Giao Trinh MCSA 70-290 VN

QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003
M C L C
PHN 1 QUN L V DUY TR H IU HNH ................... 6
CHNG 1: GII THIU H IU HNH WINDOWS SERVER 2003 CA MICROSOFT.................................................................................................................... 7 H H IU HNH WINDOWS SERVER 2003...................................................... 8 CI T WINDOWS SERVER 2003........................................................................ 15 CU HNH WINDOWS SERVER 2003 .................................................................... 32 TO MY CH QUN TR MIN........................................................................... 35 CC KHI NIM C BN V ACTIVE DIRECTORY.......................................... 46 TNG KT .................................................................................................................. 54 BI TP THC HNH.............................................................................................. 54 CC CU HI N TP............................................................................................. 55 CC KCH BN TNH HUNG ............................................................................... 57 CHNG 2: QUN TR H IU HNH MICROSOFT WINDOWS SERVER 2003................................................................................................................................... 58 S DNG MICROSOFT MANAGEMENT CONSOLE (MMC) ............................. 60 QUN TR MY CH BNG REMOTE DESKTOP FOR ADMINISTRATION (MN HNH QUN TR T XA).............................................................................. 73 S DNG REMOTE ASSISTANCE ......................................................................... 82 TNG KT .................................................................................................................. 88 BI TP THC HNH.............................................................................................. 89 CC CU HI N TP............................................................................................. 90 CC KCH BN TNH HUNG ............................................................................... 91 CHNG 3: GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003................................................................................................................................... 92 CC K NNG GIM ST MY CH .................................................................. 93 S DNG EVENT VIEWER ..................................................................................... 95 S DNG TASK MANAGER ................................................................................. 105 S DNG PERFORMANCE CONSOLE (BNG IU KHIN HIU NNG).. 112 TNG KT ................................................................................................................ 137 BI TP THC HNH............................................................................................ 138 CC CU HI N TP........................................................................................... 139 CC KCH BN TNH HUNG ............................................................................. 140 CHNG 4: SAO LU V PHC HI D LIU ................................................. 142 HIU BIT V SAO LU........................................................................................ 143 S DNG WINDOWS SERVER 2003 BACKUP................................................... 175 TNG KT ................................................................................................................ 182 BI TP THC HNH............................................................................................ 183 CC CU HI N TP........................................................................................... 184 KCH BN TNH HUNG....................................................................................... 185
CHNG 5: DUY TR H IU HNH ................................................................. 187 CC BN CP NHT CA H IU HNH WINDOWS.................................. 188 S DNG MICROSOFT BASELINE SECURITY ANALYZER........................... 194 S DNG WINDOWS UPDATE ............................................................................ 196 TRIN KHAI CC BN CP NHT TRONG H THNG MNG .................... 200 S DNG MICROSOFT SOFTWARE UPDATE SERVICES - SUS (DCH V CP NHT PHN MM CA MICROSOFT)....................................................... 208 QUN L CC BN QUYN PHN MM.......................................................... 222 TNG KT ................................................................................................................ 232 BI TP THC HNH............................................................................................ 233 CC CU HI N TP........................................................................................... 235 CC KCH BN TNH HUNG ............................................................................. 237
PHN 2
QUN L V DUY TR H IU HNH ............... 240
CHNG 6: LM VIC VI TI KHON NGI DNG ................................ 241 TM HIU TI KHON NGI DNG (USER ACCOUNT) .............................. 242 NHM LM VIC (Workgroup).............................................................................. 242 MIN (Domain) ......................................................................................................... 243 LP K HOCH TI KHON NGI DNG ..................................................... 244 T TN CHO TI KHON .................................................................................. 244 LA CHN MT KHU......................................................................................... 245 THIT K M HNH PHN CP ACTIVE DIRECTORY .................................. 247 LM VIC VI TI KHON NGI DNG CC B ....................................... 247 TI KHON NGI DNG CC B ................................................................... 249 QUN L TI KHON NGI DNG CC B ................................................ 250 LM VIC VI TI KHON NGI DNG MIN............................................ 251 TO TI KHON NGI DNG MIN............................................................... 253 QUN L TI KHON NGI DNG MIN ..................................................... 256 QUN L NG THI NHIU NGI DNG................................................... 269 DI CHUYN CC I TNG NGI DNG................................................... 270 KHI TO NG THI NHIU NGI DNG ................................................. 271 NHP I TNG NGI DNG S DNG CSV DIRECTORY EXCHANGE .................................................................................................................................... 273 TO I TNG NGI DNG BNG DSADD.EXE..................................... 276 QUN L KHI LC NGI DNG ................................................................ 279 NI DUNG KHI LC NGI DNG .............................................................. 280 S DNG KHI LC NGI DNG BT BUC ........................................... 284 GIM ST V KHC PHC S C VIC XC THC NGI DNG .......... 285 S DNG CHNH SCH KHO TI KHON ..................................................... 286 DCH V ACTIVE DIRECTORY MY KHCH .................................................. 287 KIM NH XC THC ......................................................................................... 289 TNG KT ................................................................................................................ 291 BI TP THC HNH............................................................................................ 293 CC CU HI N TP........................................................................................... 295 CC KCH BN TNH HUNG ............................................................................. 296 CHNG 7: LM VIC VI NHM ...................................................................... 298 HIU V NHM....................................................................................................... 299 QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003
S DNG NHM CC B ..................................................................................... 305 S DNG NHM ACTIVE DIRECTORY ............................................................. 306 CC NHM MC NH CA WINDOWS SERVER 2003.................................. 314 TO V QUN L CC I TNG NHM .................................................... 328 QUN L NHM T NG.................................................................................. 338 TNG KT ................................................................................................................ 343 BI TP THC HNH............................................................................................ 344 CC CU HI N TP........................................................................................... 346 CC KCH BN TNH HUNG ............................................................................. 348 CHNG 8: LM VIC VI TI KHON MY TNH ...................................... 349 TM HIU I TNG MY TNH (COMPUTER OBJECT) ............................. 350 B SUNG THM MY TNH VO MIN ............................................................ 353 TO I TNG MY TNH ............................................................................... 354 QUN L CC I TNG MY TNH............................................................. 369 KHC PHC S C TI KHON MY TNH .................................................... 375 TNG KT ................................................................................................................ 378 BI TP THC HNH............................................................................................ 380 CC CU HI N TP........................................................................................... 381 CC KCH BN TNH HUNG ............................................................................. 383
PHN 3 QUN L V DUY TR CC NGUN TI NGUYN CHIA S 385

CHNG 9: CHIA S CC TI NGUYN H THNG FILE ........................... 386 TM HIU V CC CP PHP............................................................................... 387 CC TH MC CHIA S ........................................................................................ 392 QUN L CC TH MC CHIA S ..................................................................... 403 S DNG CC QUYN NTFS ............................................................................... 411 QUN TR IIS ........................................................................................................... 426 TNG KT ................................................................................................................ 439 BI TP THC HNH............................................................................................ 441 CC CU HI N TP........................................................................................... 443 CC KCH BN TNH HUNG ............................................................................. 445 CHNG 10: LM VIC VI MY IN .................................................................. 448 TM HIU V M HNH IN N TRONG WINDOWS SERVER 2003 ................ 449 TRIN KHAI MY IN CHIA S ............................................................................. 451 CU HNH CC C TNH MY IN.................................................................... 461 GIM ST CC MY IN........................................................................................ 467 X L S C MY IN ........................................................................................... 472 TNG KT ................................................................................................................ 475 BI TP THC HNH............................................................................................ 476 CC CU HI N TP........................................................................................... 478 CC KCH BN TNH HUNG ............................................................................. 481
PHN 4
QUN L V DUY TR PHN CNG ................... 484
CHNG 11: QUN L CC TRNH IU KHIN THIT B......................... 485 TNG QUAN V TRNH IU KHIN THIT B ............................................... 486 TO CHIN LC DUY TR TRNH IU KHIN ............................................ 494 S DNG TRNH HNG DN ADD HARDWARE.......................................... 498 S DNG DEVICE MANAGER ............................................................................. 502 S DNG CONTROL PANEL ................................................................................ 512 X L S C CC THIT B V TRNH IU KHIN.................................... 514 TNG KT ................................................................................................................ 519 BI TP THC HNH............................................................................................ 521 CC CU HI N TP........................................................................................... 524 CC KCH BN TNH HUNG ............................................................................. 526 CHNG 12: QUN L LU TR D LIU TRN A................................... 528 TNG QUAN V LU TR D LIU TRN A TRONG WINDOWS SERVER 2003............................................................................................................................ 529 S DNG CNG C QUN TR A (DISK MANAGEMENT) ........................ 535 QUN TR LU TR D LIU TRN A.......................................................... 553 TNG KT ................................................................................................................ 561 BI TP THC HNH............................................................................................ 562 CU HI N TP .................................................................................................... 565 CC KCH BN TNH HUNG ............................................................................. 569
THUT NG .................................................................................. 572
PHN 1
QUN L V DUY TR H IU HNH
GII THIU H IU HNH WINDOWS SERVER 2003
CHNG 1: GII THIU H IU

HNH WINDOWS SERVER 2003 CA MICROSOFT
Mc ch ca kha hc ny l hng dn bn cch qun tr v duy tr mt mi trng mng da trn nn Microsoft Windows Server 2003 v chun b cho mn thi 70-290 trong h thng chng ch ca Microsoft. Kha ny gi nh rng bn c mt cht t kinh nghim vi cc sn phm Microsoft Windows nhng li kh mi vi h sn phm Windows Server 2003. Do , mc tiu ca chng ny l gii thiu vi bn cc phin bn khc nhau ca h iu hnh Windows Server 2003 bn c th nhn bit cc im khc nhau c bn gia chng v la chn sn phm ph hp, p ng c nhu cu ca h thng ca bn. Chng 1 s hng dn bn qua cc bc ci t Windows Server 2003 trn mt my tnh v cu hnh n thnh mt Active Directory Domain Controller (My ch qun tr min s dng Active Directory). Ging vin c th khng yu cu bn ci t h iu hnh trn my tnh ca bn ti lp hc, nhng nu bn mun lm vic vi h iu hnh Windows Server 2003 ti nh hoc ni no khc ngoi lp hc, bn phi lm quen vi qu trnh ci t v cc bc cu hnh h thng ny. Sau khi kt thc chng ny, bn c kh nng: Nhn bit cc khc nhau c bn gia cc phin bn ca h iu hnh Windows Server 2003 Ci t Windows Server 2003 To mt my ch qun tr min (domain controller) Nhn bit cc thnh phn logic v cc khi nim v Active Directory
QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 7
H H IU HNH WINDOWS SERVER 2003

Windows Server 2003 l sn phm mi nht trong cc h iu hnh Windows Server v c ci tin rt nhiu so vi cc phin bn trc : bo mt tt hn, tin cy cao hn v d dng qun tr. Phn sau y s trnh by tng quan v h sn phm Windows Server 2003, tp trung vo cc im ging v khc nhau gia 4 phin bn: Web Edition, Standard Edition, Enterprise Edition v Datacenter Edition
Cc phin bn ca h Windows Server 2003

