windows Server Backup)


, Windows Server 2008.
SAN (Storage Manager for SANs) (SAN).
- (Multipath IO)
.
- .
. 12-1. (File Services)



(Share and Storage
Management)

(Share and Storage Management)


.

,
.

(LUN) (SAN)


DFS (Distributed
File System (DFS))


DFS (DFS Namespaces) DFS (DFS Replication). DFS
.
Windows Server 2008,
DFS Sysvol

DFS
(DFS Namespaces)

, , .
, ,

DFS (DFS
Replication)



. . RDC (Remote Differential Compression)
, . DFS
DFS (DFS Namespaces)

358

III

Windows Server 2008

. 12-1. ()


(File
Server Resource Manager
(FSRM))


, .
FSRM
,
(file screening)

NFS (Services
For Network File System)



Windows UNIX.
NFS
Windows Server 2008 UNIX
NFS

Windows
(Windows Search Service)


,
Windows.
, ,


Windows Server 2003
(Windows Server 2003 File
Services)

,
Windows Server 2003,
Windows Server 2008
Windows Server 2003


(File Replication
Service (FRS))


,
FRS.
DFS Windows 2000.
,
FRS,

Windows Server 2008.
Windows Server 2003, ,
Windows Server 2008,
RFS


(Indexing Service)


.

.

(File Services) , :
1. (Server Manager)
(Roles) (Add Roles). (Add Roles Wizard).
(Before You Begin), (Next).

12

359

.
,
(Add Role Services).
(Roles)
(File Services)
(Add Role Services). 3. ,
.

2. (Select Server Roles)


(File Services)
(Next).
3. (Select Role Services)
. . 12-1.
UNIX
NFS (Services For Network File System).
(Next).
4. DFS ,
.
DFS (DFS Namespaces) :
DFS (Create A DFS Namespace) , ,
. , , CorpData. , ,

.

(Select Namespace
Type) , :
, .

, ,
5000 DFS-.
50000 DFS-,
.

360

III

Windows Server 2008

(Configure Namespace)
,
, DFS-,
. (Add).
(Add Folder To
Namespace) (Browse).
(Browse For Shared Folders)
OK.
OK. .
,
.
, OK, .

DFS (DFS Namespaces) . DFS (DFS Namespaces), DFS (DFS Replication)


,
DFS (DFS Management). (Administrative Tools). 15.

5. (File Server Resource Manager)



. , :

12

361


(Configure Storage Usage Monitoring) ,
,
. (Options),
,
.
85%.

(Set Report Options)


,
. ,
.
.
%SystemDrive%\
StorageReports. ,
(Browse)
(Browse For Folders). ,
.
SMTP, .

362

III

Windows Server 2008

.
.
(Administrative Tools). 14.

6. Windows (Windows Search Service), . , ,


. ,
, ,
.
. .
.
Windows (Windows Search Service) (Indexing Options)
.

7. , (Next).
(Confirm Installation Options). (Install),
.
, (Installation Results). , .
(File Services) , ,
(Roles)
(File Services). ,
(Role Services).
(Add Role Services) , , 3.


,
, . Microsoft
Windows Server 2008 . , ,
, , .
, , .
, .
,
. , . Windows Server 2008 -

12

363

RAID,
.


, .
, ,
.
100 1 . Windows Server 2008
, , SCSI, ATA SATA.
SCSI, PATA SATA , . SCSI SCSI, ATA ATA, . . .
,
. .
:
.
,
-.
, , ,
Ultra320 SCSI SATA II,
. , 15000 /
45%50% - ,
10000 /, .
3,5 25%
30% , 4,7 .
, :

, .
(mean time to failure, MTTF) , .
, .
.
, Ultra320 SCSI 15000
/, ,
MTTF. , Maxtor Atlas 15K II
98 ,

364

III

Windows Server 2008

Seagate Cheetah 15K.4 96 /.


1,4 .
(/).
1,5 / 188 /, 3,0 /
375 /. (maximum external transfer
rate) .
.
Seagate Barracuda 7200 SATA II 7200 /
58 /.
8,5 1 ,
SATA II 7200 /. , Ultra320
SCSI , -.
, ,
.
. , , . ,
. , 15K , .
Maxtor Atlas 15K II, Seagate Cheetah 15K.4 70C
( ).


, , , . (partition) , . : (Master Boot
Record, MBR) - (GUID Partition Table, GPT). Windows Server 2008
32- 64- MBR, GPT. GPT Windows Server x86 x64.
, , .

,
.
.
MBR ()
.
MBR . ,

12

365

.
,
. , .
, .
.
GPT Itanium.
2 x86 x64, , Itanium. GPT MBR . GPT
. ,

. GPT- 18 () 128 .
GPT MBR, .

(Disk Management)
(Disk Management) . (Computer Management)
(Server Manager). ,
MMC. (Disk Management) (Computer
Management) (Server Manager),
(Storage).
(Disk Management) : (Disk List), (Graphical
View) (Volume List).
(Disk Management). ,
.
.
DISKPART.

(Disk Management), .
, , .
, (Unallocated).

366

III

Windows Server 2008

. 12-1 (Volume List) , (Graphical View)


. . :
, (View), (Top) .
, (View), (Bottom) .
, (View) (Bottom) (Hidden).

. 12-1. (Disk Management)


.

Windows Server 2008 :


(Basic) , Windows. Windows.
(Dynamic)
Windows Server 2008,
. , Windows 2000 .
(Removable)
,
. exFAT, FAT16, FAT32 NTFS.

12

367

exFAT Windows Vista SP1 , Windows Server


2008. exFAT FAT (FAT12/16
FAT32). FAT32, exFAT FAT32 4- 32 . exFAT
32768 .
exFAT .
, exFAT . ., .
, exFAT Mac OS Linux Windows.


(Disk Management),
(Properties).
,
. 12-2 , , .
Windows (Windows Explorer), (File) (Properties).

. 12-2. (General)
(Properties)

368

III

Windows Server 2008


NTFS, FAT, FAT32 exFAT.

. USB FireWire. ,
USB
FireWire , , .
USB FireWire, USB 1.0, USB 1.1,
USB 2.0, FireWire 400 FireWire 800.
USB 2.0 ,
480 /. 10 30 /. , , ,
. USB- ,
, .
, USB- , .
, USB 2.0 USB
1.0. , USB 1.0.
USB 1.0, 1.1 2.0 . USB- , .
USB 2.0 -, . USB- , USB-. , , . USB,
.
FireWire (IEEE 1394) .
, , .
USB, FireWire,
, FireWire 400 FireWire 800. FireWire 400 (IEEE 1394a)
400 /, FireWire 800 (IEEE 1394b) 800 /.
FireWire 800 FireWire 400 ,
FireWire 400.
FireWire 400 FireWire 800 ,
( , ).
FireWire 400 , FireWire, IEEE 1394a

12

369

IEEE 1394b. FireWire


, .
FireWire FireWire 400
.
FireWire . FireWire 400 .

, .
, USB 2.0 FireWire 400,
USB 2.0, FireWire 400 FireWire 800.
.

. :
(Open)
(Explore), Windows (Windows Explorer).

(Format), , . , .
(Properties) .
(General) (Properties)
, .
, . ,
(Properties) (Customize). ,
. , (Documents)
(Pictures And Videos)
.

. , : , . .
.
NTFS
, .
exFAT, FAT FAT32
, .

370

III

Windows Server 2008


. .
, ,
. ,
(Disk Management) (Action) (Rescan Disks).
.
, .
,
. ,
. , ( , ),
(Disk Management).
(Initialize And Convert
Disk Wizard).
(Initialize And Convert Disk Wizard), :
1. (Next) . (Select Disks To Initialize)
. , .
2. (Next),
(Select Disks To Convert). , , .
. , (Next).
3.
,
. , (Finish).
. , .
, .
(Initialize And Convert Disk Wizard),
(Disk
Management). (Disk List)
,
(Not Initialized).

12

371

(Initialize Disk).
, OK.
.



. (Disk Management)

(Graphical View) (Volume List). . 12-2
.
. 12-2.

(Online)

.
, . ,


.
-

()
(Online (Errors))

,

(Reactivate Disk).
, ,
.


(Offline)

.

.

(Missing),

,
. ,

.

( )


(Reactivate Disk).

(Foreign)

, .

,

,


(Import Foreign
Disks)

372

III

Windows Server 2008

. 12-2. ()


(Unreadable)

. ,
,
. ,

FireWire/
USB -,

.
,
- .

,

-.
, (Action) (Rescan Disks).
,

(Unrecognized)

.
,
Windows


, .

, . Windows Server
2008,


(Initialize Disk)


(Not Initialized)


.

,
Windows


, .

, . Windows Server
2008,


(Initialize Disk)

12

373

. 12-2. ()


(No Media)


CD-ROM- .

CD-ROM-

-, . FireWire/
USB
( )


Windows Server 2008 :
, Windows.
Windows.
Windows Server 2008. .
,
Windows 2000 .
.


Windows Server 2008, . Windows Server 2008 , , .
. , .
.
, .
.
.
, , .
, C D,
Windows NT 4.0, Windows Server 2008.

374

III

Windows Server 2008

C , D.
.

. :
, ;
;
;
.
:
, , ,
RAID-5;
;
;
;
RAID-5;
;
( );
:
, ;
;
.


,
:
(crash dump) , .
%SystemRoot%, .
(active) ,
.
.
(boot) . .
(system) , , . .
(page file) , . -

12

375


.
x86 (Disk Management).
,
(Mark Partition As Active).
. , , .


Windows.
Windows.
Windows 2000
. , , , UNIX.
, Windows.
.
Windows Server 2008
.
. .

. .

, ,
Windows.
Windows 2000 .
MBR-, , 1 . (Disk
Management)
,
. .
GPT
. GPT- , Windows, , , ,
.
:
, 512
. , .

376

III

Windows Server 2008


.
.
, , , RAID5. .
,
Windows. , Windows Server 2008.
, , ,
RAID-5. .
.
, :
1. (Disk Management)
, ,
(Disk List) (Graphical View). (Convert To Dynamic Disk).
2. (Convert To
Dynamic Disk) , . , ,
RAID-5, , . OK.
3. (Disks To Convert) . :
(Name) .
(Disk Contents) ,
, , .
(Will Convert) . ,
. , .
(Details) .
(Convert) .
4. , (Convert).
, Windows,
. (Yes), .
5. ,
, ,
(Disk Management) .

12

377

.
(Convert
To Basic Disk). , .


() (Online
(Errors)) (Offline),
, :
1. (Disk Management)
, ,
(Reactivate Disk) .
2. , . , , .
, ,
.


, , (Unreadable). (Action)
(Rescan Disks).



, .
, , ,
. ,
.
Windows Server 2008 . :
1. (Disk Management) , .
, .
.
, BitLocker. BitLocker , , .

378

III

Windows Server 2008

2. . . Plug and Play .


,
.
3. ,
, . , , ,
. , . ,
, , .
, :
1.
(Computer Management). (Device
Manager).
(Disk Drives).
. , , (Uninstall).
, ,
(Properties).
(Volumes) (Populate). .
2. (Disk Management) (Computer Management) . , ,
(Remove Disk).
3. , .
,
, . ,
,
. .
4. (Disk Management)
(Action)
(Rescan Disks). ,
(Foreign)
(Import). .

12

379

, .
, . ,
. ,
, .


. (Disk Management).


Windows Server 2008 MBR-
. , MBR-: , .
.
.
. ,
. ,
600 200 . GPT- 128 .

. , . ,
, C, .
,
.
. MS-DOS, , C, Windows Server 2008 . , C Z.
A . , B,
C Z. , CD-, Zip- . ,
, 24. , .

24 .
, . . ,
, E:\Data1, E:\Data2 E:\Data3. -

380

III

Windows Server 2008

, .
,
, NTFS.
, (Disk Management) . , - ,
- .
(Disk Management). , (View) (Settings).


Windows Server 2008
(Disk Management) , .
.
, .
(Disk Management) , :
1. (Disk
Management)
(New Simple Volume).
(New Simple Volume Wizard).
(Next).
2. (Specify Volume Size),
. 12-3,
(). (Next).

. 12-3.
(Specify Volume Size)

12

381

3. (Assign Drive Letter Or


Path), . 12-4, (Next). :
(Assign The Following Drive Letter)
. Windows Server 2008
,
, .
NTFS- (Mount In The Following
Empty NTFS Folder) NTFS-.
, (Browse).
(Do Not Assign A Drive
Letter Or Drive Path) ,
, .
.
.
, , . . .

. 12-4. (Assign Drive Letter Or Path)


4. (Format Partition), . 12-5, , . ,


(Format This Volume
With The Following Settings) :
(File System) : FAT, FAT32
NTFS.
NTFS. FAT FAT32,
NTFS. NTFS FAT FAT32 .

382

III

Windows Server 2008

(Allocation Unit Size)


.

.
. ,
, , 512 1024
.
.
(Volume Label) ,
(New Volume).
, Windows (Windows
Explorer), (Properties)
(General).
(Perform A Quick Format) Windows Server 2008 ,
.
,
. (Disk Management)
.
(Enable File And Folder Compression) . NTFS-. NTFS
,
, .
,
. ,
.

. 12-5.
(Format Partition)

12

383

5. (Next), (Finish).



. , ,
, .
,
(Format).
(Format), . 12-6.

. 12-6.
(Format)

:
(Volume Label) , .
(File System) : exFAT, FAT,
FAT32 NTFS. FAT MS-DOS,
Microsoft Windows 3.1, Windows 95, Windows 98 Windows Me.
NTFS Microsoft
Windows NT Windows.
(Allocation Unit Size)
.

. . ,
, , 512 1024 .

.
(Perform A Quick Format) Windows
Server 2008 , . , .
(Disk Management)
.

384

III

Windows Server 2008

(Enable File And Folder Compression) . NTFS-. NTFS


,
, .
, .
,
.
OK.
, (Disk Management) . OK, .
.


(Disk Management) .
, ,
. , Windows Server 2008
, , NTFS-,
.
Windows Server 2008, Windows Vista,
, NTFS-.
- USB
NTFS. Windows Vista SP1 ,
, NTFS.


, ,
NTFS-.
. . , .
, .
Windows , , . ,
. 223188 ,
(http://support.microsoft.com/kb/223188/en-us). , ,
.

12

385

,
(Disk Management) , ,
(Change Drive Letter And Paths). ,
. 12-7. :
(Add),
NTFS- (Mount In The
Following Empty NTFS Folder),
(Browse), .

(Remove), (Yes).
(Add), (Assign The Following Drive
Letter) .

(Change).
(Assign The Following Drive Letter) .
(Remove), (Yes).

. 12-7. (Change Drive Letter And


Paths)
Windows Server
2008 . , ,
(Disk Management) , (Yes).


.
FAT FAT32 11 . NTFS 32 .
, FAT FAT32 , , * / \ [ ] : ; | = , . + ? < >. , NTFS
.

386

III

Windows Server 2008


Windows Server 2008, , Windows (Windows Explorer),
.

(Disk Management) Windows (Windows Explorer).

(Disk Management), :
1. (Properties).
2. (General) (Properties)

. OK.
Windows (Windows
Explorer), :
1.
(Properties).
2. (General) (Properties)

. OK.


, .
, , .
, .
. Windows Server 2008 , .
.

, ,
:
1. (Disk Management)
, , , (Explore). Windows (Windows
Explorer)
.
2. (Disk Management)
, : (Delete Partition), (Delete Volume) (Delete Logical Drive).

12

387

3. , (Yes).
. , :
1. ,
.
2. .

NTFS
Windows Server 2008 FAT NTFS. Convert %SystemRoot%.
, .
, , Windows Server 2008
NTFS FAT. NTFS
FAT FAT.
Convert

Convert . , :
convert /FS:NTFS

, . ,
NTFS D. :
convert D: /FS:NTFS

Convert:
convert /FS:NTFS [/V] [/X] [/CvtArea:_] [/NoSecurity]

/FS:NTFS

NTFS

/V

/X

/CvtArea: _


NTFS

/NoSecurity


(Everyone)

Convert

Convert , ,
. Intel x86

388

III

Windows Server 2008

NTFS. .
.
NTFS, . (Yes),
.
. !
.

NTFS Convert , .
, 25% . , 200
, Convert 50 .
, Convert , . , Convert . .
( ).

.
, /CvtArea,
(master file table, MFT) MFT. ?
MFT
. - MFT
. MFT,
MFT.
, , MFT ( 12,5% ).
, MFT , , .
FSUtil. -,
MFT. NTFS,
- /CvtArea.
FSUtil - Temp.txt 1,5 :
fsutil file createnew c:\temp.txt 1500000000

- MFT
C NTFS, :
convert c: /fs:ntfs /cvtarea:temp.txt

12

389

, - . NTFS,
MFT.


Windows Server 2008 Ntldr Boot.ini.
Windows Server 2008 ,
Windows (Windows Boot Manager).
Windows MS-DOS, . Windows
Server 2008 , .
(Disk Management) DiskPart.
.
.

, , . ,

.
! , .
, NTFS. . , FAT
FAT32. ,
.

, :
1. (Disk Management)
, ,
(Shrink Volume). , .
2. (Shrink), . 12-8,
. :
() (Total Size Before Shrink In MB) .
.
() (Size Of Available Shrink
Space In MB) , .

390

III

Windows Server 2008

,
, , , .
, ,
, .
() (Amount of Space To Shrink
In MB) .
,
.
, , ,
10% .
() (Total Size After Shrink In
MB) .
.

. 12-8.

3. (Shrink), .

:
1. (Disk Management)
(Extend
Volume). , .
2. (Extend Volume Wizard)
(Next).
3. (Select Disks) , .
.
.
4. , .
:
, (Add),
(Selected).

12

391

(Selected)
() (Select
The Amount Of Space In MB)
, .
5. (Next),
(Finish).


Windows Server 2008
.
:
Transactional NTFS;
Self-Healing NTFS.
Transactional NTFS NTFS . , .
, .

.
, ,
, .
, , (Kernel Transaction Manager, KTM).

.
.
, .
NTFS- Check Disk. Windows, Windows Server 2008
Self-Healing NTFS,
.
, , .
Windows Server 2008
.
NTFS (Self-Healing NTFS) Check Disk, :
Check Disk .
, . , Self-Healing

392

III

Windows Server 2008

NTFS .
Self-Healing NTFS
, , .
Self-Healing NTFS ,
.
Self-Healing NTFS ,
, Chkdsk.exe,
,
(USN).
Verification, Waiting For Repair Completion Progress Status.
Self-Healing NTFS , , NTFS-.

, Self-Healing NTFS .
Self-Healing NTFS, .
Check Disk (Chkdsk.exe) ,
FAT, FAT32 NTFS. Check Disk
, , ,

.
Check Disk , .
Check Disk . ,
, , .
Check Disk

Check Disk ,
. ,
E:
chkdsk E:

E :
chkdsk /f E:
Check Disk ,
. , Check Disk . (Yes),
.

12

393

Check Disk:
chkdsk [[[]_]]] [/F] [/V] [/R] [/X] [/I] [/C] [/L[:]]

Check Disk:

FAT/FAT32:

/F

/V

FAT/FAT32:
. NTFS: (
)

/R


(
/F)

/L:

NTFS:

/X

(
/F).

/I

NTFS:

/C

NTFS:

Check Disk

Check Disk
Windows (Windows Explorer) (Disk Management). :
1. (Properties).
2. (Properties) (Tools)
(Check Now).

. 12-9. Check Disk

3. . 12-9, :
(Start),
.


. (Start).

394

III

Windows Server 2008



.
.
, , . Windows
Server 2008

(Disk Defragmenter). ,
.
, :
1. (Server Manager) (Storage) (Disc Management).
(Properties).
2. (Tools) (Defragment Now). (Disk Defragmenter) , ,
. , .
3. (Disk Defragmenter) (Defragment Now).
OK.
. (Cancel Defragmentation).

, Windows Server 2008



01.00. , .
:
1. (Server Manager) (Storage) (Disc Management).
(Properties).
2. (Tools) (Defragment Now).
(Disk Defragmenter), . 12-10.

12

395

. 12-10. (Disk Defragmenter)


3. (Run On A Schedule) OK. .


4. ,
(Run On A Schedule). .
5. , (Modify Schedule).
(Modify Schedule), . 12-11, OK. (How Often) (Daily), (Weekly)
(Monthly). (What Day) , . ,
(What Time) , .

. 12-11.

396

III

Windows Server 2008

6. , , (Select Volumes).
(Advanced Options) . .
.
(Disks To Defragment) ,
,
, .
OK.
2. OK, .
Windows Vista SP1 , Windows
Server 2008 . , .


NTFS Windows Server 2008 .
. ,
, . , , .
,
, . . ,
. .
. , Windows
Server 2008 , .
, Windows Server 2008 .

, :
1. Windows (Windows Explorer) (Disk Management) , , (Properties).
2. (Compress
Drive To Save Disk Space) OK.

, Windows Server 2008 . ,


:

12

397

1. Windows (Windows Explorer) , , (Properties).


2. (General) (Properties)
(Advanced). (Advanced Attributes) (Compress Contents To Save
Disk Space), . 12-12. OK.

. 12-12. ,
(Compress Contents To Save Disk Space)
(Advanced Attributes)

Windows Server 2008


, . Windows Server 2008 , , .
, Windows Server 2008 ,
. (Apply
Changes To This Folder, Subfolders, And Files) OK. , , .
,
. NTFS- . ,
.

, :
1. Windows (Windows Explorer) (Disk Management) , , (Properties).

398

III

Windows Server 2008

2. (Compress Drive
To Save Disk Space) OK.
Windows
. .
, , . , 150 , 70
.

