Академический Документы
Профессиональный Документы
Культура Документы
Index
Windows XP Overview Active Directory Directory Structure User profile (Start Menu, Desktop, My documents, App Data etc.,)
Users and Groups overview System Tools (Backup, Disk Cleanup, Schedule Task, System restore etc.,)
Registry Overview ( about Hives and data types) Control Panel Overview Internal and External Commands "Run" commands
Windows XP Overview The Windows eXPerience operating system is available as home and professional edition and are similar suitable for the use on standalone computers. The home edition is suitable for user which worked with Windows 9x/ME till now and don't need special network or security features in their environment. If the users have used Windows NT/2000 private, in business or both, the Professional Edition is not only with a view of the administration optimally. Microsoft already encloses 10,000 drivers on the installation media of Windows XP, about the Windows update further more 2,000 drivers are available. The Professional Edition of Windows XP has more network features than the Home Edition. An update of Windows 9 x/ME is possible, with Windows NT/2000 only the Professional Edition can be used for update. Optional FAT32 and NTFS are available as a file system for the installation partition. Windows XP (Windows version 5.1) becomes a predecessor of Windows 9x/ME as well as Windows NT/2000 and is available for 32-bits CPUs in the following versions: - Embedded - Home Edition (1 CPU) for private user (Oct. 2001)
A 64-bit version of Windows XP was announced officially of Microsoft in April 2003. The RC2 was available in February 2005. Windows XP Professional x64 was published in April 2005. At most 16 gbyte RAM are utilizably with that, the virtual address range enlarges to 16 byte. Same will be the product activation at all versions, which is needed at every new installation or extensive upgrade of the PC devices. Company customers can use can so-called corporate version by a special licensing option without this product activation. As the most visual innovation the revised Windows interface with the new design is well done, the design called Luna (as of beta 2428) can display window elements in high color. The return to the interface as of Windows 2000 is further possible. The representation and organization of the central registry is quit the same as used in Windows 2000. Standard features of Windows XP - Home and Professional Fast user switching Network assistant Remote control for the diagnosis (Remote assistant) Simplified user interface Windows Media Player Internet Explorer 6.0 Windows Movie Maker Special features of Windows XP - Professional Edition ASR - Automated System Recovery Create of offline files Backup/recovery function User guidelines (Policies) User administration (limited in Home Edition) File system encrypting (only for NTFS) Integration of the PC in a domain Integration of dynamic data storage Use as a terminal service client Use as a NetWare-Client
Active Directory What is Active Directory? Active Directory is Microsoft's trademarked directory service, an integral part of the Windows architecture. Like other directory services, such as Novell Directory Services (NDS), Active Directory is a centralized and standardized system that automates network management of user data, security and distributed resources and enables interoperation with other directories. Active Directory is designed especially for distributed networking environments. Active Directory was new to Windows 2000 Server and further enhanced for Windows Server 2003, making it an even more important part of the operating system. Windows Server 2003 Active Directory provides a single reference, called a directory service, to all the objects in a network, including users, groups, computers, printers, policies and permissions. For a user or an administrator, Active Directory provides a single hierarchical view from which to access and manage all of the network's resources.
boot.ini
bootsect.dos Present only on dual-boot systems. NTLDR uses this file when the selected operating system is not Windows XP. Bootsect.dos in turn seeks out the OS-specific operating system loader file, such as io.sys for MS-DOS or os2ldr.exe for OS/2. ntbootdd.sys Used only on systems with SCSI drives that do not have onboard BIOS translation enabled. It is a copy of the device driver for your particular SCSI drive. hiberfil.sys NOTE When BOOTSECT.DOS is installed using the DOS-mode setup (for example, a Windows 98 startup disk), the file will still appear, even though it is not really a dual-boot system, meaning there is no COMMAND.com to boot into DOS. In this scenario, there is only one OS entry in the boot.ini file, and the boot selection menu does not appear. Other files can appear in the system partition on x86 dual-boot and multiboot systems. The addition of these files does not affect the function or capabilities of the required Windows XP boot files in the system partition. Installing multiple operating systems on a single computer with Windows XP Professional (or Home Edition) often requires a specific installation order or manual post-installation configuration changes. Both the Microsoft Windows XP documentation and TechNet include detailed articles on performing multiboot setups with Windows XP Professional, Windows XP Professional, Windows Server 2003, Windows 95, Windows 98, MS-DOS, and OS/2. Multi-booting Windows XP with non-Microsoft operating systems, such as Linux, often requires third-party boot and partition managers. The system partition does not include any folders. It exists as a root folder only with three or more files. Having additional folders in the system partition does not affect the operation of boot files. You might notice that the files in the system partition are among the files found on an Emergency Repair Disk (ERD). This should not be surprising Available if hibernation is enabled on the computer.
Documents This folder is used to hold the configurations for each user who accesses the system. In Windows NT, this information was and Settings stored in the \Windows\profiles folder. Program Files System Volume Information Recycler This folder is the default installation location for Windows applications. This folder stores all disk permission and security information.
This is not a true folder; instead, it is the system-controlled temporary repository for deleted files. You can access its contents by launching the Recycle Bin tool from the desktop. Note that this folder does not appear until a file is deleted. This is the main folder containing all the Windows XP system files, and the default folder for Windows XP.
Windows
The root of the boot partition is also the default location for pagefile.sys, which is the page file the Windows NT virtual memory system uses. NOTE The file and folder structure discussed in this chapter is derived from a fresh installation of Windows XP on an x86 desktop system with Service Pack 1 integrated. The typical installation method was chosen. No other applications from Microsoft or any third-party vendors were present on the system. That means no additional services or applications were installed from the
Initialization and configuration files for backward-compatibility with various 16-bit utilities and applications (.ini) Readme, log, and documentation files (.txt, .log, and .wri) The following is a listing of the subfolders under the Windows folder: Addins. ActiveX controls files. Contains application compatibility .dlls and Appfix
AppPatch. packages.