Windows Server 2003 l mt phin bn cp nht cho nn tng v cc cng ngh gii thiu trong Windows 2000. Nu bn nghin cu Windows Server 2003 trn c s c kinh nghim v Windows 2000, bn s thy vic chuyn i tng i d dng. Nu bn ch c kinh nghim vi Windows NT 4, qu trnh hc ca bn c th s kh khn hn mt cht. Mc d giao din c bn ca Windows Server 2003 kh ging vi Windows 2000 nhng h iu hnh ny c rt nhiu ci tin v tnh nng mi nhm b sung kh nng bo mt, tin cy v tng cng nhiu cng c qun tr. Khi bn cn nhc n vic nng cp hay chuyn i sang h iu hnh Windows Server 2003, bn s phi ch ra cc tnh nng v s ci tin ng k trong Active Directory, cc cng c mi h tr cho cc i tng chnh sch nhm (GPO - Group Policy Object), s tng cng kh nng bo mt cho h thng, s ci tin ca Terminal Services hay hng lot cc tnh nng tin tin ca h iu hnh mi ny. THNG TIN THM: Cc tnh nng mi trong Windows Server 2003: tham kho thm y cc tnh nng mi v kh nng hon ho ca Windows Server 2003, bn c th truy nhp vo Web site ca Microsoft theo a ch: http://www.microsoft.com/windowsserver2003 Cc phin bn khc nhau ca Windows Server 2003 c thit k h tr cc nn tng thit b phn cng v vai tr my ch khc nhau. Bn cnh 4 phin bn c bn ca Windows Server 2003 - Web, Standard (Tiu chun), Enterprise (Doanh nghip) v Datacenter (Trung tm d liu) h iu hnh ny cn c thm cc phin bn h tr phn cng 64 bit v cc h thng nhng. Phn tip theo s trnh by chi tit hn v cc phin bn ny.
GII THIU H IU HNH WINDOWS SERVER 2003 Cc yu cu h thng Bn phin bn h iu hnh khc nhau trong vic h tr cc phn cng. Bng 1.1 lit k cc yu cu h thng i vi tng phin bn, ng thi km theo phn cng m Microsoft khuyn ngh s dng. Bng 1-1: Cc yu cu h thng ca Windows Server 2003 Web Edition Tc CPU ti thiu Tc CPU nn dng RAM ti thiu RAM nn dng RAM ti a S b vi x l SMP (Symmetric MultiProcessing) 2 Khong trng a ti thiu 1.5 GB 4 1.5 GB 8 1.5 GB 32 1.5 GB Standard Enterprise Datacenter Edition Edition Edition 133 MHz 733 MHz 128 MB 256 MB 32 GB 400 MHz 733 MHz 512 MB 1 GB 64 GB
133 MHz 133 MHz 550 MHz 550 MHz 128 MB 256 MB 2 GB 128 MB 256 MB 4 GB
Phin bn Web (Web Edition) tng tnh cnh tranh ca Windows Server 2003 so vi cc my ch Web khc, Microsoft cho ra mt phin bn c bit ca Windows Server 2003, c thit k chuyn dng cho chc nng ca mt my ch Web. Phin bn Web l mt phn ca h iu hnh chun cho php ngi qun tr c th trin khai cc Web site, cc ng dng Web v cc dch v Web m khng tn nhiu chi ph v cng sc qun tr. H iu hnh ny h tr ti a 2GB b nh RAM v 2 b vi x l ch bng mt na so vi kh nng h tr ca bn Standard Edition. Phin bn Web khng c nhiu tnh nng nh cc phin bn Windows Server 2003 khc, tuy nhin n vn tch hp mt s thnh phn c th khng cn thit cho mt Web Server in hnh, l: Mt my ch chy phin bn Web c th l thnh vin ca mt min s dng Active Directory nhng n khng th tr thnh mt my ch qun tr min QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 9
GII THIU H IU HNH WINDOWS SERVER 2003 M hnh Client Access License - CAL (giy php truy nhp t my trm) chun khng c p dng cho cc my ch chy h iu hnh Web Edition. H iu hnh ny h tr mt s lng khng gii hn cc kt ni Web, nhng n li gii hn ti a 10 kt ni Server Message Block (SMB) ng thi. iu ny c ngha l khng th c nhiu hn 10 ngi dng mng ni b c th truy nhp cc ti nguyn file v my in ti mt thi im bt k Cc tnh nng Tng la Bo v Kt ni Internet (Internet Connection Firewall -ICF) v Chia s Kt ni Internet (Internet Connection Sharing - ICS) s khng c trong phin bn Web, iu ny s khng cho php my ch thc hin chc nng ca mt cng kt ni Internet. Mt my ch chy h iu hnh Web Edition khng th thc hin chc nng ca mt my ch DHCP, my ch fax, my ch Microsoft SQL hay mt My ch Dch v Du cui mc d chc nng Remote Desktop (Truy nhp ton mn hnh t xa) dnh cho qun tr vn c h tr. Phin bn Web s khng cho php chy cc ng dng khng phi dch v Web Tuy nhin, phin bn Web li bao gm y cc thnh phn chun m mt my ch Web cn, bao gm Microsoft Internet Information Services (IIS) 6, Network Load Balancing (NLB), v Microsoft ASP.NET. Do vy, hin nhin l phin bn Web khng phi l mt nn tng thch hp cho cc my ch mng thng thng. N cho php cc c quan hay t chc trin khai cc my ch Web chuyn dng, khng h tr cc thnh phn khc m my ch web ny khng cn thit s dng trong vai tr ca n. LU : Mua phin bn Web. Bn Web Edition khng c bn thng qua cc knh phn phi l, sn phm ny ch c cung cp cho cc khch hng ca Microsoft chp nhn k kt cc vn bn tha thun bn quyn ring cho doanh nghip (Enterprise and Select licensing agreements), cc nh cung cp dch v k kt vn bn tha thun bn quyn ring cho nh cung cp dch v (service provider licensing agreement - SPLA) thng qua cc Nh Sn xut Thit b gc ca Microsoft (Microsoft original equipment manufacturers - OEMs) hoc cc i tc Xy dng H thng (System Builder partners)
GII THIU H IU HNH WINDOWS SERVER 2003 Phin bn Tiu chun (Standard Edition) Phin bn Standard s dng cho nn tng my ch a chc nng trong c th cung cp cc dch v th mc (Directory), file, in n, ng dng, multimedia v dch v Internet cho cc doanh nghip c va v nh. Sau y l mt vi trong rt nhiu tnh nng c trong phin bn ny ca h iu hnh : Directory services (Dch v Th mc): Phin bn Standard c kh nng h tr y i vi Active Directory cho php cc my ch c th ng vai tr l my ch thnh vin hoc cc my ch qun tr min. Ngi qun tr mng c th s dng cc cng c km theo h iu hnh trin khai v qun tr cc i tng Active Directory, cc chnh sch nhm (GP Group Policy) v cc dch v khc da trn nn Active Directory. Dch v Internet: Phin bn Standard bao gm IIS 6.0 cung cp cc dch v Web v FTP cng nh cc thnh phn khc s dng trong qu trnh trin khai my ch Web nh dch v Cn bng Ti (NLB Network Load Balancing). Chc nng NLB cho php nhiu my ch Web c th cng duy tr (host) mt Web site n, chia s cc yu cu kt ni ca client trong ti a 32 my ch ng thi cung cp kh nng chng li cho h thng. Cc dch v c s h tng: Phin bn Standard bao gm cc dch v Microsoft DHCP Server, Domain Name System (DNS) Server, v Windows Internet Name Service (WINS) Server, cung cp cc dch v c bn cho mng ni b v cc my khch trn Internet. nh tuyn TCP/IP (TCP/IP Routing): Mt my ch chy phin bn Standard c th thc thi nh mt router vi rt nhiu cu hnh bao gm nh tuyn LAN v WAN, nh tuyn truy nhp Internet v nh tuyn truy nhp t xa. thc hin cc chc nng ny, dch v nh tuyn v Truy nhp T xa (Routing and Remote Access Service RRAS) c h tr cho cc tnh nng Chuyn i a ch Mng (Network Address Translation NAT), Dch v Xc thc Internet (Internet Authentication Service IAS), cc giao thc nh tuyn nh Giao thc Thng tin nh tuyn (Routing Information Protocol RIP) v U tin ng Ngn nht (Open Shortest Path First OSPF). Dch v File v In n: Ngi dng trong mng c th truy nhp cc a, th mc v my in chia s trn mt my ch chy phin bn Standard ca h iu hnh . Mi my khch (client) khi mun truy nhp n cc ti nguyn chia s trn my ch s phi c mt Giy QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 11
GII THIU H IU HNH WINDOWS SERVER 2003 php Truy nhp (Client Access License - CAL). Phin bn Standard thng thng c bn thnh mt gi gm 5, 10 Giy php Truy nhp (CAL) hoc nhiu hn, v khi mun thm nhiu ngi dng truy nhp, bn s phi mua b sung cc Giy php Truy nhp (CAL) ny. My ch Terminal (u cui): Mt my ch chy Phin bn Standard c th thc hin chc nng mt My ch Dch v Du cui, cho php cc my tnh v cc thit b khc c th truy nhp mn hnh Windows v cc ng dng ang chy trn my ch ny. My ch Dch v Du cui bn cht l mt k thut iu khin t xa cho php cc my khch (client) truy nhp n mt phin lm vic Windows trn my ch. Mi ng dng c thc thi trn my ch v ch bn phm, mn hnh v cc thng tin hin th c truyn qua mng. Cc my khch ca My ch Dch v Du cui c yu cu Giy php Truy nhp khc so vi Giy php Truy nhp chun CAL mc d Phin bn Standard cung cp sn mt Giy php Truy nhp cho 2 ngi dng s dng dch v Remote Desktop for Administration (Dch v truy nhp ton mn hnh t xa dnh cho cc tc v qun tr), mt cng c qun tr t xa da trn dch v Terminal Cc dch v bo mt: Phin bn Standard cn c rt nhiu cc tnh nng bo mt m mt ngi qun tr c th trin khai nu cn, bao gm kh nng M ha H thng File (EFS) bo v cc file trn cc cng my ch bng cch lu tr chng trong mt nh dng c m ha, tnh nng bo mt IP (IP Security - IPsec) m rng, - s dng ch k s m ha d liu trc khi truyn i trn mng, tnh nng tng la ICF qui nh cc lut i vi cc lung d liu i t Internet vo trong mng v tnh nng s dng Public Key Infrastructure (PKI) cung cp kh nng bo mt da trn m ha bng kha cng khai v cc chng nhn s ha. Phin bn Doanh nghip (Enterprise Edition) Phin bn Enterprise c thit k hat ng trn cc my ch cu hnh mnh ca cc t chc doanh nghip c va v ln. Phin bn ny khc phin bn Standard ch yu mc h tr phn cng. v d: Bn Enterprise h tr ti a 8 b vi x l so vi 4 b ca bn Standard v ti a 32GB b nh RAM so vi kh nng ca bn Standard ch l 4GB. Phin bn Enterprise cn b sung thm mt s tnh nng quan trng m khng c trong bn Standard, bao gm cc thnh phn sau: Microsoft Metadirectory Services - MMS (Dch v Siu Th mc Microsoft): Metadirectory bn cht l th mc ca cc th mc mt QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 12
GII THIU H IU HNH WINDOWS SERVER 2003 phng tin tch hp nhiu ngun thng tin vo mt th mc n, thng nht. MMS cho php chng ta c th kt hp cc thng tin trong Active Directory vi cc dch v th mc khc, to ra mt cch nhn tng th tt c cc thng tin v mt ti nguyn no . Phin bn Enterprise ch cung cp h tr cho MMS m khng phi l phn mm MMS thc s, phn mm ny bn phi ly t Microsoft Consulting Service (Dch v t vn Microsoft - MCS) hoc thng qua mt tha thun vi i tc MMS. Server Clustering (Chui My ch): Chui my ch l mt nhm cc my ch nhng li ng vai tr nh mt my ch n cung cp kh nng sn sng cao cho mt nhm cc ng dng. Tnh sn sng trong trng hp ny c ngha l cc chu trnh hot ng ca ng dng c phn b u trong cc my ch trong chui, gim ti trn mi my ch v cung cp kh nng chu li nu bt k my ch no b s c. Cc my ch trong chui, c gi l cc nt, u c kh nng truy nhp n mt ngun d liu chung, thng thng l mt mng lu tr ln (Storage Area Network - SAN), cho php cc nt lun c duy tr cng mt ngun thng tin d liu c s. Phin bn Enterprise h tr my ch cluster c ti a 8 nt B nh RAM Cm nng (Hot Add Memory): Phin bn Enterprise bao gm phn mm h tr mt c tnh ca phn cng gi l B nh Cm nng, cho php ngi qun tr mng c th thm hoc thay th b nh RAM trong my ch m khng cn tt my hoc khi ng li. s dng tnh nng ny, my tnh phi c phn cng h tr tng ng. Qun tr Ti nguyn H thng ca Windows (Windows System Resource Manager - WSRM): Tnh nng ny cho php ngi qun tr mng c th phn b ti nguyn h thng cho cc ng dng hoc chu trnh da trn nhu cu ca cc ngi dng, ng thi duy tr cc bn bo co v ti nguyn do cc ng dng hay chu trnh trong h thng s dng. iu ny cho php cc t chc doanh nghip c th thit lp gii hn s dng ti nguyn cho mt ng dng xc nh hoc tnh chi ph cho khch hng da trn cc ti nguyn h s dng. Phin bn Trung tm D liu (Datacenter Edition) Phin bn Datacenterc thit k cho cc my ch ng dng cao cp, lu lng truy nhp ln, yu cu s dng rt nhiu ti nguyn h thng. Phin bn ny cng gn ging Phin bn Enterprise khi so snh cc tnh nng, tuy nhin n h tr tt hn cho vic m rng phn cng, c th h tr ti a QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 13
GII THIU H IU HNH WINDOWS SERVER 2003 64GB b nh v 32 b vi x l. Phin bn ny khng tch hp mt s tnh nng c trong bn Enterprise, v d nh tnh nng ICS v ICF bi v cc my ch cao cp chy bn Datacenter thng thng khng c gn cc vai tr cn s dng n cc chc nng ny. LU : Mua phin bn Datacenter. Vic mua cc phin bn Datacenter, cng ging nh i vi phin bn Web, khng c thc hin thng qua cc knh phn phi l. Bn c th mua cc h iu hnh ny thng qua mt OEM nh l sn phm km theo trong mt b phn cng my ch cao cp. Cc phin bn 64-Bit C hai Phin bn Enterprise v Datacenter u c cc phin bn ring h tr cc my tnh trang b b vi x l Intel Itanium. Itanium l mt b vi x l h tr vic nh a ch 64-bit (trong khi cc b vi x l Intel x86 tiu chun ch h tr 32-bit), cho php m rng khng gian b nh o v vng b nh phn trang ng thi ci tin hiu nng x l du phy ng. N c thit k c bit cho cc tc v yu cu nng sut b x l cc ln, v d nh cc ng dng c s d liu khng l, cc phn tch khoa hc v cc my ch Web c lng truy nhp rt ln. Cc yu cu h thng cho cc phin bn Itanium chy cc phin bn Enterprise v Datacenter ca h iu hnh Windows 2003 Server v c bn rt khc so vi cc yu cu ca cc phin bn ny i vi cc phn cng x86 (c tng kt trong Bng 1-2). ng thi, mt s tnh nng trong cc phin bn dnh cho h thng x86 s khng c trong Itanium, v d cc chip Itanium s khng h tr cc ng dng Windows 16-bit, cc ng dng ch thc, cc ng dng POSIX (Portable Operating System Interface for UNIX) hoc cc dch v in n cho cc my trm Apple Macintosh. Bng 1-2: Cc yu cu h thng c bit cho bn Windows Server 2003 trn Itanium: Enterprise Edition Tc ti thiu ca CPU RAM ti a Khong trng a ti thiu 733 MHz 64 GB 2 GB Datacenter Edition 733 MHz 512 GB 2 GB
CI T WINDOWS SERVER 2003

