Exam 70-217

Microsoft

Windows 2000 Active Directory Services

Microsoft Press

70-217

Microsoft

Windows 2000 Active Directory Services Microsoft 3- ,

2004

. 1

004 32.973.26-018.2 59

Microsoft Corporation 59 Microsoft Windows 2000 Active Directory Services. MCSE: . . 3- ., . .: - , 2004. 608 .: . ISBN 5-7502-0247-.

Active Directory. , Active Directory (Domain Name System, DNS). Active Directory , , , , , , Active Directory. , , , Microsoft Windows 2000, , MCSE 70-217: Implementing and Administering a Microsoft Windows 2000 Directory Services Infrastructure. 15 , .

004 32.973.26^018.2

Microsoft Corporation, , , . ActiveX, JScript, Microsoft, Microsoft Press, MSDN, MS-DOS, PowerPoint, Visual Bask, Visual C++, Visual InterDev, Visual SourceSafe, Visual Studio, Win32, Windows Windows NT Microsoft / . . , , , , , , .

ISBN 0-7356-OW9-3 (.) ISBN 5-7502-0247-

, Microsoft Corporation, 2000 , Microsoft Corporation, 2001 , , 2004

, Microsoft Microsoft 1. Microsoft Windows 2000 1. Windows 2000 Windows 2000 Windows 2000 2. Windows 2000 , Windows 2000 Windows 2000 3. Windows 2000 Windows 2000 DNS LDAP HTTP Active Directory Windows 2000 XXIII XXIII XXIV XXV XXVII XXX XXX XXXI XXXI XXXVII XXXVIII XXXIX XXXIX XL 1 2 2 8 ... 8 9 11 12 12 12 13 13 14 14 15 15 15 16 17 17 17 18 19 19 19 19 20 20 21

Active Directory 4. Windows 2000 Windows 2000 : 5. ; Windows Security Windows Security : Windows Security 2, Active Directory 1. ! Active Directory Active Directory Active Directory Active Directory 2. Active Directory DNS 3. Active Directory ., 1. Active Directory Active Directory Windows 2000 2. Active Directory Active Directory Active Directory Domains and Trusts

21 23 24 24 25 25 27 27 28 28 29 31 32 33 : . . . 34 34 35 35 35 36 36 37 38 39 39 39 40 41 41 42 42 43 44 45 46 49 49 49 50 51 51 51 52 53 54 54 55 56 56 56

-

Active Directory Sites and Services Active Directory Users and Computers Active Directory Active Directory Schema Active Directory ,11 Directory , 3. : 1: 2: 4. Task Scheduler Task Scheduler : Task Scheduler 4. Active Directory 1. Active Directory DNS , .

| | 56 57 57 57 57 59 60 60 62 62 63 63 63 64 64 64 65 66 66 66 67 .. 67 67 68 71 72 72 72 73 73 75 76 77 78 78 78 79 80 80 81 81 82 82 85 86 88 88 88 89 . . . 89

2. Active Directory Active Directory DNS Active Directory Active Directory ; Active Directory 3. 4. : 5. DNS Active Directory 1. DNS IP- DNS 2.

-

90 90 90 90 91 91 91 92 92 92 93 95 96 96 96 96 96 97 97 97 97 98 99 99 99 99 100 101 102 102 102 102 102 103 104 104 104 105 106 107 109 110 110 110 111 111 112 114 .114

[X

DNS DNS Dynamic DNS DDNS DHCP : 3. : DNS DNS 4. DNS Active Directory DNS DNS DNS 6, 1. : 2, , - : ..

114 115 116 116 116 116 117 117 117 117 117 118 119 120 120 121 123 124 124 ... 124 126 126 127 127 128 128 128 128 129 131 132 133 134 134 135 137 137 .. 138 139 141 142 142 142 142 143 143 144 146 147 147 148

-

3. 4. - - - 7. 1. Administrator Guest 2. , : 3. , : , Dial-In : 1: 2: 4. ,

149 150 150 151 151 151 152 152 152 153 155 156 156 157 157 157 158 158 159 159 160 160 160 161 161 161 161 161 161 162 164 165 165 166 167 169 170 171 172 173 174 175 176 176 178 180 181 181 181 182 . 183

XI

184 184 184 185 185 186 186 : 187 1: 187 2: . . . . 188 191 5. 192 192 192 193 6. 194 , , 194 195 195 196 : 196 1: . .* ,.. 196 2: 197 197 198 8. 1.

.199 200 200 201 201 201 201 202 202 202 202 203 203 203204

2. : 3.

-

205 205 206 206 206 208 208 209 209 210

XII

: 1: 2: 4. ' 5. Users Power Users Run As RUNAS RUNAS : Run As '

210 211 212 212 214 214 215 216 217 217 218 219 220 ,...; 221 ..... 222 222 222 223 224 224 225 225 226

9. 1. NTFS NTFS NTFS NTFS NTFS NTFS 2. NTFS NTFS NTFS : NTFS 1: NTFS 2: NTFS Data 3: NTFS 4; NTFS 3.

227228 228 228 229 229 ; 229 230 230 230 231 231 232 233 233 234 234 235 236 236 237 239 241 242 243 243 , 245

: 4. NTFS NTFS : 5. :

XIII 246 246 248 248 250 251 251 252 252 252 252 253 255 255 256 256 257 258

,

10. 259 1. 260 260 261 261 : 262 263 2. 264 264 265 265 266 266 3. 267 267 267 268 269 .. 270 271 272 4. NTFS 273 NTFS . . . . 273 : 274 1: 274 2: 275 3: 276 4: 276 5 (); 277 6: 278 7: NTFS . . . . 279 8 (): NTFS 279

XIV

280 ,281 281 282 282 283 283 283 284 285 285 285 286 ;;.-; 289 ; 290 291 292 292 293 294 296 297 297 297 297 298 298 301 301 302 303 304 304 304 304 305 305 305 306 306 307 307 307 308 : . 308 309 309 310 310 311 . 311

5. DFS DFS DFS DFS DFS DFS DFS- DFS DFS DFS : DFS 11. Active Directory 1. Active Directory Active Directory Find : Active Directory ' 2. Active Directory Active Directory Active Directory Active Directory .' : Active Directory 3. Active Directory Active Directory 4. Active Directory , MOVETREE , MOVETREE MOVETREE MOVETREE MOVETREE .

}(

NETDOM : 5. Active Directory Delegation Of Control Active Directory : Active Directory 6. Active Directory What to Back Up Where to Store the Backup Active Directory 7. Active Directory Active Directory Active Directory 8. Active Directory 12. 1. Group Policy Group Policy Software Settings Windows Settings Administrative Templates Group Policy

311 311 312 312 313 314 314 314 315 316 317 318 318 . 318 319 319 320 322 323 324 , 324 324 324 325 326 328 329 329 331 .. 332 333 335 336 336 336 - . 336 .. 337 337 339 339 340 341 342 342 342 343 344 345 345

XVI

346 347 347 347 348 348 348 348 348 349 349 349 350 350 351 351 352 353 353 353 354 355 356 357 358 359 360 361 361 361 362 362 362 362 363 363 364 364 364 365 365 365 366 366 366 367 367 367 368 368

2. 3. : 1: 2: 3: 4: 5: . . . 6: 7; 8: 9: 4. . . Software Installation Software Installation Windows Installer Software Installation .

, 5. My Documents 6. Software Installation 13. 1. Account Policies Local Policies Event Log Restricted Groups System Services Registry File System Public Key Policies IP Security Policies 2.

