This self-paced training course contains activities and labs to help you learn how to design Windows 2000 network security. To improve your understanding of Windows 2000 security, it's recommended to deploy security using Windows 2000 Advanced Server; however, the software isn't needed to perform any of the activities or labs in this course.
To successfully run the evaluation edition of Windows 2000 Advanced Server, all hardware should be on the Microsoft Windows 2000 Hardware Compatibility List (HCL). You can download the latest version of the HCL from the Hardware Compatibility List Web page at www.microsoft.com/hwtest/hcl/. Each computer must have the following minimum configuration:
A copy of the 120-day evaluation edition of Windows 2000 Advanced Server isn't required to do the activities and labs in this course.
The 120-day Evaluation Edition of Windows 2000 Advanced Server provided with this training kit is not the full retail product and is provided only for training purposes. Microsoft Technical Support doesn't support this evaluation edition. For additional support information regarding this book and the CD-ROMs (including answers to commonly asked questions about installation and use), visit the Microsoft Press Technical Support Web site at mspress.microsoft.com/support/. You can also e-mail TKINPUT@MICROSOFT.COM, or send a letter to Microsoft Press, Attn: Microsoft Press Technical Support, One Microsoft Way, Redmond, WA 98502-6399.
The following information is a checklist of the tasks that you need to perform to prepare your computer to install the evaluation software. If you don't have experience installing Windows 2000 or another network operating system, you may need help from an experienced network administrator. As you complete a task, mark it off in the check box. Step-by-step instructions for each task follow.
The installation information provided will help you prepare a computer to install the evaluation software. It's not intended to teach you installation.
You should install Windows 2000 Advanced Server on a computer with no formatted partitions. During installation, you can use the Windows 2000 Advanced Server Setup program to create a partition on your hard drive, on which you install Windows 2000 Advanced Server as a stand-alone server in a workgroup.
To create Windows 2000 Advanced Server Setup disks
Complete this procedure on a computer running MS-DOS or any version of Windows with access to the Bootdisk directory on the Windows 2000 Advanced Server installation CD-ROM. If your computer is configured with a bootable CD-ROM drive, you can install Windows 2000 without using the Setup disks. To complete this procedure as outlined, bootable CD-ROM support must be disabled in the basic input/output system (BIOS).
This procedure requires four formatted 1.44-MB disks. If you use disks that contain data, the data will be overwritten without warning.
Running the Windows 2000 Advanced Server Pre–copy and text mode setup routine
It's assumed for this procedure that your computer has no operating system installed, the disk is not partitioned, and bootable CD-ROM support, if available, is disabled.
After the computer starts, Windows 2000 Setup displays a brief message that your system configuration is being checked, and then the Windows 2000 Setup screen appears. Notice that the gray bar at the bottom of the screen indicates that the computer is being inspected and that the Windows 2000 Executive is loading, which is a minimal version of the Windows 2000 kernel.
Notice that Setup indicates that it is loading the hardware abstraction layer (HAL), fonts, local specific data, bus drivers, and other software components to support your computer's motherboard, bus, and other hardware. Setup also loads the Windows 2000 Setup program files.
Notice that Setup indicates that it is loading disk drive controller drivers. After the drive controllers load, the setup program initializes drivers appropriate to support access to your disk drives. Setup might pause several times during this process.
Setup loads peripheral support drivers, like the floppy disk driver and file systems, and then it initializes the Windows 2000 Executive and loads the rest of the Windows 2000 Setup program. If you're installing the evaluation version of Windows 2000, a Setup notification screen appears, informing you that you are about to install an evaluation version of Windows 2000.
Setup displays the Welcome To Setup screen. Notice that, in addition to the initial installation of Windows 2000, you can use Windows 2000 Setup to repair or recover a damaged Windows 2000 installation.
Setup displays the Windows 2000 Server Setup screen, prompting you to select an area of free space or an existing partition on which to install Windows 2000. This stage of setup provides a way for you to create and delete partitions on your hard drive.
If your computer does not contain any disk partitions (as required for this exercise), you will notice that the hard drive listed on the screen contains an existing unformatted partition.
Although you can create additional partitions from the remaining unpartitioned space during setup, it's recommended that you perform additional partitioning tasks after you install Windows 2000. To partition hard drives after installation, use the Disk Management console.
The Setup program formats the partition with NTFS. After it formats the partition, Setup examines the hard drive for physical errors that might cause Setup to fail and then copies files to the hard drive. This process takes several minutes.
Eventually, Setup displays the Windows 2000 Advanced Server Setup screen. A red status bar counts down for 15 seconds before Setup restarts the computer.
If your computer supports booting from the CD-ROM drive and this feature wasn't disabled in the BIOS, the computer could boot from the Windows 2000 Advanced Server installation CD-ROM after Windows 2000 Setup restarts. This will cause Setup to start again from the beginning. If this happens, remove the CD-ROM and then restart the computer.