Trc khi bn c th hc cch qun tr v duy tr mt h thng Windows Server 2003, bn phi c kh nng ci t h iu hnh ny v cu hnh n thc hin cc tc v theo yu cu. Mc d kha ny khng gii thiu v cc ch nng cao nh thit k Active Directory, tuy nhin s cp n vic qun tr cc i tng Active Directory v d nh cc ngi dng, my tnh v cc nhm. Trc khi bn c th thc hnh mt s cc bi tp thc hnh trong cun sch ny v trong cun Lab Manual, bn phi c mt my tnh ci t h iu hnh Windows Server 2003 v c cu hnh thnh mt my ch qun tr min s dng Active Directory
Cc giai on ci t:
Nu bn c kinh nghim ci t Windows Server 2000, bn s thy qu trnh ci t Windows Server 2003 rt thn thin. N c chia thnh 2 giai on ring bit: Ch text: Giai on khi to qu trnh ci t bt u khi my tnh khi ng t a CD cha b ci Windows Server 2003 v chy chng trnh Winnt.exe. Khng ging nh Windows 2000 v cc phin bn trc , Windows Server 2003 khng h tr vic bt u ci t t a mm. Chng trnh Winnt.exe np cc file ca h iu hnh Windows Server 2003 t a CD. y l phin bn hn ch, thc thi trong ch vn bn ca h iu hnh bi v cc file cn thit cho Giao din ha ngi dng (Graphical User Interface - GUI) cha c ci t. Chng trnh ny s nh dng phn vng m s s dng lm a h thng, To cu trc th mc gc ca h thng v chp cc file ca h iu hnh t cc th mc tm vo ng v tr. Tip theo chng trnh ci t bt u xy dng registry, to cc kha cha cc thng tin c bn v h iu hnh, cng nh cc thng tin v phn cng c pht hin trong qu trnh ci t. Sau my tnh khi ng li. Ch ha: Khi h thng khi ng li ln hai, n s dng cc file khi ng v cc file ca h iu hnh, hin nm c nh trn a h thng. Giao din Windows thn thin xut hin ln u tin, s dng trnh iu khin hin th VGA vi phn gii thp. Sau khi h thng khi ng xong, qu trnh ha bt u bng chu trnh pht hin phn cng. Khi cc phn cng mi c pht hin, v trnh iu khin c ci t, chng trnh bt u thu thp thng tin t ngi dng m n cn hon thnh qu trnh ci t, ng thi n s ci t rt nhiu thnh phn khng thit yu khc ca h thng. Nu QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 15
GII THIU H IU HNH WINDOWS SERVER 2003 nh card mng c pht hin, chng trnh ci t s ci cc thnh phn mng cn thit v kt buc chng vi trnh iu khin thit b mng. Cui cng, chng trnh xy dng Thc n Khi ng (Start Menu), thit lp cc tham s bo mt h thng, xa cc file tm to ra trong qu trnh ci t v lu cu hnh h thng li trc khi khi ng li ln cui cng.
Cc thao tc ci t:
Phn ny s trnh by cc bc chi tit ca qu trnh ci t Windows Server 2003 vi gi nh rng bn s dng mt my tnh tha mn cc yu cu h thng ca Windows Server 2003, ng thi bn ci t h iu hnh t mt a CD nguyn gc v cc a cng ca h thng l hon ton trng. LU : Cc thay i trong qu trnh ci t. Cc thao tc ci t y gi nh rng bn s dng mt my tnh c cu hnh phn cng c bn. S c mt ca cc thit b phn cng nht nh no khc trong my tnh c th gy ra cc thay i trong qu trnh ci t (v d nh cc bc cu hnh b sung) khng c cp y. Ci t Windows Server 2003: ci t Windows Server 2003, s dng cc thao tc sau y: 1. a a CD c b ci Windows Server 2003 vo trong CD-ROM v khi ng li my. Nu bn nhn c thng bo press a key to boot from CD.. (nhn phm bt k khi ng t CD). nhn mt phm bt k 2. Sau khi my tnh khi ng, mt chui cc thng bo hin ra ni rng trnh ci t ang xem xt cc cu hnh phn cng ca my tnh. Sau mn hnh Windows Setup xut hin 3. Nu my tnh ca bn cn c cc trnh iu khin thit b lu tr c bit khng c trong b ci ca Windows Server 2003, nhn F6 khi c nhc v cung cp cc trnh iu khin thit b ph hp.
4. H thng s nhc bn nhn F2 nu bn mun thc hin thao tc Khi phc H thng T ng (Automated System Recovery - ASR). Khng nhn F2 lc ny v qu trnh ci t tip tc
LU : Th tc Khi phc h thng t ng (Automated System Recovery ASR): L mt tnh nng mi trong Windows Server 2003 thay th tnh nng a Sa cha Khn cp (Emergency Repair Disk) QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 17
GII THIU H IU HNH WINDOWS SERVER 2003 c trong cc phin bn trc ca Windows. Mun tm thm thng tin v ASR, xem Chng 4 ca cun sch ny. Mt thanh trng thi pha di mn hnh ch ra trnh ci t ang np cc file. iu ny l cn thit khi ng phin bn ti gin ca h iu hnh. Vo lc ny, phn cng ca h thng cha c nhn dng chnh xc, do sau khi np lp nhn ca h iu hnh, trnh ci t s np mt danh sch cc trnh iu khin thit b h tr cho mt lng ln cc thit b lu tr, bn phm, con tr chut v thit b video, tt c to ra mt cu hnh vo/ra chun cho php qu trnh ci t c th tip tc c.
LU : nh v cc Trnh iu khin Thit b Lu tr. Nu mt trnh iu khin ca mt thit b lu tr no khng nm trong Windows Server 2003, bn phi chun b n, khi ng li qu trnh ci t v nhn F6 cung cp chng cho chng trnh ci t. 5. Nu bn ang ci t phin bn th nghim ca Windows Server 2003, mt mn hnh nhc nh ci t (Setup Notification) s thng bo cho bn bit iu . c thng bo ny v nhn Enter tip tc. Mn hnh Welcome To Setup (Cho mng bn n vi trnh ci t) s xut hin.
6. c thng bo Welcome To Setup v nhn Enter tip tc, Mn hnh License Agreement (Tha thun Bn quyn) xut hin.
7. c tha thun v bn quyn v nhn F8 chp nhn. Mt mn hnh xut hin lit k mt danh sch cc phn vng trn cc cng trong my tnh cng vi cc vng khng gian a trng. T mn hnh ny, bn c th to v xa cc phn vng trn cc a cng nu cn. Nu bn tr vo la QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 19
GII THIU H IU HNH WINDOWS SERVER 2003 chn Unpartitioned Space (Khng gian a cha phn vng), bn c th to mt phn vng trn ton b khng gian a . Nu bn mun to mt phn vng s dng mt phn ca khng gian a cng cha phn vng , bn nhn phm C v nhp vo kch thc ca phn vng m bn mun to. hon thnh bi tp thc hnh trong cun sch ny, xut nn s dng mt phn vng ti thiu 3GB. Bn cnh , bn phi dnh ra t nht 1GB khng gian cha phn vng trn a cng chun b cho cc bi tp thc hnh v vic to cc phn vng mi trong Windows 2003 sau ny.
8. La chn mt khng gian a cha phn vng c dung lng ti thiu 4GB v nhn C, ng thi nhp vo kch thc phn vng nh to l 3072. Sau nhn Enter 9. Mt mn hnh xut hin, nhc bn la chn h thng file s dng khi nh dng phn vng la chn. La chn Format The Partition Using The NTFS File System (nh dng phn vng s dung h thng file NTFS) v nhn Enter.
Trnh ci t s nh dng phn vng s dng NTFS, kim tra cc li vt l ca a cng m c th gy ra s c khi ci t v bt u chp cc file t a CD vo trong a cng. Qu trnh ny c th chim ca bn vi pht.
10. Trnh ci t s khi to cu hnh ca Windows v sau hin th ln mn hnh mt thanh trng thi mu th hin s m gim dn trong 15 QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 21
GII THIU H IU HNH WINDOWS SERVER 2003 giy trc khi my tnh khi ng li v chuyn sang ch ha ca qu trnh ci t.
Trnh ci t Windows s np v hin th mt giao din ha cho php theo di cc tin trnh ci t khung bn tri. Khi cc tin trnh Collecting Information (Thu thp thng tin), Dynamic Update (Cp nht ng) v Preparing Installation (Chun b ci t) u c la chn, th hin rng cc bc ny hon thnh. Tin trnh Collecting Information (Thu thp thng tin) c hon thnh trc khi giao din ha ny xut hin v tin trnh Dynamic Update (Cp nht ng) khng c thc hin khi chng ta ci t t a CD.
Tin trnh Preparing Installation (Chun b ci t) c thc hin khi m trnh ci t chp xong cc file vo a cng. Bc ci t Windows bt u vi qu trnh pht hin cc phn cng, qu trnh ny c th din ra trong vi pht. Khng ging nh chu trnh pht hin phn cng khi ch vn bn, trong n nhn bit phn cng bng vic np cc trnh iu khin v s dng th ri pht hin li, qu trnh ny nhn bit chnh xc cc thnh phn trong my tnh, ghi thng tin v chng vo registry, ng thi cu hnh sao cho h iu hnh np cc trnh iu khin chun cho phn cng . Sau cng, Windows Setup Wizard (Trnh Hng dn Ci t Windows) s c np v trang Regional And Language Options (Ty chn vng v ngn ng) xut hin. 11. Chnh sa cc thit lp mc nh v vng v ngn ng nu cn thit, bng cch nhn chut vo phm Customize hoc Details. Sau nhn Next. Trang Personalize Your Software (Ty bin phn mm ca bn) xut hin.
12. Trong hp thoi Name, nhp vo tn ca bn v trong hp thoi Organization, nhp vo tn ca c quan ri nhn Next. Trang Your Product Key (Kha sn phm ca bn) xut hin.
13. Nhp vo cc hp thoi Product Key cc thng s kha ca sn phm i km trong a CD Windows Server 2003 v nhn Next. Trang Licensing Modes - (Cc ch giy php) xut hin
14. Gi nguyn gi tr mc nh l 5 trong mc Per Server Number Of Concurrent Connections (S lng cc kt ni ng thi trn 1 my ch) v nhn Next. Trang Computer Name And Administrator Password (Tn my tnh v mt khu qun tr) xut hin. LU : Bn quyn Windows Server 2003. Nu bn s dng phin bn th nghim ca Windows Server 2003, gi tr mc nh 5 kt ni ng thi ti my ch l hon thnh kha hc ny. Tuy nhin, nu bn s dng mt bn Windows Server 2003 c bn quyn, bn nn nhp vo mt s lng hp l cc kt ni ng thi da trn Giy php (license) m bn c.
15. Trong hp thoi Computer Name, nhp vo Serverxx trong xx l s th t duy nht m ging vin cung cp cho bn. CNH BO: Trnh tnh trng trng tn. Nu my tnh ca bn kt ni vo mng LAN, kim tra vi qun tr mng trc khi nhp vo tn cho my tnh ca bn 16. Trong hp thoi Administrator Password v Confirm Password, nhp mt khu cho ti khon Administrator v sau nhn Next. Trang Date And Time Settings (Thit lp ngy gi) xut hin. QUAN TRNG: Xc nh mt khu. i vi phng thc ci t th cng, Windows Server 2003 s khng cho php bn chuyn ti bc tip theo cho n khi bn nhp vo mt khu cho ti khon Administrator tha mn cc yu cu phc hp. Theo mc nh, Windows Server 2003 yu cu mt mt khu phc hp phi c di ti thiu 7 k t, ng thi cha ti thiu 3 trong 4 thnh phn sau: k t hoa, k t thng, ch s v k t c bit. Bn c php s dng mt khu trng, tuy nhin vic s dng mt khu trng l khng c khuyn khch
17. Nhp vo thi gian v ngy thng chnh xc ng thi la chn mi gi chun cho khu vc ca bn. Sau nhn Next, mn hnh Network Settings (Thit lp mng) xut hin
18. Gi nguyn la chn mc nh Typical Settings v sau nhn Next. Trang Workgroup Or Computer Domain (Gia nhp min hoc nhm) xut hin. QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 28
GII THIU H IU HNH WINDOWS SERVER 2003 LU : Cc thit lp mng in hnh. La chn Typical Settings trong trang Network Settings s cho php trnh ci t thc hin ci t cc thnh phn sau: Client for Microsoft Networks, Network Load Balancing, File and Printer Sharing for Microsoft Networks v Internet Protocol (TCP/IP) (mc d module Network Load Balancing b v hiu ha) ng thi cu hnh TCP/IP cho php nhn a ch IP t mt my ch DHCP. Nu bn kt ni vi mt h thng mng khng c my ch DHCP, bn phi xc nh a ch IP v cc thit lp cu hnh TCP/IP khc thng qua ngi qun tr mng, ng thi la chn Custom Settings v nhp cc tham s ny vo cho my tnh ca bn c kh nng kt ni vi cc my khc trong mng LAN.
19. Gi nguyn la chn mc nh No v tn nhm mc nh l WORKGROUP v nhn Next. Trnh ci t s ci v thit lp cc thnh phn cn li ca h iu hnh bng cch chp cc file, ci t thc n Start, ng k cc thnh phn, lu cc thit lp v xa cc file tm. Sau qu trnh ci t kt thc, my tnh t khi ng v mn hnh Welcome To Windows (Cho mng bn n vi Windows) xut hin. QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 29
Trong mi trng kinh doanh, v d nh mt mng doanh nghip ln, qu trnh ci t h iu hnh thng s c thc hin khc so vi cc thao tc trn. Ngi qun tr mng ca mt cng ty ln vi rt nhiu my tnh thng khng c thi gian thc hin qu trnh ci t th cng v ko di nh trn i vi tng my tnh. H c th s dng rt nhiu phng n thc hin theo phng thc dy chuyn hoc t ng ha qu trnh ci t Windows Server 2003, bao gm cc phng php sau y: File tr li: Mt file tr li l mt script (kch bn) cha cc gi tr thit lp ca tt c cc ty chn hin th cho ngi dng trong qu trnh ci t Windows nh trn. Vi mt file tr li c cu hnh tt, ta c th bt u qu trnh ci t h thng v n chy m khng cn phi tc ng g bi cc tham s tr li cho cc cu hi trong qu trnh ci t c trong file tr li. iu hn ch ln nht ca phng php trin khai ci t h iu hnh s dng file tr li l mi my tnh cn mt file tr li ring. Mt s gi tr thit lp trong qu trnh ci t phi l duy nht, v d nh tn my tnh hoc a ch IP.
GII THIU H IU HNH WINDOWS SERVER 2003 Nhn nh a. Khi bn trin khai ci t mt s lng ln cc my tnh ging nhau, bn c th b qua cc qu trnh ci t ny bng cch s dng nh a. Mt nh a l mt bn sao bit-to-bit ca a cng trong my tnh m c ci t h iu hnh. Vic chuyn nh a ny sang mt my tnh khc c cu hnh phn cng tng t cho php h iu hnh c th chy trn my tnh m khng phi ci t li. Windows Server 2003 c cung cp km theo mt cng c gi l Remote Installation Services (Dch v ci t t xa) cho php ngi qun tr mng c th s dng trin khai cc nh a n cc my tnh qua ng truyn mng.
Kch hat (Activate) Windows Server:

