OReilly MCSE core required exams in a nutshell the required 70 290 291 293 and 294 exams 3rd edition may 2006 ISBN 0596102283

Publisher: O'Reilly Pub Date: May 2006 Print ISBN-10: 0-596-10228-3 Print ISBN-13: 978-0-59-610228-9 Pages: 736 Table of Contents | Index Written by the premier author in Windows admini

By William R Stanek

Publisher: O'Reilly Pub Date: May 2006 Print ISBN-10: 0-596-10228-3 Print ISBN-13: 978-0-59-610228-9 Pages: 736

Table of Contents | Index

Written by the premier author in Windows administration, William Stanek, and addressing the needs of Windows 2003 administrators preparing for the Microsoft Certified Systems

Engineer (MCSE) exams, MCSE Core Required Exams in a Nutshell is invaluable With the

recent revisions of the MCSE exams including simulations, success is even more difficult Not only does this book provide the resources administrators need to succeed on the exams, but to succeed in the real world as well They can think of this book as the notes they would have highlighted and then recorded for every essential nugget of information related to the skills measured in Exams 70-290, 70-291, 70-293, and 70-294 (and by association Exams 70-292 and 70-296)

To begin with, MCSE Core Required Exams in a Nutshell allows readers to see all of the

topics expected for mastery in each of the exams Then, each exam is covered in three parts: Exam Overview, Study Guide, and Test Your Knowledge sections This makes for easy reference and a great study aid The Exams covered include:

EXAM 70-290: Managing and Maintaining a Microsoft Windows Server 2003

Environment

EXAM 70-291: Implementing, Managing, and Maintaining a Microsoft Windows Server 2003 Network Infrastructure

EXAM 70-293: Planning and Maintaining a Microsoft Windows Server 2003 Network Infrastructure

EXAM 70-294: Planning, Implementing, and Maintaining a Microsoft Windows Server

2003 Active Directory Infrastructure

Once they have completed the exams successfully, administrators will find the book to be

a valuable reference to core Windows administration skills.

By William R Stanek

Publisher: O'Reilly Pub Date: May 2006 Print ISBN-10: 0-596-10228-3 Print ISBN-13: 978-0-59-610228-9 Pages: 736

by William R Stanek

Copyright © 2006, 2000, 1998 O'Reilly Media, Inc All rightsreserved

Printed in the United States of America

Published by O'Reilly Media, Inc., 1005 Gravenstein HighwayNorth, Sebastopol, CA 95472

O'Reilly books may be purchased for educational, business, orsales promotional use Online editions are also available for

most titles (safari.oreilly.com) For more information, contactour corporate/institutional sales department: (800) 998-9938 or

March 2000: Second Edition (Originally published as MCSE: The Core Exams in a Nutshell.)

While every precaution has been taken in the preparation of thisbook, the publisher and author assume no responsibility for

errors or omissions, or for damages resulting from the use ofthe information contained herein

ISBN: 0-596-10228-3

[M]

Welcome to MCSE Core Required Exams in a Nutshell As the

author, I designed this book for IT professionals looking to

complete their Microsoft Certification Microsoft offers multiplecertification tracks and as an administrator or engineer, thetracks you'll be most interested in are:

Microsoft Certified Systems Engineer (MCSE)

Advanced certification track for experienced administratorswith strong engineering backgrounds To become an MCSE,you must pass six core exams and one elective exam

Taken appropriately, the certification tracks can measure theprogress of your IT career from beginner to pro Or, for thosealready experienced, the certification tracks can be a measure

of your progress through the process of getting your

professional credentials Regardless of your certification plans,

the exam I recommend studying for and taking first is Exam

2003 Environment When you pass this exam, you will get your

MCP credentials

The next exam I recommend studying for and taking is Exam 70-291: Implementing, Managing, and Maintaining a Microsoft Windows Server 2003 Network Infrastructure When you pass

this exam, you will have completed the two required networkingsystems exams for MCSA certification To complete MCSA

certification, you will need to complete a client operating

system exam and an elective exam

Exams 70-290 and 70-291 are also two of the four requirednetworking system exams for MCSE certification The other two

required networking system exams are Exam 70-293: Planning and Maintaining a Microsoft Windows Server 2003 Network