)((| 368 369 370 371 372 373 373 374 375 376 376 ,. 378 378 379 379 380 381 382 382 382 383 383 387 388 389 393 393 393 394 394 395 397 398 398 398 399 399 400 400 400 401 401 401 402 402 402 403 403 403 404 404

XVII!

Active Directory : 1: 2: 3: 4: 5: Active Directory 3. Windows 2000 : 1: 2: 3: 4. 5. Security Templates : 1: Security Templates 2: . Security Configuration and Analysis Security Configuration and Analysis Security Configuration and Analysis Security Configuration and Analysis

f

,

407 .... 410 412 414 414 415 415 416 417 417 418 419 419 419 421 422 423 424 425 425 425 425 426 427 427 427 431 432 432 433 433 433 433 434 435 435 435 436 437 437 438 438 438 439 440 440 440 440 441 441

: Security Configuration and Analysis 1: Security Configuration and Analysis Console 2: 3: 4: 7.

XIX 441 442 443 443 444 445 . 445 445 . 446 446 446 447 448 448 449 450

14. Active Directory I. Active Directory Event Viewer Performance System Monitor NTDS Performance Logs and Alerts : System Monitor 2. Active Directory LDP Replmon Repadmin Dsastat Sdcheck ' Nltest Acldiag Dsacls 3.

.451, 452 452 453 454 455 455 459 461 461 461 461 461 462 465 467 467 469 471 472 472 472 .. 474 474 475 475 475 476 476 477 477 477 478 478

: 15, Windows 2000 RIS 1. RIS RIS )' , RIS 2. RIS RIS RIS R1S R1S RIS RlS- RIS RIPrep RIPrep RIPrep RIPrep Rl Prep < RIS RIS 3. RIS RIS RIS - RIS - RIS - RIS G UID -

479 479 480 480 '..... 481 481 482 483 484 484 484 485 485 486 487 487 487 489 489 489 489 489 490 491 491 491 492 493 493 493 497 499 500 500 500 501 502 502 503 503 504 504 505 505 505 506 506 508 509

RIS 4. RIS RIS RIS RIS

XXI 510 . . . . 510 511 512 513 513 516 517

& DHCP

518519 550 554

06

MCSE Microsoft Windows 2000 Active Directory Services*. , , , , Microsoft Windows 2000 Active Directory. Active Directory , , (Domain Name System, DNS) , . Active Directory , , , , , Active Directory. Windows 2000 (Remote Installation Services, RIS). Microsoft. MCSE . Microsoft. , , . , , , . , , . , .

, , , Microsoft Windows 2000 Active Directory, , MCSE 70-217: Implementing and Administering Microsoft a Windows 2000 Directory Services Infrastructure. : ; Microsoft Windows 2000 Server MSCE.

: Windows 2000, http:/ /www.microsoft.corn/windows/server/; Windows 2000 Server; ( ); Windows 2000 Server Resource Kit.

, , . , . , . , . . ! . , , , . , , . .

. . ! , . .

. , . , , . , ( , ). , . . . .

________________^__^______ XXV , , , , , ( ). []. [_] , . . {}. . . , . .

+*> , . , Alt+Tab , , Alt, Tab. . , Alt, F, X , . Alt+W, L, AJt W , L. . Alt ( ), . , ( ). . Alt, , . , Tab, , , . 4 , ESC.

, , , Active Directory Windows 2000. , , . , , ( ). , . , . , . : , . Microsoft Windows 2000 Surver .

XXVI

1 Microsoft Windows 2000 Windows 2000. Windows 2000. 2 Active Directory Active Directory, , , (), . Active Directory, , , , DNS . 3 Active Directory Active Directory , , , , . Active Directory, (Microsoft Management Console, MMC) Task Scheduler ( ). 4 Active Directory Active Directory, , , 5 DNS Active Directory DNS, DNS Active Directory. , . 6 , , . 7 . , , . , , , , , . 8 , Windows 2000 , . 9 NTFS. NTFS , , . . 10 . , (DPS) Mcrosoft , . 11 Active Directory Active Directory, , , , , , , Active Directory. 12 : . , , , . 13 , , , , -

^

XXVII

Security Configuration and Analysis. . 14 Active Directory , . \ 5 Windows 2000 RIS (RIS). RIS. , ! RIS. . DHCP DHCP RIS.

, , . , , . , , . 70-217: Implementing and Administering a MicrosoftWindows 2000 Directory Services Infrastructure

. , .

. .

70-217: Implementing and Administering a Microsoft Windows 2000 Directory Services Infrastructure , . Microsoft . , Active Directory , Active Directory Active Directory

4 6 6 6 6 6

2 1 1 1 2

2

XKVHI

4 4 3 ' 4 6 7

, Active Directory 6 Active Directory Active Directory Active Directory II 11 6 4 4 4

, , , DNS 1 1 5 5 5 2,4 2, 4 3, 4

, , , DNS Active Directory DNS DNS , DNS DNS

, , , , () 12 12 12 12 12 12 3, 6 3, 6 3, 6 3, 6 3, 6 3,6

12 12 3,6 3, 6

()

12 4 Windows 2000 RIS - RIS RIS RIS RIS RIS - RIS 15 15 15 3 3 3 15 15 15 15 15 2 2 2 4 3 12 12 12 12 4 4 6 5

, Active Directory Active Directory Active Directory Active Directory Active Directory Active Directory Active Directory Active Directory , , Active Directory Active Directory 14 14 1, 2, 3 1, 2, 3 11 11 11 8 11 11 4 3 1 3, 4, 5 3, 4, 5 2 5

6 6

2, 3 1,3

XXX

(), , Active Directory

Ktt

, Security Configuration and Analysis

13 13

1, 3, 4, 7 5, 6, 7

13 13

2,1 3

, Windows 2000 Active Directory. Windows 2000 Server. ; . , . , . . ! . , . .

, Windows 2000 (Hardware Compatibility List, HCL): 32- Pentium 166 ; 64 ( 128 ); 2 > ; 12- CD-ROM ( Windows 2000 CD-ROM ); SVGA 800 600 ( 1024 768); 3,5- ( CD-ROM ); Microsoft .

XXXI

- Microsoft Windows 2000 Server. Windows 2000 Server Web- Microsoft : http://www.microsoft.com/windows 2000/downIoads/default.asp ( Windows 2000 : http://www microsoft.com/rus/windows2000).

. Windows 2000 , . . . , : Windows 2000 Server; Windows 2000 Server; ; . , Windows 2000. . . Windows 2000 Server MSCE, Microsoft Windows 2000 Server.

Windows 2000 Server Windows 2000 Server. , , . Windows 2000 Server Windows 2000 Server. MS-DOS Windows, Bootdisk - Windows 2000 Server. CD-ROM, Windows 2000, . BIOS CD- (IOM. ! 1,44 . ; . > Windows 2000 Server 1. 1,44 : Windows 2000 Server 1; Windows 2000 Server 2*; Windows 2000 Server 3; Windows 2000 Server 4. 2. - Microsoft Windows 2000 Server CD- ROM.

3. Windows 2000 CD-ROM Windows 2000, No. 4. . 5. CD-ROM Enter. 6. Bootdisk, cd bootdisk, Enter. 7. , , MSDOS, 16- Windows, Windows 95 Windows 98, makeboot : ( : ) Enter. Windows NT Windows 2000, makebt32 : ( : ) Enter. , Windows 2000, . 8. . , , . 9. , Windows 2000 Server 1 . Windows 2000 , . 10. exit Enter. - CD-ROM. > Windows 2000 Server , , , CD-ROM . 1. , Windows 2000 Server 1 Windows 2000 Server . , . Windows 2000 Setup. . , Windows 2000 Executive Windows 2000. 2. 2 ( ) Enter. Setup HAL, , , , . , Windows 2000 Setup. 3. 3 ( ) Enter. Setup , . Setup . 4. 4 ( ) Enter. , , Windows 2000 Executive . Windows 2000, .

