A4_Xay Dung Va Quan Tri Moi Truong Mang Doanh Nghiep 5-8 (25!10!07)

8/6/2019 A4_Xay Dung Va Quan Tri Moi Truong Mang Doanh Nghiep 5-8 (25!10!07)

1/161

Qun tr v xy dng mi trng mng doanh nghip

- 1 -

XY DNG V QUN TR MI TRNG MNG DOANH NGHIP

BI 1: XY DNG WINDOWS SERVER 2003 ACTIVE DIRECTORY ........ 2

BI 2: QUN TR TI KHON NGI DNG, MY TNH V NHM ..... 30

BI 3: QUN TR TRUY XUT TI NGUYN FILE ............................................ 56

BI 4: QUN TR TRUY XUT TI NGUYN PRINTER.................................. 74

BI 5: QUN TR MI TRNG MNG GROUP POLICY .............................. 82

BI 6: GIM ST HOT NG MY CH ........................................................... 100

BI 7: QUN TR LU TRV BO MT DLIU ....................................... 120

BI 8: QUN TR SC H THNG MY CH................................................ 153


2/161


- 2 -

BI 1: XY DNG WINDOWS SERVER 2003 ACTIVE DIRECTORY

Mc tiu:

Gii thch Forest, Tree, Domain, OU Xy dng DC Hiu bit cc lp cha ca ADUC Giai nhp Client vo Domain X l cc s c DC, logon

1.1.Xy dng Windows Server 2003/2008 Domain Controller (DC)

Hiu hnh Windows thng dng c chia lm 2 dng: dng s dng cho mc ch c nhn v cho hthng mng. Hiu hnh Windws s dng cho h thng mng c gi l hiu hnh mng v c

nhiu im khc bit so vi phin bn s dng cho mc ch c nhn nht l kh nng phc v cho nhiungi, nhiu my tnh c khi ln ti con s hng trm hoc hng ngn ng thi gia tng nhng tnh nngbo mt d liu, cng nh bo v s ring t ca c nhn.

Phin bn Windows 2003 Server c nhng c im ni bt so vi phin bn Windows trc Windows 2000 Server l: khi ng nhanh hn, hot ng n nh hn, d qun l hn Phin

bn Windows Server 2003 c chia lm nhiu loi ph hp vi tng i tng s dng:

Windows 2003 Server Standard:phin bn ny c hu ht nhng tnh nng cn thit cho mtServer thng thng. phin bn ny, Windows 2003 h tr 4 CPU (4-way symmetricmultiprocessing (SMP) support processor) v c th nng RAM ti a ln 4 GB. Phin bn ny

bao gm: .NET Framework, IIS 6, Active Directory..

Windows 2003 Web Edition: phin bn ny h trti a RAM 2GB v 2 CPU, ng thi cnggii hn nhng tnh nng nh chia s file, khng c Active Directory, v ch c th l thnh vinca Domain tuy nhin phin bn ny c ti u c bit h trnhng ng dng Web.

Windows 2003 Enterprise: phin bn ny h trRAM ln n 64GB v 8 CPU, y l phinbn dnh cho cc doanh nghip ln nn c thm nhng tnh nng h trc bit cho vic qunl.

Phin bn Windows 2003 DataCenter: phin bn ny cng ging nh phin bn Enterprise vthng c s dng trong cc phng Server phc v cho vic lu tr d liu chuyn bit.

Ngoi nhng phin bn trn cn c nhng phin bn khc nhWindows 2003: Small BusinessServerc ti u cho cc doanh nghip va v nh.

Trong chng trnh hc, chng ta s dng phin bn Windows 2003 Server Enterprise v phin bnny h trrt nhiu cc tnh nng ca Windows 2003 v ang c s dng rng ri Vit Nam.

Phin bn Windows Server 2008: Microsoft vn c n mt mc lch s trng i khcvi RC0 Release Candidate u tin ca hiu hnh Windows Server 2008 hin c cung cp trnmng cho khch hng. Giy cc khch hng v i tc c th ti chng v t kim tra phin bn minht ca Windows Server 2008.

c ng gi vi nhiu tnh nng mi, Windows Server 2008 mang n cho khch hng mt nn tngWindows c kh nng tin cy v linh hot nht t trc ti nay. Nhng nng cao v mt k thut nhmy ch v kh nng o ha, Internet Information Services (IIS) 7.0, Server Core, PowerShell, NetworkAccess Protection, Server Manager, cc cng ngh ni mng v clustering nng cao cho php khch hngc c mt nn tng bo mt nng cao, d dng trong qun l. Tt c nhng ci thin trong cc tnh

nng mang n cho khch hng mt gii php Windows tch hp nht cn c. V d, vi IIS 7.0, nn tngca Microsoft cho vic pht trin v cu hnh cc ng dng v dch v Web, ang cho thy mt tim lckhch hng ln, vi hn 13 cng ty lm vic v hosting tin c IIS 7.0 v hn 1.200 khch hng trin khai thng quan ng k GoLive.


3/161


- 3 -

Tt c cc t chc CNTT vi nhiu quy m khc nhau snh gi kh nng m rng ca so haWindows Server, gm c ba x l khch, cp pht b nhln (hn 32 GB trn mt my) v s h trchuyn i o c tch hp cho php cc t chc CNTT c tho ha hu ht cc lung cng vic. Kintrc 64-bit, v my o nhn siu nh ca Windows Server 2008 h trcho mt lot cc thit b, c 32 v64 bit, ba x l khch v mt lot cc gii php lu tr gm iSCSI v fiber channel SAN. So haWindows Servera ra giao din WMI da trn cc chun v API xut bn cho vic qun l tch

hp hon ton vi giao din qun l Windows Server vi cc nhu cu cn thit ca khch hng.So snh cc phin bn

Microsoft Windows Server 2008 gip cc chuyn gia CNTT tng c kh nng linh hot ca cshtng my ch, mang n cho cc chuyn gia pht trin phn mm mt nn tng ng dng v Web mnhm trong vic xy dng ng dng v dch v nt ni. Cc cng c qun l mi mnh m v nng cao v

bo mt cho php c nhiu kim sot hn i vi cc my ch, mng v cung cp s bo v nng cao chocc ng dng v d liu.

Windows Server 2008 Standard Edition: Phin bn ny cung cp chc nng my ch chnhvi hu ht cc vai tr v tnh nng my ch. N gm c ty chn y v ty chn ci tServer Core.

Windows Server 2008 Enterprise Edition: Phin bn ny xy dng trn Windows Server 2008Standard Edition cung cp kh nng m rng v kh nng sn c tt hn, b sung thm cccng ngh doanh nghip nh vic tng chuyn i d phng clustering v Active DirectoryFederation Services.

Windows Server 2008 Datacenter Edition: Phin bn ny cung cp chc nng tng t nhWindows Server 2008 Enterprise Edition cng vi s h trcho cc b vi x l, b nhb sungv quyn s dng nh o v tn.

Windows Web Server 2008: Phin bn ny c thit kc bit cho s dng nh mt my chng dng v Web. Cc vai tr my ch khc khng c trong phin bn ny.

Windows Server 2008 for Itanium-based Systems: Phin bn ny c thit k s dng vi bvi x l 64 bit cung cp chc nng my chng dng v Web trn nn tng . Cc vai trmy ch khc cc tnh nng c th khng c trong phin bn ny.

Domain NameL tn min (vng, khu vc, lnh vc) ca mt quc gia, lnh th... Trong lnh vc my tnh th Domain

Name l mt min qun l cao cp v phn cp ca mt t chc hay mt phng ban. Ngi ta dng tnmin qun l cc nhm my tnh v a ra cc chnh sch an ninh, bo mt cho h thng. Ngoi ra tnmin cn c bit n vic phn chia logic gia cc mng ln thnh cc mng con d dng qun lv phn chia ti nguyn hp l v tin li.V d: microsoft.com, yahoo.com, icare.com.vn, ispace.edu.vn... nhng tn min ny c gi tr xc thctrn internet v c cp bi cc i l cung cp tn min. Chng c qun l bi t chc qun l vcung cp tn min ICANN (Internet Comporation for Assigned Names and Numbers).

Lu : Trong qun tr mng LAN nh gio trnh ny th Domain c coi l tn min qun l cc nhmmy, cc ngi dng, cc ti nguyn cc b. Tn min ny ch c gi tr trong h thng cc b ny mkhng h c gi tr trn Internet (ton cu) v tn min ny cha c cng nhn.


4/161


- 4 -

Domain ControllerTrong qun l Windows NT th vic iu khin, xc l p v qun l tn min c gi l DomainController v thng c vit tt l DC (Biu khin tn min). DC s c nhim v tr li nhng yucu v bo mt, quyn truy cp, kim tra hp php... ca cc kt ni my con hay tnh hp php cangi s dng cc dch v domain.Mi tn min c mt trnh iu khin PDC (Primary Doman Controler Biu khin tn min chnh)v c mt hay nhiu BDC (Backup Domain Controller Biu khin tn min d phng), cha cccsd liu ca ti khon v thng tin ca cc ti khon . Vic sao chp, backup l hon ton tnggia cc DC vi nhau.

Trong h thng mng ln, ngi dng ca tn min ny lun c nhu cu truy cp thng tin ca cc tnmin khc do ngi qun tr phi tht lp quan hy thc chng cho (trust relationship). Tuy nhin,trong h thng doanh nghip ch c mt tn min th iu ny khng cn thit.


5/161


6/161


- 6 -

Windows 2003 Server c bootable.s 2003 Enterprise Edition ci t.

e.com.vn.

ce.com.vn.

Sau tin hnh ci t Windows 2003.Mainboard

Theo gio trnh ny, chng ta dng Window

Qui c t ci t v t tn:Server name:svr1.

l: ispacDomain Controller

IP Server l: 192.168.1.1.

> antb@ispat user l: An Tran Bao -khi chun b cc bc trn y . By gichng ta

Bc 1: Vo BIOS chn Controller boot u tin l CDROM. (Nn tm hiu ti liu cabit cch thit lp BIOS).Bc 2: t CD Windows 2003 bootable vo cho ti lc my hin ra thng bo Press any key to bootfrom CD th chng ta bm mt phm bt k my tnh khi ng v ci t t CDROM chaWindows 2003.

Hnh 1.1: Thng bo Boot CD

Bc 3: lc ny mn hnh ci t Win hnh tr ng thi lu tr nh RAIDdows s hin ra. Nu mun cuth nhn F6(iu ny s ni r trong phn Ci t Windows 2003 Server vi RAID pha sau).

Hnh 1.2: Wi dows Setup

Bc 4: Windows setup tip tc ci t hin ra mn hnh Welcome to setup.

n

mt s file c thit ti lcnV l ci t Windows nn tip tc nhnEnter ci t.


7/161


- 7 -

Hnh 1.3: Welcome to Setup

Bc 5: sau khi kim tra dung lng ca HDD, Windows setup s hin ra bng Windows Licensingni v Windows 2003 cng nh tnh php l ca Windows. Tip tc nhn F8 chp nhn License.

Hnh 1.4 Tho thun v bn quyn

Bc 6: Sau khi nhn F8. Windows setup tip tc ti phn chn khong trng ca cng copy vinstall Windows.


8/161


- 8 -

Hnh 1.5: Chn Partition ci t Windows

Bc 7: Trong hnh trn, dung lng ca h thng ci t Windows ch c 8GB. Nu mun chia nhdung lng ci t th nhn C=Create Partition. Trong bi ny, chng ta chn ht dung lng ci tnn nhn Enter. Sau khi chn ci t th Windows setup s hi l nn ci h thng Win trn FileSystem no? C 2 la chn chnh l: FAT, NTFS. V h thng NTFS c nhiu u im hn nh kh nngchu li, qun l nhiu HDD vi dung lng h trln nn khuyn co nn chn kiu Format ny.

Hnh 1.6: Cc ty chn nh dng Partition

Bc 8: Sau khi chn format kiu NTFS. Windows setup tip tc format v copy d liu cn thit vo cng.


