In the name of Allah the most gracious the most

merciful

Created by Osman E.A. Gabr.

From lecturer: Ateeg

 Operating system:-
Operating system is a mediator system between computer and user.
RAM

Computer hardware
CPU H/D
O/SOperating system (mediator)
User
Operating system

Desktop Network O/S

1- This type of operating system
is use for single computer
2- the following are the desktop
operating system :
• Dos
• Windows 95,98 & Me
1- this type of operating system is
use in the network
2- the following are the network
operating system :
• Windows N.T server.
• Windows 2000 professional.
• Windows 2000 server.
• Windows 2003 server.
• Windows XP Professional.
• SCO-UNIX
• Solaris
• LUNIX

The operating system which can be package as well as

MCSE 2000 or MCSE 2003:
MCSE 2000:
* Windows 2000 server.
* Windows 2000 professional.
MCSE 2003:
* Windows 2003 server.

MCSE 2003 2
* Windows XP professional.
Flavors of windows 2003

1- Windows 2003 standard edition:

• This operating system use at server side.
• This type of operating system is use on small and medium
companies.
2- Windows 2003 Web edition:
• This operating system is use for web server.
• It keeps the web site of the companies.
• This operating system is use in big companies.
3- Windows 2003 Enterprise edition:
• This operating system is use in big companies.
• This operating system is use at server side.

Windows 2003 server:

MCSE 2003 3
 Active directory
Domain controller

Administrator OR LAN admin

Windows XP Professional OR super user.

Hub or switch Cat-5 cable or UTP cable or

unsheald tusted pare

Client
computer
Client
computer
Ordinary user
RJ-45 Jack
LAN LAN Card
Big
RJ-11 Jack Ethernet card
Small telephony Network card
NIC card
1- Network or domain:-
• A collection of computer which is physically and logically
connected is called network or domain.
2- Administrator :-
• A person who set on domain controller and controls the
network is called administrator.
3- Domain controller:-
• The computer which is having windows 2003 server and
active directory server is called domain controller.
4- Client computer:-
• The computer which is physically and logically connected
to domain controller is called client computer.
5- Ordinary user:-
• A person who use client computer is called ordinary user.

MCSE 2003 4
 M.C.S.E (Microsoft Certified System Engineer):
1- Administering windows 2003 operating system.
2- Installing and configuring windows 2003 O/S.
3- Installing and configuring windows 2003 network
infrastructure service.
4- Implementing and configuring windows2003 Active
directory services.
5- Designing windows 2003 network infrastructure service.
6- Designing windows 2003 security service.
7- Designing windows 2003 Exchange server.

Exams:-

7papers  M.C.S.E

MCSE 2003 5
Any 3 papers M.C.P
First 4 papers M.C.S.A
• First 4 papers are called core paper.

• Remaining 3 papers are called elective papers.

I Paper:-
Administrating windows 2003 operating system:
Chapters…
1- Introduction to windows 2003 operating system.
2- Creating user account.
3- Creating group account.
4- Shared folders.

MCSE 2003 6
5- Remote administrating of user account.
6- Remote administrating of shared folder.
7- Permissions.
8- Profiles.
9- Data management.
10-Back up and restore.

1- Introduction to windows2003 operating system:

• Administrating windows 2003 operating system:-
Lock computer:
 The option is use to lock the computer.
 Other user will not get change to use the computer.
 Unsaved data will not lose.
 This option will use more power supply.
Log off:-
 This option allows other user to use the computer.
 Unsaved data will be losing.
 This option will use less power supply when you lock the computer.
Shut down:-
 This option will slop supplying power to the computer.
 If the user learning the computer.
 Unsaved data will lose.
 This option will use less power supply when to lock the computer.
Change password:-
 This option is using to change password of current user log in.
Task manager:-

MCSE 2003 7
 This option is use to close any windows from disk top quickly.

#Basic commands#
{IPCONFIG}
This command is use to check the IP-Address of the computer.
1- Steps to check IP-Address :( at any side)
Start  RUN  CMD (ENTER)
C:\IPCONFIG (ENTER)
IP-ADDRESS 10.0.0.1
SUBNET MASK 255.0.0.0
2- Steps to change IP-ADDRESS of the computer :( at any side)
Select & right click on my network places
Properties select & right click on local area connection 
Properties  TCP/IP  Properties

Ø use following IP address

IP-ADDRESS 10.0.0.1
SUBNET MASK 255.0.0.0 APPLYOK

3- Steps to check computer name (host name) :( at any side)

MCSE 2003 8
 Start RUN  CMD (ENTER)
C:\Hostname (ENTER)

4- Steps to change computer name (host name) (at any side-2003 only)
Select & right click on my computer Properties
Computer Name Click on (Change)
Computer Name
OSMAN OKOKYES

You have to restart your computer do you want to restart now: 

(YES)

5- Steps to check the connectivity between computers :( at any side)

10.0.0.1 10.0.0.2

YOU

StartRUNCMD (ENTER)
C:\PING 10.0.0.2(ENTER)
Reply 10.0.0.2
Reply 10.0.0.2
Reply 10.0.0.2
Connectivity is ON
Reply 10.0.0.2

OR you will receive

Request timed out  No connectivity

MCSE 2003 9
 2- Creating user account:-
* Complete information about the user is called user account.

There are
Tow types of user account user account

Local user account Domain user account

• This type of users account is created
in member server & windows XP
Professional.
• This user can log on from same
computer where the account is
created only.
• This user of one computer can not
log on from another computer.
• This type of user is created in
domain controller only.
• This user can log on from any
computer in the network.
• This user can be control by
administrator from domain
controller.

MCSE 2003 10
1-Creating local user account: - (at client side)
Select & right click on my computer.
Mangeexpands local user & groups.
Select & right click on user new user CreateClose.

2-Creating Domain user account: - (at server side)

StartprogramAdministrator Tools
Active Directory user &computers
Select & right click on user new user

Next

MCSE 2003 11
 Finish.
1- User must change password at next logon.
If this option is selected then the user must change his
password when he is beginning on the first time from
any client computer in the network.
2- User can not change password.
If this option is selected then the user con not changes
his password at all except the administrator.
3- Password never expires.
This option will we explain it in 6th paper.
4- Account is disabling.
If this option is selected, then the user con not logon
from any client computer.

3-Creating group accounts:-

Group:-
• A collection of related users are called group.
• Group makes administration easier.
• There are tow types of groups they are :-

GROUP

Built-in group Manually created group

• The group which created by • The group which is created
operating system called built-in manually called manually
group. group.
• This type of group is more • This type of groups less
powerful when compare to powerful when compare to
manually created group. built-in groups.
• This type of group are use for • These types of group are use
giving extra permission for giving permission and
• There are 3 types of built-in securities.
group : • We can create this group by
Account operator group. any name.
Back upMCSE 2003 12
operator group.
Administrator group.
If you received this message be sure you are butting
1- Letters characters.
2- Special characters.
3- Numbers.