5. Setup, Enter. , , Windows 2000. 6. , Welcome To Setup, Enter . License Agreement ( ), 7. . Page Down. 8. I Accept The Agreement ( ), F8. Windows 2000 Server Setup ( Windows 2000 Server), ( ) Windows 2000, . ( ), . 9. , Unpartitioned space ( ), . , , . 10. ( 2 ), Enter. : New (Unformatted). . Windows 2000, Disk Management. 11. , , Enter. . 12. , Format The Partition Using The NTFS File System ( NITS) Enter. Setup NTFS, , , . . . 13. . ! CD-ROM CD-ROM BIOS, . , . - CD-ROM . 14. , Windows 2000. * Setup .

1. Windows 2000 Next () .

2-434

XXXIV

06

Setup NTFS . , , . , 2. , , Regional Settings ( ), , Next. , Windows 2000 , Regional Options . 3. Name () Organization (), Next. Your Product Key ( ), , - Windows 2000 Server. Licensing Modes ( ) - Per Server ( ). Setup . 4. Per Server Number Of Concurrent Connections ( ) 5 ( 5 ). Next. ! Per Server Number Of Concurrent Connections 5. . Per Seat Per Server. Computer Name And Administrator Password ( ). , . 5. Computer Name ( ) server 1. . , . ! , . Server 1. -, Serverl . 6. Administrator Password ( ) Confirm Password ( ) password Next. , , password . password . ( ). , Microsoft

XXXV , (, Lp6*g9). Windows 2000 Components ( Windows 2000), Windows 2000. 7. Next. Windows 2000. Add/Remove Programs ( ) . , . , . , Modem Dialing Information ( ). 8. Modem Dialing Information, Next. Date And Time Settings ( ). ! Windows 2000 . , , . 9. , , Next. Network Settings ( ), . ^ Windows 2000 Server. . , . 1. , Networking Settings ( ) Typical Settings, Next. . Typical Settings , , . , TCP/IP IP- DHCP. Workgroup Or Computer Domain ( ) , . 2. , Workgroup Or Computer Domain No, This Computer Is Not On A Network or Is On A Network Without A Domain ( , ) WORKGROUP, Next. Installing Components ( ), . . Performing Final Tasks ( ), , . , 30 . Completing The Windows 2000 Setup Wizard ( Windows 2000)

XXXVI

3. - Windows 2000 Server CD-ROM Finish (). ! CD-ROM -, , CD-ROM . Windows 2000 Server. ^ Plug and Play, , 1. , Ctrl+AlH-Delete. 2. Enter Password ( ) administrator User Name ( ) password Password (). 3. . 4. Windows 2000 , , Found New Hardware ( ), , Windows 2000 . Found New Hardware, , Restart The Computer When I Click Finish ( ) , Finish Found New Hardware, Configure Your Server ( ), . 5. I Will Configure This Server Later ( ) Next (). 6. Show This Screen At Startup ( ). 7. Configure Your Server. Windows 2000 Server , Administrator. Windows NT Server Start Shut Down . , , . Server 1 (primary domain controller, PDC) Domain 1. . ! , , , . .

Microsoft Microsoft (Microsoft Certified Professional, MCP) . Microsoft . Microsoft. Microsoft . . Microsoft (Microsoft Certified Professional, MCP) Microsoft. , Microsoft BackOffice, . Microsoft + (MCP + Internet) , , , (Common Gateway Interface, CGI) (Internet Server Application Programming Interface, ISAPI), , . Microsoft + Site Bulding (MCP + Site Bulding) , , \- Microsoft. Microsoft (Microsoft Certified Systems Engineer) , , Microsoft Windows 95, Microsoft Windows NT Microsoft BackOffice. 1 Microsoft + (MCSE + Internet) - , , , , . , Web- . Microsoft (Microsoft Certified Database Administrator, MCDBA) , , , SQL, , , , Microsoft SQL Server. Microsoft (Microsoft Certified Solution Developer, MCSD) , Microsoft, Microsoft Office Microsoft BackOffice. Microsoft (Microsoft Certified Trainer, MCT) Microsoft.

XXXVIII

Microsoft Microsoft , . Microsoft , , . , , . , Microsoft , . . Microsoft Certified Professional : Microsoft; Microsoft Web- ; MSDN Online Certified Membership, , ( MSDN Online , ); , , \\- MSDN; , , Microsoft; , Microsoft; Microsoft Certified Professional; Microsoft, Microsoft. , , : - Microsoft TechNet Technical Information Network; - Microsoft ( 12 - - Microsoft), . Microsoft . , Microsoft: ; , ; ; ; ; . , , http://www.microsoft.com/mcp/mktg/bus_bene.htm ( http://www. microsoft. com/rus/mcp/org_be nefits.html).

XXXIX

, . Microsoft , Microsoft. , , Microsoft. Microsoft . , Microsoft BackOffice, . Microsoft + Microsoft Windows NT Server 4.0, TCP/IP Microsoft Internet Information Server. Microsoft + Site Building Microsoft Front Page, Microsoft Site Server Microsoft Visual InterDev. Microsoft Microsoft Windows, Microsoft BackOffice, Microsoft + . Microsoft . Micro .oft Microsoft Windows Microsoft BackOffice. Microsoft Microsoft. Microsoft (800) 636-7544 ( ) http://www.microsoft.com/train_cert/mct/. Microsoft.

: , , .

. Microsoft Press Microsoft Developer Division Microsoft. , , , , . .

. , Microsoft . Microsoft , . .

Microsoft Microsoft (Certified Technical Education Center, CTEC) . Microsoft CTEC , Microsoft. , Web- Microsoft http://www.microsoft.com/CTEC/default.htm ( : http://www.microsoft.com/rus/CTEC/default.htm).

, , - . , Microsoft Press . tkinput@microsort.com : Microsoft Press Attn:MCSE Training Kit-Microsoft Windows 2000 Professional Editor One Microsoft Way Redmond,WA 98052-6399 Microsoft Press http://mspress.microsoft.com/support/. , . Microsoft Web- Microsoft http://www.microsoft.com/support/ Microsoft Support Network Sales no (800) 936-3500 - . Microsoft , Microsoft Sales (800) 426-9400 www.microsoft.com.

1

Microsoft Windows 2000

1 > Windows 2000 2. 3. 5. Windows 2000 Windows 2000 Windows Security

212 17 24 28 32

4. Windows 2000

Microsoft Windows 2000 , . , , . Windows 2000 Windows 2000. , Windows Security ( Windows). , .

2

Microsoft Windows 2000

t

1. Windows 2000 Windows 2000, . , . , : / Windows 2000; / Windows 2000 Professional Windows 2000 Server; S Windows 2000; S . 15 .

Windows 2000Windows 2000 . , . (Total cost of ownership, TCO) , , . , , - , - . Windows 2000. Windows 2000 Professional. , Microsoft Windows 98 , , Microsoft Windows NT Workstation 4.0. Windows 2000 Professional Windows 2000 Server Windows NT. Microsoft . Windows 2000 Server. , , , Web-, Windows 2000 Professional, . , \\-, . Windows 2000 : Windows 2000 Advanced Server Windows 2000 Datacenter Server. Windows 2000 Advanced Server. , (network operations system, NOS) . Advanced Server , . . Windows 2000 Datacenter Server. Windows 2000. , , -

1

Windows 2000

. . . 1-1 Windows 2000. . 1-1. Windows 2000 Active Directory Active Directory , . . Active Directory , , , Active Directory -. Windows 95, Windows 98, Windows NT Windows 2000 , Active Directory. Software Development Kit (SDK) , . , . ATM , , Windows 2000 . , , SSL TLS, , IP. , .509 V3, . , ( ) Microsoft Transaction Server ( ). , , , NTFS .