, :
1. Windows (Windows Explorer) , , (Properties).
2. (General) (Properties)
(Advanced). (Advanced Attributes) (Compress Contents To Save Disk
Space). OK.
Windows Server 2008 . , .
, .
(Apply Changes To This Folder, Subfolders, And Files)
OK.
Windows Server 2008 . Compact.exe, Expand.exe.


NTFS
.
(EFS).
,
. . , ,
,
.
, . NTFS .
, .

12

399


.
, , ,
. .
, .
.
, , , , , ,
( ). , , , , .
.
(EFS). EFS . ,
EFS .
.
, , ,
.

.
, .
,
16.
, ,
.

EFS , .
.
, . ,
. ,

FAT FAT32 (
).

400

III

Windows Server 2008

(recovery agent).
, . ,

.
Windows Server 2008 EFS. .
.
.
EFS :

Windows Server 2008. . ,

.

, . .
,
, .
, .
EFS . EFS
.

NTFS- Windows Server 2008 . , ,


. ,
. , ,
.
.

:
1. , , (Properties).

12

401

2. (Properties) (General)
(Advanced). (Encrypt Contents To Secure
Data). OK.
, , .
, .
.

Windows Server 2008 , . Windows Server 2008


, .
, Windows Server 2008 ,
, . (Apply
Changes To This Folder, Subfolders, And Files) OK.
NTFS- , , .
FAT FAT32, .
, .


, ,
, , .
, NTFS- .
.
:

NTFS-
NTFS- . , FAT FAT32,
,
. FAT FAT32 .
- NTFS-
NTFS-, ,
, , .
.

402

III

Windows Server 2008

FAT FAT32, . FAT FAT32 .


, , , .
(Properties). (Properties)
(General) (Advanced). (Encrypt Contents To Secure Data)
.


. , .
, , :
1. ,
, , . 5.
2. (Computer Configuration),
Windows (Windows Settings), (Security Settings), (Public Key Policies),
(Encrypting File System) (Encrypted Data Recovery Agents).
3. , , , ,
, , .
4. ,
(Encrypting File
System)
(Add Data Recovery Agent). (Add Recovery Agent Wizard), , ,
. (Next).
5. (Select Recovery Agents)
(Browse Directory) , .
,
.
(Certificates)
EFS (EFS Recovery Agent). ,
.

12

403

6. , Delete. (Yes),
. ( , ),
EFS , .

, :
1. Windows (Windows Explorer) .
2. (Properties) (General)
(Advanced). (Encrypt Contents To Secure Data).
OK.
Windows Server 2008
. , Windows
Server 2008 .
, ,
(Apply Changes To This Folder, Subfolders, And Files) OK.
Cipher.exe, Windows Server 2008.
cipher , .

13


RAID

Microsoft
Windows Server 2008 . (RAID).
(volume set) . , ,
. , , (simple). ,
, (spanned).
RAID ,
. Windows Server 2008
RAID 0, 1 5. RAID
, .
RAID- , Windows 2000 .

Windows, . , Windows
, .



. , .
,
, . , ,
. . (RAID5) ,
, .

RAID

13

405


(Disk Management)
, . . 13-1 :
(Layout) , , , .
(Type) .
(File System) ,
: FAT, FAT32 NTFS.
(Status) . (Graphical View)
(Healthy), (Failed Redundancy) . .
(Capacity) .

. 13-1. (Disk Management)


,
. , Windows Server 2008.
Windows Server 2008 .
. , Windows Server 2008 C Windows
Vista D.
( 12):

406

III

Windows Server 2008

;
;
(
);
, , , ;
;
, .


, .
.
:
, . .

32 .
, .
, . , .
.
(Graphical View) (Volume List)
(Disk Management). . 13-1
.
. 13-1.

(Data
Incomplete)


.
,

,
,

(Data
Not Redundant)



. ,


RAID-5

RAID

13

407

. 13-1. ()

(Failed)

,
.

(Reactivate Volume).

(Failed Redundancy)


.


RAID-5

,
. .
, ,

RAID-5

(Formatting)

(Healthy)

( )
(Healthy (At
Risk))

Windows
, .


(Reactivate Volume).
, ,

(
)
(Healthy
(Unknown
Partition))

. ,
,

(Initializing)

408

III

Windows Server 2008

. 13-1. ()

(Regenerating)

,



RAID-5


.

(Healthy)

(Resynching)


.

(Healthy)

(Stale
Data)



,
.
, ,

(Failed Redundancy)

(Unknown)

.
,


.

.


,


FAT, FAT32 NTFS.
, , ,
NTFS. . ,
.
. , .
, NTFS.
:
1. (Disk
Management)
(New Spanned Volume). (Next).
2. (Select Disks), .
13-2. , ,
.

RAID

13

409

3. (Available).
(Add), (Selected). , (Selected) (Remove).
! Windows, Windows Server 2008 ,
.
.
(Yes), ,
, .

. 13-2. (Select Disks) ,


4. (Selected)
() (Select The Amount Of Space In MB)
. (Maximum available space) .
(Total Volume Size)
. (Next).
,
, .
. , , . ,
.

5. , , (Next). :

410

III

Windows Server 2008

(Assign The Following Drive Letter) , ,


.
NTFS- (Mount In The Following
Empty NTFS Folder) ,
. NTFS-
(Browse), .
(Dont Assign A Drive
Letter Or Drive Path) ,
, .
.
6. , (. 13-3), :
(File System) .
NTFS.
(Allocation Unit Size)
.

.
. ,
, , 512 1024
.
.
(Volume Label) .
(Perform A Quick Format) Windows Server 2008 ,
.
,
. (Disk Management)
.
(Enable File And Folder Compression) .
NTFS-. NTFS
,
, .
,
. ,
12.
7. (Next) (Finish).

RAID

13

411

. 13-3.


, , , RAID-5. , .
, ,
. , , Windows Server 2008.
, :
1. (Disk Management)
(Delete
Volume). , .
2. (Yes), .


.
12.


RAID
.
RAID, .
. , RAID
.

412

III

Windows Server 2008

RAID, . RAID 0
5. RAID .
Windows Server 2008 RAID 0, 1 5. RAID 0
. RAID 1 RAID 5.
. 13-2 RAID. .
. 13-2. RAID, Windows Server 2008

RAID

RAID

,
,
. , (strip).

. . ,
. (
.)

,
. .

Windows Server 2008 RAID 1


() RAID 5 ( ). .
. .

, . ,
, .

RAID

13

413

,
, ,

.
.
, ,
. 50%. , 300 ( 600 )
300 . , 33%. , RAID-5
300 ( 900 ) (
) 600 .

RAID Windows Server 2008


Windows Server 2008 ,
.
RAID.
! , , MS-DOS, RAID.

RAID- .

RAID 0:
RAID 0 ,
( )
. , (stripe). . 32 ,
,
25 . .
. , . ,
. ,
. ,
. .
16.

414

III

Windows Server 2008

!
. .


. (Disk Management) .
, . ,
50 , 150 .

:
. .
, , . .
, :
1. (Disk
Management) . (New
Striped Volume). (New
Striped Volume Wizard). (Next).
2. ,
. , , , .
3. , , . . .

RAID 1:
RAID 1
. .
.
.
, .
,
.
,
,
.
,
. ,

RAID

13

415

500 ,
. , 500 1000 .
, . .

, ,
.
.
. , ,
(disk duplexing). . 13-4
. , . .
, . . ,
. RAID .
C

. 13-4. ,

, :
1. (Disk
Management) . (New
Mirrored Volume). (New Mirrored Vol-

416

III

Windows Server 2008

ume Wizard). (Next).


2. ,
. ,

. ,
(Selected) , .
3. RAID,
. , , , .
(Healthy). (Resynching). (Disk Management).

,
. , , ,
, .

(Disk Management), :
1. ,
, (Add Mirror). (Add Mirror).
(Disks), . 13-5,
(Add Mirror).
2. Windows Server 2008 .
(Disk Management)
(Resynching). , , .

. 13-5.

RAID

13

417

RAID 5:
RAID 5 .
, , . (Disk
Management) ,
.
, RAID 5 RAID 1, , . , .
RAID 5, .
.
RAID .
.
.

(Disk Management), :
1. (Disk
Management) . RAID-5 (New RAID-5
Volume). RAID-5 (New RAID-5 Volume Wizard). (Next).
2. ,
. ,
.
RAID-5, ,
. ,
. .

RAID

, ,
. RAID .


, :

418

III

Windows Server 2008

. . - .
, .
, .
.
, .
, - .


(Disk Management), :
1.
(Break Mirrored Volume).
2. , (Yes). ,
. , (Yes).
3. Windows Server 2008 ,
.


Windows Server 2008
. ,
. , .
, MBR GPT.
.
(Failed Redundancy).
:
(Missing) (Offline), . (Disk Management),
(Reactivate Volume). (Regenerating), (Healthy).
(Healthy),
(Resynchronize Mirror).
() (Online (Errors)),

RAID

13

419

(Reactivate Volume). (Regenerating), (Healthy). (Healthy),


(Resynchronize Mirror).
(Unreadable),
. (Action) (Disk Management) (Rescan Disks). , .
, (Remove
Mirror). (Add Mirror). . ,
.


.
, , ,
. Windows . Windows Server 2008,
,
.
(Boot Manager),
.
. , ,
. ,
BCD Editor (bcdedit.exe).
, (Boot Mirror Secondary Plex) ,
. .
, ,
.
:
1. . .
2.
. , 0.

420

III

Windows Server 2008

, ,
(Add Mirror).
.
3. ,
, (Disk Management). ,
,
. .
4.
(Add Mirror). .
5. Boot.ini ,
. Boot.ini.


(Disk Management)
. , .
, :
1. (Disk Management)

(Remove Mirror). .
2. , .
3. . .


. , , .
,
.
.


RAID 5 .

(Failed Redundancy).
(Missing), (Offline)
() (Online (Errors)).

RAID

13

421

RAID 5
MBR GPT. RAID-5
. (Failed Redundancy).
:
(Missing) (Offline), . (Disk Management),
(Reactivate Volume). (Regenerating), (Healthy). (Healthy),
(Regenerate Parity).
() (Online (Errors)),

(Reactivate Volume). (Regenerating), (Healthy).
(Healthy), (Regenerate Parity).
(Unreadable),
. (Action) (Disk Management) (Rescan Disks). , .
,
RIAD 5. (Remove Volume). RAID 5 . , ,
, RAID 5. ,
(Repair Volume) , , .
. , -
.

LUN
(LUN) (SAN). LUN ,
, .

422

III

Windows Server 2008

, LUN .
, LUN :
.
.
.
LUN ,
. , LUN, LUN.
LUN,
LUN . , LUN
.
LUN, .
, , , .

. 13-6. Fibre Channel iSCSI SANs


SAN (Storage Manager For SANs)

Windows Server 2008


SAN (Storage Manager For SANs), . 13-6.
SAN Fibre Channel Internet Small
Computer System Interface (iSCSI), (VDS)
VDS. ,
SAN (Storage Manager For SANs) (Add Features Wizard).
,
(Administrative Tools) (Storage)
(Server Manager) SAN (Storage Manager For SANs).

RAID

13

423

SAN Fibre Channel


Fibre Channel , SAN, LUN (host bus adapter, HBA).
, LUN, , HBA- LUN. ,
SAN (Storage Manager For SANs) HBA- Fibre Channel.
, WWN-.
Fibre
Channel, :
1. SAN (Storage Manager For
SANs) LUN (LUN Management).
(Action)
(Manage Server Connections).
2. (Manage Server Connections) (Add).
3. (Add Server)
IP- .
.
4. .
5. OK. .
(Fibre Channel Ports).
, :
1. SAN (Storage Manager For
SANs) LUN (LUN Management).
(Action)
(Manage Server Connections).
2. . (Fibre Channel Ports) (Add)
WWN- .
3. .
4. OK.
Fibre Channel LUN, :
1. SAN (Storage Manager For
SANs) LUN (LUN Management).
(Action)
(Manage Server Connections).

424

III

Windows Server 2008

2. . (Fibre Channel Ports) , .


3. OK.
, , -. - .

SAN iSCSI
iSCSI LUN, iSCSI, . ,
(target).
iSCSI , . IP-,
iSCSI, , iSCSI-
, .
,
. iSCSI , LUN.
, LUN.
, SAN iSCSI, LUN
iSCSI. , LUN, SAN (Storage
Manager For SANs) iSCSI,
, , . ,
LUN.
iSCSI,
:
1. SAN (Storage Manager For
SANs) LUN (LUN Management).
(Action)
(Manage Server Connections).
2. (Manage Server Connections) (Add).
3. (Add Server) IP . .
4. .

RAID

13

425

5. OK. .
- (Initiator Adapters).
iSCSI LUN, :
1. SAN (Storage Manager For
SANs) LUN (LUN Management).
(Action)
(Manage Server Connections).
2. . - (Initiator Adapters) , .
, , -.
- .

3. OK.


iSCSI,
iSCSI (Manage iSCSI Targets). SAN (Storage Manager For SANs) LUN (LUN Management).
(Action) iSCSI (Manage iSCSI Targets). ,
, :
(Add), iSCSI.
(Add Target)
, IP-, , OK.
iSCSI
(Remove), .
(Remove Target) , OK.

, , LUN
SAN,
(Manage Server
Connections). SAN (Storage
Manager For SANs) LUN (LUN Management).
(Action)
(Manage Server Connections).
:
LUN (Create LUN), LUN (Create LUN Wizard). -

426

III

Windows Server 2008

, LUN, ,
LUN. LUN ,
, LUN.
LUN (Create LUN),
LUN.
(Action) LUN
(Extend LUN). LUN.
(Action) LUN
(Assign LUN), LUN (Assign LUN
Wizard). , , LUN. LUN (Assign
LUN) .
(Action) LUN
(Delete LUN). LUN,
OK.


SAN (Storage Manager For SANs)
LUN , .
SAN
(Storage Manager For SANs). , . . ,
LUN , LUN .

SAN (Storage Manager For SANs), :
1. SAN (Storage Manager For
SANs) LUN (LUN Management).
(Action)
(Manage Server Connections).
2. (Manage Server Connections) (Manage Clusters).
3. (Manage Clusters)
(Add).
4. , .
5. , .
6. OK, . OK.
, (Manage Server Connections). LUN,
.

14

Windows Server 2008


. ,
NTFS, , . ,
(File Server Resource Manager), (File Services).


(file screening) .
,
15.
.
:
.

,
() .

.
, , .
.
, .
Windows Server 2008
. 14-1. (File Server Resource
Manager) .
, , .

428

III

Windows Server 2008

. 14-1.


(Block Executable Files)


(Block Audio And Video Files)


(Block Image Files)


(Block E-Mail Files)


(Monitor
Executable And System Files)

:
( );
, ;
( ,
, , , ).
. 14-2 , . (File
Server Resource Manager)
.
. 14-2.

.aac, .aif, .aifft, .asf, .asx, .au, .avi, .flac, .m3u, .mid, .midi, .mov,
.mp1, .mp2, .mp3, .mp4, .mpa, .mpe, .mpeg, .mpeg2, .mpeg3, .mpg,
.ogg, .qt, .qtw, .ram, .rm, .rmi, .rmvb, .snd, .swf, .vob, .wav, .wax,
.wma, .wmv, .wvx

.temp, .tmp, ~*

.bat, .cmd, .com, .cpl, .exe, .inf, .js, .jse, .msh, .msi, .msp, .ocx, .pif,
.pl, .scr, .vb, .vbs, .wsf, .wsh

.bak, .bck, .bkf, .old

.ace, .arc, .arj, .bhx, .bz2, .cab, .gz, .gzip, .hpk, .hqx, .jar, .lha, .lzh,
.lzx, .pak, .pit, .rar, .sea, .sit, .sqz, .tgz, .uu, .uue, .z, .zip, .zoo

.acm, .dll, .ocx, .sys, .vxd

.asc, .text, .txt

Office

.doc, .dot, .mad, .maf, .mda, .mdb, .mdm, .mdt, .mdw, .mdz, .mpd,
.mpp, .mpt, .pot, .ppa, .pps, .ppt, .pwz, .rqy, .rtf, .rwz, .slk, .vdx,
.vsd, .vsl, .vss, .vst, .vsu, .vsw, .vsx, .vtx,.wbk, .wri, .xla, .xlb, .xlc,
.xld, .xlk, .xll, .xlm, .xls, .xlt, .xlv, .xlw

14

429

. 14-2. ()

.asp, .aspx, .cgi, .css, .dhtml, .hta, .htm, .html, .mht, .php, .php3,
.shtml, .url

.bmp, .dib, .eps, .gif, .img, .jfif, .jpe, .jpeg, .jpg, .pcx, .png, .ps, .psd,
.raw, .rif, .spiff, .tif, .tiff

.eml, .idx, .mbox, .mbx, .msg, .ost, .otf, .pab, .pst


. . ,
.
- . ,
, - ,
, ,
.
. . 14-3
. ,
:

.

, .
. 14-3.


(File Screening
Audit)

. , .
,


(Large Files)

. ,
.
, .

5 .

430

III

Windows Server 2008

. 14-3. ()

(Least Recently
Accessed Files)

,
. ,
. ,
.

,
90 .


(Quota Usage)

,
.
. ,
,

(Most Recently
Accessed Files)

, . . ,
. ,
.


(Files By Owner)

. , .
,
,


(Files By File Group)

. ,
.
,

-
(Duplicate Files)

,
.

-


. (Administrative Tools)

(File Server Resource Manager)
(File Services). (File Server Resource Manager),
(. 14-1):

14

431

(Quota Management) Windows Server 2008 ( 15).


(File Screening Management) .
(Storage Reports Management) Windows Server 2008.

. 14-1. (File Server Resource Manager)


,


:
, , .
, .
:
( ), , , ( , ,
).
, .
,
.
.
.



, , .
, .

432

III

Windows Server 2008

SMTP-.
, , SMTP- , - ,
. , :
1. (File Server
Resource Manager). (Action)
(Configure Options).
(File Server Resource Manager Options).
(Email Notifications), . 14-2.

. 14-2.
(Email Notifications)

2. IP- SMTP- (SMTP Server Name Or IP


Address) FQDN- , ,
mail.cpandl.com, IP- , , 192.168.10.52.
3. - (Default Administrator Recipients)
, , filescreens@cpandl.com.
,
, . -

14

433

.
.
4. (Default From
E-Mail Address) , . , , .
5. ,
(Send Test E-Mail).
. ,
, SMTP-.
6. OK.

(File Server Resource


Manager)
:
, , ,
.
.
Local Service, Network
Service (Local System).

.
, ,
.
, ,
.
, :
1. (File Server
Resource Manager). (Action)
(Configure Options).
2.
(File Server Resource Manager Options)
(Notification Limits).
3. :
(Email Notification) .
(Event Log Notification)
, .

434

III

Windows Server 2008

(Command Notification)
.
(Report Notification) .
4. OK.

,
(File Server Resource Manager Options). ,
, , .
, .
,
:
1. (File Server
Resource Manager). (Action)
(Configure Options).
2.
(File Server Resource Manager Options)
(Storage Reports).
3. ,
(Reports) (Review Reports).
4. , (Reports) (Edit
Parameters).
5. , (Close) OK.

,
%SystemDrive%\StorageReports. ,
:
1. (File Server
Resource Manager). (Action)
(Configure Options).
2.
(File Server Resource Manager Options) (Report Locations).
3.
(Report Locations).

14

435

,
(Browse), .
4. OK.
.
.

, , ,
(File Screen Auditing Report).
.
, :
1. (File Server
Resource Manager). (Action)
(Configure Options).
2. (File Server Resource Manager Options)
(File Screen Audit).
3. , (Record File Screening Activity In
Auditing Database). , .
4. OK.


,
.
(File Server Resource Manager) .
(File Server Resource Manager)
(File Screening Management),
(File Groups).
. 14-2.
,
:
1. (File Server
Resource Manager).
(File Server Resource Manager)
(File Screening Management),
(File Groups). ,
.
2. , .
, . 14-3.

436

III

Windows Server 2008

3. (Files To Include) , , ,
.pdf. , , Archive*.*. (Add). ,
.
4. (Files To Exclude) , , , .doc.
, , Report*.*. (Add). , , .
5. OK.

. 14-3.

, :
1. (File Server
Resource Manager).
(File Server Resource Manager)
(File Screening Management),
(File Groups).
2. (Action)
(Create File Group).
(Create File Group Properties).
3. (File Group Name)
.
4. (Files To Include) , , ,

14

437

.pdf. , , Archive*.*. (Add). ,


.
5. (Files To Exclude) , , , .doc.
, , Report*.*. (Add). , , .
6. OK.


, , , ,
, . (File Server
Resource Manager), (File Server Resource Manager)
(File Screening Management),
(File Screen Templates).
. 14-1.
, :
1. (File Server
Resource Manager).
(File Server Resource Manager)
(File Screening Management), (File Screen Templates). ,
, .
2. ,
. , . 14-4.
3. (Settings) ,
, .
4. (E-mail Message)
:
, (Send E-Mail To The Following Administrators)
. . [Admin Email]
, .

438

III

Windows Server 2008

,
, (Send E-Mail To The User Who Attempted To Save An
Unauthorized File). (Subject)
(Message Body) .
. 14-4 .

. 14-4. , , ,

5. (Event Log)
. (Send Warning To Event Log), .
(Log Entry)
. . 14-4.
6. (Report) (Generate
Reports), .
. %SystemDrive%\StorageReports\Incident.
, , . [Admin
Email] , .
7. OK.

14

439

. 14-4.