Types of group accounts:-

1- Account operator group:-
If the user is added in this group then,
• He can logon on domain controller.
• He can create manage and delete user and group.
• He will get 25% power on the network.
• He can not change IP address and time of the computer (server).
Steps to add user (Osman) in account operator group (at server side)
Start programsAdministrator Tools
Active directory user & computeruser
Select & right click on user (Osman)
Click on add to group account operator group
Click on change name OKOK.
Steps to check user (Osman) bellowing which group (at server side)
Start programsAdministrator Tools
Active directory user & computeruser
Select & right click on user (Osman) properties
Click on member of Account operator group.
2- Back up operator group :-
If the user is added in this group then,
• He can logon on domain controller.

MCSE 2003 13
• He can take data back up from any computer in the network.
• He can not create mange and delete user and group.
• He will get 25% power on the network.
• He can not change IP address and time of the computer (server).
3- Administrator group:-
If the user is added in this group then,
• The user is will be like same as administrator.
• The user will have 100% power on the network.

…Creating group accounts:-

Steps to create a group by name as sales-dept (At server side)
Start programs administrator tools
Active directory user & computer
Select & right click on user new
Group Group name: Sales-dept: OK

Steps to add user (Osman) in sales-dept Group (At server Side)

StartProgramadministrator tools
Active directory users & computersselect users
Select & right click on user (Osman) click on add to group
Enter the object name: Salesclick on check nameOK

Steps to check user (Osman) belongs to which group (at server side)
Start programadministrator toolsActive directory
Select & right click on user (Osman)
Propertiesclick on member of sales-dept

MCSE 2003 14
Group scope:-
1- Domain local group
• It's a big group.
• It contains user & global group.
2- Global group.
• It's a small group.
• We can add this global group in domain local but cannot
add domain local group in global group
• It contains only users.

Group type:-
1- security:-
• If this option selected then we can apply security &
permission on this group.
2- Distribution group:-
• It's a group which is use for only distributing E-mail.
• On this type of group we can not apply security &
permissions.

MCSE 2003 15
 Domain local group

Nesting Global
group

Nesting:-
Add a small group in big group is called as nesting.

Shared folder:-
Sharing:-
• Something which is use by more than one person is called
sharing.
• In the network we can share the following things:-
1- Folders.
2- CD-Rom.
3- Printer / scanner.
4- Floppy.
5- Partition.

Steps to share folder (Oracle)… (At server side)

Open my computer. Open any partition
Create a folder by name as (Oracle)
Select & right click on (Oracle) folder
Click on sharing & security  Share this folder
Share name: Oracle
Apply OK

MCSE 2003 16
There are 3 ways to access the (Oracle) shared folder of server from
client computer.
1- RUN:-
• It's the shortest way access the shared folder of server from the
client.
Steps to access (Oracle) shared folder of server (at client side)
Start RUN //10.0.0.1 (Enter)
(IP of the sever)

2- My network place:-
• It's the longest way to access the shared of folder of server from
client computer.
Steps to access (Oracle) Shared folder of server (At client side)
Double click on my network places
Entire network Microsoft windows network
Domain (IBM.com) Server host name (BB)
Open (Oracle) folder.
3- My computer:-
• It's a best way to access the shared folder.
Steps to access the shared folder of server (At client side)
Right click on my computer
Map network drive 

Finish

Steps to make hidden shared folder (At server side)

Open my computer select &right click on (Oracle) folderclick on
sharing & security.

ApplyOK

Steps to access hidden shared folder (at client side)

StartRUN

MCSE 2003 17
 Steps to rename hidden shared folder name (At server side)
Open my computer select &right click on (Oracle) FolderClick on
sharing &security

Apply OK

5-Remote administrating of user account:-

1- Logon hours:-
* Using this option we can allow the user to logon in the network on
particular time.

Steps to set logon hours to user (Osman) (At server side)

Start Program Administrator toolsActive directory user &
computer select &right click on user (Osman) properties 
click on accountsclick on logon hours

MCSE 2003 18
 OKApply OK

OKApply OK

2-Logon To:-
* Using this option we can allow the user to logon in the network on particular computer.
Steps to set logon to computer to user (Osman) (At server side)
Start  Programs Administrator tools Active directory user & computers
Select & right click on user (Osman) Properties
Click in account click on logon to

Steps at client side

Try to logon user (Osman)
He can not able to logon

MCSE 2003 19
 4-Home folder:-
* Home folder permission to allow the user to create files and folders at server from client
computer.
Steps to give home folder permission to user (Osman) (at sever side)
Open my computer  Open any partition
Create a folder by name as home and share it
Open home folder Create a sub-folder by user name (Osman)
Start Program  administrator tools Active directory user &computersSelect &
right click on user (Osman) properties  Click on profile


Apply
OK

Steps at client side

 Logon as user (Osman)
Open my computer Open Home folder
 Create some files.

6- Remote administrating of share folder

1- Message
• message can be send by tow ways on the network
Message

C.L.U.I G.U.I
* C.L.U.I stands for Character Line * G.U.I stands for Graphical User
User Interface Interface.

Steps to send to send message from C.L.U.I (At any side) (from one to one)
Start RUN
CMD

MCSE 2003 20
Steps to send message from one to one, Using G.U.I (at any side)
Select & right click on my computer mangeselect & right
click on shared folder click on all tasks
Send console message Add  Recipient
Type
remote
10.0.0.2 computer
IP-Address

Message
OK
Hello,
How are you?

Send

Steps to send massage from one to many using C.L.U.I (At server side)
Start Run CMD (ENTER)
C:\Net send * Hello (ENTER)

Steps to create user using C.L.U.I (At server side)

Start  RUN CMD
C:\Net user Osman ahmed-1 /Add (ENTER)
Steps to create group using C.L.U.I
Start RUN CMD (ENTER)
 C:\Net group sales-dept /Add (ENTER)

MCSE 2003 21
2- Shares :-
• Using this option we can list or see only the shared folders of the
computer.
• Using this option we can stop sharing folder.
• Using this option we can make sharing folder.
• Using this option we can create new folder.

