Windows XP Professional Study Notes
By Jason Zandri
Attended Installation
Installing Windows XP Professional from a CD-ROM to a clean hard disk consists of these four stages:
Running the Setup program - Partitions and formats the hard disk (if required) for the installation to proceed and copies the files necessary to run the Setup Wizard.
Running the Setup Wizard - Requests setup information about the local workstation where the installation is taking place.
Networking components - Installs the networking components that allow the computer to communicate with other computers on the local network.
Completing the installation - This final phase copies files to the hard drive and configures the final stages of the setup.
There are some noted differences in the Windows XP Professional installation and older Windows NT4 and Windows Professional installations.
The design of the installation program assumes that your system has the ability to boot directly from a CD-ROM or that you will use a Windows 95/98/ME boot floppy to begin installing from a CD. The ability to directly create setup floppies has been dropped from Windows XP. Setup boot disks are available only by download from Microsoft. The Setup boot disks are available so that you can run Setup on computers that do not support a bootable CD-ROM.
There are six Windows XP Setup boot floppy disks. These disks contain the files and drivers that are required to access the CD-ROM drive through generic PCI drivers and begin the Setup process.
If your computer does support booting from a CD-ROM, or if network-based installation is available, Microsoft recommends that you use those installations methods.
Setup will not prompt the user to specify the name of an installation folder unless you are performing an unattended installation or using winnt32 to perform a clean installation.
By default, the Setup Wizard installs the Windows XP Professional operating system files in the WINDOWS folder. If this folder exists on the partition you have chosen for the install, setup will warn you that you are about to overwrite the current operating system installed on that partition. In order to keep it (e.g. dual or multi booting scenario) you would need to choose another partition for the installation.
To start the Setup program, insert the Windows XP Professional installation CD-ROM in your CD-ROM drive
If an operating system is detected on the hard drive, the following message will appear:
In this scenario, you would need to press any key on the keyboard to continue with the CDROM installation.
After the computer starts, a minimal version of Windows XP Professional is copied into memory. This version of Windows XP Professional starts the Setup program.
After all of the files are copied and the system is restarted, the text-mode portion of Setup is started which prompts you to read and accept a licensing agreement.
You would select "F8-I agree" to continue. (If you elect not to accept the agreement, the installation will end)
You are then prompted to select a partition on which to install Windows XP Professional. You can select an existing partition or create a new partition by using any unpartitioned free space on the hard drive(s).
(The above example shows a partitioned and formatted drive)
Once a partition has been selected the next step is to select a file system for the new partition. Next, Setup formats the partition with the selected file system. (This would assume that a file system didn't currently exist. In this example, one already does and it is formatted in NTFS so I have elected to leave it as is. Any formatting done here during setup will destroy any existing data on the partitions formatted.)
From here Setup copies files to the hard disk and saves configuration information.
Setup restarts the computer once the file copy is completed and then starts the Windows XP Professional Setup Wizard, the graphical user interface (GUI) portion of Setup.
The GUI-based Windows XP Professional Setup Wizard is the next stage of the installation process.
Regional settings - In this section you are able to customize settings to your language and where you live as well as setup Windows XP Professional to use multiple languages and regional settings.
Personalize your Software - In this section you can enter the name of the person and the organization to which this copy of Windows XP Professional is licensed. This can be your own name and nothing in the organization field or the name of the company in both places if this installation is being performed in a place of business. Software installed on the system later will often use this information for product registration and document identification.
Your Product Key - This page is where you enter your 25-character product key in order to install the software.
If you incorrectly type the key, an error message will be generated.
Computer Name And Administrator Password - Here you enter a name for the computer or use the auto generated one that Windows XP Professional provided.
The computer name will always display in all uppercase letters, no matter how you type it. The name is not case sensitive.
In the Administrator Password box on the same screen, you will enter the password to be used for the administrator account and in the Confirm Password box you will re-enter it to make sure that it is entered correctly.
If the passwords do not match, the above error message will appear and you will need to enter them again.
Modem Dialing Information - This section will begin only if an installed modem has been found on your system.
Enter the correct country or region if it is not selected. (It should match your selection from the Regional settings page.) Type your area code or city code and any number you might need to dial to get an outside line. You can also select either tone or pulse dialing on this page as well.
Date and Time Settings - This section of Setup allows you to verify that the correct date, time and time zone are entered and whether or not the system should adjust itself automatically at the daylight savings times events each year.
Network Settings - The next section of setup deals entirely with installing the Windows XP Professional networking components on your system.
Installing Windows XP Professional networking components involves the following processes:
Detect network adapter cards - The Setup Wizard detects and configures any network adapter cards installed on the computer. By default, it attempts to locate a DHCP server on the network. If none is found it will use an Automatic Private IP Addressing (APIPA) IP address. (The APIPA IP address feature of Windows XP Professional automatically configures a unique IP address from the range 169.254.0.1 to 169.254.255.255 and a subnet mask of 255.255.0.0 when TCP/IP is configured for dynamic addressing and a DHCP server is not available.)
Select networking components - The Setup Wizard prompts you to choose typical or customized settings for networking components.
The Typical (selected by default) installation includes the following options:
- Client For Microsoft Networks. Allows your computer to access network resources.
- File And Printer Sharing For Microsoft Networks. Allows other computers to access file and print resources on your computer.
- QoS Packet Scheduler. Helps provide a guaranteed delivery system for network traffic, such as Internet Protocol (TCP/IP) packets.
- Internet Protocol (TCP/IP). Allows your computer to communicate over local area networks (LANs) and wide area networks (WANs). TCP/IP is the default networking protocol.
Workgroup or Computer Domain - This section allows you to choose to join a domain for which you have administrative privileges or to join a local workgroup. You can create the computer account in the domain you are joining ahead of time or during installation. (The Setup Wizard prompts you for the name and password of a user account with authority to add domain computer accounts if you elect to create the account during the Windows XP Professional installation).
After installing the networking components, Setup starts the final steps of the installation process, which include:
- Installs Start menu items - Shortcuts that will appear on the Start menu are installed and configured during this stage.
- Registers components - The configuration settings that you specified earlier during the install are configured now.
- Saves the configuration - The Setup Wizard saves your entered configuration settings. Once the system is restarted, the computer uses this configuration by default.
- Removes temporary files - Any files used by the Setup Wizard that are no longer needed are deleted.
- Restarts the computer - The computer is automatically restarted. This is the final step of the Setup Wizard.
After you start Windows XP for the first time, you will come to the Welcome to Microsoft Windows screen to finish setting up your computer. Click on the Green NEXT arrow at the bottom right hand corner of the display.
The system will then check to see how you will connect to the Internet. If Windows cannot detect the settings it will prompt you for input. (You can also select SKIP to by pass this section).
The Registration of your Windows XP Professional software IS NOT REQUIRED. You can skip this step and never go back to it.
The Windows Product Activation screen appears next. Windows Product Activation has been designed by Microsoft it protect their intellectual property as much as possible from software piracy. According to Microsoft through the setup feature, you do not need to send any information at all when you activate the product, not even a name. This step is required, at this time or within the first 30 days.
If you decide to skip this registration step now, you will only be able to use Windows XP Professional for 30 days. At that time, the operating system will not function without activating the product. You will have no other option but to either blow the partition away and reinstall the OS for another 30 days or activate the software.
If you skip this step, Windows XP will periodically remind us during our 30-day period to Activate the product.
The next screen we are brought to is the Internet Access screen, which allows us to configure our Internet connection at this time as well. You do have the option to skip this step as well.
The next screen that appears is the User Setup screen. On this setup page you are able to enter the name of each person that will have local access to this computer. If you choose to do this now, Windows XP Professional would create a separate user account for each name entered.
These names would first appear on the Welcome Screen in alphabetical order. At that point, users would be able to select their name from the Welcome screen to use the computer. The local administrator can use User Accounts in the system Control Panel to assign these users with passwords and system permission limits. It is also where additional users can be created, in lieu of doing here or in addition to entering some here.
At least one name needs to be entered.
This first user becomes a local administrator by default.
Upgrading To Windows XP Professional
Before we get started with a direct upgrade to Windows XP Professional we need to know which operating systems support a direct upgrade.
Windows XP Supported Upgrade Paths
The following direct upgrade paths are supported by Microsoft and are considered viable for both the Windows XP Professional and Windows XP Home operating systems.
Microsoft Windows 98
Microsoft Windows 98 Second Edition
Microsoft Windows Millennium Edition
- Windows XP Home Edition Retail (Full) Version
- Windows XP Home Edition Upgrade Version
- Windows XP Professional Retail (Full) Version
- Windows XP Professional Upgrade Version
- Windows XP Professional Retail (Full) Version
- Windows XP Professional Upgrade Version
- Windows XP Professional Retail (Full) Version
- Windows XP Professional Upgrade Version
- Windows XP Professional Retail (Full) Version
- Windows XP Professional Upgrade Version
Currently, there are no supported direct upgrade paths for the following Microsoft operating systems:
Microsoft Windows 3.x
Microsoft Windows NT 3.51 Workstation
Microsoft Windows NT 3.51 Server
Microsoft Windows NT 3.51 Server with Citrix
Microsoft Windows 95
Microsoft BackOffice Small Business Server
Having this information available or knowing where to look it up is important before you get started.
[NOTES FROM THE FIELD] - I often get the question, "how do you know all of this stuff", when I am working with desktop or system admins. The truth is, I often do not know the information off the top of my head. Sometimes I do, and it is often due to the fact that many people throughout the course of the year come to ask me different questions and because many of them are repetitive I often have immediate recall of them. Many times, (more often than not) I don't remember the answer, but I have a vague idea of where I looked it up when I was asked it before and I head right "battle" is knowing where to look up the information when you need it. If you can do that, you're ahead of the game and ahead of most other people you might work with.
Once you are certain that the operating system you're currently using can be directly upgraded to Windows XP Professional, you then need to be sure that the installed system hardware meets the minimum Windows XP Professional hardware requirements by verifying all of the hardware is on theHardware Compatibility List (HCL) at the Microsoft website.
Windows XP Professional supports only the devices listed in the HCL. If your hardware isn't listed, contact the hardware manufacturer and request a Windows XP Professional driver.
Support means that while the operating system may load and run on unsupported hardware and software, any issues that come up with the system will not be covered (i.e. supported) by Microsoft Technical Support if you should need to engage them.
You can test the computer for compatibility by using the Windows XP Professional Compatibility tool. During a system upgrade you will see the option for this on the introductory screen. (You also run the tool from the command line by typing <CDROM DRIVE>:\i386\winnt32 /checkupgradeonly. You can perform just the check and then exit the tool without installing the operating system, if you wish.)
If you have AUTORUN enabled on your system the Welcome to Microsoft Windows XP setup screen will appear.
The Windows XP Professional Compatibility tool can be run by selecting Check system compatibility and then Check my system automatically.
If any issues are found they will be reported in the Microsoft Windows Upgrade Advisor Compatibility window.
During an OS upgrade on a system with pre-installed software, you can use upgrade packs to make the existing software compatible with Windows XP Professional. Upgrade packs are usually available from the appropriate software manufacturers. You can also get updated setup files from Microsoft during the upgrade installation if you are connected to the internet.
As time passes from the point of original software distribution, (many vendors often call the first official release of a software platform as a GOLD distribution) many files may be updated before a Second edition of the software (such as Windows 98 Second Edition) or a service release (Office XP Professional SR1.) is distributed. Dynamic update allows you to do this as you start your installation. You can also elect to not perform it during the installation, in order to do so at a later time.
The next point of the Upgrade installation is the setup type. Even though you are within an existing operating system, you are not forced to upgrade to the new operating system. You can choose the option to perform a clean installation at this point. (The default recommended option is Upgrade, as shown above.)
The next page is the License Agreement, where you will need to click I Accept This Agreement, in order to continue.
Next, you will need to enter your 25-character product key on the product Key page.
The next phase from here will vary slightly depending on whether you are upgrading from a Windows 9x system, where you will be asked whether you want to upgrade to the NTFS file system from your FAT or FAT32 partition, or if you are upgrading from Windows NT4 and already using NTFS, you will be displayed with the Upgrading To The Windows XP Professional NTFS File System page.
After you choose how you wish to handle the file system upgrade, setup will continue, reboot the computer and finish the upgrade of your system on its own.
Additional Installation Methods of Windows XP Professional
Installing Windows XP Professional over the Network
Before you can begin a network installation of Windows XP Professional, you need to copy the Windows XP Professional installation files to a server, normally a file or distribution server, and share out the directory so that people who need to perform an over the network installation can attach to the share. (These people will also need the proper level of Folder and NTFS permissions to attach to the share.)
The distribution server share will need to contain the installation files from the I386 folder on the Windows XP Professional CD-ROM.
From the target system, you connect to this shared directory and then run the Setup program.
The target system needs to be prepared ahead of time in order to be successful with an over the network installation. First, you need to create a FAT or FAT32 partition on the target computer of at least 1.5 GB of disk space and format it ahead of time and you also need to either boot from a client diskette that includes a network client that enables the target computer to connect to the distribution server or install the client directly to the local system hard drive with some sort of system installed, such as formatting the hard drive with a Windows 9x boot disk with the "s" switch.
(FORMAT
The preferred method is to boot from a client diskette that includes a network client that enables the target computer to connect to the distribution server.
(As we continue from here, we will assume we are using the preferred methods of installation. As variables come up, I will mention them as a side note.)
The Setup program copies the installation files to the target computer, which is why you need to create a FAT or FAT32 partition on the target computer of at least 1.5 GB of disk space and format it ahead of time.
You begin from the target computer by booting from a floppy disk that includes a network client that can be used to connect to the distribution server. Once the network client on the target computer is started, you connect to the shared folder on the distribution server that contains the Windows XP Professional installation files and Run WINNT.EXE to start the Setup program.
[NOTES FROM THE FIELD] - WINNT.EXE is used for an installation using MS-DOS or Windows 3.0 or later versions on the source system. WINNT32.EXE is run for an installation using Microsoft Windows 95, Windows 98, Microsoft Windows Me, Windows NT 4, or Windows 2000 Professional.
Running WINNT.EXE from the shared folder does creates the $Win_nt$.~ls temporary folder on the target computer and the Windows XP Professional installation files are copied from the shared folder on the distribution server to the $Win_nt$.~ls folder on the target computer. Once all of the files are copied to the target system, setup will reboot the local computer and begin installing the Windows XP Professional operating system.
[NOTES FROM THE FIELD] - WINNT.EXE and WINNT32.EXE can be modified by using switches. I have outlined the available switches below.
Modifying the Setup Process Using WINNT.EXE switches
| Switch | Function |
| /a | Enables accessibility options. |
| /r[:folder] | Specifies an optional folder to be copied and saved. The folder remains after Setup is finished. |
| /rx[:folder] | Specifies the optional folder to be copied. The folder is deleted after Setup is finished. |
| /s[:sourcepath] | Specifies the source location of Windows XP Professional files. This must be a full path x:\[path] or \\server\share\[path]. The default is the current folder location |
| /t[:tempdrive] | Specifies a drive to contain temporary setup files and directs the Setup program to install Windows XP Professional on that drive. If you do not specify a drive, Setup attempts to locate the drive with the most available space by default. |
| /u[:script_file] | Performs an unattended installation. (Requires the /s switch.) The answer file provides answers to some or all of the prompts that the end user normally responds to during Setup. |
| /udf:id[,UDF_file] | Indicates an identifier (id) that Setup uses to specify how a Uniqueness Database File (UDF) modifies an answer file. The /udf parameter overrides values in the answer file, and the identifier determines which values in the UDF file are used. If you do not specify a UDF_file, Setup prompts you to insert a disk that contains the $UNIQUE$.UDB file. |
Modifying the Setup Process Using WINNT.EXE32 switches
| Switch | Function |
| /checkupgradeonly | Checks your computer for upgrade compatibility for Windows XP Professional.
|
| /cmd:command_line | Specifies a specific command that Setup is to run. This command is run after the computer restarts and after Setup collects the necessary configuration information. |
| /cmdcons | Copies to the hard disk the files for the Recovery Console, which is used for repair and recovery as a Startup option after the Windows XP Professional installation has been completed. |
| /copydir:foldername | Creates an additional folder within the %systemroot% folder, which contains the Windows XP Professional system files. You can use the /copydir switch to create as many additional folders within the %systemroot% folder as you want. |
| /copysource:foldername | Creates an additional folder within the %systemroot% folder. Setup deletes folders created with /copysource after installation is complete. |
| /debug[level] [:file_name] | Creates a debug log at the specified level. By default, the debug log file is C:\WINNT32.LOG and the default level is 2. Includes the following levels:
|
| /dudisable | Prevents Dynamic Update from running. Without Dynamic Updates, Setup runs only with the original Setup files. This option disables Dynamic Update even if you use an answer file and specify Dynamic Update options in that file. |
| /dushare: pathname | Specifies a share on which you previously downloaded Dynamic Update files from the Windows Update Web site. When run from your installation share and used with /prepareinstall, it prepares the updated files for use in network-based client installations. When used without /prepareinstall and run on a client, it specifies that the client installation will use the updated files on the share specified in pathname. |
| /duprepare: pathname | Prepares an installation share for use with Dynamic Update files that you downloaded from the Windows Update Web site. You can use this share for installing Windows XP Professional for multiple clients and it can only be used with /dushare). |
| /m:foldername | Instructs Setup to copy replacement files from an alternate location. Directs Setup to look in the alternate location first and, if files are present, to use them instead of the files from the default location. |
| /makelocalsource | Instructs Setup to copy all installation source files to the local hard disk. Use this switch when installing from a CD-ROM to provide installation files when the CD-ROM is not available later in the installation. |
| /noreboot | Prevents Setup from restarting the computer after completing the file-copy phase. |
| /s:sourcepath | Specifies the source location of Windows XP Professional installation files. To simultaneously copy files from multiple paths, use a separate /s switch for each source path. If you type multiple /s switches, the first location specified must be available or the installation will fail. You can use a maximum of eight /s switches. |
| /syspart:[drive_letter] | Copies Setup startup files to a hard disk and marks the drive as active. You can then install the drive in another computer. When you start that computer, Setup starts at the next phase. Using /syspart requires the /tempdrive switch. You can use syspart on computers running Windows NT 4, Windows 2000, Windows XP Professional, or Windows 2000 Server. You cannot use it on computers running Windows 95, Windows 98, or Windows Me. |
| /tempdrive:drive_letter | Places temporary files on the specified drive and installs Windows XP Professional on that drive. |
| /unattend [number]: [answer_file] | Performs an unattended installation. The answer file provides your custom specifications to Setup. If you don't specify an answer file, all user settings are taken from the previous installation. You can specify the number of seconds between the time that Setup finishes copying the files and when it restarts with [number]. You can specify the number of seconds only on computers running Windows 98, Windows Me, Windows NT 4, or Windows 2000 that are upgrading to a newer version of Windows XP Professional. |
| /udf:id[,udb_file] | Indicates an identifier (id) that Setup uses to specify how a UDF modifies an answer file. The UDF file overrides values in the answer file, and the identifier determines which values in the UDF file are used. If you do not specify a UDF file, Setup prompts you to insert a disk that contains the $UNIQUE$.UDF file. |
For the most part, an over the network installation of Windows XP Professional from this point forward is almost perfectly identical to installing Windows XP Professional from a CD-ROM to a clean hard disk. For more information, you can take a look at my article Attended Install of Windows XP Professional.
Installing Windows XP Professional using Windows Setup Manager.
Using the Windows Setup Manager will help you automate certain Windows XP Professional installations. In order to use the Windows Setup Manager you need to install the Windows XP Professional Deployment Tools from the Windows XP Professional CD-ROM.
To start, you need to log on with a user account that is a member of the Administrators group and insert the Windows XP Professional CD-ROM in the CD-ROM drive. (If you have AUTORUN enabled the Welcome To Microsoft Windows XP screen, shown below, will appear. Click Exit to close it).
Open the Windows Explorer and create the folder where the files can be extracted to.
The E:\Setup Tools folder in our example will be used to contain the files extracted from DEPLOY.CAB on the Windows XP Professional CD-ROM. (You can also choose to create a new folder to where you want to extract the files when you open the CAB files. We have performed this step ahead of time in the example)
Double-click
The Select a Destination window will open. Select the E:\Setup Tools folder we created earlier as the point where to extract the tools to. (Or, as I mentioned before, you could select Make New Folder at this point as well).
When you have finished, the following files will appear in the folder.
We will use setupmgr.exe, the Windows System Manager, to create an unattended setup script. Double clicking the on the executable will start the Windows Setup Manager Wizard.
Clicking Next will bring up the New Or Existing Answer File page. Since we do not have an existing answer file, we will elect to create a new one and continue.
We are then presented with three different options on the Product to Install page. Since we are creating an answer file for a Windows Unintended Installation (which is selected by default) we will keep this setting and continue.
On the Platform page we will choose our platform for the answer file. (This will be Windows XP Professional, but you are supplied with the options for Windows XP Home Edition and Windows 2002 Server, Advanced Server or Data Center when you use setupmgr.exe, the Windows System Manager, from the Windows XP Professional CDROM).
On the User Interaction Level page, the following five options are displayed:
Provide Defaults. This setting causes default selections to appear to the end user as the operating system installs itself on a workstation. The user can accept the default answers or change any of the answers supplied by the script.
Fully Automated. A Fully Automated installation does not allow the user the chance to review or change the answers supplied by the script.
