Presentation on theme: "Chapter-4 Windows 2000 Professional Win2K Professional provides a very usable interface and was designed for use in the desktop PC. Microsoft server system."— Presentation transcript:
Chapter-4 Windows 2000 Professional Win2K Professional provides a very usable interface and was designed for use in the desktop PC. Microsoft server system offers: Windows 2000 Professional Server Windows 2000 Professional Advanced Server Windows 2000 Professional Datacenter Server
Security Windows 2000 Professional provides better security as compared to Windows 95 or 98. Login to Windows 2000 Professional is essential, and must be performed from an account that is a member of a local or networked security database. Access to local resources such as files, folders, and printers can be restricted to specific users or group accounts via permissions.
Security Group policies: Group policy is a grouping of policies for controlling security & configuration settings for the operating system. Group policies are used to centrally manage security. The Group Policy Editor tool can be used for managing group policies. Authentication: The validation of a user account and its password is called authentication. Win2K Professional uses the Kerberos authentication protocol when users log on to an Active Directory domain. An Active Directory domain is one in which some of the servers maintaining the domain database are running Win2K Professional Server operating system or greater.
Security File encryption: Folders and files are encrypted to secure data. When encryption is enabled for a folder, only the files within that folder are encrypted. Data can be unencrypted only by the administrator or the user who encrypted the data. Stability Windows 2000 Professional has a 32-bit architecture, thereby providing better stability. It runs each application program in its own protected memory space.
Software Compatibility Win2K Professional is designed to perform at its best when running 32-bit Windows programs. Windows 2000 Professional runs applications in environments called subsystems, like NT. It also runs the same type of applications as NT 4.0 File System Windows 2000 Professional supports the Compact Disk File System (CDFS), Universal Disk Format (UDF), FAT12, FAT16, FAT32, and the NTFS file system. NTFS is more efficient and secure than the FAT file systems.
Limitations A few DOS and 16-bit Windows applications do not run in the newer version of Windows. A few DOS and Windows 3.x applications working in the Windows 2000 virtual environment may run very slowly. Windows 2000 Professional has to be rebooted after adding components, applications, and applying service packs.
Hardware Requirements Minimum hardware requirements: 133 MHz Pentium or higher microprocessor. 64 MB of RAM. 2 GB hard disk with 650 MB of free space. VGA or higher resolution video adapter. Keyboard, mouse, and a CD-ROM drive. Ideal hardware requirements: Intel Pentium 4 processor. 256 MB of RAM. 30 GB of hard disk space. Fast CD-ROM drive. DVD drive. SVGA or higher resolution video adapter. Microsoft mouse.
Checking Hardware & Software Compatibility The Hardware Compatibility List (HCL) must be checked before installing Windows 2000, or adding new hardware or software to the existing installation. The HCL is a list of all the tested system components and peripherals that are compatible with the operating system. The Win2K Professional installation program also performs a hardware compatibility test before installation begins. Users can also utilize the Readiness Analyzer compatibility test by running the WINNT32 program with the check upgrade only switch.
Determining the Method of Installation Manual installation: A manual installation can be performed for an empty hard disk or for an upgrade to an existing Windows computer. Installation performed on an empty hard disk is also referred to as a clean installation. An upgrade is an installation that directly replaces an existing Windows operating system, preserving the configuration information and applications from the previous operating system. A clean installation can be performed either by booting directly from the CD or from the Windows 2000 Professional setup disks. The Windows 2000 Professional setup disks can be created by using the Makeboot program. The program is located in the Bootdisk folder on the Windows 2000 Professional CD.
Automated installation: An automated installation can be performed by using special scripts or by using images. Special scripts are called using special switches in the WINNT or WINN32 programs, which are located in the i386 directory of the Windows 2000 Professional CD. An image is a copy of the entire hard disk containing the operating system and all other applications. Determining the Method of Installation
Verifying Network Access A computer on the network should be able to communicate with other computers on the network. The ‘My Network Places’ option can be used to check for network connectivity. Verifying Updates and Service Packs Updates and service packs are used to fix security problems and vulnerabilities caused by hackers and unauthorized users. Updates and service packs can be downloaded for free from the Microsoft Web site.
Using the Control Panel Applets The Windows 2000 Professional Control Panel Accessibility Options Customizing Display Installing & Removing Programs
Adding a Printer Only a member of the Administrators group can install a printer. A printer driver needs to be installed irrespective of whether the printer is a local or network printer.
Managing Files and Folders Windows 2000 Professional provides the following important default folders: My Documents My Pictures Windows Program Files Fonts System and System32 Temp
Managing Files and Folders Modified View settings
Finding Files and Folders Other important aspects of the Search Results window include: –Size – It allows the user to specify a particular file size. –Advanced options – It can be used to specify that a search should include subfolders or be case-sensitive. –Indexing service – It is used to enable or disable the indexing service, which maintains indexes of the files on the hard drive. (makes searches faster)
Managing Security for Users, Files, and Printers Windows 2000 includes the following important security features: Auditing. Group policies. Encrypted files and folders. Printer permissions. File and folder permissions. Shared folder permissions. User accounts. Group accounts. User rights.
Managing User Accounts and Groups A user account is the most basic element of Windows 2000 Professional security. Users must have a valid username and password to log in. The user is also a member of one or more groups of users. Groups enable the system administrator to easily assign the same rights and permissions to all members of a group without setting them individually.
Managing User Accounts and Groups Creating a new user: Creating a new user enables that user to log in with a user name and a password. User accounts are required to set rights and permissions as well as to audit their access to certain network resources. Password: A password in an important part of any security system. Passwords should include numbers, letters, and non- alphanumeric characters, and must be at least eight characters long.
Managing Permissions Permissions restrict access to local users as well as users connecting to the resources over the network. Only NTFS volumes allow users to assign permissions to files and folders. Full Control, Modify, Read and Execute, Read, and Write are the standard file permissions. The standard folder permissions include Full Control, Modify, Read and Execute, Read, Write, and List Folder Contents.
Managing Permissions Groups: A group is a special security account that can contain local users, domain users, and special domain groups called global groups. The built-in groups include Administrators, Backup Operators, Guests, Power Users, Replicator, and Users. The Guest group is disabled by default.
Managing Permissions Controlling file and folder access: File- and folder-level permissions can be set only on an NTFS volume. The Ctrl-Alt-Delete key combination can be used to lock the computer to restrict local access. Controlling printer access: A printer has a single set of permissions for both, the locally logged on users and users accessing it as a share on the network. Printer permissions include Print, Manage Printers, and Manage Documents.