9/161


- 9 -

Hnh 1.7: Qu trnh copy file

Bc 9: Vic copy file c thc hin ti lc kt thc v my s tng restart li.Lu : khi khi ng li. ti mn hnh boot CD my tnh s hin ra thng bo Press any key to boot

from CD th chng ta b qua, khng nhn phm no c.Bc 10: khi khi ng li my s tip tc ci t thm cc thng s ca ngi qun tr trn giao dingraphic.

Hnh 1.8: Tin trnh ci t Windows


10/161


- 10 -

Bc 11: Windows Setup s Install v Preparing cc file setup h thng ha cc file. Ti lc WindowsSetup s cho ngi qun tr bit v khu vc v ngn ng la chn Regional And Language Options

page

Lu : chng ta c th chnh sa thng s ny sau khi ci t xong Windows bng cch la chnRegional And Language Options trong Control Panel

Hnh 1.9: La chn ngn ng v khu vc

Bc 12: Windows Setup tip tc ti phn thng tin c nhn hoc t chc (Personalize Your Software).Chng ta in tn ngi qun tr v t chc hoc cng ty m chng ta ci t.

Hnh 1.10: Nhp tn v t chc


11/161


- 11 -

Bc 13: Setup tip tc hin ra bng Your Product Key chng ta in m sn phm vo. M snphm ny cn gi l CDKEY thng c ghi trn b mt ca CD.

Hnh 1.11: Nhp s CD Key

Bc 14: Setup tip tc hin th ti Licensing Modes (kiu cp php bn quyn).

y Windows 2003 s cho chng ta s la chn kiu licence l: bn Windows ny ci t vi kiuServer v c 5 kt ni mt lc, hoc kiu Device l c bao nhiu Processor hay bao nhiu Server ni vinhau.

Chng ta chn Per Server, Number of Concurrent Connection l 5 qua bc k tip.

Hnh 1.12: La chn bn quyn


12/161


- 12 -

Bc 15: Mn hnh Setup s tip tc hin ra phn computer name and administrator password ngi qun trin vo thng s Server name, password bo v.

Hnh 1.13: Nhp tn my tnh v Password cho user Administrator

Bc 16: K tip chng ta chn mi giv gigic cho ng vi khu vc.Lu : Mi giVit Nam l GMT+7. Vic thay i giv ngy cng c th vo Control Panel sau khici t hon tt Windows.

Hnh 1.14: Ci t ngy, gicho h thng


13/161


- 13 -

Bc 17: K tip setup s hin ra trang Networking setting chn Typical settings v nhn Next.

Hnh 1.15: La chn kt ni mngBc 18: Setup s hin ra cho trang mi trng lm vic Workroup and Computer Domain.

y c 2 s la chn: Workgroup l computer ny khng thuc mi trng qun l Domain (tnmin); v Member of Domain l chu s qun l phn cp t mt Domain khc.V chng ta ang to mt my ch nn cn chn Workgroup xy dng mt my ch c Domain qun l.

Hnh 1.16: La chn Workgroup hay Domain


14/161


- 14 -

Bc 19: Phn cu hnh setup Windows kt thc. Chng ta chh thng cp nht cc file ci t choti ht v tng khi ng li my.Lu : khi my khi ng li th chng nn ly CDROM ra khi khay CDROM hoc vo BIOS thitlp li BIOS cho boot bng HDD.Bc 20: Sau khi ci t hon tt v reboot. Mn hnh welcome to Windows s xut hin vi cc t hp

phm Ctrl+Alt+Delete. Chng ta nhn cc t h p phm trnng nh p vo h thng vi user:

administrator v password m chng ta to t bc 15.

Hnh 1.17: Mn hnh logon

Bc 21: Cui cng chng ta ci t hon tt Windows 2003. Phn cn li l chng ta ci t ccdriver cho cc thit b m Windows cha c p nht Driver (xem hng dn trn cc ti liu km theomainboard v thit b km theo).

Hinh 1.18: Xem thuc tnh h thng


15/161


- 15 -

Kt lun: qua phn trn chng ta c th hiu v setup mt Windows 2003 Server tng bc theo cangi qun tr. Nu chng ta mua Windows chnh hng t nh phn phi ca Microsoft th trong vng 30ngy sau khi ci t buc phi kch hot (activation) sn phm, nu khng h thng s mt quyn ngnhp.

1.1.2. Cit RAID trn Windows 2003.Vic cu hnh RAID phn cng xong by gici t Windows c RAID. Ci t Windows c RAIDcng tng t nh ci Windows khng c RAID, tuy nhin bc 3 trn chng ta phi nhn F6 cit RAID (lu phn ny hin th rt nhanh trong lc ci t v nhn kp thi).

Hnh 1.25: Ci t Windows trn a RAID

Vic ci t RAID sau khi nhn F6phi i hi c a Mm (FDD) cha thng s card RAID. (xemhng dn ca km theo ca Mainboard hoc Card RAID hay tm hiu trn website ca thit b RAID).

Nu Windows khng t tm c trnh iu khin RAID th Windows setup s hin ra thng bo sau:

Hnh 1.26: Windows khng tm c drivera cng RAID


16/161


- 16 -

Lc ny chng ta a FDD cha trnh iu khin RAID vo FDD controller. V nhn S. Th Windowss cho thy trnh iu khin RAID c trn FDD:

Hnh 1.27: Ci t driver cho a cng RAID

Trong v d ny chng ta chn Intel (R) 82801GR/GH SATA RAID Controller (Desktop ICH7R/DH).Sau khi chn trnh iu khin nh trn mn hnh s xut hin nh sau:

Hnh 1.28: Driver RAID c ci t

Lc ny Windows s nhn ra c h thng RAID m chng cu hnh t phn cng. V dung lngt c nh hnh sau l dung lng Logic m sau khi kt hp t phn cng v RAID trn:


17/161


- 17 -

Hnh 1.29: La chn partition ci t windows

Qu trnh ci t din ra bnh thng nh ci t khng c RAID cho ti lc kt thc phn Windowssetup.

Kt lun: qua phn trn chng ta hiu r qu trnh ci t Windows c h tr tnh nng RAID. Tuynhin vn ci t RAID c th khc khi chng ta s dng h thng my ch ca cc hng sn xutmy ch ln nh IBM, HP, Dell... th trong packet km theo my ch s c CD cu hnh m thng gil smartstart CD. Qu trnh ci t Windows bt u t CD ny cho ti lc h thng yu cu a CDWindows 2003 vo, h thng s copy file t CD Windows 2003 v cho ti lc hon tt vic ci tWindows 2003.

1.1.3. Nng cp Server thnh Domain Controller.Trc y khi s dng Windows NT4 th khi setup Windows l chng ta thit lp Domain ngay tronglc ci t. Nhng t Windows 2000 Server trv sau khng cn ci t Domain trong lc ci, m chngta phi nng cp Windows Server thnh Domain Controller. Nhng l do sau y khng cn nng cp:

Ngn sch dnh cho h thng thp. Ph hp vi phng Internet, games hoc cng ty nh. H thng mng khng i hi tnh bo mt cao. Nhng phn mm c th hot ng c trn cch ca Windows Server. ...

V vy khi s dng h thng c mc nh ln v c tnh bo mt th chng ta nng cp Server thnhdomain controller qun l v phn cp.

Cit Domain Controller.Trc khi ci t Domain Controller chng ta phi chun b mt s dch v cn thit cho cng vic cuhnh:

DNS (Domain Name System), DHCP (Dynamic Configuration Protocols): D ch v phn gii tnmin v dch v cp pht IP ng.

Start -> Control Panel -> Add/Remove Programs. Click Add/Remove Windows Component, chnmc Networking Services sau Click Details.... Chn DNS, DHCP.


18/161


- 18 -

Sau khi chun b cc dch v trn. Chng ta tin hnh nng cp Server thnh Domain Controller.Bc 1: Vo Start > Programs -> Administrative Tools -> Manager

Bc 2: Mn hnh s hin ra. Chn Add or Remove A Role. Mn hnh Configure Your Server Wizard,click Next


19/161


- 19 -

Bc 3: Trong Server Role chn Domain Controller (Active Directory), click Next

Bc 4: Windows s tp hp nhng iu kin cn thit chun b cho vic Active Directory. Sau mn hnh Active Directory Installation Wizard hin ra, click Next.


20/161


- 20 -

Bc 5: Mn hnh Installation Wizard s hin ra bng Domain Controller Type:

Domain Controller For a new Domain: Chn mc ny s to mi Domain. Domain ny c th lDomain mi hon ton hoc l Domain con mi (Child Domain)Additional domain Controller for existing domain: mc ny s to mt Backup Domain Controller,mt Domain d c nhiu BDC ty thuc vo mc ch ca ngi qun tr.


21/161


- 21 -

Bc 6: to new Domain, chng ta chn Domain Controller for a new Domain to Domain:ispace.com.vn

Bc 7: in tn min: ispace.com.vn vo mc Full DNS name for new Domain:


22/161


- 22 -

Bc 8: i mt vi giy, Windows s cho chng ta bit NetBIOS domain name l ispace.

Bc 9: Qu trnh ci t tip tc cho ti khi chng ta gp bng thng bo DNS RegistrationDiagnostics ngha l Domain ny khng tm thy c DNS do nh cung cp dch v cp hoc t mtmy ch khc cp. V chng ta ang to tn min mi v cung cp DNS cho cc my khc cc mykhc tr vo chnh my ch SVR1 ny. Do Windows s hi chng ta c ci t lun DNS trong lcny hay khng?.


23/161


- 23 -

Bc 10: Chn Install and Configure the DNS... th Windows s hi v s tng thch cc permissiongia Windows 2000 trv sau hay l tng thch vi nhng phin bn trc Windows 2000.


24/161


- 24 -

Bc 11: Trong gio trnh ny chng ta chn Permission nh hnh trn ngha l tng thch t Windows2000 trv sau. Windows s cho chng ta nhp password phc hi password ny c tc dng l khichng ta gb hoc phc hi AD th phi s dng password ny.

Bc 12: Qu trnh khai bo nhng iu cn thit cho vic nng c p AD nh Domain, DNS, restorepassword... kt thc. Lc ny Windows s xy dng (build) Active Directory.

Bc 13: Sau khi Build xong h thng s yu cu Restart Windows li vic cu hnh hon thnh.


25/161


- 25 -

Nh vy chng ta hon tt vic xy dng mt Domain controller vi domain l: ispace.com.vn.Lu : vic xy dng Domain controller phi c mt siu kin cn nh sau:

My ch ci AD phi ci IP tnh.My ch phi c ni vo Hub/switch.Tn min khng c qu di, r rng, v din t c ngha ca cng ty hay doanh nghip...

Ngoi ra chng ta cng c th ci t Domain Controller bng cch vo Start -> Run g vo dngdcpromo, click OK mn hnh s hin ra nhbc 4, v qu trnh xy dng Domain Controller din ra

bnh thng cho ti lc kt thc.

1.2. Gia nhp Client vo Domain (Join vo Domain)Chng ta dng ln mt Server v xy dng Server ny thnh Domain Controller. By gichng ta scho php my con (client) truy cp vo my ch.

Click chut phi vo My Network Places trn Windows XP. Chn Properties.


26/161


- 26 -

Chn Properties ca Local area Connection

Chn Internet Protocol (TCP/IP), sau click vo Properties.

in vo IP trng vi lp mng ca my ch:o IP address: 192.168.1.2o Subnet mark: 255.255.255.0o Preferred DNS Server: 192.168.1.1


27/161


- 27 -

Nhng phn trn chng ta c th khng thit lp khi tm hiu v cp pht IP ng DHCP.Sau khi t IP cho Windows XP. By githit lp Windows XP gia nhp (join) vo Domain.

Chn Properties ca My Computer trn Windows XP. Chn tab Computer Name. ClickChange...