Hide Pages. This setting causes default selections to be hidden. Pages for which the script supplies all answers are hidden from the user.
Read Only. Pages for which the script supplies all answers are viewable by the user but the user cannot change the answers.
GUI Attended. The text-mode portion of the installation is automated, but the user must supply the answers for the GUI-mode portion of the installation.
We will choose FULLY AUTOMATED and continue.
On the Distribution Folder page you can create a distribution folder on your local computer or network containing the required source files. You can add files to this distribution folder to further customize your installation.
For this demonstration we will select, No This Answer File Will Be Used To Install From A CD, and then click Next to continue.
On the License Agreement page you will need to select the checkbox to accept the terms of the License Agreement in order to successfully continue.
The next page that comes up is the Customize the Software page. As you can see here and in the left hand column, all of the prompts are exactly like the ones you would expect to see during an attended install. You are answering them all here, just once, for use each time in the future.
The last entry of the General Settings section is Providing the Product Key.
During a fully automated install, you must supply a Product Key or you will receive an error message.
If you were to use Provide Defaults or GUI Attended user interaction levels, you would be allowed to leave this page blank. Also, if you provide a bogus key on the Product Key page, the Wizard will continue, but, the fully automated install will halt when it reaches this point, as the key is invalid.
The next page that is presented starts the Network Settings section of the answer file.
The first entry is for Computer names. Here, you can enter as many different workstation names and you want, import them from a text file, or allow the installation program to auto generate names based on your organization name.
[NOTES FROM THE FIELD] - If multiple computer names were specified in the computers to be installed section, the setup wizard creates a *.UDB file. The Uniqueness Database File (UDB) provides you the ability to specify individually specific computer parameters automatically. The UDB modifies an answer file by overriding values in the answer file, when you run Setup with the /udf:id[,UDB_file] switch. The file overrides values in the answer file, and the identifier (id) determines which values in the .udb file are used.
The Administrator Password page is next and has two options, (of which only the second is available):
1) Prompt The User For An Administrative Password
2) Use The Following Administrative Password (127 Characters Maximum)
(Because we selected the User Interaction level of Fully Automated, the Prompt The User For An Administrative Password option is grayed out).
Enter any password that you want.
There is also two other options on this page, to encrypt the Administrator's password in the answer file and to have the Administrator log on automatically.
You can also set the number of times you want the Administrator to log on automatically when the computer is restarted.
We will leave these blank continue from here.
The Networking Components page is where we can elect to keep the typical settings or to choose to customize them. We will leave the default selection of Typical and select NEXT to continue.
The final page of the Network Settings section is the Workgroup or Domain page.
Here you can choose whether or not the answer file will put the newly installed system into a workgroup or a domain. As with an attended install, if we elect to choose a domain, we need may need to create a computer account in the domain if this hasn't already been done.
We will be using the WORKGROUP option, so we will enter a name and continue. (The WORKGROUP "workgroup" is supplied by default, just as DOMAIN in under the Windows Server domain option)
The last a final phase of the process is the Advanced Settings section.
The first option is for the Telephony information.
Next is the Regional Setting section, which allows us to either use the default regional settings for Windows XP Professional from the CDROM we're installing from or to choose another.
We will keep the defaults as listed above and continue.
We are also given the option to add support for other languages.
In the Browser and Shell Settings section we can elect to use the default Internet Explorer settings or use an auto configuration script created by the Internet Explorer Administration Kit.
We could also set Proxy, Home page and other Browser settings at this time as well. We will keep the defaults and continue.
[NOTES FROM THE FIELD] - The version of Internet Explorer that is deployed with Windows XP Professional is 6. At the time of this writing, there is one security hotfix that should be installed on systems that use Internet Explorer and that is Q313675.exe.
The next option of the Advanced Settings section is the Installation Folder window.
Here you can elect to install Windows XP Professional to one of three options as listed, only the third being a variable of your choice.
[NOTES FROM THE FIELD] - While I cannot find the specific Q article at this time, here is the Windows 2000 Professional article that outlines my next point. Other than the above method of using the answer file, there is no way on a clean installation of Windows XP Professional to choose the installation folder. The folder for Windows XP Professional will always default to
The next section allows you to automatically setup networked printers on the target systems if you wish.
You can also configure run once commands to run the first time a user logs on.
The last step in the Advanced Settings section is the Additional Commands option. It allows you to add any commands you wish to run at the end of the unattended installation before Setup restarts the system and runs Windows XP Professional for the first time.
The Windows Setup Manager then will create the answer file with the settings you have provided with all of your previous entries to a place on the local system as a text file. (The default location is the folder where the Setup Tools were extracted to.)
The unattend.bat file that was created from our input here is below.
@rem SetupMgrTag
@echo off
rem
rem This is a SAMPLE batch script generated by the Setup Manager Wizard.
rem If this script is moved from the location where it was generated, it may have to be modified.
rem
set AnswerFile=.\unattend.txt
set SetupFiles=J:\i386
J:\i386\winnt32 /s:%SetupFiles% /unattend:%AnswerFile%
[NOTES FROM THE FIELD] - The path of J:\i386\winnt32 /s:%SetupFiles% /unattend:%AnswerFile% is the default path to my CDROM drive on my system.
The unattend.txt file that was created from our input here is below.
;SetupMgrTag
[Data]
AutoPartition=1
MsDosInitiated="0"
UnattendedInstall="Yes"
[Unattended]
UnattendMode=FullUnattended
OemSkipEula=Yes
OemPreinstall=No
TargetPath=XPPRO
[GuiUnattended]
AdminPassword="RedSox:Rule"
EncryptedAdminPassword=NO
OEMSkipRegional=1
TimeZone=35
OemSkipWelcome=1
[UserData]
ProductID=XXXXX-XXXXX-XXXXX-XXXXX-XXXXX
FullName="Jason Zandri"
OrgName="Gunderville"
ComputerName=*
[Identification]
JoinWorkgroup=DRINKOFTEN
[Networking]
InstallDefaultComponents=Yes
[NOTES FROM THE FIELD] - Because we didn't choose the option to encrypt the Administrator password earlier on the Administrator Password page of the Network settings section, anyone that has access to read the unattend.txt can see what the default administrator password for an installation is. This can be a serious issue in large environments where the passwords are not reset on a regular basis.
If encryption were selected the entry in the [GuiUnattended] section would look like this.
[GuiUnattended]
AdminPassword=
f8a2b8ccdf88c616332ed3251640d370c1d991ef0f617f3e7879bc923d175c5a
EncryptedAdminPassword=Yes
RIS Installations of Windows XP Professional
In order to install Windows XP Professional using the Remote Installation Service, you must install the RIS on a Windows 2000 server (either Server, Advanced Server or Datacenter) using the Remote Installation Services Setup Wizard. The server can be a member server or a domain controller, it doesn't make a difference, however, what must be present on the network in order to use RIS are the following services:
| DNS | RIS relies on the DNS service for locating both the directory service and client computer accounts. |
| DHCP | The DHCP service is required so that client computers that can receive an IP address. |
| Active Directory | RIS relies on the Active Directory service in for locating the RIS servers. |
The shared volume where the RIS data is installed cannot be on the same drive that is running Windows 2000 Server. The volume must be large enough to hold the RIS software and the various Windows XP Professional images that are installed and that volume must be formatted with the NTFS 5 file system.
You begin the RIS server setup by logging on to the server with an account that has administrative permissions, and go to the Control Panel and select Add/Remove Programs. From here you will need to choose Add/Remove Windows Components and make sure that you have either the Windows I386 directory available for the installation or the Windows 2000 Server CDROM.
In the Add/Remove Windows Components window, select Remote Installation Services.
From this point, the remainder of the installation is automatic. (If the I386 source files cannot be found the system will prompt you to locate them.)
When the installation is completed, you'll need to restart your server to configure your RIS services.
You need to go back into the Control Panel and choose Add/Remove Windows Components again in order to start the configuration. (You can also type RIsetup from the run line or a command prompt as well.)
Click on Configure to begin. This will launch the Welcome to the Remote Installation Services Setup Wizard, as shown below. (The window below is the first thing you will see if you choose to type RIsetup from the run line or a command prompt.)
Once you continue you will be prompted with the default Remote Installation folder location of D:\RemoteIstall. You can elect to keep the default path or browse to a new location.
The volume you opt to use must be large enough to hold the RIS software and the various Windows XP Professional images that will be installed and the volume must be formatted with the NTFS 5 file system.
By default, Remote Installation Services servers do not respond to requests for service from client computers. There are two settings available to use on the server.
If you select the Respond to clients requesting service option, Remote Installation Services is enabled and will respond to client computers requesting service.
Additionally, if you select the Do not respond to unknown client computers option, Remote Installation Services will respond only to known (prestaged) client computers.
You will also need to provide a name for the Windows installation image folder, as well as a friendly description for each image you install on the RIS server.
The last step the wizard performs is actually a series of events, as outlined in the image above. Once the final step is completed, the setup wizard starts the required services for RIS to run. The server is complete at this point and will service client requests for CD-based installs.
Additional details of RIS configuration and administration from this point forward actually goes beyond the scope of what is required for installing Windows XP Professional CD-based installs via RIS. For additional information on RIS for Windows XP Professional, you can visit the Microsoft Website
Client computers that support remote installation must either meet the Net PC specification (which is, effectively, a system which can perform a network boot) or have a network adapter card with a PXE boot ROM and BIOS support for starting from the PXE boot ROM.
Some client computers that have certain supported PCI network adapter cards can use the remote installation boot disk as well.
This support is somewhat limited and can only be used with certain motherboards, as the BIOS settings for booting the system from the network needs to be configurable.
The RIS service provides the Windows 2000 Remote Boot Disk Generator if your system does support starting from the PXE boot ROM. You can create a Remote Boot Disk by typing <DRIVE LETTER> RemoteInst\Admin\i386\rbfg in the RUN box or at a command prompt. (The drive letter is the drive where you installed the RIS services and will vary from server to server).
The boot disk simulates the PXE boot process on your system when your network card does not have the required PXE boot ROM for a RIS installation. (Again, only a small number of PCI network cards currently support using the Remote Boot Disk. This includes mainly 3COM and a small cross section of other major vendors.)
The user account used to perform a RIS installation must be assigned the user right of Log On as a Batch Job. The users must also be assigned permission to create computer accounts in the domain they are joining if this has not been done ahead of time. There are other factors as well, such as prestaging a client. For the purposes of this overview, we will go through a "plain vanilla" RIS installation from a boot floppy.
When the client system starts from the boot floppy you would press F12 when prompted to boot from the network.
The Client Installation Wizard will start and you will need to supply a valid user name and password for the domain you're joining as well as the DNS name of the domain. Once this is done you can press Enter to continue.
You are then given the option of performing an Automatic Setup, Custom Setup, or to Restart a Previous Setup Attempt, or use the Maintenance and Troubleshooting Tools installed on the RIS server. You would choose one of the options and then press Enter.
The next screen will show a number of RIS images (including the default CD-based image) that you can use. (The number will depend on what has been placed on the server by the administrator and whether or not you have the proper access permission to read them.) Choose an image and then press Enter.
You will be presented with one last opportunity to verify that the settings are correct. Once you're sure that they are, you would press Enter to begin the RIS installation. When it is complete, Windows XP Professional will be deployed to the client system and available for use upon restart.
Troubleshooting the Windows XP Professional Setup
Usually when you are going about your Windows XP Professional installation, you will not run into any issues, particularly if you are sure that the installed system hardware meets the minimum Windows XP Professional hardware requirements by verifying all of the hardware is on the Hardware Compatibility List (HCL) at the Microsoft website.
Windows XP Professional supports only the devices listed in the HCL. If your hardware isn't listed, contact the hardware manufacturer and request a Windows XP Professional driver or replace the hardware to avoid potential issues.
Support means that while the operating system may load and run on unsupported hardware and software, any issues that come up with the system will not be covered (i.e. supported) by Microsoft Technical Support if you should need to engage them.
If this has been done beforehand and issues do arise, there are a couple of "textbook" events that can be looked at first that will cover some of the more common problems you might encounter during installation and these will generally be what is at issue most of the time.
Common installation problems and Troubleshooting Tips
Media errors - When you are installing Windows XP Professional from a CD-ROM and run into problems, the quickest way to try to resolve the issue is to use a different CD-ROM. Even if the CD-ROM you are using has worked a dozen times before, the drive it is in at the time of the error may have trouble reading it or the disk itself may have been newly damaged by a fall or some other issue. You can attempt to clean a finger print laced CD-ROM as a troubleshoot point as well. If you should need to request a replacement CD-ROM, you can contact Microsoft or your point of purchase.
You can also try using a different computer and CD-ROM drive. If you can read the CD-ROM on a different computer, you can perform an over-the-network installation if that option is available to you.
If one of your Setup disks is not working, download a different set of Setup disks. (The ability to directly create setup floppies has been dropped from Windows XP. Setup boot disks are available only by download from Microsoft. The Setup boot disks are available so that you can run Setup on computers that do not support a bootable CD-ROM. There are six Windows XP Setup boot floppy disks. These disks contain the files and drivers that are required to access the CD-ROM drive through generic PCI drivers and begin the Setup process.
You may also find that the Windows XP Professional setup program is unable to copy files from the CD-ROM. In this event, it may be possible to either replace the drive with a supported drive (as this is usually the issue) or you can attempt your installation via a different method such as installing over the network (as mentioned above) or by copying the files to the local drive first, outside of the installation program, as sometimes the copy failure only crops up after the Windows XP Professional setup program is running.
Insufficient disk space errors - The current minimum hardware requirements for Windows XP Professional at the time of this writing is as follows:
- 300MHZ or higher processor clock speed recommended (233 MHz minimum required, can be single or dual processor system) Intel Pentium/Celeron family, or AMD K6/Athlon/Duron family, or compatible processor recommended
- 128MB of RAM or higher recommended (64MB minimum supported; may limit performance and some features)
- 1.5GB of available hard disk space
- Super VGA (800 × 600) or higher-resolution video adapter and monitor
- CD-ROM or DVD drive
- Keyboard and Microsoft Mouse or compatible pointing device
You can use the setup program to create additional partitions that are large enough for the installation if there is enough space on the drive or you can elect to delete existing data on the current partition to make enough room for the installation.
Troubleshooting using Setup Logs
Windows XP Professional generates a number of log files during the setup routine that contain information that was logged during installation that will assist you when you are attempting to resolve problems that may have occurred during the setup.
[NOTES FROM THE FIELD] - For the purpose of the Windows XP Exam you need not remember the exact contents of these files, they are supplied here so that you can get an overview of what would be in them commonly.
Error codes are often cryptic, whether in a log file or the system event viewer but taking the time to understand what error has occurred and why, will help you better understand and troubleshoot the system.
The list below outlines the purpose of each file, and also a portion of the file contents for you to examine.
Action Log (SETUPACT.LOG) - The action log records the actions that the Setup program performs in chronological order and is saved as SETUPACT.LOG. Click here for the sample log.
The setup log that I have available from my system is 165KB in size and too large to post here in its entirety, but I have cut a few sections out so that you can see what some of the entries look like.
(The SETUPACT.LOG can be found in the
As I mentioned before, the log file is much larger and has a lot more to it, but this cross section gives you an idea of what is there.
Error Log (SETUPERR.LOG) - The error log shows any errors that occurred during setup and their severity level. If errors do occur, the log viewer displays the error log at the end of setup.
(The SETUPERR.LOG can be found in the <DRIVE LETTER>\Windows directory in a default Windows XP Professional installation)
The log will be created even if no errors occur. (I do not have anything available to show you from the error log as mine is empty. Sorry.)
Setup also creates a number of additional logs during setup.
<DRIVE LETTER>\Windows\comsetup.log - Outlines installation for Optional Component Manager and COM+ components. A subsection of mine is here.
<DRIVE LETTER>\Windows\setupapi.log - Receives an entry each time a line from an .inf file is implemented. If an error occurs, this log describes the failure. A subsection of mine is here. (The full size was 245KB)
<DRIVE LETTER>\Windows\debug\NetSetup.log - Logs activity when computers join domains or workgroups. (This entire log was only 7KB, so I copied all of it). Click here for the sample log.
<DRIVE LETTER>\Windows\repair\setup.log - Provides information that is used by the Recovery Console. A subsection of mine is below. (The full size was 204KB)
[Paths]
TargetDirectory = "\WINDOWS"
TargetDevice = "\Device\Harddisk0\Partition3"
SystemPartitionDirectory = "\"
SystemPartition = "\Device\Harddisk0\Partition1"
[Signature]
Version = "WinNt5.1"
[Files.SystemPartition]
NTDETECT.COM = "NTDETECT.COM","b28f"
ntldr = "ntldr","3a7b2"
[Files.WinNt]
\WINDOWS\system32\drivers\kbdclass.sys = "kbdclass.sys","e756"
\WINDOWS\system32\drivers\mouclass.sys = "mouclass.sys","8cd9"
\WINDOWS\system32\drivers\usbuhci.sys = "usbuhci.sys","11ded"
\WINDOWS\system32\drivers\usbport.sys = "usbport.sys","22ffd"
\WINDOWS\system32\drivers\usbd.sys = "usbd.sys","40af"
\WINDOWS\system32\drivers\hidparse.sys = "hidparse.sys","acd7"
\WINDOWS\system32\drivers\hidclass.sys = "hidclass.sys","88de"
\WINDOWS\system32\drivers\usbhub.sys = "usbhub.sys","ee45"
\WINDOWS\system32\drivers\intelide.sys = "intelide.sys","dec0"
\WINDOWS\system32\drivers\pci.sys = "pci.sys","1a257"
\WINDOWS\system32\drivers\oprghdlr.sys = "oprghdlr.sys","b001"
(The whole remainder of the file looked as it does above, detailing drivers and path information for the whole system).
Disk Management in Windows XP Professional
In Microsoft Windows XP Professional, you can perform most disk administrative tasks, both local and remote, by using the Microsoft Management Console (MMC) snap-in tool called Disk Management.
A command-line tool, DiskPart, is also available in Windows XP Professional which allows the administrator to handle disk administrative tasks from a command prompt.
You can use both tools to convert disks, as well as format current partitions and unallocated space. You can also check on the status of fixed and removable disks and their associated properties.
Disk Management
Normally, you will need to be a local administrator to perform most system configuration functions (even just taking a look at the current configuration settings) on a Windows XP Professional system, and in some cases, there may be a local policy set by some other administrator or if your system is in a Domain, a Domain policy setting which may prevent you from performing some actions.
To open the Disk Management MMC, you can select Start, right-click My Computer, and then click Manage, which will open the Computer Management MMC. Under the Storage icon, click Disk Management to open the Disk Management MMC.
You can also type compmgmt.msc in the RUN box or from a command line to launch the Computer Management MMC.
[NOTES FROM THE FIELD] - What your Start Menu options look like all depend on how you have the menu set. If you are using the Classic Start Menu, you would not see My Computer as a selection to right click on. Your options would be to click Start, select Administrative Tools and then select Computer Management. Not a whole lot different, but perhaps just enough to confuse you.
The Windows XP Professional exam rarely tests you on Classic anything. You need to know how to get from Windows XP Professional settings to Classic and back, but in 90% of the cases you're going to find instructions laid out in the Windows XP Professional vein. I will do my best to point out alternatives in the [NOTES FROM THE FIELD] section as I have done here.
If you want to directly open the Disk Management MMC you can type diskmgmt.msc from the RUN box or from a command line. This will run the tool independently from the Computer Management MMC.
As you can see from the image above, we have a number of basic physical and logical drives on the system, as well as two CD-ROM drives (not shown in the above image).
If there were removable drives on this system, such as Jaz or ORB drives and the like, they would appear here as well. The removable drives, as well as the CD-ROM drives, will either show "no media" when they are empty (or some error is preventing them from seeing inserted media) or the file system of the installed media.
(When I inserted a CD-ROM in my DVD drive, the Disk Management MMC automatically detected the change, refreshed it's view, and displayed the data. The Compact Disk File System (CDFS) is file system of the inserted disk and is displayed.)
When you select a drive in the upper window (which is currently set to the default Volume List View) by left clicking on it once, not only will it become highlighted (in blue), but it will also become shaded in the lower part of the window (which is currently set to the default Graphical List View).
You can change the appearance of both the top and bottom window views by selecting VIEW from the menu and then selecting whichever (or both) views you wish to change. Top and Bottom, along with Settings and Drive Paths are controlled here.
You can change the colors and wallpaper for volumes and disk regions by selecting VIEW and then SETTINGS. The APPEARANCE tab shows all of the current default colors for the available disk regions. Even disk regions that are not currently installed on the system are set with specific colors by default.
You can change how disk sizes are displayed on the SCALING tab. The default settings are shown below.
That's the five cent tour of the Disk Management MMC.
DiskPart
The command line tool, DiskPart, is available in Windows XP Professional, which allows the administrator to handle disk administrative tasks from a command prompt.
You start your session at the command prompt by typing the following:
H:\Documents and Settings\JZANDRI>diskpart
Microsoft DiskPart version 1.0
Copyright (C) 1999-2001 Microsoft Corporation.
On computer: P42GHZ
DISKPART>
This will put you into the DiskPart program session. If you needed to get a little more information on DiskPart before starting your session and tried the standard
H:\Documents and Settings\JZANDRI>diskpart /?
Microsoft DiskPart version 1.0
Copyright (C) 1999-2001 Microsoft Corporation.