Active Directory (Active Directory Service Interfaces, ADSI)

(Asynchronous Transfer Mode, ATM)

Microsoft Windows 2000

1

. 1-1.

Windows 2000 () DHCP DNS Active Directory IP IP- . DHCP IP- , IP

Dynamic Host Configuration Protocol (DHCP) Domain Name System (DNS) Active Directory (Encrypting File System, EPS) ( Active Directory)

Windows 2000 . , . Disk Management ( ) , . , , Active Directory. , , , , . , Search () Start (), HTML, IntelliMirror Windows 2000 Professional. IntelliMirror , . Windows 2000 Professional , , . IAS PvADIUS (Remote Authentication Dial-In User Service), IETF (Internet Enginee ring Task Force) . , . , , (network address translation, NAT),

IntelliMirror

(Internet Authentication Service, IAS) (Internet Connection Sharing, ICS)

1

Windows 2000

. 1-1.

Windows 2000 () IIS, Microsoft Windows 2000 Server, . IIS ^feb-, . IIS ASP (IPSec) . IETF (Internet Engineering Task Force) TCP/IP Kerberos V5 . Windows 2000 , , . Kerberos V5 , , , , , , L2TP (Pointto-Point Tunneling Protocol) , LDAP (Lightweight Directory Access Protocol) , Active Directory. LDAP 3 IETF (Internet Engineering Task Force) Windows 2000 , , . , , , UNIX Microsoft (MMC) . .

Internet Information Services (IIS) 5.0

Internet Security Protocol (IPSec)

(Cerberos V5

Layer 2 Tunneling Protocol (L2TP) LDAP

Microsoft (Microsoft Management Console, MMC)

5. 1-1.

Microsoft Window*: 2000

1

Windows 2000 () NAT IP- , . IP-, IP- . , Windows 2000 Windows , . Windows 2000 : Windows NT Server 3.51 4.0; , Windows 3.x, Windows 95, Windows 98 Windows NT Workstation 4.0; S/390 AS/400 SNA-; Macintosh, Macintosh Windows 2000 Server TCP/IP ( AFP IP)

(Network Address Translation, NAT)

,

Plug and Play (PnP)

Plug and Play QoS, . , . QoS , Windows 2000 Professional, . - boot ROM (Pre-Boot execution Environment), . Removable Storage ( ) (, ) , . , . , . , . Remote Storage ( ) ,

(Quality of Servict, QoS) (Remote Installation Services, RIS)

1 . 1-1.

Windows 2000 Windows 2000 () Routing and Remote Access ( ) , , IP, IPX AppleTalk. Windows 2QOO Server , , Windows 2000 , , . , Windows 2000 . , -, SSL TLS, , IP IP- , , , Windows 2000 Server , . [ , . , Windows 2000 Professional 32- , . Windows, . ( , Windows, Citrix Systeim.) , , . - , . Windows 2000 Server .

-

TAPI 3.0

(Virtual Private Network, VPN)

3

Microsoft Windows 2000

1

. 1-1.

Windows 2000 () L2TP (Layer 2 Tunneling Protocol), (Point-to-Point Tunneling Protocol) . L2TP , . IPSec (Internet Protocol Security), , . IPSec

Windows Windows (Windows Scripting Host, WSH) , , ; . , , Visual Basic Scripting Edition JScript

Windows 2000 . Windows 2000 Professional, Windows 2000 Server . .

(workgroup) , , . (peer-to-peer) , . Windows 2000 Server Windows 2000 Professional (. 1-1), , . . : , ; , , . , ; , .

1

Windows 2000

Windows 2000: Windows 2000 Server ; : ; . ( , 10 .)

Windows 2000 Professional

Windows 2000 Professional

Windows 2000 Server

. 1-1.

Windows 2000

Windows 2000 Server, Windows 2000, (stand-alone server).

(domain) Windows 2000 , (. 1-2). (directory database) . , , . Active Directory Windows. Active Directory , . .

10

Microsoft Windows 2000

1

. 1-2. Windows 2000 , , . . Windows 2000 Server. . , : , ISDN (Integrated Services Digital Network), , Ethernet, , , . 2. Windows 2000 : , . ; , , . , ; , . Windows 2000 . Windows 2000 Server. . , Windows 2000 . , , . . . Windows 2000 Server. (member server) . ; , , .

1

Windows 2000

31

Windows 2000 Professional. , .

Windows 2000 - . Windows 2000 : Windows 2000 Professional, Windows 2000 Server, Windows 2000 Advanced Server Windows 2000 Datacenter Server. Windows 2000 Professional , Windows 2000 Server. Windows 2000 Server , , Web-. Windows 2000 , , . Windows 2000 Server. Windows 2000 Professional Windows 2000 Server , . Windows 2000 , , . , , .

: Microwatt Windows 2000

1

Windows 2000Windows 2000 , , , . , . , : ^ Windows 2000. 15 .

, Windows 2000 Windows, 2000 ; () () (.1-3). Windows 2000 .

( (HAL)

. 1-3. Windows 2000

Windows 2000 : .

2

Windows 2000

-| 3

Windows 2000 , . (environment subsystems), , API-. API, , Windows 2000, . . 1-2 Windows 2000. .1-2. Windows 2000 Win32, Wml6 MS-DOS. - , API 16- OS/2 API POSIX-

32- Windows 2000 Windows (Win32)

OS/2 UNIX (POSIX)

, , : ; ; API ; Microsoft CD-ROM (MSCDEX); API ; ; ; , ; , , (central processing unii, CPU) , .

. .1-3 . , . 1-3.

j 4 . 1-3.

Microwatt Windows 2000 Windows 2000

1

, . , . . , API . Windows 2000 , API . Windows . 2000

. , . : Windows 2000, , (Hardware Abstraction Layer, HAL). Windows 2000 - , . Microsoft Win32. Windows 2000 Windows 2000. : , ; . (. 1-4). . 1-4. - Windows 2000 - . , -, (file systems), - . . (device drivers) , , . (cache manager) -, .

2

Windows 2000

15

. 1-4.

Windows 2000 () , , . VMM (demand paging) , ( ) ( , ). IPC : (local procedure call, LPC), , , (remote procedure call, RPC), , . (process) . (thread) . , API- , , , , Win32k.sys, . , . GDI , , , , ,

(Virtual Memory Manager, VMM)

(Interprocess Communication Manager, I PC)

Plug and Play

(Graphical Device Interface, GDI)

. - .

, Windows 2000 . - , -, -

^g

Microwoft Windows 2000

1

. Windows 2000 Intel Alpha , .

Windows 2000, : . : , Windows 2000 , , . , .

3

Windows 2000

-j 7

3. Windows 2000 . Windows 2000 Active Directory. Active Directory . Active Directory , Active Directory . , Active Directory. , : S ; / Active Directory; S Active Directory. 20 .

(Directory) , . , . . , , , , , , . , . , , . , . , , . , . , , . . . , . , .

. .

18

1: 1. Ctrl+Alt+Delete. Windows Security. 2. Lock Computer (). Computer Locked ( ) , , .

30

Microwoft Windows 2000

1

3. Ctrl+Alt+Delete. Unlock Computer ( ). 4. Password () , . > 2: 1. Ctrl+Alt+Delete. Windows Security. 2. Change Password ( ).