Mt s phin bn ca Windows Server 2003, bao gm c bn th nghim cung cp km theo trong cun sch ny, yu cu bn phi kch hat (activate) h iu hnh sau khi ci t. Ty thuc vo phin bn m bn ang s dng, bn c th c 14 hoc 30 ngy kch hat Windows Server 2003. Kch hat l mt qu trnh rt n gin, ch thc hin 1 ln bng cch nhn Start, chn All Programs v nhn vo Activate Windows. Trang mn hnh Lets Activate Windows (Hy kch hot Windows) trong Trnh Hng dn Kch hot Windows Activate Windows Wizard xut hin (nh trong Hnh 1-1)
Hnh 1-1: Trang Lets Activate Windows trong Trnh Hng dn Kch hot Windows QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 31
GII THIU H IU HNH WINDOWS SERVER 2003 LU : Volume Licensing (Giy php khi). Nu bn c c bn quyn Windows Server 2003 thng qua mt chng trnh Microsoft volume licensing no , bn s khng phi kch hot bn quyn ny. kch hot Windows qua Internet, bn phi kt ni my tnh vi Internet trc khi bn c th bt u qu trnh kch hot. iu ny c ngha l my tnh c trang b mt modem v cu hnh kt ni n mt nh cung cp dch v (ISP) hoc cu hnh vi mt vi tham s TCP/IP (bao gm a ch IP, Mt n mng con (Subnet Mask), my ch DNS v cng ra (gateway) mc nh) ri kt ni n mng LAN m c ng ra Internet. Nu my tnh khng th truy nhp Internet, bn phi kch hot Windows bng in thoi
CU HNH WINDOWS SERVER 2003

Sau khi ci t v kch hot Windows, bn c th cu hnh my ch bng cch s dng trang Manage Your Server (Cu hnh My ch Ca bn), nh trong Hnh 1-2. Trang ny c np sau khi bn ng nhp, hoc bn c th np n bt k lc no bng cch la chn Manage Your Server trong thc n Start. Trang ny cho php bn ci t mt s dch v, cng c c bit v cu hnh da vo vai tr m my ch ny thc hin.
Hnh 1-2: Trang Manage Your Server Khi bn nhn vo lin kt Add Or Remove A Role (Thm hoc bt vai tr), trnh hng dn cu hnh my ch (Configure Your Server Wizard) QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 32
GII THIU H IU HNH WINDOWS SERVER 2003 hin ra. Sau khi qut tm kim thng tin v cc kt ni mng, trnh hng dn ny cho php bn c th la chn mt trong nhng vai tr sau: My ch File: Cung cp kh nng truy nhp n file v th mc mt cch tp trung cho tng ngi dng, phng ban v ton b t chc. La chn vai tr ny cho php bn qun l khng gian a cng bng cch kch hat v cu hnh disk quota (Hn ngch a cng) v nng cao hiu qu tm kim h thng file bng cch s dng Indexing Services (Dch v ch mc) My ch in n: Cung cp kh nng truy nhp n cc thit b in n mt cch tp trung v c qun l. My ch in n s s dng mt my in chung v trnh iu khin thit b in phc v cho ngi dng trn cc my trm. La chn vai tr ny s khi ng Add Printer Wizard (Trnh hng dn ci t my in), cho php bn c th ci t cc my in v cc trnh iu khin thit b in tng ng ca Windows. La chn vai tr my ch in n s ng thi ci t IIS 6, cu hnh Internet Printing Protocol (Giao thc in n qua Internet IPP) v ci t cc cng c qun tr my in trn nn Web My ch ng dng (IIS, ASP.NET): Cung cp cc thnh phn c bn c th h tr cc ng dng Web. Vic la chn thc hin vai tr ny s ci t v cu hnh IIS 6 cng vi Microsoft ASP.NET v COM+ ln my ch. My ch th in t (POP3, SMTP): Ci t cc giao thc Post Office Protocol version 3 - (POP3) v Simple Mail Transfer Protocol - (SMTP) cho php my ch c th thc hin chc nng ca mt my ch qun l th in t vo v ra cho cc ngi dng trn mng. My ch Terminal: Cung cp cho cc my khch kh nng truy nhp n cc ng dng v ti nguyn trn my ch nh l cc ng dng v ti nguyn ny c ci t trn chnh cc my trm. Ngi dng kt ni n my ch ny bng cch s dng cc chng trnh Terminal Services client (My khch Chy dch v u cui truy nhp t xa) hoc Remote Desktop client (My khch Truy nhp ton mn hnh t xa) My ch VPN/Truy nhp t xa: Cung cp cc dch v truy nhp t xa v nh tuyn a giao thc cho cc kt ni quay s, LAN v WAN. Kt ni Virtual private network (Mng ring o - VPN) cho php ngi dng v cc chi nhnh xa c th kt ni n mt cch bo mt QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 33
GII THIU H IU HNH WINDOWS SERVER 2003 m khng tn nhiu chi ph, s dng Internet nh l phng thc truyn thng. My ch qun tr min - My ch qun tr min s dng Active Directory cung cp dch v th mc cho cc my khch trong mng. La chn ny s khi ng Active Directory Installation Wizard (Trnh hng dn ci t Active Directory) v cho php bn cu hnh my ch thc hin chc nng ca mt my ch qun tr min cho mt min mi hoc min sn c v nu nh cha c my ch DNS no trong mng, trnh ci t ny s ci t dch v Microsoft DNS Server My ch DNS: Cung cp kh nng phn gii tn bng cch phn gii t tn my sang a ch IP (phn gii xui - forward lookups) v t a ch IP sang tn my ch (phn gii ngc - reverse lookups). Vic la chn vi tr ny s ci t dch v Microsoft DNS Server v sau khi ng Configure A DNS Server Wizard (Trnh hng dn cu hnh my ch DNS) My ch DHCP: Cung cp dch v cp a ch IP t ng cho cc my trm (Cc my trm ny phi cu hnh s dng IP ng). Vic la chn vai tr ny s ci t dch v DHCP Server v khi ng trnh hng dn New Scope Wizard (Trnh Hng dn to Phm vi DHCP mi) cho php bn c th nh ngha mt hoc nhiu di a ch IP trong mng My ch Streaming Media. Vic la chn vai tr ny s ci t dch v Windows Media Services WMS, cho php my ch c th cung cp cc d liu ni dung phim nh a phng tin (stream multimedia content) qua kt ni mng ni b hoc Internet. Ni dung ny c th c lu tr v cung cp cho ngi dng theo yu cu hoc truyn theo thi gian thc. My ch WINS: Cung cp kh nng phn gii tn my tnh bng cch phn gii cc tn NetBIOS sang a ch IP. Khng cn thit phi ci t dch v WINS tr khi bn mun h tr cc h iu hnh trc y nh Windows 95 v Windows NT, cc h iu hnh ny da trn cch s dng tn my kiu NetBIOS. Cc h iu hnh mi nh Windows Server 2003, Windows 2000 v Windows XP khng yu cu dch v WINS mc d cc cc ng dng kiu c trn cc h iu hnh ny c th yu cu vic phn gii tn NetBIOS. Vic la chn vai tr ny s ci t dch v WINS.
TO MY CH QUN TR MIN
hon thnh bi tp thc hnh trong sch ny v trong cun Lab Manual, bn phi c mt my tnh ci t Windows Server 2003 v c cu hnh nh mt my ch qun tr min.
Ci t Active Directory:
cu hnh my Serverxx ca bn thc hin chc nng ca mt my ch qun tr min, s dng cc thao tc sau y: LU : Cc la chn khi ci t Active Directory. Khi trnh hng dn ci t Active Directory chy, cc li nhc hin ra c th khc nhau ty vo vic n pht hin trong h thng mng c my ch qun tr min no hay khng. Nu bn kt ni my tnh n mt mng c mt min khc, cc bc c th thay i v bn c th phi iu chnh li cc la chn hoc ngt kt ni ra khi mng trc khi lm bi tp thc hnh ny. 1. ng nhp vo my tnh Windows Server 2003 bng ti khon Administrator 2. Nu trang Manage Your Server (Qun tr my ch ca bn) khng m, bn c th m n t thc n nhm chng trnh Administrative Tools 3. Nhn vo lin kt Add Or Remove A Role (Thm hoc bt vai tr). Trnh hng dn cu hnh my ch (Configure Your Server Wizard) c np v trang Preliminary Steps (Cc bc khi u) xut hin.
4. Xc nhn rng cc bc lit k trong trang ny c hon thnh v sau nhn Next. Sau mt khong thi gian ch khi trnh ny qut v kim tra trn mng, trang Server Role (Vai tr my ch) xut hin.
5. La chn Domain Controller (Active Directory) t danh sch cc vai tr my ch v nhn Next. Trang Summary Of Selections hin ra. 6. Nhn Next. Trnh hng dn ci t Active Directory Installation Wizard c np.
GII THIU H IU HNH WINDOWS SERVER 2003 7. Nhn Next b qua trang Welcome. Trang System Compatibility (Tnh tng thch h thng) xut hin
8. c cc thng tin trong trang ny v nhn Next. Trang Domain Controller Type (Kiu my ch qun tr min) hin ra.
GII THIU H IU HNH WINDOWS SERVER 2003 9. Gi nguyn gi tr mc nh Domain Controller For A New Domain (My ch qun tr min cho mt min mi) c la chn v nhn Next. Trang Create New Domain (To min mi) xut hin
10. Gi nguyn gi tr mc nh Domain In A New Forest (Min trong mt rng mi) c la chn v nhn Next. Trang New Domain Name (Tn min mi) xut hin.
11. Trong hp thoi Full DNS Name For New Domain (Tn DNS y ca min mi), nhp vo : ACNAxx.com, trong xx l s m ging vin cp cho bn, sau nhn Next. Trang NetBIOS Domain Name (Tn min NetBIOS) xut hin.
GII THIU H IU HNH WINDOWS SERVER 2003 12. Xc nhn rng tn xut hin trong hp thoi Domain NetBIOS Name l ACNAXX v nhn Next. Trang Database And Log Folders (Th mc cha CSDL v nht k) xut hin.
13. Nhn Next chp nhn v tr mc nh ca cc th mc cha log v CSDL. Trang Shared System Volume (Th mc h thng c chia s) xut hin.
GII THIU H IU HNH WINDOWS SERVER 2003 14. Nhn Next chp nhn v tr mc nh ca th mc h thng chia s. Trang DNS Registration Diagnostics (Chn on ng k DNS) xut hin
Ti thi im ny, trnh hng dn s th kt ni n cc my ch DNS c ch nh trong phn cu hnh TCP/IP, xc nh liu cc my ch DNS c cha cc bn ghi cn thit cho qu trnh ci t Min s dng Active Directory hay khng. 15. La chn Install And Configure The DNS Server On This Computer (Ci t v cu hnh my ch DNS trn my tnh ny) v sau nhn Next. Trang Permissions (Cp php) xut hin
16. Nhn Next chp nhn la chn mc nh v quyn cp php v sau nhn Next. Trang Directory Services Restore Mode Administrator Password (Mt khu ti khon qun tr trong ch khi phc dch v th mc) xut hin
GII THIU H IU HNH WINDOWS SERVER 2003 17. Nhp mt khu tng ng vo cc hp thoi Restore Mode Password v Confirm Password v sau nhn Next. Trang Summary (Tng kt) xut hin
18. Xem li ton b cc thng s m bn chn v nhn Next. Trnh ci t s bt u ci t cc dch v Active Directory v DNS Server. 19. Khi qu trnh cu hnh hon thnh xong, trang Completing The Active Directory Installation Wizard (Hon thnh qu trnh ci t Active Directory) xut hin. Nhn Finish. 20. Mt hp thoi thng bo ca trnh ci t Active Directory Installation Wizard xut hin, nhc bn khi ng li my tnh. Nhn Restart Now 21. Sau khi my tnh khi ng li, bn ng nhp bng ti khon Administrator. Trnh hng dn Configure Your Server Wizard li xut hin, hin th trang This Server Is Now A Domain Controller (My ch ny by gi l mt my ch qun tr min).
22. Nhn Finish
CC KHI NIM C BN V ACTIVE DIRECTORY