On computer: P42GHZ
Microsoft DiskPart syntax:
diskpart [/s <script>] [/?]
/s <script> - Use a DiskPart script.
/? - Show this help screen.
However, if you started the program and then typed HELP, you'd get much more information:
H:\Documents and Settings\JZANDRI>diskpart
Microsoft DiskPart version 1.0
Copyright (C) 1999-2001 Microsoft Corporation.
On computer: P42GHZ
DISKPART> help
Microsoft DiskPart version 1.0
ADD - Add a mirror to a simple volume.
ACTIVE - Activates the current basic partition.
ASSIGN - Assign a drive letter or mount point to the selected volume.
BREAK - Break a mirror set.
CLEAN - Clear the configuration information, or all information, off the disk.
CONVERT - Converts between different disk formats.
CREATE - Create a volume or partition.
DELETE - Delete an object.
DETAIL - Provide details about an object.
EXIT - Exit DiskPart
EXTEND - Extend a volume.
HELP - Prints a list of commands.
IMPORT - Imports a disk group.
LIST - Prints out a list of objects.
ONLINE - Online a disk that is currently marked as offline.
REM - Does nothing. Used to comment scripts.
REMOVE - Remove a drive letter or mount point assignment.
RESCAN - Rescan the computer looking for disks and volumes.
RETAIN - Place a retainer partition under a simple volume.
SELECT - Move the focus to an object.
DISKPART>
For the most part, this command line tool is highly effective when you are using any of the above commands via scripting. The only other time it is easy / necessary to use it, is from the Recovery Console, as it is one of the commands that are available from it.
[NOTES FROM THE FIELD] - Do not modify the structure of dynamic disks with the DiskPart command line tool because you might damage your partition table within the dynamic disk structure.
To exit the DiskPart program simply type EXIT at the program prompt.
The Diskpart Command Line Utility is available for download from Microsoft for Windows 2000 and it is part of the Windows 2000 Resource Kit Tools as well. (It is included as part of Windows XP Professional.) As with any software available for use from any version of the Resource Kits or the download site, it is not supported under any Microsoft standard support program or service. You use it at your own peril.
Using the Disk Management tool in Windows XP Professional
In Microsoft Windows XP Professional, you can perform most disk administrative tasks, both local and remote, by using the Microsoft Management Console (MMC) snap-in tool called Disk Management, which can be used to convert disks, as well as format current partitions and unallocated space. You can also check on the status of fixed and removable disks and their associated properties.
Using the Disk Management tool
Just as a quick review from last week, you would normally need to be a local administrator to perform most system configuration functions (even just taking a look at the current configuration settings) on a Windows XP Professional system, and in some cases, there may be a local policy set by some other administrator or if your system is in a Domain, a Domain policy setting which may prevent you from performing some actions.
To open the Disk Management MMC, you can select Start, right-click My Computer, and then click Manage, which will open the Computer Management MMC. Under the Storage icon, click Disk Management to open the Disk Management MMC.
You can also type compmgmt.msc in the RUN box or from a command line to launch the Computer Management MMC.
[NOTES FROM THE FIELD] - What your Start Menu options look like all depend on how you have the menu set. If you are using the Classic Start Menu, you would not see My Computer as a selection to right click on. Your options would be to click Start, select Administrative Tools and then select Computer Management. Not a whole lot different, but perhaps just enough to confuse you.
I seem to continually repeat this from article to article, but it is important to stress, the Windows XP Professional exam rarely tests you on Classic anything. You need to know how to get from Windows XP Professional settings to Classic and back, but in 90% of the cases you're going to find instructions laid out in the Windows XP Professional vein. I will do my best to point out alternatives in the [NOTES FROM THE FIELD] section as I have done here.
If you want to directly open the Disk Management MMC you can type diskmgmt.msc from the RUN box or from a command line. This will run the tool independently from the Computer Management MMC.
Disk Management, which was introduced in the Windows 2000 line of NT-based Windows operating systems, replaces the Disk Administrator utility found in Windows NT 4.0.
There are two different types of disk storage in Windows 2000 and Windows XP Professional: basic disks and dynamic disks.
Basic Disks
The number of partitions you can create on a basic disk depends on the disk's partition style.
On master boot record (MBR) disks, you can create up to four primary partitions, or you can create up to three primary partitions and one extended partition. Within the extended partition, you can create an unlimited number of logical drives.
[NOTES FROM THE FIELD] - You used to be limited to the number of logical drives that could be created on a system by the number of remaining drive letters that were available to assign to the formatted partitions. With volume mount points this is no longer the case.
On GUID partition table (GPT) disks, you can create up to 128 primary partitions. Because GPT disks do not limit you to four partitions, you do not need to create extended partitions or logical drives.
[NOTES FROM THE FIELD] - The GUID partition table (GPT) disk-partitioning scheme is a format that is used by the Extensible Firmware Interface (EFI) in Itanium-based computers. GUID partition table offers more advantages than master boot record (MBR) partitioning because it allows up to 128 partitions per disk, provides support for volumes up to 18 exabytes in size, allows primary and backup partition tables for redundancy, and supports unique disk and partition IDs.
A primary partition of a basic disk is a portion of the physical disk that functions as though it were a physically separate disk. On most Intel based systems this partition is the one that is marked as active which allows the computer to start up. You can create up to four primary partitions (sometimes called volumes) on a single disk or three primary partitions and an extended partition with multiple logical drives.
Extended partitions allow you to create more than four individual volumes on a basic disk. Unlike primary partitions, you do not format an extended partition with a file system and then assign a drive letter to it. Instead, you create one or more logical drives within the extended partition. It's the logical drive of the extended partition that you format and assign a drive letter to. You can create an unlimited number of logical drives per disk.
[NOTES FROM THE FIELD] - Volume mount points allow a volume to be mounted on an existing folder rather than at the root of a new drive letter. Establishing a volume mount point for an empty NTFS directory allows an administrator to create new volumes without requiring additional drive letters.
Some of the properties and characteristics of basic disks are outlined below.
- Create and delete primary and extended partitions.
- Create and delete logical drives within an extended partition.
- Format a partition and mark it as active.
- Establish drive letter assignments for volumes or partitions, optical storage devices and removable drives.
- Establish disk sharing and security arrangements for volumes and partitions formatted with NTFS.
- Convert a basic disk to dynamic.
In order to convert a basic disk to dynamic you would start the Disk Management tool and Right-click the basic disk you want to convert, click Convert to Dynamic Disk.
You can upgrade a disk from basic storage to dynamic storage at any time without loss of data in much the same way that you might run the CONVERT command line utility to change a FAT or FAT32 partition to NTFS without losing any data. Along the same lines, all data on a dynamic disk will be lost when you convert it to a basic disk just as you would going from NTFS "back" to FAT or FAT32.
In order to convert a basic disk to a dynamic disk there needs to be 1 MB of free disk space for the upgrade to succeed. This 1 MB of free disk space is needed to hold the configuration data for the dynamic disk structure.
Converting basic disks to dynamic disks produces the following results.
| Basic disk organization | Dynamic disk organization |
| System partition | Simple Volume |
| Boot partition | Simple Volume |
| Primary partition | Simple Volume |
| Extended partition | Simple volume for each logical drive and any remaining unallocated space |
| Logical drive | Simple Volume |
| Volume set | Spanned Volume |
| Stripe set | Striped Volume |
There is a very good article on the Microsoft Web site entitled Description of Disk Groups in Windows Disk Management (Q222189). While it is based off of the Windows 2000 line of operating systems it is still for the most part pertinent and a good read.
Dynamic Disks
The dynamic disk format can be accessed only by Windows 2000 and Windows XP Professional operating systems.
You convert basic disks to dynamic by using the Disk Management snap-in or the DiskPart command line utility. When you convert a basic disk to dynamic, all existing basic volumes become dynamic volumes.
Dynamic disks provide features that basic disks do not, such as the ability to create volumes that span multiple disks (spanned and striped volumes), and the ability to create fault-tolerant volumes (mirrored and RAID-5 volumes).
[NOTES FROM THE FIELD] - Windows 2000 Servers and the up and coming .NET server line provide fault tolerance on dynamic disks in the form of software based (operating system) disk mirroring (RAID-1) or striping with parity (RAID-5).
Windows XP Professional does not provide fault tolerance.
Hardware devices that support fault tolerance, such as RAID controllers, can make a Windows XP Professional fault tolerant, but it is this third party hardware solution that is providing the fault tolerance, not the Windows XP Professional operating system.
Windows XP Professional supports dividing dynamic disks into volumes, which can consist of a portion, or portions, of one or more physical disks.
There are five types of dynamic volumes: simple, spanned, striped, disk mirroring (RAID-1) and striping with parity (RAID-5). Mirrored and RAID-5 volumes are fault tolerant and are available only on computers running the Windows 2000 Server family of operating systems.
When you have converted a basic disk to dynamic storage, you can create Windows XP Professional volumes, of which there are three different types that can be utilized on the local system:
Simple volumes. All of the disk space from a single disk is used and it is not fault tolerant.
Spanned volumes. Includes disk space from multiple disks up to a total of 32. Data is written to a spanned volume on the first disk, completely filling the space, and continues to the next until it is full and then the next, and so on, through each disk that you include in the spanned volume. These volumes are not fault tolerant either. If any one single disk in the whole entire spanned volume fails, all the data in the entire volume is lost.
Striped volumes. Combines areas of free space from multiple hard disks (up to 32) into one logical volume. In a striped volume, Windows XP Professional optimizes performance by adding data to all disks at the same time in succession, a direct contrast to spanned volumes. If any one single disk in the whole entire striped volume fails, all the data in the entire volume is lost.
Some of the properties and characteristics of dynamic storage are outlined below.
- Extend a simple or spanned volume.
- Reactivate a missing or offline disk.
- Check disk properties, such as capacity, available free space, and current status.
- View volume and partition properties such as size, drive letter assignment, label, type, and file system.
- Establish drive letter assignments for volumes or partitions, optical storage devices removable drives.
- Establish disk sharing and security arrangements for volumes and partitions formatted with NTFS.
| Storage Types | Partition Styles | |||
| Operating System | Basic Volumes | Dynamic simple, spanned, and stripped volumes | MBR Disks | GPT Disks |
| Windows XP Home Edition | YES | NO | YES | NO |
| Windows XP Professional | YES | YES | YES | NO |
| Windows 2000 Server | YES | YES | YES | NO |
| Windows 2000 Advanced Server | YES | YES | YES | NO |
| Windows 2000 Datacenter Server | YES | YES | YES | NO |
| Windows XP 64-Bit Edition | YES | YES | YES | YES |
Dynamic Disk Limitations
Just like anything else, with certain advances there are certain limitations and drawbacks.
Volumes converted from partitions on Windows 2000 systems have an entry in the partition table. On Windows XP Professional systems, volumes converted from partitions do not have an entry in the partition table unless the partitions were originally system or boot partitions. You can see if a volume has an entry in the partition table by right-clicking the volume in within the Disk Management tool. If the Extend Volume option is disabled, the volume has an old entry in the partition table.
Windows XP Professional File Systems Overview
To have a good understanding of how and why you can set up or deny access to data on a Windows XP Professional system, you need to have an underlying understanding of any native file security that may or may not be in place.
One place to start would be the file system the operating system is utilizing.
Windows XP Professional supports the three major computer files systems of File Allocation Table (commonly known as FAT or FAT16), FAT32 and NTFS.
FAT16
File Allocation Table (commonly known as FAT or FAT16) is supported by Windows XP Professional, all Windows operating systems, DOS, as well as a host of other non-Microsoft OSes.
FAT is allocated in clusters, the size of which are determined by the size of the partition. The larger the partition, the larger the cluster size. The larger the cluster size, the more space is "required" when using it to store data.
FAT file system cluster sizes
| Partition Size | Cluster Size | FAT Type |
| 0M to less than 16MB | 4,096 bytes | 12-bit |
| 16M through 128MB | 2,048 bytes | 16-bit |
| 128 through 256MB | 4,096 bytes | 16-bit |
| 256 through 512MB | 8,192 bytes | 16-bit |
| 512 through 1,024MB | 16,384 bytes | 16-bit |
| 1,024 through 2,048MB | 32,768 bytes | 16-bit |
As you can see, with a 2GB partition size, (the maximum allowed under FAT16 in most cases) if you were to save 50 different files, all 1024 bytes (1KB) in actual size (or to have 50 fractions of larger files "fall over" to the next cluster by that same amount), the amount of hard drive space used up would be 1,638,400 bytes (a little over 1 MB), for 51,200 bytes of actual data.
You can obviously see that this is a serious problem when there are thousands of small *.DLLs and other types of small files.
Also, with the advent of super-inexpensive hard drives that are 80GB in size, you can see where using FAT would be an issue as well.
In summary, there are "advantages" for using the FAT file system on a Windows XP Professional installation:
MS-DOS, Windows 95, Windows 98, Windows NT, Windows 2000, and some UNIX operating systems can use FAT16. If there is some reason to dual boot the system, FAT16 allows you the greatest number of options.
There are many software tools that can address problems and recover data on FAT16 volumes.
If you have a startup failure, you can start the computer by using a bootable floppy disk to troubleshoot the problem.
FAT16 is efficient, in speed and storage, on volumes smaller than 256 MB.
(Those 50 files I mentioned above, all 1024 bytes (1KB) in actual size, would use up "only" 409,600 bytes on a 400MB partition formatted with FAT16 and "only" 204,800 bytes on a 250MB partition.)
There are also some FAT16 disadvantages as well:
The root folder (usually the C:\ drive) has a limit of 512 entries. The use of long file names can significantly reduce the number of available entries.
FAT16 is limited to 65,536 clusters, but because certain clusters are reserved, it has a practical limit of 65,524. The largest FAT16 volume on Windows 2000 and Windows XP Professional is limited to 4 GB and uses a cluster size of 64 KB. To maintain compatibility with MS-DOS, Windows 95, and Windows 98, a volume cannot be larger than 2 GB. (Those 50 files I mentioned above, all 1024 bytes (1KB) in actual size, would use up 3,276,200 bytes of hard drive space to store 51,200 bytes of actual data on a 4 GB FAT16 partition used in this scenario.)
FAT16 is inefficient on larger volume sizes, as the size of the cluster increases. We have seen this in the examples above.
The boot sector is not backed up on FAT16 partitions. Because FAT16 does not include a backup copy of critical data structures they are susceptible to single point of failure issues, more so than other file systems.
There is no native file level security, compression or encryption available in the FAT16 file system.
Below is a table of Microsoft Operating systems and which file systems they can natively access.
| Operating System | Supports NTFS | Supports NTFS FAT32 | Supports NTFS FAT | Max Partition |
| Windows XP Professional | Yes | Yes | Yes | 4GB |
| Windows XP Home | Yes | Yes | Yes | 4GB |
| Windows 2000 Professional | Yes | Yes | Yes | 4GB |
| Windows Millennium Edition | No | Yes | Yes | 2GB |
| Windows 98 and Second Edition | No | Yes | Yes | 2GB |
| Windows 95 OSR2 and OSR2.5 | No | Yes | Yes | 2GB |
| Windows NT4 Workstation | Yes | No | Yes | 4GB |
| Windows 95 Gold (Original Release) | No | No | Yes | 2GB |
| Windows NT3.5x Workstation | Yes | No | Yes | 4GB |
| MS-DOS (versions 3.3 and higher) | No | No | Yes | *See below |
[NOTES FROM THE FIELD] - There is no test requirement to memorize these tables, but it's good to understand the "how and why" of it. Also, it is never a "best practice" to dual boot any workstation or server that has sensitive data on it with any file system installed that cannot secure those files or any operating system that threatens that security.
The maximum FAT partition that can be created and accessed by the operating systems listed above is 2GB in most cases. 4GB FAT partitions can be created and properly accessed only under those operating systems specifically listed above. A dual boot NT family of operating system can create a 4GB FAT partition and a lower level OS such as Windows 98 may be able to see data on it, however, issues will arise when data access is attempted above the 2GB threshold that the OS normally uses.
For more information on the Maximum Partition Size Using the FAT16 File System in Windows XP, you can look up Q310561 at the Microsoft PSS webpage.
The "OSR" in "Windows 95 OSR2 and OSR2.5" stands for OEM Service Release.
The "OEM" in "OEM Service Release" stands for Original Equipment Manufacturer.
For more information on Accessing FAT16 Drives Larger Than 2 GB, or Maximum Partition Size Using FAT16 File System, feel free to follow the links I have provided to the Microsoft web site.
* There are some exceptions, but for the most part, DOS 3.3 and higher can access up to 2GB of single partition space, as outlined in Q67321 at the Microsoft PSS webpage. The MS-DOS Partitioning Summary (Q69912) names some exceptions and points out the fact that some earlier versions didn't support many of today's FAT16 standards.
The maximum single file size on a FAT16 partition is 2 GB, regardless of the fact that some OSes can have a 4GB partition.
FAT32
FAT32 is supported by Windows XP Professional, as well as a number of the newer Microsoft Operating systems. FAT32 was first introduced with Microsoft Windows 95 OSR2 and the major differences between FAT and FAT32 are volume and cluster sizes for the most part and the fact that only Microsoft Operating systems can natively access FAT32 and these are a reduced number from FAT16.
The FAT32 file system can support drives up to 2 terabytes in size (in theory) and because it uses space more efficiently, FAT32 uses smaller clusters (that is, 4,096 byte clusters for drives up to 8 GB in size), resulting in more efficient use of disk space relative to large FAT16 drives.
FAT32 file system cluster sizes
| Partition Size | Cluster Size |
| 0M to less than 260MB | 512 bytes |
| 260MB through 8GB | 4,096 bytes |
| 8GB through 16GB | 8,192 bytes |
| 16GB through 32GB | 16,384 bytes |
| 32GB through 2TB | 32,768 bytes |
The 50 files I mentioned in the FAT16 section, all 1024 bytes (1KB) in actual size, would use up only 409,600 bytes on a 16GB partition formatted with FAT16 and only 204,800 bytes on a 8GB partition. As you can see however, we are now running into the issue with FAT32 drives with 80GB and 100GB partitions that we did a few years ago under FAT16, wasted space. Those same 50 files would use 819,200 bytes on either of the two large drives I mentioned. There's a Windows 2000 Professional and XP Professional catch, however.
While the FAT32 file system can support drives up to a standard theoretical size of 2 terabytes, (it "can" be jury-rigged under Windows Millennium Edition to support partitions of up to 8 TB). Windows 2000 Professional and XP Professional cannot FORMAT a volume larger than 32 GB in size using their native FAT32 file system.
The FastFAT driver can mount and support volumes larger than 32 GB that use the FAT32 file system, such as those created locally by Windows 98 or ME in dual boot configuration, (subject to other limits listed here for Windows 98, ME and 2000 and here for Windows XP), but you cannot CREATE one using the Format tool from within either Windows 2000 Professional or XP Professional. If you attempt to format a FAT32 partition larger than 32 GB, the format fails near the end of the process with the following error message: Logical Disk Manager: Volume size too big.
In summary, the advantages of the FAT32 file system are:
FAT32 allocates disk space much more efficiently than FAT16.
The root folder on a FAT32 drive is not restricted in the number of entries in the root folder as was FAT16.
FAT32 is a more robust file system than FAT16 was. FAT32 has the ability to relocate the root directory and use the backup copy of the FAT instead of the default copy. In addition, the boot record on FAT32 drives has been expanded to include a backup of critical data structures. This means that FAT32 volumes are less susceptible to a single point of failure than FAT16 volumes.
Just as there were disadvantages to the FAT16 file system, so there are in FAT32 as well:
FAT32 volumes are not accessible from any other operating systems other than certain Microsoft ones.
FAT32 partition sizes are limited to 32GB in size using the native FAT32 file system format tools under Windows 2000 and Windows XP. (The maximum size is 127.5 GB practical and 2TB standard theoretical.)
There is no native file level security, compression or encryption available in the FAT32 file system.
Below is a table of Microsoft Operating systems which support native access to the FAT32 file system.
| Operating System | Supports FAT32 |
| Windows XP Professional | Yes |
| Windows XP Home | Yes |
| Windows Millennium Edition | Yes |
| Windows 98 and Second Edition | Yes |
| Windows 95 OSR2 and OSR2.5 | Yes |
| Windows NT4 Workstation | No |
| Windows 95 Gold (Original Release) | No |
| Windows NT3.5x Workstation | No |
| MS-DOS (versions 3.3 and higher) | No |
[NOTES FROM THE FIELD] - There is no test requirement to memorize the FAT32 tables either, but again, it's good to understand the "how and why" of it. Also, it is never a "best practice" to dual boot any workstation or server that has sensitive data on it with any file system installed that cannot secure those files or any operating system that threatens that security. This would include the FAT32 file system.
For answers to some common questions about the FAT32 File System, you can look up Q253774 at the Microsoft PSS webpage.
For more information on the Limitations of FAT32 File System on Windows 98, ME and 2000, you can look up Q184006 at the Microsoft PSS webpage. You can find the information for the limitations of the FAT32 File System in Windows XP information available at Q314463. You will also find the maximum partition sizes, both practical and theoretical listed there as well.
The maximum single file size on a FAT32 partition is 4 GB, regardless of the size of the partition.
NTFS
NTFS is the preferred file system for all computers running Windows XP Professional. The version of NTFS that is in use on Windows XP Professional is called NTFS 5. (Windows 2000 uses version 5 as well.)