28/161


- 28 -

G tn domain ispace.com.vn vo mc Domain. Click OK

in user name v password ca administrator vo mc permission.(B sung hnh sau)

1.3. Xl sc

1.4.Bi tp tnh hung

Tm tt:

Cc phin bn ca Windows Server 2003: Windows 2003 Server Standard: phin bn ny c hu ht nhng tnh nng cn thit cho mt

Server thng thng.

Windows 2003 Web Edition: phin bn ny h trch yu cho nhng ng dng Web. Windows 2003 Enterprise: l phin bn dnh cho cc doanh nghip ln nn c thm nhng

tnh nng h trc bit cho vic qun l.

Windows 2003 DataCenter: phin bn ny cng ging nh phin bn Enterprise v thngc s dng trong cc phng Server phc v cho vic lu tr d liu chuyn bit.

Windows 2003: Small Business Serverc ti u cho cc doanh nghip va v nh.


29/161


- 29 -

Cc phin bn ca Windows Server 2008: Windows Server 2008 Standard Edition: Phin bn ny cung cp chc nng my ch chnh

vi hu ht cc vai tr v tnh nng my ch. N gm c ty chn y v ty chn ci tServer Core.

Windows Server 2008 Enterprise Edition: Phin bn ny xy dng trn Windows Server2008 Standard Edition cung cp kh nng m rng v kh nng sn c tt hn, b sungthm cc cng ngh doanh nghi p nh vic t ng chuyn i d phng clustering vActive Directory Federation Services.

Windows Server 2008 Datacenter Edition: Phin bn ny cung cp chc nng tng t nhWindows Server 2008 Enterprise Edition cng vi s h trcho cc b vi x l, b nhbsung v quyn s dng nh o v tn.

Windows Web Server 2008: Phin bn ny c thit kc bit cho s dng nh mt mychng dng v Web. Cc vai tr my ch khc khng c trong phin bn ny.

Windows Server 2008 for Itanium-based Systems: Phin bn ny c thit k s dng vib vi x l 64 bit cung cp chc nng my chng dng v Web trn nn tng . Cc

vai tr my ch khc cc tnh nng c th khng c trong phin bn ny. Domain Controller: lu tr cc th mc d liu v qun l vic giao tip gia cc user v cc

domain, bao gm cc qu trnh user log on, kim tra quyn v tm kim ti nguyn. Khi bn cit AD trn mt my tnh chy Windows Server 2003 , n trthnh mt Domain Controller.

Active Directory (AD): dng lu tr d liu ca Domain nh cc i tng User, Group,OUs... theo kiu cung cp dch v (Directory Service) tm kim, kim sot... cho php user truycp ti nguyn mt cch an ton v nhanh chng.

OU (Organization Units): l mt loi i tng c bit ca Active Directory c cha trongdomain, cc OU rt hu ch bi v bn c th s dng chng t chc hng trm ngn itng trong th mc thnh mt khi c th qun l.


30/161


- 30 -

BI 2: QUN TR TI KHON NGI DNG, MY TNH V NHM

Mc tiu:

Hiu bit User, Group, Computer Qun tr User, Group Gii thch cc loi Profile X l cc s c v User rights

2.1.Gii thiu ti khon

User Account: l ti khon ngi dng. Khi ci t AD s c mt s userc to ra mc nh(Buildin) nh Administrator l quyn qun tr cao nht cho ton h thng. User ny khng thgbc. Ngoi ra nhn vin s dng my tnh trong h thng c th s dng ti nguyn vng nhp vo h thng th ngi qun tr khi to user v phn quyn s dng.

Computer Account: Mi my tnh chy Microsoft Windows NT, Windows 2000, Windows XPhay Windows Server 2003 tham gia vo mt domain u c mt computer account. Tng tnh user account, cc computer account cung cp ngha thm nh quyn v chnh sa quyntruy xut vo mng v cc ti nguyn domain.

Group: l tp hp mt s user c nhng c tnh chung nh truy cp chung mt th mc no ,hay phn nhm theo phng ban...

L ngi qun tr, chng ta phi cung cp cho cc ngi dng trong t chc kh nng tip cn c ccti nguyn mng m h cn. Ti khon ngi dng cho php ngi dng ng nhp v truy cp cc tinguyn cc b hoc domain. Trong bi ny, chng ta s hc cch to cc ti khon ngi dng cc b vdomain, t cc thuc tnh cho chng.

Gii thiu ti khon ngi dng

Ti khon ngi dng l mt tp hp quyn hn duy nht cho mt ngi dng cho php ngi dng ngnhp vo domain truy cp ti nguyn mng hoc ng nhp vo mt my tnh c th truy cp tinguyn trn my . Nhng ngi s dng mng thng xuyn nn c mt ti khon ngi dng.

Bng sau m t cc kiu ti khon ngi dng c Microsoft Windows 2003 cung cp.

Kiu tikhon M t

Ti khonngi dngcc b

Cho php ngi dng ng nhp vo mt my tnh c th v truyc p ti nguyn trn my . Ngi dng c th truy c p tinguyn trn my khc nu h c ti khon ring trn my . Ccti khon ngi dng ny nm trong Security Accounts Manager(SAM) ca my.


31/161


- 31 -

Ti khonngi dngdomain

Cho php ngi dng ng nh p vo domain truy c p tinguyn mng. Ngi dng c th truy cp ti nguyn mng t btk my tnh no trn mng bng mt ti khon ngi dng vmt mt khu. Cc ti khon ngi dng ny nm trong dch vdanh b Active Directory.

Ti khonngi dngdng sn(built-in)

Cho php ngi dng thc hin cc tc v qun tr hay tm thitruy cp n cc ti nguyn mng. C hai ti khon ngi dngdng sn khng th xa c: Administrator v Guest. Cc tikhon Administrator v Guest cc b nm trong SAM, cc tikhon Administrator v Guest ca domain nm trong ActiveDirectory.

Cc ti khon ngi dng dng sn c to tng trong qutrnh ci t Windows 2003 v Active Directory.

2.2. Qun tr User

To users.Sau khi cu hnh DC xong, chng ta phi to user cc user ny ng nhp vo h thng mng v sdng ti nguyn trn my ch nh lu tr d liu, chng trnh k ton, my in... lc ny ngi qun trcn phi bit cc ngi dng s dng vo mc ch g? Mc nh th no...Do vic to user phi cmt tnh chuyn nghip v d qun l.u tin chng ta vo Start programs administrative toos Active directory Users andComputers.

Trong phn user chng ta c th to bng cch:

Hnh : Active directory Users and Computers

Cch 1: Vo Actionnewuser.


32/161


- 32 -

Hnh : New User

Cch 2: Chng ta c th thc hin bng cch click chut phi trn Usersnewuser.Mn hnh To user s hin ra, chng ta nhp h tn, user name... vo

Hnh : Nhp thng tin User

Sau khi in y thng tin chng ta ti phn nhp mt m (password) cho user:


33/161


- 33 -

Hnh : Nhp Password v cc ty chn cho user

Trong phn Password:

Password Nhp password theo qun trConfirm password: Nhp li password trnUser must change password at next logon User c phi thay i password

theo user trong ln truy cp u tinUser cannot change passwword User khng c quyn thay i.

Quyn thay i thuc v qun trPassword nerver expires Password khng bao gi ht hn s

dng.Account is disabled Ti khon ny s b v hiu ha chc

nng

Trong v d ny ta khng t password, ngha l password trng v chn mc Password nerverexpires.


34/161


- 34 -

Hnh : Qu trnh to user hon thnh

Sau khi click nt Finish kt thc qu trnh to user chng ta s gp mt vn l Windows Servers khng cho to user do password ca chng ta l trng, v khng tun theo qui c ca AD:

Hnh : Thng bo li do t Password khng hp l

gii quyt vn trn chng ta phi vo StartProgramAdministrative ToolsDomainSecurity policy


35/161


- 35 -

Hnh : Chn Domain Security Policy

Mn hnh s cho chng ta bit nhng policy no ca Windows

Hnh : Password Policy

Chn khung bn tri l Password Policy, chn Minimum Password Length, ngha l chiu di tithiu phi l 7 k t. Nu chng ta mun s dng Password trng th chng ta chn Policy setting l0 k t.


36/161


- 36 -

Hnh : Thay i Password Policy

Sau khi cho php nhp password trng, chng ta phi loi b s phc tp ca password m h thngWindows ra: Chn Password must meet complexity requirements properties -> Define this

policy setting l Disable:

Hnh : Cm ch password phc tp

Khi chn nhng policy theo nh trn, chng ta phi cp nht nhng thay i policy cho Windows.Bng cch l chng ta khi ng li my ch hoc ta cng c th vo Start -> Run, g vo c phpsau: gpupdate /force thay i cc policy ca h thng.

Hnh : Cp nht Policy va thay i

Nh vy sau khi cp nht Policy cho Server, lc ny chng ta quay v vn to user vi passwordtrng th chng ta s to user thnh cng m khng gp trngi no.


37/161


- 37 -

Hnh 3.12: Qu trnh to user hon tt

Qun l Users.Phn trn chng ta tm hiu v cch to user, by gichng ta phi tm hiu v qun l cc user nhth no? Chng ta th tm hiu mt s gii php thng dng khi qun l user.V d 1: mt s user to ra trong mt thi gian ngn l v hiu ha chc nng do tnh cht thi v causer.V d 2: Trong mt cng ty, Gim c yu cu l tt c nhn vin lm vic t 8 gisng ti 12 gitra,sau khi qua 12 gitra l tt c cc my tnh hoc mt s my tnh phi tng ngng lm vic nghtra hoc hn ch tht thot thng tin...V d 3: Trong mt h thng mng c trin khai cho mi trng gio dc. Cc hc sinh s lu bi tptrn th mc share trn Server ca mnh, vn t ra l s c nhiu em hc sinh ng nhp (logon) vonhiu my m ch c mt user copy bi ca nhau trn cng mt th mc share . Vy lm sao gii

quyt cc vn .Nhng vn trn sc tm hiu trong phn ny.Sau khi to mi user, chng ta vo Properties ca user:


38/161


- 38 -

Hnh 3.14: Thuc tnh General ca user

Account properties DiscriptionsGeneral, Address, Telephones and

Organization tabs

y l nhng thng tin b sung ca user

Account tab Thuc tnh ny bao gm nhiu thng tin vuser nh khi to, password, hn s dng...

Profile tab y c th cu hnh ng dn profile,hay logon Script

Member Of tab Thuc tnh ny bao gm mc , quynhn hoc thuc nhm no.

Terminal Services Profile,

Environment, Remote

Control, Sessions tabs

Nhng Tabs ny cho php thit l p mitrng lm vic, truy cp t xa hoc cc

phin lm vic ca vic truy cp .Dial-in tab Cho php hoc khng cho php truy cp

t xa hoc quyn dng nhp VPNCOM+ tab Gn Active Directory COM+ cho vic

qun l d liu phn tn trn Windows2003.

bng trn c rt nhiu thuc tnh, tuy nhin chng ta ch quan tm nhiu ti 3 thuc tnh cbn lAccount tab, profile tab, member oftab. Cn nhng thuc tnh cn li chng ta tm hiu sau hoc cchoc vin t tm hiu.

Account tab

y l thng tin rt quan trng, cho php thay i thng tin user, thi hn ca user...


39/161


- 39 -

Hnh : Thuc tnh Account ca user

Logon Hours...: cho php ti khon ny truy cp vo nhng thi gian qui nh trong ngy. Ngiqun tr s chn thi gian l work time, hoc free time:


40/161


- 40 -

Hnh : Thi gian Logon ca user

Logon to...: cho php ti khon ny truy cp vo mt my tnh duy nht (computer name) hoc nhiumy tnh trong mt phng ban hoc mt nhm lm vic. Mc ch ny gip cho ngi s dng trnhc mt mt thng tin c nhn trn my tnh ca mnh.

Hnh : Cho php ti khon logon vo 1 hay nhiu my tnh.

Account Expires: chc nng ny cho php thi hn s dng ca Account ny ti bao lu:


41/161


42/161


- 42 -

Hnh : Select Group

Click vo Nt Advanced tm group.

