Printing

* To manage printer permissions from remote client, use NT Explorer.

* An NT 4.0 client cannot use printer drivers used with NT 3.51x NT

servers. However an NT 4.0 print server can provide print drivers to NT

3.5x and 4.0 clients.

* To change the spooler location, use the Printer folder, select Server

Properties, Advanced, enter new path. Default path is

\Winnt\System32\Spool. You must restart the print server before the changes

will take effect. Default spooler location is c:\winnt \system32\spool\

* To redirect documents to a different print device on the same print

server, Printer, Properties, Ports, change the port to the new device.

* To redirect documents to a print device on a different print server, you

have to add a logical port for the other printer and provide the print

server name and share name.

* To reprint a document jammed in a printer, select Restart from the

document menu in the Printer folder.

* If jobs get stuck in the spooler (printer stalls), stop and restart the

spooler service through Control Panel\Services.

* To create individual spool files, create files under

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Printers

* Use the print jobs properties, (right click on print job and choose

properties) to change priority for that print job, reschedule that print

job, and notify user when print job is finished.

* Win95 and NT use Add Printer wizard to connect to shared printers.

Printer driver is automatically installed on client. NT machines checks the

driver each time the printer is connected and updates it. Win95 has to

manually update driver.

* Windows 3.1 and WFW use Print Manager to connect.

* For LAN Manager clients (MS-DOS or OS/2), use the net use command

net use lptx \\servername\sharename

* For NetWare with Monolithic IPX and VLM, use

capture queue_name

* For UNIX running TCP/IP,

lpr -Sservername -Psharename filename

* For Macintosh, use Chooser

NetWare clients - File and Print Services for NetWare has to be installed on

the client.

* HP JetDirect printers - need DLC installed, another protocol that is

mentioned is LPD.

* You cannot delete, create, or configure ports over the network. This must

be done at the local print server.

* To change print modes (PCL) use separator page

RAS

* RAS Encryption:

* Accept any authentication including clear text (PAP) - can use to connect

to non-NT server

* Clients running unknown or third party encryption - highest

* Accept only encrypted authentication (CHAP) - can use to connect to non-NT

Server - UNIX

* Accept only Microsoft encryption (MS-CHAP) - has option to require data

encryption

* Can connect to a RAS Server through PSTN, ISDN, X.25, PPTP, null modem

cables

* RAS supports SLIP - dial-out only and PPP (default) dial-in and dial-out.

PPP support encryption. IP and IPX routing, PPTP and MultiLink PPP.

* RAS connection security - Security tab of phonebook - outbound, Network

Protocol Configuration - inbound

* RAS Server - 256 connections, Workstation - 1

* AutoDial does not support NWLink connections (only TCP/IP and NetBEUI)

* If you are using TCP/IP via a slow RAS connection, place the LMHOSTS

(WINS) and HOST (DNS) file on the RAS Client. If the LMHOSTS entries have

the #PRE tag, the IP addresses will be cached.

* RAS related activities are recorded in MODEMLOG.TXT and DEVICE.LOG

* Enable device log through registry

* RAS supports NetBIOS, NetBEUI gateway, and Windows Sockets applications

* RAS permissions are assigned on a PER USER basis.

* RAS Administration - Network\Services\Remote Access Service\Network -

dial-in and dial-out protocols, encryption

* Dial-in and dial-out protocols: NetBEUI, NWLink, TCP/IP

TCP/IP

* DHCP - assigns IP address from pool

* WINS matches NetBIOS names to IP addresses - replaces LMHOST

* If the question says something about increases in broadcast traffic,

installing a WINS server is the answer

* DNS - resolve host names to IP addresses. Replaces HOSTS - static file

* TCP/IP must have: IP address, subnet mask, default gateway. If you are

installing it on a NON-ROUTED network, all you need is the IP address and

the subnet mask.

* Subnet mask - determines which part of an IP address is the host, and

which part is the network.

* RIP: You can use ROUTE PRINT command and look for listings in Metric

column that are > 2. This indicates RIP is working.

Domain changes:

* BDC to PDC - promote manually (Server Manager)

* PDC to BDC - manually promote a BDC, will automatically DEMOTE the

original PDC

* Member server to BDC or PDC - reinstall NT

* PDC or BDC to Member Server - reinstall NT

* Workstation to BDC or PDC - reinstall NT

* Workstation to Member Server - upgrade NT

* Moving BDC to another domain - reinstall NT

* Moving a Workstation or Member Server to another domain - no problem

* Only Workstations and NT Servers (PDC, BDC, and Member Servers) can be

PART of a domain, Win95, WFW etc can access the domain as clients.