If you are running Windows NT 4.0 Service Pack 4 or later, you can read basic volumes formatted by using NTFS 5 locally on dual boot systems. Windows 2000 and Windows XP Professional can read NTFS 5 on both basic and dynamic volumes. (Computers systems accessing either version of NTFS across networks are not affected. Version differences are usually only considered in local / dual boot situations.)
The following NTFS features are available under version 5;
- File and Folder Permissions
- Encryption
- Disk Quotas
- File Compression
- Mounted Drives
- Hard Links
- Distributed Link Tracking
- Sparse Files
- Multiple Data Streams
- POSIX Compliance
- NTFS Change Journal
- Indexing Service
If you are running Windows XP Professional in a dual boot scenario with a system running Windows NT 4.0 Service Pack 4 or later, most of the NTFS 5 features are not available. Most read and write operations are permitted provided as they do not attempt to make use of most NTFS 5 features.
Issues that may occur under this type of configuration may include some of the following:
- Windows NT4 cannot perform any operations that make use of reparse points.
- When you run Windows NT4 on a multiple-boot configuration that also runs Windows XP Professional, Windows NT4 ignores disk quotas implemented by Windows XP Professional.
- Windows NT4 cannot perform any operations on files encrypted by Windows XP Professional.
- Windows NT4 cannot perform any operations on sparse files.
- Windows NT4 ignores the change journal setup under Windows XP Professional.
Windows XP Professional manages dynamic volumes in a special database instead of in the partition table, so dynamic volumes are not subject to the 2-terabyte physical limit imposed by the partition table. This is why dynamic NTFS volumes can be as large as the maximum volume size supported by NTFS.
Default NTFS file system cluster sizes
| Partition Size | NTFS |
| 7 MB-16 MB | 512 bytes |
| 17 MB-32 MB | 512 bytes |
| 33 MB-64 MB | 512 bytes |
| 65 MB-128 MB | 512 bytes |
| 129 MB-256 MB | 512 bytes |
| 257 MB-512 MB | 512 bytes |
| 513 MB-1,024 MB | 1,024 bytes |
| 1,025 MB-2 GB | 2,048 bytes |
| 2 GB-4 GB | 4,096 bytes |
| 4 GB-8 GB | 4,096 bytes |
| 8 GB-16 GB | 4,096 bytes |
| 16 GB-32 GB | 4,096 bytes |
| 32 GB-2 terabytes | 4,096 bytes |
In summary, the advantages of NTFS 5 are as follows:
- NTFS uses standard transaction logging and recovery techniques. By using the log file and checkpoint information to automatically restore the consistency of the file system in the event of a failure, NTFS, for the most part, maintains the consistency of the data on the volume and the volume itself.
- NTFS supports compression on volumes, folders, and files. Files that are compressed on an NTFS volume can be read and written by any Windows based application without first being decompressed by another program. Decompression happens automatically, (think of a ZIP utility on-the-fly) during the file read. The file is compressed again when it is closed or saved.
- NTFS does not restrict the number of entries to 512 in the root folder.
- Windows 2000 and Windows XP can format partitions up to 2 terabytes using NTFS.
- NTFS manages disk space efficiently by using smaller clusters (see the cluster table).
- The boot sector is backed up to a sector at the end of the volume.
- You can set permissions on shares, folders, and files that specify which groups and users have access, and what level of access is permitted on NTFS partitions.
- NTFS supports a native encryption system, (EFS), to prevent unauthorized access to file contents.
- Reparse points enable new features such as volume mount points.
- Disk quotas can be set to limit the amount of usage allowed by end users.
- NTFS uses a change journal to track changes made to files.
- NTFS supports distributed link tracking to maintain the integrity of shortcuts and OLE links.
- NTFS supports sparse files so that very large files can be written to disk while requiring only a small amount of storage space.
- NTFS volumes are not locally accessible from MS-DOS, Windows 95, Windows 98 and Windows Millennium Edition operating systems.
- Many advanced features of NTFS included with version 5 are not available in Windows NT.
- On small partitions with mostly small files, the overhead of managing the NTFS file system can cause a slight performance drop in comparison to FAT.
- Floppy disks cannot be formatted as NTFS
For more detailed answers to questions about the NTFS File System, you can look up the information in the Microsoft Windows XP Professional Resource Kit Documentation, which can also be found online.
NTFS stands for New Technology File System.
The maximum single file size on a NTFS partition is 16 EB (exabytes), in theory.
Well, that's a wrap for this week. On my way out the door I'd like to drop one more table into your lap and a few more bullet points.
Default Cluster Sizes for partitions under Windows XP Professional
| Partition Size | FAT16 cluster size | FAT32 cluster size | NTFS cluster size |
| 7 MB-16 MB | 2 KB (FAT12) | Not supported | 512 bytes |
| 17 MB-32 MB | 512 bytes | Not supported | 512 bytes |
| 33 MB-64 MB | 1 KB | 512 bytes | 512 bytes |
| 65 MB-128 MB | 2 KB | 1 KB | 512 bytes |
| 129 MB-256 MB | 4 KB | 2 KB | 512 bytes |
| 257 MB-512 MB | 8 KB | 4 KB | 512 bytes |
| 513 MB-1,024 MB | 16 KB | 4 KB | 1 KB |
| 1,025 MB-2 GB | 32 KB | 4 KB | 2 KB |
| 2 GB-4 GB | 64 KB | 4 KB | 4 KB |
| 4 GB-8 GB | Not Supported | 4 KB | 4 KB |
| 8 GB-16 GB | Not Supported | 8 KB | 4 KB |
| 16 GB-32 GB | Not Supported | 16 KB | 4 KB |
| 32 GB-2 TB | Not Supported | Not Supported | 4 KB |
Quick points and summary tidbits:
- FAT volumes smaller than 16 megabytes (MB) are formatted as FAT12.
- FAT12 is used only on floppy disks and on volumes smaller than 16 megabytes.
- FAT16 volumes larger than 2 gigabytes (GB) are not locally accessible from computers running MS-DOS, Windows 95, Windows 98, Windows Millennium Edition and many other operating systems.
- FAT32 volumes can theoretically be as large as 2 terabytes, Windows 2000 and Windows XP Professional limit the maximum size FAT32 volume that it can format to 32 GB. (Windows 2000 and Windows XP Professional can read and write to larger FAT32 volumes formatted locally by other operating systems.)
- The implementation of FAT32 in Windows 2000 limits the maximum number of clusters on a FAT32 volume that can be mounted by Windows 2000 to 4,177,918. This is the maximum number of clusters on a FAT32 volume that can be formatted by Windows 98.
- NTFS volumes can theoretically be as large as 16 exabytes (EB), but the practical limit is 2 terabytes.
- The user can specify the cluster size when an NTFS volume is formatted. However, NTFS compression is not supported for cluster sizes larger than 4 kilobytes (KB).
- Not supported means "Not supported by Microsoft." In some "chance" cases, you may be able to perform a function that is not normally supported.
Using the Files and Settings Transfer Wizard
The Windows XP Professional Files and Settings Transfer Wizard can be used to simplify the task of moving data files and personal settings from your old computer to your new one.
By utilizing this helpful tool properly, you won't have to reconfigure all of your personal settings on your new system because you will be able to move your old settings, such as display, Outlook Express, dial-up connections, Internet Explorer, as well as your folder and taskbar options to your new system. You can also use the Wizard to move specific files and / or specific folders to your new system as well. This can include the My Documents, My Pictures, and Favorites folders.
You should connect your new system and your old system together in some way, in order to perform the transfer with the least amount of difficulty.
You can use a null modem cable if you have one that is long enough to connect the two systems and you will need an available serial port on both systems as well.
The preferred option would be to have NICs installed in both systems and have them connected via a crossover cable or through a hub.
After the physical connection between the two systems is established and working properly, you can run the Wizard.
To open the Files and Settings Transfer Wizard you can click Start, select All Programs, select Accessories, select System Tools, and then click Files and Settings Transfer Wizard.
You can also type migwiz.exe from the Run line of the start menu
[NOTES FROM THE FIELD] - What your Start Menu options look like all depend on how you have the menu set. If you are using the Classic Start Menu, you would not find the All Programs selection. Your options would be to click Start, select Programs, select Accessories, select System Tools, and then click Files and Settings Transfer Wizard. Not a whole lot different, but perhaps just enough to confuse you.
The Windows XP Professional exam rarely tests you on Classic anything. You need to know how to get from Windows XP Professional settings to Classic and back, but in 90% of the cases you're going to find instructions laid out in the Windows XP Professional vein. I will do my best to point out alternatives in the [NOTES FROM THE FIELD] section as I have done here.
The first window that appears is the Welcome to the Files and Settings Transfer Wizard startup window.
From here you would select NEXT to continue. The next screen that appears is the WHICH COMPUTER IS THIS screen, where you would select either NEW COMPUTER, where you would want to transfer your files and settings to, or OLD COMPUTER, which is what you would select if the system you were working on was where the current files and settings are that you want transferred.
Let's select NEW COMPUTER and click NEXT.
[NOTES FROM THE FIELD] - The OLD COMPUTER can be running Microsoft Windows 95, Microsoft Windows 98, Microsoft Windows 98SE, Microsoft Windows Me, Microsoft Windows NT 4, Windows 2000, or Windows XP (32-bit). We will go through the OLD COMPUTER settings a little later.
You will also find that if you are running a personal firewall product (I use Zone Alarm Pro) you may find, depending on how you have it set up, that it will alert you that the Files and Settings Transfer Wizard wants to act as server process on your system and it wants access to the internet. This is a little misleading, as it is not actually looking for an internet connection so much as it is looking for the local LAN. (Notice the broadcast address.) You need to allow the Files and Settings Transfer Wizard to act as a server process and access the network or it will not be able to reach the remote system.
You will need to run the Files and Settings Transfer Wizard on the OLD COMPUTER shortly (unless you have already done so) and the next screen will ask you whether or nor you will use a Wizard Disk (which can be created by using the default selected "I want to create a Wizard Disk in the following drive" selection,) or you can bypass the step if you already have a disk or intend on using the Files and Settings Transfer Wizard from the Windows XP Professional CD-ROM.
We will elect to use the default selection, as shown above. When we click on NEXT to continue, the Wizard asks us to make sure there's a formatted disk in the floppy drive. Select OK to continue.
The Files and Settings Transfer Wizard will create the disk and when the disk is finished it will display a window that tells you to go to the OLD COMPUTER and insert the Wizard Disk (A:\ disk) and run the Wizard.
We would now go to the OLD COMPUTER with the floppy disk and run FASTWiz.exe, which would expand the migwiz.cab file and run the Wizard on the OLD COMPUTER.
Once it starts, you will again see the WHICH COMPUTER IS THIS screen, however, this time we will select OLD COMPUTER.
After selecting NEXT, you will be asked to select a transfer method. (Basically, this is a point where the settings will go so that the NEW COMPUTER can get them. It can be via an across the wire transfer, sent to a share point or to a floppy disk or other removable media. We will use the D:\ drive.)
The Files and Settings Transfer Wizard will then ask you whether you want to migrate settings only, files only or both. You can also elect to choose a custom list of files and settings as well. This could be used if you only needed some of the files and / or some of the settings.
[NOTES FROM THE FIELD] - The following settings can be transferred: Accessibility, Command Prompt Settings, Display Properties, Internet Explorer Settings, Microsoft Messenger, Microsoft NetMeeting, Mouse And Keyboard, MSN Explorer, Network Printer And Drives, Outlook Express, Regional Settings, Sounds And Multimedia, Taskbar Options, Windows Media Player, and Windows Movie Maker.
The following folders can be transferred: Desktop, Fonts, My Documents, My Pictures, Shared Desktop, and Shared Documents.
The following files types can be transferred: *.asf (Windows Media Audio/Video file), *.asx (Windows Media Audio/Video shortcut), *.AU (AU format sound), *.avi (video clip), *.cov (fax cover page file), *.cpe (fax cover page file), *.doc (WordPad document), *.eml (Internet e-mail message), *.m3u (M3U file), *.mid (MIDI sequence), *.midi (MIDI sequence), *.mp2 (Movie File MPEG), *.mp3 (MP3 Format Sound), *.mpa (Movie File MPEG), *.mpeg (Movie File MPEG), *.MSWMM (Windows Movie Maker Project), *.nws (Internet News Message), *.rft (Rich Text Format), *.snd (AU Sound Format), *.wav (Wave Sound), *.wm (Windows Media Audio/Video file), *.wma (Windows Media Audio file), *.wri (Write document).
When you select NEXT, the Files and Settings Transfer Wizard will begin the collection.
I ran the default selection of both files and settings on my 2 GHZ Pentium 4 system, which has three SCSI-3 18.2 GB 10,000 RPM hard drives, set up as individual basic drives and one ATA-100 80GB IDE hard drive, also set up as an individual basic drive, all using the NTFS file system.
Of all of that space, almost 135GB total, I have data on about 62 GB. The process took about an hour an fifteen minutes to complete and while I could use my system while all of this was going on, it was a little sluggish as migwiz.exe wanted as much system resources as it could get it's hands on, often pegging the processor. (Memory seemed to stay pretty constant at around 128MB of my physical 512MB of PC800 memory being used.)
The final result was 9 GB of data to be transferred to the new system.
As you can also see, there is a 2 GB limitation to the DAT files. Once you exceed this amount the Wizard will automatically start another file an enumerate it.
Once the process is completed the Completing the Collection Phase window will display with the above message. This page would indicate any files and settings that you had selected that the Wizard could not collect. You would have to manually transfer these files and settings or they will not be transferred to your NEW COMPUTER. (There were none in our example.) Click FINISH to close the Wizard on the OLD COMPUTER.
Now that we have finished the process on the OLD COMPUTER, we can head back over to the NEW COMPUTER and continue from the last screen we were presented with there. (SHOWN BELOW)
We would select NEXT to arrive at the WHERE ARE THE FILES AND SETTINGS page. Since we elected to use the D:\ drive, this is where we would point the Wizard to and select NEXT to continue.
The Wizard will begin the transfer by organizing the files and settings for transfer and then complete the process.
Once this last step finishes the transfer of files and settings will be complete.
Managing Users Accounts in Windows XP Professional
In Microsoft Windows XP Professional, you will find one of three different accounts in use on any given system.
- Local user accounts allow you to log on to the local system and access resources there. If you needed to access any type of resource beyond the local system, you would need to provide additional credentials in most cases. Local accounts authenticate to the local security database.
- Domain user accounts allow you to log on to the domain the user account belongs to in order to access network resources. You may be able to access resources in other domains depending on how the trust relationships are defined or if any modifications have been made to them. Domain accounts authenticate to a domain controller and to the domain security database.
- Built-in user accounts allow you to perform administrative tasks on the local system and sometimes they can access local or network resources, depending on their configuration on the network. This too, is dependant on how trust relationships are defined or if any modifications have been made to them. The only two accounts created by default on a stand alone Windows XP Professional clean installation are Administrator and Guest.
[NOTES FROM THE FIELD] - The built-in Administrator account is enabled by default and cannot be deleted from the system. The name of the account as well as the password can be changed, however, and this is a recommended best practice. It is also recommended that the default Administrator account never be used or used as infrequently as possible and only when tasks need to be performed at an Administrative level. If there is ever more than one Administrator on a workstation, each one should have an account created for their use. In the event that you need to log administrative events, this would be easier if there were a number of different administrator accounts created rather than a single one.
The Guest account also cannot be deleted from the system, however it is DISABLED by default and unless there is some required operational need it should stay disabled. The only "need" for the Guest account would be a kiosk type terminal in a lobby of an office building or hotel and in that event it could be used. If there is ever a short time need to grant access to a temporary user to a system it's is always worth the "aggravation" to create an account.
Using the Local Users and Groups Snap-in You would normally need to be a local administrator to perform most system configuration functions (even just taking a look at the current configuration settings) on a Windows XP Professional system, and in some cases, there may be a local policy set by some other administrator or if your system is in a Domain, a Domain policy setting, which may prevent you from performing some actions. To manage local users and groups you can use the Local Users and Groups MMC and you can access this tool a number of different ways. One way is to select Start, right-click My Computer, and then click Manage, which will open the Computer Management MMC. Under the System tools icon, click Local Users and Groups to open the Local Users and Groups MMC.
You can
also type compmgmt.msc in the RUN box or from a command line
to launch the Computer Management MMC.
[NOTES FROM THE FIELD] -
What your Start Menu options
look like all depend on how you have the menu set. If you
are using the Classic Start Menu, you would not see My Computer
as a selection to right click on. Your options would be to click Start,
select Administrative Tools and then select Computer
Management. Not a
whole lot different, but perhaps just enough to confuse you.
I seem
to continually repeat this from article to article, but it
is important to stress, the
Windows XP Professional exam rarely tests you on Classic
anything. You need to know how to get from Windows XP
Professional settings to Classic and back, but in 90% of the
cases you're going to find instructions laid out in the
Windows XP Professional vein. I will do my best to point out
alternatives in the
[NOTES FROM THE FIELD]
section as I have done here.
If you want to directly open the
Local Users and Groups MMC you can type
lusrmgr.msc from the RUN box or from a command line. This
will run the tool independently from the Computer Management MMC.
You can
also launch the Control Panel and select the User Accounts
icon as well.
[NOTES FROM THE FIELD] -
User Accounts and the Local
Users and Groups MMC both function differently while
performing the same task. I will cover the User Accounts
functionality separately.
Adding USERS with the Local Users and
Groups MMC
Adding a
user is as simple as selecting Users from the left pane, right clicking
it and choosing New User. You can also highlight
Users by left clicking it and going up to ACTION on the menu
bar and selecting New User.
Depending
on your current settings, all you may need to supply in order to create
a user account is a user account name. The full user name,
description, and passwords are not required by default.
To set a
password where one isn't used or to change one that is
currently set, you would right click on the given account and
choose SET PASSWORD.
You can
also right click on the given account and choose ALL TASKS
which leads you to the single SET PASSWORD option as well.
You can
also select the user with a single left click and go to
ACTION in the menu to bring up the same ALL TASKS / SET
PASSWORD options as well.
[NOTES FROM THE FIELD] -
Passwords are not required by
default but are always a recommended best practice.
There
may be a local policy set by some other administrator or if
your system is in a Domain, a Domain policy setting, which
may force you to use settings that are NOT normally required
by default.
For
example, if you try to create an account that has a password
policy in place and you do not meet the minimum requirements
for password creation, you will be presented with an error
message that looks like this;
Adding GROUPS
with the Local Users and Groups MMC
Adding
groups is performed in much the same manner. You can select
Groups from the left pane, right click it and choose New
Group. You can also highlight
Groups by left clicking it and going up to ACTION on the menu
and selecting New Group.
All that is
required for creating a Group is the name. Descriptions do
not need to be entered for the group nor do you need to add
any members.
Using USER ACCOUNTS in the
Control Panel.
How USER
ACCOUNTS in the Control Panel functions all depends on whether your Windows XP
Professional system is in a domain or not.
Also, how
it looks depends on whether you are using the default
Windows XP view or the Classic interface.
This is the
default Windows XP view.
Below is
the Classic view.
When you are in a domain and you open the USER ACCOUNTS icon in the Control Panel you are presented with the User Accounts view as shown below on the USER tab.
NOTES FROM THE FIELD] -
The "domain" BUCKAROO in this
example is the local system and not a domain. NORTHAMERICA
is a domain. The icons for a local account have a
computer/user icon. In the above image in the Password for
backup section you can see this. A DOMAIN icon in the Users
for this computer section would have a planet/user icon
combination as shown below.
In order to
see the properties of an account, you would select it
and click on the properties button to see the following
window.
On the
Group Membership tab of the USER property sheet you would see three selections to choose
from regarding group memberships.
The OTHER
drop down window lists all of the LOCAL groups that the user
could belong to.
The OTHER drop down window lists
only the local groups, regardless of whether you have chosen
a user account in the local accounts database or a domain
account that is in the domain.
You can change the password for
a given account from the USER tab by selecting the account
and clicking the RESET PASSWORD button, which will bring up
the RESET PASSWORD window as shown below.
From the ADVANCED tab you can
manage passwords that are in the local database.
By selecting the MANAGE
PASSWORDS button you will open the Stored User Names and
Passwords where you can add, remove or view the properties
of an account.
When you select the .NET
PASSPORT WIZARD, the wizard will start and allow you to add
a .NET passport to one or more Windows XP Professional user
accounts.
Selecting ADVANCED from the
Advanced User Management section simply launches the Local
Users and Groups MMC as if you typed lusrmgr.msc from the RUN box or from a command line.
The secure logon section is
where you would require local users to press CTRL+ALT+DEL to
begin a session.
When you are not in a domain and you open the USER ACCOUNTS icon
in the Control Panel you are presented with the User
Accounts view as shown below.
To change
any of the listed accounts you would select CHANGE AN
ACCOUNT and select the account you wish to change. It's here
that you can change the password, change the icon (picture)
that is associated with the account or to set up the account
to use a .NET passport.
The CREATE
A NEW ACCOUNT option allows you to do just that.
The CHANGE
THE WAY USERS LOG ON OR OFF option allows you to select
either FAST USER SWITCHING, (which is not allowed when the
workstation is a member of a domain) or using the standard
USE THE WELCOME SCREEN option.
NOTES FROM THE FIELD] -
Fast User Switching cannot be used if the Offline Files
option is enabled. Also, once your system is added to a
domain you can no longer use Fast User Switching, even if
you log on to the workstation by using the local user
account database.