[Admin Email]

[File Screen Path]

,
, , C:\Data

[File Screen Remote


Path]

,
, , \\server\share

[File Screen System Path]

,
, , \\?\VolumeGUID

[Server Domain]

[Server]

[Source File Owner


Email]

[Source File Owner]

[Source File Path]

[Source Io Owner Email]

[Source Io Owner]

[Source Process Id]

(PID),

[Source Process Image]

[Violated File Group]

, :
1. (File Server
Resource Manager).
(File Server Resource Manager)
(File Screening Management), (File Screen Templates).
2. (Action)
(Create File Screen Template). (Create File Screen Template).
3. 48 .

440

III

Windows Server 2008


, . (File
Server Resource Manager)
.
(File Server Resource Manager) (File Screening Management),
(File Screens). ,
, .
.
, , :
1. (File Server
Resource Manager).
(File Server Resource Manager)
(File Screening Management), (File Screens).
2. (Action)
(Create File Screen).
3. (Create File
Screen) (Browse)
(Browse For Shared Folder).
4. (Derive Properties) ,
.
5. (Create).


, . NTFS,

.
, :
1. (File Server
Resource Manager).
(File Server Resource Manager)
(File Screening Management), (File Screens).
2. (Action) (Create File
Screen Exception).

14

441

3. (Create File Screen Exception) (Browse)


(Browse For Folder).
4. , .
5. OK.


, (Report) .
.
(File Server Resource Manager) .
(File Server Resource Manager)
(Storage Reports Management).
,
:
1. (File Server
Resource Manager).
(File Server Resource Manager) (Storage Reports Management).

. 14-5.

442

III

Windows Server 2008

2. (Action)
(Schedule A New Report Task). (Storage
Reports Task Properties), . 14-5.
3. (Settings), (Scope)
(Add). (Browse For Folder)
,
. , .
4. (Report Data) .
5. (Report Formats) ,
, DHTML.
6. Windows Server 2008 %SystemDrive%\StorageReports\
Scheduled.
, (Delivery) (Send
Reports To The Following Administrators).
, ,
.
7. (Schedule) (Create Schedule). (Schedule) (New) .
8. OK.
:
1. (File Server
Resource Manager).
(File Server Resource Manager) (Storage Reports Management).
2. (Action)
(Generate Reports Now).
(Storage Reports Task Properties).
3. (Settings), (Scope)
(Add). (Browse For Folder)
,
. , .
4. (Report Data) .
5. (Report Formats) ,
, DHTML.
6. Windows Server 2008 %SystemDrive%\StorageReports\Interactive. -

14

443

, (Delivery)
(Send Reports To The Following
Administrators). ,
, .
7. OK. ,
, .
OK.

15

Microsoft Windows Server 2008 :


(Public).
, , , .
, .
.
,
exFAT, FAT FAT32, NTFS. exFAT, FAT FAT32 : . ,
NTFS, : NTFS . ,
, .
, .
(Public). (Public).
(Public) , , ( ). , (Public) .
:
,
.


, , . , Windows 2008, :

15

445

, .
,
.
NTFS. .
(Public) ,
,
, %%\Users\Public.
,
, ,
(Public). (Public) (Public), .
, (Public) .
,
(Public) .

.

. (Public)
,
. (Public) .
, (Public)
, .

. Windows (Windows Explorer),
(Start) (Computer). (Public).
,
, %%\Users\Public.
(Public) ,
:
(Public Desktop)
. , (Public Desktop),
, , ,
(Public) .
(Public Documents), (Public Music),
(Public Pictures), (Public Videos)

446

III

Windows Server 2008

-. , , ,
, ,
(Public) .
(Public Downloads) . , (Public Downloads), ,
, , (Public) .
(Public) , .
(Public)
(Public), .
(Public):

, , .
, (Everyone) (Read & Execute) (Read) ,
(Read & Execute), (List Folder Contents)
(Read) .
, ,
, , .
(Everyone) (Full Control) .
Windows Server 2008 ,
, (Public).
,
, ,
. , .
(Network And Sharing
Center) . , . (On) (Off), . 15-1.

15

447

. 15-1.
(Network And Sharing Center)

,
:
1. (Network And
Sharing Center), (Start) (Network), (Network)
(Network And Sharing Center).
2. (File Sharing) . , ,
(File Sharing). ,
(Apply):
(Turn
On File Sharing), .
(Turn
Off File Sharing), .
3. (Public), , (Public Folder Sharing). , (Apply):

448

III

Windows Server 2008

, (Turn On Sharing So Anyone With Network Access Can


Open Files) (Public)
,
. Windows
.
, , (Turn On Sharing So Anyone
With Network Access Can Open, Change, And Create Files)
(Public), ,
, .
Windows .
(Turn Off Sharing)
(Public), .
, , -
(Public) .
4. (Printer Sharing)
. .
, (Apply):

(Turn On Printer Sharing), .

(Turn Off Printer Sharing), .
5. ,
, . ,
, ,
(Password Protected
Sharing). ,
(Apply):

(Select Turn On Password Protected Sharing), .

(Select Turn Off Password Protected Sharing), .


.
, , .

15

449



(Computer Management)
(Share And Storage Management). , , net share.

(Computer Management), :
1. . , (Computer Management)
(Connect To Another Computer).
(Another Computer),
IP- , ,
OK.
2. (System Tools) (Shared Folders), (Shares).
(. 15-2).

. 15-2. (Shared Folders)

(Shares) :
(Share Name) .
(Folder Path)
.
(Type) , ,
, Macintosh Windows.
(# Client Connections)
, .
(Description) .

450

III

Windows Server 2008

Windows (Type) ,
, Windows Macintosh. Macintosh (Type) ,
Macintosh.

(Share And Storage Management), :


1. . ,
(Share And Storage
Management) (Connect To Another Computer).
(Another Computer), IP- , , OK.

. 15-3. (Shares),

2. (Shares) (. 15-3).
:
(Share Name) .
(Protocol) ,
(SMB NFS).
(Local Path)
.
(Quota) , .

15

451

(File Screening) , .
(Shadow Copies)
, .
(Free Space) ()
, .
,
.
NFS UNIX. NFS
, NFS
NFS (Services for Network File System). SMB Windows.
Windows Vista Windows Server 2008 SMB version 2,
. Windows Vista SP1 , Windows
Server 2008, SMB Helper Class, Network Diagnostics
Framework (NDF). ,
.
, , ()
, ()
, ()
,
.


Windows Server 2008
Windows (Windows
Explorer), (Computer Management)
(Share And
Storage Management).
(Computer
Management),
.
(Share And Storage Management),
: NTFS,
, , . ,
, , NFS
DFS.
Windows Server
2008, (Administrators)
(Server Operators).
(Computer Management),
:

452

III

Windows Server 2008

1. . (System Tools), (Shared Folders), (Shares).


.
2. (Shares) (New Share). (Create A Shared Folder Wizard).
(Next).
3. (Folder Path) , . , , C:\Data\CorpDocuments. ,
(Browse),
(Browse For Folder). OK (Next).
, . (Yes).

4. (Share Name) , . 15-4. , .


.

. 15-4.
(Create A Shared Folder Wizard)
, Windows (Windows Explorer)
, $. ,
PrivEngData$, Windows
(Windows Explorer), Net View .
,
. ,
$ .

15

453

5. (Description). , ,
(Computer Management).
6. .
, , , (Change)

(Offline Settings).

. 15-5.
(Permissions)

7. (Next) . .
(. 15-5):
(All Users Have
Read-Only Access) . ,
.
,
(Administrators Have Full Access; Other Users Have ReadOnly Access)
. ,
. NTFS
.
,
, .

454

III

Windows Server 2008

, (Administrators Have Full Access; Other Users Have No Access)


.
(Customize Permissions) ,
.
,
.
8. (Finish). (Sharing Was Successful).
(Finish).
Windows (Windows Explorer), .
,
Active Directory. .
Active Directory, (Computer Management) (Properties).
(Publish) Active Directory (Publish This Share In Active Directory)
. OK.



. ,
, , :
4, , ,
.
5, , ,
.



.
(Read)
.
(Full Control).

15

455

NTFS , ,
. FAT .


:
(No Access)
.
(Read) :
;
;
;
.
(Change)
(Read), :
;
;
;
.
(Full Control)
(Read) (Change),
( NTFS-):
;
.
, ,
.
9.


,
:
1. (Computer Management) , .
2. (System Tools) (Shared Folders), (Shares).
3. , , (Properties).
4. (Share Permissions), . 15-6.

456

III

Windows Server 2008

, ,
.

. 15-6. (Share Permissions)


,


,
(Computer Management), :
1. , ,
(Properties).
2. (Share Permissions).
3. (Add). : , (Select Users, Computers, Or
Groups), . 15-7.
,
(Check Names).
, .
,
.
(Locations), .

15

457

,
OK. ,
,
.

. 15-7. ,
(Locations)
. , .
Windows Server 2008 .

4. OK. (Group Or User Names).


5. ,
.
. ,
.
6. , OK. , NTFS,
.


, , , (Computer Management), :
1. , ,
(Properties).
2. (Share Permissions).
3. (Group Or User Names)
, , .
4.
(Permissions).

458

III

Windows Server 2008

5. , .
, OK.


(Computer Management)
, , , :
1. , ,
(Properties).
2. (Share Permissions).
3. (Group Or User Names)
, (Remove).
4.
. , OK.


Windows Server 2008 (administrative shares) (hidden shares),
. , Windows Server 2008. (
, $ .)
, ,
. . , :
HKLM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters\
AutoShareServer
HKLM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters\AutoShareWks

.
. 15-1 .

15

459

. 15-1. Windows Server 2008

ADMIN$

,
.
(%SystemRoot%)

FAX$

IPC$




(IPC)

NETLOGON

Net
Logon

Net Logon

. (Everyone)
(Read)

PRINT$

. (Everyone)
(Read). ,
(Full
Control)

PUBLIC


(Public)

SYSVOL

Active
Directory

Active Directory

,

.
C$, D$, E$ . .


$.
Windows (Windows Explorer), , ,
. :
1. (Start) (Computer). (Computer)
(Map Network Drive). , . 15-8.

460

III

Windows Server 2008

2. (Drive) . .
3. (Folder) UNC- . , C$ Twiddle \\TWIDDLE\C$.
4. (Finish).

. 15-8.

,
, . , ,
. , ,
.


(Computer Management) Windows Server 2008.
Windows
Server 2008 , (Sessions).

net session :
1. (Computer Management) , .
2. (System Tools) (Shared Folders), (Sessions). . (Sessions) :

15

461

(User) , . $, .
(Computer) .
(Type) .
(# Open Files) , .
(Open Files).
(Connected Time) ,
.
(Idle Time) ,
.
(Guest) , .



. , , . ,
,
, .
.

,
net session \\ /delete
:
1. (Computer Management) , .
2. (System Tools) (Shared Folders), (Sessions).
3. ,
(Close Session).
4. (Yes).

, :
1. (Computer Management) , .

462

III

Windows Server 2008

2. (System Tools) (Shared Folders),


(Sessions).
3. (Disconnect All Sessions)
(Yes), .
, ,
. , .


, ,
, ,
(Open Files). , (Open Files) , , .
(Open Files), :
1. (Computer Management) , .
2. (System Tools) (Shared Folders), (Open Files). , :
(Open File)
. , ,
\PIPE\spools, .
(Accessed By) , .
(Type) .
. (# Locks) .
(Open Mode) , ,
, /.

,
:
1. (Computer Management) .
2. (System Tools) (Shared Folders), (Open Files).
3. , ,
(Close Open File).
4. (Yes).

15

463

, :
1. (Computer Management) .
2. (System Tools) (Shared Folders), (Open Files).
3. (Disconnect All
Open Files) (Yes), .


, :
1. (Computer Management) , ,
(Shares).
2. , ,
(Stop Sharing). (Yes).
! ,
. ,
Windows Server 2008 .
(System) .

NFS
12
NFS (Services for Network File System).
Windows/UNIX,
Windows Server 2008 UNIX NFS.
Windows (Windows Explorer)
NFS , NTFS. , NTFS- NFS
(Share And Storage Management).
NFS Windows
(Windows Explorer), :
1. , ,
(Properties).
.

464

III

Windows Server 2008

2. NFS (NFS Sharing)


NFS (Manage NFS Sharing).
3. NFS
(NFS Advanced Sharing)
(Share This Folder), . 15-9.

. 15-9. NFS
Windows UNIX

4. (Share Name) ,
, , UNIX.
NFS
, ,
.
5. ,
, ANSI. UNIX , (Encoding).
6. NFS,
(Allow Anonymous
Access),
.
7. UNIX
NFS.
, (Permissions),
NFS (NFS Share Permissions) , OK.
, ,
.
8. OK,
.

15

465

NFS Windows (Windows


Explorer), :
1. , ,
(Properties).
.
2. NFS (NFS Sharing)
NFS (Manage NFS Sharing).
3. NFS
(NFS Advanced Sharing)
(Share This Folder).
(Share And
Storage Management) NFS NFS.
NFS (Shares) (Properties).
(Encoding) NFS (NFS Sharing).
NFS,
NFS (NFS Permissions) (Permissions).
NFS,
NFS (Shares)
(Stop Sharing). (Yes), .


, ,
.
, , .

(Previous Versions) . Windows Server
2008 , (
) .


NTFS-. , NTFS. ,
NTFS, .
.

466

III

Windows Server 2008

,
( ),
7:00 24:00. 100 .
,
. , , .
, (Shadow
Copies). , ,
Windows (Windows Explorer) (Computer Management). (Properties)
(Shadow Copies).
(Select A Volume) :
(Volume) NTFS- .
(Next Run Time) (Disabled) .
(Shares) .
(Used) , .

(Shadow Copies Of Selected Volume), .


NTFS-, :
1. (Computer Management).
.
2. (Storage)
(Disk Management). .
3. (Disk Management), (All Tasks)
(Configure Shadow Copies).
4. (Shadow Copies)
(Select A Volume) , .
5. (Settings),
. , OK.
6. , ,
(Enable). (Yes), .

15

467

, ,
.
, ,
OK, (Settings).



(Previous Versions) .
, :
1. , . (Properties)
(Previous Versions).
2. . . , ,
:
(Open) Windows
(Windows Explorer).
(Copy)
(Copy Items),
.
(Restore)
.


Windows Server 2008 ,
. , , ,
, .
,
:
1. (Computer Management).
.
2. (Storage).
(Disk
Management), (All Tasks) (Configure Shadow Copies).
3. (Shadow Copies)
(Select A Volume) , .

468

III

Windows Server 2008

4. (Shadow Copies Of Selected Volume). , , (Revert).


5. ,
(Check Here If You Want To Revert This Volume),
(Revert Now). OK.


, , .
. .
, :
1. (Computer Management).
.
2. (Storage).
(Disk Management), (All Tasks)
(Configure Shadow Copies).
3. (Shadow Copies)
(Select A Volume) , .
(Shadow Copies
Of Selected Volume) , ,
(Delete Now).


, . , .
, :
1. (Computer Management).
.
2. (Storage).
(Disk
Management), (All Tasks) (Configure Shadow Copies).
3. (Shadow Copies)
(Select A Volume) , ,
(Disable).
4. (Yes), . OK.

15

469


. ,
.

, Windows Server 2008.
,
.


Windows Server 2008
NET USE:
net use \\\

*, , \\\ UNC-
, :
net use g: \\ROMEO\DOCS

net use * \\ROMEO\DOCS


, /Persistent:Yes.

Windows Vista,
:
1.
Windows (Windows Explorer).
2. (Tools)
(Map Network Drive). .
3. (Drive) .
4. (Folder) UNC- .
, DOCS ROMEO,
\\ROMEO\DOCS. , (Browse). , OK,
(Browse For Folder).
5. , ,
(Reconnect At Logon). , .
6. ,
(Different User Name)

470

III

Windows Server 2008

. OK,
(Connect As).
7. (Finish), .


:
1.
Windows (Windows Explorer).
2. (Tools) (Disconnect Network Drive). (Disconnect Network Drive).
3. , , OK.

,
Windows Server 2008 - . , , NTFS- Active Directory. NTFS
. Active Directory
, ,
, .
.


NTFS- Active Directory,
. . ,
. 15-2.
. 15-2. Windows Server 2008

NTFS

Windows (Windows Explorer)

Server

Windows (Windows Explorer),



(Computer Management)

Windows

(Registry Editor)


(Security Configuration Tool Set)

(Printers)

15

471


. Windows Server 2008
. , . , .
. , , . , ,
. , .
.
(Administrators),
, .
:

(Administrators), ,
- .

(Take Ownership),
.
,
.
, :
1. . , Windows (Windows Explorer).
2. , .
3. (Properties). (Security).
4. (Advanced Security Settings), (Advanced).
5. (Owner) (Edit),
(Owner), . 15-10.
6. (Change Owner To)
OK.
,
, ,
(Replace Owner On Subcontainers And Objects).
, :
.

472

III

Windows Server 2008

. 15-10. (Owner)


.
. . , C:\
C:\Data C:\Backups. ,
C:\Data C:\Backups, , C:\.
.
, Windows Server 2008
. , . .
, :
1. .
2. , .
3. , . , , .

, :
1. . , Windows (Windows Explorer).
2. , .

15

473

3. (Properties). (Security).
4. (Advanced), (Advanced Security
Settings).
5. (Permissions) (Edit),
(Permissions).
6. ,
(Include Inheritable Permissions From This
Objects Parent). OK.


NTFS ,
. , :
1. Windows (Windows Explorer)
.
2. (Properties). (Security).
3. , , . , .


. 15-3.
(Full Control),
(Modify), (Read & Execute), (Read)
(Write). (Full Control),
(Modify), (Read & Execute), (List Folder Contents), (Read) (Write).
. 15-3. Windows Server 2008

(Read)

(Write)


(Read & Execute)


,
;

474

III

Windows Server 2008

. 15-3. ()


(List Folder
Contents)


,
;

(Modify)

(Full
Control)

, ,

,
,

, :
(Read). .

(Read).
, .
, .
. . 15-4 ,
.
,
. , :
, , , .
, , , ,
. , GeorgeJ (Read) Techies, (Modify), GeorgeJ
(Modify). Techies, ,
(Administrators), (Full Control), GeorgeJ .

15

475

. 15-4.

(Full
Control)

(Modify)


(Read
& Execute)

/

(Traverse Folder /
Execute File)

/

(List Folder / Read
Data)


(Read Attributes)


(Read Extended
Attributes)


/
(Create Files/Write
Data)


/
(Create Folders/
Append Data)


(Write Attributes)


(Write Extended
Attributes)


(Delete
Subfolders and Files)

(Delete)


(Read Permissions)


(Change Permissions)


(Take Ownership)

(Read)

(Write)

476

III

Windows Server 2008

. 15-5 , .
:
,
, (Reset Permissions On All Child Objects And Enable Propagation Of
Inheritable Permissions).
.
.
. 15-5.

(Read)

(Write)

(Full
Control)

(Modify)


(Read &
Execute)


(List Folder
Contents)

/
(Traverse Folder/Execute File)

/ (List Folder
/Read Data)


(Read Attributes)

(Read Extended
Attributes)


/
(Create Files/
Write Data)


/
(Create Folders
/Append Data)


(Write Attributes)

15

477

. 15-5. ()

(Full
Control)

(Modify)

(Write Extended
Attributes)


(Delete
Subfolders And
Files)

(Delete)

(Read
Permissions)

(Change
Permissions)


(Take Ownership)


(Read &
Execute)


(List Folder
Contents)

(Read)

(Write)


, :
1. Windows (Windows Explorer)
.
2. (Properties).
(Security).
3. (Edit), (Security), . 15-11.
4. , ,
(Group Or User Names).
:
, .

478

III

Windows Server 2008

(Permissions)
.
.
, .

. 15-11.
(Security)

5. , , (Add).
: , (Select Users,
Computers, Or Groups), . 15-12.

. 15-12. , ,

6. ,
(Check Names).
, .

15

479

,
. (Locations), .
,
OK. ,
,
.
(Locations)
. , .
Windows Server 2008 .

7. , ,
. (Permissions), . , .
8. , OK.


, Windows Server
2008, , , , ,
. ,
, ,
.
(Event Viewer).
, ,
, (Administrators), , (Manage Auditing And Security Log).



. - . ,
Active Directory.
, . .
GPO, , :

480

III

Windows Server 2008

1. (Computer Configuration),
Windows (Windows Settings), (Security Settings) (Local Policies). (Audit Policy), . 15-13.

. 15-13.

2. :
(Audit Logon Events)
, ,
.
(Audit Object Access)
, , ,
Active Directory.
(Audit Directory Service Access)
Active Directory.
.
(Audit Policy Change)
, .
(Audit Privilege Use)
,
.
(Audit Privilege Use)
, , ,
.
.

(Audit Process Tracking) .


(Audit System Events)
, , ,
.

15

481

(Audit Account Logon Events) ,


.
(Audit Account Management)
Active Directory (Active
Directory Users And Computers).
, ,
.
3. ,
(Properties).
.
4. (Define These Policy Settings), (Success),
(Failure) .
, , .
, , .
5. , OK.
(Security Event)
:
560 562, ;
592 593, .



(Audit Object Access), , .
.
NTFS-.
, :
1. Windows (Windows Explorer)
, .
(Properties).
2. (Security) (Advanced).
(Advanced Security Settings).
3. (Auditing) (Edit).

, . 15-14.

482

III

Windows Server 2008

. 15-14. (Auditing)

4. , , , (Include Inheritable Auditing Entries


From This Objects Parent).
5. ,
,
,
(Replace all existing inheritable auditing entries on all descendants with inheritable auditing entries from this object).
6. (Auditing Entries) ,
, .
, (Auditing Entries) (Remove).
7. , (Add)
: , (Select User, Computer, Or Group) . OK,
(Auditing Entry For), . 15-15.

