Business Website Links
Website Design, PR, and Surveys
Your One-Stop Shop for the
Internet & Beyond

Home Company Info Pricing Contact Client Directory Computer Tips News Testimonials


Computer Tips

Microsoft Windows Server 2003

 

 

 

 

 

 

 

 

 
Visit us often.  Computer tips updated daily.  Click here to--> "Tell a friend" so they can get updated computer tips, too.  Please visit our clients, as they support the computer tips page.

If you would like to submit a tip send us an email with your tip to info@businesswebsitelinks.com.
  ______________________________________________________________

Easily reset the default domain group policies

  • Imagine this scenario: You've inherited a network with a multitude of changes to the default domain group policies. You don't know what your predecessor enabled or disabled in these GPOs. All you want to do is get your domain back to the default domain and default domain controllers policies included with Windows Server 2003--and fast. You can then begin the process of creating or modifying group policies to suit your needs.
  • Here's the solution: You can use the DCGPOFix command to reset both the default domain policy and the default domain controllers policy to their default settings. The basic syntax for this command is dcgpofix. When you enter this command, you'll see a warning message reminding you that you'll lose all settings in these two GPOs. To continue, enter Y.

Two ways to secure your portable computer

  • Shouldn’t you secure your notebook or handheld computer the same way you secure your desktop systems? Well, yes and no. Because of their mobility, portable machines are more vulnerable to security breaches, so extra precautions are advised. All of the usual security best practices apply, but in addition, you need to consider what happens if your portable is lost or stolen.
    Cable locks are great for situations where you may have to leave your portable unattended—if you use them properly. For instance, if you wrap the cable around the leg of a lightweight table, a thief can simply pick up the laptop, slide the cable down to the ground, lift the leg of the table, and make off with computer and cable lock.
  • We like the tracking software, such as Computrace and zTrace, which “calls home” the first time the thief uses the computer to connect to the internet. For more info, see http://www.stolenlaptop.com.

Divide administrative responsibilities for better security

  • Regardless of how trustworthy your network administrator is, the best security practice is to divide administrative tasks and responsibilities between several people. This provides a system of checks and balances and avoids a situation where one person has too much power.
    No one should use the built-in Administrator account to perform administrative tasks. Instead, each administrator should be given an account with administrative privileges. This allows you to track who made particular changes or accessed particular files or programs.
    In Windows domains, you can use role-based administration and the Delegation Of Control wizard to assign permissions for specific administrative tasks. You should also establish an incident response team to handle security breaches that occur, instead of leaving this task to one person or to the network administrators.

Determine group membership quickly with whoami

  • Operating System(s): Microsoft Windows Server 2003
  • When you're in the heat of the troubleshooting battle, you need a quick way to determine exactly the groups to which a user belongs. This is especially true if you're trying to troubleshoot problems with insufficient permissions. Yes, you can find that information in Active Directory Users And Computers—but what if you're currently working at a user's computer? In this scenario, Active Directory Users And Computers isn't available to you. The solution then is to use the whoami command line utility. To do so, open a Command Prompt window. To view a list of all groups to which the user belongs, enter the command whoami /groups. If you want to view all available information for a user, enter whoami /all.

System recovery made easy with Vista’s Pre-installation Environment

  • Recovering from a failed boot or needing to perform other system maintenance functions prior to loading Windows has always been a challenge. But there is good news. With the release of Windows Vista, Microsoft now provides its Pre-installation Environment (PE) to all licensed users. Once available only to volume licensing customers, PE provides easy access to several critical tools. For example, you can repair the master boot record, restore Vista to a previous working state, restore the entire PC from a backup image, test memory, and gain access to the command line tools. To access system recovery option, follow these steps:
    • 1. Boot your system from the Vista installation disc.
    • 2. Select your language, time and currency format, and keyboard type.
    • 3. Click Next, and then click on the Repair Your Computer link to display the System Recovery Options dialog box.
    • 4. Select the operating system you want to repair, and then click Next
    • 5. On the Choose A Recovery Tool page, click on the link corresponding to the task you want to complete.