Running the GUI Mode and Gathering Information phase of Windows 2000 Advanced Server Setup
This procedure begins the graphical portion of Setup on your computer.
Setup configures NTFS folder and file permissions for the operating system files, detects the hardware devices in the computer, and then installs and configures device drivers to support the detected hardware. This process takes several minutes.
You can modify regional settings after you install Windows 2000 by using Regional Options in Control Panel.
Setup displays the Personalize Your Software page, prompting you for your name and organization name. Setup uses your organization name to generate the default computer name. Many applications that you install later will use this information for product registration and document identification.
If the Your Product Key screen appears, enter the product key, which is located on the sticker attached to the Windows 2000 Advanced Server, Evaluation Edition, CD sleeve bound into the back of this book.
Setup displays the Licensing Modes page, prompting you to select a licensing mode. By default, the Per Server licensing mode is selected. Setup prompts you to enter the number of licenses you've purchased for this server.
Per Server Number of concurrent connections and five concurrent connections are suggested values to use to complete your self-study. You should use a legal number of concurrent connections based on the actual licenses that you own. You can also choose to use Per Seat instead of Per Server.
Setup displays the Computer Name And Administrator Password page. Notice that Setup uses your organization name to generate a suggested name for the computer.
If your computer is on a network, check with the network administrator before assigning a name to your computer.
For the labs in this self-paced training kit, you will use "password" for the Administrator account. In a production environment you should always use a complex password for the Administrator account (one that others cannot easily guess). Microsoft recommends mixing uppercase and lowercase letters, numbers, and symbols (for example, Lp6*g9).
Setup displays the Windows 2000 Components page, indicating which Windows 2000 system components Setup will install.
You can install additional components after you install Windows 2000 by using Add/Remove Programs in Control Panel. Make sure to install only the components selected by default during setup. Later in your training, you will be installing additional components.
If a modem is detected in the computer during setup, Setup displays the Modem Dialing Information page.
Windows 2000 services perform many tasks whose successful completion depends on the computer's time and date settings. Be sure to select the correct time zone for your location to avoid problems in later labs.
Completing the Installing Windows Networking Components phase of Windows 2000 Advanced Server Setup
Networking is an integral part of Windows 2000 Advanced Server. Many selections and configurations are available. In this procedure you configure basic networking. In a later exercise you will install additional network components.
This setting installs networking components that are used to gain access to and share resources on a network and configures Transmission Control Protocol/Internet Protocol (TCP/IP) to automatically obtain an IP address from a DHCP server on the network. Setup displays the Workgroup or Computer Domain page, prompting you to join either a workgroup or a domain.
Setup displays the Installing Components page, displaying the status as Setup installs and configures the remaining operating system components according to the options you specified. This will take several minutes.
Setup then displays the Performing Final Tasks page, which shows the status as Setup finishes copying files, making and saving configuration changes, and deleting temporary files. Computers that don't exceed the minimum hardware requirements might take 30 minutes or more to complete this phase of installation. Setup then displays the Completing The Windows 2000 Setup Wizard page.
Completing the Hardware Installation phase of Windows 2000 Advanced Server Setup
During this final phase of installation, any Plug and Play hardware not detected in the previous phases of Setup will be detected.
Windows 2000 displays the Windows 2000 Configure Your Server dialog box. From this dialog box, you can configure a variety of advanced options and services.
You have now completed the Windows 2000 Advanced Server installation and are logged on as Administrator.
To properly shut down Windows 2000 Advanced Server, click Start, choose Shut Down, then follow the directions that appear.
If your computers are part of a larger network, you must verify with your network administrator that the computer names, domain name, and other information used in setting up Windows 2000 Advanced Server as described in this section don't conflict with network operations. If they do conflict, ask your network administrator to provide alternative values.
The CD-ROM also includes an online version of the book that you can view onscreen using Microsoft Internet Explorer 4.01 or later. As mentioned above, the online version of the book contains the glossary.
To use the online version of this book
You must have the Supplemental Course Materials CD-ROM inserted in your CD-ROM drive to run the online book.
With this Training Kit, Microsoft provides 180 days of unlimited access to 25 practice test questions for the exam 70-220. The exam preparation questions are a subset of practice test questions offered in the MCSE Readiness Review—Designing Microsoft Windows 2000 Network Security; Exam 70-220 (ISBN 0-7356-1365-6) book developed by Microsoft and MeasureUp, a Microsoft Certified Practice Test Provider.
To use these questions, create a free user account at mspress.measureup.com/ and register with the key provided on the sticker attached to the Supplemental Course Materials CD-ROM sleeve near the back of this book. If you encounter any problems accessing the questions, please call MeasureUp's customer service at (678) 356-5050.