Config. Contains configuration .idf files used by the MIDI sound system. Depending on system configuration, this folder might be empty. Connection Wizard. Files used for establishing Internet connectivity. Can be an empty folder. CSC. The Client Side Cache is where contents of mapped network drives are cached so that the contents of these drives will be available offline. By default, this folder contains empty folders. Cursors. Contains static and animated cursor files. You can use these files by configuring the Mouse applet. Debug. Contains .log files that can be used to debug network connectivity and other setup functions.
Help. Contains the help files used by the Windows XP Help system and all its native utilities. Ime. Files to support the Input Method Editor. Provides language support for Windows XP. Inf. Contains the .inf (system information) files used to install software components. This is a hidden folder. Installer. The location for temporary files used by the Windows Installer program. This is a hidden folder. Java. Folder structure for Java files. Media. Contains media files (sound and video) used by sound themes.
Msagent. Microsoft agent files, which are software services that support using animated characters in the Windows interface to assist users in manipulating the operating system. Msapps. Contains files for backward-compatibility with applications that use shared components. Mui. MUI (Multilingual-User Interface) Packs give companies flexibility in making language options available to users. Offline Web Pages. Any Web pages designated as offline accessible are stored in this folder, along with any images and other files that go with it. PCHEALTH. Contains files and subfolders to support the Microsoft Help Center Service. These files support all the Windows XP Help services, including features such as Remote Desktop Assistance. Prefetch. Contains the files that XP is tracking for prefetch execution. Caching frequently used files decreases startup time for applications and optimizes XP performance.
Security. Contains subfolders and files related to security. Includes log files that define the default security applied during setup and templates for assigning new security privileges. Srchasst. Contains files and subfolders for Search Companion, the updated search assistant included with XP. Includes files to support an indexing function that improves search performance. System. Contains 16-bit versions of protected and real mode drivers and .dll files used by applications. These files are provided for backwardcompatibility with older applications. Additional 16-bit driver files can be stored in this folder. System32. Contains the core operating system files and subfolder trees. Tasks. Contains intervention. scheduled tasks that run without operator
Temp. Contains any temporary files used by the system and applications. Twain_32. Contains files to support Twain technology, enabling a scanner document to be inserted into a file. Web. Contains files and subfolders to support Internet printing and document access. WinSxS. A folder to store the shared components of side-by-side applications. These can be multiple versions of the same application or the same assembly. The System32 subfolder contains most of the files used by Windows XP. This is the primary storage location for DLLs, Control Panel applets (.cpl), device drivers (.drv), help files (.hlp and .cnt), MS-DOS utilities (.com), language support files (.nls), screensavers (.scr), setup information files (.inf), and a handful of other files used for support, configuration, or operation. The most commonly accessed described in the following list: subfolders in Windows\System32 are
1025, 1028, 1031, 1033, etc. Contains locationization languages files. Most of these folders will be empty. The English language is 1033. The complete list of locale IDs can be found at http://www.microsoft.com/globaldev/reference/loclanghome.mspx. CatRoot. Contains security catalog files. CatRoot2. Contains catalog database files. Com. Contains COM object information. Config. Contains the Registry hives used during bootup and is the storage location for the System, Security, and Application log files viewed through Event Viewer. Config now contains a new folder called \systemprofile that holds a standard profile for the local system. DHCP. This is an empty folder used to hold Dynamic Host Configuration Protocol (DHCP) database files if the host becomes a DHCP server. DirectX. Contains files to support the accelerated performance features of game devices. Dllcache. Contains backup copies of the operating system files that are under the Windows File System Protection system. Drivers. Contains driver files (.sys); the \etc folder contains sample copies of the TCP/IP text-based configuration files, such as Hosts and LMHosts files. Export. This is an empty folder. IAS. If there is no Internet connection capability, this is an empty folder used to hold configuration files for the Internet Authentication Service. This service is typically found on servers. If the machine has a device capable of connecting to the Internet, the IAS folder should not be empty. It will contain two files: DNARY.MDB (used to phrase IAS log files) and IAS.MDB (used to store remote access policies). Icsxml. Contains files for Univeral Plug and Play. IME. Contains files for Input Method Editors. Intsrv. Contains files used by the World Wide Web service. This folder is empty. Macromedia. Contains a subfolder with the Shockwave Flash .ocx file.
MsDTC. Contains Microsoft Distributed Transaction Coordinator files that control transaction output and message delivery between two different applications or processes. MUI. Contains Multilingual-User Interface files that are created by applications, such as Service Pack 1. Os2. Contains drivers used by the OS/2 subsystem. NPP. Contains files to support collecting network traffic from an XP PC by a Network Monitor server. Oobe. Contains "Out of Box Experience" files that prompt users to complete product activation and registration and to create a new user other than Administrator. This feature is activated only after setup. Ras. Contains the default scripts used by Dial-Up Networking. Restore. Contains a list of files to be monitored and saved to an alternative location in case of file corruption. The System Restore service takes snapshots of the XP system periodically to enable the system to be restored from a previous set of data. This folder also contains the machine GUID. Setup. Contains setup files for additional services, such as FrontPage Server Extensions and Microsoft Fax. ShellExt. By default, this folder is empty. Spool. Used by the printing system to store spooled print jobs and related files. The Printers subfolder is used to store spool files. The other folders found here vary based on printer drivers and configuration. USMT. USMT stands for User State Migration Tool. This folder contains files to support both USMT and the File and Settings Transfer Wizard. Both tools enable user files and settings to be copied to another PC. WBEM. Used by Web Based Enterprise Management to store its data and executable files and utilities. The Microsoft implementation of WBEM is the Windows Management Instrumentation (WMI) Service. With WMI, programmers can create applications that control network devices, using the same commands regardless of platform. Wins. Contains files to support the Windows Internet Name Service (WINS). This folder is empty.