Infrastructure and Exam 70-294: Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

Exams 70-290, 70-291, 70-293, and 70-294 are covered in this

book This book also covers Exam 70-292: Managing and

Maintaining a Microsoft Server 2003 Environment for an MCSA Certified on Windows 2000 and Exam 70-296: Planning,

Implementing, and Maintaining a Microsoft Windows Server

2003 Environment for an MCSE Certified on Windows 2000.

If you are a current MCSA on Windows 2000, you need to passExam 70-292 to upgrade your certification to Windows Server

2003 If you are a current MCSE on Windows 2000, you need topass Exam 70-292 and Exam 70-296 to upgrade your

certification to Windows Server 2003 These exams are

designed to cover the delta (changes) between Windows 2000and Windows Server 2003 As such, Exam 70-292 covers a

subset of the objectives on Exam 70-290 and Exam 70-291.Exam 70-296 covers a subset of the objectives on Exam 70-293and Exam 70-294

meant to be used as part of your final preparationand not asyour only preparationfor the exams Think of this book as thenotes you'd have written down if you were to highlight and thenrecord every essential nugget of information related to the skillsbeing measured in Exams 70-290, 70-291, 70-293, and 70-294(and by association, Exams 70-292 and 70-296)

Basically, what I've done is boil down the required knowledge toits finest core So, rather than having 500700 pages coveringeach exam, there's approximately 150 pages for each With this

in mind, the best way to use this book is as part of your finalreview So, after you've built sufficient hands-on expertise andstudied all the relevant texts, grab this book and study it cover

to cover as part of your final exam cram

Tip: Unless you have access to a very complete test

environment, I recommend employing some type of virtual

machine technology as part of your exam preparation Microsoft offers Virtual PC and Virtual Server Virtual PC lets you

configure desktops and servers and run them in a virtual

network environment Virtual Server builds on Virtual PC and offers better resource use and extended APIs for automated deployment and management Because Virtual Server 2005 supports two-node clustering between virtual machines on the same Virtual Server host computer and uses a virtual shared SCSI bus to implement the quorum device, you can implement and test software failover between clustered virtual machines Clustering is a skill measured in Exam 70-293.

Conventions Used in This Book

Exam Overview

Provides a brief introduction to the exam's topic, a list ofobjectives, and a cross reference to where the objectivesare covered For those studying for Exams 70-292 or 70-

296, callouts are provided to point out the related

objectives

Study Guide

Provides a comprehensive study guide for the skills beingmeasured on the exam This section should be read throughand studied extensively If you encounter topics you haven'tpracticed and studied enough prior to reading this text, youshould do more hands-on work with the related area of

study and refer to an expanded discussion in a relevant

text Once you've built the real-world know-how and

developed the essential background needed to succeed, youcan resume your studies and move forward

Prep and Practice

Provides exercises and practice questions to help test yourknowledge of the areas studied Sample solutions and

answers are provided with explanations where necessary.The following font conventions are used in this book:

Used for code terms, command-line text, command-lineoptions, and values that should be typed literally

Constant width italic

Indicates text that should be replaced with user-suppliedvalues

Italics

Used for URLs, variables, filenames, and to introduce newterms

knowledge before continuing

(http://www.microsoft.com/certification/) The related pageswill help you keep up-to-date with the certification process andany changes that may occur

There are a wide variety of Microsoft Certification study guides,training classes, and learning resources available Regardless ofwhether these materials say they are for MCPs, MCSAs, or

MCSEs, the materials should relate to specific exams The

exams are the same regardless of the certification track

Also, a large number of practice tests and exam simulations areavailable for purchase and for free on the Web These tests, likethis book, are useful as part of your exam preparation

How to Contact Us

The good folks at O'Reilly and I tested and verified the

information in this book to the best of our ability, but you mayfind that features have changed (or even that we have

madegasp!mistakes) To make this book better, please let usknow about any errors you find, as well as your suggestions forfuture editions, by writing to:

page at:

http://www.oreilly.com/catalog/mcsecoreian

To comment or ask technical questions about this book, sendemail to:

bookquestions@oreilly.com

For more information about our books, conferences, ResourceCenters, and the O'Reilly Network, see our web site at:

Safari offers a solution that's better than e-books It's a virtuallibrary that lets you easily search thousands of top tech books,cut and paste code samples, download chapters, and find quickanswers when you need the most accurate, current information.Try it for free at http://safari.oreilly.com

Acknowledgments

maximum value and learning potential With that in mind, I

started from scratch and addressed the book in an entirely

different way from its predecessors I organized the book into 4parts and 12 chapters, creating a new approach that divideseach exam study guide into three major components: an

overview and a study guide followed by "prep and practice." Inthe overview, I tied the exam objectives directly to the sections

in which those objectives are discussed and added details onthe upgrade certification path for those taking the upgrade

exams In the study guide, I delved as deep as possible intoevery exam objective In the "prep and practice," I created asingle chapter that contains everything you need for additionalreview, including notes on preparing for the exam, suggestedexercises, highlights from the study guide, and practice

questions

I hope the result of all the hard work is that the book you hold

in your hands is something unique This isn't a 400-page cramguide or a 600-page study guide for a single exam This is acomprehensive 750-page guide to Exams 70-290, 70-291, 70-

296) that contains the core knowledge to prepare you for

293, and 70-294 (and, by association, Exams 70-292 and 70-certification

During the many longs months of writing this book, I've workedwith many different people at O'Reilly I've enjoyed getting toknow Jeff Pepper, Mary Brady, and everyone else at O'Reilly JeffPepper was instrumental throughout the writing process Hewas supportive of my ideas He believed in the book and myunique approach and was really great to work with Mary Bradyheaded up the production process for O'Reilly She is a terrific

to detail through every step of the editing is much appreciated

O'Reilly has an extensive editing and review process RodneyBuike, Chris Buechler, and Pawan K Bhardwaj were the

technical reviewers of the book Each reviewed the book fromstart to finish, and it was a great pleasure working with them

Of particular note is the effort Pawan put into the project toensure the book was as accurate as it could be In the final

editing stages, the book was sent out for final comments to BenMiller, Microsoft MVP Lead, Michael Dennis, Lead Program

Manager for Group Policy at Microsoft, and others Al Valvano,Rob Linsky, and Lucinda Rowley of Microsoft provided extremelyhelpful information and support for this project Thank you forall your help!

Thanks also to Studio B literary agency and my agents, DavidRogelberg and Neil Salkind David and Neil are great to workwith

Hopefully, I haven't forgotten anyone but if I have, it was anoversight Honest.;-)

Exam 70-290: Managing and Maintaining a Microsoft Windows Server 2003 Environment is designed to cover the skills

necessary to perform most day-to-day administration tasks.Before you begin studying for this exam, you should have

extensive hands-on experience with general Windows Server

2003 administration, including management of disks, hardwaredevices, shared folders, and printers You should also have adetailed understanding of configuring local, roaming, and

mandatory user profiles; managing users, computers, and

groups; and working with filesystem permissions and changingfile ownership

Troubleshooting and monitoring are major parts of the exam.Many troubleshooting skills are tested, including the ability tosolve user and computer account issues, user authenticationproblems, and remote access issues You'll need to be able tomonitor server hardware using Device Manager and ControlPanel utilities, and the Hardware Troubleshooting wizard You'llalso need to demonstrate skill with regard to monitoring systemand application performance, server optimization, and disasterrecovery

Some of the most common problem areas for people taking theexam have to do with:

Microsoft really wants administrators to do more with thecommand line You are expected to know key command-linetools as thoroughly as you know key GUI tools

Optimization

The ability to optimize server and application performance

is a skill that's best learned through real-world practice Youneed a strong understanding of the performance objectsused in optimization and how to use them to resolve

To be prepared for Exam 70-290, you should have 12 to 18

months experience as a Windows Server 2003 administrator.You should have recently studied a Windows Server 2003

administrator's book, taken a training course, or completed aself-paced training kit that covers the related areas of study.You will then be ready to use the Exam 70-290 Study Guide inthis book as your final exam preparation

Tip: Exam 70-290 is a required exam for both MCSAs and

MCSEs If you take and pass this exam as your first exam, you will receive your MCP credentials MCP is an entry-level

Microsoft Certification exam If you are a current MCSA on

Windows 2000, you need to pass Exam 70-292 to upgrade your certification to Windows Server 2003 If you are a current

MCSE on Windows 2000, you need to pass Exam 70-292 and Exam 70-296 to upgrade your certification to Windows Server

2003 Skills measured by Exam 70-292, representing a subset

of Exams 70-290 and 70-291, are indicated in exam overview sections with the X symbol.