NTBACKUP

* NTBACKUP only supports tape drives. The appropriate tape drive driver

must be installed.

* No built-in scheduler with NTBACKUP use batch file. (/b - back up local

registry). Use the AT command to schedule the batch file.

* You cannot back up a remote registry. Tape drive must be physically

attached to the machine where you want the registry backed up. The Log On

Locally right is needed to backup the registry.

* You can back up files, locally and remotely.

* All users can back up any files and folders they have Read permissions to.

To restore, they need to be part of Backup Operators, Server Operators, or

Administrators groups or have Restore Files and Directories user right.

* Incremental and normal backups mark the file as being backed up,

differential and copy do not.

* Incremental - less time to back up, more time to restore

* Differential - more time to back up, less time to restore.

* When using NTBACKUP, do not back up temp files. Do back up the registry

on all PDCs and BDCs, remember the tape drive must be physically attached to

back up the registry.

* Default log file is \Winnt\BACKUP.LOG

Miscellaneous

* Share Permissions: No Access, Read (RX), Change (RWXD), Full Control

* NTFS Permissions: No Access, List (RX), Add (WX), Add & Read (RWX) (RX),

Change (RWXD) (RWXD), Full Control

* Files and folders inherit parent's permissions

* Permissions for multiple group membership are cumulative (except for No

Access)

* When NTFS and Share permissions are used together, effective one is most

restrictive (i.e. Share permission is Full Control, NTFS permission is Read,

effective permission is Read)

* Moving files within same partition (directory to directory) - files retain

original permissions

* Moving files between partitions - files inherit permissions of

destination folder (acts as a copy and delete)

* Copying files within same or different partitions - files inherit

permissions of destination folder

* Moving or copying from NTFS to FAT - files lose permissions

* Moving or copying from FAT to NTFS - acts as a file create, files inherit

permissions of destination folder

* Disk Administrator - know Commit Changes Now on Partition menu -

Partitions and drives will NOT be created or changed until this command is

issued.

* Disk Administrator - Partition menu - Create, Create Extended, Delete,

Create Volume Set, Extend Volume Set, Create Stripe Set, Mark Active,

Configuration, Commit Changes Now

* Disk Administrator - Fault Tolerance menu - Establish Mirror, Break

Mirror, Create Stripe Set With Parity, Regenerate

* Built-in local groups are: Account Operators, Administrators, Backup

Operators, Server Operators, Print Operators, Guests, Users, Replicators.

The only built-in local groups with default members are the Administrators

(Administrator and Domain Admins), Guests (Domain Guests) and Users (Domain

Users). Workstations and Member Servers do not have Account Operators,

Print Operators or Server Operators groups. Workstation and Member Servers

have an additional group called Power Users

* Home directories are created using NT Explorer on the PDC. To make home

directory the same as the username use %username% in path.

* Default for system policies: PDC \Winnt\System32\Repl\Import\Scripts

(Also called NETLOGON) directory is also called NETLOGON). File is

NTCONFIG.POL

* User policies override system policies.

* When user is member of several groups with policies, group policies are

merged based on group priority.

* In case of a discrepancy between a user profile and a system policy, the

system policy overrides the profile.

* Profiles \Winnt\Profiles\username\Desktop

* Roaming profiles - server\Profiles - called NTUSER.DAT

* Mandatory profiles - rename roaming profile to NTUSER.MAN

* Creating Fault Tolerance Disks - Format under NT, copy NTLDR, NTDETECT and

BOOT.INI (+NTBOOTDD.SYS if needed) then edit ARC naming path both default

and operating system.

* NT has two registry editors, REGEDIT and REGEDT32. REGEDT32 has the most

menu items and you can search for keys and subkeys. Use REGEDIT when you

need to search for strings, values.

* If more than one frame type is being used, you must use the Manual Frame

Type Detection option and enter EACH of the NetWare client's internal

network numbers and frame types.

* If a primary partition is created after extended partitions, the

partitions are renumbered (all primaries are numbered, then extended).

* GSNW is installed on NT server, installs NWLink and CSNW automatically

* CSNW is installed on workstations only

* GSNW is a bridge between SMB and NCP

* NOTE: Each user that want to access the NetWare server must have his own

account in the NTGATEWAY group.