Automatically prevent users from saving unauthorized files on your server

  • It can be challenging to keep users from totally consuming all available disk space on your servers--or worse, saving files that pose a threat to your servers' security. With Windows Server 2003 R2's new file screening capabilities, you can now protect your servers by preventing users from saving specific types of files.
  • To help you implement file screening, we'll:
    • Describe what file screening is and why you should consider implementing it.
    • Discuss the default file screen templates and file groups available to you.
    • Walk you through creating a typical file screen on your server.
    • Read More About This Tip Click Here > MS Window Server 2003 Tips

Streamline workgroup collaboration on your intranet with SharePoint Services

  • The cost of creating and maintaining a secure, internal company website from scratch is beyond the reach of most small businesses. Fortunately, Windows Small Business Server 2003 includes SharePoint Services, which automatically generates an elaborate company site that's easy to customize and maintain--all without incurring any additional cost.
  • To help promote collaboration and teamwork through a SharePoint Services company website, we'll:
    • List the requirements for the use of SharePoint Services.
    • Describe methods to make the company site safe and secure.
    • Explore the main features of SharePoint Services so you can confirm it meets your needs.
    • Walk you through the steps to share documents on SharePoint Services.
    • Demonstrate ways to organize your shared files so they're easily accessible to visitors.

Restore XP’s IPSec/NAT capability

  • Windows XP Service Pack 2 changes XP’s default behavior to prevent it from establishing IPSec/NAT-T security associations to servers behind a NAT device. This is done to prevent an uncommon, but theoretically possible security risk. However, it also forces XP clients to use PPTP for VPN connections, which presents security disadvantages of its own.
  • If, after assessing your network's security needs, you decide the security advantages of using L2TP/IPSec outweigh the risk of NAT-T, you can restore XP's ability to make these connections. Article ID 885407 in the Microsoft Knowledge Base at http://support.microsoft.com/ tells you what you need to do to modify this behavior.

Keep your local workstations secure with Vista’s enhanced firewall services

  • Relying on a single point of protection, such as an edge firewall, can lead to a false sense of security. Fortunately, Windows Firewall provides protection at the workstation level, enabling you to thwart malicious attacks regardless of their source.
  • To help you manage Windows Firewall for a more secure environment, we'll:
    • Discuss the new firewall capabilities introduced with Windows Vista.
    • Describe the tools you can use to manage firewall services.
    • Show you how to block specific inbound traffic on a per application, per port, and per interface basis.
    • Read More About This Tip Click Here > MS Window Server 2003 Tips

Set up a perimeter network to protect private services from public access

  • Servers on your network that are accessible to users outside your network create a security risk because, if they're compromised by hackers or attackers, they can be used to access internal resources. You can reduce this risk by placing such servers in a perimeter network between the internal and external networks.
  • To help you implement a perimeter network, commonly known as a DMZ, we'll:
    • Examine several different types of DMZs.
    • Show you how the DMZ protects your internal network.
    • Discuss which servers and devices you should place in the DMZ.
    • Show you how to use multiple DMZs for even greater security.
    • Read More About This Tip Click Here > MS Window Server 2003 Tips

Two ways to secure your portable computer

  • Shouldn’t you secure your notebook or handheld computer the same way you secure your desktop systems? Well, yes and no. Because of their mobility, portable machines are more vulnerable to security breaches, so extra precautions are advised. All of the usual security best practices apply, but in addition, you need to consider what happens if your portable is lost or stolen.
  • Cable locks are great for situations where you may have to leave your portable unattended—if you use them properly. For instance, if you wrap the cable around the leg of a lightweight table, a thief can simply pick up the laptop, slide the cable down to the ground, lift the leg of the table, and make off with computer and cable lock.
  • We like the tracking software, such as Computrace and zTrace, which “calls home” the first time the thief uses the computer to connect to the internet. For more info, see http://www.stolenlaptop.com.

Reap the benefits of an integrated server solution

  • Contrary to popular belief, even small businesses have “big company” needs, albeit on a smaller scale. Fortunately, Windows Small Business Server 2003 wraps big technology into a small package, allowing small business owners to focus on business operations rather than technology.
  • To help you get started with Windows Small Business Server 2003, we'll:
    • Describe the feature set that Windows Small Business Server 2003 provides.
    • Walk you through the process of installing the server and its application components.
    • Show you how to configure your network environment and perform post-installation tasks.
    • Read More About This Tip Click Here > MS Window Server 2003 Tips

Tip: Troubleshoot file replication through proper monitoring

  • If you're experiencing trouble with file replication, we've found just the tool for you—File Replication Service (FRS) Status Viewer. This utility enables you to determine exactly what's going on during file replication. More specifically, you can use the FRS Status Viewer to determine information such as the amount of traffic generated by file replication. You can also use it to identify any file replication backlogs, as well as problems due to insufficient disk space. You can download FRS from Microsoft’s download service at http://www.microsoft.com/downloads/.