Hnh : Chn group cn add vo

Chn nt Find Now -> chn group administrators, sau click OK hon tt vic chn nhm

admistrators.

Qun tr GroupQun l Groups.


43/161


- 43 -

Group l mt nhm lm vic do ngi qun tr to ra c th ha cc cng vic hoc d dng qun tr.Group c thc chia lm 2 loi l Buildin v manual.Loi build-in th do Windows to ra ni ln mt chc nng c bit no v d nh Administrators,Backup Operators... l nhng ti khon no nm trong group ny s c nhng quyn rt cao nhngnhp vo my ch, backup, restore .... v cc group ny khng th xa b khi h thng.Loi Manual l loi do ngi qun tr to ra qun l, v d trong cng ty c rt nhiu nhn vin cng

s dng mt ti nguyn no trn my ch th ngi qun tr ch to ra 1 group gom nhm cc nhnvin ny li, v chia s folder cho group ny th ton b cc thnh vin u c share. to mt Group qun tr, chng ta vo Active Directory user and Computers, chn User bn tri,chn Menu Action -> new -> Group. (chng ta c th lm nhanh bng cch click chut phi vo User,chn new).

Hnh : To New Group

To mt Group c tn l Marketing, vi Group scope l Domain Local, kiu group l Security


44/161


- 44 -

Hnh : Nhp tn v cc tu chn ca group

Sau khi to xong Group Marketing, chng ta a nhng user no cn gom nhm vo group. Vic auser vo group c 2 cch.

Chn Properties ca group Marketing mi to, chn member tab, chn nt Add.. chn user nocn a vo.

Hnh : Add Group

Cch khc l chn chut phi trn user no mun a vo Group, chn Add to group


45/161


- 45 -

Hnh : Add user vo group

Nh vy vic to group v a user vo group khng qu kh khn, do ngi qun tr c th to nhiugroup khc nhau qun tr. Cc group ny cn c tha vo group khc nh group buildin...


46/161


- 46 -

Hnh : User c add vo Group

2.4. Qun tr User Profile

Profile tab cha cc thng tin ca user v ng dn h thng nh vn : cc useru dng chung mt

mn hnh desktop, cc shortcuts trn desktop, cc cookies... hoc cc ng dn ca th mc share trnmy ch m ch duy nht user c m user khc khng c.Local Profiles: l profile mc nh ca h thng trn Windows 2000, XP: c:\documents andsettings\%username%. Profile ny c to ra ln u tin khi user logon vo h thng, cc thay i vdesktop, network... u c lu trProfile ny.Roaming User Profiles: l tt c cc useru ly chung mt Profile hot ng theo mt Profile share trn my ch.Trn Profile tab, trong mc Profile path c c php nh sau: \\\\%username%. Trong %username% l tng ly ng user m user ng nhp vo h thng

Hnh 3.19: Profile User

Trc ht chng ta to mt Profiles kiu mu trn Server.To mt th mc trn my cht tn l profiles.Share th mc ny vi tn Profiles.Chn Permissions.chn quyn share l Full Control.Chn OK.


47/161


- 47 -

Hnh : Cp quyn cho Group Everyone

Sau ta to mt User kiu mu trn Server:

Text Box Name EnterFirst Name Profile

Last Name Account

User Logon Name: Profile

User Logon Name (Pre-Windows 2000): Profile


48/161


- 48 -

Hnh : Nhp thng tin user

Sau khi to User hon tt, chng ta cho user ny vi quyn Administrator user ny ng nhp (logon)

vo my ch.Logoff Windows Server 2003.Logon Windows Server 2003 vi ti khon profile.Sau khi logon hon tt, chnh sa Desktop, software, internet options...To cc shortcut trn desktop...


49/161


- 49 -

Hnh : Logon vi account Profile

logoff Windows.

Logon Windows vi ti khon administrator.Vo System Proferties ca SVR1, chn tab Advanced, chn User profiles, clicksetting...

Hnh : System Properties

Trong user Profiles, chn ISPACE\Profile. Click Copy to.


50/161


- 50 -

Hinh : User Profile

g ng dn profile mun copy ti: \\svr1\profiles\hatq. trong hatq l user ca Tran Quang Ham chng ta mun s dng profile ny.Thay i quyn s dng l ISPACE\Hatq

Hnh : Ni lu tr profile

Click OK hon tt vic copy profile.vo Start -> Programs -> Administrative tools -> Active Directory User and Computer.

Chn Properties Ha Tran Quang.Vo Tab Profile.

G vo Profile path: \\svr1\profiles\%username%


51/161


- 51 -

Hnh : Profile path

Click OK hon tt.Logoff ti khon Administrator.Logon vi ti khon hatq (Ha Tran Quang).


52/161


- 52 -

Hnh : Logon ti khon Ha Tran Quang

Nh vy chng ta hon tt vic Roaming Profile. Ti khon Hatq s s dng cc desktop, shortcut...ca user profile.By gichng ta gii quyt mt vn thng dng ca Profile l Automatics Map Network Disks. Trong

phn ny cc user khi ng nhp vo h thng s c mt a network c sn trn my tnh ca mnh vkhi thot ra s khng cn a trn my trnh trng hp tht thot thng tin cng nh vn ringt.Trong bi ny chng ta c v d v ti khon Ha Tran Quang. Ti khon ny c mt th mc trn mych l Hatq v share th mc ny trn my ch vi quyn Full Control.

To th mc trn my ch l Hatq, share th mc ny cho Ha Tran Quang vi quyn Full Control.


53/161


- 53 -

Hnh : Cp quyn cho user Ha Tran Quang

Dng Notepad hoc bt c chng trnh son tho vn bn no to file: tranquangha.bat.

Ni dung trong file tranquangha.bat nh sau: net use z: \\svr1\hatq.

Hnh 3.29: Ni dung file Tranquangha.bat

Copy file ny vo th mc:C:\Windows\SYSVOL\sysvol\ispace.com.vn\cripts.
http://svr1/hatqhttp://svr1/hatq


54/161


- 54 -

Hnh 3.30: Ni lu tr file Tranquangha.bat

Vo Profile tab ca user Ha Tran Quang. Trong mc Logon cripts: g tn file mi to:

Hnh : Nhp tn file Logon script

Click OK.

Khi user Hatq ng nhp vo h thng mng ispace.com.vn th s c mt a o.


55/161


- 55 -

Hinh : a o ca user khi logon vo mng

Nh vy ti khon hatq c th lu tr ti liu ca mnh trn my ch v ch c Hatq mi c th chnh sa,xa... ti liu ca mnh.

2.5. Cc nhm mc nh

Khi mt my tnh trthnh mt domain controller, nhng group c to trong dch v Active Directory.Mc nh, nhng group ny c nhng quyn c xc nh trc quyt nh nhng thao tc h thngm cc thnh vin ca group hay cc group c th thc hin. Nhng group ny khng th b xo. Danhsch sau m t cc nhm domain local group v nhng cp quyn c gn trc cho chng.

Administrators: Cc thnh vin ca Administrators group c th thc hin tt c cc chc nngm hiu hnh h tr. Administrators c th gn cho chnh h bt k quyn no m h khngc theo mc nh. Ch logon l mt ngi qun tr khi cn thit. Cng phi cn thn khi add mtuser khc vo Administrator group.

Backup Operators: Cc thnh vin ca Backup Operators group c th backup v phc hi cctp tin bng cch s dng cng c Backup.

Account Operators: Nhng thnh vin ca Account Operators group c th qun l cc useraccount v group. Ngoi l l ch nhng thnh vin ca Administrators group c th thay i mtAdministrators group hoc bt k mt group no.

Server Operators: Cc thnh vin ca Derver Operators group c th share cc ti nguynmng, logon vo mt Server tng tc, to v xo cc ti nguyn share, khi ng v ngng ccdch v, nh dng cng ca server v shutdown my tnh. H cng c th backup v phc hicc tp tin bng cch s dng cng c Backup.

Print Operators: Cc thnh vin ca Print Operators group c th ci cc my in local v mngm bo rng cc user c th d dng kt ni ti v s dng cc ti nguyn my in.

2.6. Xl sc

2.7. Bi tp tnh hung

Tm tt:

User account: l mt i tng cha tt c cc thng tin khai bo mt user trong WindowsServer 2003. Account c th l local hay domain account. Mt user account bao gm user namev password km theo khi logon, cc nhm m n l thnh vin (member of) cc quyn li (userright) v s cho php (permisions) m user c khi truy xut vo my tnh v ti nguyn mng.

Computer Account: Mi my tnh chy Microsoft Windows NT, Windows 2000, Windows XPhay Windows Server 2003 tham gia vo mt domain u c mt computer account. Tng tnh user account, cc computer account cung cp ngha thm nh quyn v chnh sa quyntruy xut vo mng v cc ti nguyn domain.

Group: l mt tp hp cc user account. Bn c th s dng group qun l vic truy xut ticc ti nguyn domain rt hiu qu, gip cho bn n gin ho cng vic bo tr v qun trmng. Bn cng c th s dng cc group ring bit hay bn c tht mt group vo mt groupkhc n gin vic qun l hn na.

Local Profiles: l profile mc nh ca h thng trn Windows 2000, XP: c:\documents andsettings\%username%. Profile ny c to ra ln u tin khi user logon vo h thng, cc thayi v desktop, network... u c lu trProfile ny.

Roaming User Profiles: l tt c cc useru ly chung mt Profile hot ng theo mtProfile share trn my ch.


56/161


- 56 -

BI 3: QUN TR TRUY XUT TI NGUYN FILE

Mc tiu:

Hiu bit truy xut ti nguyn mng Qun tr quyn truy xut Shared, NTFS Lm vic ngoi tuyn offline file X l cc s c v Permissions, offline file Hiu bit v trin khai dch v file DFS

3.1.Gii thiu

Windows Server 2003 t chc cc tp tin vo trong nhng th mc th hin dng ho l cc folder.Nhng folder ny cha tt c cc loi tp tin v c th cha cc folder con. Mt vi folderc dnh

ring trc cho cc tp tin hiu hnh v nhng folder chng trnh.Shared cc folder cho php cc user truy xut cc file v folder qua mng. User c th kt ni ti ccfoler share qua mng truy xut cc folder v nhng tp tin m folder cha. Cc folder shared c thcha cc ng dng, d liu cng cng hay d liu c nhn. Vic s dng nhng folder share ng dnglm tp trung cng vic qun tr bng cch cho php bn ci t v duy tr nhng ng dng trn serverthay v trn cc my client. S dng cc folder share d liu cung cp mt v tr trung tm cho user truyxut cc tp tin ph bin v lm cho n d dng backup d liu cha trong cc tp tin ny.

Bn mun c p quyn cho cc ngi dng truy c p qua mng th dng Share Permissions. SharePermissions ch c hiu lc khi ngi dng truy cp qua mng ch khng c hiu lc khi ngi dngtruy cp cc b. Khc vi NTFS Permissions l qun l ngi dng truy cp di cp truy xut a.Trong hp thoi Share Permissions, cha danh sch cc quyn sau cho php ngi dng truy xut

n th mc chia s: Full Control: cho php ngi dng c ton quyn trn th mc chia s. Change: cho php ngi dng thay i d liu trn tp tin v xa tp tin trong th mc chia s. Read: cho php ngi dng xem v thi hnh cc tp tin trong thmc chia s.


57/161


- 57 -

3.2. Quyn chia s thmc

Cc ti nguyn chia s l cc ti nguyn trn mng m cc ngi dng c th truy xut v s dng thngqua mng. Mun chia s mt th mc dng chung trn mng, bn phi logon vo h thng vi vai trngi qun tr (Administrators) hoc l thnh vin ca nhm Server Operators, ti p theo trongExplorerbn nhp phi chut trn th mc v chn Properties, hp thoi Properties xut hin, chnTab Sharing.