* Remember that there is no plug'n'play support in Windows NT 4.0.

* UPS devices are attached to a serial port (COM) , alerts don't happen -

check interface voltages

* Remember NT runs on different machines, make sure the machine in question

is an Intel platform before assuming DOS for diagnosis or troubleshooting

* Disk striping without parity can be done on NTFS or FAT, with parity NTFS

only.

* When implementing a stripe set with parity, there must be at least three

disks and no more than 32 disks. The disks do not have to be identical.

The disks can be on the SAME or different controllers.

* Striping with parity - good READ performance

* DHCP can give you - NetBIOS name, DNS and WINS server addresses, default

gateway

* Volume sets - can expand NTFS volume set, cannot expand FAT volume set,

cannot reduce

* Home directories - need UNC and share name

* Hardware profiles are created through Control Panel\System\Hardware

Profiles

* To allow workstations to logon to domain: using Server Manager - add

computer names of all domain workstations, using User Manager for Domains -

add user accounts to domain and associate user accounts computer names.

* Enable security logging in User Manager for Domains.

* To install a new tape backup drive and SCSI controller - install driver

for tape drive, install driver for SCSI, restart

* System partition must be a primary partition, boot partition can be on

primary or logical drive within an extended partition. If you add a new

primary, the drive letters for the logical drives will change and the

partition number will increase by one.

Server Manager Versus NT Explorer

There has been a lot of disagreement on when to use these two utilities, the

following is from the Microsoft NT Technical Support (Self-Paced Training

Guide) pp 560, 561

File Security tab added to NT Explorer - establish file and folder

permissions. Use the server tools to VIEW permissions over the network and

change them if required.

Print Security tab added to NT Explorer - Establish print permissions. Set

print permissions through the Properties dialog box accessed through the

Printers dialog box.

Server Manager - Manage shared folders and printers on computers running NT.

Use Server Manager to share folders, set permissions on shared folders, view

who is using shared resources, and disconnect users from shared resources.

The following was from Concepts and Planning (Technet CDROM)

Sharing directories

For the computer you are logged on to - NT Explorer

If the computer you are logged on to is a domain controller - NT Explorer

If you are logged on to a domain controller account remotely - Server

Manager

To change permissions on a share - local or remote - Server Manager

To stop sharing - NT Explorer or Server Manager

To connect to shares - Network Neighborhood (Explorer)

File Permissions

To control permissions of a FILE remotely - NT Explorer

Most of the questions I have seen go this way, if the question asks about

administering shared FOLDERS from a remote machine, the answer is Server

Manager. If the question has FILES with or without directories, the answer

is NT Explorer. This matches the answers from Transcender.

Peformance Monitor

Views - Chart, Alert, Report, Log (I remember the name Carl to keep it

straight)

To use data later, use log.

Alerts - Performance Monitor/Options/Alerts

Paging file:

* Default size for server - amount of physical RAM

* Default size for workstation - amount of physical RAM plus 12MB

* To configure page file - Control Panel/System/Performance/Change

button/Virtual Memory - remember to hit Set, and that changes only take

effect after reboot.

* For better performance - move page file off of the boot disk, create a

paging file for each disk

* If page file increases beyond initial size, applications will take longer

to start and the disk containing the page file will fragment.

* Do not place page file on stripe disk with parity

* To determine excessive paging on NT 4.0 computer:

* Monitor Memory: Pages/Sec and Physical:Avg. Disk Sec/Transfer

Paging file size - monitor Paging File: %Usage and Paging File:Usage Peak

Processor Activity - monitor % Processor Time, System: Processor Queue

Length

Alerts - can only send to one user, group, or machine

Optimizing NT Server

Network\Services\Server\Properties

Min Memory used - Best for under 10 users

Balanced - Best for 10-64 users

Maximize Throughput for File Sharing - (default) Used to support 64 or more

users. Also used for Access database

Maximize Throughput for Network Applications: SQL

Troubleshooting

* ERD

* Cannot boot from ERD

* ERD is created using RDISK

* To use ERD, boot with NT startup disks

* To make set of startup disks AFTER installation, run WINNT32/OX

* ERD can verify the NT system files, inspect the system start-up

environment and inspect the boot sector.

* If the /s switch is used with RDISK, then the ERD program will backup user

accounts and file security.

* Set up dump files from System\Properties\Shutdown

* To exam contents of memory dump files, use DUMPEXAM.