Tip: Print a System Monitor chart

  • As we're sure you're aware, System Monitor doesn't include an option that enables you to print a performance chart. You can get around this limitation by copying a chart to the Clipboard and then pasting it into an application such as Microsoft Word or Paintbrush so that you can print it. To copy a chart to the Clipboard, press [Alt][PrintScreen]. Then, open the application you want to use to print the chart and choose Edit | Paste.

Tip: Reinstall XP without going through the product activation process (again)

  • If you need to format your hard drive and reinstall XP, but you don't want to go through the product activation process again, this simple procedure can save the day. The process involves saving the activation status info and then restoring it after you reinstall the operating system. Here's how:
    • 1. Before reformatting, go to My Computer, double-click the drive letter on which you installed XP, and then navigate to the WINDOWS\System32\ directory.
    • 2. If necessary, click on the Show The Contents Of This Folder link.
    • 3. Copy the following files to a floppy diskette, USB drive, CD/DVD, or network location: wpa.dbl and wpa.bak.
    • 4. After reformatting and reinstalling XP, select No when asked if you want to activate Windows now.
    • 5. Restart in Safe Mode.
    • 6. In My Computer, open the WINDOWS\System32\ folder and rename the existing wpa.dbl and wpa.bak files.
    • 7. Now copy your old wpa.dbl and wpa.bak files to the System32 folder.
    • 8. Restart and you should not be requested to activate again.
      Note: This only works when you reinstall Windows XP on the same computer and the hardware remains unchanged.

Tip: Manage servers securely with KVM over IP

  • Operating System(s): Microsoft Windows 2000 Server/Server 2003
  • Most server rooms make use of Keyboard/Video/Mouse (KVM) switches. These hardware devices allow you to use a single set of input/output peripherals to input commands and view the graphical output of multiple servers. For example, you can attach four different computers to a four-port KVM and then switch from one computer to another by simply pressing a button on the front of the switch. The monitor’s display shows the desktop of whichever computer you’ve selected and the keyboard and mouse can be used to type or move the cursor on that computer’s display. This works great if you’re on site in the server room, but as companies become more and more spread out geographically, network administrators need to be able to manage their servers from remote locations. That’s where KVM over IP comes in.
  • An IP-enabled KVM switch is considerably more costly than its non-IP counterpart but it’s also much more versatile. The KVM switch is assigned an IP address like any other network device. This allows you to connect to it over the internet. You can view and control all of the servers that are connected to the KVM switch through a web browser or other proprietary software. Switches that use a web browser should support SSL and/or DES encryption as well as public key certificates to prevent unauthorized access to the servers.

Tip: Avoid using split tunneling in your VPN connections

  • Operating System(s): Microsoft Windows 2000/XP Professional
  • Virtual private networking (VPN) protocols allow users to establish a secure tunnel to your internal corporate LAN through the internet. However, a VPN feature called split tunneling can pose a threat to the security of your internal network.
  • Split tunneling allows the user to connect directly to the internet, surfing the web and accessing other internet resources at the same time he’s connected to the corporate network through the VPN. This saves bandwidth, since he doesn’t have to go through the VPN server for internet access.
  • However, an attacker could take control of the remote computer over the internet, and then access the internal network through the VPN the user is using to connect to the LAN. Because of this possibility, VPN users should be required to have personal firewalls installed on all remote computers that connect to the LAN via a VPN. This can be enforced by policy-based VPN client management such as the VPN-Quarantine (VPN-Q) feature of Microsoft ISA Server 2004 or the managed client software provided by some third-party firewall vendors.

Tip: Monitor and troubleshoot file replication

  • Microsoft has a utility, Sonar.exe, which enables you to graphically monitor the status of a file replication service (FRS) replica set. You'll find this utility handy in diagnosing file replication problems. You can also use it to keep an eye on the traffic generated by replication. For more information, go to http://www.microsoft.com/downloads/details.aspx?FamilyID=158cb0fb-fe09-477c-8148-25ae02cf15d8&DisplayLang=en.

Tip: Pluck information from the internet

  • As you've probably noticed, more and more websites enable you to automatically download their most current content by using (Rich Site Summary) RSS feeds. In order to download such content, you need an RSS reader. If you want to integrate RSS support into Internet Explorer, try Pluck, which is available at http://www.pluck.com/.

Tip: Take advantage of the Micorosft newsgroups

  • When you're stumped for a solution to a problem, be sure to check out the Microsoft support newsgroups at http://www.microsoft.com/windowsserver2003/community/
  • newsgroups/default.mspx.
  • These newsgroups enable you to browse other users' questions and responses, as well as to post your own questions. In many cases, you'll be able to find someone who knows just what you need to resolve your problem.