Mc M t

Do not share this folder Chnh th mc ny chc php truy cp cc b

Share this folderChnh th mc ny c php truy cp cc b v truy cp quamng

Share name Tn th mc m ngi dng mng nhn thy v truy cp

CommentCho php ngi dng m t thm thng tin v th mc dng chungny

User LimitCho php bn khai bo s kt ni ti a truy xut vo th mc timt thi im

PermissionsCho php bn thit lp danh sch quyn truy cp thng qua mngca ngi dng

Offline SettingsCho php th mc c lu tr tm ti liu khi lm vic di chOffline.


58/161


- 58 -

Kt ni n thmc chia s

Sau khi chia s mt th mc, ngi dng c th truy cp th mc qua mng. Ngi dng c th truycp mt th mc chia s trn my khc bng cch s dng My Network Places, Map Network Drive,hay lnh Run.

S dng My Network Places

Trong nhiu trng hp, cch d nht truy cp th mc chia s l s dng My Network Places.

kt ni n th mc chia s dng My Network Places, hy thc hin cc bc sau:

1. Nhp p My Network Places.2. Nhp ng dn n th mc chia s mun kt ni hoc nhp Browse tm my tnh cha th

mc.

3. Nhp p th mc chia s mxem ni dung.Lu Khi m

th

m

c chia s

trn mng, Windows 2003 t

ng thm n vo My Network Places.

S dng Map Network Drive (nh xa mng)

Hy nh x mt a mng khi mun lin kt mt k ta v mt icon vi mt th mc chia s. iuny lm cho vic tham chiu n v tr ca mt tp tin trong th mc chia s d dng hn. V d, thay vtrn \\My ch\Tn thmc chia s \Tp tin, chng ta s trn a:\Tp tin. Chng ta s dng cck t a truy c p cc th mc chia s khng th s dng ng dn UNC (universal namingconvention), chng hn nh mt th mc ca mt ng dng c.

nh x mt a mng, hy thc hin cc bc sau:

1. Nhp phi My Network Places, nhp Map Network Drive.2. Trong wizard Map Network Drive, hy chn k ta mun s dng.3. Nhp tn th mc chia s mun kt ni hay nhp Browse tm th mc chia s. c th tip cn th mc chia s s dng thng xuyn, hy chn Reconnect at logon kt nitng mi khi log on.


59/161


- 59 -

S dng lnh Run

Khi s dng lnh Run kt ni n ti nguyn mng, khng cn phi c k ta; cho php s lngkt ni khng gii hn, c lp vi cc k ta kh dng.

kt ni th mc chia s vo mt a mng, hy thc hin cc bc sau:

1. Nhp Start, nhp Run.2. Trong hp thoi Run, nhp ng dn UNC trong hp Open, nhp OK.

Khi nhp tn my ch trong hp Open, mt danh sch tn cc th mc chia s kh dng s xut hin.

3.3.Quyn NTFS

Windows 2003 ch cung cp cc quyn NTFS trn cc phn vng c nh dng NTFS. bo mt chocc tp tin v th mc trn cc phn vng NTFS, chng ta gn cc quyn NTFS cho tng ti khon haynhm ngi dng cn truy cp ti nguyn. Ngi dng phi c cp php c th truy cp ti nguyn.

Nu khng c cp php, ti khon ngi dng khng th tip cn tp tin, th mc. Bo mt NTFS chiu lc khi ngi dng truy cp th mc hay tp tin ngay ti my hoc qua mng.

Danh sch kim sot truy cp (Access Control List)

NTFS lu mt danh sch kim sot truy cp (Access control list - ACL) trn tng tp tin v th mctrong phn vng NTFS. ACL cha danh sch cc ti khon ngi dng, nhm, v cc my tnh c cp

php truy cp tp tin th mc, cng nh loi truy cp m chng c php. ngi dng tip cn ctp tin th mc, ACL phi cha mt mc (entry) gi l mc kim sot truy cp (Access control entry -ACE) cho ti khon, nhm, hay my tnh ca ngi dng. Mc ny phi cho php kiu truy c p mngi dng cn phi c c th tip cn c tp tin th mc. Nu khng tn ti ACE trong ACL,Windows 2003 s khng cho php ngi dng truy cp ti nguyn.

Chng ta c th s dng cc quyn NTFS ch ra cc ngi dng, nhm, v my tnh c th tip cntp tin th mc. Cc quyn NTFS cng ch ra cc ngi dng, nhm, v my tnh no c th lm g vini dung ca tp tin, th mc.Cc quyn th mc NTFS


60/161


- 60 -

Chng ta gn quyn th mc NTFS kim sot truy cp n cc th mc cng nh cc tp tin v thmc con cha trong cc th mc .

Cc quyn tp tin NTFS

Chng ta gn quyn tp tin NTFS kim sot truy cp n cc tp tin.

Lu : Khi nh dng mt phn vng theo NTFS, Windows 2003 tng gn quyn truy cp Read Only(chc) n th mc gc cho nhm Everyone. Mc nh, nhm Everyone s c quyn Full Control ivi tt c cc th mc v tp tin c to trong th mc gc. gii hn truy cp ch cho cc ngidng c php, chng ta nn thay i quyn mc nh cho cc th mc v tp tin chng ta to.

Cch Windows 2003 p dng cc quyn NTFS

Mc nh, khi chng ta cp php s dng mt th mc cho ngi dng v nhm, cc ngi dng vnhm ny s c th tip cn c cc tp tin v th mc con cha trong th mc ny. iu quan trngchng ta phi hiu l cc cc th mc con v cc tp tin k tha quyn t cc th mc cha, t c th

s dng s k tha ny truyn quyn truy cp cho cc tp tin v th mc.Nu cp php truy cp mt tp tin hay th mc cho mt ti khon ngi dng hay cho nhm m ngidng l thnh vin, ngi dng s c nhiu quyn truy cp n cng mt ti nguyn. C nhiu lut v u tin lin quan n cch NTFS kt hp cc quyn. Ngoi ra, chng ta cng c th tc ng n ccquyn truy cp khi sao chp hay di chuyn cc tp tin, th mc.

Quyn NTFS tng hp

Nu chng ta gn cc quyn NTFS cho mt ti khon ngi dng v cho nhm m ngi dng thuc v,th c ngha l chng ta gn quyn tng hp cho ngi dng. C nhiu lut quy nh cch NTFS kthp cc quyn ny to ra tp hp quyn tht s c hiu lc cho ngi dng.

Quyn tchi (deny) che cc quyn khc


61/161


- 61 -

Chng ta c th t chi truy cp trn mt tp tin, th mc c th qua vic gn quyn t chi cho tikhon ngi dng hay nhm. Thm ch khi mt ngi dng c quyn truy cp tp tin hay th mc do lthnh vin ca mt nhm, vic t chi quyn i vi ngi dng s chn cc quyn khc ngi dngang c. Do , quyn t chi l mt ngoi li vi lut tch ly. Chng ta nn trnh vic t chi quynv vic cho php truy cp th d dng hn vic t chi. Nn t chc cc nhm v t chc cc ti nguyn

trong cc th mc ch cn s dng vic cp php l (khng cn dng Deny).Lu Trong Windows 2003, c s khc bit gia mt ngi dng khng c php truy cp v vic tchi mt ngi dng truy cp bng vic thm mt mc t chi (deny entry) vo ACL trn tp tin, thmc. iu ny c ngha nu l ngi qun tr, chng ta c mt cch khc t chi truy cp l khng cho

php ngi dng truy cp tp tin thmc.

Sk tha quyn NTFS

Mc nh, cc quyn c gn cho th mc cha sc k tha v lan truyn xung cc tp tin v thmc con nm trong th mc cha ny. Tuy nhin, chng ta c th ngn chn s k tha quyn khi muncc tp tin v th mc con c quyn khc vi th mc cha ca chng.

S k tha quyn

Bt c quyn g c gn cho mt th mc cha cng c p dng cho cc th mc con v tp tin chatrong n. Khi gn quyn NTFS cho php truy cp n mt th mc l chng ta gn quyn cho thmc cng nh cho tt c cc tp tin v th mc con ang tn ti trong n k c cc tp tin v th mc

consc to trong thmc .

Ngn chn vic k tha quyn


62/161


- 62 -

Chng ta c th ngn chn vic k tha quyn qua vic ngn chn cc th mc con v tp tin k thaquyn t th mc cha. ngn chn vic k tha quyn, hy hy cc quyn c k tha v ch gi licc quyn c gn c chch.

Th mc con m chng ta ngn khng cho k tha quyn t th mc cha lc ny tr thnh th mccha mi. Cc th mc con v tp tin cha trong th mc cha mi ny s k tha cc quyn c gn chocc th mc cha ca chng.

Gn quyn NTFS

Gn quyn NTFS trong hp thoi Properties ca th mc. Khi gn hay thay i quyn NTFS cho mttp tin hay th mc, chng ta c th thm hay xa cc ngi dng, nhm hay my tnh cho tp tin hayth mc. Qua vic chn mt ngi dng hay nhm, chng ta c th hiu chnh quyn cho ngi dnghay nhm.

Trn tab Security trong hp thoi Properties ca tp tin hay th mc, hy cu hnh cc tham s m ttrong bng sau.

Tham s M t

Name Chn ti khon ngi dng hay nhm mun thay i quyn hoc mun xa khi danhsch.

Permissions Cho php mt quyn khi chn check box Allow.T chi mt quyn khi chn check box Deny.

Add Mh p thoi Select User, Groups, or Computers, dng chn cc ti khon ngidng v nhm thm vo danh sch Name.

Remove Xa cc ti khon ngi dng hay nhm c chn v cc quyn hn lin quan n tptin, thmc.


63/161


- 63 -

Thit lp sk tha quyn

Nhn chung, chng ta nn cho php Windows 2003 truyn li cc quyn t th mc cha cho cc th mccon v tp tin cha trong th mc cha . S lan truyn cc quyn lm n gin ha vic gn quyn chocc ti nguyn.

Tuy nhin, s c khi chng ta mun ngn chn vic k tha quyn. V d, chng ta c th cn phi gi ttc cc tp tin ca phng kinh doanh trong mt th mc sales mi ngi trong phng kinh doanh uc quyn Write. Tuy nhin, chng ta cn phi gii hn quyn cho mt s tp tin trong th mc l Read. lm c iu ny, chng ta s ngn chn s k tha quyn Write khng truyn xung cc tp tincha trong th mc.

Mc nh, cc th mc con v cc tp tin k tha quyn c gn cho cc th mc cha, nh hin th trntab Security trong hp thoi Properties khi check box Allow inheritable permissions from parent topropagate to this objectc chn.

ngn chn mt th mc con hay tp tin k tha quyn t th mc cha, hy xa check box Allow

inheritable permissions from parent to propagate to this object, sau chn mt trong hay ty chnuc m t trong bng sau.


64/161


- 64 -

Tychn M t

Copy Sao chp cc quyn c k tha trc y t th mc cha xung th mc con hay tp tin v

t chi s k tha quyn t th mc cha k t lc .

Remove Xa cc quyn k tha c gn trn th mc cha khi th mc con hay tp tin v gi linhng quyn chng ta gn c chch cho th mc con hay tp tin.

3.4. Tng tc quyn Shared v NTFS

3.5. Offline File

Offline Files l mt tnh nng qun l ti liu quan trng cung cp cho cc user kh nng truy xut onlinehay offline nht nh ti tp tin. Khi my client ngt kt ni khi mng, mi thc download v mycc b. Cc user vn c th tip tc lm vic nh hang cn kt ni ti mng. H c th chnh sa,copy, xo Khi client kt ni trli vo mng, cc tp tin client v server tng ng b li.

S dng Offline Files c nhng thun li sau :

H trcho nhng user lu ng

Khi mt user lu ng xem share folder trong khi ngt kt ni mng, user vn cth trnh duyt, c, chnh sa cc tp tin, bi v chng c lu tr trong bnh ca my client. Khi user sau kt ni ti server, h thng iu chnhnhng thay i vi server

Tng ng b

Bn c th cu hnh chnh sch ng b v cch hnh ng da trn thi giantrong ngy v loi kt ni mng bng cch s dng Synchronization Manager.V d bn c th cu hnh ng b n xy ra tng khi user logon vo mngLAN.