Managing Groups in Windows XP ProfessionalIn Microsoft Windows XP Professional, you will find a number of default local groups on your system, which can perform the following default functions as outlined;
| Administrators | Members of the Administrators group have complete and unrestricted access to the computer and can perform all administrative tasks. The built-in Administrator account is a member of this group by default and should the Windows XP Professional system be joined to a domain, (or domains) the Domain Admins group of the domain(s) joined will be added to the local Administrators group as well. |
| Backup Operators | Members of the Backup Operators group can use Windows Backup (NTBACKUP) to back up and restore data to the local computer. Being in this group allows them to override security restrictions for the sole purpose of backing up or restoring files. |
| Guests | Members of the built in
Guests group are limited to only having access to
specific resources for which they have been assigned
explicit permissions for and can only perform specific
tasks for which they have been assigned explicit rights. This is nearly the same access level as members of the Users group except for some additional restrictions. By default, the built-in Guest account is a member of the Guests group. When the Windows XP Professional system is joined to a domain, (or domains) the Domain Guests group of the domain(s) joined will be added to the local Guests group as well. |
| Power Users | Members of the Power Users group can create and modify local user accounts on the computer and share resources. Effectively, they are one group lower in authority on a local system from the Administrators group in that they possess most administrative powers with certain restrictions. |
| Users | Members of the Users
Group are prevented from making accidental or
intentional system-wide changes and they are only
slightly higher in the permission scheme than the Guests
Group.
Members of the Users group are limited to only having access to specific resources for which they have been assigned explicit permissions for and can only perform specific tasks for which they have been assigned explicit rights. When a new user is created on a Windows XP Professional system it is added to the Users group by default. When the Windows XP Professional system is joined to a domain, (or domains) the Domain Users group of the domain(s) joined will be added to the local Users group as well. |
[NOTES FROM THE FIELD] - The built-in Administrator account is enabled by default and cannot be deleted from the system. The name of the account as well as the password can be changed, however, and this is a recommended best practice. It is also recommended that the default Administrator account never be used or used as infrequently as possible and only when tasks need to be performed at an Administrative level. If there is ever more than one Administrator on a workstation, each one should have an account created for their use. In the event that you need to log administrative events, this would be easier if there were a number of different administrator accounts created rather than a single one.
The Guest account also cannot be deleted from the system, however it is DISABLED by default and unless there is some required operational need it should stay disabled. The only "need" for the Guest account would be a kiosk type terminal in a lobby of an office building or hotel and in that event it could be used. If there is ever a short time need to grant access to a temporary user to a system it's is always worth the "aggravation" to create an account.
Also, it is not recommended to change any of the default permissions and other settings to the built in groups. If you need to elevate or lower permissions for all users in a built in group it is almost always better to create a new group, place all of the intended users into that group and make adjustments there accordingly.
Using the Local Users and Groups Snap-in Groups are used in Windows XP Professional (and other Microsoft operating systems) as collection point for user accounts to aid in simplifying system administration by allowing you to assign permissions and rights to the group of users rather than to each user account individually. Local groups are used on individual systems to assign permissions to resources on that specific computer. Local groups are created and administered in the local security database on Windows XP Professional systems. You would normally need to be a local administrator to perform most system configuration functions (even just taking a look at the current configuration settings in some instances) on a Windows XP Professional system, and in some cases, there may be a local policy set by some other administrator or if your system is in a Domain, a Domain policy setting, which may prevent you from performing some actions. To manage local users and groups you can use the Local Users and Groups MMC and you can access this tool a number of different ways. One way is to select Start, right-click My Computer, and then click Manage, which will open the Computer Management MMC. Under the System tools icon, click Local Users and Groups to open the Local Users and Groups MMC.
You can
also type compmgmt.msc in the RUN box or from a command line
to launch the Computer Management MMC.
[NOTES FROM THE FIELD] -
What your Start Menu options
look like all depend on how you have the menu set. If you
are using the Classic Start Menu, you would not see My Computer
as a selection to right click on. Your options would be to click Start,
select Administrative Tools and then select Computer
Management. Not a
whole lot different, but perhaps just enough to confuse you.
I seem
to continually repeat this from article to article, but it
is important to stress, the
Windows XP Professional exam rarely tests you on Classic
anything. You need to know how to get from Windows XP
Professional settings to Classic and back, but in 90% of the
cases you're going to find instructions laid out in the
Windows XP Professional vein. I will do my best to point out
alternatives in the
[NOTES FROM THE FIELD]
section as I have done here.
If you want to directly open the
Local Users and Groups MMC you can type
lusrmgr.msc from the RUN box or from a command line. This
will run the tool independently from the Computer Management MMC.
Adding GROUPS with the Local Users and
Groups MMC
Some quick
points to remember for local groups on Windows XP
Professional systems that are not domain members are that
Local groups can contain only local user accounts from the
local security database and local groups cannot belong to
any other group. (Local groups cannot be nested one inside
of the other.) For example, user accounts can be members of
both the WORKERS group and the COFFEE group and even though
every single user of one group is a member of the other, you
would not be able to add all the users to the WORKERS group
and then take the WORKERS group and put it in to the COFFEE
group.
Adding a
new group is as simple as selecting Groups from the left pane, right clicking
it and choosing New Group. You can also highlight
Groups by left clicking it and going up to ACTION on the menu
bar and selecting New Group.
Depending
on your current settings, all you need to supply in order to create
a new group is the name. In most cases the description and
adding users at the time is not required by default.
[NOTES FROM THE FIELD] -
There are certain characters that cannot be used in the
name of any group on a Windows XP Professional system. These
are;
\ / " [ ] : | < > + = ; , ? * @
Using USER ACCOUNTS in the Control Panel to add users to EXISTING groups. [NOTES FROM THE FIELD] - You cannot create a new group using this tool. You need to use Computer Management to create new groups. You can add users to existing groups in a limited fashion via this method. How USER ACCOUNTS in the Control Panel functions all depends on whether your Windows XP Professional system is in a domain or not. Also, how it looks depends on whether you are using the default Windows XP view or the Classic interface. This is the default Windows XP view.
Below is the Classic view.
When you are in a domain and you open the USER ACCOUNTS icon in the Control Panel you are presented with the User Accounts view as shown below on the USER tab.
NOTES FROM THE FIELD] -
The "domain" BUCKAROO in this
example is the local system and not a domain. NORTHAMERICA
is a domain. The icons for a local account have a
computer/user icon. In the above image in the Password for
backup section you can see this. A DOMAIN icon in the Users
for this computer section would have a planet/user icon
combination as shown below.
In order to
see the properties of an account, you would select it
and click on the properties button to see the following
window.
On the
Group Membership tab of the USER property sheet you would see three selections to choose
from regarding group memberships.
The OTHER
drop down window lists all of the LOCAL groups that the user
could belong to.
The OTHER drop down window lists
only the local groups, regardless of whether you have chosen
a user account in the local accounts database or a domain
account that is in the domain.
From the ADVANCED tab you can
perform functions such as managing passwords that are in the local database
or using the .NET PASSPORT WIZARD to add a .NET passport to
one or more Windows XP Professional user accounts..
Selecting ADVANCED from the
Advanced User Management section simply launches the Local
Users and Groups MMC as if you typed lusrmgr.msc from the RUN box or from a command line.
The secure logon section is
where you would require local users to press CTRL+ALT+DEL to
begin a session.
When you are not in a domain and you open the USER ACCOUNTS icon
in the Control Panel you are presented with the User
Accounts view as shown below.
To change
any of the listed accounts you would select CHANGE AN
ACCOUNT and select the account you wish to change. It's here
that you can change the password, change the icon (picture)
that is associated with the account or to set up the account
to use a .NET passport.
The CREATE
A NEW ACCOUNT option allows you to do just that.
The CHANGE
THE WAY USERS LOG ON OR OFF option allows you to select
either FAST USER SWITCHING, (which is not allowed when the
workstation is a member of a domain) or using the standard
USE THE WELCOME SCREEN option.
NOTES FROM THE FIELD] -
Fast User Switching cannot be used if the Offline Files
option is enabled. Also, once your system is added to a
domain you can no longer use Fast User Switching, even if
you log on to the workstation by using the local user
account database.
As you can also see there is
no place here to create a new group. As I mentioned earlier,
that would need to be handled through Computer Management.
You would need to use the
Computer Management snap-in to delete local groups from the
system. Windows XP Professional uses a unique identifier
value to identify groups and their assigned permissions, so
if you should delete a group from the local system and then
decide it was in error, creating the group "again" with the
same name will not automatically allow for all of the same
permissions and access levels for it's members.When performing a group deletion, you only delete the group and its associated permissions and rights, not the user accounts in it's membership. To delete a group you would right-click the group name in the Computer Management snap-in and then click Delete. The users would still be on the system. If their deletion was also required as part of removing a group of summer users or interns for example, the individual users would still need to be deleted. Built-In System Groups
Built-in system groups exist on Windows XP Professional systems and while they do have specific memberships that you can modify, you cannot administer the groups directly, they are available for modification when you assign user rights and permissions to resources. Built-in system group membership is based on how the computer is accessed, not on who uses the computer. The list below shows the primary built-in system groups and their default properties and characteristics.
| Built-in System group | Description |
| Everyone | The Everyone group contains all of the users who access the computer. The Full Control permission is assigned to the Everyone group (and thus all the users in it) whenever there are volumes on the local system formatted with NTFS. |
| Authenticated Users | All users with valid user accounts on the local system are included in the Authenticated Users group. When your Windows XP systems is a member of a domain, (or multiple domains) it includes all users in the Active Directory database for that given domain. Using the Authenticated Users group for resource and system access instead of the Everyone group is a suggested best practice. |
| Creator Owner | The Creator Owner designation comes into play when a member of the Administrators group creates a resource, (or takes ownership of a resource) because even though an individual member may have performed the action, the Administrators group owns the resource. |
| Network | The Network Built-in System group contains any user with a current connection from a remote system on the network to a shared resource on the local system. |
| Interactive | Members of the Interactive Built-in System group are "added" as they log on locally to the system. |
| Anonymous Logon | An Anonymous Logon user account that Windows XP Professional cannot authenticate is put into this Built-in System group. |
| Dialup | Users are "added" to the Dialup Built-in System group once they establish a dial-up connection to the system.. |
You can set or revoke permissions to these Built-in System groups at the resource. (e.g. share, NTFS folder, printer, etc.)
[NOTES FROM THE FIELD] - The Dialup Built-in System group does not appear on systems that do not have modems installed and dial up configurations in place. TCP/IP Protocol Within Windows XP ProfessionalTransmission Control Protocol/Internet Protocol is a network communication protocol. It can be used as a communications protocol on private networks and it is the default protocol in use on the internet. When you set up any system to have direct access to the Internet, whether it is via dial-up or one of the high speed technologies in use today, your system will need to utilize the TCP/IP protocol whether it is a Windows based system or not.
Also, if the given system needs to communicate to other TCP/IP systems on the local LAN or WAN it will need to utilize the TCP/IP protocol as well. [NOTES FROM THE FIELD] - Indirectly connected computers, such as those on a LAN that hit the internet via certain default gateways, certain types of routers, Proxy Servers, ISA Servers or other indirect means, do not necessarily need to use the TCP/IP protocol. The need only use the network protocol in use for their LAN, where that LAN protocol would communicate with the directly connecting mechanism, (default gateway, router, Proxy Server or other direct device). That directly connected device would need to use the internet default protocol of TCP/IP. TCP/IP is technically made up of two protocols. The upper layer, Transmission Control Protocol, on the sending system is responsible for breaking down the data into smaller packets to be transmitted over the network, (local and internet), while the TCP layer on the receiving node reassembles the packets it receives back into the original data structure.
The lower layer, Internet Protocol, addresses each individual packet so that it gets delivered to the correct node. Each routing device on the network, be it a hardware router or a server system that is performing routing functions, will check the destination address to see where to forward the message. [NOTES FROM THE FIELD] - This is just a basic overview of TCP/IP and I didn't want to get too involved with it here within this article. There is bountiful information on TCP/IP all over the internet and before pouring through the RFCs I would first suggest you try TCP/IP Frequently Asked Questions or TCP/IP Protocol Suite - Questions & Answers. The TCP/IP Model
The TCP/IP suite of protocols maps to a four-layer conceptual model which is based off of the seven layer Open System Interconnection (OSI) protocol model. The detailed function of each layer of the Open System Interconnection (OSI) protocol model is beyond the scope of this topic, however, the 60 second overview is as follows:
Physical Layer - Defines the interface between the medium and the device. This layer also transmits bits (ones and zeros) and defines how the data is transmitted over the physical medium. Some examples of Network Components found at this layer are Multiplexers, Passive Hubs, Active Hubs, Repeaters and other types of signal Amplifiers Data Link Layer - This layer is actually divided into to sublayers, Logical Link Control, which mainly handles error correction and flow control and Media Access Control, which mainly handles the communication with the network adapter card. Some examples of Network Components found at the Data Link layer are Bridges, Switches and certain Advanced Cable Testers. Network Layer - This OSI layer is responsible for translating logical network address and names such as computernames to their MAC addresses and for addressing and routing data packets over the network. If routers at this layer can’t forward the data frames as large as the source node has sent, this OSI layer will break down the data into smaller units that the devices can handle. Some examples of Protocols found at the Network Layer are IP, ARP, RARP, ICMP, RIP, OSFP, IGMP, IPX, NWLink and NetBEUI. Some examples of Network Components found at this layer are Brouters, Routers, some types of ATM Switches and Frame Relay hardware.
Transport Layer - The Transport Layer adds an additional connection below the Session layer and helps manage data flow control between nodes on the network. This layer divides the data into packets on the sending node and the transport layer of the receiving node reassembles the message from packets. The Transport Layer provides error-checking to guarantee error-free data delivery by requesting retransmission if some packets don’t arrive error-free. It also sends acknowledgment of successful transmissions back to the sending node. Some examples of Protocols found at this layer are TCP, ARP, RARP, SPX and NWLink. Some examples of Network Components found at the Transport Layer are Gateways and certain types of Brouters. Session Layer - This OSI layer, as the name implies, establishes, maintains and ends sessions between transmitting nodes across the network and manages which node can transmit data at a certain time and for how long. Some examples of Protocols found at this layer are Names Pipes, NetBIOS Names, RPC and Mail Slots. Some examples of Network Components found at the Session Layer are Gateways and certain types of Proxy Servers. Presentation Layer - The Presentation Layer technically performs the translation of the data from the way applications understand it to the way networks understand it on the transmission end and then back on the receiving node. It is responsible for protocol conversions, data encryption / decryption, and data compression / decompression where the network is considered. Some examples of Network Components found at the Presentation Layer are Gateways and certain types of Redirectors. There are no Protocols that normally operate in this layer. Application - The Application Layer of the OSI model allows access to network services for applications specifically written to run over the network, such as email and file transfer programs such as FTP. There are many Protocols found at the Application Layer, some of which include FTP, TFTP, BOOTP, SNMP, SMTP, TELNET, NCP, and SMB. The TCP/IP suite four-layer conceptual model is as follows; Network Interface Layer - This layer effectively puts the frames on the wire from the sending node and pulls frames off the wire at the receiving node and basically correlates to the Physical Layer of the OSI model. Internet Layer - Internet layer protocol of the TCP/IP suite encapsulate packets into Internet datagrams. There are four Internet protocols that operate at this layer. The Internet Layer basically (but not entirely) correlates to the Network Layer of the OSI model.
| IP | Internet Protocol provides connectionless packet delivery for all other protocols and does not guarantee packet arrival or correct packet sequence nor does it acknowledge packet delivery. IP has the main responsibility of addressing and routing packets between nodes and it does not try to recover from network errors. |
| ARP | Address Resolution Protocol maps IP addresses to a physical machine addresses (MAC addresses) that are located on the LAN. IP broadcasts a special ARP inquiry packet containing the IP address of the destination system. The system that owns the IP address replies by sending its physical address to the requester. The MAC sublayer communicates directly with the network adapter card and is responsible for delivering error-free data between network. |
| ICMP | Internet Control Message Protocol is a message control and error-reporting protocol used between network nodes. Higher level protocols use the information in these datagrams to recover from any transmission or other errors. |
| IGMP | The Internet Group Management Protocol provides a way for nodes to report their multicast group membership to nearby multicast routers. Multicasting allows nodes to send content to multiple other nodes within that multicast group by sending IP multicast traffic to a single MAC address but by allowing it to be processed by multiple nodes. IGMP is part of the Network layer of the OSI model. Windows XP Professional supports multicast for things such as Windows 2000 Server NetShow Services. |
Transport Layer - The two Transport layer protocols provide communication sessions between computers and these sessions can be connection oriented or connectionless, as outlined below. The Transport Layer basically (but not entirely) correlates to the Transport Layer of the OSI model.
| TCP | Transmission Control Protocol is a connection-oriented protocol that provides reliable communication by assigning a sequence number to each segment of data that is transmitted so that the receiving host can send an acknowledgment (ACK) to verify that the data was received. If an ACK is not received, the data is retransmitted. TCP guarantees the delivery of packets, ensures proper sequencing of the data, and provides a checksum feature that validates both the packet header and its data for accuracy. |
| UDP | User Datagram Protocol is a connectionless protocol that does not guarantee the delivery or the correct sequencing of packets. Applications that use UDP typically transfer small amounts of data at once and the data sent is usually not considered critical. TFTP (Trivial File Transfer Protocol) uses UDP. |
Application Layer - The Application Layer is where applications that are specifically written to operate over networks, gain their access. There are two TCP/IP services, Winsock and the NetBIOS over TCP/IP (NetBT) interface, that network applications most commonly use on Windows XP Professional networks. The Application Layer basically (but not entirely) correlates to the Application Layer of the OSI model.
| Winsock | Winsock is the standard interface used for socket-based applications and TCP/IP protocols. Winsock allows the network application to bind to a specific port and IP address on a node, initiate and accept a connection, send and receive data, and close then close the connection. |
| NetBT | NetBIOS over TCP/IP is the standard interface for NetBIOS services, including name, datagram, and session services. It also provides a standard interface between NetBIOS-based applications and TCP/IP protocols and is the network component that performs computer name to IP address mapping name resolution. There are currently four NetBIOS over TCP/IP name resolution methods: b-node, p-node, m-node and h-node. |
Internet Protocol Addressing Overview
The Transmission Control Protocol/Internet Protocol is a network communication protocol. It can be used as a communications protocol on private networks and it is the default protocol in use on the internet. When you set up any system to have direct access to the Internet, whether it is via dial-up or one of the high speed technologies in use today, your system will need to utilize the TCP/IP protocol whether it is a Windows based system or not.
Also, if the given system needs to communicate to other TCP/IP systems on the local LAN or WAN it will need to utilize the TCP/IP protocol as well.
TCP/IP version 4 (IPv4) addresses are made of up four 8-bit fields (octets) and are 32-bits in size total. Microsoft TCP/IP version 4 supports the standard classes of address, which defines which bits are used for the network ID and which bits are used for the host ID. There are five TCP/IP version 4 (IPv4) addresses, although for the most part, only the A, B, and C classes are used. The system of IP address classes described here form the basis for IP address assignment. Classless Inter-Domain Routing (CIDR) addressing is now being used more often and I will cover that later in the article. Classless Inter-Domain Routing is making the IP address classes in their current for "less defined", for lack of a better term. Still, the classes form the base of any addressing scheme.
TCP/IP version 4 address are made of both a network ID and a host ID. The network ID address identifies the physical network where the hosts exist. The host ID address identifies the individual TCP/IP host on a network. The host ID must be unique on the internal network, that is, no two nodes on a given network can have the same network ID AND host ID.
[NOTES FROM THE FIELD] - You can have two hosts with the IP host name of 112.12.44 if one is on network 10 and another is on network 11. (The full IP addresses of these hosts would be 10.112.12.44 and 11.112.12.44. The subnet mask would be 255.0.0.0.) You cannot assign both of these nodes the host address of 112.12.44 if they are both on network 10 or both on network 11.
The "division" point between the network ID and the host ID is called the subnet mask. The subnet mask is used to determine where the network number in an IP address ends and the node number in an IP address begins.
The bits in a subnet mask are set consecutively from left to right and there can be no "skips" in the setting structure. The subnet mask of 255.255.128.0 is valid because all eight bits are set in the first two octets and the first bit of the next octet is also set. (11111111.11111111.10000000.00000000). The subnet mask of 255.255.64.0 is not valid because there is a "missing" bit that is not allowed. (11111111.11111111.01000000.00000000).
[NOTES FROM THE FIELD] - The left most bit in a TCP/IP version 4 address is called the Most Significant Bit (MSB) and has the highest value. The right most bit in a TCP/IP version 4 address is called the Least Significant Bit (LSB) and has the lowest value.
I have detailed subnet masks in a little more detail in a following section.
The value of the bits, in order from the Most Significant Bit (MSB) to the Least Significant Bit (LSB) are 128, 64, 32, 16, 8, 4, 2, 1. These numerical designations are what make up the TCP/IP version 4 address. Each set bit (noted by a "1") are added together to give you the address. The TCP/IP version 4 address of 171.144.62.12 converts to a binary number of 10101011.10010000.00111110.00001100 and a hexadecimal number of AB.90.3E.0C
[NOTES FROM THE FIELD] - While it's important to know that the TCP/IP version 4 address converts to a binary number or a hexadecimal number it is not often used in day to day operations of the MCSA/MCSE. It is more so for the Network Administrator. For the 70-270 exam, concentrate on the different classes of addresses, how subnet masks work, Classless Inter-Domain Routing (CIDR) addressing and a basic understanding of the binary conversion of a TCP/IP version 4 address. Basically, know the Most Significant Bit (MSB) and the Least Significant Bit (LSB) and the order of numbers.