Mc d dch v th mc Active Directory khng phi l ch chnh trong kha hc ny, tuy nhin mt s khi nim c bn v Active Directory l lun lun cn thit cho mi cn b qun tr mng Window Server 2003. Cc chng sau y s khng bn bc v cc ch nng cao nh thit k Active Directory hay qun tr schema, nhng bn s s dng cc cng c qun tr Active Directory cung cp trong Windows Server 2003 v s hc cch thao tc vi cc c tnh ca cc i tng trong Active Directory, v d nh ngi dng, nhm v my tnh. LU : Active Directory. hc thm v cc ch nng cao trong Active Directory, bn c th tham d kha hc cho k thi 70294: Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure (Lp k hoch, trin khai v duy tr mt h thng Microsoft Windows Server 2003 Active Directory)
Dch v th mc (Directory Service) l g ?

H thng mng ni b u tin xut hin trong nhng nm u 1990 c t chc thnh mt nhm cc my tnh v c gi l workgroup (Nhm lm vic). Mt workgroup my tnh cho php ngi dng c th phi hp tt hn trong cng mt d n khi cn chia s cc ti nguyn nh cc vn bn v my in. V v gi tr ca vic s dng cc h thng mng d liu ngy cng c khng nh trong th gii kinh doanh, cc h thng mng cng tr nn ln dn. Ngy nay mt h thng mng ca cc t chc doanh nghip thng c hng ngn nt mng. Khi cc h thng mng ngy cng ln dn, s lng ti nguyn chia s cng nhiu hn, v do ngy cng kh khn trong vic nh v v tm kim cc ti nguyn. Khi bn lm vic cho mt cng ty vi 12 nhn vin, bn khng kh khn g trong vic nh s in thoi bn ca mi ngi, tuy nhin khi cng ty bn c n 1200 nhn vin, vic nh ht cc s ny l iu khng tng. tm ra mt s ca ngi bn mun lin lc, phn ln cc cng ty ln u s dng mt danh b bao gm tn v s lin lc ca mi ngi trong t chc, ngi ta gi l directory (Th mc). Mt dch v th mc l mt ngun ti nguyn s ha, mc d c th thc hin cc chc nng khng QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 46
GII THIU H IU HNH WINDOWS SERVER 2003 ging nhau nhng u cha mt danh sch cc ti nguyn c th s dng trong mt h thng mng d liu. Mt dch v th mc c th cha cc thng tin v cc my tnh trong mng, cc ngi dng mng v c cc thit b phn cng, phn mm v d nh cc my in v ng dng. Bng cch lu tr thng tin trong mt th mc trung tm, cc ti nguyn ny c th c s dng i vi tt c mi ngi ti mi thi im.
Min v my ch qun tr min:

H thng mng Windows h tr 02 m hnh dch v th mc: workgroup v domain, trong M hnh Min c ng dng trong cc t chc trin khai Windows Server 2003. M hnh dch v th mc workgroup l mt CSDL phng bao gm tn cc my tnh v c thit k cho cc mng nh. y l hnh thc dch v th mc s khai c gii thiu trong h iu hnh Windows NT 3.1 nhng nm 1990. M hnh Min l mt kin trc th mc c phn cp ca cc ti nguyn Active Directory v c s dng bi tt c cc h thng l thnh vin ca min. Cc h thng ny c th s dng cc ti khon ngi dng, nhm v my tnh trong th mc bo mt cc ti nguyn ca chng. Active Directory do ng vai tr nh mt trung tm lu tr nhn thc, cung cp mt danh sch tin cy ch ra Ai l ai trong min. Bn thn Active Directory cn hn l mt CSDL, n cha mt danh sch cc thnh phn h tr, bao gm c cc transaction logs (nht k giao dch) v d liu h thng - cn gi l Sysvol ni y cha cc thng tin v cc kch bn ng nhp v chnh sch nhm. N l mt dch v h tr v s dng cc CSDL ny, bao gm giao thc Lightweight Directory Access Protocol (LDAP Giao thc truy nhp th mc hng nh), giao thc bo mt Kerberos, cc chu trnh ng b d liu v dch v ng b file (File Replication Service - FRS). Cui cng, Active Directory l mt b su tp cc cng c m ngi qun tr mng c th s dng qun l dch v th mc. C s d liu ca Active Directory v cc dch v ca n c ci t trn mt hay nhiu my ch qun tr min. Mt my ch qun tr min l mt my ch c thng cp bng cch chy trnh ci t Active Directory (Active Directory Installation Wizard) nh m t trong phn trc thuc chng Khi to my ch qun tr min. Khi my ch c thng cp thnh mt my ch qun tr min, n cha mt bn (hay mt bn sao) ca CSDL Active Directory. QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 47
GII THIU H IU HNH WINDOWS SERVER 2003 Bi v Active Directory l mt ti nguyn c s v rt quan trng ca h thng, n phi lun sn sng vi mi ngi dng trong mi thi im. V l do ny, min Active Directory thng thng c t nht 2 my ch qun tr min nu mt my ch b s c, my ch cn li vn c th phc v ngi dng. Cc my ch qun tr min lun lun ng b d liu vi nhau nn mi my ch ny u cha cc thng tin hin ti ca min h thng. Khi mt ngi qun tr mng thay i mt bn ghi trong CSDL ca Active Directory trn bt k mt my ch qun tr min no, s thay i ny c ng b vi tt c cc my ch qun tr min trong min . iu ny c gi l ng b a ch (multiple-master) bi v chng ta c th thay i trn bt k mt my ch qun tr min no. LU : ng b n ch (Single-Master). M hnh min da trn nn Windows NT s dng mt k thut dc gi l ng b n ch (single-master) trong mi thay i i vi cc bn ghi ca min phi c thc hin trn mt my ch qun tr min chnh (primary domain controller - PDC) v cc thng tin ny sau c ng b vi mt hay nhiu my ch qun tr min d phng (Backup Domain Controller - BDC). Vic ng b a ch (Multiple-master) l tt hn cho mt h thng mng ln bi v ngi qun tr c th cp nhn cc thng tin cho CSDL Active Directory trn bt k mt my ch qun tr min no, khng nht thit phi trn my ch PDC.
Domain, Tree v Forest (Min, Cy v Rng)

Mt min l mt n v qun tr c bn ca dch v th mc trong Windows Server 2003. Hn na mt h thng mng ln c th c nhiu hn mt min trong Active Directory ca n. M hnh nhiu Min s to ra mt cu trc logic c gi l cc cy (Tree) nu nh chng chung nhau mt khng gian tn min DNS. v d: ACNA.com, us.ACNA.com v europe.ACNA.com cng chung mt khng gian tn min DNS v c coi l mt cy (tree) nh ch ra trn Hnh 1-3. Min ACNA.com l min cha trong hai min cn li c gi l min con v do ACNA.com cng c gi l min gc (root domain)
Hnh 1-3: Cy s dng Active Directory Nu cc min trong mt Active Directory khng chia s mt min gc chung, h thng s c nhiu cy. Mt Active Directory cha nhiu cy s c gi l mt rng (forest) nh ch ra trn Hnh 1-4. Rng l mt kin trc ln nht trong Active Directory. Khi bn thng cp my ch qun tr min u tin trong mt h thng mng Windows Server 2003, bn ng thi to ra mt rng, mt cy trong rng v mt min trong cy . Mt rng c th cha rt nhiu min trong nhiu cy, hoc c th ch c mt min.
Hnh 1-4: Rng s dng Active Directory QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 49
GII THIU H IU HNH WINDOWS SERVER 2003 Khi qu trnh ci t Active Directory c nhiu hn mt min, mt thnh phn ca Active Directory gi l Global Catalog cho php cc my trm trong mt min c th tm kim thng tin trong mt min khc. Global catalog bn cht l mt tp hp bao gm cc thng tin d liu ca tt c cc min kt hp li. Khi bn tm kim mt ngi dng trong mt min khc, global catalog c th khng cha tt c cc thng tin v ngi dng , tuy nhin n d liu tr li cho bit bn c th tm kim cc thng tin chi tit hn u.
Cc i tng v thuc tnh:

Mi CSDL u c to nn bi cc bn ghi v trong Active Directory, cc bn ghi ny c gi l cc i tng. Mt i tng l mt phn t th hin mt ti nguyn mng xc nh. Mt Active Directory c th cha cc i tng th hin cc ti nguyn vt l, v d nh cc my tnh v my in, hoc cc ti nguyn nhn s, v d nh cc ngi dng v nhm, hoc cc ti nguyn phn mm, v d nh ng dng v vng DNS, hoc cc ti nguyn qun tr, v d nh cc OU v site. Sau khi thng cp mt my tnh thnh my ch qun tr min, ngi qun tr c th to cc i tng trong min . Cc i tng Active Directory c s dng thng dng nht l: Domain (Min): L mt i tng gc c cha cc i tng khc trong min Organizational Unit (n v t chc): L mt i tng cha (container object) c s dng to ra cc nhm logic bao gm cc i tng nh my tnh, ngi dng v nhm. Ngi dng: Th hin mt ngi dng mng v thc hin chc nng l d liu nhn dng v xc thc. My tnh: Th hin mt my tnh trong mng v cung cp ti khon my tnh cn thit cho h thng ng nhp vo Min Nhm: Mt i tng cha th hin mt nhm logic cc ngi dng, my tnh hoc cc nhm khc, c lp trongcu trc ca Active Directory. Cc nhm c th cha cc i tng t cc OU v cc Min. Th mc chia s: Cung cp cc truy nhp mng da trn Active Directory n mt th mc chia s trong mt my tnh Windows. My in: Cung cp cc truy nhp mng da trn Active Directory n mt my in trong mt my tnh Windows QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 50
GII THIU H IU HNH WINDOWS SERVER 2003 Mi i tng Active Directory c cha mt tp hp cc thuc tnh, chnh l cc thng tin v i tng . Mt i tng ngi dng, s c cc thuc tnh m t tn ti khon ngi dng , mt khu, a ch, s in thoi v cc thng tin nhn dng khc. Mt i tng nhm s c mt thuc tnh cho bit danh sch cc ngi dng l thnh vin ca nhm . Ngi qun tr mng c th s dng Active Directory cha bt k thng tin no v cc ngi dng trong t chc v cc ti nguyn khc. Bn cnh cc thuc tnh thun ty thng tin, cc i tng cn c cc thuc tnh thc hin cc chc nng qun tr, v d nh mt Danh sch Kim sot Truy nhp (Access Control List - ACL) ch nh ai c cc Cp php truy nhp n i tng . Cc phn t trong Active Directory ch ra kiu i tng no m ngi qun tr c th to ra v thuc tnh no mi i tng c th c, c gi l schema (lc ). Theo mc nh, Active Directory schema cha mt b danh sch cc kiu i tng v cc thuc tnh, nhng i khi chng ta cn thm vo Active Directory cc kiu i tng khc hoc cc thuc tnh khc cho cc kiu i tng sn c. iu ny l hon ton c th bi v Active Directory schema l c th m rng. Ngi qun tr c th m rng schema th cng bng cch s dng snap-in Active Directory Schema hoc cc ng dng c th t ng m rng schema to cc kiu i tng mi hoc cc thuc tnh mi cn thit. v d khi bn ci t Microsoft Exchange, ng dng ny s chnh sa schema thm vo cc thuc tnh mi cho mi i tng ngi dng trong CSDL ca Active Directory.
Cc containers v leaves (i tng Cha v i tng L)