15

483

. 15-15. ,
, (Everyone).
( ), .

8. (Apply Onto).
9. (Successful) (Failed)
( ) , . ,
, . ,
, . , ,
, . 15-5,
. :
(Write Attributes) ;
(Write Extended Attributes)
;
(Delete Subfolders and Files) ;
(Delete) ;
(Change Permissions) .
10. , OK.
, .

484

III

Windows Server 2008


(Audit Object Access), .
, .
, :
1. regedit.
2. , .
(Edit) (Permissions).
3. (Permissions For)
(Advanced). (Advanced Security Settings)
(Auditing).
4. (Add). : ,
(Select User, Computer, Or Group)
(Everyone), (Check Names) OK.
5. (Auditing Entry For)
, . :
(Set Value) ;
(Create Subkey) ;
(Delete) .
6. OK.
7. OK,
.

Active Directory
(Audit Object Access), Active Directory.
.
Active Directory,
:
1. Active Directory (Active
Directory Users And Computers) (View)
(Advanced Features), , .
2. , ,
(Properties).
3. (Security) (Advanced).
4. (Advanced Security Settings) (Auditing).

5.

6.

7.
8.

9.

15

485

,
, , (Include Inheritable Auditing Entries
From This Objects Parent).
(Auditing Entries) ,
, .
, (Auditing Entries) (Remove).
, (Add)
: , (Select User, Computer, Or Group) . OK,
(Auditing Entry For).
(Apply Onto).
(Successful) (Failed)
( ) , . ,
, . , ,
.
, OK.
, .

NTFS
Windows Server 2008 :
NTFS Windows
Server 2008 . . ,
.
Windows Server 2008
. , , .

, ,
.
NTFS.
NTFS. FAT FAT32.

486

III

Windows Server 2008

NTFS
NTFS, , , ,
.
NTFS :
(disk quota limit) ,
, .
(disk quota warning)
.
. ,
. ,
, .
.

NTFS ,
.
, .
. , , ,
20 100 .
, , 5 25 , .
. ,
9095% .
NTFS
. , , .
. , , 1, ,
. , , . .
,
. , -

15

487

( ).
NTFS :

, .
Windows , Windows. .
.
,
. , .
, , , .
.
. :

.
,
.
. , ,
, .
, Windows Server 2008
SID. , .
SID , Windows Server
2008 SID
.
Active Directory.
, Windows Server 2008
, .
. , . (Refresh)
(View) F5.

488

III

Windows Server 2008

NTFS
NTFS . ,
, .
, .
, NTFS, \
\\ (Computer Configuration\Administrative Templates\System\Disk Quotas). . 15-6.
. 15-6. NTFS


(Enable Disk Quotas)


NTFS-


(Enforce Disk Quota Limit)


.

.
,
(Quota) NTFS-



(Default Quota Limit And
Warning Level)



(Log Event When Quota Limit
Exceeded)

,


(Log Event When Quota Warning
Level Exceeded)


(Apply Policy To
Removable Media)

,
NTFS- .
,


. , ,
. -

15

489

NTFS. ,
:
1. , , . \ \ (Computer Configuration\Administrative Templates\System) (Disk
Quotas).
2. (Enable Disk
Quotas). (Setting)
(Enabled) OK.
3. (Enforce Disk
Quota Limit).
NTFS- , (Enabled).
(Disabled) . OK.
4.
(Default Quota Limit And Warning Level). , . 15-16,
(Enabled).

. 15-16.
(Default Quota
Limit And Warning Level)

5. (Default Quota Limit)


,
.
. 5001000 .

490

6.

7.

8.

9.

III

Windows Server 2008

, ,
, .

.
,
(Setting). 90% . ,
1000 900 .
OK.
(Log Event When Quota Limit Exceeded).
(Application), (Enabled) OK.
, (Log Event When
Quota Warning Level Exceeded).
(Application), (Enabled) OK.
(Apply Policy To Removable Media)
(Disabled),
.
, \ \\ (Computer Configuration\Administrative Templates\System\Group
Policy), (Disk
Quota Policy Processing). (Enabled)
, (Process
Even If The Group Policy Objects Have Not Changed). OK.

NTFS-
NTFS
NTFS-.
,
(Computer Management).
(Enforce Disk Quota Limit), . , (Quota) NTFS-, .

NTFS-,
:
1. (Computer Management).
.

15

491

2. (Storage)
(Disk Management). , , .
3. (Volume List) (Graphical View) ,
, (Properties).
4. (Quota)
(Enable Quota Management), . 15-17.
, (Quota) ,
.
.

. 15-17. ,

(Quota),
(Status) . . ,
, (Status) ,
. ,
, (Status) , . , .

5. , (Limit Disk Space To),


, , , ,

492

III

Windows Server 2008

. (Set Warning Level To). , 90-95% .



, . (Quota Entries).
, .

6.
,
(Deny Disk Space To Users Exceeding Quota Limit).
,
( ).
7. , (Log Event). OK, .
8. , . OK, Windows Server 2008
.
, , ,
,
(Application).


. , ,
, . , ,
, . ,
.
,
.
.
, :
1. (Computer Management).
.
2. (Storage)
(Disk Management). , , .

15

493

3. (Volume List) (Graphical View) ,


, (Properties).
4. (Quota) (Quota Entries). .
, , . OK ,
. , ,
.


,
. . , , , , . . ,
. -
, .
. , , ,
,
, .
, :
, . , ,
, . ,
, .
(, ). , ,
, , .

, :
1. (Quota Entries),
.
. , F5
(View) (Refresh).
2. , .
(Quota) (New Quota Entry).
: (Select Users).
3. (Check Names). ,
OK. ,
. , OK.

494

III

Windows Server 2008

4. , (Add New Quota Entry), . 15-18. ,


(Do Not Limit Disk
Usage). , (Limit Disk
Space To) . OK.

. 15-18. (Add New Quota Entry)


, ,


, . , , .
, .

, :
1. (Quota Entries),
. . ,
F5 (View) (Refresh).
2. , ,
Delete (Quota)
(Delete Quota Entry). Shift Ctrl
.
3. (Yes), .
(Disk Quota) , .
4. , (List Files Owned By)
, . ,
.

15

495

Shift
Ctrl. :
(Permanently Delete Files)
(Delete).
(Yes),
(Take Ownership Of Files)
, ,
(Take Ownership).
(Move Files To) ,
.
, (Browse),
(Browse For Folder). ,
(Move).
5. , OK. , .

NTFS
, .
NTFS. , :
1. (Quota Entries),
. . ,
F5 (View) (Refresh).
2. (Quota) (Export).
(Export Quota Settings).
, , , (File
Name). (Save).
.
. , ,
.

3. (Quota) (Close),
(Quota Entries).
4. (Computer Management).
(Connect To Another
Computer). (Select Computer)
, , , ,
.

496

III

Windows Server 2008

5. .
(Quota) (Quota Entries). (Quota Entries) .
6. (Quota) (Import). (Import Quota Settings)
. (Open).
7. ,
. , (Yes), , (No), .

NTFS
, .
, . . , , .
, :
1. (Computer Management).
.
2. ,
.
3. (Quota) (Enable Quota Management). OK. OK.


Windows Server 2008 (File
Server Resource Manager). .
NTFS, . ,
. : NTFS
.



Windows Server 2008 . ( ) ( ).

15

497

,
. ,
,
.
. , ,
.
Windows Server 2008 . 15-7.
(File Server Resource Manager) . , , .
. 15-7.

100
(100 MB Limit)

100

200

(200 MB Limit
Reports To User)

200

, ,

200
50
(200 MB Limit With
50 MB Extension)

200

DIRQUOTA
,
, 50


250 (250 MB
Extended Limit)

250

,

200 250


200
(Monitor 200 GB
Volume Usage)

200

500 (Monitor 500 MB Share)

500

:
.
.
.

498

III

Windows Server 2008

.
100%. 100% . ,
, 85% 90% ,
100% .
, , .
,
, .


,
, . (File Server Resource Manager) .
(Quota Management)
(Quota Templates). . 15-7.

. 15-19. ,

, :
1. (File Server Resource
Manager) (Quota Management)
(Quota Templates).

15

499

, .
2. ,
. , . 15-19.
3. (Settings) ,
. . , (Edit).
, (Add).
4. , OK, .
,
:
1. (File Server Resource
Manager) (Quota Management)
(Quota Templates).
2. (Action)
(Create Quota Template).
(Create Quota Template).
3. (Settings) ,
. , . (Limit). : , ,
.
4. (Add), .
(Add Threshold)
, (Generate Notifications When Usage Reaches).
100%.
5. (E-mail Message)
:
,
(Send EMail To The Following Administrators)
, . [Admin
Email] ,
.
,
, (Send E-Mail To The
User Who Exceeded The Threshold).
(Subject)
(Message Body).
. 14-6.
6. (Event Log)
. -

500

III

Windows Server 2008

(Send Warning To Event Log)


(Log Entry).
. 14-6.
7. (Report) (Generate
Reports), . . %SystemDrive%\StorageReports\Incident. ,
. [Admin
Email] ,

8. 57, .
9. , OK.


.
(File Server Resource Manager) . (Quota Management) (Quotas).
,
, .
,
, :
1. (File Server Resource
Manager) (Quota Management)
(Quotas).
2. (Action)
(Create Quota).
3. (Create Quota) . (Browse)
(Browse For Folder) , , C:\Data. OK.
4. (Derive
Properties From This Quota Template) ,
.
5. (Create).

16

, . .
, ,
. .


.
. , . ...
, . , .


. , ,
. :
? , . , , , ,
. .
, , ,
. ,
.
? , , .
,
.

502

III

Windows Server 2008

?
. , , , .
? . ,
.
, .
?
.
. , , .
? .
(), . , , .
? , ,
.
? ,
. . .
?
. ,
.


. ,
, , , , . .
Windows (Windows
Explorer), (Archive). ,
, .
, .
:
, , (Archive).
(Archive)

16

503

. , , .
(Archive).
(Archive)
. .
, .
(Archive) , . , .
.
, . (Archive) , .
. (Archive) . , .
. , .
(Archive) .
,
, .

, , .
. . , .

.


.
, . 16-1. , ,
( ,
).
,

504

III

Windows Server 2008

( , , , ).
. 16-1.

, , .
.


. . , .
,
:
, . ?
.
?

16

505


?
, .
?
?


, , , . ,
,
.
:
()
, . , .
, , .
24 72 . . .
DAT DAT
. DAT.
DLT SDLT. SDLT 320 600 160 300 320 600
. LTO. LTO-3 400
800 .


, .
, .
DAT DLT,
SDLT LTO. DLT 45
. ,
.
. SDLT LTO 100 , .

, -

506

III

Windows Server 2008

, .
,
.
.
. RAID,
.
, Windows .
. 20 500 /,
40 2 /.
, ,

. ,
. .
.

.
, DAT,
.



. . , ,
.

.
, , .
. 5 (
). ,
. ,
.
, , .
, 8 5 . 24/7,

16

507

.
14 : 7 .
. .

. , .
.


Windows Server 2008 . ,
. Windows Server 2008
:
Windows Server (Windows Server Backup)
, . ,
(Administrative
Tools). ,
(Server Manager).
, Wbadmin.
Wbadmin
.
wbadmin /?.
Windows , , - , .

Windows Server (Windows Server Backup). , , .
Windows Server (Windows Server Backup) .
Windows Server (Windows Server Backup) VSS (Volume
Shadow Copy Service) , , .
,
Windows Server (Windows Server Backup)
.
Windows Server (Windows
Server Backup) , -

508

III

Windows Server 2008

. ,
, DVD . DVD
. DVD , , .
Windows Server (Windows
Server Backup) .
.

Windows Server (Windows Server


Backup) .
,
, ,
. ,
Windows Server (Windows Server Backup) Windows, , .
, .
VSS Windows Server (Windows Server Backup)
, ,
Microsoft SQL Server Windows SharePoint Services.
Windows Server (Windows Server
Backup) .
,
.
,
Windows Server (Windows Server Backup)
.
. ,
Windows Server (Windows Server Backup)
. ,
Windows Server (Windows Server Backup) .

:
Windows
Server 2008 Windows
Server (Windows Server Backup). , ,
, .

16

509


Windows Server
Windows Server 2008, 32-, 64-.
Windows Server 2008
Core. , Windows Server
Core, .
Windows, :
1. (Server Manager) (Features) (Add Features).
(Add Features Wizard).
2. (Select Features)
Windows (Windows Server
Backup Features). Windows Server (Windows Server Backup)
(Command-Line Tools). (Next).
3. (Install). (Close). (Administrative
Tools) Windows Server
(Windows Server Backup).
Windows Server (Windows Server
Backup) (Wbadmin.exe) , (Ntbackup.exe). Ntbackup.exe Windows Server
2008 . Ntbackup.
exe , Windows.
Windows Server 2008.

Windows Server
Windows Server
(Windows Server Backup), ,
(. 16-1). ,
(Backup Once) (Backup Schedule).

510

III

Windows Server 2008

. 16-1. Windows Server ,



.
(Administrators) (Backup Operators)

. , , ,
(Read), (Read & Execute), (Modify)
(Full Control).
,
, .

, (Domain Administrators)
.

,
:
, .

.
. , .

16

511

Windows Server VSS.


Windows Server (Windows Server Backup) ,
.
,

. ,
,
, . Windows Server (Windows
Server Backup),
. ,

,
. , . Windows
Server , (Task Scheduler) Wbadmin .
Windows Server
(Windows Server Backup) . , :
1. Windows Server (Windows Server Backup). (Action)
(Connect To
Another Computer).
2. (Another Computer), IP-. , (Browse),
OK.
3. (Finish), .
Windows Server
(Windows Server Backup)
. (Archive), .
,
.
, :
1. Windows Server (Windows Server Backup). (Action)

512

III

Windows Server 2008

(Configure Performance Settings).


(Optimize Backup Performance), . 16-2.
2. , OK:

(Always Perform Full Backup)
.

(Always Perform Incremental Backup)
.
(Custom),
,
.
3. , . (Action)
(Backup Once). ,
(Action)
(Backup Schedule).

. 16-2.


Wbadmin
Windows Server .
,
, , .

16

513

(Backup CommandLine Tools), , Wbadmin


%SystemRoot%\System32\. , :
1. (Start) (All
Programs) (Accessories).
2. (Command
Prompt) (Run As
Administrator).
3. Wbadmin
.
Wbadmin , . 16-2.
. 16-2. Wbadmin

DELETE SYSTEMSTATEBACKUP

DISABLE BACKUP

ENABLE BACKUP

GET DISKS


, , ,
GUID,

GET ITEMS

GET STATUS

GET VERSIONS

,
,

START BACKUP

.
, ,

START RECOVERY

START SYSTEMSTATEBACKUP

START SYSTEMSTATERECOVERY

STOP JOB

514

III

Windows Server 2008

Wbadmin,
:
, wbadmin /?.
, wbadmin
/?, , ,
wbadmin stop job /?.
, . :
wbadmin get versions [-backupTarget:{ | }]
[-machine:]

backupTarget machine. ,
,
:
wbadmin get versions

F: :
wbadmin get versions -backuptarget:f:

F: Server96 :
wbadmin get versions -backuptarget:f: -machine:server96

backupTarget machine.
backuptarget , . , , F:, , , \\FileServer32\backups\Server85.
machine , .

Wbadmin
Wbadmin .

.


, :
GET DISKS , , , GUID, .
wbadmin get disks

16

515

GET ITEMS .
wbadmin get items -version:
[-backupTarget:{ | }]
[-machine:]

GET STATUS .
wbadmin get status

GET VERSIONS ,
, .
wbadmin get versions [-backupTarget:{ | }]
[-machine:]

:
DELETE SYSTEMSTATEBACKUP .
wbadmin delete systemstateBackup [-backupTarget:{}]
[-machine:]
[-keepVersions: | -version:
|
-deleteOldest]
[-quiet]

DISABLE BACKUP .
wbadmin disable backup [-quiet]

ENABLE BACKUP
.

wbadmin enable backup [-addTarget:{}]


[-removeTarget:{}]
[-schedule:]
[-include:]
[-allCritical]
[-quiet]

START BACKUP .
, , .
wbadmin start backup [-backupTarget:{ | }]
[-include:]

516

III

Windows Server 2008

[-allCritical]
[-noVerify]
[-user:_]
[-password:]
[-noinheritAcl]
[-vssFull]
[-quiet]

STOP JOB . .
wbadmin stop job [-quiet]

:
START RECOVERY ,
.
wbadmin start recovery -version:
-items: | |

-itemType:{ | | }
[-backupTarget:{ | }]
[-machine:]
[-recoveryTarget: | ]
[-recursive]
[-overwrite:{ | | }]
[-notRestoreAcl]
[-skipBadClusterCheck]
[-noRollForward]
[-quiet]

START SYSTEMSTATEBACKUP
.

wbadmin start systemstateBackup -backupTarget:{}


[-quiet]

START SYSTEMSTATERECOVERY .
wbadmin start systemstateRecovery -version:
-showSummary
[-backupTarget:{ | }]
[-machine:]
[-recoveryTarget:]
[-authSysvol]
[-quiet]

16

517


,
. ,
Windows. , , , , .

DVD, .
, , ,
. , .
, , ,
. :
, ,
. , , ,
Windows.

, .
Windows,

. Windows
,
.
,
.
,
, .

. , :

, .
, .

,

518

III

Windows Server 2008

Windows (Windows Explorer).


,
.
. , .
DVD , .
1 .
.
Windows Server
(Windows Server Backup) Wbadmin .


Windows Server (Windows Server
Backup) .
:
1. Windows Server (Windows Server
Backup) . .
2. (Action)
(Backup Schedule). (Backup Schedule Wizard). (Next).
3. (Select Backup Type), ,
(Full Server). , , .
(Full Server) (Next). (Custom)
(Next).

, ,
, . ,
, , Windows Server 2008 D,
C, .

16

519

4. (Custom), (Select Backup Items).


, ,
, , .

5. (Specify Backup Time)


. (Once
A Day) .

(More Than Once A Day),
. (Available Time)
, (Add), (Scheduled Time).
.
(Next).

6. (Select Destination Disk) , .


,
(Show All Available Disks). , .
512 , . .
Windows Server (Windows Server Backup) .

7. (Next), , , . (Yes).

520

III

Windows Server 2008

8. (Destination Disk) . , ,
, , .
, . .
9. (Confirmation) , (Finish).
.
.
10. , (Close). .
Wbadmin ENABLE BACKUP. :
addTarget GUID
, . GUID , GET DISKS.
removeTarget , , GUID .
include , , GUID.
allCritical .
quiet .
ENABLE BACKUP.
21:00 C: D:, :
wbadmin enable backup -addtarget:{06d88776-0000-0000-0000-000000000000}
-schedule:18:00 include:c:,d:

6:00 21:00, :
wbadmin enable backup -addtarget:{06d88776-0000-0000-0000-000000000000}
-schedule:06:00,18:00 allcritical


, :
1. Windows Server (Windows Server Backup). . .

16

521

2. (Action)
(Backup Schedule). (Backup Schedule Wizard). (Next).
3. (Schedule Backup
Settings) (Modify Backup),
,
. 4. ,
(Stop Backup). (Next) (Finish).
.
.
- .

4. (Select Backup Type), ,


(Full Server). , , .
(Full Server) (Next). (Custom)
(Next).
5. (Custom), (Select Backup Items).
, ,
, .
6. (Specify Backup Time)
. (Once
A Day) .
(More Than Once A Day),
. (Available Time) , (Add),
(Scheduled Time).
. (Next).
7. (Add Or Remove Backup Disks) ,
(Next):
(Do Nothing),
.
(Add More Disks),
.
(Select Destination Disk)

522

III

Windows Server 2008

,
. (Next),
, ,
. (Yes).
(Destination Disk)
. (Next).
(Remove
Current Disks),
.
(Remove Current Disks) ,
.
8. (Confirmation) (Finish). . (Summary) (Close).
Wbadmin
ENABLE BACKUP. addTarget removeTarget.

. .
, :
wbadmin enable backup -removetarget:{06d88776-0000-0000-0000-000000000000}

, :
wbadmin enable backup -addtarget:{41cd2567-0000-0000-0000-000000000000}

,
:
wbadmin enable backup -schedule:03:00 include:c:,d:,e:

Wbadmin
, START BACKUP
Wbadmin. :
backupTarget . UNC- , .
include , , GUID.
allCritical .
inheritAcl ,
. -

16

523

, , user,
.
noVerify , ,
, . , , .
password .
quiet .
user .
vssFull
VSS. . ,
.
START
BACKUP:
:
wbadmin start backup -backuptarget:f: -vssfull

C: D: F:
wbadmin start backup -backuptarget:f: -include:c:,d:

:
wbadmin start backup -backuptarget:f: -allcritical

C: D: :
wbadmin start backup -backuptarget:\\fileserver27\backups -include:c:,d:
-user:williams

, (Task Scheduler), :
1. (Start), (Administrative Tools) (Task Scheduler).
. .
2. (Task Scheduler)
(Create Task). (Create Task).
3. (General) .
,
(Change). :

524

4.

5.

6.
7.

III

Windows Server 2008

(Select User Or Group) , .


.
.
, .
, (Run Whether User Is Logged On Or Not).
, ,
Windows.
(Triggers) (New). (New Trigger) (Begin The Task)
(On A Schedule). OK.
(Actions) (New).
(New Action) (Action) (Start A Program).
(Programm/Script) %windir%\
System32\wbadmin.exe.
(Add Arguments) START
BACKUP , :
start backup -backuptarget:f: -include:c:,d:,e:\mountpoint,\\?\
volume{be345a23-32b2-432d-43d2-7867ff3e3432}\

8. OK, (New
Action).
9. (Conditions)
.
10. (Settings)
.
11. OK, .


, :
1. Windows Server (Windows Server Backup). . .
2. (Action)
(Backup Once). (Backup Once Wizard). (Next).