',

3. 4.

5. 6.

. , User Name () Log On To ( ) . Old Password ( ) . New Password ( ) Confirm New Password () . . Windows Security. Cancel.

> 3: Task Manager Wordpad, , Task Manager. , , . 1. Start\Programs\Accessories (\\) WordPad. WordPad. 2. . 3. Ctrl+Alt+Delete. Windows Security. 4. Task Manager ( ). Windows Task Manager ( Windows). 5. Applications (), . . 6. WordPad, End Task ( ). WordPad, . 1-10 .

f a response from you, return to Windows and check the status tit the program. c6ck Cancel,

ar&i unsaved date. To end the pragi am itow, click End-:

---.-'_[ . , . . - .

... IndNowi I f Kinc^:'

. 1-.

5

Windows Security

31

( End Task), Wait (), . WordPad , \VbrdPad , Cancel. \\ferdPad , End Now ( ) WardPad. Task Manager . 7. Task Manager. > 4: 1. Ctrl + Alt+Delete. Windows Security. 2. Log Off ( ). . 3. Yes. : Start () Shut Down ( ), Log Off Administrator ( ) . > 5: 1. Ctrl+AJt+Detete. Windows Security. 2. Shut Down ( ). Shut Down Windows ( Windows). Shut Down ( ). 3. Cancel Windows Security.

, Windows Security ( Windows) CtrHAlt+Delete , . , Windows Security , , Task Manager, ^, .

32

Microwoft Windows 2000

1

7J . , . . .

1. Windows 2000 Professional Windows 2000 Server? 2. ? 3. Active Directory? 4. Active Directory? 5. ? 6. Windows Security ( Windows)?

2

Active Directory

1. 2.

Active Directory Active Directory

34 41 52

. Windows Microsoft Windows 2000 Active Directory . Active Directory : , . Active Directory.

.

Active Directory

2

1, Active Directory Active Directory , . Active Directory , , : S Active Directory; S Active Directory. 30 .

Active Directory 1 , , , , Active Directory . , , , , , , , (object). , . (attribute) . , (user account) , , (. 2-1)

(Jane Doe) .. John Doe" ,.

. 2-1. Active Directory

Active Directory , . , , , , (). , , (container). , , , . Active Directory, ,

1

Active Directory

35

Active Directory Active Directory (definitions), , Active Directory, . , Active Directory , Active Directory. : . (schema objects) (metadata). . , . , Description , , . , (object classes), , Active Directory . . . , ' User Netwok Address, Home Directory . Active Directory . Windows 2000 Server . , . , *! , , Users. . , , , .

Active DirectoryActive Directory , . Active Directory: , , , . ( ) . Active Directory .

Active Directory , . , . Active Directory . . 2-2 Active Directory.

:

Active Directory

2

. 2-2.

,

Active Directory , . , , , : , , , , , . Active Directory . . : , , . 10 , 1 ; . (access control lists, ACL) . , , . Windows 2000 , , , Active Directory. , , , , . .

() , , - , () , , , , , , , .

1

Active Directory

3?

, . , , , . . 2-3 , domain.com : US, Orders Disp. , . , . , Orders.

domain.com/

\

s

ai4 .

\

. 2-3.

US, Orders Disp, . US, Orders Disp. , Active Directory (Orders Disp) - (US). ,

(tree) , Windows 2000, . > . . : (Domain Name System, DNS), . . 2-4 microsoft.com , a us.microsofl.com uk.microsoft.com . uk.microsoft.com sls.uk.microsoft.com; , , Active Directory;

Active Directory

2

, , . microsoft.com

uk.microsoft.com /

\

us.microsoft.co

s.uk.micro5oft.com

. 2-4. , . , . .

(forest) , , . : ; , ; ; , ; . . 2-5 microsoft.com msn.com. . micrasoft.com uk.microsoft.com us.msn.com msn.com

sls.uk.microsoft.com. 2-5.

sls.uk.msn.com

1

Active Directory

39

Active Directory . , .

(site) IP , . , ". , , , . , 512 /, 128 /. Active Directory . , , , . , . , .

Windows 2000 Server, ( ). , , . : Active Directory, , ; . Active Directory - . . , Windows 2000 , ; , , ; Active Directory (multimaster replicaton), . , , . , ; . , , Active Directory;

40

a Active Directory

2

, Active Directory .

, , Active Directory. . Active Directory , . Active Directory , . Active Directory , . Active Directory . Active Directory , . Active Directory , , . () , . Windows 2000, , , . Active Directory . IP, . Windows 2000 Server, .

2

Active Directory

41

'. Active Directory Active Directory , , , , DNS . Active Directory. , : S S S S S Active Directory; Active Directory; ( ] ); DNS, Active Directory; Active Directory . 20 .

(global catalog) (, 2-6). , (global catalog server). , . , (, , ..). , , , . ; , ; . , , , . , . , , . , .

42

Active Directory

2

/

/

. 2-6.

! Domain Admins ( ), , , , . , , . . . , , . , . , .

, . . , .

, (directory partition). . : , ;

2

Active Directory

43

, . ; . , ,

. . , . : ; ; . , . : ; ; ( ); , . ! - .

Active Directory , , . Active Directory . , (. 2-7). , , . , . Active Directory . , Active Directory .

Active Directory

4

. i

3 * 3

. 2-7.

(site link). Active Directory -, . , , , . , Active Directory , . , ,

(trust realtionship) , . Active Directory . (implicit two-way transitive trust). . , (). Kerberos, Windows 2000 . . 2-8, : , , . . . - . .

2

Active Directory

4S

( , ).

. 2-8.

Active Directory

(explicit one-way nontransitive trust). , . . () . , . 2-8 , 1, 1 . : Windows 2000 Windows NT; Windows 2000 Windows 2000 Windows 2000 (realm) MIT Kerberos V5, Kerberos Active Directory .

DNS , Active Directory . (namespace) , . (name resolution) , . Active Directory DNS, . DNS , . DNS : DNS , IP-; DNS , IP-. IP- ,, ; DNS , , .

46

Active Directory

2

. RFC 1034 1035. RFC 1034 RFC 1035. Active Directory DNS , Windows 2000 DNS. Windows 2000 Server (Dynamic DNS, DDNS), , , DNS- DNS. DDNS , Windows Internet Name Service (WINS). ! Active Directory DNS.

(domain namespace) , DNS. (node) DNS. . DNS , . , (subdomain). , . , . 2-9 sales.microsoft.com sales microsoft.com, a microsoft com.

Computer 1 .sales .micro solt.com

. 2-9.

2

Active Directory

4?

, , . : (contiguous namespace) . ; (disjointed namespace) , . , : www.microsoft.com; msdn.microsoft.com; www.msn.com. microsoft.com, . DNS , Windows 2000. Windows 2000 , , . ; (.). , Network Solutions, Inc. . . 2-1 . . 2-1.

gov com edu org net

, ru . , , Network Solutions, Inc., . : . , 2-2 .

Active Directory

2

. 2-2.

Microsoft World Wide \Vfeb

ed.gov microsoft.com stanford.eduw3.org

pm.gov.au

-

gov.au, edu.au com.au . ., .

. , . 2-9 Computer! . (Fully Qualified Domain Name, FQDN), . . 2-9 computerl.sales.microsofi.com. ( , ) . , , NelBIOS .

, . . , . 2-10 microson.com . microsoft sales, development. . , , . 2-10, , sales.microsoft.com development.microsoft.com, sales development . IP- . , (zone's root domain). . . 2-10 microsoft.com Zonei, IP- microsoft sales. Zone2 development, IP- development. Zonel development, microsoft.