1.1.1 Managing and Maintaining Physical and Logical Devices

Directory Users and Computers Microsoft ManagementConsole (MMC) snap-in X

Create and modify groups by using automation X

Create and manage user accounts X

Create and modify user accounts by using the ActiveDirectory Users and Computers MMC snap-in X

Create and modify user accounts by using automation.X

Import user accounts X

Troubleshoot computer accounts

See "Managing Users, Computers, and Groups" on page 32

1.1.3 Managing and Maintaining Access to Network Resources

Manage software site licensing

Manage a server by using Remote Assistance X

Manage a server by using Terminal Services remoteadministration mode X

Manage a server by using available support tools XTroubleshoot print queues

Monitor system performance

Monitor file and print servers Tools might include TaskManager, Event Viewer, and System Monitor

Monitor disk quotas

Monitor print queues

Monitor server hardware for bottlenecks

Monitor and optimize a server environment for applicationperformance

Monitor memory performance objects

Monitor network performance objects

Monitor process performance objects

Monitor disk performance objects

See "Managing and Implementing Disaster Recovery" on page126

This chapter provides a study guide for Exam 70-290:Managing and Maintaining a Microsoft Windows Server 2003 Environment.

Sections within the chapter are organized according to the

exam objective they cover Each section identifies the relatedexam objective, provides an overview of why the objective isimportant, and then discusses the key details you should know

to both succeed on the test and master the objective in the realworld

The major topics covered on Exam 70-290 are:

Managing and Maintaining Physical and Logical Devices

Designed to test your knowledge of standard disk

configurations involving both basic disks and dynamic disks.Also covers hardware devices and monitoring hardware

As part of your preparation, I recommend installing a two-system test network, with one system acting as a workstationand the other system acting as a server The workstation shouldrun Windows XP Professional or later and be your primary

system for management That means you will work remotelyand use the workstation to perform administration of the server

as much as possible The server should be configured to runWindows Server 2003 Both systems can be virtual machinesinstalled as part of a virtual test environment

The essential administration tools every administrator mustmaster are:

systems you use for administration by completing the followingsteps:

1 After you log on to the system using an account with

administrator privileges, insert the Windows Server 2003CD-ROM into the CD-ROM drive

2 When the Autorun screen appears, click Perform Additional

Tasks, and then click Browse This CD to start Windows

Explorer

3 Double-click I386, and then double-click Adminpak.msi to

install the complete set of Windows Server 2003

management tools

The AdminPak tools can be accessed from the command lineand from the Administrative Tools menu

2.1.2 Support Tools

In addition to the AdminPak, you'll want to install the WindowsServer 2003 Support Tools on systems you use for

administration The Windows Server 2003 Support Tools extendthe core set of administration tools to include additional usefulutilities and commands that can be used for administration

To install the support tools, complete these steps:

1 Log on to the system using an account with administrator

privileges and insert the Windows Server 2003 CD-ROM intothe CD-ROM drive

functional components called snap-ins You create custom

administration tools by adding snap-ins to an empty console.Consoles can also include taskpads to create custom view tabs

in the console The custom view tabs can include shortcut links

to menu items, shell commands, and Favorites links

All consoles, including the standard administration consoles,have two basic modes:

Author

In Author mode, administrators can make changes to theconsole by adding or removing snap-ins, and creating taskpads Most MMCs can be put in Author mode by right-

clicking the menu option and selecting Author, or by startingthe console from the command prompt using the /a

parameter This opens the console for authoring

User

In User mode, administrators can access the snap-in

functions but cannot make changes to the console All

switch from author mode to user mode in a console, clickFile Options, select the desired console mode, clear DoNot Save Changes To This Console, and then click OK Youcan then save the updated console to its original location byclicking File Save or to a new location by clicking File Save As