16

525

3. ,
(Backup Schedule
Wizard), (The Same Options). (Next) (Backup), . .
4. , (Different Options) (Next).
5. (Select Backup Type) (Full Server). ,
, .
, (Full Server)
(Next). (Custom) (Next).
6. (Custom), (Select Backup Items).
, , , .
,
(Enable System Recovery).
(Next).
7. (Specify Destination Type)
:

(Local Drives)
(Next). (Backup
Destination) , DVD-
.
DVD- .
DVD , .
,
.
,
(Verify After Writing). (Next).

(Remote Shared Folder)
(Next). (Specify
Remote Folder) UNC- , ,
\\FileServer43\Backups. ,
,
, (Access Control)
(Inherit).

526

III

Windows Server 2008

, (Do Not
Inherit). (Next).
, ,
.
8. (Specify VSS Backup
Type) ,
VSS. VSS (Copy Backup),
. VSS (VSS Full Backup)
.
9. (Next) (Backup).
.
(Close), .


Windows Vista, Windows Server 2008 .
, . , .
Windows Server 2008 , . -
. ,
/ .
,
, Windows Server 2008
, , .
.
Windows Server 2008 , , ,
. Windows Server 2008 , .
,
.
Windows Server 2008 .

16

527

.
, , Windows Server
2008 . ,
Windows Server 2008 .
.
Windows , .

. Windows Server 2008
(Restart Manager). . , , .
(Problem Reports And
Solutions). ,
(Problem Reports And Solutions).
. , :
1. (Start) (Control Panel).
2.
(System Maintenance),
(Problem Reports And Solutions).
3. (Problem Reports And
Solutions) (See
Problems To Check) .
4. .
(Check For Solutions),
- .
Windows Server 2008 , - , Resource
Exhaustion Detection And Recovery. . ,
, ,
, , .
(System).
Windows . Windows

528

III

Windows Server 2008

Server 2008 , .
, , Windows Server 2008
Startup Repair Tool (StR),
.
StR ,
, . StR , ,

.
, , .
, .
, , .
, , .
, , , ,
, .
. ,
(Reliability
And Performance Monitor), 4.
, , . , , . , ,
, Windows
(Windows Memory Diagnostics) , . ,
, :
1. (Start). (Search) mdsched.
exe Enter.
2. .

16

529

3. Windows
(Windows Memory Diagnostics) .
: .
- Microsoft Online
Crash Analysis. - , , .


,
. Windows Server
2008 , , , , . , .

, . ,

.
,
:
1. .
2. F8, (Advanced Boot Options).
3. , ,
Enter. .
:
(Safe Mode)
,
. , , ,
. .
(Safe Mode With
Networking) , ,
, .
(Safe Mode
With Command Prompt) ,
, Windows
. .
(Safe Mode With
Command Prompt) Explorer .
Ctrl+Shift+Esc, (File) (Task
Manager) (New Process) explorer.exe.

530

III

Windows Server 2008

(Enable Boot Logging) , ,


.
(Enable Low Resolution Video)
(640480). , ,
.
(Last Known Good Configuration) , , Windows
. HKEY_CURRENT_
CONFIG ,
.
(Debugging Mode)
. .
(Directory Services Recovery Mode)
.
Windows Server 2008.
(Disable Automatic Restart On System Failure) Windows Server 2008 .
(Disable
Driver Signature Enforcement)
, .

, ,


.
, . , .


Windows Vista, Windows Server 2008
Windows
(Windows Error Recovery). .
(Safe
Mode), (Safe Mode With

16

531

Networking) (Safe
Mode With Command Prompt). Windows.
.
(Advanced Boot Options), , F8 Windows (Windows Error Recovery).


Windows Server 2008 50000 ,
x86 4
.
Wbadmin. START
SYSTEMSTATEBACKUP, START SYSTEMSTATERECOVERY
.
(Directory Services Restore).
Active Directory .

:
wbadmin start systemstatebackup -backupTarget:

, , F:.
:
wbadmin start systemstaterecovery -backupTarget:

, , , F:. , :
recoveryTarget,
.
machine, ,
.
authorsysvol
Sysvol.

Active Directory
, , . .

532

III

Windows Server 2008

Active Directory , . ,
, Active Directory. , Active Directory .
, .
! Active
Directory . , , ,
, .

Active Directory
, :
1. , .
2. . F8, (Advanced Boot Options).
3. (Directory
Services Restore Mode).
4. .
5. , ,
Ntdsutil. Active Directory.
6. . Active Directory .


, Windows Server 2008 , .
, . ,
, Windows Server 2008 .
Windows :
Windows Complete PC (Windows Complete PC
Restore)
.

16

533

, ,
.
, , , . , .
Windows (Windows Memory Diagnostics)
. : ,
.
, , , , .
X:\Sources\Recovery\StartRep.exe (Startup Repair)
, Windows
,
(BCD).
X:\Sources\Recovery\recenv.exe (Startup Recovery Options) Startup Recovery Options. , .
Windows , Windows Server (Windows
Server Backup). . . , Windows Server , .
,

.

, , .
, , ,
. ,
.


:
1. Windows CD- DVD- . ,
-. Windows.
2. (Next).
3. (Repair Your Computer). Windows .

534

4.

5.

6.

7.

8.

III

Windows Server 2008

(System Recovery Options Wizard).


, :
. (Next).
(System Recovery
Options) Windows Complete
PC (Windows Complete PC Restore). .

() (Use The Latest Available Backup (Recommended))
(Restore A Different Backup).
(Next).
, (Select The Location Of
The Backup) :
,
, (Next).
(Select The Backup
To Restore) ,
(Next).
(Advanced)
, (Next).
. (Next).
(Choose
How To Restore The Backup)
(Next):

(Format And Repartition Disks),
.
(Exclude Disks)
,
. , ,
.
(Install Drivers),
.
(Advanced), ,

.
(Finish).
Windows Complete PC (Windows Complete PC Restore) .

16

535

, ,
Windows Server 2008 , ,
. ,
, (Recovery Wizard)
Windows Server (Windows Server
Backup). , , ,
, Windows Server 2008.
, ,
,
, .
, DVD .
, , , :
1. Windows Server (Windows Server Backup). (Action)
(Recover). (Recovery Wizard).
2. (Getting Started) , ( ), (Next). , FileServer18
WebServer84.
(Another Server), , .
3. , , . (Next), .
(Select Backup Location) .
(Specify Remote Folder) ,
. \WindowsImageBackup\ComputerName.
4. ,
,
(Select Backup Location) .
5. (Select Backup Date)
, .
. (Next).
6. (Select Recovery Type) :

536

III

Windows Server 2008

(Files And Folders) (Next).


(Select Items
To Recover) (Available Items)
+,
. ,
. , ,
(Next).
, ,
(Volumes) (Next).
(Select Volumes)
.
, .
(Destination Volume), ,
. (Next).

(Applications) (Next).
(Select Application)
(Application) , .
(Next). , ,
,
.
7. (Specify Recovery
Options) (Recovery
Destination) , :
( ) . , (Browse), .
,
.
8.
(When Backup Finds Existing Files And Folders) , , .
,
, .
9. (Confirmation) (Recover), .

16

537


EFS,
. , , EFS
EFS. .


.
, , .
,
. ,
.
. , , , ,
. , , ,
. .
(EFS). EFS .
, EFS . Windows XP SP1
Windows
AES. AES Windows 2000 Windows
XP SP1. , AES,
, , . IIS 7 AES .
.
,

,
.
.

, .
,

. , ,
.

538

III

Windows Server 2008

EFS ,
. ,
. ,
. , , .

FAT FAT32 (
).

(recovery agent). ,
, .
. . .
EFS :

Windows
Server 2008. .
, .

,
. .
,
, .
, , .

EFS
. ,
.
, , :

16

539

1. ,
, , . 5
2. (Computer Configuration), Windows (Windows Settings), (Security Settings)
(Public Key Policies).
(Encrypting File System), EFS. , . , , , , .
3. ,
(Encrypting
File System) (Add Data Recovery Agent).
(Add Recovery Agent Wizard),
, , .
(Next). (Select Recovery
Agents) (Browse Directory) : ,
(Find Users, Contacts, And Groups). OK, (Next) (Finish).
, . (Certificates) EFS (EFS Recovery Agent).
, .
EFS
Cipher.exe.

4. ,
Delete. (Yes),
.
, EFS , .



, ,
. , , EFS, ,
.
.

540

III

Windows Server 2008

( ) (
) , .
, .

, ,
. . ,
, .

.
.


(Certificates).
.pfx.
, :
1. , ,
. (Start), (Search)
mmc Enter. MMC.
2. (File) (Add/Remove Snap-In).
(Add Or Remove Snap-Ins).
3. (Available Snap-Ins) (Certificates) (Add). (My User Account)
(Finish). (Certificates)
(Selected Snap-Ins).
4. OK,
(Add Or Remove Snap-Ins).
5. (Certificates Current User) (Personal), (Certificates).
, ,
(All Tasks) (Export). (Certificate Export Wizard).
6. (Next) , (Yes, Export The Private Key).
(Next).

16

541

7. (Next), , .
8. .
.
.pfx.
9. (Next) (Finish). , . OK, .


, .
, , .
, :
1. pfx-
, .
. ,
.

2. (Certificate) (My User Account),


.
3. (Certificates
Current User) (Personal).
(All Tasks)
(Import). (Certificate Import
Wizard).
4. (Next) .
5. (Open) (Browse)
.
(Open).
6. (Next).
(Next).
7. (Personal). (Next) (Finish).
, . OK.

IV


Windows Server 2008

17. TCP/IP ................................................................... 544


18. ............. 559
19. DHCP .................................................................... 595
20. DNS ................................................................................. 632

17

TCP/IP


, Microsoft Windows
Server 2008. TCP/IP. , TCP/IP , .
TCP/IP , .
TCP/IP . , ,
\ \\ (User Configuration\Administrative Templates\Network\Network
Connections) \ \\ (Computer Configuration\Administrative Templates\System\
Group Policy). 5.

Windows Server 2008


Microsoft Windows Server 2008 Windows. Windows Server 2008 , :
(Network Explorer) .
(Network And Sharing
Center) .
(Network Map) ,
.
(Network Diagnostics)
.
,
Windows Server 2008,
:

TCP/IP

17

545

(Network Discovery) Windows


Server 2008,
.
(Network Awareness)
Windows Server 2008, .
Windows Vista SP1 , Windows
Server 2008, . , ( , ),
,
. Windows ( ).

, ,
Windows Server 2008. Windows
:
;
.
,
. :
,
. .

.
,
.
.

.
, ,
. . , .
.
.
, . , , , ,
.

546

IV

Windows Server 2008

, Windows Server 2008 . , :



;
.
, :

;
.
(Network), . 17-1,
.
(Network Explorer), (Start)
(Network).
(Network Explorer) . , . (Turn On Network Discovery),
.
Windows.
, . , , 15.

. 17-1. (Network Explorer)

(Network And
Sharing Center), . 17-2,
. (Network And Sharing Center), (Start) (Network).
(Network And Sharing
Center) (Network Explorer).

TCP/IP

17

547

. 17-2.
(Network And Sharing Center)

(Network And Sharing Center) :


.
, .
. .
. (View Full Map),
(Network Map) .
. : , . (Access)
: (Local Only),
(Local And Internet) (Internet Only).
(Connection) , .
(Customize), , ( ) . (View Status), (Local Area Connection Status).

548

IV

Windows Server 2008

. ,
, , (Apply). ,
, (Network Discovery), (Turn On Network Discovery)
(Turn Off Network Discovery).
(Apply).
(Network And
Sharing Center) .
, Windows
(Windows Network Diagnostics).
.
(Network And Sharing
Center) . (Diagnose And Repair) .

Windows Vista
Windows Server 2008
Windows Vista Windows Server 2008 (IEEE 802.11)
\ Windows\
(Computer Configuration\Windows Settings\
Security Settings).
(IEEE 802.3) (Wired Network (IEEE 802.3)),
Windows Vista ,
IEEE
802.1X . (IEEE 802.11) (Wired Network (IEEE 802.11)),
Windows XP
Windows Vista , WLAN, .
Windows Vista SP1 , Windows Server
2008, .
(
Winlogon),
,
.

TCP/IP

17

549

Windows Vista SP1 , Windows Server


2008, ,
:
SSTP (Secure Socket Tunneling Protocol);
SRA (Secure Remote Access);
CAPI2 (CryptoAPI Version 2);
OCSP (Online Certificate Status Protocol);
Teredo;
RDP (Remote Desktop Protocol).
SSTP
HTTP HTTPS. SRA
HTTPS.
. SSTP SRA
PPTP L2TP/IPSec.
- TCP/IP,
, NAT .
SSTP HTTP SSL (TCP- 443), -. , -, https://, HTTPS SSL.
HTTP SSL VPN-. SSTP IPv4, IPv6,
IP-. , VPN,
. .
CAPI2 PKI X.509
, . . .
OCSP.
OCSP . , CAPI2
OCSP OCSP
. OCSP OCSP. OCSP, OCSP,
. OCSP OCSP URL,
.

550

IV

Windows Server 2008

IPv4-IPv6
Windows Vista SP1 , Windows Server 2008,
, IPv6
IPv4, , Teredo. Teredo
UDP, NAT.
NAT NAT. NAT
, .
Windows Vista SP1 , Windows Server
2008, RDP 6.1, RDP .
RDP
.
: ,
( ), ,
( ), , ( ).

TCP/IP
, TCP/IP . Windows Server 2008 TCP/IP
.
Windows Server
2008. TCP/IP .
TCP/IP Windows Server 2008,

:
1. (Start) (Network). (Network)
(Network
And Sharing Center) .
2. (Network And
Sharing Center) (Manage Network Connections).
3. (Network Connections)
(Properties).

(Local Area Connection Properties), . 17-3.

TCP/IP

17

551

. 17-3. TCP/IP
(Local Area Connection Properties)

4. IPv6 IPv4 . .
(Install). (Protocol)
(Add). (Select Network
Protocol) OK.
(IPv6 IPv4),
.
5. ,
(Local Area Connection Properties)
IPv6 IPv4. OK.
6.
.

TCP/IP
, . ,
.
, .
TCP/IP IP-.
Windows Server 2008 IP-:

552

IV

Windows Server 2008

IP-, ,
IP-. ,
. , IP-
Windows. .
IP-
DHCP- ( ). . IP- .
( IPv4)
DHCPv4, DHCPv4-, Windows Server 2008
IP-. IPv4 169.254.0.1 169.254.255.254
255.255.0.0. IPv4-, , .

IP-
IP- IP-
, , , . IP- . IP- , .
IPv6 IPv4. IPv6-
64 , 64 . IPv4-
, . ,
IPv4 10.0.10.0 255.255.255.0.
,
10.0.10.1 10.0.10.254. 10.0.10.255 .
, ,
IPv4-, . 17-1.
. 17-1. IPv4-

10.0.0.0

255.0.0.0

10.0.0.010.255.255.255

172.16.0.0

255.240.0.0

172.16.0.0172.31.255.255

192.168.0.0

255.255.0.0

192.168.0.0192.168.255.255

IPv4- .

TCP/IP

17

553

, IPv4-
.
PING

IP-, , DHCP. PING.


ping IP-, . ,
IPv4- 10.0.10.12 :
ping 10.0.10.12

IPv6- FEC0::02BC:FF:BECB:FE4F:961D
:
ping FEC0::02BC:FF:BECB:FE4F:961D

PING , IP- , .
PING ,
, IP- , , . PING .

.
IPv4 IPv6

. . IP :
1. (Start) (Network). (Network)
(Network
And Sharing Center) .
2. (Network And Sharing Center)
(Manage Network Connections). (Network
Connections) (Properties).
3. , IP TCP/IPv6 TCP/IPv4.
4. IPv6:
IPv6-
(Use The Following IPv6 Address) IPv6- IPv6 (IPv6 Address). IPv6- .
Tab. (Subnet Prefix
Length) .
(Subnet Prefix Length) -

554

5.

6.

7.
8.

9.

IV

Windows Server 2008

.
, .
.
IPv4:
IP- (Use
The Following IP Address) IPv4- IP-
(IP Address). IPv4-
.
Tab. (Subnet Mask)
.
,
. ,
.
TCP/IP-,
, IP- (Default Gateway).
DNS.
IP- DNS-.
, OK (Close). IP-,
.
WINS IPv4-.

IP-
IP-, IP- . IP- :
1. (Start) (Network). (Network)
(Network
And Sharing Center) .
2. (Network And Sharing Center)
(Manage Network Connections). (Network
Connections) . .
, . , .
(Properties).
3. , IP TCP/IPv6 TCP/IPv4.

TCP/IP

17

555

4. IPv6- (Obtain
An IPv6 Address Automatically) IP-
(Obtain An IP Address Automatically) IP-.
DNS- (Obtain DNS Server Address Automatically) DNS- (Use The Following DNS Server Addresses),
DNS-.
5. IPv4- .
(Alternate Configuration) IP- (Automatic
Private IP Address). OK, (Close)
.
6. IPv4- , , .
(Alternate Configuration) (User Configured) IP- (IP
Address) IP-. ,
. 17-1, .
7. , WINS.
, OK (Close).


Windows Server
2008 . Windows Server 2008 .
. . , Windows Server 2008 , .

.
DHCP, ,
DHCP-. IP- IP- , :
1. (Start) (Network). (Network) (Network And Sharing Center).

556

IV

Windows Server 2008

2. (Network And
Sharing Center) (Manage Network Connections).
(Network Connections)
(Properties).
3. , IP TCP/IPv6 TCP/IPv4.
4. (Advanced),
TCP/IP (Advanced TCP/IP Settings), . 17-4.

. 17-4.
TCP/IP (Advanced TCP/IP Settings)

5. (Default Gateway) , ( ). . (Add) (Gateway).


6. Windows Server 2008 , . (Automatic Metric) .
7. 56 .
8. OK (Close).

TCP/IP

17

557



. . .

,

,
:
1. (Start) (Network). (Network) (Network And Sharing Center).
2. (Network And
Sharing Center) (Manage Network Connections).
(Network Connections)
(Status).
(Local Area Connection Status).
3. ,
.
.
(Status).



. ,
:
1. (Start) (Network). (Network) (Network And Sharing Center).
2. (Network And
Sharing Center) (Manage Network Connections).
(Network Connections)
(Disable).
3. ,
(Network Connections) (Enable).

( , ), :

558

IV

Windows Server 2008

1. (Start) (Network). (Network) (Network And Sharing Center).


2. (Network And Sharing Center)
(Manage Network Connections). (Network
Connections) (Disconnect).
3. ,
(Network Connections) (Connect).


Windows Server 2008
. ,
(Network Connections), , (Rename)
.
,
.

18

, Microsoft Windows Server 2008,


:
.
.
.

(Print Services)

.
, . Windows Server . Windows Server 2008
.


:
,
,
.
,
.
.

, . . .

560

IV

Windows Server 2008

, .
,
.
, .
. Windows
Server 2008 .

.
.
, . .
, . ,
, .
,
.



.
, . , ,
, :
, . ,
. ,
.
.
, , .
.
, , ,
.
, , ,
, , .

18

561



, . Windows
Server 2008 (Winspool.drv)
, ,
, .
, , .

. , ,
Winspool.drv.


. , ,
.

.
( ) , . (job). ,
,
.
.

, , .
, .
, Windows Server 2008, . . DLL- . DLL-
, .
, . : , (), .

. , , :
\ \
(Computer Configuration\Administrative Templates\Printers).

562

IV

Windows Server 2008

\ \
\ (User Configuration\Administrative Templates\
Control Panel\Printers).
\ \
(User Configuration\Administrative Templates\
Start Menu And Taskbar).


,
(Print Services)
:
(Print Server)
(Print Management)
,
,
.
LPD (LPD Service) UNIX
LPR
.
(Internet Printing) -,
. , ,
,
IPP. - http:///Printers, , , http://PrintServer15/Printers
http://www.cpandl.com/Printers.
(Print Services) , :
1. (Server Manager)
(Roles) (Add Roles). (Add Roles Wizard). (Before You Begin),
(Next).
2. (Select Server Roles) (Print Services) (Next).
3. (Select Role Services) .
UNIX LPD (LPD
Service). (Next).
4. (Internet Printing) - (IIS) (Web Server (IIS)) Windows (Windows Process Activation

18

563

Service). , - (IIS) (Web Server (IIS)).


IIS , - Windows SharePoint. Microsoft IIS 7 Administrators Pocket Consultant (Microsoft, 2008).

5. (Next).
(Confirm Installation Options). (Install). ,
(Installation Results). ,
.


Windows Server 2008
. ,
:
1. (Start) (Network).
(Network Explorer) (Network And Sharing Center).
2. (Printer Sharing),
.
(Apply):
(Turn
On Printer Sharing), .

(Turn Off Printer Sharing),
.

(Print Management)
(Print Management)
.
(Print Services) (Print Management)
(Administrative Tools). .
(Print Management), .18-1, ,
. , . - , (Print Management)
, .

564

IV

Windows Server 2008

. 18-1. (Print Management)


(Print Management) ,
, . Windows 2000 . , ,
(Administrators)
, .
(Printers) ,
,
, .
(Printers)
(Show Extended View), ,
, , , , , .
-, - (Printer Web Page),
. -
, .
- .
(Print
Management), :
1. (Print Management)
(Print Servers) (Add/Remove Servers).