Steps to check or see only all the shared folder of the computer (At
server side)
Select & right click on my computer Mange
Expand shared folder select shares

Steps to create folder by name as (oracle) (At server side)

MCSE 2003 22
Select & right click on my computer Mange
Expand shared folder  Select & right click on shares
New share .Browse. Select any partition
 Click on make new folder Give folder name as
(Oracle) OK  Click on (Oracle)

Steps to share folder by name as oracle (At server side)

Select & right click on my computer Mange
Expand shared folder  Select & right click on shares
New shares New shares  Folder Path C:\Oracle
Next share name Oracle
Next Finish close

Steps to stop sharing folder by name as oracle (At server)

Select & right click on my computer mange
Expand shared folder select shares
Select & right click on (Oracle) folder
Click on stop sharing yes

3- sessions:-
• Using this option we can check or see which user using
which computer form the network.
Steps to check which user is using which computer (At server side)
Select & right click on my computer mange
Expand shared folder select session
Osman SS
4- Open files:-
• Using this option we can check or see which user is using
the shared folder of server.
Steps to check which user is using shared folder of server (At server
side)

MCSE 2003 23
 Select & right click on my computer mange
Expand shared folder select open files
C:\Oracle Osman

7- Permission:-
A-• Local
A set of rules which are given on files and folders which is
permission B- Remote permission
applied on user.
• The permission which are • The permission is given on one
• Permission are tow types they are:-
given on one computer and computer and which is applied
Permissions
applied from same computer is remotely is called remote
called local permission. permissions.
• Local permission is more • Remote permission is also called
powerful when compare to as share permissions.
remote permissions. • The following are the remote
• The following are the local permissions:-
permissions:- 1- Read.
1- Read. 2- Change.
2- Write 3- Full control.
3- List folder contains. • Remote permission is depending
4- Read execute.
5- Modified.
on local permission.
MCSE 2003 24
6- Full control.
A- Local permission:-
1- Read permission:-
If the user is having read permission then,
• He can read contains of main folder and read the data of file.
• He can create, delete and rename files and folders.
• He can not add/delete data of files.
• He can not change permission of files.

2- Write permission:-
• Write permission will work along with read permission.
• He can create new files and folders.
• He can add/delete data of files.
• He can not delete and rename files and folders name.

MCSE 2003 25
 • He can not modified or change permission.

3- Read & Execute:-

• He can read contains of main folder and files.
• He can execute files.
• He can not create, delete, and rename files and folder name.
• He not modified or change permission.
• He can not add or delete data inside files.

4- Modified:-
• He can create, delete and rename files and folders.
• He can add or delete data from files.
• He can not modify change permission.

5- Full control:-
The user who is having full control permission then,
• He will be having 100% power on folders.

Steps to give read permission on (Oracle) folder to user (Osman) (at

server side)
Open my computer Open any partition
Create some folder and files in (Oracle) folder.
Select & right click on (oracle)
Security Click on advance.
Remove tick mark from box allow inheritable permission
OK Yes Add
Administrator Give full control permission add 
user (Osman) Give read ApplyOK

MCSE 2003 26
Steps at server side:-
Logon as user (Osman) try to create files and folders.

B- Remote permission:-
1- Read permission.
2- Change permission.
3- Full control.

Steps to give remote permission as read and change on (Oracle)

folder to user (Osman) (at server side)
Open my computer  select & right click on (Oracle)
folder  properties sharing permission
Click on remove  click on add add administrator
OK

MCSE 2003 27
 Give full control permission  add user (Osman) 
OK
Give Read & change apply  Ok

Note:-
Give local permission also to apply remote permission.

Steps at client side:-

Start RUN \\10.0.0.1 (Enter)
Open (Oracle) folder  try to rename files name.

8- Profiles:-
Profile:-
• Given desktop setting permission to the user is called profile.
• There are 3 types of profile permission.
1- Local profile:-
• This type of profile is configured by default by operating system
to every user.
• In local profile the changes made by the user on the desktop of
one computer will not come on the desktop of other computer.
2- Roaming profile:-

MCSE 2003 28
• This type of profile is configured by administrator to the user.
• In roaming profile the changes made by the user on the desktop
of one computer will come on the desktop of other computer.
3- mandatory profile:
• This type of profile is configured by administrator to the user, if
the user is having roaming profile permission.
• In mandatory profile the changes made by the user on the desktop
of one computer will not be save on same computer and will not
come on the other computer also.

Steps to give roaming profile permissions (At server side)

Open my computer Open any partitionCreate folder by name as
(Osman)
Select & right click on profile folder
Give security permission (Modify) and share permission (Change-Read)
Start  administrator Active directory select & right click on user
(Osman) Properties Profile

Apply  OK

Steps to give mandatory profile permission to user (Osman)

(At server side)
NOTE: the user who is having roaming profile:
• Permission we can give mandatory profile permission to that user only.
• Once mandatory profile permission is give to user can not be change back
to roaming profile permission.

The steps:-
Open my computer open profile folder open (Osman) folder select &
right click on NTUSER.DAT
Click on rename rename as NTUSER.MAN

MCSE 2003 29
Steps to check which user is having which type of profile
(At server side)
Select & right click on my computer
Properties Advance 

9- Data Management:-
1- Compress:-
• This option supports NTFS partition only.
• This option is use to compress files & folders to save disk space.

Steps to compress files and folders (At sever side)

Open my computer select and right click on documents & settings folder
Properties Advance


OK Apply

MCSE 2003 30
Compress main folder along with sub-folder OKOK
Note:-
The compress files &folder will be displayed in deferent color by
default.

2- Encryption:-
• This option support NTFS partition only.
• This option will encrypt contains to secure data from other user.

Steps to encryption (ABC) file (At server side)

Open my computer. Open any partition
Create a file by name as (ABC) and write some data
Save it select & right click on (ABC) file Properties

Advance  OK
Apply  OK
Steps at server side:-
Logon as user (Osman) Open my computer
Try to open (ABC) file.

Note:-
• If the administrator makes encryption to the file then other user
can not see the data of the encrypt file.
• But administrator can see data of the encrypt files of the user.

3- Quotas:-
• Limiting the disk space to the user to use it is called as quota.
• Quota option support in NTFS partition only.
Steps to set quotas permission to user (Osman) (At server side):-
Open my computer Select & right click on partition
Properties 

MCSE 2003 31
 Quota entries
Click on quota Click on new quota entry  enter the object: Osman 
Click check name
OK
OK
Close Yes OK
4- Disk defragmenter:-
• This option is use to arrange the files & folder in one place & free space in
one location.
• Defragmention can be done on NTFS & FAT partition.
Steps to make disk defrag mention (At server side)
Select & right click on my computer mange
Select disk defrag mention Select the partition
Click on defragment Ok

10-Back up and restore

Back up:-
• Copying the data from hard disk to tap drive is called back up.
Restore:-
• Copying the data from tap drive to hard disk is called restore.

MCSE 2003 32
 We can take back up in the following things:-
1- Partition (Not recommended)
2- Folder (Not recommended).
3- Floppy (Not recommended).
4- CD (Not recommended).
5- TAP drive (recommended)
TAP device:-
• It is a device which is used from taking back up and restore.
• There are tow types of TAP device:-
TAP device

Internal TAP device External TAP device

• This type of TAP device is • This type of TAP device is
connected inside the system to IDE connected out side the system to
40 PINS Port. parallel or serial port.