User Profile folders Structure Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2 A user profile consists of:
A registry hive. The registry is a database used to store computer- and user-specific settings. Portions of the registry can be saved as files, called hives. These hives can then be reloaded for use as necessary. User profiles take advantage of the hive feature to provide roaming profile functionality. The user profile registry hive is the NTuser.dat in file form, and is mapped to the HKEY_CURRENT_USER portion of the registry when the user logs on. The NTuser.dat hive maintains the users environment preferences when the user is logged on. It stores those settings that maintain network connections, Control Panel configurations unique to the user (such as the desktop color and mouse), and application-specific settings. The majority of the settings stored in the registry are opaque to user profiles settings are owned and maintained by individual applications and operating system components. A set of profile folders stored in the file system. User profile files are stored in the filesystem in the Documents and Settings directory, in a per user folder. The user profile folder is a container for applications and other operating system components to populate with subfolders and per-user data, such as shortcut links, desktop icons, startup applications, documents, configuration files and so forth. Windows Explorer uses the user profile folders extensively for special folders such as the users desktop, start menu and my documents folder.
Together, these two components record user-configurable settings that can migrate from computer to computer. The default location of user profiles was changed from the Windows NT 4.0 operating system to allow administrators to secure the operating system folders without adversely affecting user data. On a clean installed computer running Windows Server 2003, Windows XP or Windows 2000, profiles are stored in the %Systemdrive%\Documents and Settings folder. In contrast, on computers running Windows NT 4.0, profiles are stored inside the system directory, at %Systemroot%\profiles folder (typically WINNT\profiles).
Table 1 User Profile Locations Operating system Windows Server 2003 clean installation (no previous operating system) Windows Server 2003 upgrade of Windows 2000 Windows Server 2003 upgrade of Windows NT 4.0 Location of user profile %SYSTEMDRIVE%\Documents and Settings; for example, C:\Documents and Settings
SYSTEMDRIVE%\Documents and Settings; for example, C:\Documents and Settings %SYSTEMROOT%\Profiles; for example, C:\WinNT\Profiles
Configuration Preferences Stored in the Registry Hive The NTuser.dat file contains the following configuration settings:
Windows Explorer settings. All user-definable settings for Windows Explorer, as well as persistent network connections. Taskbar settings. Printer settings. All network printer connections. Control Panel. All user-defined settings made in the Control Panel. Accessories. All user-specific application settings affecting the Windows environment, including: Calculator, Clock, Notepad, Paint, and HyperTerminal, among others.
Application Settings. Many applications store some per user settings in the users registry hive (HKEY_CURRENT_USER). An example of these types of settings would be Microsoft Word 2000s toolbar settings.
Configuration Preferences Stored in Profile Directories Figure 1 below shows the structure of the user profile.
Application data*. Application-specific data, such as a custom dictionary for a word processing program. Application vendors decide what data to store in this directory. Cookies. Internet Explorer cookies.
Desktop. Desktop items, including files and shortcuts. Favorites. Internet Explorer favorites Local Settings*. Application settings and data that do not roam with the profile. Usually either machine specific, or too large to roam effectively.
Application data. Computer specific application data. History. Internet Explorer history. Temp. Temporary files. Temporary Internet Files. Internet Explorer offline cache.
My Documents. The new default location for any documents that the user creates. Applications should be written to save files here by default.
My Pictures. Default location for users pictures. My Music. Default location for users music.
NetHood*. Shortcuts to My Network Places items. PrintHood*. Shortcuts to printer folder items. Recent. Shortcuts to the most recently used documents. SendTo. Shortcuts to document storage locations and applications. Start Menu. Shortcuts to program items. Templates*. Shortcuts to template items.
* These directories are hidden by default. To see these directories, change the View Options. The Folder Redirection feature of IntelliMirror allows an administrator to redirect the location of certain folders in the user profile to a network location. When these redirected folders are accessed either by the operating system or by applications, the operating system automatically redirects to the location on a network share specified by the administrator. From a user perspective, this is similar to the roaming scenario because users have the same settings regardless of which computers they use. However unlike roaming, these settings actually remain on the network share. Folder
Table 2 Folders that Roam with the Profile Roams with profile by default Yes Redirect with Group Policy Yes
Desktop
Yes
Yes
Favorites
Yes
No
Local Settings
No
No
My Documents NetHood
Yes Yes
Yes No
PrintHood
Yes
No
Recent
Yes
No
Send To
Yes
No
Yes No
Non-Roaming Folders The default behavior of roaming user profiles in Windows NT 4.0 is to include all the folders in the user profile directory. Thus when a user first logs on, all
part of a domain, the operating system checks if a domain wide default profile exists in a folder named Default User on the domain controllers NETLOGON share.
If a domain wide profile exists, it is copied to a subfolder on the local computer with the user name under %SYSTEMDRIVE %\Documents and Settings\. For example, a new user with the user name JDoe would have a profile created in %SYSTEMDRIVE %\Documents and Settings\JDoe. If a default domain profile does not exist, then the local default profile is copied from the %Systemdrive%\Documents and Settings\Default User folder to a subfolder on the local computer with a user name under %Systemdrive%\Documents and Settings\.