The way I remember it was to remember that the Least Significant Bit (LSB) of each octet was "1" and each place to the left of it doubled in value up to the end of the octet on the far left. After the DOT I would start back to "1"
TCP/IP version 6 (IPv6) addresses are a set of specifications from the Internet Engineering Task Force (IETF) and has been designed to overcome the current shortage of addresses under TCP/IP version 4. TCP/IP version 6 also has some other built in improvements that goes beyond the scope of the discussion here. The single most important thing you will need to know for the 70-270 exam (a little more depth may be needed for the upcoming Exam 70-275: Installing, Configuring and Administering Microsoft .NET Server and Exam 70-276: Implementing and Administering a Microsoft .NET Server Network Infrastructure) is that IPv6 addresses are 128 bits in length as opposed to 32 bits under IPv4.
Classless Inter-Domain Routing (CIDR) is a newer way to allocate IP addresses that is more flexible than with the original Class addressing scheme used in the past. This makes it so that the utilization of the number of remaining available Internet addresses has been increased. CIDR is now the routing system used by virtually all gateway hosts on the Internet's backbone network.
The original Internet Protocol defines IP addresses in five classes, Classes A through E. Each of these classes allowed the use of one portion of the 32-bit Internet address scheme to the network address and the remaining portion to the nodes on the network. One of the main reason for the IP address shortage was in the situation where many companies needed more than 254 host machines that were allowed under the Class C scheme but far fewer than the 65,533 host addresses of the Class B scheme. They would request a unique B Class address but often ended up not using many of the addresses within their allotted block. This meant that many addresses with their pool were unutilized. This is one of the main reasons the IP address pool was drying up and for this reason the big push was on for TCP/IP version 6 (IPv6) and its 128-bit address. Because many of the Internet authorities realized that it would be some time before IPv6 was in widespread use, Classless Inter-Domain Routing was born.
Using Classless Inter-Domain Routing, each IP address has a network prefix that identifies either a collection of network gateways or an individual gateway. The length of the network prefix is also specified as part of the IP address and varies depending on the number of bits that are needed (rather than any arbitrary class assignment structure). A destination IP address or route that describes many possible destinations has a shorter prefix and is said to be less specific. A longer prefix describes a destination gateway more specifically. Routers are required to use the most specific or longest network prefix in the routing table when forwarding packets.
A Classless Inter-Domain Routing network address looks like this: 201.44.112.00/18
201.44.112.00 is the address of the network and the "18" says that the first 18 bits are the network part of the address, leaving the last 14 bits for the address of the node. (Effectively, the 18 is the subnet mask from the "old" style of address classes.) Classless Inter-Domain Routing lets one routing table entry represent a collection of networks that exist in the forward path that don't need to be specified on that particular gateway. This collecting of networks in a single address is sometimes referred to as a supernet as by their definition they mean the same thing.
Classless Inter-Domain Routing is supported by The Border Gateway Protocol, the prevailing exterior (interdomain) gateway protocol. (The older exterior or interdomain gateway protocols, Exterior Gateway Protocol and Routing Information Protocol, do not support Classless Inter-Domain Routing.) Classless Inter-Domain Routing is also supported by the OSPF interior or intradomain gateway protocol.
Subnet Masks - Implementing subnewtorks (commonly referred to as subnets in the field) helps to control network traffic. Every node on the same physical Ethernet network sees all the packets of data sent out on the network. Often this has the result of multiple collisions causing network performance to be slow. Routers or gateways are used to separate networks into subnets. Subnet masks on each of the nodes allow the nodes on the same subnetwork to continue to communicate with one another and to the routers or gateways they use to send their messages.
Subnet masks allows you to identify the network ID and the host (node) ID of an IP address.
Given the following example of a default B Class subnet mask:
10011110.00010101.00111001.01101111 158.21.57.111
11111111.11111111.00000000.00000000 255.255.000.000
--------------------------------------------------------
10010110.11010111.00000000.00000000 158.21.000.000
we can determine that the network ID is 158.21 and the host ID is 57.111
Network Address : 158.21.0.0
Subnet Address : 158.21.0.0
Subnet Mask : 255.255.0.0
Subnet bit mask : nnnnnnnn.nnnnnnnn.hhhhhhhh.hhhhhhhh
Subnet Bits : 16
Host Bits : 16
Possible Number of Subnets : 1
Hosts per Subnet : 65534
Additional bits can be added to the subnet mask for a given class of addresses to subnet networks further.
Given the following example of a B Class address using an additional bit subnet mask:
10011110.00010101.00111001.01101111 158.21.57.111
11111111.11111111.11110000.00000000 255.255.240.000 Subnet Mask
--------------------------------------------------------
10010110.11010111.00010000.00000000 150.215.016.000 Network address
Subnet Mask : 255.255.240.0
Subnet bit mask : nnnnnnnn.nnnnnnnn.nnnnhhhh.hhhhhhhh
Subnet Bits : 20
Host Bits : 12
Possible Number of Subnets : 16
Hosts per Subnet : 4094
we can see that rather than having the single subnet and 65534 Hosts per Subnet allowed under the default subnet mask we are able to have up to 16 subnets with up to 4094 Hosts per Subnet by using a Subnet Mask of 255.255.240.000.
Selected Subnet : 158.21.0.0/255.255.240.0
Usable Addresses : 4094
Host range : 158.21.0.1 to 158.21.15.254
Broadcast : 158.21.15.255
| Subnet | Mask | Subnet | Host Range | Broadcast |
| 158.21.0.0 | 255.255.240.0 | 4094 | 158.21.0.1 to 158.21.15.254 | 158.21.15.255 |
| 158.21.16.0 | 255.255.240.0 | 4094 | 158.21.16.1 to 158.21.31.254 | 158.21.31.255 |
| 158.21.32.0 | 255.255.240.0 | 4094 | 158.21.32.1 to 158.21.47.254 | 158.21.47.255 |
| 158.21.48.0 | 255.255.240.0 | 4094 | 158.21.48.1 to 158.21.63.254 | 158.21.63.255 |
| 158.21.64.0 | 255.255.240.0 | 4094 | 158.21.64.1 to 158.21.79.254 | 158.21.79.255 |
| 158.21.80.0 | 255.255.240.0 | 4094 | 158.21.80.1 to 158.21.95.254 | 158.21.95.255 |
| 158.21.96.0 | 255.255.240.0 | 4094 | 158.21.96.1 to 158.21.111.254 | 158.21.111.255 |
| 158.21.112.0 | 255.255.240.0 | 4094 | 158.21.112.1 to 158.21.127.254 | 158.21.127.255 |
| 158.21.128.0 | 255.255.240.0 | 4094 | 158.21.128.1 to 158.21.143.254 | 158.21.143.255 |
| 158.21.144.0 | 255.255.240.0 | 4094 | 158.21.144.1 to 158.21.159.254 | 158.21.159.255 |
| 158.21.160.0 | 255.255.240.0 | 4094 | 158.21.160.1 to 158.21.175.254 | 158.21.175.255 |
| 158.21.176.0 | 255.255.240.0 | 4094 | 158.21.176.1 to 158.21.191.254 | 158.21.191.255 |
| 158.21.192.0 | 255.255.240.0 | 4094 | 158.21.192.1 to 158.21.207.254 | 158.21.207.255 |
| 158.21.208.0 | 255.255.240.0 | 4094 | 158.21.208.1 to 158.21.223.254 | 158.21.223.255 |
| 158.21.224.0 | 255.255.240.0 | 4094 | 158.21.224.1 to 158.21.239.254 | 158.21.239.255 |
| 158.21.240.0 | 255.255.240.0 | 4094 | 158.21.240.1 to 158.21.255.254 | 158.21.255.255 |
[NOTES FROM THE FIELD] - A subnet address cannot be all 0's or all 1's.
TCP/IP Class A Address Overview
The "A" class addressing scheme has an official start address of 0.0.0.0 and an official last address of 127.255.255.255.
Not all of these address can be used and you will OFTEN see conflicting information on this.
1.0.0.1 to 126.255.255.254 is the range of IP addresses that are included in the "A" class addressing scheme that are the useable range for node assignment
126.255.255.255 is a broadcast address and in most case cannot be assigned. (There are exceptions to the rule.)
The local host will use 0.0.0.0 when it cannot reach a DHCP server when it is set to use one and cannot assign itself an address using APIPA.
1.0.0.1 to 126.255.255.254 is the useable range.
There are 126 Class A networks total, each allowed to have up to 16,777,214 hosts
The 127.x.x.x range is used for internal host loopback
There are three IP network addresses reserved for private networks. 10.0.0.0 - 10.255.255.255 with the subnet mask 255.0.0.0 is the range for Class A IP addresses.
They can be used by anyone setting up internal IP networks, such as a lab or home LAN behind a NAT or proxy server or a router. It is always safe to use these because routers on the Internet will never forward packets coming from these addresses.
These addresses are defined in RFC 1918.
While 10.0.0.0 - 10.255.255.255 addresses with the subnet mask 255.0.0.0 are available to only internal IP networks, they are still considered part of the Class "A" range.
TCP/IP Class B Address Overview
The "B" class addressing scheme has an official start address of 128.0.0.0 and an official last address of 191.255.255.255.
Not all of these address can be used and you will OFTEN see conflicting information on this.
128.0.0.1 to 191.255.255.254 is the range of IP addresses that are included in the "B" class addressing scheme that are the useable range for node assignment.
The local host will use 0.0.0.0 when it cannot reach a DHCP server when it is set to use one and cannot assign itself an address using APIPA.
There are three IP network addresses reserved for private networks. 172.16.0.0 - 172.31.255.255 with the subnet mask 255.240.0.0 is the range for Class B IP addresses.
They can be used by anyone setting up internal IP networks, such as a lab or home LAN behind a NAT or proxy server or a router. It is always safe to use these because routers on the Internet will never forward packets coming from these addresses.
These addresses are defined in RFC 1918.
While 172.16.0.0 - 172.31.255.255 addresses with the subnet mask 255.240.0.0 are available to only internal IP networks, they are still considered part of the Class "B" range.
TCP/IP Class C Address Overview
The "C" class addressing scheme has an official start address of 192.0.0.0 and an official last address of 223.255.255.255.
Not all of these address can be used and you will OFTEN see conflicting information on this.
192.0.0.1 to 223.255.255.254 is the range of IP addresses that are included in the "C" class addressing scheme that are the useable range for node assignment.
The local host will use 0.0.0.0 when it cannot reach a DHCP server when it is set to use one and cannot assign itself an address using APIPA.
There are three IP network addresses reserved for private networks. 192.168.0.0 - 192.168.255.255 with the subnet mask 255.255.0.0 is the range for Class C IP addresses.
They can be used by anyone setting up internal IP networks, such as a lab or home LAN behind a NAT or proxy server or a router. It is always safe to use these because routers on the Internet will never forward packets coming from these addresses.
These addresses are defined in RFC 1918.
While 192.168.0.0 - 192.168.255.255 addresses with the subnet mask 255.255.0.0 are available to only internal IP networks, they are still considered part of the Class "C" range.
TCP/IP Class D Address Overview
The IP version 4 addresses of 224.0.0.0 through 239.255.255.255 are set aside through IANA (Internet Assigned Numbers Authority) as a special class of addresses for Multicast uses. At the present, ISPs are unable to allocate Class D address space to their customers. These addresses must be allocated through IANA.
Class D addresses are only required if you wish to be a multicast source. You can still receive multicast data without the need for a separate Class D address.
TCP/IP Class E Address Overview
The IP version 4 addresses of 240.0.0.0 to 254.255.255.255 are set aside through IANA (Internet Assigned Numbers Authority) as a special class of addresses for experimental and future use.
The IP address of 255.255.255.255 broadcasts to all hosts on the local network and therefore, is not to be considered as part of the E class of IP addresses.
Troubleshooting TCP/IP in Windows XP Professional
Windows XP Professional offers several native programs to use to help in troubleshooting TCP/IP.
PING - Ping can be used to test your TCP/IP connection by sending a message to the remote node or gateway from a local system. (It can also be used to test the loopback locally only to see if it is working correctly.) If the remote node or gateway receives the message, it responds with a reply message. The reply consists of the remote's IP address, the number of bytes in the message, how long it took to reply-given in milliseconds (ms), the length of time-to-live (TTL) in seconds and it will also show any pack loss in terms of percentages.
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Ping statistics for 127.0.0.1:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
Usage: ping [-t] [-a] [-n count] [-l size] [-f] [-i TTL] [-v TOS]
[-r count] [-s count] [[-j host-list] | [-k host-list]]
[-w timeout] target_name
Switches:
- -t Ping the specified host until stopped. To see statistics and continue - type Control-Break; To stop - type Control-C.
- -a Resolve addresses to hostnames.
- -n count Number of echo requests to send.
- -l size Send buffer size.
- -f Set Don't Fragment flag in packet.
- -i TTL Time To Live.
- -v TOS Type Of Service.
- -r count Record route for count hops.
- -s count Timestamp for count hops.
- -j host-list Loose source route along host-list.
- -k host-list Strict source route along host-list.
- -w timeout Timeout in milliseconds to wait for each reply.
address resolution protocol (ARP).
ARP -s inet_addr eth_addr [if_addr]
ARP -d inet_addr [if_addr]
ARP -a [inet_addr] [-N if_addr]
- -a Displays current ARP entries by interrogating the current protocol data. If inet_addr is specified, the IP and Physical addresses for only the specified computer are displayed. If more than one network interface uses ARP, entries for each ARP table are displayed.
- -g Same as -a.
- inet_addr Specifies an internet address.
- -N if_addr Displays the ARP entries for the network interface specified by if_addr.
- -d Deletes the host specified by inet_addr. inet_addr may be wildcarded with * to delete all hosts.
- -s Adds the host and associates the Internet address inet_addr with the Physical address
- eth_addr. The Physical address is given as 6 hexadecimal bytes separated by hyphens. The entry is permanent.
- eth_addr Specifies a physical address.
- if_addr If present, this specifies the Internet address of the interface whose address translation table should be modified. If not present, the first applicable interface will be used.
Example:
-a
Displays all connections and listening ports.
-e
Displays Ethernet statistics. This may be combined with
the -s option.
-n
Displays addresses and port numbers in numerical form.
-o
Displays the owning process ID associated with each
connection. commands
TRACERT - Tracert is
sometimes used to verify that IP addressing has been
correctly configured on a client. It will basically show the
route taken to reach a remote system Usage: tracert [-d] [-h
maximum_hops] [-j host-list] [-w timeout] target_name
> arp -s 157.55.85.212 00-aa-00-62-c6-09 .... Adds a static
entry.
> arp -a .... Displays the arp table.
IPCONFIG
- Use the ipconfig command to get the local system's basic
IP configuration information, including the IP address,
subnet mask, and default gateway.
The IPCONFIG/all switch produces a detailed configuration
report for all interfaces, including any configured remote
access adapters.
USAGE:
ipconfig [/? | /all | /renew [adapter] | /release [adapter]
| /flushdns | /displaydns | /registerdns | /showclassid
adapter | /setclassid adapter [classid] ]
The default is to display only the IP address, subnet mask
and default gateway for each adapter bound to TCP/IP.
For Release and Renew, if no adapter name is specified, then
the IP address leases for all adapters bound to TCP/IP will
be released or renewed.
NBTSTAT
- NetBT Statistics (Nbtstat.exe) is used for troubleshooting
network NetBIOS names over TCP/IP (NetBT) resolution
problems from the command line. It displays protocol
statistics and current TCP/IP connections that are using
NetBT.
When a network is functioning, NetBT resolves NetBIOS names
to IP addresses. It uses several options for NetBIOS name
resolution, including local cache lookup, WINS server query,
broadcast, Lmhosts and Hosts file lookup, and DNS server
query.
Displays
protocol statistics and current TCP/IP connections using NBT
(NetBIOS over TCP/IP).
NBTSTAT [ [-a RemoteName] [-A IP address] [-c] [-n] [-r]
[-R] [-RR] [-s] [-S] [interval] ]
NETSTAT - Netstat (Netstat.exe) displays TCP/IP protocol
statistics and active connections to and from your computer
from the command line and also provides an option to display
the number of bytes sent and received, as well as network
packets dropped (if any).
NETSTAT
[-a] [-e] [-n] [-o] [-s] [-p proto] [-r] [interval]
ROUTE - You can use
the route command line tool to display the current IP
routing table and add or delete IP routes.
ROUTE [-f]
[-p] [command] [destination] [MASK netmask] [gateway]
[METRIC metric] [IF interface]
All symbolic names used for destination are looked up in the
network database file NETWORKS. The symbolic names for
gateway are looked up in the host name database file HOSTS.
If the command is PRINT or DELETE. Destination or gateway
can be a wildcard, (wildcard is specified as a star '*'), or
the gateway argument may be omitted.
If Dest contains a * or ?, it is treated as a shell pattern,
and only matching destination routes are printed. The '*'
matches any string, and '?' matches any one char. Examples:
157.*.1, 157.*, 127.*, *224*.
Invalid MASK generates an error, that is when (DEST & MASK)
!= DEST.
Example> route ADD 157.0.0.0 MASK 155.0.0.0 157.55.80.1 IF 1
The route addition failed: The specified mask parameter is
invalid. (Destination & Mask) != Destination.
Examples:
route PRINT
route ADD 157.0.0.0 MASK 255.0.0.0 157.55.80.1 METRIC 3 IF 2
destination^
mask^ gateway^
metric^ ^Interface
If IF is not given, it tries to find the best interface for
a given gateway.
route PRINT 112* .... Only prints those matching 112*
route CHANGE 112.0.0.0 MASK 255.0.0.0 112.89.8.5 METRIC 2 IF
2
CHANGE is used to modify gateway and/or metric only.
HOSTNAME - Hostname is used to show the local
computer's host name for authentication by the Remote Copy
Protocol (RCP), Remote Shell (RSH), and Remote Execution
(REXEC) tools
Options:
PATHPING -
Pathping also shows the route taken to reach a remote system
as does TRACERT but PATHPING does so with more detail and
allows for more functionality as well.
Usage:
pathping [-g host-list] [-h maximum_hops] [-i address] [-n]
[-p period] [-q num_queries] [-w timeout] [-P] [-R] [-T]
[-4] [-6] target_name
Options:
There are
additional tools that can be used to test TCP/IP
connectivity. They are standard use tools for the TCP/IP
protocol.
FTP
- FTP is the File Transfer Protocol and it is used to
transfer files from system to system.
Internet
Explorer interconnectivity allows for a Windows Explorer
type of GUI environment for the file transfer by allowing
functionality of file and folder views and drag and drop /
copy and paste.
The command
line FTP allows for more functionality. FTP is considered to
be a connected session using Transmission Control Protocol
(TCP).
FTP commands are listed in the
table below.
!
delete
literal
prompt
send
?
debug
ls
put
status
append
dir
mdelete
pwd
trace
ascii
disconnect
mdir
quit
type
bell
get
mget
quote
user
binary
glob
mkdir
recv
verbose
bye
hash
mls
remotehelp
cd
help
mput
rename
close
lcd
open
rmdir
FTP [-v]
[-d] [-i] [-n] [-g] [-s:filename] [-a] [-w:windowsize] [-A]
[host]
[NOTES FROM THE FIELD] -
Use mget and mput commands take y/n/q for yes/no/quit.
Use Control-C to abort actively executing commands.
TFTP
- The Trivial File Transfer Protocol allows for the
connectionless transfer of files to and from systems using
User Datagram Protocol (UDP).
[NOTES FROM THE FIELD] -
User Datagram Protocol (UDP) is a connectionless protocol
that does not guarantee delivery of data packets between
hosts and is used when data transfer acknowledgments are not
required. It can transmit only small portions of data at a
time because it is not capable of segmenting and
reassembling frames and does not implement sequence numbers.
While TFTP
is limited in functionality, there are still some command
line switches that can be used to tailor its performance.
TFTP [-i]
host [GET | PUT] source [destination]
TELNET
- Telnet is a terminal emulation program, which allows user
to perform commands on a remote computer from a command
window.
telnet
[-a][-e escape char][-f log file][-l user][-t term][host
[port]]
RCP
- RCP copies files to and from computer running the RCP
service. RCP uses the Transmission Control Protocol (TCP) to
utilize the connected and reliable delivery of data between
the client and the host and can be scripted in a batch file
and does not require a password. The remote host must be
running the RSHD service, and the user’s username must be
configured in the remote host’s .rhosts file. RCP is one of
the r-commands available on all UNIX systems.
[NOTES FROM THE FIELD] -
Microsoft’s implementation of TCP/IP includes the RCP
client software but not rshd services.
RCP [-a | -b] [-h] [-r] [host][.user:]source [host][.user:]
path\destination
RSH - RSH is a TCP/IP utility that enables clients to
run commands directly on remote hosts running the RSH
service without having to log on to the remote host. RSH is
one of the UNIX r-commands that are available on all UNIX
systems.
[NOTES FROM THE FIELD] -
Microsoft’s implementation of TCP/IP includes the RSH
client software but not the RSH service. If a user on a
computer running in a Windows domain tries to use RSH to run
a command on a remote UNIX server that is running the RSH
daemon, the domain controller is required by the RSH client
in order to resolve the username of the user.