TAP drive:-
• It is a device which store back up data.
• It can be use with the help of TAP device.
• It can store 80 GB data back up.
• It is a re-writeable device.

TAP Drive

Steps to take back up of (Oracle) folder (At server side)

Start Program accessoriesSystem tools
Back up Next Restore files & settings Next
Let me chooseNext select oracle folder Next
Choose the place to save your back up: C:\
Type a name for the back up: Oracle
Next Finish Close

MCSE 2003 33
 Delete Oracle folder from the partition
Steps to restore oracle folder (At server side)
Start Program accessoriesSystem tools
Back up Next Restore files & settings Next
Expand files Expand oracle.bkf  E:
Next Finish Close
Schedule jobs:-
• We can set the time schedule jobs to take back up to files & folders.
Steps to take back up of VB folder using schedule jobs option (At server side)
Start Program accessoriesSystem tools
Back up remove tick mark
Always start in wizard mode Cancel
Start Program accessoriesSystem tools
Back up click on schedule jobsadd job

 Next select my computer

Select VB folder
Next choose the place to save back up file

Next Next Next

Click on set schedule

OK
OK
OKYESFinish

Note:-
After taking back up on time then delete the VB folder.
Steps to restore VB folder (At server side)
Note:-
Restore can be done manually by administrator same steps to restore as above restore steps for
oracle folder.

MCSE 2003 34
II Paper:-
Installing and configuring windows 2003 O/S:
Chapters…
1- Pre-installation of windows 2003 o/s.
2- Normal installation of windows 2003 O/S.
3- Dump installation.
4- Network installation.
5- Sys prep installation.
6- Un-attended installation.
7- Disk management and partition.
8- Installing and configuring DFS server.
9- Installing and configuring printers.
10-Administrating windows 2003 printers.

1- Pre -installation of windows 2003 O/S:

Pre-installation:-
• The job which is performed before the installation is called pre-
installation task.

MCSE 2003 35
 Standard Enterprise Web edition
edition edition windows 2003
Hardware windows 2003 windows 2003 O/S
O/S O/S
(MIN) 133 MHZ 133 MHZ 133 MHZ
CPU Recommended 1.7 GB 2.4 GB 1.7 GB
(MIN) 128 MB 128 MB 128 MB
RAM
Recommended 256 MB 256 MB 256 MB
(MIN) 800 MB 1 GB 800 MB
Hard disk
Recommended 1 GB 2 GB 1 GB
LAN Card
O p t i o n a l

2- Normal installation of windows 2003 O/S:

Steps to install windows 2003 O/S (at any side)

Insert windows 2003 O/S CD in CD-Rom.
Change the Bios setting as CD-ROM first boot device.

MCSE 2003 36
Exit and save changes? Yes (the system will reboot)
After booting you have to press any key to boot from CD
Then the setup will check your devices.
Press Enter to continue
Press F8 to agree
Select unpartition space
Press C (to create new partition)
Enter space 2000 MB
Press Enter Next Name:
Organization:
Next enter CD Key
Next Next Computer name:
Nextyes typical setting next next
Then the computer will restart

3- Dump installation:-
Dump:-
Copying contains from CD to hard disk is called dump.
Dump installation:-

MCSE 2003 37
• The installation which is done with the help of dump is called
dump installation.
Steps to make dump from CD to hard disk (at server side)

Insert windows 2003 server CD in CD-Rom

Open C: / Partition Create a folder by name as 2003-ser
Open CD-Rom copy I386 folder paste it in 2003-ser folder

Steps for Dump installation (At server side)

Start RUN Browse select 2003-ser folder
I386 (winnt32.exe) OK
Next CD Key After this same steps as normal installation.

4- Network installation:
Network installation:-
• The installation which is done from server using server CD-Rom
on client computer over the network is called network
installation.
Steps for network installation (at server side)
Insert windows 2003 server CD in CD-Room and share it.
Steps at client side
Start RUNBrowse select my network place entire network 
Microsoft windows network
Domain name (IBM.com) sever host name
CD-Rom drive letter I386 winnt.32.exe OK Next
After these steps same steps as normal installation.

5- Sys-prep installation:
Sys-prep installation:-
• Sys-prep stand for system preparation.
• This type of installation can be done in less than 5minute

MCSE 2003 38
• This type of installation can be done on working o/s only.
• This type of installation a voids to corrupt existing o/s.
• It's like service to existing o/s.

Steps to run sys-prep installation (at client side)

Insert windows 2003 server CD in CD-Rom
Open any partition Create a folder by name (Osman)
Open my computer. Open CD-Rom.
Support folder tools Deploy select all files and right click click
on extract select (Osman) folder.
Press on Extract
Open (Osman) folder click on sys-prep file
OKclick on factory Restart manually.
6- unattended installation :
• The installation which is done without attending is called unattended
installation.
• This type of installation can be done with the help of answer file.
• This type of installation can be done on working computer only.

Steps for creating answer file (At server side)

Insert windows 2003 server CD in CD-Rom
Open any partition and create a folder by name as (Osman)
Open my computeropen CD-Rom support tools
Deploy Select all files and right click Extract
Select (Osman) OK Open (Osman) folder
(Setupmgr) file Next crate a new next
Unattended setup Next Windows 2003 standard
Next full automatically Next 
Name: Osman
Organization:
Next Next Next  CD Key
Next Next Computer name: Osman
Next (12 Times) Finish OKCancel
Steps for unattended installation (At sever side)
Insert windows 2003 sever CD in CD-Rom
Start RUN Browse Select CD-Rom
(winnt32.exe) D:\I386\winnt32.exe /unattend :C:\Coke\unattend.txt (Enter)

7- Disk management:
1- Partition:-

MCSE 2003 39
 File system:-
• File system enable the partition to store data.
• There are 2 types of file system they are:-
File system

FAT file system NTFS file system

• FAT stands for File Allocation Table. • NTFS stands for new technology file
• No advantage of FAT files system. system.
• FAT partition does not support the • NTFS is having many advantages.
following things:- • NTFS partition support the following
1- Compress. things:-
2- Encryption. 1- Compress.
3- Quotas. 2- Encryption.
4- Remote permission only. 3- Quotas.
4- Local security permissions.
5- Remote share permission.
6- NTFS partition is use in networks.