Qu trnh thc thi thun li

Offline Files cung cp s thc thi thun li cho mng. Trong khi kt ni timng, cc client vn c thc tp tin t b nhcc b, gim lu lng d liutruyn trn mng.

Backup thun li

Offline Files gii quyt tnh trng kh x trong cc t chc kinh doanh ngy nay.Nhiu t chc thc thi mt chnh sch backup yu cu tt c d liu ca userphi c lu tr trn cc serverc qun l. B phn IT ca t chc thngkhng backup d liu c lu trn cc a cc b. iu ny trthnh mt vn nghim trng cho nhng user lu ng vi cc my tnh xch tay.

Nu bn mun truy xut d liu khi offline, my tnh cn sao chp d liu giamy xch tay v server. Mt vi t chc s dng cng c Briefcase. ViWindows Server 2003, vic sao chp d liu gia my client v server cqun l tng. Cc tp tin c thc truy xut trong khi ang offline v cng b tng vi serverc qun l .

Bn c th cu hnh mt file trn mng lm cho n sn sng offline khi Offline Filse c enable cho

folder cha file . Khi cc user cu hnh lm cho cc tp tin c offline, user s lm vic vi phin bnca tp tin mng trong khi ang kt ni vo mng ,v lm vic vi phin bn tp tin c lu tr trong bm khi ngt kt ni mng.


65/161


- 65 -

Khi cc user cu hnh cc files c sn c offline nhng s kin ng b sau s xy ra khi userdisconnected khi mng :

Khi user log off khi mng, hiu hnh Windows client ng b cc tp tin mng vi b nhm s copy cc tp tin

Khi user disconnected khi mng, user s lm vic vi nhng tp tin c lu tr torng b nhcc b

Khi user log on trli vo mng, hiu hnh client Windows ng b bt k tp tin offline nom user sa i trn my mng. Nu file c thay i trn c hai my th hiu hnh clientWindows s nhc user loi file no user mun gi, hay user c thi tn tp tin, hoc gi c hai

phin bn.

Ch : Nu c hai user lm vic vi cng tp tin offline ti cng thi im th sau khi ng b, mt tronghai phin bn s b mt.

Ty chn Offlin file Cache

Offline Files lu tr cc file thng xuyn c truy xut vo mt folder share. iu ny tng t nhtrnh duyt Web gi mt danh sch cc web site thng xuyn truy xut vo trong bm(cache). Khi

bn to cc share folder trn mng, bn c th ch ra tu chn lu tr cho tp tin v nhng chng trnhtrong folder. C 3 tu chn lu tr khc nhau.

Manual caching of documents: Ch ny cung cp truy xut offline ch cho nhng file vchng trnh m user chnh l c hiu lc. N l tng cho mt folder share mng chanhng tp tin m mt vi ngi s truy cp v chnh sa. y l tu chn mc nh khi bn cu

hnh mt share folder trthnh offline.Automatic caching of documents: Vi ch lu tr tng, tt c cc file v chng trnhm user m t folder share tng offline. Nhng tp tin m user khng ms khng offline.Cc bn copy c s tng b ghi bi nhng phin bn mi hn.Automatic caching of programs: Khi check box Optimized for performance c chn, ncung cp tng lu tr nhng chng trnh. Vic tng lu tr cc chng trnh lm gimlu thng mng, bi v cc tp tin offline c mngay lp tc. Cc phin bn tp tin trn mngkhng th truy xut theo bt c cch no, v nhng file offline nhn chung khi ng v chynhanh hn nhng version mng.

Khi bn s dng ch ny, phi bo m hn ch cc quyn ti nhng file c cha trong ccshare folder thnh truy xut Read.

cu hnh cc thit lp offline bng cch sdng Windows Explorer :

1. Trong Windows Explorer, right-click trn shared folder mun cu hnh truy cp offline v sau clickSharing and Security.


66/161


- 66 -

2. Trong hp thoi Properties chn Tab Sharing v clickOffline Settings.

3. Trong hp thoi Offline Settings chn cc option m bn cn v clickOK.

3.6. Trin khai dch v file DFS

Gii thiu DFS:Trong thc t nhng cng ty ln u c mt h thng my ch cha d liu trn c chia s chonhiu ngi dng, v d liu c chia s khng phi t mt my ch m t nhiu my ch khcnhau.

Vi ngi dng mng, h s gp nhiu phin phc mi khi mun truy xut mt d liu no . H khm nhc, d liu no ang c chia s trn Server no.Vn trn cng s gy kh khn cho Ngi Qun tr mng.Trong h thng Windows Server 2003 c mt gii php cho php tp trung cc ti nguyn c chia strn mng (bi cc my khc nhau) n gin vic qun l v truy xut. l s dng DistributedFile System (DFS).

Hnh 10.1: M hnh DFS

Nn nhrng, DFS ch tp trung ti nguyn cha s v phng din Logic. C ngha l, ti nguyn thcs vn tn ti trn my ch chia s. DFS s gom tt c cc ng dn ca ti nguyn chia s v tp trungti mt mi (gi l DFS root).

Gii php s dng DFS mang li s thun tin cho cc ngi dng mng. Khi s dng DFS ngi dngch cn truy cp vo DFS root. T, h s truy cp c vo cc ti nguyn chia s trn cc my khc,nhvo cc nhnh c to ra bi cc ng linkn cc a chc chia s trn my khc..

Cc kiu ca DFS Root:

DFS tp trung cc ng lin kt n ti nguyn chia s trn mng v mt mi (gi l DFS root).

Microsoft a ra hai m hnh qun tr mng: WORKGROUP v DOMAIN, nn DFS root cng c haikiu tng ng cho mi m hnh qun tr. Domain RootvStand-Alone RootDomain Root:

L s kt h p gia DFS vi tnh nng Replication trong Active Directory.Domain rootc khnng t d tm cc ti nguyn chia s trong mng Domain to lin kt t vo Domain root.

Vi Domain root, cc thng tin ca DFS s lu tr trn Active Directory.Ngi dng truy cp vo h ti nguyn qua h thng DFS dng Domain root bng ng dn:

\\Domain\ShareName

o Domain: tn ca Domaino ShareName: tn ti nguyn chia s trn Root

Stand-Alone Root:

L mt gii php cho mt my ch n hot ng trong mng WORKGROUP hoc mngDOMAIN.
http://domain/ShareNamehttp://domain/ShareNamehttp://domain/ShareName


67/161


- 67 -

Vi Stand-Alone Root, ngi Qun tr phi t tay nhp cc ng lin kt n ti nguyn chia strn mng vo Root. Stand-Alone Root khng h trch tng d tm ti nguyn chia snh Domain root.

Ngi dng truy cp vo h ti nguyn qua h thng DFS dng Stand-Alone Root bng ngdn:

\\Server_Name\ShareName

o ServerName: tn ca my ch cha DFS rooto ShareName: tn ti nguyn chia s trn Root

Thc thi DFS:Ginh, ti Trung tm o to CNT iSpace, mi b phn u c my ch cha ti nguyn chia s:

My ch PDT: chia s cc ti nguyn GIAO_TRINH, GIAO_ANMy ch GIAO_VU:: chia s cc ti nguyn, THONG_BAO, TKB, My ch KY_THUAT:: chia s cc ti nguyn SOFTWARE, DRIVER,

i vi ngi dng, truy cp ti nguyn h phi truy cp qua Computer Browser:Truy cp ti nguyn trn my ch PDT: \\PDT\Giao_Trinh ; \\PDT\Giao_An ...Truy cp ti nguyn trn GIAO_VU: \\GIAO_VU\TKB ; \\GIAO_VU\Thong_Bao,

Truy cp ti nguyn trn KY_THUAT: \\KY_THUAT\Driver \\KY_THUAT\SOFTWARE, Nu s dng gii php DFS, n s mang li s thun tin cho ngi dng trong c Trung tm.

My ch vi tn ISPACE l root ca cc ti nguyn chia s t nhiu my ch trong Trung Tm,Khi s dng DFS trn my ch ISPACE ton b ngi dng s truy xut cc d liu share trn mng vimt a ch duy nht qua computer brower l: \\ISPACE\Tai_Nguyen

Thit lp DFS trn my ch ISPACETrn my ch ISPACE, vo a bn mun cha d liu root (V d l E:), to mt folder c tn lTAI_NGUYEN

Hnh 10.2: To th mc root tn TAI_NGUYEN trn my ch ISPACE

MControl Panel Administrative Tools chy chng trnh Distributed File System.
http://pdt/Giao_Trinhhttp://pdt/Giao_Anhttp://giao_vu/Thong_Baohttp://ky_thuat/Driverhttp://ky_thuat/SOFTWAREhttp://ispace/Tai_Nguyenhttp://ispace/Tai_Nguyenhttp://ky_thuat/SOFTWAREhttp://ky_thuat/Driverhttp://giao_vu/Thong_Baohttp://pdt/Giao_Anhttp://pdt/Giao_Trinh


68/161


- 68 -

Hnh 10.3: Distributed File System

To root mi trn my ch ISPACE bng cch chut phi vo Distributed File System sau chnNew Root

Hnh 10.4: To New RootSau khi nhn chn New root h thng hin ra mt Wizard h trngi Qun tr to Root mi,

chnNext.Ti ca s Root Type, h thng s yu cu la chn mt trong hai dng root l: Domain Root

hocStand-Alone Root. (Xem hnh 4)Nu bn chn Domain root, Wizard s yu cu ngi Qun tr xc nh chnh xc tn Domain

ang tn ti trn mng.Nu mng ca mng cha nng cp ln Domain, hy chn Stand-Alone Root,


69/161


- 69 -

Hnh 10.5: La chn dng root cho DFS

Sau bn nhn Next, trong ca s Host Server, h thng yu cu bn g tn my ch cha Rootca DFS. phn minh ho ny, tn Server l: ISPACE (tn my ch ch DFS root)

Hnh 10.6: Nhp tn Server ca DFS root

Nhn Next h thng s ra mt ca s yu cu bn cn t tn cho th mc Root, v miu t th mc (Comment)


70/161


- 70 -

Hnh 10.7: t tn th mc rootBc k, ti ca s Root Share, ngi Qun tr phi chnh th mc dng cha thng tin ca

DFS root.

Hnh 10.8: Chnh th mc cha DFS root

Cui cng, chn Finish hon thnh vic to th mc Root trn my chISPACE.

Ghi nhrng, khi to c DFS Root, phi p ng 2iu kin:

Dch v Distributed File System phi c Start(Xem thm phn hng dn pha di dy.

a cha Folder dng lm Root Share (hnh 7) phis dng File System l NTFS

Hng dn Start dch v Distributed File System:

Chy cng c Services (t trong Control panel Administrative Tools.Nhp phi mouse trn Distributed File System v chn Start.


71/161


- 71 -

Hnh 10.9: Xem trng thi hot ng ca cc services

To ng lin kt mi trong root

S dng DFS vi kiu Stand-Alone Root, ngi Qun tr phi t tay to ra cc link chn ti nguynchia s trn mng trong DFS root. Cch to link nh sau:

Chy Distributed File System nhp phi mouse trn Root to chn New Link (Xemhnh 8)

Hnh 10.10: To Link mi trong DFS root

Cc thng tin nhp trong New link (hnh 9) gm c:

o Link name: Tn ca link. Tn ny s th hin trong Root nh l mt Folder cha tinguyn chia s.

o Path to Target (shared folder): ng dn n ti nguyn chia s bi my ch khc trnmng.. Ngi Qun tr c th dng nt Browse duyt ti nguyn chia s trn mng.

o Comment: Ch thch thm v ti nguyn (nu cn).