18

565

2. (Add/Remove
Servers), . 18-2,
.

. 18-2. (Print Management)

3. ,
(Add To List):

(Add Servers). .
(Browse),
(Select Print Server).
(Select Server).
4. , OK.
(Print
Management), :
1. (Print Management)
(Print Servers) (Add/Remove Servers).
2. (Add/Remove
Servers) . (Remove).


.
Windows Server 2008
. Windows Server
2008, (Administrators),

566

IV

Windows Server 2008

(Print Operators) (Server Operators). .


.


(Print Management)
(Print Management) , ,
, . ,
(Print Management) ,
.
, :
1. (Print Management) (Administrative
Tools).
2. (Print Servers)
, .
3. (Add Printer).
(Network Printer Installation Wizard).
4. (Print Installation) (Search The Network For
Printers) (Next).
5. . , IP- . , ,
(Next).
6. ,
.
(Close).




, USB
. . , , ,
. , , , .

18

567

,
.
, , ,
. plug
and play, ,
. , .
,
:
1. , USB-. .
2. Windows Server 2008 ,
.
, .
3. Windows Server 2008 , , .
4. .
(Print Management) (Print Servers)
, .
(Printers) , . ,
, (Manage
Sharing). (Sharing), . 18-3.
5. (Share this
Printer), Windows Server 2008 . ,
(Share Name).
Windows NT
. Windows
2000 256 , .
,
.

6. Active Directory
. Active Directory,
Active Directory (List In The Directory).
7. , Windows Server 2008
. x86.
, -

568

IV

Windows Server 2008

(Additional Drivers). (Additional Drivers) ,


. -
Windows Server 2008, . - Windows Server 2008
Windows. OK.

. 18-3.

, Windows . :
1. (Print Management)
(Print Servers) , .
2. (Printers)
(Add Printer).
(Network Printer Installation Wizard).
3. (Print Installation), .
18-4, , (Add A New Printer Using An Existing Port),
(LPT, COM USB). ,
.
Windows Server 2008 . (Next).

18

569

. 18-4.

4. (Printer Driver) :
Windows e
,

. , (Use The Printer Driver That The Wizard
Selected) .
, (Next).
, , (Use
An Existing Driver). ,
(Next).

, (Install
A New Driver). . 18-5,
. ,
HP LaserJet 8150 PCL 5.
HP, HP LaserJet 8150 PCL 5.
(Next). Windows Server 2008
.
,
(Have Disk).
, . .

570

IV

Windows Server 2008

. 18-5.

5. .
(Print Management).
6. , . ,
(Share This Printer) .
, .
7. . .
8. (Next).
9. Windows , ,
.
. , (Print Test Page)
(Finish). ,
(Add Another Printer) (Finish).
(Network Printer Installation Wizard) ,
(Printers) .
.
.
,
. .

. ,
.

18

571


,
.

. ,
, ,
.
,
:
1. (Print Management) (Print Servers) , .
2. (Printers) (Add Printer). (Network Printer Installation Wizard).
3. (Print Installation) TCP/IP- - IP-
(Add A TCP/IP Or Web Services Printer By IP Address
Or Hostname) (Next).
4. (Printer Address)
(Type Of Device) :
(Autodetect) ,
. Windows Server 2008
.
TCP/IP (TCP/IP Device) , , TCP/IP-.
- (Web Services Printer) , ,
.
5. IP- , , 192.168.1.90.
(Autodetect) TCP/IP (TCP/IP Device), .
.
,
. ,
.

6. (Next).
. , :
;
;
;
IP- .

572

IV

Windows Server 2008

7. , IP- , (Back) .
8. , . (Device Type) (Additional Port Information Required) (Standard)

. (Custom) (Settings),
, , SNMP.
9. (Printer Driver) :
Windows e
,
. , (Use The Printer Driver That The Wizard Selected) .
, (Next).
, , (Use
An Existing Driver). ,
(Next).

, (Install A New Driver).
. , HP LaserJet
8150 PCL 5. HP,
HP LaserJet 8150 PCL 5. (Next).
Windows Server 2008 .
,
(Have Disk).
10. , (Print Management).
11. , .
, (Share
Name) .
,
.
12. . .

18

573

13. (Next).
14. Windows , ,
. . , (Print Test Page)
(Finish). ,
(Add Another Printer) (Finish).

(Network Printer Installation Wizard) , (Printers) .
.
.
.


,
, .
. Windows Vista, :
1. , (Start)
(Control Panel).
(Printers), .
2. (Add A
Printer), (Add Printer Wizard). , Bluetooth (A Network, Wireless Or Bluetooth Printer)
(Next).
3. (Select A
Printer), (Next).
4. (Select A Printer) , (The Printer That I
Want Isnt Listed). TCP/IP (Find A Printer By Name Or TCP/IP Address)
:

(Browse For A Printer), (Next).
(Select).
, ,
(Select A
Shared Printer By Name).

574

IV

Windows Server 2008

UNC, , \\PrintServer12\Twelfth Floor NE,


, , http://PrintServer12/Printers/
IPrinter52/.printer.
TCP/IP- ,
TCP/IP- (Add A Printer Using A TCP/IP Address Or Hostname).
(Next). ,
IP- , , 192.168.1.90.
(Autodetect) TCP/IP (TCP/IP
Device) . (Next).
5. IP- (Type A Printer Hostname Or IP Address) .
. (Next)
(Finish). .
(Printers)
.
Windows XP, :
1. , (Printers And Faxes).
2. (Add Printer),
(Add Printer Wizard).
(A Network Printer)
(Next).
3. (Specify A Printer)
. :
Active Directory (Find A Printer In The Directory) , Active
Directory.

(Type The Printer Name, Or Click Next To Browse For
A Printer) ,
.
(Connect To A Printer On The Internet Or On Your Intranet)
, URL -.
4. OK.
5. , ,
(Yes) (No), (Next).
6. (Finish), . ,

18

575

(Printers And Faxes) .


. , , HP DeskJet ENGSVR01.


,
, .
,
. , , .
Windows . .
Windows Windows Vista, :
1. (Group Policy Management
Console) GPO , , , (Edit).
.
2. :
, (Computer Configuration) Windows (Windows
Settings). (Scripts).
, (User Configuration) Windows (Windows
Settings). (Scripts).
3. PushPrinterConnections.exe %SystemRoot%\
System32 Machine\Scripts\Startup, User\Scripts\Logon User\
Scripts\Logoff . , %SystemRoot%\Sysvol\Domain\Policies.
4. (Startup) (Logon)
(Properties).
5. : (Startup Properties)
: (Logon Properties) (Show Files).
Policies, .

576

IV

Windows Server 2008

6. : (Startup Properties)
: (Logon Properties)
(Add). (Add Script).
7. (Script Name) PushPrinterConnections.
exe OK.
Windows Vista , :
1. (Print Management)
(Print Servers) , .
2. (Printers).
, , (Deploy With Group Policy).
(Deploy With Group Policy), . 18-6.

. 18-6. GPO

3. (Browse).
(Browse For Group Policy Object) GPO OK.
4. (Deploy This
Printer Connection To The Following) :
,
,
(The Users That This GPO Applies To).
, ,
(The Computers That This GPO Applies To).

18

577

5. (Add).
6. 35, GPO.
7. OK, GPO. ,
.
(Details). GPO, . ,
.


(Point and
Print Restrictions) . Windows XP Professional , . Windows Vista

, . . 18-1.
. 18-1.

...

Windows XP Windows Server 2003



. Windows Vista

. Windows Vista


Windows XP
.
Windows Vista

Windows XP
.
Windows Vista

, Windows Vista Windows Server 2008 , -

578

IV

Windows Server 2008

, . , , Windows, , .
(Point and Print Restrictions), , ,
,
. ,
.
,
, .

(Point and Print Restrictions) ,
:
1. (Group Policy Management
Console) GPO , , , (Edit).
.
2. \ \ (User Configuration\
Administrative Templates\Control Panel)
(Printers).
3.
(Point and Print Restrictions).
4. : (Point
And Print Restrictions Properties), . 18-7,
(Enabled).

. 18-7.

18

579

5. , , .
,
FQDN- , . .
6. ,
. , .
.
7. Windows Vista .
.
8.
Windows Vista
. .
9. OK.


, , , ,
(Printer Migration Wizard).
.
,
, , ,
, .
, :
1. (Print Management)
(Export Printers To A File). (Printer Migration Wizard).
2. ,
. (Next).
3. (Select The File Location)
(Browse).
, .
(Open).
4. .printerExport.
, (Next).
5. , (Open Event Viewer), , -

580

IV

Windows Server 2008

.
, .
(Event Viewer).
6. (Exporting) (Finish), (Printer Migration Wizard).
7. (Print Management)
(Import Printers From A File).
(Printer Migration Wizard).
8. (Select The File Location)
(Browse).
(Open).
9. (Next). ,
, (Next). (Select Import Options) (Import
Mode) :
; (Keep
Existing Printers; Import Copies) , ,
. ,
.
(Overwrite Existing Printers) ,
,
.
10. (List In The Directory)
:
,
(List Printers That Were Previously Listed) Active Directory
, .
(List All Printers) Active Directory .
(Dont List Any Printers)
Active Directory.
11. (Next), . ,
(Open Event Viewer), ,
. ,

. (Event
Viewer).

18

581

12. (Importing) (Finish), (Printer Migration Wizard).


,
, .
.
(Print Management) (Custom
Filters). (Custom Filters)
,
, .
(Print Management) :
(All Printers) , , .
(All Drivers) , , .
(Printers Not Ready) , (Not Ready), , .
(Printers With Jobs) ,
, .
, :
1. (Print Management)
(Custom Filters) (Add New Printer Filter). (New Filter Wizard).
2. (Printer Filter Name
And Description) . ,
, ,
(Display The Total Number Of Printers).
(Next).
3. (Define A Printer Filter) , , . ,
. (Next).
, (Queue Status). . : (Output Bin Full), (Ready), (Busy),
(Paper Jam), - (IO Active), (Initializing),
(Out Of Memory), (Not Available),
(Paper Problem), (Out Of Paper), (No Toner/Ink), -

582

IV

Windows Server 2008

(Processing), (Waiting), (Offline), (Door Open),


(Error), (Printing), (Paused), (Warming Up),
(Toner/Ink Low), (User Intervention Required), (Manual Feed Required), (Deleting).
, . , , , (Ready),
(Initializing), (Processing), (Printing), (Warming Up), (Deleting).

4. (Set Notification) ,
,
. (Finish), .
, :
1. (Print Management)
(Custom Filters). , . (Properties).
2. .
:
(General) .
.
(Filter Criteria)
. .
(Notification) .
.


Windows Server 2008 (Print Spooler). , .
(Print Spooler), (Services).
(Print Spooler) :
1. (Administrative Tools)
(Computer Management).
2. , (Computer Management)
(Connect To Another Computer).
, .

18

583

3. (Services And Applications)


(Services).
4. (Print Spooler).
(Restarted). ,
(Print Spooler)
(Start). (Startup Type) (Automatic). , (Print Spooler)
(Startup Type) (Automatic).
.
. . (Print Spooler).
.
.


. , :
1. (Print Management)
(Print Servers) , .
2. (Printers).
(Properties).
.


, .
, , .
, . . , Microsoft Word
(Print).

(General) ,
(Comments) (Location).

Active Directory
Active Directory
. Active Directory,
:
1. (Sharing).

584

IV

Windows Server 2008

2. Active Directory (List In Directory) OK.


Windows Server 2008 .
Windows .

.

, :
1. (Advanced).
2. (Driver)
.
3.
, (New Driver).
(Add Printer Driver Wizard). (Next).
4. (Have Disk),
.
5. (Install From Disk)
, , (Browse),
(Locate
File). OK.
6. (Next) (Finish).

, , ,
, . ,
.
, , , .
, :
1. , ,
(Properties).
2. (Sharing) (Additional Drivers).
3. (Additional Drivers) , .
- Windows Server 2008, -

18

585

. - Windows Server 2008


Windows.

-

Windows Server 2008 - :
, ;
, , , (PostScript PCL).
- ,
:
1. (Advanced), - (Separator Page).
2. - (Separator Page)
. ,
:
Pcl.sep PCL
- .
Pscript.sep PostScript,
-.
Sysprint.sep PostScript
- .
Sysprintj.sep Sysprint.sep.
, ,
Sysprintj.sep.

3. -,
- (Separator Page) .
, ,
(Browse) - (Separator Page), %SystemRoot%\Windows\System32. -.
(Browse), , .
-.


, ,
c . (Ports).
, , .
, (Add Port). (Printer Ports) (New

586

IV

Windows Server 2008

Port). OK.
, (Delete Port).


.
(Advanced), . 18-8, . .

.
, (Advanced)
(Always Available).
,
(Available From).

(Priority) (Advanced)
. . .

. 18-8.
(Advanced)

, , ,
, , .

18

587

:
( ) (Spool
Print Documents So Program Finishes Printing Faster)
, .
(Start Printing After Last Page Is Spooled)
. -
, .
(Start Printing Immediately) ,
.
.
,
(Print Directly To The Printer). :
(Hold Mismatched Documents) ,
. , .
(Print Spooled Documents
First) , ,
, .
(Keep Printed Documents) .
, .
, . , . ,
.
(Enable Advanced
Printing Features) ( ), , .
, ,
.


.
, ,
(Manage Sharing).
(Sharing), , -

588

IV

Windows Server 2008

.
:

( ,
), (Share
This Printer) (Share
Name). OK.
, (Share Name)
OK.
,
(Share This Printer). OK.


, . , , (Security). :
(Print), (Manage Documents) (Manage Printers). . 18-2
.
:
(Administrators), (Print
Operators) (Server Operators)
.
.

.
(Everyone) .
.
. 18-2. Windows Server 2008

(Print)

(Manage
Documents)

(Manage Printers)

,
,

18

589

. 18-2. ()

(Print)

(Manage
Documents)

(Manage Printers)

,
. . 18-3
, . .
. 18-3.

(Print)

(Print)


(Manage Documents)

(Manage
Documents)

X
X


(Manage Printers)

(Read Permissions)

(Manage Printers)

X
X


(Change Permissions)

(Take
Ownership)

590

IV

Windows Server 2008


Windows Server 2008
. :
1. (Security). (Advanced),
(Advanced Security Settings).
.
, .

2. (Auditing) (Add) , .

(Remove).
3. , (Successful) (Failed).
4. OK.


, Windows, ,
MS-DOS. ,
:
1. (General).
2. (Printer Preferences).
3. .


Windows Server 2008 : (Print Server Properties).
:
(Printers)
(File) (Server Properties)

(Server Properties) .
(Print Management)
(Properties). , (Add/Remove
Servers): (Print

18

591

Servers) (Add/
Remove Servers).
.

Spool NTFS
Spool . %SystemRoot%\System32\Spool\PRINTERS.
NTFS (Change) .
.
, :
1. : (Print Server Properties).
2. (Advanced). Spool (Spool
Folder). .
3. Spool Windows
(Windows Explorer) (Properties).
4. (Security) .


, , . ,
. ,
:
, ,
, , , , USB-. , , , .
. ,
. , .
Spool .
Spool , .
- .

592

IV

Windows Server 2008



: (Print Server Properties).
(Advanced) , .


. ,
. . . , : (Print Server
Properties) (Beep On Errors Of Remote Documents)
(Advanced).



. ,
:
(Printers) . , .
, . (Start), (Network).
, ,
(Printers) .
(Print Management)
(Print Servers). . (Printers). (Open Printer Queue).
(Print Management)
(Printers) (Show Extended View).


, . 18-9. , :
(Document Name) ;
, .
(Status) , .

18

593

(Owner)
(Pages) .
(Size) , .
(Submitted)
.
(Port) , , , LPT1, COM3,
IP- ( ).

. 18-9.


.
(Printer) (Action) (Pause Printing). , , . , .

(Pause Printing) . .


, (Printer) (Action)
(Cancel All Documents).

(Document). ,
, :
(Pause) .
(Resume) ,
.

594

IV

(Restart)
.

Windows Server 2008

, -


, ,
Delete.
, ,
.
- ,
. ,
.


,
, , , . ,
:
. (Properties).
.


. .
, :
1. . (Properties).
2. (General) . 1, 99.



. , . , :
1. . (Properties).
2. (General) (Only
From) , .
,
24.00 5.00 .

19

DHCP

, DHCP Active Directory.


DHCP TCP/IP. . DHCP ,
DHCP-.

DHCP
DHCP IP-
. DHCP, DHCP-
TCP/IP: IP-, , DNS-, WINS,
DNS- . Windows Server 2008 DHCP
IPv4 IPv6 ( , )
.

IPv4
, IPv4, DHCPv4.
DHCPv4-, IPv4-, DHCP-, 32- IPv4-
, . . ,
. DHCP-. IPv4-,
, .
DHCP, IP-,
DHCP- IPv4-.
DHCP-
( ). DHCPv4
, DHCP-

596

IV

Windows Server 2008

. DHCPv4 DHCP-. DHCP- ,


. DHCP- , ,
, .
, ,
.
, . ping ,
. IPv4. , DHCP-
, .
IPv4 :
1. IP- B 169.254.0.0
255.255.0.0, . IPv4- ARP , IPv4- .
2. , 1. . , ARP ,
IPv4-.
3. IPv4- ,
. , DHCP, .
,
.

IPv6
Microsoft Windows Vista Windows Server 2008
, (IPv4 IPv6). 1 17, IPv4 IP
, IPv6 IP. IPv6 128- . 64 ,
64 .
IPv6 DHCP:
(Stateful) DHCPv6- IPv6- DHCPv6-.
(Stateless) DHCPv6-
IP- ,
DHCPv6.
, DHCPv6- IPv6- () , DHCPv6-. DHCPv4,
DHCPv6 DHCPv6-,

DHCP

19

597

, DHCPv6-, , DHCPv6,
, ,
DHCPv6-.
DHCPv4, DHCPv6
IPv6-. DHCPv6
, :
Managed Address Configuration ( M)
1, .
Other Stateful Configuration ( O) 1,
.
DHCPv6 Window Vista, Windows Server 2008.
DHCPv6
M O . , ,
M O . IPv6 Windows XP
Windows Server 2003 DHCPv6-,
M O .
IPv6, Windows Vista Windows Server 2008, 1 M. netsh interface ipv6 set interface
managedaddress=enabled, . 1 O ,
netsh interface ipv6 set interface
otherstateful=enabled. ,
, :
netsh interface ipv6 set interface Connection 2 managedaddress=enabled

M O, :
0, , DHCPv6. .
1, DHCPv6
IP-, .
, , DHCPv6
IPv6- .
M 0, O 1, DHCPv6 .

598

IV

Windows Server 2008

, IPv6 . .
M 1, O 0, DHCPv6 IP-, . IPv6- , , , , IPv6- DNS-,
.
Windows Vista Windows Server 2008
IPv6- , IPv4. IPv6 DHCPv6
:
1. IPv6- . IPv6- ARP , IPv6-
.
2. , 1. , , ARP- .
IPv6-.
3. IPv6- ,
. DHCP, .
.
IPv6
DHCPv6 .
DHCPv6 , , .
DHCPv4, DHCPv6
UDP. DHCPv6 UDP- 546.
- DHCPv6 UDP- 547.
DHCPv6 ,
DHCPv4 BOOTP,
.
DHCPv6 1- Msg-Type ( ). 3- Transaction-ID,
DHCPv6.
Transaction-ID DHCPv6
, . DHCPv6 . Option-Code (2 ) .
Option-Len (2 ) Option-Data .
Option-Data .

DHCP

19

599

, - . Hop-Count (1 ) -, . ,
, , . Link-Address (16 )
, , . Link-Address , . Peer-Address
(16 ) IPv6- , , ,
. Peer-Address DHCPv6. Relay Message , .
IPv6 . , DHCPv4,
DHCPv6 All_DHCP_Relay_Agents_and_Servers,
FF02::1:2. DHCPv6- , DHCPv6 .
DHCPv6-, .
, - DHCPv6 , , DHCPv6-.

IP-
IP- IPCONFIG. , ipconfig /all .
IP- ,
IP- (Autoconfiguration IP Address). IPv4- 169.254.98.59:
IP Windows
..................:
DNS-............:
........................:
IP- .......:
WINS- .............:
DNS.:

DELTA
microsoft.com

microsoft.com

Ethernet adapter :
DNS- .........:
........................: Intel Pro/1000 Network Connection
................: 23-17-C6-F8-FD-67
DHCP ....................:
..........:
IPv4-:......: 169.254.98.59

600

IV

Windows Server 2008

...................: 255.255.0.0
...................:
DNS-.....................:


(scope) IPv4 IPv6-,
. DHCP . IPv4-,
MAC- ,
IPv4-. MAC-
IPv4-. IPv6
.
, IP-,
DHCP-. , IP-
192.168.12.2 192.168.12.250 Enterprise Primary. IPv4- :
IP 1.0.0.0 126.255.255.255
B IP- 128.0.0.0 191.255.255.255
C IP- 192.0.0.0 223.255.255.255
D IP- 224.0.0.0 239.255.255.255
IP 127.0.0.1 .

IPv6-, IPv6-. FE80. FF00.


( ) :: ( ) ::1 ( ).
DHCP- . IPv4 :
(normal scope) A, B C.
(multicast scope) IP- IPv4 D. IP- , IP-.
, .
IPv6 . , , , , C.
DHCPv4 DHCPv6 DHCPv4 DHCPv6 . -
(RRAS) - DHCP. .

DHCP

19

601

DHCP-
IP- , DHCP-. (Add Roles
Wizard) DHCP-,
Active Directory.
DHCP- IP-.