Steps to create a new partition (At server side)

Select & right click on my computermange
Select desk management select & right click on free space new logical drive next
logical drive next 10000 MGnext assign the following letter h:
Next file system NTFS perform quick formatnext finish
Steps to format partition (At server side)
Select & right click on my computermange
Select desk management select & right click on partition click on change drive
letter & path click on change assign the following drive letter P: OKyes
Steps to delete partition (At server side)
Select & right click on my computermange
Select desk management  select & right click on partition click on delete logical
dive Yes

Convert:-
• We can convert FAT partition to NTFS partition only.

MCSE 2003 40
 • Conversion will not delete the data of the partition.
• We can not convert NTFS to FAT partition.
Note:-
Formatting can be done from FAT to NTFS and from NTFS to FAT
But formatting will delete the data of the partition.
Steps to convert FAT partition to NTFS partition (At sever side)
First create a FAT partition
Open the partition Create some files in FAT partition
Start RUNCMD (Enter)
C:\convert h:/sf:NTFS (Enter)
Enter the volume name
Mount:-
• Attaching a folder to the partition is called mount.
• If we create files and folder in mount partition then automatically will create the same
file on mount folder.
• If we create files and folder in mount folder then automatically will create the same file
on mount partition.
• We can delete files and folders in partition then it will be deleted from mount folder
also.
• We can not delete files and folders from mount folder.
Steps to make mount to (Osman) folder with c:\ partition:
Open any partition create a folder by name as (Osman)
Select and right click on my computer Manage select disk management select &
right click on partition C:\ click on change drive letter & path Next click on Add 
Click on browse select (Osman) folder OK
Steps un-mount the (Osman) folder from partition C:\
Select and right click on my computer mange select disk management
Select & right click on partition C:\
Click on change drive letter and path next select (Osman) folder
Click on remove Yes

8- Installing & configuring DFS server:

MCSE 2003 41
 DFS server:-
• DFS stands for Distributed File System.
• It's use in the network to distribute files in the network.
• It provides fault-to Laurence of data.
• It provides network load balancing.

DFS root folder:-

• It's a folder which keeps the records of multiple link folders from multiple computers.
• DFS service is installed by default with operating system.

Steps to configure DFS root folder (At server side)

Open my computeropen any partitioncreate a folder by name as software & share it.
Start programs administrative tools DFS
Select & right click on DFS  New root next Create domain root next
Domain name: ibm.com next server name: ss.ibm.comnext root name: software
Next browse select software folder OK next finish
Steps to configure link1 folder (At server side)
Open my computeropen any partition create folder by name as oracle and share it.
Start programsadministrative tools DFS
Select & right click on DFS root folder (Software)
Create new linklink name: Oracleclick on browseselect oracle folderOKOk
Steps at member server side
Open any partition. Create a folder by name as oracle & share it.
Steps at server side
Start programsadministrative tools DFS
Select & right click on DFS root folder (software)
Click on new link link name: oracle1 click on browse select Oracle1 folder
Ok ok
Steps to make replication between oracle folders to oracle1 folder (At
server side)
Start Programsadministrative tools DFS
Select & right click on oracle folder click on new target click on browse
Select Oracle1 folder OKOKYES next select Oracle folder next
Topology: Hub & Spoke next finish

9- Installing and configuring printers:

MCSE 2003 42
There are 3 types of printers:-
1- Local printer:-
• The printer which is connected directly to the computer is called local printer.use by
singl user
• Local printer configuration must be done on domain controller.
2- Network printer:-
• The printer which is connected directly on domain controller and the printer is access
by all the computers from the network is called network printer.
• Network printer configuration must be done on client computer.
3- Special network printer:-
• This type of printer will have special built-in LAN card.
• This type of printer is connected directly to hub or switch.
Steps to install local printer (At server side)
Start settingsprinters click add printer  next
Local printer
Automatically detected  next next
 Manufacture: HP printer HP2000c Next printer name: HP2000c
Next location: 4th floor comments: optional next ON
Next finish
Steps to install network printer (at client side)
Start setting printers click on add printer next network printer next
Connect to the: Optional Next double click on domain name (ibm.com)
Double click on (SS) (server hostname)
Select printer name (HP2000c) next finish

MCSE 2003 43
10- Administrating windows 2003 printer:
Printers' permissions:
• There are 3 types of printer permission:-
1- mange printer permission:-
• If the user is having mange printer permission then he can install or remove driver of
printer
2- print permission:-
• He can give print files.
• Print permission will work along with mange print permission.
3- manage documents permission:-
• He can not install print.
• He can not give print jobs.
• He can delete print jobs of other users.

Steps to give mange print permission to user (Osman) (At server side)
Start settings printers select and right click on printer properties
Click on security remove all user add user (administrator) and give
Manage printer.
Manage document
Print add user (Osman)

Give manage print apply OK

MCSE 2003 44
III Paper:-
Installing of configuring windows 2003 network
infrastructure services:
Chapters…
1- Installing & configuring DNS server as active directory
integrated.
2- Installing & configuring DNS server as stub zone.
3- Installing & configuring DNS server as standard secondary.
4- Installing & configuring WINS server.
5- Installing & configuring DHCP server.
6- Installing & configuring DHCP reservation.
7- Installing & configuring web server.
8- Installing & configuring virtual web server.
9- Installing & configuring terminal server
10-Installing & configuring FTP server.

MCSE 2003 45
1- Installing & configuring DNS server as active
directory integrated:
DNS server:-
• DNS stand for Domain Name System.
• If DNS server is not there then we can not make domain model
network.
• If DNS server is removed from network will become slow.
• DNS server is also called back bone of network.
• DNS server can be installed by administrator in server only.
• DNS server can be configured by 4 types:
1- Active directory integrated DNS server.
2- Standard primary DNS server.
3- Standard secondary DNS server.
4- Stub zone DNS server.
Steps to install DNS service (At server side)
Start settings control panel add/remove programs
Add/components 

Nextinsert windows 2003 server CD in CD-RomOK

Next finish

MCSE 2003 46
Steps to check DNS is configured perfectly or not perfectly (At any side)
Start RUN CMD (Enter)
C :\> NSLOOKUP (Enter)
Default server: SS.IBM.COM
IP-Address: 10.0.0.1
>10.0.0.2(Enter)
Server: SS.IBM.COM
IP : 10.0.0.1
Name: KK.IBM.COM
IP : 10.0.0.2
>coke (Enter)
Server: SS.IBM.COM
IP : 10.0.0.1
Name: coke.IBM.COM
IP : 10.0.0.3

Steps to configure DNS as standard primary (At server side)

Start programs administrative tools DNS
Expand forward look up zone select & right click on forward look up
zone new zone next

MCSE 2003 47
MCSE 2003 48
MCSE 2003 49
Steps to update DNS database (At server side)
Start Programsadministrative tools DNS
Expand forward look up zone select & right click on new host (A)…

Click on add host Done

Standard primary:-
• If the DNS is configured as standard primary then, the administrator has to manually
update DNS database.
• We can keep standard secondary DNS server in the network if we have standard
primary DNS server in the network.
Forward look up zone:-
• Forward look up zone must be configuring with domain name (IBM.com).
• The function of forward look up zone is to convert hostname to IP-Address.
Reverse look up zone:-
• Reverse look up zone must be configuring with network-ID.
• The function of reverse look up zone is to convert IP-Address to hostname.
Active directory integrated DNS:-
• If the DNS server is configured as active directory integrated DNS then, the DNS
database update automatically.
• This active directory integrated option available only on domain controller.
• There is no manually updating in active directory integrated.
DNS database updating:-
• Taking the hostnames of IP-Address of all computers from the network and keeps
update in DNS server is called DNS database updating.