4. If the computer is not part of a domain, the local default profile is copied from the %Systemdrive%\Documents and Settings\Default User folder to a subfolder on the local computer with a user name under %Systemdrive%\Documents and Settings\. 5. The users registry hive (NTUSER.DAT) is mapped to the HKEY_CURRENT_USER portion of the registry. 6. The users %userprofile% environment variable is updated with the value of the local profile folder 7. When the user logs off, a profile is saved to the local hard disk of the computer. Local Profile - Existing User 1. The user logs on. 2. Windows checks the list of user profiles located in HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersi on\ProfileList to get the path to the users profile. 3. The users registry hive (NTUSER.DAT) is mapped to the HKEY_CURRENT_USER portion of the registry. 4. The users %userprofile% environment variable is updated with the value of the local profile folder. 5. When the user logs off, the profile is saved to the local hard disk of the computer. Roaming Profile - New User 1. The user logs on.
If a domain wide profile exists, it is copied to a subfolder on the local computer with their user name under %Systemdrive %\Documents and Settings\. If a default domain profile does not exist, then the local default profile is copied from the %Systemdrive%\Documents and Settings\Default User folder to a subfolder on the local computer with their user name under %Systemdrive%\Documents and Settings\.
5. The users registry hive (NTUSER.DAT) is mapped to the HKEY_CURRENT_USER portion of the registry. 6. The users %userprofile% environment variable is updated with the value of the local profile folder 7. The user can then run applications and edit documents as normal. When the user logs off, their local profile is copied to the path configured by the administrator. If a profile already exists on the server, the local profile is merged with the server copy (see merge algorithm later in this paper for more details). Roaming Profile - Existing User 1. The user logs on. 2. The path to the users roaming profile is retrieved from the user object on the Domain Controller. 3. Windows checks to see if a profile exists in the roaming path, if no profile exists a folder is created.
File Systems You can use FAT16, FAT32, NTFS, or a combination of file systems on a single computer, but each volume can have only one file system installed. When choosing which file system to use, you need to determine the following:
How the computer is used (dedicated to Windows XP or multiple-boot). The number and size of locally installed hard disks. Security considerations. Interest in using advanced file system features.
FAT volumes smaller than 16 megabytes (MB) are formatted as FAT12. FAT16 volumes larger than 2 gigabytes (GB) are not accessible from computers running MS-DOS, Windows 95, Windows 98, and many other operating systems.
While FAT32 volumes can theoretically be as large as 2 terabytes, Windows XP limits the maximum size FAT32 volume that it can format to 32 GB. However, Windows XP can read and write to larger FAT32 volumes formatted by other operating systems.
The implementation of FAT32 in Windows XP limits the maximum number of clusters on a FAT32 volume that can be mounted by Windows XP to 4,177,918. This is the maximum number of clusters on a FAT32 volume that can be formatted by Windows 98.
NTFS volumes can theoretically be as large as 16 exabytes (EB), but the practical limit is 2 terabytes.
The user can specify the cluster size when an NTFS volume is formatted. However, NTFS compression is not supported for cluster sizes larger than 4 kilobytes (KB).
NTFS is a recoverable file system. A user seldom needs to run a disk repair program on an NTFS volume. NTFS guarantees the consistency of the volume by using standard transaction logging and recovery techniques. In the event of a system failure, NTFS uses its log file and checkpoint information to automatically restore the consistency of the file system. NTFS supports compression on volumes, folders, and files. Files that are compressed on an NTFS volume can be read and written by any Windows-based application without first being decompressed by another program; decompression happens automatically during the file read. The file is compressed again when it is closed or saved. NTFS supports all Windows XP file system features. NTFS does not restrict the number of entries in the root folder. Windows XP can format volumes up to 2 terabytes with NTFS. NTFS manages disk space more efficiently than FAT, using smaller clusters (4 KB for volumes up to 2 terabytes). The boot sector is backed up to a sector at the end of the volume. NTFS minimizes the number of disk accesses required to find a file. On NTFS volumes, you can set permissions on shares, folders, and files that specify which groups and users have access, and what level of access is permitted. NTFS file and folder permissions apply to users working on the local computer and to users accessing the file over the network from a shared folder. You can also set share permissions that operate on network shares in combination with file and folder permissions. NTFS supports a native encryption system, EFS, that uses symmetric key encryption in conjunction with public key technology to prevent unauthorized access to file contents.
Reparse points enable new features such as volume mount points. Disk quotas can be set to limit the amount of space users can consume.
NTFS uses a change journal to track changes made to files. NTFS supports distributed link tracking to maintain the integrity of shortcuts and OLE links.
NTFS supports sparse files so that very large files can be written to disk while requiring only a small amount of storage space.
Disadvantages of NTFS While NTFS is recommended for most Windows XP users, it is not appropriate in all circumstances. Disadvantages of NTFS include:
NTFS volumes are not accessible from MS-DOS, Windows 95, or Windows 98. The advanced features of the version of NTFS included with Windows XP are not available in Windows NT. For very small volumes that contain mostly small files, the overhead of managing NTFS can cause a slight performance drop in comparison to FAT.
A former disadvantage of NTFS was accessing the NTFS-formatted system volume when corrupted or deleted system files prevented the computer from starting. In the past, it was a common requirement that Windows NT be installed to a second, separate folder to access the NTFS system volume of the first installation. Windows XP resolves this problem by offering a pair of new troubleshooting tools. The first tool, known as Safe Mode, allows Windows XP to be started with only the basic set of device drivers and system services loaded. Safe Mode allows a system that cannot start, due to system corruption or the installation of incompatible drivers or system services, to bypass those blocking issues, enabling the local administrator to resolve the problem. If the damage to the operating system files is severe enough that the computer cannot start even in Safe Mode, you can start the computer from either the Windows XP operating system CD or Setup floppy disks by using the Recovery Console. The Recovery Console is a special command-line environment that enables the administrator to copy system files from the operating system CD, fix disk errors, and otherwise troubleshoot system problems without installing a second copy of the operating system. What are the advantages of NTFS over FAT32?