DHCP
Microsoft Windows Server 2008
DHCP-, :
1. DHCP IPv4 IPv6- . ,
IPv4 IPv6-.
2. (Server Manager)
(Roles) (Add Roles).
(Add Roles Wizard). ,
(Next).
3. (Select Server Roles) DHCP- (DHCP Server) (Next).
4. (Network Bindings)
IPv4-.
, DHCPv4-, (Next).
5. IPv4 DNS- (Specify IPv4 DNS
Server Settings), . 19-1, DNS, DHCPv4-
DNS. (Parent
Domain) DNS- , , cpandl.com.
IPv4- DNS- (Preferred DNS Server)
IPv4- DNS- (Alternate DNS Server) IPv4- DNS-. (Validate),
DNS-. (Next).
6. IPv4 WINS- (Specify IPv4 WINS
Server Settings) , WINS
. , IP-
WINS- IP- WINS- (Preferred
WINS Server) IP- WINS- (Alternate
WINS Server). (Next).

602

IV

Windows Server 2008

Windows Server 2008 WINS


(Add Features Wizard).
, Windows 2000, WINS .
IPv4 () IPv6- LLMNR (Link-Local
Multicast Name Resolution). LLMNR,
PNRP (Peer Name Resolution Protocol).

. 19-1. DNS DHCPv4-

7. DHCP- (Add Or Edit


Scopes) DHCP-,
(Add) , . DHCP , (Next).
8. DHCPv6
(Configure DHCPv6 Stateless Mode) , . , DHCPv6- IPv6- DHCPv6,
. , DHCPv6 . (Next).
9. DNS- IPv6 (Specify IPv6 DNS
Server Settings), . 19-2, DNS, DHCPv6-.

DHCP

19

603

(Parent Domain) DNS- , , cpandl.com. IPv6- DNS (Preferred DNS Server) IPv6- DNS-
(Alternate DNS Server) IPv6- DNS-. (Validate), . (Next).

. 19-2. DNS DHCPv6-

10. DHCP- (Authorize DHCP Server) DHCP- Active Directory:


(User Name) . , DHCP-, (Next),
.
,
(Use Alternate Credentials) (Specify).
Windows (Windows Security)

OK. (Next).
DHCP- ,
DHCP- AD DS (Skip Autho-

604

IV

Windows Server 2008

rization) OK. , IP- DHCP-.


11. (Install). . , , DHCP- Active
Directory .
DHCP, . .

DHCP
DHCP- IP DHCP. ,
(Start), (Administrative Tools) DHCP.
DHCP . 19-3. DHCP . , IPv4 IPv6.
, IP.
.

. 19-3. DHCP DHCP-

.
IP :
, DHCP
.
, . DHCP .
, DHCP- .
.
:
, .
.

DHCP

19

605

DHCP-
DHCP, DHCP-.
DHCP- .
:
1. DHCP
(Add Server). , . 19-4.

. 19-4. DHCP-, DHCP

2. (This Server) IP-


, DHCP-.
3. OK. DHCP .
. :
(Refresh).

DHCP-
DHCP- DHCP (DHCP Server). , ,
, \
(Configuration\Services) (Server Manager)
. , DHCP- (DHCP Server)
DHCP. , , (All Tasks) : (Start), (Stop),
(Pause), (Resume) (Restart).
DHCP-
(Server Manager), (Roles) DHCP- (DHCP
Server). , (All
Tasks) : (Start), (Stop), (Pause), (Resume) (Restart).

606

IV

Windows Server 2008

DHCP- Active Directory


DHCP- ,
Active Directory. ,
IP- . Windows Server 2008 DHCP-.
DHCP-, DHCP
(Authorize). , (Unauthorize).
DHCP-
(Server Manager), (Roles) DHCP- (DHCP Server),
(Authorize). .
F5, . DHCP- , . ,
(Roles) DHCP- (DHCP Server), (Unauthorize).
, DHCP- Active Directory
.
, DHCP , . (Authorize).

DHCP-
DHCP- IP .
PIv4 IPv6 . ,
, . , , ,
.

DHCP-
IP-
, DHCP. DHCP . ,
100 / 1000 /. DHCP 1000 /.
DHCP , :

DHCP

19

607

1. DHCP , .
IPv4 IPv6
(Properties).
2. IPv4 IPv6 (Advanced) (Bindings).
3. (Bindings)
DHCP-. DHCP-
, .
, .
4. OK.

DHCP
DHCP IPv4 IPv6. DHCP,
(Refresh) .
DHCP, .
, :
1. DHCP .
IPv4 IPv6 (Properties).
2. (General) (Automatically Update Statistics Every) . OK.

DHCP
Windows Server 2008 DHCP-
.
DHCP

DHCP- .
IPv4 IPv6
, .
DHCP %SystemRoot%\System32\DHCP.
. DhcpSrvLog-Mon.log, DhcpSrvLog-Tue.log . .
DHCP-
. DHCP
. DHCP- (DHCP
Server) . 24 .

DHCP- (DHCP Server).
.

608

IV

Windows Server 2008

DHCP

DHCP, :
1. DHCP .
IPv4 IPv6 (Properties).
2. (General)
DHCP (Enable DHCP Audit Logging). OK.
DHCP

DHCP %SystemRoot%\System32\
DHCP. DHCP, :
1. DHCP .
IPv4 IPv6 (Properties).
2. (Advanced). (Audit Log File Path)
.
(Browse).
3. OK. Windows Server 2008
DHCP- (DHCP Server). (Yes), . .

DHCP- (DHCP Server) ,


. DHCP- 70 .
.
70

DHCP ,
- .
, .
,
DHCP, HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DHCPServer\Parameters.
:
DhcpLogFilesMaxSize . 70 .
DhcpLogDiskSpaceCleanupInterval
. 60 .
DhcpLogMinSpaceOnDisk , . , .
20 .
DhcpLogMinSpaceOnDisk . .

DHCP

19

609

DHCP DNS
DNS
Active Directory . DNS, DHCP-
DNS . DHCP- DNS .
DHCP DHCP- Windows Server 2008 DNS- IP- . , Windows,
DHCP-.
DHCP- .
DNS Microsoft Windows NT 4.0
, .
WINS DHCP-, NetBIOS.
WINS. DNS- Windows Server 2008.


DNS, :
1. DHCP .
IPv4 (Properties).

. 19-5. DNS (DNS)


DNS DHCP

2. DNS (DNS). . 19-5 DNS DHCP.


.
DNS , :

610

IV

Windows Server 2008

1. DHCP .
IPv4.
2.
(Properties).
3. DNS (DNS).
. 19-5.
.

DHCP NAP
NAP (Network Access Protection) , .
NAP DHCP DHCP- (Network Policy Server, NPS).
(Network Policy Server), DHCP NAP NAP DHCP. NAP, .
NAP DHCP, :
1. , (Add Features Wizard), (Network Policy Server).
2. (Network Policy Server) NPS () (NPS (Local))
NAP (Configure NAP) .
NAP (Configure NAP Wizard).
3. (Network Connection Method)
DHCP (Dynamic Host Configuration
Protocol (DHCP)).
NAP- . . 19-6,
NAP DHCP. (Next).
4.
DHCP- (Specify NAP Enforcement Servers Running
DHCP Server) DHCP- :
(Add). RADIUS (Add New RADIUS Client)
(Friendly Name). (Address) DNS- IP- DHCP.
(Verify).
(Shared Secret)
(Generate). (Generate),
.
NAP DHCP DHCP. ,
. OK.

DHCP

19

611

5. (Next). DHCP- (Specify


DHCP Scopes) DHCP, . ,
DHCP-, NAP.
(Next).

. 19-6. DHCP-

6. NAP URL-
(Specify A NAP Remediation Server Group And URL)
(New Group),
. NAP-. URL -
, NAP.
, DHCP .
(Next).
7. NAP (Define
NAP Health Policy) , NAP. , , NAP.
NAP- . . (Next) (Finish).
NAP DHCP-
. NAP, :

612

IV

Windows Server 2008

1. DHCP .
IPv4 (Properties).
2. (Network Access Protection), . 19-7, (Enable
On All Scopes) (Disable On All Scopes),
NAP .

. 19-7. (Network Access Protection)


DHCP
DHCP- NPS,
. NPS DHCP-
NPS,
(Network Access Protection) .

, , DHCP-, NPS- .
OK.
(Full Access) DHCP-
. .
(Restricted Access) DHCP .
, .
(Drop Client Packet) .
.
NAP ,
:

DHCP

19

613

1. DHCP .
IPv4.
2.
(Properties).
3. (Network Access Protection) (Enable For This Scope)
(Disable For This Scope), NAP .
4. NAP NAP
, (Use Custom Profile) , , Alternate
NAP DHCP.
5. OK, .

IP-
DHCP IPv4-.
IP-.
IPv4-,
. ,
, , IPv4-,
:
1. DHCP .
IPv4 (Properties).
2. (Advanced) (Conflict Detection Attempts) . IP-,
DHCP- .
DHCP IP-, PING.
IPv4- IP- A, B C. DHCP- , DHCP-
IPv4-.
. .
IPv4- . , IPv4-
DHCP-: ,
, DHCP-
. , .

DHCP
DHCP, , DHCP-. , :

614

IV

Windows Server 2008

netsh dump dchp >dhcpconfig.dmp

, dhcpconfig.dmp ,
. , , :
netsh exec dhcpconfig.dmp
DHCP-
. , .

DHCP
DHCP- ,
. IP-,
. ,
: Ipv4-,
IPv4- Ipv6-.


IPv4 , Active Directory. , , . ,
,
.

, , IPv4.
, , :
1. DHCP .
IPv4 (New
Superscope). (New Superscope
Wizard). (Next).
2. (Next).
3. , ,
(Available Scopes). , Shift Ctrl.
4. (Next) (Finish).

,
. ,
:

DHCP

19

615

1. , , (Add
To Superscope).
2. (Add Scope
To A Superscope) .
3. OK.

, :
1. , , (Remove From
Superscope).
2. (Yes), . , .

,
. ,
(Activate). ,
(Deactivate).

,
. ,
, . , (Delete).
(Yes), .


DHCP-.
A, B C. D.
-,
. , , WINS, DNS, . .
IPv4-

IPv4-, :
1. DHCP . IPv4. ,
,
.

616

IV

Windows Server 2008

2. (New Scope).
(New Scope Wizard). (Next).
3. (Next).
4. (IP Address Range)
IP- (Start IP Address) IP- (End IP Address).
x.x.x.0 x.x.x.255. , , . 192.168.10.1
192.168.10.254, 192.168.10.0 192.168.10.255.

5. IP-,
(. 19-8). , .

. 19-8. IP-
(New Scope Wizard),

6. (Next).
, ,
. (Yes), , 8.
, (Back),
IP-.
7. IP-, . (Add Exclusion) IP- (Start IP Address)
IP- (End IP Address):
,
IP- (Start IP Address) IP-
(End IP Address) (Add).
IP-, , IP-.

DHCP

19

617

, .
(Excluded Address Range).
,
(Excluded Address Range)
(Remove).
8. (Next).
(Day(s)), (Hour(s)) (Minutes). . (Next).
. , DHCP, IP-,
, . .

9. DHCP DNS,
WINS, . . , , (Yes, I Want
To Configure These Options Now). , , (No, I Will Configure
These Options Later) 1014.
10. (Next). , ,
. IP- (IP Address) IP- . (Add).
.
.
,
. . (Up) (Down)
.

. 19-9. DNS DNS-


(Domain Name And DNS Servers)

618

IV

Windows Server 2008

11. (Next). . 19-9, DNS DHCP.


, .
12. IP- (IP Address) IP- DNS-.
(Add). , DNS-. ,
IP- . , (Up) (Down).
(Next).
DNS-, IP-
(Server Name) (Resolve).
IP- IP- (IP Address).
, (Add).

13. WINS. (Next).


14. , , (Yes, I Want To Activate This Scope Now)
(Next). , , (No, I Will Activate This Scope
Later) (Next).
15. (Finish), .
IPv6-

IPv6-
(New Scope Wizard). DHCP IPv6-
.
64 IPv6-. (New Scope Wizard) 64- .

. .
. .
IPv6-,
:
1. DHCP . IPv6
.
2. (New Scope).
(New Scope Wizard). (Next).
3. (Next).
4. (Scope Prefix), . 19-10,
64- . (Next).

DHCP

19

619

. 19-10.
(New Scope Wizard)

5. (Add Exclusion) IPv6-, , IPv6- (Start IPv6 Address) IPv6- (End IPv6
Address). :
,
(Exclusion Range)
IPv6- (Start IPv6 Address)
IPv6- (End IPv6 Address) (Add).
IPv6-, IPv6-
(Add).
(Excluded Address Range).
,
(Excluded Address Range)
(Remove).
6. (Next). IPv6- .
. (Scope Lease), .
19-11, (Preferred Lifetime)
(Valid Lifetime). , .
, . (Next).

620

IV

Windows Server 2008

IPv6
8 30 .

7. , (Yes) (Activate Scope Now) (Finish). (No)


(Finish).

19-11.

, :
1. DHCP . IPv4.
2.
(New Multicast Scope). (New Multicast Scope Wizard). (Next).
3. (Next).
4. IP- (Start IP Address) IP- (End
IP Address) IP- .
IP- D. ,
IP- 224.0.0.0 239.255.255.255.
5. , IP, (Time to Live, TTL). ,
. TTL 32.
, , ,
.

DHCP

19

621

6. (Next). ,
(Back), IP-.
7. (Exclusion Range) IP-, . .
, IP- (Start IP Address) IP- (End IP Address) (Add).

(Excluded Addresses).
,
(Excluded Addresses)
(Remove).
8. (Next).
(Day(s)), (Hour(s)) (Minutes). 30 . (Next).
,
. , . IP- ,
.
30 60 .

9. , (Yes) (Next). , (No)


(Next).
10. (Finish), .


TCP/IP , .
,
DNS-, , WINS .
, .
:
, ;
;
, ;
,
.
IPv4 IPv6 .

, . ,
, :

622

IV

Windows Server 2008

;
;
.

, DHCP-. ,
:
1. DHCP .
IPv4 IPv6.
2. , IPv4 IPv6
(Server Options). .
3. ,
(Server Options)
(Configure Options). : (Server Options). (Available
Options), .
(Data Entry). .
4. OK.

.
, :
1. DHCP .
2. , (Scope Options). .
3. ,
(Scope Options)
(Configure Options). : (Scope Options). (Available
Options)
(Data Entry),
. 19-12. .
4. OK.

DHCP

19

623

. 19-12. , ,
(Data Entry)

, IPv6- IPv4-.
.
,
:
1. DHCP .
2. (Reservations) .
3. , . .
4. , (Configure Options).
: (Reservation
Options). (Available Options) (Data Entry).
.

, :
1. DHCP .
IPv4 IPv6. ,
.
2. , , (Properties).

624

IV

Windows Server 2008

3. . :
IPv4
. IP- DHCP-.
,
. , , .
, , , IP-.

. ,
.
, .
,
(Lifetime),
(Multicast Scope Expires On) .

DHCP . .
DHCP,
(Activate).
DHCP, (Deactivate).
,
. , ,
.

BOOTP

BOOTP DHCP.
BOOTP. BOOTP
, :
1. IPv4-, , (Properties).
2. (Advanced) (Both), DHCP
BOOTP.
3. BOOTP- OK.

DHCP-. , :

DHCP

19

625

1. DHCP ,
, (Delete).
2. , (Yes).

. , DHCP-. ,
,
. .
, IP-
DHCP-, .
, , , DHCP- IP-
.

IP- DHCP

192.168.10.1 192.168.10.99

192.168.10.100 192.168.10.199

192.168.10.200 192.168.10.254

DHCP, IP-.
DHCP-.

,
, .
.


.

(Display Statistics).
:
(Total Scopes) .
(Total Addresses) IP- .
(In Use)
( ). 85%
, .
(Available) ( ).

626

IV

Windows Server 2008


IPv4- IP-.
.
IPv4-, :
1. DHCP (Address Pool)
(New Exclusion Range).
2. IP-
(Start IP Address) IP- (End IP Address)
(Add). .
, .
3. , (Close).
IPv6-, :
1. DHCP (Exclusions). (New Exclusion Range).
2. IPv6-
(Start IPv6 Address) IPv6- (End IPv6 Address) (Add).
.
, .
3. , (Close).


, .
(Address Pool) (Exclusions). (Delete).
, (Yes).

DHCP-
DHCP . , (Unlimited)
, .
, DHCP- . DHCP
IP-, ,
DHCP.
IP- ,
:

DHCP

19

627

1. DHCP (Reservations). (New Reservation).


2. (Reservation Name) ,
. .
3. IP- (IP Address) IPv4-, .
, IP- .

4. MAC- (MAC Address)


. MAC-, ipconfig /all . (Physical Address) MAC- .
, .
5. (Description) , .
6. DHCP-, BOOTP-. , ,
.
7. (Add), .
, .
8. , (Close).
IPv6- ,
:
1. DHCP (Reservations). (New Reservation).
2. (Reservation) , .
.
3. IPv6- (IPv6 Address) IPv6-,
.
, IP- .

4. DUID (Device Unique


Identifier) MAC- . MAC-, ipconfig /all .
(Physical Address) MAC- .
, .
5. IAID . , 9 .

628

IV

Windows Server 2008

6. (Description) , .
7. (Add), .
, .
8. , (Close).

, :
.
, . , ipconfig /release.
.
IP-,
. ,
ipconfig /release.


, :
1. DHCP (Reservations).
2.
(Properties). . , . ,
.


,
:
1. DHCP (Address Leases) (Reservations).
2. ,
, (Delete).
3. , (Yes).
4. DHCP.
IP-. ,
ipconfig /release.

DHCP
DHCP DHCP. %SystemRoot%\
System32\DHCP. :

DHCP

19

629

Dhcp.mdb DHCP-.
J50.log , .
J50.chk , DHCP-.
Res1.log DHCP-.
Res2.log DHCP-.
Tmp.edb DHCP-.

DHCP
%SystemRoot%\System32\DHCP DHCP. DHCP
60 .
DHCP , :
1. DHCP , , (Backup).
2. (Browse For Folder) ,
DHCP, OK.
, , , DHCP,
:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DHCPServer\Parameters

DHCP :
BackupDatabasePath DHCP. DHCP.
(Advanced)
(Database Path).
DatabaseName DHCP. DHCP.mdb.
BackupInterval . 60 .
DatabaseCleanupInterval .
60 .

DHCP
, , DHCP. DHCP
, :
1. %SystemRoot%\
System32\DHCP\backup. DHCP, , ,
(Restore).

630

IV

Windows Server 2008

2. (Browse For Folder) ,


, OK.
3. DHCP- (DHCP Server) . DHCP- DHCP- IP-.

DHCP

DHCP-,
DHCP- . .
:
1. DHCP- (DHCP Server)
.
2. DHCP- (DHCP Server)
(Services).
3. %SystemRoot%\System32\DHCP.
:
1. DHCP- (DHCP Server)
(Services).
2. DHCP- (DHCP Server) , .
3. %SystemRoot%\System32\DHCP
%SystemRoot%\System32\DHCP .
.
DHCP- (DHCP Server) , .

DHCP
DHCP Windows DHCP- (DHCP Server), ,
DHCP .
, :
1. DHCP- (DHCP Server)
(Services).
2. %SystemRoot%\System32\DHCP.
, .
! DHCPServer, DHCP. DHCP.

3. DHCP- (DHCP Server).

DHCP

19

631

4. DHCP . ,
, .
5. , ,
.
IP-
.



DHCP . , Windows, DHCP-,
. DHCP
IP- , IP-.
.
.
, :
1. DHCP
(Reconcile).
2. (Reconcile) (Verify).
3. . (Reconcile).
4. , OK.
, :
1. DHCP
(Reconcile All Scopes).
2. (Reconcile All Scopes)
(Verify).
3. . (Reconcile).
4. , OK.

20

DNS

DNS .
DNS ,
IP-, . DNS TCP/IP
WINS, DHCP Active Directory. Microsoft Windows DNS
Active Directory .

DNS
DNS ,
,
, (, ) . ,
. omega.microsoft.com, ,
microsoft , com .
DNS,
. , . , , microsoft.com,
,
. , .
. ,
,
, : jacob.hr.microsoft.com. jacob
, hr , microsoft.com .

Active Directory DNS


7, DNS Active
Directory .
Active Directory DNS , -

DNS

20

633

Active Directory (Active Directory DS) DNS.


Active Directory
DNS,
DNS-. , , DNS Active Directory.
. DNS Active Directory,
Active Directory. :
DNS .dns %SystemRoot%\
System32\Dns. DNS DNS-. DNS- ,
(zone). , DNS
DHCP, DNS-
. DNS- . , DNS-,
DHCP .
DNS Active Directory, dnsZone.
Active Directory,
DNS ,
DHCP . , DNS (DNS Server), . ,
, DNS DHCP, DNS- .
DNS- .
DNS
, Active
Directory. DNS Active Directory. ,
DNS, Active Directory,
. DNS , Active Directory, DNS
.
DNS- Windows Server DNS- , AD DS, . ,

634

IV

Windows Server 2008


DNS. DNS- Windows
Server 2008 AD DS .
DNS- , , .
DNS-, Windows
Server 2008, :
;
AD DS;
, , AD DS;
RPC;
, AD DS.
, DNS- . DNS-
, DNS-
. ,
, DNS- AD DS .

DNS
DNS , DNS.
DNS- , IP-
DNS- . DNS- , .
DNS- TCP/IP
17. DNS- .