MCSE 2003 50
Steps to configure DNS server as active directory integrated (At server
side)
Start programs administrative tools DNS
Expand forward look up zone select & right click on forward lookup
zone
Click on new zone next

MCSE 2003 51
MCSE 2003 52
2- Installing & configuring stub zone DNS server:
Stub zone DNS server:-
• Stub zone DNS server keeps the record of main DNS server.
• If any client is requesting the main DNS server then the request will come
to stub zone and stub zone will forward the request of client to main DNS
server.

Yahoo.com

DNS

DNS

Stub Zone

DNS

DNS

Steps to configure stub zone DNS server (At member server)

First install DNS service.
Start programs administrative tools DNS
Expand forward look up zone
Select & right click on forward look up zone
Click on new zone next

MCSE 2003 53
MCSE 2003 54
Expand reverse look up zone select & right click on forward look up zone
click on new zone next 

MCSE 2003 55
MCSE 2003 56
MCSE 2003 57
MCSE 2003 58
3- Installing and configuring secondary DNS server:-
Secondary DNS server:-
• It's also called as back up DNS server.
• It provides fault to Laurence.
• It keeps all the records of main DNS server automatically.
• We can not make DNS database update manually.
• We can configure secondary DNS server in member server.

Steps to configure secondary DNS server

Note: -
To configure secondary DNS server we need main DNS server.

Steps at main DNS server side:

Startprogramsadministrative toolsDNS
Expand forward look up zoneexpand domain name (IBM.com)
Select & right click on (IBM.com) propertiesclick on zone transfer


MCSE 2003 59
Expand reverse look up zone Expand network-ID
Select & right click on 10.0.0.X properties
Click on zone transfer


Steps at member server side:

First install DNS service.
Start Programsadministrative toolsDNS
Expand forward look up zone select & right click on forward look up zone
Click on new zonenext


MCSE 2003 60
MCSE 2003 61
Expand reverse look up zone select & right click on reverse look up zone
New zone next


MCSE 2003 62
FINISH

MCSE 2003 63
Note:-
If new entry is added in main DNS server then,
Steps at main DNS server side
Open DNS select & right click on IBM.com
Click on update server data file
Expand reverse look up zone select & right click on 10.0.0.X subnet
Click on update server data file
Steps at secondary DNS server side
Open DNS select & right click on IBM.com
Click on transfer from master
Expand reverse look up zone select & right click on 10.0.0.X subnet
Click on transfer from master

MCSE 2003 64
4- Installing & configuring WINS server:
WINS server:-
• WINS stand for Windows Internet Name Service.
• WINS server help to make domain model network if there is no DNS server.
• The function of WINS server is to convert or resolve hostname to IP-Address only.
• If there is no WINS server or no DNS in network then there is no domain model
network.
Steps to install WINS service (At server side)
Start Sittings Control paneladd/remove programsadd/remove components
Select network services click on details put tick mark on WINS OK
Next insert windows 2003 CD in CD-Rom OKFinish
Steps to configure WINS server (At server side)
Start programs administrative tools WINS Expand server name
Select & right click on active registration 


MCSE 2003 65
Steps to resolve or convert hostname to IP-Address (At server side)
Start Programs administrative tools WINS expand server host name
Select & right click on active registration click on display records


Click on Find Now



MCSE 2003 66
5- Installing and configuring DHCP server:
DHCP server:-
• DHCP stand for Dynamic Host Configuration Protocol.
• Using DHCP server we can assign IP-Address to all the computers in the network
automatically.
• DHCP server assigns IP-Address to the computers in the network automatically.
• We can assign IP-Address to the computer by tow ways:
A- Static IP-Address:
• The IP which is assign by administrator to the computer manually is called static IP-
Address.
• Static IP-Address more powerful when compare to dynamic IP-Address.
B- Dynamic IP-Address:
• The IP-Address which is assign by DHCP server to all computers automatically is
called dynamic IP-Address.
• Dynamic IP is less powerful when compare to static IP-Address.
Steps to install DHCP service (at server side)
Start setting control panel add/remove programs
Add/remove components select network services
Click on details 
OK Next Finish
Steps to configure DHCP server (At server side)
Start programs administrative tools DHCP
Expand hostname (SS) Select & right click on hostname (SS)
New scope Next

NEXT

 

NEXT NEXT
DNS server setting put the domain name (ibm.com) and server name (SS)
click on resolve then Add Next WINS server settings put the server name
(SS) then Add Next

 Next Finish
Select & right click on server hostname (SS) click on authorize.

MCSE 2003 67
6- Installing & configuring DHCP reservation:
DHCP reservation:-
• Using DHCP reservation option we can reserve particular IP-Address to particular
computer.
• DHCP reservation option can be done with the help of MAC-Address or physical
address.
MAC-Address:-
• It's an address which is built-in on LAN card.
• It comes along with LAN card.
• Every LAN card will have a unique MAC-Address.
• Ex.A1-Q9-BT-X3-RH
Steps to check MAC-Address of the LAN card of local system
(At any side)
Start RUNCMD (Enter)
IPCONFIG/ALL (To see all information about the system)

Steps to check MAC-Address of the LAN card of remote system (At

any side)
Start RUN CMD (Enter)

MCSE 2003 68
Steps make DHCP reservation (At server side)
Start Programs Administrative tools DHCP
Expand scope Expand reservation
Select & right click on reservationnew reservation

Click Add

Steps At client side

Start RUN CMD (Enter)
C:\>IPCONFIG/RELEASE
(To remove the old DHCP Address)
C:\>IPCONFIG/RENEW
(To bring the new DHCP Address)
C:\>IPCONFIG/ALL
(To see all information about the system)