72/161


- 72 -

Hnh 10.11: Thng tin chi tit khi to Link mi trong DFS root

Tng t, ngi Qun tr s to thm cc link dn ti ti nguyn chia s trn mu ch PDT,GIAO_VU

Truy xut ti nguyn chia s qua DFS:

Mt khi h thng DFS v cc linkc thit lp, ngi dng mng c th truy xut ti nguyn chia sch bng mt ng dn duy nht

\\Domain\ShareName hoc

\\Server_Name\ShareName

V d: truy cp ti nguyn qua DFS lp trn my ch ISPACE kiu Stand-Alone Root

Hnh 10.12: Truy xut ti nguyn qua DFS

3.7. Xl sc

3.8. Bi tp tnh hung
http://domain/ShareNamehttp://domain/ShareName


73/161


- 73 -

Tm tt:

Quyn chia s thmc: Mun chia s mt th mc dng chung trn mng, bn phi logon voh thng vi vai tr ngi qun tr (Administrators) hoc l thnh vin ca nhm ServerOperators.

Share Permissions: l quyn ch c hiu lc khi ngi dng truy cp qua mng ch khng chiu lc khi ngi dng truy cp cc b. Share Permissions, cha danh sch cc quyn sau cho php ngi dng truy xut n th mc chia s: Full Control: cho php ngi dng c ton quyn trn th mc chia s. Change: cho php ngi dng thay i d liu trn tp tin v xa tp tin trong th mc

chia s. Read: cho php ngi dng xem v thi hnh cc tp tin trong th mc chia s.

NTFS Permission:NTFS l mt h thng file v sn c trn Windows Server 2003. NTFS cungcp qu trnh thc thi v cc tnh nng khng th c trong FAT hay FAT32. NTFS cung cp ccli ch sau: tin cy Bo mt cao Ci thin vic qun l v gia tng lu tr Nhiu quyn user

Offline File: l mt tnh nng qun l ti liu quan trng cung cp cho cc user kh nng truyxut online hay offline nht nh ti tp tin. Khi my client ngt kt ni khi mng, mi thcdownload v my cc b. Cc user vn c th tip tc lm vic nh hang cn kt ni timng. H c th chnh sa, copy, xo Khi client kt ni trli vo mng, cc tp tin client vserver tng ng b li. S dng Offline Files c nhng thun li sau : H trcho nhng user lu ng Tng ng b Qu trnh thc thi thun li Backup thun li

DFS (Distributed File System): Trong h thng Windows Server 2003 c mt gii php chophp tp trung cc ti nguyn c chia s trn mng (bi cc my khc nhau) n gin vicqun l v truy xut.


74/161


- 74 -

BI 4: QUN TR TRUY XUT TI NGUYN PRINTER

Mc tiu:

Trin khai Local, Network Print Device Qun tr quyn truy xut Printer X l cc s c v in n

4.1.Gii thiu PrinterGii thiu vic in n trong Windows 2003: Windows 2003 to iu kin thun li cho ngi qun trthit lp in n mng v cu hnh cc ti nguyn in n t mt v tr trung tm. Chng ta cng c th cuhnh cc my trm chy Windows 95, Windows 98, hay Microsoft Windows NT phin bn 4.0 in n tcc thit b in n mng.

Trc khi thit lp vic in n trong Windows 2003, chng ta nn n thut ngc s dng v cc

c v yu cu h thng cho vic thit lp mt print server vi mt thit b in c kh nng tip cnmng. t kt qu tt nht, hy ghi nhcc nguyn tc khi lp k hoch trin khai mi trng in nmng.

Cc thut ng in n trong Windows 2003

Chng ta nn lm quen vi cc thut ngc s dng nhn din cc thnh phn v cch cc thnhphn lm vic vi nhau. Danh sch sau lit k cc thut ng v in n c nh ngha trong Windows2003:

Print device (thit b in): Thit b phn cng to ra cc bn ti liu in.Windows 2003 h trcc thit b in:

Local print device (thit b in cc b): Thit b in kt ni n mt cng vt l trn printserver.

Network-interface print device (thit b in giao din mng): Thit b in kt ni n mtprint server qua mng thay cho cng vt l. Network-interface print device i hi card mngring ca n v c a ch mng ring hoc c gn vo mt card mng gn ngoi.

Printer (my in): Giao din phn mm gia hiu hnh v thit b in. Printernh ngha khino v u mt ti liu si n tm mt thit b in (cng cc b, cng kt ni mng, haytp tin).

Print server (my ch in n): My tnh c gn cc my in v trnh iu khin my khch. Printserver nhn v x l cc ti liu t cc my khch. Chng ta thit lp v chia s cc my in mnglin quan n cc thit b in n cc b v giao din mng trn cc print server.


75/161


- 75 -

Printer driver (trnh iu khin my in). Mt hay nhiu t p tin cha thng tin m Windows2003 i hi dng chuyn i cc lnh in thnh ngn ng my in chuyn dng. S chuyn iny lm cho my in c th in c ti liu. Mt trnh iu khin my in l chuyn dng cho tngthit b in v trnh iu khin my in ph hp phi hin din trn print server.

Printer Port: Trong h p thoi Printer Server Properties, bn m Tab Port. Tab ny cngtng t nhTab Port trong hp thoi Properties ca my in. S khc nhau gia hai Tab Portl: Tab Port trong hp thoi Print Server Properties c s dng qun l tt c cc porttrong Print Server. Cn Tab port trong hp thoi Properties ca my in qun l cc port cathit b my in vt l.

4.2. Trin khai Printer

Local Printer:Vo StartSettingPrinters and Faxes

Hnh : Printers and Faxes minh ha (b sung sau)

Chn Add printerNextTrang Local or Network Printer chn Local printer attached to thiscomputerNext

Hnh : Chn Local Printer


76/161


- 76 -

Trang Select a Printer Port chn Use the following port (chn port LPT hay USB ty theo my in)Nextchn hng sn xut v loi my in (vd l HP2000C)

Hnh : La chn my in

NextNextNextNextFinish.

Chia s my in

Vo StartSettingPrinters and Faxes Right click trn my in cn chia s v chon Sharing

Network Printer:Nguyn tc thit lp mt my in mng

Trc khi thit lp in n mng, hy a ra chin lc in n c th qun l hiu qu cc nhu cu in ntrn ton mng. iu ny bo m cho vic qun l cc tc v in thng sut. Danh sch sau cung cp ccnguyn tc cho vic lp chin lc in n mng:

Xc nh cc yu cu v in n ca t chc. Cc yu cu ny gm c s lng v kiu thit b in.Ngoi ra, hy xem xt loi ti mi thit b in s x l. Chng hn, khng nn dng thit b in ktni cc b cho vic in n mng v n c th khng qun l ni lng ti.

Xem xt yu cu in n ca ngi dng trong tng phng ban. Chng hn, phng Ha n c thc nhiu tc v in do phi in cc ha n lin tc. Ti cho vic in n cng ln th cng cn cnhiu thit b in hn.

Xc nh s lng print server cn thit qun l s lng v cc loi my in trong mng. Xc nh v tr t cc thit b in. V tr ny phi thun tin cho cc mi dng nhn cc ti liu in. Xc nh cc tc v in no c u tin cao. Cc thnh vin ban qun tr thng c nhu cu in

n tht nhanh. Cc qun tr vin c th gn u tin cao cho nhng ngi c nhu cu.

Cu hnh my in mng

Sau khi ci t v chia s mt my in s dng trn mng, nhu cu in n ca ngi dng v t chc cth thay i v i hi chng ta cu hnh cc thit t in n sao cho ti nguyn in n ca chng ta phhp hn vi cc nhu cu ny.


77/161


- 77 -

Ci t my in thng qua my in chia s trn mng.Vo StartSettingPrinters and FaxesChn Add printer NextTrang Local or Network Printer chn A network printer, or aprinter attached to another computerNext

Hnh C5.4: Chn network printer

Trang Specify a printer chn Connect to this printer v g ip hoc computer name v tn my in chia s trn mng nh hnh bn di.Vd:\\192.168.1.102\HP2000C hay \\PCXX\HP2000C NextFinish.

Hinh C5.5: Chn my in share trn mng
http://pcxx/HP2000Chttp://pcxx/HP2000C


78/161


- 78 -

C th c nhiu cch khc nhau truy xut v s dng my in chia s trn mng, cc bn c th tmhiu thm hoc nhging vin hng dn cng tc ny. Tuy nhin, chng ti lun hy vng rng cc bns tm ra mt cch khc lm cng vic ny v chia s thm nhng kinh nghim cho cc bn cng lp.

4.3.Qun tr Printert u tin cho my in: hy t u tin gia cc my in u tin cho cc ti liu cng s dng

mt thit b in in. thc hin iu ny, hy to nhiu my in cng trn mt thit b in. iu nucho php nhiu ngi dng gi cc ti liu quan trng n my in c u tin cao v cc ti liu thngthng n my in c u tin thp hn. Cc ti liu c gi n my in c u tin cao sc intrc.

Hnh: u tin gia cc my in

t u tin gia cc my in, hy thc hin cc bc sau:

1. Tr hai hay nhiu my in n cng mt thit b in (chung cng). Cng c th l cng vt l trnprint server hay mt cng trn mt thit b in giao din mng.

2. t u tin khc nhau cho tng my in kt ni n thit b in, sau cho cc nhm ngidng khc nhau dng cc my in khc nhau in. Chng ta cng c th cho php ngi dnggi cc ti liu c u tin cao n my in c u tin cao hn v cc ti liu c u tinthp n cc my in c u tin thp hn.

Lu l trong minh ha trc, User1 gi cc ti liu n mt my c u tin thp nht l 1, trong khiUser2 gi cc ti liu n my in c u tin cao nht l 99. Trong v d ny, cc ti liu ca User2 sc in trc cc ti liu ca User1.

t u tin cho my in


79/161


- 79 -

t u tin cho mt my in, hy thc hin cc bc sau:

1. Mhp thoi Properties ca my in.2. Trn tab Advanced, thay i u tin trong hp Priority, nhp OK.

Gn quyn cho my in

C ba cp quyn hn trn my in: Print (in), Manage Documents (qun l ti liu), v Manage Printer(qun l my in).

Cc quyn hn trn my in

Bng sau lit k cc kh nng ca cc cp quyn hn khc nhau.


80/161


- 80 -

Kh nng ca cc quyn hn in nQuynin

Quyn qunl ti liu

Quyn qunl my in

Print documents (In ti liu) X X X

Pause, resume, restart, and cancel the user's own document

(Tm ngng, tip tc, khi ng li, hy ti liu ca ngidng)

X X X

Connect to a printer (Kt ni n my in) X X X

Control job settings for all documents (iu khin cc thit tcng vic cho mi ti liu)

X X

Pause, restart, and delete all documents (Tm ngng, khi ngli, xa tt c ti liu)

X X

Share a printer (Chia s my in) X

Change printer properties (Thay i thuc tnh my in) X

Delete printers (Xa cc my in) X

Change printer permissions (Thay i cc quyn hn my in) X

Mc nh, cc qun tr vin ca mt my ch, cc print operator (nhn vin qun l in n) v cc serveroperator (nhn vin qun l my ch) trn mt my iu khin vngc quyn Manage Printer. NhmEveryone c quyn Print, v ch ti liu c quyn Manage Documents.

Gn quyn cho my in

thm mt ngi dng hoc nhm ngi dng v gn quyn print, hy thc hin cc bc sau:


81/161


- 81 -

1. Trong th mc Printers, nhp phi biu tng my in mun thay i quyn, nhp Properties.2. TRn tab Security, trong h p thoi Properties ca my in, nhp Everyone group, nhp

Remove.

3. Nhp nt Add. chn cc ngi dng v nhm c php, nhp Add, nhp OK.4. Trn tab Security, kim tra li cc quyn cho ngi dng v nhm, nhp OK.

4.4. Xl sc

4.5.Bi tp tnh hung

Tm tt:

Print device (thit b in): Thit b phn cng to ra cc bn ti liu in. Printer (my in): Giao din phn mm gia hiu hnh v thit b in. Printernh ngha khi

no v u mt ti liu si n tm mt thit b in (cng cc b, cng kt ni mng, haytp tin).