DNS, Windows Vista Windows Server 2008, DNS- IPv4 IPv6. IPv6 DNS
FEC0:0:0:FFFF::1, FEC0:0:0:FFFF::2 FEC0:0:0:FFFF::3. IPv6- DNS- , TCP/IPv6
(Network Connections)
IPV6 ADD DNS netsh.
DNS Windows Server 2008 IPv6- IPv4-. DNS
(DNS Manager) IPv4 IPv6-, . Dnscmd
. , DNS-
IPv6,
IPv4-, IPv6-. , DNS ip6.arpa
.

DNS

20

635

DHCP, DNS.
DHCP IPv6- IPv4-, . DHCP
DNS DHCP, .
IPv4 006 DNS- (006 DNS
Servers) 015 DNS- (015 DNS Domain Name). IPv6 00023 IPv6
DNS (00023 DNS Recursive Name Server IPV6 Address)
00024 (00024 Domain Search List). ,

Active Directory, DNS. DNS
, .
DNS- , DNS-, Windows Vista Windows Server 2008,
LLMNR. ,
, . , ,
DNS- , ,
- .
,
, , .
, DNS- .
DNS,
Windows Vista Windows Server 2008, , .
, , .
, ,
.

Windows Server 2008 GlobalNames.


, (RODC). RODC-,
, DNS, , DNS
. DNS- RODC DNS. RODC , .
.
DNS
GlobalNames. -

636

IV

Windows Server 2008

, AD DS
DNS- .
GlobalNames
(SRV) (Service Location (SRV)), .
WINS, GlobalNames , CNAME
. GlobalNames , , .
LLMNR.
GlobalNames , :
1. , ,
DNS- . DNS-.
2. , DNS-, .
3. , .
4. GlobalNames,
DNS-, . , WINS.
GlobalNames , DNS- Windows Server 2008. , DNS-,
,
. GlobalNames .

DNS-
DNS- . DHCP, DNS
DHCP-. IP- DNS , DNS .
DNS DNS TCP/IP (Advanced TCP/IP Settings).
, :
1. (Network And Sharing Center)
(Manage Network Connections). (Network
Connections) (Properties).
2. , IP TCP/IPv6 TCP/IPv4.

DNS

20

637

3. DHCP , DNS-
DHCP, DNS (Obtain DNS Server Address Automatically).
DNS- (Use The Following DNS Server Addresses),
DNS- .
4. (Advanced), TCP/IP (Advanced TCP/IP
Settings). DNS.
DNS:
DNS-, (DNS Server Addresses,
In Order Of Use) IP- DNS-, . IP-
, (Add). (Remove), .
(Edit). DNS, .
, DNS- . . , .
DNS- (Append Primary And Connection Specific DNS Suffixes) .
. , Gandolf microsoft.com.
DNS gandolf.microsoft.com.
, .
(Computer Name)
(System Properties).
DNS- (Append Parent Suffixes Of The Primary DNS Suffix)
.
.
,

. ,
DNS. , Gandolf dev.microsoft.com. DNS
gandolf.dev.microsoft.com, ,
, gandolf.microsoft.com.

638

IV

Windows Server 2008

DNS- ( ) (Append These


DNS Suffixes (In Order)) ,
DNS- . (Add), . (Remove),
. (Edit). . , DNS
. . .
, .
DNS- (DNS Suffix For This Connection)
DNS- , DNS-,
.
DNS (Register This Connections Addresses In DNS) , , IP- DNS
FQDN- . .
DNS DHCP , A (Host Address) IP, DHCP- PTR (Pointer) DHCP-. DHCP-
(A PTR) . DNS BIND 5.1 DNS-, Microsoft
Windows 2000 Server, Microsoft Windows Server 2003
Windows. Microsoft
Windows NT Server 4.

DNS- DNS
(Use This Connections DNS Suffix In DNS Registration)
, , IP-
DNS .

DNS-
Windows Server 2008 DNS-
:
, Active Directory (Active Directoryintegrated primary server) DNS,
Active Directory. DNS Active
Directory.
(primary server) DNS- , Active Directory.
DNS
.dns.

DNS

20

639

(secondary server) DNS.


DNS-,
.
DNS . .
(forwarding-only server) , DNS
. DNS , .
. , .
DNS- DNS- (DNS Server).

DNS- (DNS Server)


DNS- ,
DNS . , DNS . .
, ,
DNS , :
1. (Server Manager) (Roles)
(Add Roles). (Add Roles Wizard).
, (Next).
2. (Select Server Roles) DNS (DNS Server) (Next).
3. (Install). DNS (DNS Server) . , . DNS-.

. 20-1. DNS (DNS Manager)


DNS-

640

IV

Windows Server 2008

4. DNS (DNS Manager),


DNS (Administrative Tools). DNS (DNS Manager) . 20-1.
5. ,
. DNS DNS- (Connect To DNS Server).
:
, (This Computer) OK.
,
(The Following Computer) IP . OK.
6. DNS- DNS
(DNS Manager).
DNS- (Configure A DNS
Server). DNS- (Configure A DNS
Server Wizard). (Next).
7. (Select Configuration
Action), . 20-2,
(Configure Root Hints Only). ,
DNS.

. 20-2. DNS

8. (Next). DNS .
9. (Finish).

DNS

20

641

DNS-
DNS- Active Directory
.
. IP-.
DNS- IP- -.
DNS-
(DNS Server), :
1. DNS (DNS Manager)
, .
2. (New Zone).
(New Zone Wizard). (Next).
DNS (DNS Manager)
DNS- (DNS Server) (Server Manager). DNS.

3. (. 20-3). ,
Active Directory,
(Primary Zone) ,
Active Directory (Store The Zone In Active Directory). DNS Active Directory, (Primary Zone) Active
Directory (Store The Zone In Active Directory). (Next).

. 20-3. (New Zone Wizard)

4. Active Directory, . , 6.

642

5.
6.

7.

8.

IV

Windows Server 2008

DNS- (To All DNS Servers In This


Forest) . ,
Active Directory ,
.
DNS- (To All DNS Servers In This
Domain) , DNS .
(To All Domain
Controllers In This Domain) ,
DNS .
DNS
, DNS- (
DNS-).
(Next). (Forward Lookup Zone) (Next).
DNS- . ,
DNS. , microsoft.com, microsoft.com. (Next).
, Active
Directory, . DNS
.
. (Next).
, .
:
(Allow
Only Secure Dynamic Updates) Active
Directory, ACL, , . ,
, , ACL.
(Allow Both Nonsecure
And Secure Dynamic Updates) ,
DNS
.
(Do Not Allow Dynamic Updates) DNS.

Active Directory.

DNS

20

643

9. (Next), (Finish), . , DNS-.


10. DNS- DNS . , , microsoft.
com msn.com, , . .
11. ,
DNS-, ,
DNS-.
. -, FTP- . .
, ,
. .
,
. DNS
-. DNS- .com, .org .net
IP-, . DNS . adatum.com DNS- IP-.
TCP/IP 17.

DNS-
DNS-
. Active Directory, .
DNS , Active Directory DNS . , .
DNS- . , .
, ,
, . ,
, ,
.
, :

644

IV

Windows Server 2008

1. DNS (DNS Manager)


.
2.
(New Zone). (New
Zone Wizard). (Next).
3. (Zone Type) (Secondary Zone). (Next).
4. , . ,
(Forward
Lookup Zone) (Next).
5. DNS- (Next).
6. (Master Servers) IP- Enter. .
, ,
IP-.
,
.
7. (Next) (Finish). , ,
. .


IP-, IP- . . ,
192.168.10.0, 192.168.11.0 192.168.12.0,
.
, , in-addr.arpa.
10.168.192.
in-addr.arpa, 11.168.192.in-addr.arpa 12.168.192.in-addr.arpa. .
.
, :
1. DNS (DNS Manager)
.
2.
(New Zone). (New
Zone Wizard). (Next).
3. , Active Directory, (Primary Zone) -

DNS

4.

5.

6.
7.

20

645

, Active Directory (Store


The Zone In Active Directory). DNS
Active Directory, (Primary
Zone) Active Directory (Store The
Zone In Active Directory). (Next).

, (Secondary
Zone) (Next).
Active Directory, :
DNS- (To All DNS Servers In This
Forest) . ,
Active Directory ,
.
DNS- (To All DNS Servers In
This Domain) ,
DNS .
(To All Domain
Controllers In This Domain) ,
DNS .
DNS
, DNS- (
DNS-).
(Reverse Lookup
Zone). (Next).
,
(IPv4 IPv6) (Next). :
IPv4,
.
.
(Next).
, ,
192.168.10 192.168.11, . 168.192.in-addr.arpa,
DNS (DNS Manager) .

IPv6,
.
.
. (Next).

646

IV

Windows Server 2008

8. , Active Directory, .
DNS . . (Next).
9. , .
:
(Allow
Only Secure Dynamic Updates) Active
Directory, ACL, , . ,
, , ACL.
(Allow Both Nonsecure
And Secure Dynamic Updates) ,
DNS
.
(Do Not Allow Dynamic Updates) DNS.

Active Directory.
10. (Next), (Finish), . , DNS-.
. , .


GlobalNames ,
AD DS. DNS-
Windows Server 2008, GlobalNames
WINS . , FQDN-.
GlobalNames ,
DNS, , WINS,
IPv6. GlobalNames ,
.

DNS

20

647

GlobalNames, :
1. DNS (DNS Manager)
(Forward Lookup Zones) (New Zone).
(New Zone Wizard) (Next),
, AD DS. , Active Directory (Active Directory Zone
Replication Scope)
(Next). (Zone Name) GlobalNames.
(Next) (Finish).
2. DNS-
:
dnscmd /enableglobalnamessupport 1

DNS-,
GlobalNames. , (.), , dnscmd . /enableglobalnamessupport 1.
3. , ,
GlobalNames CNAME: DNS
(DNS Manager) GlobalNames,
(CNAME) (New Alias (CNAME)) .
DNS- :
1) , 2) GlobalNames, 3) DNS, 4) WINS. ,
DNS- GlobalNames, .
, DNS- GlobalNames, (SRV) (Service Location (SRV)) _globalnames._msdcs
DNS-, .
DNS-, GlobalNames.

DNS-
DNS (DNS Manager)
DNS-. . 20-4, . DNS-
. .
DNS (DNS Manager):
,
.
,
, , .

648

IV

Windows Server 2008

,
.

. 20-4. (Forward Lookup Zones)


(Reverse Lookup Zones)

(Forward Lookup Zones) (Reverse Lookup Zones)


, .
, DNS-.

DNS
(DNS Manager)
DNS- DNS
(DNS Manager), :
1. DNS
DNS- (Connect To DNS Server).
2. , (This Computer).
(The Following Computer)
IP- FQDN- ,
.
3. OK. Windows Server 2008
. .

- (RPC), .
, (Yes) .

DNS

20

649

DNS
DNS (DNS Manager), Delete. OK, . . .

DNS-
DNS- DNS- (DNS
Server). , , , DNS- (DNS Server) (Server Manager) . , DNS (DNS Server) DNS (DNS
Manager). , ,
(All Tasks)
(Start), (Stop), (Pause), (Resume)
(Restart).


DNS (DNS Manager)
. , microsoft.com.
hr.microsoft.com mis.microsoft.com.
, :
1. DNS (DNS Manager) (Forward Lookup Zones) .
2.
(New Domain).
3. OK. ,
hr.microsoft.com, hr.



DNS . -
(microsoft.com).
, , memphis.microsoft.com, newyork.microsoft.com
la.microsoft.com.
, :
1. DNS- .
2.
DNS- . DNS- , .

650

IV

Windows Server 2008

, :
1. DNS (DNS Manager) (Forward Lookup Zones) .
2.
(New Delegation).
(New Delegation Wizard).
(Next).
3. , , hr (. 20-5) (Next).
(Fully
Qualified Domain Name).

. 20-5. ,

4. (Add).
(New Name Server Record).
5. (Server Fully Qualified Domain
Name) - DNS- , , corpserver01.memphis.adatum.com.
(Resolve). IP- IP- (IP Address).
6. 5, .
, IP- .
(Up)
(Down). OK,
(New Name Server Record).
7. (Next) (Finish).

DNS

20

651


DNS-.
, :
1. DNS (DNS Manager)
.
2. (Delete).
, (Yes).
3. Active Directory, .
Active Directory, (Yes).
DNS-
,
, Active Directory. %SystemRoot%\
System32\Dns. ,
DNS (DNS Manager).

DNS-
, .
, Active Directory DNS-, DNS-. DNS, . ,
:
A (IPv4-) - IPv4-.

IPv4- ( ),
.
AAAA (IPv6-) - IPv6-.

IPv6- ( ),
.
(CNAME) -. ,
zeta.microsoft.com www.microsoft.com.
(MX) , .
(NS) , DNS . .
(PTR) , IP- .
(SOA) , , -

652

IV

Windows Server 2008

DNS- . (SOA)
( ).


A AAAA IP, PTR .
.
, :
1. DNS (DNS Manager) (Forward Lookup Zones) .
2. , , ( ) (New Host
(A Or AAAA)). , . 20-6.

. 20-6. (New Host)


3. , , corpserver01, IP-, ,
192.168.1.50.
4. PTR- (Create
Associated Pointer (PTR) Record).
PTR-
. ,
. (Allow Any Authenticated Users) ,
DNS- .

5. (Add Host) OK. , .


6. , (Done).

DNS

20

653

PTR-

PTR- , :
1. DNS (DNS Manager) (Reverse Lookup Zones) .
2. , , (New Pointer
(PTR)). , . 20-7.

. 20-7. PTR-
(New Resource Record)

3. IP- (Host IP Address), , 192.168.1.95,


(Host Name), , techserver09.tech.adatum.com.
OK.

DNS- CNAME
CNAME-
- -. ,
gamma.microsoft.com www.microsoft.com
ftp.microsoft.com.
CNAME-, :
1. DNS (DNS Manager) (Forward Lookup Zones) .
2. , , (CNAME) (New Alias
(CNAME)). , . 20-8.
3. (Alias Name) -, , , www ftp.

654

IV

Windows Server 2008

4. (FQDN) (Fully Qualified


Domain Name (FQDN) For Target Host) - , .
5. OK.

. 20-8. CNAME- -


MX ,
. MX-, 0 65535,
. .
,
.
MX-, :
1. DNS (DNS Manager) (Forward Lookup Zones) .
2. , , (MX) (New Mail
Exchanger (MX)). , 20-9.
3. , :
(Host Or Child Domain)
.
. ,
.

DNS

20

655

(FQDN) (Fully Qualified Domain Name


(FQDN)) ,
, , tech.adatum.com.
(FQDN) (Fully Qualified
Domain Name (FQDN) Of Mail Server) , ,
, corpmail.tech.adatum.com. .
(Mail Server Priority) 0 65535.
, . ,
10, 20,
30.

4. OK.

. 20-9.


NS . NS . -, ,
NS-.
NS-, :
1. DNS (DNS Manager) (Forward Lookup Zones) .
2. DNS- , .

656

IV

Windows Server 2008

3. NS- (Properties).
(Name Servers),
. 20-10.

. 20-10.

4. (Add).
(New Name Server Record).
5. (Server Fully Qualified Domain
Name) - DNS- , , corpserver01.adatum.com. (Resolve).
IP-
IP- (IP Address).
6. 5, .
, IP- .
(Up)
(Down). OK,
(New Name Server Record).
7. OK, .

DNS-
DNS-, :
1. . .
2. DNS-, . .
OK.

DNS

20

657


, (SOA), , WINS.
DNS (DNS Manager),
:
, ,
(Properties).
(Action)
(Properties).
, WINS WINS-R.
WINS NetBIOS.
WINS-R NetBIOS.


, , . , :
1. DNS (DNS Manager)
, , (Properties).
2. (SOA) (Start Of Authority
(SOA)) , . 20-11.

. 20-11.
SOA-

658

IV

Windows Server 2008

(SOA) (Start Of Authority (SOA))


:
(Serial Number)
DNS. , .
, .
, , DNS- . , DNS
(
).
(Primary Server) ,
. , .
(Responsible Person)
, . hostmaster,
. hostmaster@_.com. , @
.
(Refresh Interval) , .
, . , , NS-
.
(Retry Interval) , . 10 ,
10 , .
(Expires After) ,
.
, ,
DNS-.
. TTL ( ) (Minimum (Default) TTL) . ,
. .
, , 24 .
. , ,
.

DNS

20

659

(TTL) (TTL For This Record) SOA- : : : : . , .


DNS- . Windows
Server 2008 . , ,
, ,
.
, . ,

.
, ,
, .

, :
1. DNS (DNS Manager)
, , (Properties).
2. (Zone Transfer),
. 20-12.

. 20-12. (Zone Transfers)


660

IV

Windows Server 2008

3. , (Name Servers), (Allow Zone Transfers)


, (Only To Servers
Listed On The Name Servers Tab).
4. , (Allow Zone Transfers)
(Only To The Following Servers).
(Edit), (Allow Zone Transfers). IP-
(IP Address), IP-
Enter. . ,
IP-.
, IP- . OK.
5. OK, .


SOA-. DNS .
,
. :
1. DNS (DNS Manager)
, , (Properties).
2. (Zone Transfers)
(Notify). , . 20-13.

. 20-13. ,
(Name Servers), ,

DNS

20

661

3. ,
(Name Servers),
(Automatically Notify) (Only To Servers Listed On The Name Servers Tab).
4. ,
(Automatically Notify)
(Following Servers). IP (IP Address), IP-
Enter. . ,
IP-.
, IP-.
5. OK.


Active Directory, :
1. DNS (DNS Manager)
, , (Properties).
2. (General) (Change)
(Type). (Change
Zone Type) .
3. Active Directory
Active Directory (Store The Zone In Active Directory).
4. Active Directory,
Active Directory (Store The Zone In Active Directory).
5. OK.


DNS-
. ,
DHCP. , .
Active Directory,
.
, DNS, ACL.
,
:
1. DNS (DNS Manager)
, , (Properties).

662

IV

Windows Server 2008

2. (General)
(Dynamic Updates) :
(None) .
(Nonsecure And Secure)
.
(Secure Only) Active Directory.
Active Directory.
3. OK.
DNS DHCP. DHCP DNS 19.


DNS-
DNS- . IP- DNS- . , ,
.

IP- DNS-
DNS- DNS-
IP-,
.
DNS (DNS Manager) IP-. :
1. DNS (DNS Manager)
(Properties).
2. (Interfaces)
IP- (Only The Following IP Addresses).
IP-, DNS-.
IP-, DNS-. DNS IP-. DNS
IP- .
3. OK.

DNS-
, .

DNS

20

663


. , DNS- .
DNS-.
DNS :
(Nonforwarders)
DNS-, ,
. , DNS-
.
(Forwarding-only) .
DNS-.
(Forwarders) ,
.
DNS.
(Conditional forwarders) , DNS. , .
( ,
). .

DNS- , :
1. DNS (DNS Manager)
(Properties).
2. (Advanced). , , (Disable
Recursion) . , , (Disable Recursion) .
3. (Forwarders) (Edit).
(Edit Forwarders).
4. IP- (IP Address), IP- Enter. .
, IP-.
, IP- .
5. , , ,
-

664

IV

Windows Server 2008

.
. 5 . OK.

DNS-,
. ,
(Disable Recursion) DNS- .

,
. DNS-. ,
.
, :
1. DNS (DNS Manager)
(Conditional Forwarders)
.
(Conditional Forwarder).
2. (New Conditional
Forwarder) , ,
, adatum.com.
3. IP- (IP Address), IP- DNS- Enter. ,
IP-.
4. DNS Active Directory Active Directory (Store This Conditional Forwarder In Active Directory)
.
DNS- (All DNS Servers In This Forest)
. , Active Directory ,
.
DNS- (All DNS Servers In This Domain) ,
DNS .
(All Domain Controllers In
This Domain) ,
DNS
.
DNS ,

DNS

20

665

DNS- (
DNS-).
5. , , ,
.

.
. OK.
6. ,
.


DNS
DNS-. ,
:
1. DNS (DNS Manager)
(Properties).
2. DNS (Event Logging). , (No Events).
3. OK.

DNS
, DNS- (DNS Server)
DNS-.
DNS, (Event
View) (Computer Management).
DNS
DNS. .
, :
1. DNS (DNS Manager)
(Properties).
2. (Debug Logging),
. 20-14,
(Log Packets For Debugging). , .
3. (File Path And Name)
, , dns.log.
%SystemRoot%\System32\Dns.
4. OK. , , (Log Packets For
Debugging).

666

IV

Windows Server 2008

. 20-14.
(Debug Logging)

DNS-
Windows Server 2008 DNS .
,
:
1. DNS (DNS Manager)
(Properties).

. 20-15. DNS-

DNS

20

667

2. (Monitoring),
. 20-15. . DNS ,
DNS- (A Simple Query Against This DNS Server). DNS , DNS- (A Recursive Query To Other DNS
Servers).
3. , (Test
Now). ,
(Perform Automatic Testing At
The Following Interval) , .
4. (Test
Results). , , , (Pass).
. , , .
, (Advanced) .
DNS,
10-15 . .
DNS ,
- .

. (William R. Stanek) (http://www.williamstanek.com/) . ,


, , . . 65 ,
Microsoft Exchange Server 2007 Administrators Pocket Consultant (Microsoft
Exchange Server 2007. , , , 2008) Microsoft Windows Vista Administrators Pocket Consultant
(Microsoft Windows Vista. , ,
-, 2007), Windows Server 2008 Administrators Pocket Consultant
(Windows Server 2008. , , , 2008) Windows Server 2008 Inside Out.
- 1991 .
11
.
, .
.
.

. ,
.
, Air Force Distinguished Flying Cross. - .