MCSE 2003 69
7- Installing & configuring web server:
Web server:-
• The computer which is having windows 2003 server O/S with web site is called web
server.
Web site:-
• Web site can be created with the help of HTML program & IP-Address.
• Web sites are use to get information about any companies.
HTML program:-
• HTML can be created by HTML programmer.
Requirement to configure web site:
1- Windows 2003 server O/S.
2- IIS (Internet Information service) service.
3- IP-Address.
4- HTML program.
Steps to install IIS service (At server side)
Start setting control panel add/remove programs
Add/remove components select application server
Click on details select IIS serviceclick on details
Select World Wide Web serviceOKOKnext
Insert windows 2003 server CD in CD-Romok
Steps to configure web site (At server side)
Steps to search HTML program from O/S (At server side)
Start search for files & folders name:*.html
Click on search.
Select & copy any HTML program
Create a folder by name as web in any partitionpaste it
Start programs administrative tools Internet Information serviceExpand
hostname expand web site folder
Select & right click on web sitenew web site
Next description: ibm.com next enter the IP: 10.0.0.1
Next Click on browse. Select the folder (web) OK
Next tick mark on browse next finish
Select & right click on ibm.comproperties click on documents
Click on Add default contain page: MCSE.html OK
Apply OK
Steps to connect web site (at server side)
Double click on Internet Explorer.
Address: http://10.0.0.1 (Enter)
Steps to update DNS database to access web site with domain name
(At server side)

MCSE 2003 70
 Start Programsadministrative tools DNS
Expand forward look up zone select & right click on ibm.com
New host name: www
IP-Address: 10.0.0.1
Click on Add host close.
8- Installing & configuring virtual web server:
Virtual web server:-
• The computer which is having windows 2003 server O/S with more than
one web site is called virtual web server.
Requirement for virtual web site:
1- Windows 2003 server O/S.
2- Second HTML program.
3- Second IP-Address.
Note: - We can get second HTML program from search option.
Steps to give second IP-Address to the computer (at server side)
Select & right click on my network place properties
Select & right click on local area connection properties
Click on advance click on Add
IP-address: 10.0.0.150
Subnet mask 255.0.0.0
AddOKOKclose.
Steps to configure second web site name as Osman.com (At server)
Open IISExpand web site folderselect & right click on web site folder
new web site next description: Osman.com
Next Enter IP-address: 10.0.0.150Next
Click on browse select second web2 folder which contains second
HTML file.
Next browse next finish
Select & right click on Osman.com properties
Click on documents click on add
Default contain page: Readme.html Add applyOk
Steps to connect second web site (At client)
Double click on internet explorer
Address: http://10.0.0.150
Steps to update DNS database for second website (At server side)
Open DNS expand forward look up zone
Select & right click on forward look up zone new zone
Next next next zone name: Osman.comnextnext
Finish
Select & right click on Osman.com new host

MCSE 2003 71
 Name: www
IP-Address: 10.0.0.1
Create associate pointer
Click on Done.

9- Installing & configuring terminal service:

Terminal service:-
• Using terminal service we can get the desktop of server at client computer
& we can do complete administrator using server desktop from client
computer.

Steps to install terminal service (At server side)

Start setting control panel Add/remove programs
Add/remove windows components select terminal service
Yes next nextfull security. Next insert the CD of
widows' 2003 OK finish

Steps to install terminal client service (at server)

Check partition in which O/S is installed open the partition
Open windows folder system32 select & sharing client
folder.

Steps at member server side

Start RUN \\10.0.0.1 (Enter)
Client (TSCLIENT) (WIN32) setup next
I accept user name: administrator next install finish

Steps to connect terminal server (At client side)

Start Program Accessories ----communication----- Remote
Desktop connection

MCSE 2003 72
Connect.

10-Installing & configuring FTP server:

FTP server:-
• FTP stand for File Transfer Protocol.
• FTP server is use for downloading & uploading files.
Steps to install FTP service (At server side)
Start setting control panel add/remove programs
Add/remove components select application server
Click on details selecting internet information service (IIS) service  click on details
Select FTP service OK OKOKNext
Insert windows 2003 server CD in CD-Rom OK Finish
Steps configure FTP server without isolate users (At server side)
Open any partition create a folder by name as FTP
Open FTP folder create some files & save it.
Start programs administrative tools
Internet information service expand host name (KK)
Select & right click on FTP folder new FTP site 

MCSE 2003 73
MCSE 2003 74
MCSE 2003 75
MCSE 2003 76
Steps to downloading files from FTP server (At client side)
Start RUN CMD (Enter)
C:\>MD PP (Enter) (make directory as pp)
C:\>CD PP (Enter)
C:\>PP>FTP 10.0.0.1 (Enter)
User name: administrator
Password: (Enter)
>DIR (Enter)
Get KK.txt (Enter) (kk :host name)
Transfer completed

MCSE 2003 77
 >MGET * (Enter) (MGET * for more than one folder)
RR.txt: y (Enter)
TT.txt n (Enter)
Steps to uploading files in FTP server (At Client side)
Start RUN CMD (Enter)
C:\>CD PP (Enter)
C:\>PP>Copy con M.txt hello how are you press Ctrl + Z (Enter)
C:\>PP>FTP 10.0.0.1 (Enter)
User name: administrator
Password: (Enter)
FTP>DIR
FTP>PUT M.txt (Enter) () to upload one file
FTP>MPUT * (Enter) () to upload multiple files

Steps to configure FTP server with Isolate user's option (At server side):
Open my computer.Open any partition
Create a folder by name as FTP open FTP folder create a sub-folder as IBM
Open IBM folder create a sub-folder as Ali (user name)
Start programs administrative tools IIS select & right click on FTP sites
New FTP site  next  description: IBM.COM next
Enter IP-Address: 10.0.0.1 next 

Next browse select FTP folder Ok next tick mark on read & write

Next finish

Start RUN CMD (Enter)

MCSE 2003 78
Steps to connect FTP server (At client side)
Double click on internet explorer
Address: http://10.0.0.1 (Enter)
User name: Ali
Password: *******

Steps to configure FTP server with Isolate users using active directory
Steps at client side
Open my computer open any partition create a folder by name as KK & share it.
Open KK folder create a sub-folder by name as SS

Steps at server side

Start administrative tools IIS
Select & right click on FTP site new FTP site
Next description: IBM.COM next enter IP-Address: 10.0.0.1
Next 

Next 

Next  Type the password

again

MCSE 2003 79
OK  tick mark on read & write next finish
Steps at server side
StartRUN CMD (Enter)

c:\> iisftp/setadprop kk ftproot \\mm\ftp (mm: host name for

client)

c:\> iisftp/setadprop kk ftpdir kk

MCSE 2003 80
IV Paper:-
Implementing, configuring & managing active
directory service:
Chapters…
1- Introduction to windows 2003 active directory service.
2- Installing & configuring active directory services.
3- Installing & configuring additional domain controller.
4- Installing & configuring child domain.
5- Installing & configuring forest domain.
6- Customization of desktop setting using group policy.
7- Deploying active directory services using group policy.
8- Delegate control.
9- Configuring domain model network.
10-Back up & restore of active directory.