Allows indexing which improves file searching (mostly, faster); causes slight performance hit (can turn off). Has better security -- such as file-wise encryption (not supported by WinXP home) and per-user access rules (you can stop your wife from seeing the porn folder!) Supports user quotas (prevent the tykes from downloading too many mp3s) Has file-wise compression. Is journaled, decreasing data loss (ScanDisk at start up unnecessary). Uses Unicode (allows foreign and extended character) file names and natively supports long file names. Supports larger files than FAT (greater than 4GB). Allows larger volume sizes (greater than 1TB) There is talk about a theoretical limit of 16 Exabytes, and up to 2 Terabytes. Supported format on dynamic disks (no dynamic disks on WinXP Home). Works well with large cache (greater than 96MB systems). Performs better on volumes ~20GB and more. Is more space-efficient on large volumes (greater than 8GB). Resistant to fragmentation.
Sharing and Security How to Share and Set Permissions for Folders and Files Using Windows XP File and Printer Sharing for Microsoft Networks The File and Printer Sharing for Microsoft Networks component allows computers on a network to access resources on other computers using a Microsoft network. This component is installed and enabled by default. It is enabled per connection using TCP/IP and is necessary to share local folders. The File and Printer Sharing for Microsoft Networks component is the equivalent of the Server service in Windows NT 4.0. To share folders with other users on your network 1. Open My Documents in Windows Explorer. Click Start, point to All Programs, point to Accessories, and then click Windows Explorer. 2. Click the folder you want to share. 3. Click Share this folder in File and Folder Tasks.
5. To change the name of the folder on the network, type a new name for the folder in the Share name text box. This will not change the name of the folder on your computer. Note The Sharing option is not available for the Documents and Settings, Program Files, and Windows system folders. In addition, you cannot share folders in other users profiles. To set, view, change, or remove file and folder permissions 1. Open Windows Explorer, and then locate the file or folder for which you want to set permissions. To open Windows Explore click Start, point to All Programs, point to Accessories, and then click Windows Explorer. 2. Right-click the file or folder, click Properties, and then click the Security tab as shown in Figure 2 below.
3. To set permissions for a group or user that does not appear in the Group or user names box, click Add. Type the name of the group or user you want to set permissions for and then click OK, as shown in Figure 3 below.
Figure 3. Adding new group or user permissions 4. To change or remove permissions from an existing group or user, click the name of the group or user and do one of the following, as shown in Figure 2 above:
To allow or deny a permission, in the Permissions for...box, select the Allow or Deny check box. To remove the group or user from the Group or user names box, click Remove.
Notes
In Windows XP Professional, the Everyone group no longer includes Anonymous Logon. You can set file and folder permissions only on drives formatted to use NTFS. To change permissions you must be the owner, or have been granted permission to do so by the owner. Groups or users granted Full Control for a folder can delete files and subfolders within that folder regardless of the permissions protecting the files and subfolders. If the check boxes under Permissions for user or group are shaded or if the Remove button is unavailable, then the file or folder has inherited permissions from the parent folder. When adding a new user or group, by default, this user or group will have Read & Execute, List Folder Contents, and Read permissions.
Remove temporary Internet files. Remove downloaded program files. For example, ActiveX controls and Java applets that are downloaded from the Internet. Empty the Recycle Bin. Remove Windows temporary files. Remove optional Windows components that you are not using. Remove installed programs that you no longer use.
Click Start, and then click Run. In the Open box, type cleanmgr, and then click OK. -orClick Start, point to All Programs, point to Accessories, point to System Tools, and then click Disk Cleanup. -orIn Windows Explorer or My Computer, right-click the disk in which you want to free up space, click Properties, click the General tab, and then click Disk Cleanup.
Remove Files Stored on Your Hard Disk To remove files stored on your hard disk that you no longer use, follow these steps:
1. Click Start, and then click My Computer. 2. Right-click the disk in which you want to free up space, and then click
Properties. 3. Click the General tab, and then click Disk Cleanup. 4. Click the Disk Cleanup tab (if it is not already selected), click to select the check boxes next to the files that you want to remove, and then click OK. 5. Click Yes to the proceed with this action, and then click OK. Remove Windows Components To remove Windows components that you are not using, follow these steps:
1. Click Start, and then click My Computer. 2. Right-click the disk in which you want to free up space, and then click
Properties.
click Clean up. The Windows Components Wizard starts. 5. In the Components list, click to clear the check box next to the component(s) that you want to remove. o A shaded check box next to a component indicates that only some of its subcomponents are installed. If you want to remove a subcomponent, click Details, click to clear the check box next to the subcomponent(s) that you want to remove, and then click OK. 6. Click Next. 7. In the Completing the Windows Components Wizard page, click Finish. 8. Click OK, click Yes to proceed with this action, and then click OK. Remove Installed Programs To remove programs that you no longer use, follow these steps:
1. Click Start, and then click My Computer. 2. Right-click the disk in which you want to free up space, and then click
Properties. 3. Click the General tab, and then click Disk Cleanup. 4. Click the More Options tab, and then under Installed programs, click Clean up. The Add or Remove Programs dialog box is displayed.
5. In the Currently installed programs list, click the program that you
Yes.
7. Repeat step 5 and 6 to remove other programs that you no longer use,
Remove Restore Points To remove all restore points except the most recent restore point, follow these steps:
1. Click Start, and then click My Computer. 2. Right-click the disk in which you want to free up space, and then click
Properties. 3. Click the General tab, and then click Disk Cleanup.
Clean up.
5. Click Yes to remove all but the most recent restore point. 6. Click OK, click Yes to proceed with this action, and then click OK.