By default, consoles are set to work with the local computerwhen started To work with a remote computer via the console,you'll need to right-click the console root node in the left paneand then select Connect To Another Computer This displays theSelect Computer dialog box, which you can use to specify thename or IP address of the remote computer

Remote Desktop for Administration can be enabled or disabled

on a per computer basis on the Remote tab of the System utilityunder Control Panel To enable this feature, access the Systemutility's Remote tab, select Enable Remote Desktop On This

Computer, and then click Select Remote Users to specify usersgranted remote access permission via Remote Desktop By

default, any user that is a member of the Administrators group

is granted this permission If the computer is running a firewall,TCP port 3389 must be opened to allow remote access

Remote Desktop connections can be established using the

Accessories Communications or by using the Remote

Desktops console found on the Administrative Tools menu Usethe Remote Desktop Connection client to manage one computerremotely Use the Remote Desktops console to manage multiplecomputers remotely Both Windows XP and Windows Server

Typically, this is the desired behavior

The easiest way to make a remote assistance request is to useWindows Messenger In Windows Messenger, click Actions

Ask for Remote Assistance, and then select the helper's

Windows Messenger account when prompted The helper thenreceives an instant message and can click Accept to accept the

Another way to send a remote assistance invitation is to useHelp And Support Center Click Support on the toolbar Underthe Support heading, click Get Remote Assistance, then in theright pane, click Invite Someone To Help You

Logical Devices

Server systems have both physical and logical devices Physicaldevices include all hardware devices connected to or configuredwithin the server system, and include sound cards, video cards,memory, system bus, disk controllers, and physical disks

Logical devices are used to abstract the physical components ofhardware devices and represent them in a way that is moremanageable The primary logical devices you'll work with arelogical volumes, which are the basic unit of disk storage thatyou can configure and manage

2.2.1 Installing and Configuring Server

Hardware Devices

Hardware devices installed on a computer communicate withWindows Server 2003 using software device drivers For a

hardware device driver to work properly, the appropriate devicedriver variant must be installed, the resource settings for thedevice must be configured appropriately, and the device

properties must be set correctly In most cases, hardware

manufacturers will provide a device driver for the hardwaredevice Windows Server 2003 includes an extensive library ofdevice drivers

Play devices

2.2.1.1 Understanding Plug-and-Play and Non-Plug-and-Two basic types of hardware drivers are used on Windows

systems:

Non-Plug-and-Play (Non-PnP)

Most Windows-compatible devices support PnP PnP allows

Windows to detect and install a hardware device automaticallyeither from the library of device drivers maintained by Windows

or from a manufacturer-supplied device driver If a device isdetected and there is no device driver, Windows will prompt you

to specify the location of the device driver

In most cases, non-PnP devices are not detected automaticallyafter installation and must be manually installed using the AddHardware Wizard, which is accessible in the Control Panel andfrom the Hardware tab of the System utility

hardware using an unsigned (and potentially dangerous) driver, you should test the driver on a similarly configured computer in

a development or test environment.

By default, Windows Server 2003 warns you if you try to install

an unsigned device driver Windows can also be configured toallow all device drivers to be installed or prevent unsigned

device drivers from being installed These settings can be madefor individual computers using Control Panel, and for all

computers in a domain, site, or organizational unit (OU)

through Group Policy Group Policy can also be used to prohibitusers from changing driver installation settings

As long as you are not prohibited from doing so, you can

change driver settings for individual computers by clicking theDriver Signing button on the Hardware tab of the System utility.This displays the Driver Signing Options dialog box In this

dialog box, you can choose the action you want Windows totake whenever someone tries to install an unsigned device

driver As Figure 2-1 shows, the options are:

Figure 2-1 Settings in the Driver Signing Options

dialog box can be used to change the way

Windows handles unsigned drivers.

Allows all device drivers to be installed without having tosee and respond to a warning prompt

Warn

Prompts with a warning message prior to installing a

hardware device with an unsigned driver The user can thencontinue or cancel the installation (the default)

Block

Prevents installing unsigned drivers Windows will not install