Print server (my ch in n): My tnh c gn cc my in v trnh iu khin my khch. Printserver nhn v x l cc ti liu t cc my khch. Chng ta thit lp v chia s cc my in mnglin quan n cc thit b in n cc b v giao din mng trn cc print server.

Printer driver (trnh iu khin my in). Mt hay nhiu t p tin cha thng tin m Windows2003 i hi dng chuyn i cc lnh in thnh ngn ng my in chuyn dng. S chuyn iny lm cho my in c th in c ti liu. Mt trnh iu khin my in l chuyn dng cho tngthit b in v trnh iu khin my in ph hp phi hin din trn print server.

Printer Port: Port trong hp thoi Print Server Properties c s dng qun l tt c ccport trong Print Server. Cn Port trong hp thoi Properties ca my in qun l cc port ca thitb my in vt l.

Local print device (thit b in cc b): Thit b in kt ni n mt cng vt l trn print server. Network-interface print device (thit b in giao din mng): Thit b in kt ni n mt print

server qua mng thay cho cng vt l. Network-interface print device i hi card mng ringca n v c a ch mng ring hoc c gn vo mt card mng gn ngoi.


82/161


- 82 -

BI 5: QUN TR MI TRNG MNG GROUP POLICY

Mc tiu:

Gii thiu Windows Group Policy Trin khai Group Policy trn Domain v Organizational Units Dng Group Policy tng ha cc cng tc qun tr User v Computer X l li thng dng khi trin khai Group Policy

5.1. Gii thiu Group Policy.

Group Policy Object (GPO) l mt thnh phn quan trng trong h qun tr ca Windows. N gipngi qun tr c tha ra nhng chnh sch bo v, gii hn tm hot ng ca ngi s dng theomt khun php nht nh. Hu ht nhng thay i trn Windows nh desktop, control panel, InternetExplorer... u lu li trn registry. Nhng registry li qu phc tp v nguy him do hiu hnha ra mt h thng Policy nhm n gin ha vn thay i v bo mt.

Domain Group Policy: trong h thng Windows Server th GPO hot ng theo m hnhclient/Server. Do ngi qun tr s theo tc cc GPO trn my ch p t nhng thay i cn thitcho my con khi my con ng nhp vo h thng.Xt mt s v d:

Trong mt Cng Ty, ngi qun tr mun mt s nhn vin no khng c thay ithng s mn hnh Desktop. Hoc khng mun vo Control Panel chnh sa, ph phch...

Mt phng ban no mun khng cho h thay i cc thng s trn Internet Explorer hoccm h khng c php s dng USB...

Tt c nhng vic trn u c th lm trn cc my client . Nhng GPO c th lm trn my ch v chiu lc cho mt OU. Nguyn l hot ng ca GPO l khi my client truy cp vo Server th Server sly thng tin registry trn my client v chnh sa li theo ng nhng g m GPO thit lp v qu

trnh ny c cp nht thng xuyn khi c tn hiu truy cp t my Client. Cc group policy dnh chosite, domain v OU c to ra di dng cc i tng chnh sch nhm (GPO), v cc GPO c lutr mt phn trong csd liu Active Directory v mt phn trong share SYSVOL.

Local Group Policy: trn mi my Win2k/XP Pro/WinS2k3 cng c mt b chnh sch nhm tich (local group policy), sc p dng khi my khng tham gia vo min AD no c (tc khi ntham gia vo mt workgroup hoc khi n c dng c lp). Cc my Windows XP Home th khng clocal group policy. Khi my Win2k/XP Pro/WinS2k3 ni vo min AD, th ngoi cc local group policy,n cn c p dng ln lt cc group policy dnh cho Site, Domain, OU cha n (nu thuc nhiu OUlng nhau, th policy no dnh cho OU ngoi hn sc p dng trc). Cc policy c p dng saus override cc policy c p dng trc. GPO ti ch ca mi my Win2k/XP Pro/WinS2k3 th nmtrong th mc %Windir%\System32\GroupPolicy.

Chng trnh to ra v chnh sa cc GPO c tn l Group Policy Object Editor, c dng mt consoleMMC tn l GPEDIT.MSC, hoc cng c th dng di dng mt cng c snap-in trong mt consoleMMC khc. V d: console Active Directory Users and Computers, tc dsa.msc, cng c trang b snsnap-in Group Policy.


83/161


- 83 -

Cc thnh phn ca Group Policy tm hiu cc thnh phn GPO chng ta cn khi ng chng trnh Group Policy. C 2 cch:

Cch 1: Vo menu Start > Run, ri nhp lnh mmc khi ng Microsoft Management Console. Sau vo menu File, chn Open. Trong ca s Open, tm n th mc System32. Chng ta thy nhiu tptin xut hin c phn m rng l *.msc nhng chng ta ch quan tm n file gpedit.msc, chn file

gpedit.msc v bm Open:

Hnh 5.1: Chn file gpedit.msc

Cch 2: Vo menu Start chn Run v nhp vo gpedit.msc ri nhn OK khi ng chng trnh.Khi chng trnh khi ng, chng ta s thy ca s giao din nh hnh bn di:

Hnh 5.2: Giao din Group Policy


84/161


- 84 -

Chng trnh c phn theo dng cy v rt d dng v chng ta hon ton c th s dng Group Policym Windows cung cp sn qun tr h thng, khng cn phi ci thm cc phn mm khc.

Trong Group Policy c 2 thnh phn chnh l Computer Configuration v user configuration Cch sdng chung: tm ti cc nhnh, Chn Not configured nu khng nh cu hnh cho

tnh nng , Enable kch hot tnh nng, Disable v hiu ha tnh nng.

Computer Configuration: Cc thay i trong phn ny s p dng cho ton b ngi dng trnmy. Trong nhnh ny cha nhiu nhnh con nh:

Windows Settings: nhnh ny chc cc vn lin quan n ti khon, password ti khon,qun l vic khi ng v ng nhp h thng...

Administrative Templates:

Windows Components: cho php cu hnh cc thnh phn ci t trong Windows nh:Internet Explorer, NetMeeting...

System: cu hnh v h thng. Cn lu l trc khi cu hnh cho bt k thnh phn no,chng ta cng cn phi tm hiu tht k v n. Chng ta c th chn thnh phn ri nhp

chut phi chn Help.

Hnh 5.3: Tm hiu thnh phn ang cu hnh

Cn mt cch khc l khng chn Help m chn Properties. Khi ca s Properties xut hin, chuynsang th Explain c gii thch chi tit v thnh phn ny.


85/161


- 85 -

Hnh 5.4: Gii thch tnh nng ca thnh phn

Mc nh th tnh trng ban u ca cc thnh phn ny l Not configured. thay i tnh trngcho thnh phn no , chng ta chn thSetting trong ca sProperties, s c 3 ty chn chochng ta chn la l: Enable (c hiu lc), Disable (v hiu lc) v Not configure (khng cu hnh).

User Configuration: gip chng ta cu hnh cho ti khon ang s dng. Cc thnh phn ckhc i cht nhng vic s dng v cu hnh cng tng t nh trn.

Sau y chng ta tm hiu chi tit mt s thnh phn chnh ca GP:

Computer Configuration:

Windows Setting:Ti y chng ta c th hiu chnh, p dng cc chnh sch v vn s dng ti khon, password tikhon, qun l vic khi ng v ng nhp h thng...

Scripts (Startup/Shutdown):Chng ta c th ch nh cho windows s chy mt on m no khi Windows Startup hocShutdown.

Security settings: Cc thit lp bo mt cho h thng, cc thit lp ny c p dng cho tonb h thng ch khng ring ngi s dng no.

Account Policies Thit lp cc chnh sch p dng cho ti khon ca ngi dng.

1.Password Policies: Bao gm cc chnh sch lin quan n mt khu ti khon ca ngi sdng ti khon trn my.

Enforce password history: Vi nhng ngi s dng c khng c thi quen ghi nhnhiumt khu, khi buc phi thay i mt khu th h vn dng chnh mt khu c thay chomt khu mi, iu ny l mt k h ln ln quan trc tip n vic l mt khu. Thit lpny bt buc mt mt khu mi khng c ging bt k mt s mt khu no do taquyt nh. C gi tr t 0 n 24 mt khu.

Maximum password age: Thi gian ti a mt khu cn hiu lc, sau thi gian ny hthng s yu cu ta thay i mt khu. Vic thy i mt khu nh k nhm nng cao anton cho ti khon, v mt k xu c th theo di nhng thi quen ca chng ta, t c thtm ra mt khu mt cch d dng. S gi tr t 1 n 999 ngy. Gi tr mc nh l 42.

Minimum password age: Xc nh thi gian ti thiu trc khi c th thay i mt khu.Ht thi gian ny chng ta mi c th thay i mt khu ca ti khon, hoc chng ta c ththay i ngay lp tc bng cch thit lp gi tr l 0. Gi tr t 0 n 999 ngy. Chng ta cnthit lp Minimum password age ln hn khng nu chng ta mun chnh sch Enforce

password history c hiu qu, v ngi s dng c th thit lp li mt khu nhiu ln theochu k h c th s dng li mt khu c.

Minimum password length: di nh ti thiu cu mt khu ti khon. (Tnh bng s kt nhp vo). di ca mt khu c gi tr t 1 n 14 k t. Thit lp gi tr l khng nuchng ta khng s dng mt khu. Gi tr mc nh l 0.

Password must meet complexity requirements: Quyt nh phc tp ca mt khu. Nutnh nng ny c hiu lc. Mt khu ca ti khon t nht phi t nhng yu cu sau:

- Khng cha tt c hoc mt phn tn ti khon ngi dng

- di nh nht l 6 k t

- Cha t 3 hoc 4 loi k t sau: Cc ch ci thng (a -> Z), cc ch ci hoa (A -> Z),Cc ch s (0 -> 9) v cc k tc bit.

phc tp ca mt khu c coi l bt buc khi to mi hoc thay i mt khu. inh :Disable.

Store password using reversible encryption for all users in the domain: Lu tr mt khus dng m ha ngc cho tt c cc ngi s dng domain. Tnh nngcung cp s h tr


86/161


- 86 -

cho cc ng dng s dng giao thc,n yu cu s am hiu v mt khu ca ngi s dng.Vic lu tr mt khu s dng phng php m ha ngc thc cht ging nh vic lu trcc vn bn m ha ca thng tin bo v mt khu. Mc inh : Disable.

2. Acount lockout Policy:

Account lockout duration: Xc nh s pht cn sau khi ti khon c kha trc khi vicmkha c thc hin. C gi tr t 0 n 99.999 pht. C th thit lp gi tr 0 nu khngmun vic tng Unlock. Mc nh khng c hiu lc v chnh sch ny ch c khi chnhsch Account lockout threshold c thit lp.

Account lockout threshold: Xc nh s ln c gng ng nhp nhng khng thnh cng.Trong trng hp ny Acount s b kha. Vic mkha ch c th thc hin bi ngi quntr hoc phi i n khi thi hn kha ht hiu lc. C th thit lp gi tr cho s ln ngnhp sai t 1 n 999. Trong trng hp thit lp gi tr 0, account s khng b kha.

Reset account lockout counter after: Thit lp li s ln c gng ng nhp v 0 sau mtkhong thi gian quy nh. Thit lp ny ch c hiu lc khi Account lockout thresholdc thit lp.

Local Policies Kim nh nhng chnh sch, nhng ty chn quyn li v chnh sch an toncho ngi dng ti ch.

User rights Assignment: n nh quyn cho ngi s dng.

Quyn ca ngi s dng y bao gm cc quyn truy cp, quyn backup d liu, thay i thigian ca h thng

Trong phn ny, cu hnh cho mt mc no bn c th nhy p chut ln mc v nhnnt Add user or group trao quyn cho user hoc Group no bn mun.

Access this computer from the network: Vi nhng k t m, tc mch th ti sao chng tali phi cho php chng truy cp vo my tnh ca mnh