Administrative tools Component Services Used by system administrators to deploy and administer COM+ programs from a graphical user interface, or to automate administrative tasks using a scripting or programming language. Software developers can use Component Services to visually configure routine component and program behavior, such as security and participation in transactions, and to integrate components into COM+ programs. For more information, see Using Component Services Computer Management Used to manage local or remote computers from a single, consolidated desktop utility. Computer Management combines several Windows XP administrative tools into a single console tree, providing easy access to a specific computer's administrative properties. For more information, see Using Computer Management Data Sources (ODBC) Open Database Connectivity (ODBC) is a programming interface that enables programs to access data in database management systems that use Structured Query Language (SQL) as a data access standard. For more information, see Using Data Sources (ODBC) Event Viewer Used to view and manage logs of system, program, and security events on your computer. Event Viewer gathers information about hardware and software problems, and monitors security events. For more information, see Using Event Viewer Local Security policy Used to configure security settings for the local computer. These settings include the Password policy, Account Lockout policy, Audit policy, IP Security policy, user rights assignments, recovery agents for encrypted data, and other security options. Local Security Policy is only available on computers
Schedule a task to run daily, weekly, monthly, or at certain times (such as system startup). Change the schedule for a task. Stop a scheduled task.
Each scheduled task you create is stored as a .job file in the \Windows\Tasks folder. The .job file contains the properties and configuration information for the task. You can create a scheduled task on your computer and then drag the .job object over to a remote computer. After you drag a task from one computer to another, you must update the account information for the task before it will run. Removing a scheduled task removes only the .job file from the schedule. The program file the task runs is not removed from the hard disk.
Windows XP System Restore Microsoft OSs have typically included utilities that help you recover systems that become unstable or crash, but Windows XP's System Restore goes much further. System Restore reinstates the registry, local profiles, the COM+ database, the Windows File Protection (WFP) cache (wfp.dll), the Windows Management Instrumentation (WMI) database, the Microsoft IIS metabase, and files that the utility copies by default into a Restore archive. You can't specify what to restore: it's all or nothing. Understanding System Restore Creating a Restore Point Restoring a System Troubleshooting
Understanding System Restore System Restore's purpose is to return your system to a workable state without requiring a complete reinstallation and without compromising your data files. The utility runs in the background and automatically creates a restore point when a trigger event occurs. Trigger events include application installations, AutoUpdate installations, Microsoft Backup Utility recoveries, unsigned- driver installations, and manual creations of restore points. The utility also creates restore points once a day by default. System Restore requires 200MB of free hard disk space, which the utility uses to create a data store. If you don't have 200MB of free space, System Restore remains disabled until the space becomes available, at which point the utility enables itself. System Restore uses a first in/first out (FIFO) storage scheme: The utility purges old archives to make room for new ones when the data store reaches a set limit.
Figure 1: Name restore points so that you can easily identify them later. After the utility collected all the information it needed, it displayed the Restore Point Created screen, which Figure 2 shows. I closed the utility to end the process.
Figure 2: Restoring a System Having created a restore point, I could install Crystal Reports on my Windows XP machine with the confidence of knowing that I could restore my system if
Figure 3: I clicked July 23 and saw the Before Crystal Reports restore point that I had created earlier. I selected that restore point and clicked Next, then confirmed the restore point selection and clicked Next again. System Restore closed all programs and proceeded with the restoration. The computer then rebooted. I logged back on, and the Restoration Complete screen appeared to let me know the restore was finished and had succeeded, as Figure 4 shows.
Figure 4: I then checked the hard disk and the registry and found no sign of Crystal Reports. In addition, the files I created between installing and restoring my system remained on my system. My data files were safe, and the system was stable. If your system no longer boots to the OS, start the computer and press the F8 key as Windows begins to run. When the Windows Advanced Options menu appears, choose Last Known Good Configuration and press Enter. If the damage isn't too bad, a boot menu will appear, and you can select Microsoft Windows XP, then press Enter. Windows XP will restore the computer to the most recent restore point. If a restoration fails to resolve a problem, System Restore lets you try to select another restore point or undo the restoration. So, if you chose the wrong restore point earlier, you get a chance to correct your mistake. Remember, performing a restore is one of the events that triggers the system to create a restore point. Now you know why. Troubleshooting I've found System Restore to be stable and reliable. However, as with most programs, you might occasionally experience problems with System Restore. Should you need to disable it, you can do so (for details, see the sidebar "Disabling System Restore"). But first, try troubleshooting:
Read any error messages and address any issues that the messages identify.
Check your hard disks for free space. You must have at least 200MB of free space on each disk on which you've enabled System Restore. You can use the Disk Cleanup utility to reclaim space. If necessary, you can also use this utility to delete all but the most recent restore point. Confirm that the System Restore service is running. Try to run the utility in Safe mode. Check the System log for any errors that relate to sr or srservice.
If these steps don't help, run srdiag.exe to troubleshoot further. Srdiag creates a .cab file, which it places in the \%windir%\system32\restore folder by default. You can double-click the file or right-click it and choose Extract. You can then examine the 14 extracted files to troubleshoot your problem. System Restore's scope, ease of use, and reliability are impressive. It's a useful utility that power users, technical support staff, and administrators should familiarize themselves with. System Restore has the potential to significantly reduce administrator work and user downtime.
Event Viewer With Event Viewer, users can monitor events recorded in the Application, Security, and System logs: Understanding Event Viewer Using the event logs in Event Viewer, you can gather information about hardware, software, and system problems. You can also monitor Windows XP security events. A computer running any version of Windows XP records events in three kinds of logs:
Disk Management You use Disk Management snap-in in Windows XP to perform disk-related tasks, such as creating partitions and volumes, formatting them, and assigning drive letters. On computers running Windows XP or Windows 2003 Server, you can also use Disk Management to perform advanced tasks, such as creating and repairing fault tolerant volumes. Disk Management overview The Disk Management snap-in is a system utility for managing hard disks and the volumes, or partitions, that they contain. With Disk Management, you can initialize disks, create volumes, format volumes with the FAT, FAT32, or NTFS file systems, and create fault-tolerant disk systems. Disk Management enables you to perform most disk-related tasks without shutting down the system or interrupting users; most configuration changes take effect immediately. Disk Management, which replaces the Disk Administrator utility used in Windows NT 4.0, offers many features including:
Simplified tasks and intuitive user interface. Disk Management is easy to use. Menus that are accessible from the right mouse button display the tasks you can perform on the selected object, and wizards guide you through creating partitions or volumes and initializing or converting disks. Basic and dynamic disk storage. Basic disks contain basic volumes, such as primary partitions, extended partitions, and logical drives. Use basic disks on portable computers or when you plan to install multiple operating systems in different partitions on the same disk.