Active Directory

49

Zone!

Zone2

Zonet . 2-10.

Zone2

, , , . (name server) :, (primary zone database file). To . , , , . , . : . , , . (zone transfer). . , , ; . , , -; , . DNS Active Directory . 5.

Active Directory . Active Directory : (distinguished name, DN), {relative distinguished name, RDN), (globally unique identifier, GU1D) (user principal name, UPN).

Active Directory (distinguished name, DN). ,

50

Active Directory

2

. DN , , . , DN - Firstname Lastname microsoft.com ( Firstname Lastname ): DC=COM/DC=Mic rosoft/OU=dev/CN=Users/CN=Fi rstname Lastname , . . 2-3.

01 CN

. Active Directory . RFC 1779. RFC 1779.

Active Directory , , DN . (relative distinguished name, RDN) , . RDN - Firstname Lastname Firstname Lastname, a RDN Users. Active Directory RDN , () . , Jane Doe, . Jane Doe, DN (. 2-11). (DN) (RDN) _/ Users / Sales / Managers/ Jane Doe

ON RDN

. 2-11.

2

Active Directory

51

(globally unique identifier, GUID) 128- , . . GUID DN. Windows NT (security identifier, SID), , SID . GUID , .

(user principal name, UPN) , DN . , , , DNS- , USER. : , @, . , James Smith microsoft.com username@microsoft.com. UPN DN -, User , .

, Active Directory, , , , DNS . , Active Directory. . Active Directory . Active Directory . , . , , . Active Directory : . Active Directory DNS , Windows 2000 DNS-. Windows 2000 Server DDNS, DNS- DNS. . , , Active Directory: (DN), (RDN), (GU1D), (UPN).

52

Active Directory

2

7 1 . , . . .

1. Active Directory? 2. ()? 3. ? 4. ?

3

Active Directory

1 2, 3. 4.

Active Directory Active Directory Task Scheduler

56bfi?? 7

\ctive Directory. : Active Directory, , , , Active Directory, Active Directory Windows 2000. : , ( Start\Adminislrative Tools) Task Scheduler ( ).

: , ; Windows 2000;

Active Directory

3

1. Active Directory Active Directory. , : S Active Directory Windows 2000. 5 .

Active Directory Windows 2000 Active Directory Windows 2000 , . (. 3-1). . 3-1. Active Directory Active Directory , , , , Active Directory, , () . , , , . , , , Active Directory. Active Directory , , . Active Directory Remote Installation Services (RIS) Windows 2000

Active Directory Active Directory

Active Directory Windows 2000

1

Active Directory

55

, , , .

Active Directory, Active Directory, , Active Directory, Active Directory, , Active Directory Windows 2000.

g

Active Directory

3

2, Active Directory Windows 2000 Server . Active Directory , . Active Directory . , : S Active Directory Users and Computers, Active Directory Sites and Services, Active Directory Domains and Trusts; S , , , , . - 20 .

Active Directory , Windows 2000. , Administrative Tools. Windows 2000, Active Directory , . Administrative Tools Windows 2000 Active Directory: Active Directory Domains and Trusts (Active Directory ); Active Directory Sites and Services (Active Directory ); Active Directory Users and Computers (Active Directory );

Active Directory Domains and Trusts , , Windows NT Kerberos V5. Active Directory Domains and Trusts : ( , Windows 2000, Windows 2000) ; Windows 2000 ; (user principal name, UPN), ; ; .

Active Directory Sites and Services Active Directory. Active Directory, , .

2

Active Directory

57

Active Directory Users and Computers , , Windows 2000, , , , , .

Active Directory Active Directory Administrative Tools, Active Directory .

Active Directory Schema Active Directory. Administrative Tools. Administration Tools Windows 2000, Add/Remove Programs . ADMINPAK.MSI - Windows 2000 Server. ^ Active Directory Schema 1. . 2. Start\Settings (\) Control Panel ( ). 3. Add/Remove Programs ( ). 4. Add/Remove Programs Change Or Remove Programs ( ), Windows 2000 Administration Tools Change (). 5. Next. 6. Setup Options ( ) Install All Of The Administrative Tools ( ), Next. 7. Windows 2000. Finish (). 8. Add/Remove Programs, Control Panel. 9. Start Run (). 10. Open () mmc . 11. Console () Add/Remove Snap-In (/ ). 12. Add (). 13. Add Standalone Snap-In ( ) Snap-In () Active Directory Schema ( Active Directory), Close () . 14. Console Save (). ! Active Directory , . Active Directory Microsoft Active Directory Programmer's Guide.

Active Directory Windows 2000 Support Tools , , Active Directory.

4-434

58

Active Directory

3

\Support\Tools - Windows 2000. Microsoft, . Active Directory . > Windows 2000 Support Tools 1. Windows 2000. . 2. CD-ROM - Windows 2000. 3. Microsoft Windows 2000 CD (- Microsoft Windows 2000) -. 4. \SUPPORT\TOOLS. 5. Setup.exe. 6. , . Windows 2000 Support Tools , 18,2 . Windows 2000 Support Tools Programs Start. \Program Files\Resource Kit ( , ) PATH . . 3-2 Active Directory. . 3-2. ACLDIAG.EXE: ACL Diagnostics Active Directory , . . 14 Microsoft, ( ), (DFS), DFS, DFS DNS, DNS, Active Directory. 14 . 14 LDAP- Active Directory. 14 Active Directory, () , . 11

ADS1 Edit 3

DFSUTIL.EXE: Distributed File System Utility 1 DNSCMD.EXE: DNS Server Troubleshooting Tool1 DSACLS.EXE1 DSASTAT.EXE: Active Directory Diagnostic Tool LDP. EXE: Active Directory Administration Tool MOVETREE.EXE: Active 1 Directory Object Manager

2 . 3-2. NETDOM.EXE: Windows 2000 Domain Manager NLTEST.EXE1

Active Directory Active Directory () Windows 2000

, , . 14 , , . - , . 14 , { ), . . 14 . , , . 14 Windows 2000 Windows NT. : Showaccs.cxe Sidwalk.exe1 , Security Migration Editor3 (SID)

REPADMIN.EXE: Replication Diagnostics Tool1

REPLMON.EXE: Active Directory Replication Monitor

SDCHECK.EXE: Security Descriptor Check Utility1

SIDwalker: Security Administration Tools

1 3

. . (Microsoft Management Console).

Active Directory . Microsoft Windows Server 2000 Resource Kit (Microsoft Press, 2000)*.

Active Directory Active Directory (Active Directory Service Interfaces, ADSI} , , - Active Directory. ADSI , , Microsoft Visual Basic, Java, , Visual C++, , VBScript, JScript, PerlScript, * Windows 2000 . 2001 . . .

5Q

Active Directory

3

. ADSI , . ADSI , , LDAP .

(Microsoft Management Console) , , (console). Active Directory, . , Active Directory Domains and Trusts (Active Directory ), Active Directory Sites and Services (Active Directory ) Active Directory Users, and Computers (Active Directory ) . . , , (snap-in), . : () . Administrative Toots (). . , .

. Windows 2000 , : , ; , , . , , ; Windows 2000. Windows 2000 Server Windows 2000 Professional ; Windows 2000. Windows 2000 , - . , DNS DNS. . 3-3 Windows 2000 . . 3-3.