Active Directory c kh nng cha hng triu i tng v do phi c mt phng thc t chc cc i tng thnh cc n v nh hn trong min. t chc qun l cc i tng nh vy, Active Directory s dng kin trc phn cp. Mt min c gi l mt i tng cha bi v cc i tng khc c th c to ra v phn cp trong min. OU l mt dng khc ca i tng cha m ngi qun tr c th to ra cc i tng phn cp trong ni b min. Mt i tng khng th cha cc i tng khc, v d nh mt ngi dng hoc my tnh, c gi l leaf object (i tng l) Mt trong cc tc v kh khn v phc tp trong vic qun tr Active Directory l to ra mt kin trc phn cp cc OU sao cho hiu qu nht. Ngi qun tr c th s dng rt nhiu cch thit k cu trc phn cp OU, v d nh thit k theo v tr a l, theo phng ban hoc kt hp c hai. Hnh 1-5 l mt v d cho thy cu trc phn cp ca Active Directory trong lp OU u tin th hin cc thnh ph ca mt t chc c rt nhiu chi QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 51
GII THIU H IU HNH WINDOWS SERVER 2003 nhnh, v lp th hai th hin cc phng ban trong mi chi nhnh. Bng cch to ra cu trc phn cp Active Directory mt cch logic, ngi dng v ngi qun tr mng c th d dng xc nh v tm kim cc i tng khi cn.
Hnh 1-5: Mt cu trc phn cp OU trong Active Directory Nhm cng l mt i tng cha, nhng n khng phi l thnh phn ca cu trc phn cp bi v cc thnh vin ca nhm c th nm bt k u trong min. thc hin ng chc nng t chc, cc i tng cha ng thi phi ng vai tr quan trng trong vic qun tr cc i tng. Trong mt h thng file, cc Cp php c p dng trn cc i tng c truyn t trn xung di trong cu trc phn cp. v d nu bn gn cho mt i tng OU c Cp php truy nhp mt th mc chia s no , th cc i tng nm trong OU s c tha hng cc Cp php truy nhp ny. y l mt trong nhng tnh nng c bn trong cu trc phn cp m ngi qun tr c th p dng mt cch hiu qu. Thay v gn cc quyn v cp php cho tng ngi dng, ngi qun tr c th gn cc quyn v cp php ny cho cc i tng cha v cc i tng ngi dng trong n s c tha hng cc Quyn v Cp php cn thit.
Cc chnh sch nhm:

Do cch thc tha hng cc thit lp t i tng mc cha truyn xung mc con, ngi qun tr c th s dng cc OU gom cc i tng cn cu hnh tng t nhau. Cc thit lp cu hnh m bn p dng n tng my QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 52
GII THIU H IU HNH WINDOWS SERVER 2003 tnh chy Windows cng c th qun tr mt cch tp trung nh s dng mt tnh nng ca Active Directory gi l chnh sch nhm (Group Policy GP). Cc chnh sch nhm cho php bn xc nh cc thit lp bo mt, trin khai phn mm, cu hnh h iu hnh v cch thc hat ng ca cc ng dng trn mt my tnh m khng cn thit phi thc hin trc tip trn my tnh . Bn c th thit lp cc ty chn cu hnh trn mt i tng c bit ca Active Directory gi l i tng Chnh sch Nhm (Group Policy Object - GPO) sau kt ni cc GPO ny vo cc i tng trong Active Directory cha cc my tnh hoc ngi dng m bn mun cu hnh. GPO l mt tp hp ca rt nhiu cc thit lp cu hnh, t cc quyn ng nhp ca ngi dng n cc phn mm c cho php hat ng trong h thng. Bn c th gn cc GPO ny vi mi i tng cha trong Active Directory nh Min, site hoc OU v cc my tnh v ngi dng trong cc i tng cha s nhn c cc thit lp cu hnh trong GPO. Trong hu ht cc trng hp, ngi qun tr mng thit k cu trc phn cp sao cho c th p dng cc GPO mt cch hiu qu nht. Bng cch t cc my tnh c cc vai tr xc nh vo trong cng mt OU, bn c th gn mt GPO c cc thit lp c bit da trn vai tr ca cc my tnh vo OU ny v nh vy bn cu hnh mt lc c nhiu my tnh.
TNG KT
Windows Server 2003 c 4 phin bn chnhWeb Edition, Standard Edition, Enterprise Edition v Datacenter Editionchng khc nhau trong cch h tr phn cng v cc tnh nng m chng cung cp. Phin bn Enterprise v Datacenter c cc phin bn ring c th s dng vi cc nn phn cng 64 bit cng nh 32 bit. Windows Server 2003 bn thng mi hay bn dng th u yu cu c kha sn phm v bn phi kch hat sn phm trong vng 14 hoc 30 ngy sau khi ci t. Trang Manage Your Server v Trnh Hng dn Cu hnh My ch (Configure Your Server Wizard) cho php bn c th cu hnh my tnh chy Windows Server 2003 thc hin cc chc nng khc nhau. Active Directory l dch v th mc da trn min, cha cc i tng m bn thn cc i tng ny li c mt tp cc thuc tnh ca chng. Cu trc phn cp ca Active Directory c to bi rng, cy, min v OU. Quyn, Cp php v cc Chnh sch Nhm s c truyn xung theo cu trc phn cp . ci t Active Directory, bn thng cp mt hay nhiu my tnh chy Windows Server 2003 thnh my ch qun tr min bng cch s dng trnh ci t Active Directory Installation Wizard. Mt my ch qun tr min s cha mt bn ca CSDL Active Directory v n s chu trch nhim cung cp thng tin Active Directory p ng cc yu cu ca ngi dng.
BI TP THC HNH
Bi tp thc hnh 1-1: La chn h iu hnh
i vi mi phin bn h iu hnh ca Windows Server 2003 trong ct bn tri, hy ch ra cc m t tng ng trong ct bn phi. 1. Web Edition 2. Standard Edition 3. Enterprise Edition 4. Datacenter Edition a. H tr 512 GB b nh b. H tr chui my ch c 8 nt c. Khng chy c cc ng dng 16 bit d. H tr chui my ch 32 nt, c cn bng ti (NBL)
GII THIU H IU HNH WINDOWS SERVER 2003 5. Datacenter Edition (64bit) e. H tr my tnh c 4 CPU
Bi tp thc hnh 1-2: ng nhp vo Windows

Khi bn hon thnh vic ci t h iu hnh Windows Server 2003, my tnh khi ng li v hin tr hp thoi Welcome To Windows ng nhp vo my tnh ln u tin, bn thc hin cc thao tc sau: 1. Trong mn hnh Welcome To Windows, bn nhn ng thi 3 phm CTRL+ALT+DELETE. Hp thoi Log On To Windows (ng nhp vo Windows) xut hin. 2. Trong hp thoi Password, nhp vo mt khu m bn thit lp cho ti khon Administrator trong qu trnh ci t h iu hnh. Mn hnh nn Windows xut hin.
Bi tp thc hnh 1-3: Xem cc i tng Active Directory

Khi bn to ra mt Min Active Directory, theo mc nh h iu hnh s to ra mt s i tng cha v i tng l (container v leaf objects). xem thng tin v cc i tng ny, s dng cc thao tc sau: 1. ng nhp vo my ch qun tr Min bng ti khon Administrator 2. Nhn Start, tr n Administrative Tools v nhn vo Active Directory Users And Computers (Qun tr my tnh v ngi dng trong Active Directory). Ca s Active Directory Users And Computers xut hin. 3. M rng biu tng min ACNAxx.com trong bn tri v la chn OU Users bn trong domain . Cc i tng ngi dng v nhm trong OU Users xut hin trong bn phi.
CC CU HI N TP
1) Bn ang c k hoch trin khai cc my tnh chy Windows Server 2003 cho mt phng ban gm 250 ngi. My ch s cha cc th mc gc v cc th mc chia s cho phng ban ny, ng thi n s cha mt s my in cc ti liu ca phng ban ny c th gi n in n. Phin bn no ca Windows Server 2003 s cung cp gii php hiu qu nht cho phng ban ny. Gii thch v cu tr li ca bn. 2) Phin bn no sau y ca Windows Server 2003 yu cu kch hot sn phm: QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 55
GII THIU H IU HNH WINDOWS SERVER 2003 a) Phin bn bn l Standard b) Phin bn th nghim Enterprise c) Phin bn Enterprise, Giy php m (Open License) d) Phin bn Standard, Giy php theo dung lng (Volume License) 3) Ch ra s khc bit c bn gia cy Active Directory v rng Active Directory? 4) Kiu i tng Active Directory no sau y khng phi l i tng cha? a) Ngi dng b) Nhm c) My tnh d) Organizational unit 5) Mnh no sau y l ng khi ni v qu trnh ci t trong Windows Server 2003 ? (La chn tt c cc mnh c th) a) Trnh ci t c th c np bng cch khi ng t a CD. b) Trnh ci t c th c np bng cch khi ng t cc a mm c) Trnh ci t yu cu mt khu ca ti khon Administrator khng phi l trng p ng cc yu cu v tnh phc hp. d) Trnh ci t yu cu bn phi kch hot bn quyn sn phm trc khi ci t h iu hnh
CC KCH BN TNH HUNG

Kch bn 1-1: Cc tnh nng ca Windows Server 2003, phin bn Web
Bn l ngi qun tr mng v c giao nhim v trin khai cc my ch Windows Server 2003 cho Web-site thng mi mi ca cng ty. Web-site ny do mt nh t vn thu ngoi thit k. Site ny yu cu 4 my ch Web, cu hnh thnh mt chui my ch 4 trm (Clusters) hot ng theo ch Load-balancing (cn bng ti) ng thi phi c 1 my ch CSDL n chy trn nn SQL Server. K hoch trin khai ca cn b t vn yu cu s dng Windows Server 2003 Web Edition trn c 5 my ch. Trong cc mnh sau y, mnh no l ng khi ni v xut trin khai ny? 1. Phin bn Web l h iu hnh ph hp vi 5 my ch ny 2. Phin bn Web l h iu hnh ph hp vi my ch CSDL nhng khng ph hp vi cc my ch Web bi v n khng h tr chui my ch ch cn bng ti (NLB) 3. Phin bn Web l h iu hnh ph hp vi cc my ch Web nhng khng ph hp vi my ch CSDL v n khng th chy SQL Server 4. Phin bn WebEdition khng phi l h iu hnh ph hp vi c my ch Web v my ch CSDL
Kch bn 1-2: La chn phin bn Windows Server 2003

Bn ang c k hoch trin khai cc my tnh Windows Server 2003 cho mt min Active Directory mi trong mt Tng cng ty ln bao gm rt nhiu Active Directory tch bit c cc cng ty con duy tr. Tng cng ty quyt nh s dng Exchange Server 2003 xy dng h thng truyn tin thng nht cho ton b cc chi nhnh v d nh s dng Microsoft Metadirectory Services (MMS Dch v Siu th mc Microsoft) ng b cc thuc tnh ca cc i tng trn ton h thng. Phin bn Windows Server 2003 no s cung cp phng n hiu qu nht cho vic trin khai ny. Gii thch cu tr li.
QUN TR H IU HNH MICROSOFT WINDOWS SERVER 2003
CHNG 2: QUN TR H IU HNH MICROSOFT WINDOWS SERVER 2003

Cng vic hng ngy ca ngi qun tr h thng Windows Server 2003 phn ln bao gm cc nhim v cu hnh cc i tng Active Directory, chnh sa cc phn mm v cc dch v thit lp trn my tnh, ci t cc phn cng v phn mm mi, s dng cc cng c m h iu hnh cung cp thc hin rt nhiu nhim v khc. Khi h thng m rng thm nhiu my tnh, cc nhim v phi lm cng tng dn theo. Microsoft Management Console (MMC Bng iu khin Qun tr Microsoft) l cng c qun tr ch yu ca h thng Windows Server 2003. MMC cho php ngi qun tr c th tch hp cc cng c thng dng vo trong mt giao din n v s dng chng qun tr cc my tnh Windows mi ni trong mng. Hiu bit v cc tnh nng ca MMC l iu rt quan trng gip cho vic qun tr h thng mt cch hiu qu hn. Khi cc yu cu iu khin my tnh xa tr nn phc tp hn ngoi kh nng ca cc tc v c thc hin bi MMC, chng ta c th s dng hai cng c quan trng khc qun tr t xa: Remote Desktop for Administration (Mn hnh Qun tr T xa) v Remote Assistance (Tr gip T xa). Remote Desktop for Administration l mt ng dng theo kiu my ch/my khch trong mn hnh iu khin ca my ch xa c hin th trn mn hnh ca my trm ti ch, cho php bn c th iu khin chc nng ca chut v bn phm nh l bn ng nhp ti ch vo my tnh xa . Remote Assistance c chc nng tng t tuy nhin n c thit k cho php mt ngi s dng Windows Server 2003 hay Windows XP c th yu cu s tr gip t ngi dng khc trong mng. Khi mt ngi dng a ra mt yu cu h tr, mt chuyn gia no trong mng c th thit lp mt kt ni t xa n mn hnh ca ngi dng . Sau khi kt thc chng ny, bn c th: S dng cc bng iu khin MMC cu hnh sn. To mt bng iu khin MMC mi. Qun tr c my tnh ti ch v xa bng bng iu khin MMC QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -58--
QUN TR H IU HNH MICROSOFT WINDOWS SERVER 2003 X l cc s c ca Dch v u cui Cu hnh my ch cho php s dng Remote Desktop for Administration Cho php my tnh c kh nng chp nhn cc yu cu Remote Assistance S dng mt trong cc phng php yu cu v thit lp mt phin lm vic Remote Assistance.
QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -59--
S DNG MICROSOFT MANAGEMENT CONSOLE (MMC)