REXEC - REXEC runs commands on remote hosts
running the REXEC service and authenticates the user name on
the remote host before executing the specified command.
REXEC host [-l username] [-n] command
FINGER
- FINGER is a TCP/IP utility used for viewing information
about a user on a system running the finger service.
Typing the command finger
jason@windowsxp.2000trainers.com displays information about
user Jason on a server called windowsxp.2000trainers.com.
FINGER
[-l] [user]@host [...]
[NOTES FROM THE FIELD] -
Microsoft’s implementation of TCP/IP includes the
FINGER client software but not the FINGER service. You are
able to run the FINGER client on a machine running a Windows
operating system that is connected to the Internet in order
to obtain results from a remote UNIX server running the
FINGER daemon as a FINGER gateway.
Windows XP Remote Assistance
Remote Assistance is a convenient way for level two system
technicians (and in certain cases, knowledgeable friends and
associates) to connect to your Windows XP system and either walk you through
any problems you are having locally or to allow them to take
care of it for you.
After Enterprise users log a call to a central help desk
either via the phone or the Enterprise's current trouble
call system, (or by one of the ways mentioned later in this
article) Remote Assistance allows the appropriate person to
log into your system to view what you see on your computer screen and chat online with you in real
time through the use of Windows Messenger about what you both see
on the local system. (It is also possible for them to be
speaking over the telephone with you about what is seen on
the local system as well.) If the task is "too difficult" to walk
the user through, the support person can "take over" the
session and complete the task remotely.
[NOTES FROM THE FIELD] -
The minimum system
requirements needed to properly utilize Remote Assistance as
outlined by Microsoft are that both connecting systems must be using either Windows
Messenger or another MAPI-compliant e-mail account such as
Microsoft Outlook or Outlook Express.
Both systems will need network connectivity, either via the
internet or a corporate WAN/LAN.
On some corporate WANs,
firewalls might stop you from using Remote Assistance
depending on which ports are being filtered at the firewall.
Remote Assistance runs over
the top of Terminal Services technology and uses the same
TCP port used by Terminal Services: port 3389.
Remote Assistance will not work if outbound traffic from TCP
port 3389 is blocked.
If you are using Network Address Translation (NAT) in a home
environment, you can use Remote Assistance without any
special configurations. However, if you have a personal
firewall or similar lockdowns in your home environment, you
will have the same issues as in a corporate environment,
Remote Assistance will not work if outbound traffic from TCP
port 3389 is blocked.
Also, Microsoft Windows XP
Professional or Windows XP Home Edition are the only two
systems that can use this functionality. The user requesting
assistance and the user providing the assistance must both
be using systems running one of the versions of Windows XP.
Remote Assistance configuration is accessed
and settings are enabled via the System Properties page on a Windows XP system either
by selecting it from the Start Menu by right clicking My
Computer and choosing Properties or by selecting My Computer
from the Windows Explorer and right clicking My Computer and
choosing Properties.
[NOTES FROM THE FIELD] - What your Start Menu options look like all depend on how you have the menu set. If you are using the Classic Start Menu, you would not see My Computer as a selection to right click on.
I seem to continually repeat this from article to article, but it is important to stress, the Windows XP Professional exam rarely tests you on Classic anything. You need to know how to get from Windows XP Professional settings to Classic and back, but in 90% of the cases you're going to find instructions laid out in the Windows XP Professional vein. I will do my best to point out alternatives in the [NOTES FROM THE FIELD] section as I have done here.
Local Administrators and certain permitted individuals have the rights to make configuration settings for the local systems to allow or prevent remote assistance invitations. Once the system is properly configured by the Administrator, any user can make a request for remote assistance.
After the Properties page has been brought up for a local system, it can be set to allow Remote Assistance invitations by selecting the Allow Remote Assistance invitations to be sent from this computer checkbox on the Remote tab.
Once this option is set the Advanced button becomes available which displays the Remote Assistance Settings dialog box when selected.
[NOTES FROM THE FIELD] - The default settings are shown in the image above. You can configure the Invitation settings in the drop down menu of numbers in a range from 1 to 99 and the definition box to the right can be set to MINUTES, HOURS, or DAYS.
The default option of Allow This Computer To Be Controlled Remotely is selected and allows the person offering the assistance to take over the full control of the local system. Clearing this check box allows the remote user only the ability to view a remote session. (Think of it as a "Read Only" session).
Remote Assistance via the Windows Messenger
There are many different ways to solicit help via Remote Assistance. I will outline the main ways to ask via the local system.
You can ask for Remote Assistance via the Windows Messenger by logging in to the Windows Messenger and going to Actions on the Menu bar and selecting Ask for Remote Assistance.
This allows you to select a person from your list of contacts, provided they are online at the time.
You can also select the Other tab to enter the e-mail address of another person to contact.
The invitation from the My Contacts list will show up in the conversation window.
Also, if you already have a conversation session established with the person you want to request help from, you can simply select the Ask for Remote Assistance button from the I want to....menu.
Once the person accepts the invitation you will see a dialog box asking you to confirm permission. In order for the session to continue you would need to click Yes.
They can then operate on your system at whatever level of control that has been allowed. (Either view or full control.)
[NOTES FROM THE FIELD] - The client requesting the remote session maintains ultimate control of the session even thought they have granted temporary controlling access to the invitee. Although you relinquish control of your computer temporarily, you retain control over the Remote Assistance session itself. The client requesting the remote session can end the session immediately by clicking the Stop Control button or pressing the ESC key.
Remote Assistance via the Help and Support Center
You can also initiate a session via Help and Support from the Start Menu.
This will open the Help and Support Center where you can ask for assistance from the main menu.
Selecting Invite a friend to connect to your computer with Remote Assistance from the Ask a friend to help section (from the Support menu on the left section of the screen, not shown in the above image) will bring you to the next Help and Support Center window.
From here you can select Invite someone to help you which will open the next screen to select either a Windows Messenger user or allow you to make a solicitation by email.
You can select a user from the list and click the Invite this person button which will bring up the Web Page Dialog box.
[NOTES FROM THE FIELD] - This box will stay open until it is accepted on the remote end or cancelled on the requesting end.
You can also elect to save your invitation as a file.
When you save the invitation, you can elect to require the recipient to use a password. (You will have to get this password to the recipient, it is not sent from this tool.)
You can also elect Get Help from Microsoft from the Support menu, which allows you to choose assistance options from Microsoft.
If you choose to Ask a Microsoft Support Professional for help, you'll need to agree to the End User License Agreement, after which you'll be prompted through a series of questions to assist you in your troubleshooting effort.
[NOTES FROM THE FIELD] - While I have personally never used this option, I did fire it up to see how it functioned and it appeared to work just the Windows Hardware Troubleshooters, where a number of "canned" questions are asked, which lead to the next question and so on, building the "path" of questioning from the previous answers. I can't really tell you if you have a "live" Microsoft support person on the other end, at least not for the number of questions I walked through anyway.
You can also choose to Go to a Windows Web site Forum from the Support menu and choose the Go to Windows Newsgroups in an attempt to resolve any system issues you might be having on your own by utilizing information posted there.
NWLink IPX/SPX/NetBIOS Compatible Transport Protocol
NWLink IPX/SPX/NetBIOS Compatible Transport Protocol is the Microsoft implementation of Novell's Internetwork Packet Exchange/Sequenced Packet Exchange (IPX/SPX) protocol.
Windows clients can be configured to use NWLink to access client and server applications running on Novell NetWare servers and / or on intranets where IPX/SPX or NWLink is the protocol of choice. Windows clients running NWLink and the Client Service for NetWare or NWLink and Gateway Service for NetWare can connect to NetWare servers and utilize their file and print services.
NetWare clients can access client and server applications running on Windows 2000 servers by using the protocol as well. NetWare clients running IPX with NetBIOS, Named Pipes, or Windows Sockets can connect to systems running Windows 2000 with NWLink installed and utilize applications and services on those systems. NetWare clients running IPX can also connect to systems running Windows 2000 Server with NWLink and File and Print Services for NetWare installed for file and print services.
NWLink supports Winsock and NetBIOS over IPX networking application programming interfaces (APIs) which provide interprocess communication (IPC) services.
Winsock supports existing NetWare applications written to comply with the NetWare IPX/SPX Sockets interface and NetBIOS over IPX supports communication between NetWare clients running NetBIOS and systems running Windows XP Professional and NWLink NetBIOS
In order for any of this to occur on an intranet, the NWLink IPX/SPX/NetBIOS Compatible Transport Protocol needs to be installed and properly configured on the Windows XP Professional system..
[NOTES FROM THE FIELD] - NWLink is not installed by default during the installation of any of the current Windows client and server operating systems. By default, you must be a member of the Administrators group to install protocols on any given system.
Windows 95 installed NWLink by default during the operating system installation.
There are a number of different ways to go about beginning the installation of NWLink on a Windows XP Professional system. All of the methods end up bringing you to Network Connections.
The easiest way to go about it is to right click My Network Places from the Start Menu and select Properties.
[NOTES FROM THE FIELD] - (Long time readers are sick of this, but I can't mention it enough.) What your Start Menu options look like all depend on how you have the menu set. If you are using the Classic Start Menu, you would not see My Network Places as a selection to right click on.
I seem to continually repeat this from article to article, but it is important to stress, the Windows XP Professional exam rarely tests you on Classic anything. You need to know how to get from Windows XP Professional settings to Classic and back, but in 90% of the cases you're going to find instructions laid out in the Windows XP Professional vein. I will do my best to point out alternatives in the [NOTES FROM THE FIELD] section as I have done here.
Once you have opened the Properties of My Network Places you will see the Network Connections box, as shown below.
In order to add the protocol from here you would need to right click the installed LAN adapter and select Properties.
Click on Install to open the Select Network Component Type. Since we want to install a protocol, we will select Protocol and click ADD
Next you will see the Select Network Protocol window where you will be able to select NWLink IPX/SPX/NetBIOS Compatible Transport Protocol. Once you have done this and clicked OK the protocol will be installed.
[NOTES FROM THE FIELD] - Windows XP does not require you to restart the computer after you install new protocols MOST of the time. What you may find that you need to do is to Disable and then Enable the network adapter to finalize all the settings. When it is practical, you should restart the system. If you have connectivity issues with the newly installed protocol, or even the currently installed ones, you're not going to be able to be sure where to start troubleshooting if you haven't rebooted the system.
Configuring NWLink
Once NWLink has been installed you need to properly configure it. By default, NWLink automatically detects the frame type used on the LAN because it is set to auto detect the network frame type. If NWLink detects no network traffic or if multiple frame types are detected as in use, NWLink sets the frame type to 802.2.
Each frame type on a IPX network formats data differently for transmission and the different types are incompatible with each other. Multiple frame types can be used, but in order for all computers on a network to successfully communicate with one another they must use the same frame type.
You can determine which external network number, frame type, and internal network number your routers are using by typing ipxroute config at a command prompt.
IPXroute.exe is a command-line utility that allows Administrators the ability to modify the NWLink IPX/SPX/NetBIOS Compatible Transport Protocol (NWLink) settings that affect routing. The Ipxroute utility provides the same functionality as the Route.exe command-line utility that is supplied by Novell for its MS-DOS-based clients.
The Ipxroute utility manages the source routing variables of NWLink and is installed only if the NWLink transport protocol is bound to a network adapter.
Any changes made with IPXroute are valid for the current session only. When you log off, the settings are lost. To permanently change NWLink settings, you must set them in the registry.
H:\>ipxroute config
NWLink IPX Routing and Source Routing Control Program v2.00
Num Name Network Node Frame
===================================================
1. IpxLoopbackAdapter 1234cdef 000000000002 [802.2]
2. Local Area Connection 00000000 006097dead6b [EthII]
3. NDISWANIPX 00000000 9a2f20524153 [EthII] -
Legend
======
- down wan line
NWLink IPX Routing and Source Routing Control Program v2.00 included in Windows 2000 and Windows XP displays and modifies information about the routing tables used by IPX.
H:\>ipxroute
NWLink IPX Routing and Source Routing Control Program v2.00
DEFault Node (Unknown) Addresses are sent SINGLE ROUTE BROADCAST
Broadcast (FFFF FFFF FFFF) Addresses are sent SINGLE ROUTE BROADCAST
Multicast (C000 xxxx xxxx) Addresses are sent SINGLE ROUTE BROADCAST
IPX Routing Options
-------------------
IPXROUTE servers [/type=xxxx]
Servers displays the SAP table for the specified server type. Server type is a 16-bit integer value. If no type is specified, servers of all types are shown. The displayed list is sorted by server name.
IPXROUTE ripout network
Ripout discovers the reachability of "network" (specified in host order) by consulting the IPX Stack's route table and sending out a rip request if necessary.
IPXROUTE resolve guid|name adapter-name
Resolve resolves the name of the given adapter to its guid or friendly version.
Source Routing Options
----------------------
IPXROUTE board=n clear def gbr mbr remove=xxxxxxxxxxxx
IPXROUTE config
- board=n - Specify the board number to check.
- clear - Clear the source routing table
- def - Send packets that are destined for an unknown address to the ALL ROUTES broadcast (Default is SINGLE ROUTE broadcast).
- gbr - Send packets that are destined for the broadcast address (FFFF FFFF FFFF) to the ALL ROUTES broadcast (Default is SINGLE ROUTE broadcast).
- mbr - Send packets that are destined for a multicast address (C000 xxxx xxxx) to the ALL ROUTES broadcast (Default is SINGLE ROUTE broadcast).
- remove=xxxx - Remove the given mac address from the source routing table.
- config - Displays information on all the bindings that IPX is configured for.
You can configure the frame type you wish to use manually by right clicking the adapter you want to configure and going to the properties page.
On the General tab of the property page for the adapter you would select the NWLink IPX/SPX/NetBIOS Compatible Transport Protocol and click the Properties button.
On the General tab of the property page for the protocol you can manually select a frame type from the drop down window in the Adapter section.
[NOTES FROM THE FIELD] - Windows XP does not require you to restart the computer after you change the frame type MOST of the time. What you may find that you need to do is to Disable and then Enable the network adapter to finalize all the settings, as the system may not have "let go" the auto configured frame type. When it is practical, you should restart the system. If you have connectivity issues with the newly set frame type, or even other currently installed protocols, you're not going to be able to be sure where to start troubleshooting if you haven't rebooted the system.
On Ethernet networks, the standard frame type for NetWare 2.2 and NetWare 3.11 is 802.3. For NetWare 3.12 and later, the default is 802.2.
The different network topologies and the frame types supported by NWLink are outlined in the table below.
| Ethernet supports | Ethernet II, 802.3, 802.2, and Subnetwork Access Protocol (SNAP), which defaults to 802.2 |
| Token Ring supports | 802.5 and SNAP |
| Fiber Distributed Data Interface (FDDI) supports | 802.2 and SNAP |
Domain Name System Overview
Domain Name System (DNS) servers maintain a distributed database used to translate computer names to Internet Protocol (IP) addresses on Transmission Control Protocol/Internet Protocol (TCP/IP) networks which includes the internet.
[NOTES FROM THE FIELD] - Being able to install DNS is not a requirement for the 70-270 exam. Understanding the functionality of DNS and how it affects Windows XP Professional clients in workgroups and within domains is.
The Microsoft Domain Name System (DNS) is the name resolution service that resolves Uniform Resource Locator names (URLs) and other DNS names into their “true” dotted decimal format. http://www.zandri.net translates into a specific Internet Protocol (IP) address and it is that address resolution that allows you to reach the server destination you are looking for.
There are two different types of DNS lookup, forward and reverse. A forward lookup query resolves a DNS name to an IP address and is the most common DNS query. A reverse lookup query resolves an IP address to a name.
A DNS name server can resolve a query only for a zone for which it has authority. When DNS servers receive a resolution request, they attempt to locate the requested information in their own database.
There are two types of queries that can be performed in DNS: Iterative and Recursive.
A DNS resolution query made from a client to a DNS server where the server returns the best answer that it can provide based on its local cache or stored zone data is called an Iterative query. If the server performing the Iterative query does not have an exact match for the name request, it provides a pointer to an authoritative server in another level of the domain namespace. The client system will then query that server and so on and will continue this process until it locates a server that is authoritative for the requested name or until an error is returned such as name not found or a time-out condition is met.
A DNS resolution query made from a client to a DNS server in which the server assumes the full workload and responsibility for providing a complete answer to the query is called a recursive query.
The server, if it cannot resolve the resolution from it's own database will then perform separate iterative queries to other servers (on behalf of the client) to assist in returning an answer to the recursive query and will continue this process until it locates a server that is authoritative for the requested name or until an error is returned such as name not found or a time-out condition is met.
Client computers send recursive queries to DNS servers in most cases and usually the DNS server is set up to make iterative queries to provide an answer to the client.
The following is an example of the query process of a client computer making a request to a DNS server to resolve the address web address of www.zandri.net.
First the client computer generates a request for the IP address of www.zandri.net by sending a recursive query to the DNS server that it is configured to use in its network configuration. (We'll call this server LOCALCFG)
The second step is for LOCALCFG DNS server that has received a recursive query to look it its local database. If it does find that answer locally it is returned. If it is unable to locate an entry for www.zandri.net in its own database, it sends an iterative query to a DNS server that is authoritative for the root of the local domain. (We'll call this server LOCALROOT)
If the LOCALROOT DNS server, which is authoritative for the root domain, has the answer in its local database it sends a response to LOCALCFG. If the LOCALROOT DNS server is unable to locate an entry for www.zandri.net in its database, it sends a reply to the querying DNS server (LOCALCFG) with the IP addresses of DNS servers that are authoritative for the .net domain. (If it were .com you would be sent the IP addresses of DNS servers that are authoritative for the COM domain. If it were .org you would be sent the IP addresses of DNS servers that are authoritative for the ORG domain and so on.) We'll call this server DNSNET.
The DNS server that received the client recursive query (LOCALCFG) sends an iterative query to a server that is authoritative for the .net domain (DNSNET).
If the DNS server that is authoritative for the .net domain (DNSNET) has an entry for www.zandri.net in its local cache it will return it to LOCALCFG. If DNSNET is unable to locate an entry for www.zandri.net in its database, it sends a reply to the querying DNS server (LOCALCFG) with the IP addresses of DNS servers that are authoritative for the zandri.net domain. (We'll call this server ZANDRIDNS).
The DNS server that received the client recursive query (LOCALCFG) sends an iterative query to a server that is authoritative for the zandri.net domain. (ZANDRIDNS)
The DNS server that is authoritative for the zandri.net domain (ZANDRIDNS) locates an entry for www.zandri.net in its database and sends a reply to the querying DNS server (LOCALCFG) with the IP address of www.zandri.net.
The DNS server (LOCALCFG) that received the recursive query sends a reply to the client computer with the IP address of www.zandri.net.
Configuring Windows XP Professional as a DNS Client
Windows 2000 Domain Name System (DNS) servers maintain a distributed database used to translate computer names to Internet Protocol (IP) addresses on Transmission Control Protocol/Internet Protocol (TCP/IP) networks which includes the internet.
[NOTES FROM THE FIELD] - Being able to install DNS is not a requirement for the 70-270 exam. Understanding the functionality of DNS and how it affects Windows XP Professional clients in workgroups and within domains is.
In the next few weeks in my Learn Active Directory in 15 Minutes a Week series of articles I will cover DNS in more depth, including a more in depth view of installing DNS.
The Microsoft Domain Name System (DNS) is the name resolution service that resolves Uniform Resource Locator names (URLs) and other DNS names into their “true” dotted decimal format. http://www.zandri.net translates into a specific Internet Protocol (IP) address and it is that address resolution that allows you to reach the server destination you are looking for.
For this reason you are going to need to be sure that TCP/IP is installed on the client system you wish to configure as a DNS client.
[NOTES FROM THE FIELD] - There are other methods available for configuring TCP/IP name resolution on Windows XP Professional clients. Most of these will not work on the internet or on networks for Active Directory purposes. Windows Internet Name Service (WINS) can perform NetBIOS-to-IP name resolution and Hosts and Lmhosts files can be manually configured to provide host-to-IP and NetBIOS-to-IP name resolution. It is also possible (but usually not desirable) to use b-node broadcasts to perform NetBIOS name resolution within the local subnet.
To configure your Windows XP Professional system as a DNS client you need to either go to the Control Panel and click Network And Internet Connections or go to My Network Places on the start menu, right click it and choose Properties.
In the Network Connections window you would right click your Local Area Connection (which is the default location to set the local system as a DNS client) and choose Properties.
On the property page for the Local Area Connection you would highlight the TCP/IP protocol on the general tab and select the Properties button.
The image below shows a client configured to use the DHCP (as the Obtain an IP address automatically radio button is set) or APIPA service (in the event the DHCP server is unavailable). This is also the default selection for the TCP/IP properties at operating system installation and/or protocol installation when the Typical Settings radio button is selected.
The client can be configured to use a static (fixed) or dynamic IP address. In either case, configuring the system as a DNS client is exactly the same.
[NOTES FROM THE FIELD] - Windows XP Professional, like Windows 98 and Windows 2000, uses Automatic Private IP Addressing which will provide DHCP clients an IP address and limited network connectivity (usually the same subnet only) in the event a DHCP server is unavailable. The Automatic Private IP Addressing feature uses the reserved 169.254.0.0 through 169.254.255.255 IP address range and is enabled by default, but it can be disabled by configuring the settings on the client to use an alternate configuration if a DHCP server cannot be located.