Active Directory Domains and Trusts '

2

Active Directory

. 3-3. () Active Directory Sites and Services ' Active Directory Users and Computers ' Component Services ( ) Computer Management ( ) Configure Your Server ( ) Data Sources (ODBC) [ (ODBC)] DHCP

Active Directory , , Active Directory + Windows , ODBC (Open Database Connectivity) , Windows DHCP (Dynamic Host Configuration Protocol) , DNS, DNS- IP-

Distributed File System (DPS) [ (DPS)]DNS ''2

Domain Controller Security Policy ( ) 1 ' Domain Security Policy ( ) ' Event Viewer ( ) Internet Services Manager ( ) Licensing () Local Security Policy ( ) Performance ( ) Routing and Remote Access ( )

, Windows IIS (Internet Information Services) , \\- ,

g2

Active Directory

3

. 3-3. (} Server Extensions Administrator ( ) Services () Telnet Server Administration ( Telnet)1 2 3

Microsoft FrontPage Server Extensions \Veb-cepBepoB FrontPage Telnet

Windows 2000 Professional. Windows 2000 Server. Windows 2000 Server.

. - . , , , . : ; ; . . , , . .msc. , , , .

(console tree), . . 3-1, Device Manager ( ) Disk Defragmenter ( ). , . , , . (details panel) . Action () View (). () .

2

Active Directory

63

. 3-1._. [J;

, . . .

(snap-in). . Window* 2000 Server . Windows 2000 Professional .

- (extension). . . . , Software Installation ( ) Group Policy, Disk Defragmenter, . Windows 2000 , . Windows 2000 - . . . . 3-2 . ( ) (). , , ( ).

64

Active Directory

3

; "";; 1 [ ] rr , J Computer / [ Management Event Viewer Device Manager . . . . . 3-2.

. , , . : Author () User (). . 12.

, , . : ; ; ; . .

, . . (. 3-4).

2 . 3-4.

Active Directory

gg

Full Access ( )

, , , , i ,

Limited Access, Multiple Windows ( ) Limited Access, Single Window ( )

,

Active Directory, Active Directory Domains and Trusts . Active Directory Sites and Services Active Directory. Active Directory Users and Computers , , Active Directory. , , . , . () ; Administrative Tools. . , . , . . . . . . : Author () User (). , , . User, .

55

Active Directory

3

3, , . , : S ; S ; S . 30 .

Start\Programs\Administrative Tools (\\). Computer Management , My Computer ( ) Manage ().

. ^ 1. Start () Run (). 2. Open mmc . , Console 1. Console Root. . , . . 3-5 Console (). . 3-5. Console ( ) ()

! New () Open () Save () Save As ( ) Add/Remove Snap-In (/ ) Options () 3. .

3

gy

. . , Windows 2000 Professional Windows 2000 Server. ; . : , Windows 2000; , . , Windows 2000 . , Windows 2000 Server . Windows 2000 Professional. Windows 2000 Professional , Windows 2000 Server, Windows 2000 Professional. My Network Places ( ) Windows 2000 Add/Remove Programs , Windows 2000 Professional- . , , .

: Jf , : ^ ; ; .

1: ^ : 1. Administrator (). 2. Start\Programs\Administrative Tools (\\) Event Viewer ( ). Event Viewer, . Event Viewer . ? ? 3. Event Viewer.

gg

Active Directory

3

2: . , . , . . ^ 1: 1. Start () Run. 2. Open mmc . , Consolel Console Root ( ). . , . 3. Consolel. 4. Console Root. 5. Console () Options (). Options () Console (), . , , , ? , Console Mode ( ) Author Mode ( ) . Console Save As ( ). . File Name ( ) All Events Save. . Console Exit (). All Events .

6. 7. 8. 9.

^ 2: 1. Start\Programs\Administrative Tools All Events. Events, . > 3: Event Viewer 1. Console All Events Add/Remove Snap-In (/ ). Standalone ( ). , , . 2. Add (). Add Standalone Snap-In (. 3-3). . , , . 3. Event Viewer ( ) Add (). Select Computer ( ) , . , Event Viewer , ; , Event Viewer .

3

69

Event Viewer , Another Computer ( ) Browse (). Select Computer (: ) , Event Viewer, .

Use lh 0 Wto add jgmove a slwdabne Snapn from #e eorwofe

soft Coipoialia ive Drectny Sites and Seivi ActiveX Control jgt Component Services Computer M anagemenl Device Manager DHCP D.sk Deiiaamenlei Microsoft Corpriiato K-e Dkectny Users and Corrpiitas Microsoft Coip

. 3-3.

Add Standalone Snap-In ( )

4. , Select Computer Local Computer ( ) Finish (). 5. Add Standalone Snap-In Close (), Add/Remove Snap-In - OK. Event Viewer (Local) . , . ^ 4: , 1. All Events Event Viewer (Local) System (). . 2. , Source () eventlog. Event Properties (: ). . . 3. Event Properties, .

7Q

Active Directory

3

4. Console Exit, All Events. , All Events. 5. No (). > 5: 1. Start () Run. 2. Open mmc . . 3. Consolel Console Root. 4. Console Add/Remove Snap-In. Add/Remove Snap-In Standalone. . 5. Add. Add Standalone Snap-In. . 6. Computer Management Add. Computer Management, , . Computer Management ( ) . 7. , Local Computer Finish. 8. Close. Computer Management . 9. Add/Remove Snap-In . Computer Management . . 10. Computer Management , System Tools ( ). .

, , System Information ( ) Device Manager ( ). , . 11. Console Add/Remove Snap-In. Add/Remove Snap-In Standalone. 12. Computer Management (Local) Extensions (), Computer Management. , ? 13. Add All Extensions ( ), Available Extensions ( ) Device Manager Extension ( ) System Information Extension ( ). 14. . .

3

J1

15. Computer Management ( ) System Tools ( ), , System Information Device Manager . .

? 16. . , . 17. No.

, , . Event Viewer. . Start. : Event Viewer, , , , Computer Management. , , . , , .

72

Active Directory

3

4. Task Scheduler Task Scheduler ( ) , . Task Scheduler . , : / Task Scheduler . 25 .

Task SchedulerWindows 2000 Scheduled Tasks ( ), Control Panel ( ); Start\Programs\ Accessories\System Tools (\\\ ). Scheduled Tasks , My Network Places ( ). Scheduled Tasks . , , - . Task Scheduler ( ) : ; , .

Scheduled Task ( ). Add Scheduled Task ( ) Scheduled Tasks. . 3-6 , . . 3-6. Frequency ( ) Scheduled Task : , , , ,

Application () , . Windows 2000 Browse (), Task name ( ) Time and date ( ) Name and password ( ) . , . , .

4 . 3-6. Scheduled Task ()

Task Scheduler

, , , , . , , Advanced Properties ( ) ,

, Scheduled Task, . . 3-7 . . 3-7. Task () Advanced Properties Scheduled Task Wizard , , . ^ , (, 22.00 ) , , , , , . , .

Schedule () Settings ()

Security ()

: Task Scheduler

,1

, : ; Task Scheduler.

Disk Defragmenter ( ) . Task Scheduler. ^ 1: 1. My Computer ( ), Control Panel Scheduled Tasks ( ). Scheduled Tasks. , Add Scheduled Task ( ).

Active Directory

3

2. Add Scheduled Task. Scheduled Task. 3. Next. . , Windows 2000, Browse () . 4. Browse (). Select Program To Schedule ( , ). 5. Program Files, WINNT. 6. Accessories, DFRG.MSC. 7. Launch Disk Defragmenter (. 3-4). , , . Scheduled Tasks ( ) .Scheduled Task Wizard Tjjps a name fot (his 1- . 1 Iv i.'ist' ivune c.vi hr

. 3-4.