MMC l mt ng dng lp v (shell application) m Windows Server 2003 s dng cung cp cc truy cp n phn ln cc cng c qun tr mng v h thng. MMC cung cp mt giao din chun thng dng cho mt hoc nhiu cc module ng dng (c gi l cc snap-in) c s dng cu hnh mi trng h thng. Cc snap-in ny c trao cc nhim v khc nhau v cng c th kt hp, sp xp theo th t, hoc nhm li vi nhau trong mt lp v MMC ty theo s thch ca ngi qun tr. Mt MMC vi mt hoc nhiu snap-in ci t s c gi l mt Console (Bng iu khin). Phn ln cc cng c qun tr ch yu trong Windows Server 2003 l cc bng iu khin MMC vi mt danh sch cc snap-in c ci t ph hp cho mt ng dng no . Ngoi tr mt s trng hp, cn li hu ht mi shortcut (lin kt tt) trong nhm chng trnh Administrative Tools (Cc cng c qun tr) trn mt my tnh Windows Server 2003 u c lin kt n cc bng iu khin MMC cu hnh sn. V d, khi bn thng cp mt my tnh Windows Server 2003 thnh mt my ch qun tr domain, trnh hng dn ci t Active Directory Installation Wizard s to ra cc shortcut n ba cng c qun tr ch yu cho Active Directory: Active Directory Domains and Trusts (Min v Quan h tin cy trong Active Directory ) Active Directory Sites and Services (Dch v v V tr trong Active Directory) Active Directory Users and Computers (Ngi dng v Nhm trong Active Directory) Mi shortcut s m ra mt Bng iu khin MMC cha mt snap-in n nh trn Hnh 2-1. V d snap-in Active Directory Users and Computers c thit k sn cho vic qun tr cc i tng ngi dng, nhm v my tnh trong min. l cc snap-in nm trong lp v MMC, ch khng phi l bn thn cc MMC cung cp cc cng c qun tr m bn ang s dng.
Hnh 2-1: Bng iu khin Active Directory Users and Computers Ba bng iu khin Active Directory lit k trn u cha cc snap-in n l, nhng mt bng iu khin MMC khng ch gii hn s dng mt snapin ti mt thi im. Khi bn m bng iu khin Computer Management (Qun tr My tnh) trong nhm chng trnh Administrative Tools trn bt c mt my tnh Windows Server 2003 no, bn c th thy mt bng iu khin cha rt nhiu snap-in, tt c kt hp trong mt giao din n, thun tin nh trong Hnh 2-2
Hnh 2-2: Bng iu khin Computer Management QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -61--
QUN TR H IU HNH MICROSOFT WINDOWS SERVER 2003 LU : Tnh tng thch ca MMC. Bng iu khin MMC c th chy trn cc h iu hnh Windows Server 2003, Windows XP, Windows 2000, Windows NT 4 v Windows 98.
S dng giao din MMC

MMC s dng kiu thit k 2 , ging nh Windows Explorer (Trnh duyt Windows). bn tri, c gi l scope pane (khung phm vi), cha mt danh sch phn cp cc snap-in ci t trong bng iu khin ny v cc tiu m bng iu khin ny cung cp. Cu trc phn cp ny i lc cn c gi l console tree (Cy iu khin). Bn c th m rng v thu nh cc phn t thuc khung phm vi hin th nhiu hoc t cc thng tin, ging nh khi bn m rng v thu nh cc th mc bn trong Windows Explorer. La chn mt phn t trong khung phm vi s hin th ni dung ca n trong bn phi ca bng iu khin, c gi l details pane (Khung chi tit). Cc thnh phn m bn nhn thy trong khung chi tit s hon ton ph thuc vo chc nng ca cc snap-in m bn ang s dng. S dng cc Thc n trong MMC Pha trn hai ni trn, MMC c mt thc n v thanh cng c chun ca Windows. Cc lnh trn cc thc n v cc cng c trn thanh cng c s thay i ty theo snap-in no bn ang la chn trong khung phm vi. V d khi bn m bng iu khin Computer Management v ln lt nhn vo mi snap-in trong khung phm vi, bn s thy ni dung ca thanh cng c thay i theo cc snap-in ny, ng thi thay i c mt s ni dung ca thc n . Thc n chnh cho cc chc nng theo ng cnh trong mt bng iu khin MMC l thc n Action (Hnh ng). Khi bn la chn mt phn t ca snap-in trong c scope pane hay details pane, thc n Action s thay i cc lnh p dng vi phn t . Phn ln cc thc n Action cha mt thc n con All tasks (tt c cc tc v) cho php bn la chn cc tc v c th thc hin trn phn t m bn ang chn. (Nh ch ra trn hnh 23). Thng thng ta c th thy mt thc n con New (mi) di thc n Action cho php bn c th to cc phn t con trong phn t bn ang chn. Trong hu ht cc trng hp, cc lnh trong thc n Action i vi mt phn t la chn cng s xut hin trong thc n ng cnh, s hin ra khi bn nhn chut phi vo phn t .
Hnh 2-3: Thc n Action trong mt bng iu khin MMC Mc d thc n Action thay i thng xuyn, cc thc n khc trong MMC c th cha cc thnh phn ng cnh xc nh, in hnh l thc n View, cha cc lnh iu khin cch thc snap-in hin th thng tin. V d mt s snap-in trong MMC theo mc nh ch hin th mt phn cc thng tin c th, tuy nhin khi dng lnh Advanced Features (Cc tnh nng tin tin) xut hin trn thc n View, vic la chn lnh ny s cho php bng iu khin hin th y cc thng tin (Nh th hin trong Hnh 2-4)
Hnh 2-4: Bng iu khin Active Directory Users and Computers hin tr khi chn Advanced Features
QUN TR H IU HNH MICROSOFT WINDOWS SERVER 2003 S dng nhiu ca s Windows. Nu bn quan st cn thn trong phn pha trn bn phi ca mt trong cc bng iu khin MMC nh ngha sn, bn c th thy hai t hp phm thao tc Windows bi v cc snap-in ci t trong bng iu khin ny thc ra nm trong mt ca s ring v trong trng thi cc i (maximize) theo mc nh. Khi bn nhn vo phm Restore Down (thu nh - phm gia trong 3 phm) cc snap-in ny s thu v trng thi ca s ni nh trong Hnh 2-5.
Hnh 2-5: Mt bng iu khin MMC vi ca s ni Bn c th to thm cc ca s trong bng iu khin ny bng cch la chn New Window t thc n Window. iu ny cho php bn to ra 2 cch xem khc nhau i vi mt snap-in n hoc cng mt lc c th lm vic vi hai snap-in khc nhau trong mt bng iu khin (Nh hin th trong Hnh 2-6). Bn c th la chn mt phn t trong khung phm vi v la chn lnh New Window From Here (Ca s mi t y) t thc n Action to ra mt ca s mi trong phn t va la chn s c nm mc gc ca bng iu khin.
Hnh 2-6: Mt bng iu khin Windows vi 2 ca s m LU : M nhiu ca s Windows. Khng phi tt c cc bng iu khin MMC u cho php bn c th m ra nhiu ca s. Bn c th cu hnh mt bng iu khin hot ng ch User mode (ch Ngi dng) ngn nga vic to ra cc ca s mi. c thm thng tin v iu ny, xem thm mc Cc la chn thit lp Bng iu khin trong phn sau ca chng ny.
To cc bng iu khin MMC ty chn.

