Академический Документы
Профессиональный Документы
Культура Документы
Security:
The Group Policy can also be deployed in Workgroup security model but
there is no central tool available to configure all computers in one goes. For
example, you have 20 computers in your network. You need to configure the
same Group Policy settings on 20 computers. To do so you need to visit each
computer individually and then open Group Policy Editor and configure the
settings. As a manual process, this will take some considerable time. A
workaround to this is to copy the Group Policy settings. This is how you do it:
1.Log on to a workgroup computer using Local Administrator account.
2.Configure Group Policy settings using gpedit.msc snap-in.
3.Close the gpedit.msc snap-in.
4.Run the following commands to refresh the settings and before you
copy: If Windows 2000: Secedit.exe /refreshpolicy user_policy Secedit.exe
/refreshpolicy machine_policy If Windows XP or Windows 2003
Gpupdate.exe
5.Launch Windows Explorer Tools Folder Options View and then
select Show hidden files and folders, click Ok.
6.Create a shared folder named GPContents.
7.Go to %SystemRoot%\System32, locate the GroupPolicy folder, right
click and then select Copy and paste in GPContents shared folder.
Storage:
Storage model of the Active Directory, the common IEEE X.500 Directory
Services implementation is a standard. X.500 that provides a hierarchical
structure named the directory information tree (or DIT for short), which
contains a number of objects, each of which comprises one or more
attributes (the actual objects and applicable attributes are described in the
schema, which we'll discuss shortly). One important component of X.500 is
the organizational unit that can contain other objects and even other
organizational units; this is a crucial component for creating a directory
service that can mimic a business model.
Each object in the DIT has two names; one is an unambiguous name, the
distinguished name (DN), defining the name and exact location of the object.
The other is a relative distinguished name (RDN) which only contains the
name of the object relative to its position in the tree. An example of a
distinguished name would be: CN=John Savill, OU=IT, DC=savilltech,
DC=com. This shows an object by the name of John Savill in an
Organizational Unit called IT in a domain called savilltech.com. Its RDN would
be just "John Savill". The actual data for the domain is now stored in a file
called NTDS.DIT that is stored in the %systemroot%\NTDS folder by default.
This file is based on the Microsoft Extensible Storage Engine (ESE) as used by
Exchange.
Backup:
Computing workgroups face unique challenges when it comes to system
backups. These groups, of usually two to 50 people, use collaboration
software that allows them to update and pass along files. LANs designed
around workgroups provide electronic sharing of required data. These
workgroups can operate on their own or within an enterprise and are
typically outside the data center. Workgroup staffers often have little or no
administrative IT experience, yet they are usually responsible for these
backups. If there be a need for additional backup systems for Workgroups
configuration, all one need to do is install the backup software on the new
computers and setup their associated accounts. The backup process involves
licensing for that computer at the Backup Server end and setting up an
account for that computer at the Backup Server. Then, the information used
for installation and configuration of the Backup Client on the computer that
need to be backed up. Usually there is no need to open additional firewall
ports because all the traffic flows out from the Backup Client computer to the
off-site Network that has already been configured to accept Backup Clients.
DOMAINS
In a Windows network, a domain is a group of server computers that share a
common user account database. A user at a client computer can log in to a
domain to access shared resources for any server in the domain. Each
domain must have at least one server computer designated as the domain
controller, which is ultimately in charge of the domain.
Most domain networks share this work among at least two domain
controllers, so that if one of the controllers stops working, the network can
still function.
In a domain:
If you have a user account on the domain, you can log on to any
computer on the domain without needing an account on that computer.
Security:
Domain Networks can be created and managed by promoting any Workgroup
Server to the role of a Domain Controller or Primary Domain Controller (PDC).
Servers designated as Primary Domain Controllers contain a more thorough
and complex set of security and administrative properties which the
simplified Workgroup Server does not have.
Each Domain must have at least one designated PDC Server within its Forest
for centralized user account management through the AD. Domains share a
hierarchal directory of databases, security policies, and common security
relationships with other sub-Domains.
A PDC provides access to a centralized user account and workgroup account
policy as maintained by the Domain Administrator predominantly from the
AD Server itself. Because Domains use a hierarchy of parent-child
relationships within a Domain Forest, AD Domains are generally
recommended and most effectively used by larger organizations where
collaborative computing between numerous workgroups must span multiple
departmental servers with common sets of relational security policies in
place.
Storage:
Storage domains enable partition of storage, allowing hosts or host groups
access to specific volumes. Hosts access volumes on the array through the
physical host ports (or initiators) residing on host HBAs. Volume-to-LUN
mapping allows specification of the host or host group that can access a
specific volume on your storage array.
When configuring a storage array, we have to determine how to organize and
allocate the total storage capacity into volumes and share those volumes
among the data hosts. As we plan the storage configuration, it is important
that we consider these: 1) Performance requirements; 2) Access
requirements; 3) Combination of redundancy with performance.
Backup:
Recovery from the failure of a server instance requires access to the
domains configuration and security data. Several software tools can be
configured to perform certain domain backups automatically. The
administrator must also perform a manual backup of the domain
configuration artifacts and store those backups outside of the actual domain