Local and remote disk management. By using Disk Management, you can manage any remote computer running Windows 2000 or Windows XP on which you are a member of the Administrators group. Mounted drives. You can use Disk Management to connect, or mount, a local drive at any empty folder on a local NTFS-formatted volume. Mounted drives make data more accessible and give you the flexibility to manage data storage based on your work environment and system usage. Mounted drives are not subject to the 26-drive limit imposed by drive letters, so you can use mounted drives to access more than 26 drives on your computer. Logical Disk Manager Service. The Logical Disk Manager Service uses disk groups to maintain information about the current state of disks in your computer. Support for MBR and GPT disks. Disk Management offers support for master boot record (MBR) disks in x86-based computers and support for MBR and GUID partition table (GPT) disks in Itanium-based computers. Manage disks at the command line. Use the command-line tool DiskPart to perform disk-related tasks at the command line as an alternative to using Disk Management. With DiskPart, you can create scripts to automate tasks, such as creating volumes or converting disks to dynamic.
Best practices
Back up data Deleting or creating partitions or volumes destroys any existing data. Be sure to back up the disk contents beforehand. As with any major change to disk contents, you should back up the entire contents of the hard disk before working with partitions or volumes, even if you do not plan to make any changes to one or more of your partitions or volumes. Format volumes using the NTFS file system Many features, such as file and folder permissions, encryption, large volume support, and sparse file management, all found in Windows 2000 and Windows XP, require this file format. Use dynamic disks Several Disk Management tasks can be performed only with dynamic disks, including the ability to create fault-tolerant disks. Using dynamic disks, you can create and delete simple, spanned, striped, mirrored, and RAID-5 volumes. Dynamic disks do not contain partitions or logical
Registry Overview Registry Editor is an advanced tool for viewing and changing settings in your system registry, which contains information about how your computer runs. Windows stores its configuration information in a database (the registry) that is organized in a tree format. Although Registry Editor enables you to inspect and modify the registry, normally you do not need to do so, and making incorrect changes can break your system. An advanced user who is prepared to both edit and restore the registry can safely use Registry Editor for such tasks as eliminating duplicate entries or deleting entries for programs that have been uninstalled or deleted.
HKEY_CURRENT_USER
HKEY_USERS
HKEY_LOCAL_MACHINE HKEY_CLASSES_ROOT
The following table lists the data types currently defined and used by the system. Data type Description Raw binary data. Most hardware component information is stored as binary data and is displayed in Registry Editor in hexadecimal format. Data represented by a number that is 4 bytes long. Many parameters for device drivers and services are this type and are displayed in Registry Editor in binary, hexadecimal, or decimal format. A variable-length data string. This data type includes variables that are resolved when a program or service uses the data. A multiple string. Values that contain lists or multiple values in a form that people can read are usually this type. Entries are separated by spaces, commas, or other marks. A fixed-length text string.
REG_BINARY
REG_DWORD
REG_EXPAND_SZ
REG_MULTI_SZ
REG_SZ
A series of nested arrays designed to REG_FULL_RESOURCE_DESCRIPTOR store a resource list for a hardware component or driver.
Caution
Incorrectly editing the registry may severely damage your system. Before making changes to the registry, you should back up any valued data on your computer.
Notes
To open Registry Editor, click Start, click Run, type regedit, and then click OK. To safely use Registry Editor for such tasks as eliminating duplicate entries or deleting entries for programs that have been uninstalled or deleted, you should be prepared to both edit and restore the registry.
Best practices In Windows, system configuration information is centrally located in the registry. While this simplifies the administration of a computer or network, one incorrect edit to the registry can disable the operating system. The following list provides some best practices for using the registry and Registry Editor safely:
You can back up the registry by using a program such as Backup. After you make changes to the registry, create an Automated System Recovery (ASR) disk. For troubleshooting purposes, keep a list of the changes you make to the registry. For more information, see System State data. Do not replace the Windows registry with the registry of another version of the Windows or Windows NT operating systems. Use tools and programs other than Registry Editor to edit the registry.
Incorrectly editing the registry may severely damage your system. You should use tools and programs that provide safer methods for editing the registry.
Control Panel overview Control Panel is full of specialized tools that are used to change the way Windows looks and behaves.
Odbccp32.cp Open Database Connectivity (ODBC) Data Source Administrator l properties Powercfg.cpl Power Options properties Sapi.cpl Speech Properties (located in C:\Program files\Common files\Microsoft Shared\Speech) System properties
Sysdm.cpl
Telephon.cpl Phone and Modem Options properties Timedate.cpl Time and Date properties Third-party software and hardware manufacturers add Control Panel icons to provide an interface for you to use when you configure settings for their products. An icon is displayed in Control Panel after the program's Setup tool places the .cpl file in the Windows\System32. To create a shortcut to a Control Panel tool, either drag an icon from Control Panel to the desktop or another location or manually create a shortcut, and then specify the path to the .cpl file.