When you select the Obtain DNS Server Address Automatically option, your network's Dynamic Host Configuration Protocol (DHCP) server will provide the IP address of a DNS server to the client.
When you elect to choose Use The Following DNS Server Addresses, you will manually list the IP address of the Preferred DNS Server and the optional Alternate DNS Server address that you want the client to use.
You can also click on the Advanced button and enter these values as well as some other settings.
You can set the client's DNS server addresses in the upper box and arrange them in order of use from top to bottom (the first two entries of which will be any settings you provided on the main TCP/IP page) by entering them with the Add button and using the arrows on the right side to change their order.
There are also other sections on this property page where more settings can be configured. The Append Primary And Connection Specific DNS Suffixes option is selected by default and this setting tells the DNS resolver to append the client name to the primary domain name, as well as the domain name defined in the DNS Domain Name field. The resolver then searches for the Fully Qualified Domain Name. If the search for the Fully Qualified Domain Name fails, the DNS resolver will use the entry (if any) supplied in the DNS Suffix For This Connection text box.
If the DHCP server has been enabled to configure this connection and you do not specify a DNS suffix, the connection is assigned by the DHCP server. If you specify a DNS suffix, it is used instead.
The Append Parent Suffixes Of The Primary DNS Suffix check box is enabled by default and this configuration causes the DNS resolver to drop the leftmost portion of the primary DNS suffix and attempt to use the resulting domain name. If this fails, it continues dropping the next leftmost name and repeating this process until only two names such as 2000Trainers and COM remain. Rather than do this, you might opt to set the Append These DNS Suffixes (In Order) radio button which will allow you to specify a list of domains for the DNS resolver to try. The DNS resolver will attempt each one of these suffixes, one at a time and in the order you specified in the text box. Any attempts are limited to the domains that you have listed in here.
You can also select the Register This Connection's Addresses In DNS check box which will cause the client itself to attempt to dynamically register the IP addresses via DNS with its full computer name as shown on the Computer Name tab of the System properties page.
The last available option to set from this property page is the Use This Connection's DNS Suffix In DNS Registration check box which uses DNS dynamic updates to register the IP addresses and the connection-specific domain name. The connection-specific name is the computer name, (the first label of the full computer name specified in the Computer Name tab), and the DNS suffix of this connection. If the Register This Connection's Addresses In DNS check box is selected, this registration enabled here is in addition to the DNS registration of the full computer name.
Windows XP Professional in Active Directory Environments
Active Directory Logical Architecture
Forests
The Windows 2000 Active Directory forest is the collection of one or more Microsoft Windows 2000 domains that share a common schema, configuration, and global catalog. You will find all different types of clients in this setup, everything from Windows 9x systems up to and through Windows XP Professional. You may even find Windows NT3.51, NT4 and 2000 member servers in a Windows 2000 Forest as well.
[NOTES FROM THE FIELD] - What you will not find unless its been hacked to do so is a Windows XP Home edition system as a member of a domain. This is not a supported configuration. Windows XP Professional is the only version of Windows XP that allows users to join and be managed by the domain. This is outlined in full detail here in the Windows XP in a Domain Environment article on the Microsoft web site.
The domain namespace of the domain trees in the forest is not always a contiguous namespace. If there is a single tree in the forest, it will have a common domain namespace. Since there can be more than one domain tree in a forest (it is not a requirement, but it is allowed) these different domain trees will have their own individual contiguous namespaces.
All of the domains in a domain tree and all of the trees in a single forest have the connectivity benefit of the two-way, transitive trust relationship, which is the default trust relationship between Windows 2000 domains. A two-way, transitive trust, by definition, is really the combination of a transitive trust and a two-way trust. This complete trust between all domains in an Active Directory domain hierarchy helps to form the forest as a single unit via its common schema, configuration, and global catalog.
The first Windows 2000 domain installed in the forest is considered to be the forest root domain.
[NOTES FROM THE FIELD] - Much of this information is an Exam Requirement for both the 70-217 AND the 70-219 exams. You need to have a high understanding of this material for the 70-270 exam.
Click here for image #1.
This image is a single Windows 2000 Forest with two domain trees. Zandri.net and Gunderville.com are both in the same forest, yet both of their domain namespaces have different name.
Trees
Domain trees within the Windows 2000 Active Directory forest are a set of Windows 2000 domains connected together via a two-way transitive trust, sharing a common schema, configuration, and global catalog.
In order to be considered a true Windows 2000 domain tree, the domains must form a contiguous hierarchical namespace with one domain being the domain root.
The first Windows 2000 domain installed in a tree is considered to be the root domain of that tree. It would only be considered the forest root domain if it was also the first domain in the forest.
[NOTES FROM THE FIELD] - In the above image we see that Zandri.net is linked "down" to Gunderville.com. This is usually designed to show that it is the forest root domain. When the domain tree Zandri.net was first installed it was installed as the root of the Zandri.net tree and the root of the Active Directory Forest. When Gunderville.com was first installed it was installed into an existing forest and as the root of its own domain tree. br>
In the above image, the Zandri.net tree has two child domains installed in its tree, Northamerica.Zandri.net and Southamerica.Zandri.net. Likewise, Gunderville.com has two child domains installed in its tree, Northamerica.Gunderville.com and Southamerica.Gunderville.com. This shows the contiguous hierarchical namespace within the domain trees.
Trust Relationships
All of the domains in a domain tree and all of the trees in a single forest have the connectivity benefit of the two-way, transitive trust relationship, which is the default trust relationship between Windows 2000 domains. A two-way, transitive trust by definition is really the combination of a transitive trust and a two-way trust. This complete trust between all domains in an Active Directory domain hierarchy helps to form the forest as a single unit via its common schema, configuration, and global catalog.
Transitive trusts are a relationship that extends from one domain to the next, to the next and so on. In the above example, Northamerica.Zandri.net indirectly trusts Southamerica.Zandri.net because the trust relationship travels from Northamerica.Zandri.net to Zandri.net to Southamerica.Zandri.net. Because Northamerica.Zandri.net to Zandri.net is a direct trust and Zandri.net to Southamerica.Zandri.net is a direct trust and all trusts in a Windows 2000 Active Directory are transitive by default, Northamerica.Zandri.net indirectly trusts Southamerica.Zandri.net.
This is also the same relationship of Northamerica.Zandri.net to Southamerica.Gunderville.com. Since they are all in the same forest and connected by a common schema, configuration, and global catalog and the fact that all Windows 2000 Active Directory are transitive by default, the following is true:
Since Northamerica.Zandri.net directly trusts Zandri.net and Zandri.net directly trusts Gunderville.com and Gunderville.com directly trusts Southamerica.Gunderville.com then Northamerica.Zandri.net indirectly trusts Southamerica.Gunderville.com.
A two-way trust can be simply looked at as two one way trusts between two domains. When Zandri.net trusts Northamerica.Zandri.net this is a one way trust. When Northamerica.Zandri.net trusts Zandri.net this is another one way trust. It is considered two way because each trust the other in the same reverse manner that they are trusted.
This would also be where Zandri.net trusts Gunderville.com and Gunderville.com trusts Zandri.net. Since these two domain trees are in the same forest, they each trust the other and all of their child domains. (two way and transitively.)
Again, all of the domains in a domain tree and all of the trees in a single forest have the connectivity benefit of the two-way, transitive trust relationships, which are the default trust relationships between Windows 2000 domains.
This IS NOT true of domains and domain trees OUTSIDE of the forest. (This is referred to as an External trust.)
For example, if Zandri.net were corroborating a project with 2000trainers.com, where users in the 2000trainers.com Windows 2000 domain needed access to resources within the Zandri.net Windows 2000 domain, the domain administrator for Zandri.net would have to manually set up a trust relationship with 2000trainers.com where Zandri.net trusted 2000trainers.com so that users in 2000trainers.com could gain access to the resources they needed. This would not give users in Zandri.net access to any resources in 2000trainers.com, as the manual setup of a one way trust does not automatically allow for the "reverse" one way trust, making 2000trainers.com trust the users of Zandri.net.
Also, the trust is in no way transitive. If there was situation where a trust was established from Zandri.net to 2000trainers.com and there was a child domain of 2000trainers.com called Forums.2000trainers.com, users of Forums.2000trainers.com do not gain access to any of the resources in Zandri.net, even though those resources might be included in the common schema, configuration, and global catalog of the 2000trainers.com Active Directory. The trust that exists is only between 2000trainers.com and Zandri.net alone and it has been set in this example only so that users in 2000trainers.com can access resources in the Zandri.net domain. If access to Zandri.net is required by users of the forums.2000trainers.com Windows 2000 domain, then another one way, external, non-transitive trust would need to be established.
External trusts can be created between different Windows 2000 forests or to a Windows NT domain (sometimes called a down-level domain) or a Kerberos version 5 realm.
You can combine two one-way trusts to create a two-way trust relationship, where 2000trainers.com trusts Zandri.net and Zandri.net trusts 2000trainers.com, however, even these are NOT TRANSITIVE, since they are from different Windows 2000 Active Directory forests.
[NOTES FROM THE FIELD] - Users of the 2000trianers domain would be able to access resources they had been give permission to in the Zandri.net domain, but this does not necessarily allow them access to the other domains in the forest such as Northamerica.Zandri.net, Southamerica.Zandri.net nor any of the Gunderville.com domain tree.
Understanding Compression and Encrypted File Systems
The Windows XP Professional operating system allows for both compression and encryption natively within the operating system by setting given attributes on the files and folders. Both of these functions are mutually exclusive of each other and only one or the other can be enacted on a particular file or directory at any given time.
[NOTES FROM THE FIELD] - What you can do is compress an entire directory and all of the files and folders within that directory and then go in and elect to encrypt select files which will remove the compression bit from those selections that will be come encrypted. A file or folder cannot be both encrypted and compressed at the same time under Windows 2000 or XP Professional natively by the operating system itself.
There is a Compressed Folders feature within Windows XP Professional which provides the ability to create compressed folders and view their contents much in the manner that many other programs such as PKZip and WinZip perform. This article deals with the operating system / attribute driven level of compression and not this particular utility.
It is important to note that compressed folders of this nature, created through the use of the Compressed Folders feature within Windows XP Professional, CAN be encrypted on NTFS partitions and CAN be compressed (only) on FAT16 and FAT32 partitions.
You can compress a folder by selecting the folder, right clicking it and choosing Properties. On the GENERAL tab of the properties page you would select the Advanced button in order to bring up the Advanced Attributes page, as shown below.
On the Advanced Attributes page you would go down to the Compress or Encrypt attributes section where you can choose one checkbox to compress the contents or the other to encrypt them.
[NOTES FROM THE FIELD] - Strangely enough, the options to target are check boxes, which normally denote the ability to choose more than one selection. (Radio buttons are normally used in a situation where only one option from a number of given ones can be selected.) Regardless of which, if you attempt to select both, you will find that your second choice in this section undoes your first selection.
I think the decision to program this property page in this way stems from the fact that you cannot unselect a radio button by clicking on it a second time as you can a checkbox. (This is just my thought on this. This is not backed up by any facts.) If you want to make a folder and the contents "normal" by neither encrypting them nor compressing them, you'd clear the checkboxes.
Once you elect to compress the folder by selecting that checkbox you would click OK and it would seem as if nothing has happened, and actually, nothing has. Until you click APPLY or OK to the main property sheet, you will not be given any further options for this operation.
At that time, the next options are available as shown below.
If you elect to apply changes to the folder only, only the folder itself will become compressed. What this means is that anything currently in the folder will keep it's current compression state. (In most cases this would mean that the files and other folders within that folder will remain uncompressed.) Anything added to that folder from that point forward will become compressed as it is copied to or moved to the folder.
[NOTES FROM THE FIELD] - Any encrypted file that is moved to or copied to that compressed folder will remain encrypted and will NOT become compressed and hence unencrypted. If the encrypted file that was moved to that folder is right clicked and has the encryption attribute removed it will NOT become compressed automatically.
The only way to compress that file is to individually right click it and choose to compress it or to MOVE it out of and then back into the folder. Simply copying it out to a temporary location and then back in with the OVERWRITE option will NOT cause it to become compressed even if changes were made to the copied out version.
This means that if an encrypted document is unencrypted in a compressed folder it will be in a normal state. If another copy of that document exists somewhere else on the system and it is in a compressed state and editing is performed on it and then saved and then that compressed and updated copy is copied over the older version, that older version will still be uncompressed in that folder that is supposed to compress all new files that are copied in. The updates to the text will be present, but the file will still be uncompressed.
This is because the attributes to the file are not carried over with the changes to the file itself.
This also works for the reverse, from not compressed to compressed.
If you elect to apply changes to the folder and all of the files and subfolders contained within the folder, they will all become compressed.
If you elect to remove compression from the folder itself and choose to make the attribute changes to the folder only, all the files in the folder that were compressed before will remain compressed as you move them around the local system.
When you effect changes to the folder and all of the files subfolders contained within, all of the files will be come uncompressed.
[NOTES FROM THE FIELD] - If there is a file within the folder that is to be uncompressed that is in an encrypted state, it will stay encrypted as the encrypted attribute of that file is not affected by the clearing of the compression attributes of the other files around it and the fold it's in.
You can select to view compressed and encrypted files in different colors so that you know the state of the file by quickly looking at it.
[NOTES FROM THE FIELD] - In the example above, the file denoted in blue lettering is compressed and the one in green lettering is encrypted. This can be set by going in to the Windows Explorer and choosing Tools and then Folder Options.
On the View tab of the pop up box is where you would select the Show encrypted of compressed NTFS files in color checkbox to enable this feature.
If you copy an attribute set compressed file to a FAT16 or a FAT32 partition or to a floppy disk, it will lose its compression attribute.
The overall rules for compression are as follows:
- Copying a file within the same NTFS volume causes the file to inherit the compression state of the target folder. When you copy a compressed file to an uncompressed folder, the file is automatically uncompressed.
- Moving a file or folder within the same NTFS volume causes the file or folder to retain its original compression state. When you move a compressed file to an uncompressed folder, the file remains compressed.
- Copying a file or folder from one NTFS volume to another causes the file or folder to inherit the compression state of the target folder. When you copy a compressed file from one NTFS volume to another, where the target folder is uncompressed, the file is automatically uncompressed.
- Moving a file or folder from one NTFS volume to another causes the file or folder to inherit the compression state of the target folder. Windows XP Professional treats a move (cut and paste) as a copy and a delete, the files inherit the compression state of the target folder.
- Moving or copying a file or folder to a FAT16 or FAT32 volume - Windows XP Professional supports attribute driven compression only on the NTFS file system, so when you move or copy a compressed NTFS file or folder to a FAT volume, (12, 16 or 32) Windows XP Professional will automatically uncompress the file or folder. If you need to maintain some level of compression in this scenario you can use the Compressed Folders feature within Windows XP Professional.
- Moving or copying a compressed file or folder to a floppy disk or other removable media - Windows XP Professional supports attribute driven compression only on the NTFS file system, so when you move or copy a compressed NTFS file or folder to most types of removable media, Windows XP Professional will automatically uncompress the file or folder because most forms of removable media do not support the NTFS file system. If you need to maintain some level of compression in this scenario you can use the Compressed Folders feature within Windows XP Professional.
You should also attempt to compress data that is not often modified, as there is some system overhead to uncompressing the files to open them for editing and then compressing them again. This also is the same for files that are moved or copied often. When a compressed file is copied, it is uncompressed, copied, and then compressed again as a new file (depending on its final destination as outlined above.)
[NOTES FROM THE FIELD] - What you can do is compress an entire directory and all of the files and folders within that directory and then go in and elect to encrypt select files which will remove the compression bit from those selections that will be come encrypted. A file or folder cannot be both encrypted and compressed at the same time under Windows 2000 or XP Professional natively by the operating system itself.
There is a Compressed Folders feature within Windows XP Professional which provides the ability to create compressed folders and view their contents much in the manner that many other programs such as PKZip and WinZip perform. This article deals with the operating system / attribute driven level of compression and not this particular utility.
It is important to note that compressed folders of this nature, created through the use of the Compressed Folders feature within Windows XP Professional, CAN be encrypted on NTFS partitions and CAN be compressed (only) on FAT16 and FAT32 partitions.
You can encrypt a folder by selecting the folder, right clicking it and choosing Properties.
On the GENERAL tab of the properties page you would select the Advanced button in order to bring up the Advanced Attributes page, as shown below.
On the Advanced Attributes page you would go down to the Compress or Encrypt attributes section where you can choose one checkbox to compress the contents or the other to encrypt them.
[NOTES FROM THE FIELD] - Strangely enough, the options to target are check boxes, which normally denote the ability to choose more than one selection. (Radio buttons are normally used in a situation where only one option from a number of given ones can be selected.) Regardless of which, if you attempt to select both, you will find that your second choice in this section undoes your first selection.
I think the decision to program this property page in this way stems from the fact that you cannot unselect a radio button by clicking on it a second time as you can a checkbox. (This is just my thought on this. This is not backed up by any facts.) If you want to make a folder and the contents "normal" by neither encrypting them nor compressing them, you'd clear the checkboxes.
Once you elect to encrypt the folder by selecting that checkbox you would click OK and it would seem as if nothing has happened, and actually, nothing has. Until you click APPLY or OK to the main property sheet, you will not be given any further options for this operation.
At that time, the next options are available as shown below.
If you elect to apply changes to the folder only, only the folder itself will become encrypted. What this means is that anything currently in the folder will keep its current state which is unencrypted. Anything added to that folder from that point forward will become encrypted as it is copied to or moved to the folder.
Once you hit OK you will see the progress of the encryption attribute being set on all the files and subfolders as you have selected.
[NOTES FROM THE FIELD] - Any encrypted file that is moved to or copied to a compressed folder will remain encrypted and will NOT become compressed and hence unencrypted.
If the encrypted file that was moved to that folder is right clicked and has the encryption attribute removed it will NOT become compressed automatically.
The only way to compress that file is to individually right click it and choose to compress it or to MOVE it out of and then back into the folder AFTER the encryption bit has been turned off for that file. Simply copying it out to a temporary location and then back in with the OVERWRITE option will NOT cause it to become compressed even if changes were made to the copied out version.
This means that if an encrypted document is unencrypted in a compressed folder it will be in a normal state, (not encrypted nor compressed). If another copy of that document exists somewhere else on the system and it is in a compressed state and editing is performed on that copy and then saved at that location of the hard drive and then that compressed and updated copy is copied over the older version, that older version will still be uncompressed in that folder that is supposed to compress all new files that are copied in. The updates to the text will be present, but the file will still be uncompressed.
This is because the attributes to the file are not carried over with the changes to the file itself.
This also works for the reverse, from not compressed to compressed.
If you elect to apply changes to the folder and all of the files and subfolders contained within the folder, they will all become encrypted.
If you elect to remove encryption from the folder itself and choose to make the attribute changes to the folder only, all the files in the folder that were encrypted before will remain encrypted and if you copy them within the partition those individual files will remain encrypted. All new files copied to or created in that folder will no longer have the encryption bit set.
When you effect changes to the folder and all of the files subfolders contained within, all of the files will become decrypted.
[NOTES FROM THE FIELD] - If there is a file within the folder that is to be uncompressed that is in an encrypted state, it will stay encrypted as the encrypted attribute of that file is not affected by the clearing of the compression attributes of the other files around it and the fold it's in.
You can select to view compressed and encrypted files in different colors so that you know the state of the file by quickly looking at it.
[NOTES FROM THE FIELD] - In the example above, the folders denoted in blue lettering are compressed and the ones in green lettering are encrypted. This can be set by going in to the Windows Explorer and choosing Tools and then Folder Options.
On the View tab of the pop up box is where you would select the Show encrypted of compressed NTFS files in color checkbox to enable this feature.
If you copy an attribute set encrypted file to a FAT16 or a FAT32 partition or to a floppy disk, it will lose its encryption attribute.
Strangely enough, when you perform this same action under Windows 2000 you will not receive this message. You will simply be able to perform your action without the warning.
The overall rules for encryption are as follows (and they are different than compression):
- When moving or copying a file within the same NTFS volume an encrypted file will not inherit the encryption state of the target folder when that folder is unencrypted. When you copy or move an encrypted file to an unencrypted folder, the file is still encrypted. If you have enabled a folder to encrypt files and you move or copy an unencrypted file to it, it will become encrypted at that point.
- When copying or moving a file or folder from one NTFS volume to another an encrypted file will not inherit the encryption state of the target folder when that folder is unencrypted. When you copy or move an encrypted file to an unencrypted folder, the file is still encrypted. If you have enabled a folder to encrypt files and you move or copy an unencrypted file to it, across partitions, it will become encrypted at that point.
- Moving or copying a file or folder to a FAT16 or FAT32 volume - Windows XP Professional supports attribute driven encryption only on the NTFS file system, so when you move or copy an encrypted NTFS file or folder to a FAT volume, (12, 16 or 32) the encryption attribute will be lost.
- Moving or copying a compressed file or folder to a floppy disk or other removable media - Windows XP Professional supports attribute driven encryption only on the NTFS file system, so when you move or copy an encrypted NTFS file or folder to most types of removable media, the encryption attribute will be lost because most forms of removable media do not support the NTFS file system.
The unencrypted folders are shown in black text.
If you have any questions, comments or even constructive criticism, please feel free to drop me a note.