Scheduled Task ( )

8. One Time Only (), Next. 9. Start Time ( ) 4 . . , . Start Date ( ). 10. Next. . , . , . , , SERVERl\Administrator, ( SERVER1, ). , . .

3

75

11. Enter The Password ( ) Confirm Password () password. 12. Next. Advanced Properties ( ) . 13. Finish (). , . 14. , , , 9. Disk Defragmented 15. Disk Defragmenter. ^ 2: Task Scheduler 1. Scheduled Tasks ( ) Launch WordPad. Launch WordPad. . , Advanced Properties ( ) Scheduled Task. He - . 2. Settings (). . 3. Delete The Task If It Is Not Scheduled To Run Again ( , ). 4. Schedule () 2 . . 5. . , , , 4. WDrdPad. 6. WordPad. , Scheduled Tasks . . 7. Scheduled Tasks ( ). 8. Windows 2000.

Task Scheduler , , . Windows 2000 Scheduled Tasks ( ), Control Panel My Computer. , , . Scheduled Tasks , My Network Places ( ). , , - . Scheduled Task Disk Defragmenter .

Active Directory

3

? 1 . , . . .

1. Active Directory Domains and Trusts, Active Directory Sites and Services Active Directory Users and Computers? 2. ? 3. ? 4. , Computer Management Active Directory Users and Computers. , : - ; ; . ? 5. Windows 2000 Server , Windows 2000 Professional? 6. Windows 2000 Server . ?

4

Active Directory

1,

Active Directory

789096 104

2, Active Directory 3. 4.

107

Windows 2000 Active Directory. Active Directory , () .

: , ; ; ; Microsoft (Microsoft Management Console, MMC).

78

Active Directory

4

1. Active DirectoryActive Directory ! . Active Directory, , , . Active Directory , . Active Directory. , : S ; S ; S ; S . 35 .

Active Directory , , . : ; ; .

, . , . 4-1 Microsoft . Administration (), Purchasing (), Sales () Distribution (). -, -, .

1

Active Directory

79

. 4-1.

Microsoft no

Active Directory. , , Active Directory. : ; ; . : ; ; ; TCP/IP. , . 4-2 Microsoft. . , , Administrators. 5 3- . . , .

(6000 ) -^ 1, 51,2 /, 60%

(15 000 ) I (7000 ) -*7 /V\ (4000 ) 1

- (8500 )

\

71, 1544 /, 90% (9000 ) - [7500 ) (7000 ) . 4-2.

1, 51,2 /, 40%

. . . . . . . , . . , . . . , .

. . . : . , . . .

1

Active Directory

g-f

, . , . . , : ; ; ; ; ; ; . Microsoft , : ; -; ( ).

, , . . : , . . itx (Domain Name Service, DNS). DNS. , , , DNS, . , . DNS. . Microsoft . Microsoft , .

Active Directory DNS-. DNS , DNS. , DNS . . DNS ? Active Directory ? DNS?

82

Active Directory

4

DNS DNS- DNS, . , Microsoft microsoft.com. , . DNS , , . DNS Network Solutions, Inc., . DNS . , Microsoft Chicago, chicago.microsoft.com.

Active Directory . Active Directory DNS .

, (. 4-3). mcrosoft.com , . : , ( ); , , . , DNS, , , . , . , DNS . DNS . -, - , microsoft.com .

1 www,microsoft.com 192.168.0.20 ftp.microsoft.com 192.168.0.21DNS microsoft.com

Active Directory

83

microsoft.com

www.microsoft,com IN A 192.168.0.20 ftp.microsoft.com INA 192.168.0.21 microsoft.com server1.microsoft.com 172.16.0.5 Web- microsoft.com www.microsoft.com 172.16.0.6 DNS microsoft.com 172.16.0.2 dnssvr! .microsoft.com microsoft.com 172.16.0.5 server! .micrasoft.com 172.16.0.6 www. m icrosoft. com Clientl .microsoft.com INA172.16.0.46 ldap.tcpmicrosoft.com INSRVOO 389 server! .microsoft.com ldap.tcp.ms-dcs.microsoft.com

clientl .microsoft.com 172.16.0.46 . 4-3.

: , microsoft.com, ; ; , jsmith@microsoft.com . : - , ; , ; , , , ; , -.

(. 4-4). . microsoft.com , msn.com .

Active Directory www.microsoft.com 192.168.0.20 ftp.microsoft.com 192.168.0.21DNS microsoft.com

4

microsoft.com

www.microsoft.com IN A 192.168.0.20 ftp.microsoft.com IN A 192.168.0.21 microsoft.com server! .microsoft.com 192.168.1.5 Web- microsoft.com vwfw.microsoft.com 192.168.1.6 DNS microsoft.com dnssvrl .microsoft.com 192.168.1.2

clientl .microsoft.corn 192.168.1.46 . 4-4.

setver1.msn.com 192.168:1.5 www.msn.com 192.168.1.6 Client1.msn.com IN A 192.168.1.46 ldap.tcp.msn.com INSRV00389 server1.msn.com ldap.tcp.ms-dcs.msn.com

DNS . . , , DNS. , . microsoft.corn, msn.com . . : ; ; -, microsoft.com. : . , John Smith jsmith@msn.com, jsmith@microsoft.com; DNS .

t

Active

. (user principal name, UPN), .

: , . ; : ; DNS Unicode. Windows 2000 DNS: AZ, z, 09 (-), RFC 1035. Unicode , ASCII, ; Unicode, DNS-. Unicode . RFC 2044, RFC 2044. . , cot DNS, -. ; . , DNS; 63 , . 255 . . . 4-5 Microsoft. , microsoft.com, . microsoft.com

kc.microsoft.com,

/ \

"

col.microsoft.com

stp.microsoft.com/

Xchi.microsoft.com

. 4-5.

Microsoft

(). . -

86

Active Directory

4

, . , . . , . : . , ; , . :; ; , . . , , Temp Employees; Active Directory. , , . . 1. , , . 2. . . , . : ; ; . , , (. 4-6.). - ADM IN, DEVELOPMENT f DEVEL) SALES - . -.

t domain.com

Active Directory

. 4-6.

(. 4-7). WEST, CENTRAL EAST , . domain.com

. 4-7.

(. 4-8). NORTH AMERICA EUROPE , . .

Active Directory

4

domain.com

. 4-8.

Active Directory, IP-, . Active Directory . , . . Windows 2000 . . Windows 2000 , . . - . , , .

, () . , , , .

, . , , . -, , .

1

Active Directory

39

, , . , . , . . , . , , , . 1. . , , , , TCP/IP. 2. , . , . 3. , . , . 4. . , , . (site link object) , , . 5. . . , ( 100 ; , ). 3 . . 6. . (site link bridge) . 6.

Active Directory , , . , , . , DNS, DNS, DNS . , DNS. - . . Windows 2000. , .

5-434

90

Active Directory

4

Active Directory Active Directory , , Active Directory . DNS Active Directory . , : S Active Directory; S Active Directory . 25 .

Active Directory Active Directory : ; ; ; ; DNS-; ; ; Active Directory . Active Directory Administrative Toots () Configure Your Server ( ) DCPROMO . , Active Directory . Active Directory .

. .

. , Active Directory . (. 4-1). . 4-1. .

2

Active Directory

91

DNS Active DirectoryActive Directory DNS , . DNS , IP- LDAP- . LDAP , Active Directory . Active Directory, DNS, Active Directory DNS . DNS Active Directory. DNS- Active Directory. DNS Active Directory; , DNS- Windows 2000 . , , , DNS, DNS. DNS , MCSE Windows 2000, 2001. DNS Active Directory 5.

Active Directory , (. 4-2). . 4-2. , Active Directory .