Internal / External commands To find information about a command, on the A-Z button menu at the top of this page, click the letter that the command starts with, and then click the command name.
o o
at (windows XP/2000) Scheduling utility. bootcfg (XP only) This utility allows you to set up your boot options, such as your default OS and other loading options. cacls (XP, 2000, & NT4.0) Changes the ACLs (security Settings) of files and folders. Very similar to chmod in Linux. comp (XP & 2000) This utility is very similar to diff in Linux. Use the /? switch to get examples of command usage. contig (works with NT4.0 and newer) A great defrag utility for NTFS partitions. control (XP only) - unpublished! Allows you to launch control panel applets from the command line. control userpasswords2, for example will launch a helpful local user admin utility. defrag (XP only - NT4.0 and Win2k use contig) Yes, XP comes with a command line disk defrag utility. If you are running Win2k or NT4.0 there is still hope. Contig is a free defrag program that I describe on the defrag page. diskpart (XP only) Use this command to manage your disk partitions. This is the text version for the GUI Disk Manager.
o o o
o o
o o
driverquery (XP only) Produces a list of drivers, their properties, and their versions. Great for computer documentation. eudcedit (XP only) - unpublished! Private Character editor. Yes with this program built into Windows XP you can create your own font! findstr Find String - similar to Linux's Grep. fsutil (XP only) - unpublished! This is a utility with a lot of capability. Come back soon for great examples. getmac (XP & 2000) This command gets the Media Access Control (MAC) address of your network cards. gpresult (XP & 2000) This generates a summary of the user settings and computer group policy settings. gpupdate (XP only) Use this utility to manually apply computer and user policy from your windows 2000 (or newer) domain. ipconfig (XP, 2000 & NT4.0) This handy tool displays IP settings of the current computer and much more. MMC (XP, 2000 & NT4.0) - Microsoft Management Console This is the master tool for Windows, it is the main interface in which all other tools use starting primarily in Windows 2000 and newer systems. more Utility used to display text output one screen at a time. Ex. more c:\windows\win.ini msconfig (XP only) The ultimate tool to change the services and utilities that start when your Windows machine boots up. You can also copy the executable from XP and use it in Win2k. msinfo32 (XP &smp; 2000) An awesome diagnostic tool. With it you can get a list of running processes, including the residing path of the executable (great for manually removing malware) and get detailed information about hardware and system diagnostics. narrator (XP only) Turns on the system narrator (can also be found in accessibility options in control panel). Will will allow your computer to dictate text to you. netsh (XP & 2000) A network configuration tool console. At the 'netsh>' prompt, use the '?' to list the available commands and type "exit" to get back to a command prompt. netstat (XP) A local network port tool - try netstat -ano. nslookup (all) A DNS name resolution tool.
o o
openfiles (XP Only) Allows an administrator to display or disconnect open files in XP professional. Type "openfiles /?" for a list of possible parameters. Pathping (XP & 2000) A cross between the ping and traceroute utilities. Who needs Neotrace when you can use this? Type "pathping <ip address>" and watch it go. recover (XP & 2000) This command can recover readable information from a damaged disk and is very easy to use. reg (XP & 2000) A console registry tool, great for scripting Registry edits. sc (XP & 2000) A command line utility called the Service Controller. A power tool to make service changes via a logon/logoff or startup/shutdown script. schtasks (XP only) A newer version of the AT command. This allows an administrator to schedule and manage scheduled tasks on a local and remote machines. secedit (XP & 2000) Use this utility to manually apply computer and user policy from your windows 2000 (or newer) domain. Example to update the machine policy: secedit /refreshpolicy machine_policy /enforce To view help on this, just type secedit. NOTE: In Windows XP SP1 and news, this command is superceded by: gpupdate /force sfc (XP & 2000) The system file checker scans important system files and replaces the ones you (or your applications) hacked beyond repair with the real, official Microsoft versions. shutdown (XP & 2000) With this tool, You can shut down or restart your own computer, or an administrator can shut down or restart a remote computer. sigverif (XP only) Microsoft has created driver signatures. A signed driver is Microsoft tested and approved. With the sigverif tool you can have all driver files analyzed to verify that they are digitally signed. Just type 'sigverif' at the command prompt. systeminfo (XP only) Basic system configuration information, such as the system type, the processor type, time zone, virtual memory settings, system uptime, and much more. This program is great for creating an inventory of computers on your network. sysedit (XP/2000) System Configuration File Editor. An old tool that was very handy for the Windows 9X days. msconfig is what you want to use now. tasklist (XP pro only) Tasklist is the command console equivalent to the task manager in windows. It is a must have when fighting scumware and viruses. Try the command:
tasklist /svc to view the memory resources your services take up. taskkill (XP only) Taskkill contains the rest of the task manager functionality. It allows you to kill those unneeded or locked up applications. tree (XP & 2000) An amazing experience everyone should try! This command will provide a 'family tree' style display of the drive/folder you specify. WMIC (XP & 2000) Windows Management Instrumentation Command tool. This allows you to pull an amazing amount of low-level system information from a command line scripting interface.
Run Commands Program Accessibility Controls Accessibility Wizard Add Hardware Wizard Add/Remove Programs Administrative Tools Adobe Acrobat ( if installed ) Adobe Distiller ( if installed ) Adobe ImageReady ( if installed ) Adobe Photoshop ( if installed ) Automatic Updates Basic Media Player Bluetooth Transfer Wizard Calculator Ccleaner ( if installed ) C: Drive Certificate Manager Character Map Check Disk Utility Clipboard Viewer Command Prompt Command Prompt Component Services Computer Management Compare Files Run Command access.cpl accwiz hdwwiz.cpl appwiz.cpl control admintools acrobat acrodist imageready photoshop wuaucpl.cpl mplay32 fsquirt calc ccleaner c: cdrtmgr.msc charmap chkdsk clipbrd cmd command dcomcnfg compmgmt.msc comp