Tip: Use Microsoft Data Protection Manager to increase your odds of recovering lost files

  • Microsoft is currently beta-testing Data Protection Manager (DPM), a utility designed to make it easy for you to back up your servers to disk on a DPM server. (You can then back up the DPM server by using tape backup.) Some of the advantages to backing up to disk first before backing up to tape include:
    • * Faster file recovery. Instead of restoring from tape, you (or even your users) can restore files from disk.
    • * Faster backups of your production servers. Depending on your hardware, backing up servers with gigabytes or even terabytes of storage can take many hours to complete--a significant problem if your servers must be available 24/7. DPM reduces backup times by backing up only the byte-level changes to files and by backing up to disk.
    • * Centralized backups of branch office servers. You can use DPM to back up your branch office servers to a centralized location, and then back them up to tape.
    • * More reliable recovery. Backup tapes fail much more often than hard disks.
    • * Less data loss. If you're like most administrators, you back up your servers to tape on a nightly basis. If a user loses a file they created during the day, there isn't any way to recover it if you're relying solely on tape backups. Depending on the critical nature of your users' data, you can use DPM to back up as frequently as necessary--such as on an hourly basis.
  • For more information on Data Protection Manager, go to http://www.microsoft.com/windowsserversystem/dpm/default.mspx.

Tip: Use Windows Server Update Services to update both operating systems and applications

  • Microsoft's new Windows Server Update Services (WSUS) enables you to not only keep your computers' operating systems current with the latest updates, but also their Microsoft applications as well. To learn more about WSUS, go to http://www.microsoft.com/windowsserversystem/
  • updateservices/default.mspx.

Tip: Easily reset the default domain group policies

  • Imagine this scenario: You've inherited a network with a multitude of changes to the default domain group policies. You don't know what your predecessor enabled or disabled in these GPOs. All you want to do is get your domain back to the default domain and default domain controllers policies included with Windows Server 2003--and fast. You can then begin the process of creating or modifying group policies to suit your needs.
  • Here's the solution: You can use the DCGPOFix command to reset both the default domain policy and the default domain controllers policy to their default settings. The basic syntax for this command is dcgpofix. When you enter this command, you'll see a warning message reminding you that you'll lose all settings in these two GPOs. To continue, enter Y.

Tip: Increase the security of your servers' file systems

  • By default, Windows Server 2003 permits users to see folders and files even if they don't have the necessary permissions to access them. For greater security, consider installing ScriptLogic Cloak. This utility automatically hides all files and folders from users for which they don't have permissions. For more information on ScriptLogic Cloak, go to http://www.scriptlogic.com/eng/products/cloak/.

Tip: Use Windows Server 2003's Fax Services to set up a shared fax server

  • Microsoft included Fax Services in Windows Server 2003 to enable you to easily share a fax server. To configure a server as a fax server, make sure that it has at least one fax modem. Next, install Fax Services. In Control Panel, select Add Or Remove Programs. Click Add/Remove Windows Components. In the Components list, select the Fax Services check box. Follow the prompts in the Windows Components Wizard to complete the installation. When prompted, be sure to specify that you want to share the fax printer. Doing so enables users to fax to the fax server.
  • By default, Fax Services automatically configures the fax modem to send outgoing faxes--but not to accept incoming faxes. To configure the fax server to accept incoming faxes, open Fax Service Manager. In the console tree, expand Devices And Providers\Devices, and then select your fax modem. Right-click on the modem and select Auto Receive.
  • Finally, you must configure your users' computers to access the fax server. You can do so by installing the fax client (by accessing the \\fax_server\faxclient share) or by browsing to the fax server, right-clicking on the fax printer, and choosing Configure. Doing so installs the fax printer on your users' computers. Your users can then fax simply by choosing to print to the fax server.

TO VISIT BUSINESS WEBSITE LINKS' INTERNET DIRECTORY
CLICK HERE---->INTERNET DIRECTORY ONLINE.COM

Home | Company Info | Pricing | Contacts | Client Directory | Computer Tips | NewsTestimonials |
Disclaimer | Our Privacy Policy | Terms of Use | Site Map

Business Website Links, LLC 8041 Via Hacienda Palm Beach Gardens Florida 33418
(561)-452-0401
info@businesswebsitelinks.com

Copyright ©2005 all rights reserved by Business Website Links, LLC
Web Host and Design by Business Website Links, LLC