MCSE 2003 81
1- Introduction to windows 2003 active directory service:
Active directory services:
• It's a centralized database of users, groups, computers & organization units.
• The computer which is having active directory services is called domain
controller.
• Without active directory we can not make domain model network.
• If the computer is not connected physically with other computer then we
can not install active directory.
• If the LAN card is disabling then we can not use active directory.
• During installation of active directory service we can install & configure
DNS server.
• This active directory stored in O/S partition in windows folder in NTDS
folder (New Technology Directory Service)
Requirements for active directory service installation:
1- Windows 2003 server O/S in NTFS partition.
2- IP-Address connected with other computer.
3- 250 MB free space in partition.
4- DNS (Optional).

MCSE 2003 82
2-Installing & configuring active directory
services:
Steps to install active directory service (at server):
Start RUN DCPOMO (Enter)
Next next domain controller for a new domain
Next domain in new forest next full DNS name: IBM.com next
Domain net Bios name: IBM next database folder log folder
Folder location. Next. Install & configure the DNS server on this computer.
Nextpermission compatible with pre-windows 2000nextpassword and confirm it
Next next finish Click on restart now

3-Installing & configuring additional domain

controller:
Additional domain controller:-
• Additional domain controller is also called as ADC (Additional Domain Controller).
• It provides fault to Laurence of active directory.
• It provides network load balancing in the network.
• It keeps the copy of main servers' active directory.
• If main server (PDC) is corrupted the second server (ADC) controls the network.

Steps to configure additional domain controller (At member server side)

Start RUN DCPROMO (Enter)
Next next username: administrator. Password: ******* domain: IBM
Next next next password and confirm for active directory (Optional)
NextNext
 Finish. Restart now

MCSE 2003 83
4- installing & configuring child domain:
• Child domain configuration allows the user of main office to logon in
branch office & the user of branch office can logon from main office.

Steps to configure child domain controller (at member server side):

Start RUN DCPROMO (Enter)
Next next domain controller for a new domain next
Child domain in an existing domain next
User name: Administrator password: ******** domain: IBM.com
Next parent domain: IBM.com. Child domain: ABC.
Complete DNS name: ABC.IBM.com.
Next net Bios name: ABC
Next Next Next permission compatible with pre-windows 2000
Next Password: ******* confirm password: **********

Steps to remove child active directory

Start RUN DCPROMO /Forceremoval (no space after force)

To check which active directory we are using:

Start RUN CMD (Enter)
C:\>Net accounts (Enter)

4-Installing & configuring forest domain:

Forest domain:
Forest domain configuration allows the users of one domain to logon from
anther domain & the user of one domain can use the source of other domain.
Steps to configure forest domain (at member side)
Start RUN DCPROMO (Enter)
Next next domain controller for a new domain next
Domain tree in an existing forest next username: Administrator
Password:
Domain: IBM.com
Next full DNS name: ABC.comnext net Bios name: ABC.com
Next next next next install & configure DNS on this computer
Next permission compatible with pre-windows 2000 next password & confirm
Next next finish

MCSE 2003 84
5- Customization of desktop sitting using group
policy:
• Using group policy we can stop the user to use desktop icon & we can stop
the user to use start menu items.
For example:
We can remove my network places, run, my computer & many things to user to stop
accessing.

Steps to remove my network places icon from desktop to user Ali (at
server side)
Open active directory users & computers select & right click on IBM.com (domain
name) new organization unit name: OU OK
Create a user by name as Ali in OU select & right click on OU properties
Group policy new Edit select desktop select & right click on my network places
Properties Enable apply Ok Close

Steps at client
Logon as user Ali user will not get network places icon on the desktop.

6- Deploying active directory using group policy:

• Using group policy we can deploy active directory on client computer to
particular user.

Steps to deploy active directory using group policy (At server side)
Open my computer open any partition create a folder by name as coke & share it
Check the partition in which server O/S is installed open O/S partition windows
System32 copy (ADMINPAK) file paste it in coke folder
open active users & computers create a new OU create a user by name as Ali in OU
properties select & right click on OU properties group policy new
Edit select users configuration expand software settings select & right click on
software install new Package select my network places entire network
Entire contains  Microsoft windows network domain name (IBM.com)
Server host name (HH) double click on coke folder assign OKcloseclose

Steps at client side

Logon as user Ali
Start programs administrative tools active directory users & computers

MCSE 2003 85
7- Delegate control:
Delegate control:
• Using this option we can give permission to user (Ali) to create, delete & manage users
& groups in particular O.U

Steps to give delegate control permission to user (Ali) on O.U:

(At server side)
Open active directory users & computers create a new organization unit
Create a user by name as (Ali) inside O.U
Select & right click on O.U group policy deploy active directory on O.U
Select & right click on O.U Delegate control Next AddEnter the object name:
Ali click on check name Ok Next Select any job which you want? Next
Finish
Steps at client side
Logon as Ali
Open active directory users & computers
Select & right click on O.U New user

MCSE 2003 86
 8-Configuring domain model network:
• Network are of two types, they are:
Network

Workgroup Model Network Domain model network

• Workgroup model network is also
called as peer-to-peer network.
• No authentication.
• Not more security.
• Example for workgroup model
network:- I Way
• Domain model network is also called as
server & client based network.
• Authentication.
• More security.
• Example for domain network:-
IBM.com – DELL.com

Win2003 Server Win XP Professional

1- Windows 2003 server. 1- Windows XP Professional.

2- IP-Address. 2- IP-Address.
3- DNS configure. 3- Connectivity with server.
4- Active directory. 4- Preferred DNS address.
5- Preferred DNS address. 5- Logically connectivity.

Steps to make logically connectivity (at client side)

Select & right click on my computer properties
Computer name click on change
Domain name: IBM.com OK username: Administrator password:
OK.OK. OK. Close. Restart computer.

MCSE 2003 87
9-Back up & restore active directory:
Steps to take back up of active directory (At server side)
Start  Programs Accessories system tools back up remove tick mark from
the box: always start in wizard mode click on advance mode
Click on back up wizard next only back up the system states data
Next Click on browse select partition to save back up OK
Choose a place to save the back up: D:\
Type name for back up file: Active directory
Next finish close.
Open active directory users & computers
Delete some users.

Steps to restore active directory (At server side)

Reboot the system
Press F8 to go in save mode select directory service restore mode
Enter OK
Start Programs Accessories system tools back up
Click on restore wizard next expand file select system states back up
Next Finish close restart
Open active directory users & computers
Users will be back.

MCSE 2003 88
V Paper:-
Implementing, configuring & managing active
directory service:
Chapters…
1- Introduction

MCSE 2003 89