Windows Server 2003 c mt tp hp rt nhiu cc MMC Snap-in, khng phi tt c u c th truy cp ngay thng qua cc shortcut mc nh trong thc n Start (Bt u). Mt s cng c rt mnh c trang b cng vi h iu hnh bt bn phi t tm kim chng. Cc Developer (Lp trnh vin pht trin) ca cc hng phn mm khc cng c th to ra cc MMC snapin ca ring h v thm vo trong cc sn phm ca h. iu ny dn n mt trong nhng kh nng tt nht ca MMC, l kh nng to ra cc bng iu khin ty chn cha bt k cc snap-in no m bn mun s dng. Bn c th kt hp mt hoc nhiu snap-in hoc mt phn ca cc snap-in vo trong mt bng iu khin n to nn mt giao din n trong bn c th thc hin mi tc v qun tr h thng. Bng cch to ra cc MMC ty chn, bn khng phi chuyn gia cc chng trnh hoc cc bng iu QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -65--
QUN TR H IU HNH MICROSOFT WINDOWS SERVER 2003 khin khc nhau. Cc bng iu khin ty chn c th cha mi snap-in ca Windows Server 2003, cho d chng c a vo hay khng trong cc bng iu khin cu hnh sn, hay cc snap-in ca cc phn mm khc m bn c. File thc thi ca MMC l mmc.exe. Khi bn chy file ny t hp thoi Run hoc t du nhc dng lnh, mt bng iu khin trng c to ra nh th hin trong hnh 2-7. y l mt bng iu khin khng c snap-in no c v khi cc thc n v thanh cng c s c cc chc nng mc nh ca MMC. Phn t duy nht trong ca s bng iu khin l console root object (i tng gc ca bng iu khin) nm trong khung phm vi, n l mt khung cha, th hin mc trn cng ca cu trc phn cp trong bng iu khin. Trc khi bn c th thc hin bt k mt tc v qun tr no bng bng iu khin ny, bn phi thm mt hoc nhiu cc snap-in vo trong .
Hnh 2-7: Mt bng iu khin MMC trng Thm cc snap-in C hai loi snap-in nh sau: n l (StandAlone ): Mt snap-in n l l mt cng c n m bn c th ci t trc tip vo trong mt MMC trng. Cc snap-in n l QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -66--
QUN TR H IU HNH MICROSOFT WINDOWS SERVER 2003 xut hin trong lp u tin, nm trc tip di gc ca bng iu khin trong khung phm vi. M rng (Extension): Cc snap-in m rng cung cp thm tnh nng cho cc snap-in n l. Bn khng th thm mt snap-in m rng vo mt bng iu khin m trc cha thm snap-in n l tng ng. Cc snap-in m rng c th xut hin di cc snap-in n l tng ng trong khung phm vi ca bng iu khin. Mt s snap-in s cung cp cho ta c chc nng ca mt snap-in n l v m rng. V d snap-in Event Viewer (Xem s kin) c s dng hin th ni dung ca cc nht k s kin trong my tnh. Trong bng iu khin Computer Management, snap-in Event Viewer xut hin nh l mt snap-in m rng, nm di i tng System Tools trong khung phm vi, tuy nhin bn c th thm snap-in Event Viewer vo mt bng iu khin no nh l mt snap-in n l v khi n s nm ngay di gc ca bng iu khin. thm cc snap-in vo mt bng iu khin ty chn, bn la chn Add/Remove Snap-in (thm/bt Snap-in) t thc n File hin th hp thoi Add/Remove Snap-in (nh th hin trong Hinh 2-8). Theo mc nh, th Standalone trong hp thoi ny c la chn, bn nhn Add (thm) hin th mt danh sch cc snap-in n l c sn trong my tnh.
Hnh 2-8: Hp thoi Add/Remove Snap-in QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -67--
QUN TR H IU HNH MICROSOFT WINDOWS SERVER 2003 Bn c th la chn v thm vo bng iu khin bao nhiu snap-in n l ty thch. Sau khi bn thm cc snap-in n l vo, bn c th tr vo snapin n l , la chn th Extensions hin th mt danh sch cc snap-in m rng gn km vi snap-in n l m bn chn (Th hin trong hnh 29). Sau khi b i du chn trong Add All Extensions, bn c th la chn tng snap-in m rng m bn mun thm vo bng iu khin ny. S dng danh sch x xung trong mc Snap-in Added To, bn c th ch nh snap-in m rng c thm ny s nm ngay di gc ca bng iu khin hay di cc phn t khc trong cy.
Hnh 2-9: Th Extension trong hp thoi Add/Remove Snap-in To cc Taskpad (Bng Tc v) Khi bn nhp xong cc snap-in vo trong bng iu khin ty chn ca mnh, bn c th to thm cc taskpad ty chn. Taskpad l mt vng nm trong khung chi tit, dnh cho mt s snap-in nht nh, cha cc lin kt n cc chc nng thng xuyn c snap-in ny s dng (Th hin trong hnh 2-10). to ra mt taskpad, bn chn mt snap-in trong khung phm vi v la chn New Taskpad View t thc n Action. Trnh hng dn New Taskpad View Wizard s hng dn bn cc thao tc xc nh v tr v cch thc xut hin ca taskpad. Sau khi to ra taskpad, bn c th chy trnh hng dn New Task Wizard to ra cc kt ni trong taskpad ny. QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -68--
Hnh 2-10: Mt bng iu khin MMC vi taskpad Cc ty chn thit lp bng iu khin. Khi bn thm cc snap-in bn mun vo trong cc bng iu khin MMC, bn c th thit lp cc la chn ch nh ngi dng khc c th thay i ci g trong cu hnh ca bng iu khin ny. Chn Options t thc n File hin th hp thoi Options, trong bn c th ch nh tn hin th trn thanh tiu ca bng iu khin, v la chn ch cho bng iu khin. Theo mc nh, mi bng iu khin mi bn to ra u c cu hnh s dng ch Author mode (Ch tc gi) cho php ton quyn truy cp n n mi chc nng ca bng iu khin. Cc ch m bn c th la chn nh sau: Author Mode: Cung cp ton quyn truy cp bng iu khin, bao gm kh nng thm hoc bt cc snap-in, to thm ca s, to cc taskpad view v cc tc v, xem ton b thng tin trong cy bng iu khin, thay i cc la chn v lu cu hnh ca bng iu khin. User Mode: Full Access (Ch ngi dng - Ton quyn truy cp): Cho php ngi dng c quyn duyt qua cc snap-in v cc ca s truy cp n mi thnh phn ca cy bng iu khin. Cm ngi dng thm/bt cc snap-in hoc thay i cc thuc tnh ca bng iu khin. User Mode: Limited Access, Multiple Windows (Ch ngi dng Hn ch truy cp, nhiu ca s): Cho php ngidng to ca s mi v xem nhiu ca s trong bng iu khin nhng khng cho php ng bt cc ca s sn c. QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -69--
QUN TR H IU HNH MICROSOFT WINDOWS SERVER 2003 User Mode: Limited Access, Single Window: (Ch ngi dng Hn ch truy cp, mt ca s): Khng cho php ngi dng m thm ca s mi v ch cho php xem mt ca s trong bng iu khin Cc ch trong bng iu khin cho php bn to ra cc bng iu khin cho nhng ngi dng c kh nng hn ch v nhng ngi dng khng c php thay i bng iu khin. Cc thit lp ch trong bng iu khin chnh l l do ti sao bn khng th thm cc snap-in vo trong cc bng iu khin c cu hnh sn do Windows Server 2003 cung cp. Lu cc bng iu khin MMC. Khi bn cu hnh xong mt bng iu khin ty chn ng nh bn mong mun, bn phi lu n li thnh mt file sau bn c th tip tc s dng. File bng iu khin MMC c phn m rng .msc v s c gn vi ng dng mmc.exe, do khi m mt file bng iu khin, h thng s np chng trnh mmc.exe v m file . Theo mc nh, cc bng iu khin c lu trong th mc Administrative Tools trong User profile (Khi lc ngi dng) v do n s xut hin nh mt shortcut trong nhm chng trnh Administrative Tools ca thc n Start . LU : shortcut Bng iu khin. Shortcut cho bng iu khin ty chn ca bn ch xut hin trong nhm chng trnh All Programs/Administrative Tools, khng phi trong nhm Administrative Tools ca bn thn thc n Start
Kt ni n cc my tnh xa
Cc bng iu khin MMC xut hin trong thc n Start ca mt my tnh chy Windows Server 2003 u c cu hnh qun l cc ti nguyn trong ni b my tnh . Tuy nhin, vi hu ht cc snap-in c cung cp trong Windows Server 2003, bn cng c th qun l cc my tnh khc qua mng. y l mt trong nhng tnh nng hu ch nht ca MMC bi v n cho php cc nh qun tr mng c th qun tr cc my tnh bt k u trong mng t mn hnh my trm ca mnh. LU : Mc ch ca k thi. Mc ch ca k thi 70-290 l hc vin c kh nng qun tr my ch t xa v qun tr my ch bng cch s dng cc cng c h tr sn c Bn c th truy cp vo mt my tnh xa s dng mt MMC snap-in bng hai cch: QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -70--
QUN TR H IU HNH MICROSOFT WINDOWS SERVER 2003 Hng cc snap-in c sn vo my tnh khc To mt bng iu khin ty chn vi cc snap-in tr n cc h thng khc. kt ni v qun tr h thng khc s dng MMC snap-in, bn phi np bng iu khin bng mt ti khon c quyn qun tr trn my tnh xa. Cp php cn thit chnh xc ty thuc vo chc nng m snap-in thc hin. Nu ti khon s dng khng c quyn trn my tnh xa, bn s c kh nng np snap-in nhng khng th c thng tin hoc chnh sa cc thit lp cu hnh trn my tnh . LU : S dung Run as. Nu bn bit ti khon bn ang s dng khng c cc cp php cn thit qun l my tnh xa, bn c th s dng tnh nng Run as - cn gi l ng nhp th cp chy bng iu khin vi ti khon khc c cc quyn thch hp vi cc tc v m bn mun thc hin. nh hng cho snap-in. Mt snap-in s c hng n mt h thng xc nh bng cch s dng lnh Connect To Another Computer trong thc n Action. La chn lnh ny s m ra mt hp thoi Select Computer (Nh th hin trn Hnh 2-11), trong bn c th nhp vo tn ca my tnh bn mun qun tr v nhn OK, cc phn t ca snap-in trong khung phm vi s thay i th hin tn ca my tnh m bn va la chn.
Hnh 2-11: Hp thoi Select Computer Khng phi tt c cc snap-in u c kh nng kt ni n cc my tnh xa bi v mt s snap-in khng cn iu ny. V d bng iu khin qun tr Active Directory s t ng tm n my ch qun tr min trong mng v QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -71--
QUN TR H IU HNH MICROSOFT WINDOWS SERVER 2003 truy cp vo CSDL Active Directory ti , do khng cn phi nhp vo tn my tnh. To mt bng iu khin kt ni t xa. Kt ni n mt my tnh xa bng cch nh hng mt bng iu khin sn c l cch rt tin dng thc hin cc tc v qun tr, nhng n li b gii hn bi thc t l bn c th ch c truy cp n mt my tnh trong mt thi im. Bn c th m mt bng iu khin v nh hng mi khi bn mun truy cp n h thng xa. Mt phng php c nh hn l to ra mt bng iu khin ty chn vi cc snap-in c nh hng sn n cc h thng khc. Khi bn thm mt snap-in vo mt bng iu khin ty chn bng cch chn n trong danh sch cc snap-in v nhn nt Add, bn c th thy mt hp thoi trong bn c th la chn snap-in ny s qun l my tnh no, nh th hin trong Hnh 2-12. iu ny s lm tng kh nng ca qun tr ca cc MMC, bn khng ch to ra cc bng iu khin vi rt nhiu cng c trong m bn cn c th s dng cc cng c vi nhiu my tnh trong h thng. V d, bn c th to ra mt bng iu khin n cha rt nhiu snap-in Computer Management trong mi snap-in tr n mt my tnh khc nhau. iu ny cho php bn c th qun tr cc my tnh Windows Server 2003, Windows XP v Windows 2000 trn ton mng t mt bng iu khin n duy nht.
QUN TR H IU HNH MICROSOFT WINDOWS SERVER 2003 Hnh 2-12: Hp thoi Computer Management
QUN TR MY CH BNG REMOTE DESKTOP FOR ADMINISTRATION (MN HNH QUN TR T XA)
Trong Windows 2000, Terminal Services (Dch v u cui) l mt thnh phn phi ci t ring, cn vi Windows Server 2003 n c ci t mc nh bi h iu hnh coi dch v ny nh l mt thnh phn c tchh hp sn ca chng. Bng cch mua v cu hnh giy php hp l, bn c th cu hnh mt my tnh chy Windows Server 2003 phc v cc my khch Terminal Services, cung cp kh nng truy cp mn hnh Windows v cc ng dng trn my ch ny. Tuy nhin, Terminal Services khng ch c chc nng h tr cc my khch Terminal Services. Bn c th s dng Terminal Services truy cp n cc my tnh xa thc hin cc tc v qun tr m khng cn kh nng chia s ng dng. Windows Server 2003 gi l tnh nng Remote Desktop for Administration (Mn hnh Qun tr T xa). H iu hnh cho php ti a 02 kt ni Remote Desktop for Administration ng thi m khng yu cu bt k giy php no v s dng rt t ti nguyn h thng. LU : Mc ch ca k thi. Mc ch ca k thi 70-290 l hc vin c kh nng qun tr my ch bng cch s dng Terminal Services theo ch qun tr t xa S dng bng iu khin MMC, bn c th kt ni n mt my tnh xa v thc hin rt nhiu tc v qun tr, tuy nhin mt qun tr mng i khi cn truy cp mt cch ton phn n my tnh . Terminal Services trong Windows Server 2003 cho php mt phn mm my khch c tn Remote Desktop Connection (Kt ni Mn hnh T xa) chy trn mt my tnh khc kt ni n my ch v truy cp n mi thnh phn trong my ch ny. Ca s mn hnh ca my khch hin th mn hnh ca my ch, cho php ngi dng c th truy cp n mi cng c v iu khin tiu chun trn my ch v thm ch cn c th chy cc ng dng trn my ch ny. (Th hin trong Hnh 2-13)
Hnh 1-13: Mt phin lm vic Remote Desktop
Kch hot v Cu hnh My ch Remote Desktop

Bi v mi thnh phn cn thit thc hin kt ni Remote Desktop for Administration u c ci t mc nh trong h iu hnh Windows Server 2003, do vic kch hot ng dng pha my ch l cng vic n gin. Trong th Remote ca hp thoi System Properties Cc thuc tnh H thng - (Truy cp n hp thoi ny bng cch chn biu tng System trong bng iu khin Control Panel), la chn Allow Users To Connect Remotely To This Computer (Cho php ngi dng kt ni t xa n my tnh ny) (Nh hin th trong hnh 2-14). Theo mc nh, thnh vin ca nhm Administrators cc b ca my tnh c quyn truy cp t xa n my tnh ny. cho php ngi dng khc c th truy cp n my tnh bng Remote Desktop, bn phi chn mc Select Remote Users v thm ti khon ca ngi dng ny vo danh sch cho php.
Hnh 1-14: Th Remote trong hp thoi System Properties Vic chn la chn ny l tt c cc vic bn phi lm kch hot my ch Remote Desktop trong Windows Server 2003. Tuy nhin, bn cng c th cu hnh cc thuc tnh ca my ch Remote Desktop bng cch s dng snap-in Terminal Services Configuration trong MMC (Nh th hin trong Hnh 2-15). LU : Terminal Services v My ch qun tr min (DC). Theo mc nh, my ch qun tr min c cu hnh chp nhn cc kt ni Terminal Services ch t cc thnh vin trong nhm Administrators. Thm ch nhng ngi dng m bn t tay thm vo nhm Remote Desktop Users cng khng th truy cp c. loi b hn ch ny, bn phi thay i gi tr hiu lc ca kha Allow Log On Through Terminal Services (Cho php ng nhp t Terminal Services) trong chnh sch nhm, m theo mc nh danh sch lit k trong kha ny ch c nhm Administrators. lm iu ny, bn c th chnh sa chnh sch ni b (Local computer policy) ca my ch qun tr min hoc nh ngha cc thit lp tng t trong i tng chnh sch nhm (GPO) m gn vi cc i tng Active Directory cha cc my ch ny, V d nh Default Domain Controller Policy GPO. (Chnh sch Mc nh cho My ch Qun tr Min) QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -75--
Hnh 2-15: Snap-in Terminal Services Configuration cu hnh cc thuc tnh ca my ch Remote Desktop, ta thm snap-in c tn Terminal Services Configuration vo bng iu khin MMC. Nhn vo th mc Connnections trong khung phm vi, la chn kt ni RDP-Tcp lit k trong khung chi tit v t thc n Action, la chn Properties. Hp thoi RDP-Tcp Properties xut hin. S dng cc th trong hp thoi ny, bn c th cu hnh rt nhiu thuc tnh ca my ch nh sau: General (Tng quan): Thit lp mc m ha v k thut xc thc cho kt ni n my ch.
QUN TR H IU HNH MICROSOFT WINDOWS SERVER 2003 Logon setting (Thit lp ng nhp): Cho php bn xc nh cc thng s ng nhp c s dng trong cc kt ni n my ch thay cho cc thng s ng nhp do my khch cung cp. Sessions (Phin lm vic): Cha cc thit lp c quyn u tin hn cc thit lp ca my khch, ch ra khi no kt thc mt phin kt ni, gii hn thi gian kt ni v thi gian ngh cho php ca phin, ng thi ch ra c cho php kt ni li hay khng. Environment (Mi trng): Ph nhn cc thit lp ca my khch v cu hnh trong User profile (Khi lc ngi dng) chy mt chng trnh no khi kt ni n my ch. Remote Control (iu khin t xa): Ch ra kh nng iu khin t xa ca phin lm vic Remote Desktop Connection c thc hin c hay khng v nu c th liu ngi dng c bt buc phi gn cc quyn khi khi to mt phin lm vic t xa hay khng. Cc thit lp ph thm c th hn ch phin lm vic t xa ch cho php xem hoc cho php ton quyn tng tc vi h thng. Client Settng (Cc thit lp vi my khch): Ph nhn cc thit lp trn my khch v cn chnh su mu sc v vic nh x cc ti nguyn. Network Adapter (card mng): Xc nh card mng no trn my ch c th tip nhn cc kt ni Remote Desktop for Administration Permissions (Cp php): Xc nh cc quyn c cp ca cc kt ni Remote Desktop.
Ci t v Cu hnh Remote Desktop Connection (Kt ni ti Mn hnh T xa)

Mt my tnh khi to kt ni n my ch Remote Desktop, n phi chy mt chng trnh c tn Remote Desktop Connection. Chng trnh my khch ny c ci t theo mc nh trong h iu hnh Windows Server 2003 v Windows XP, tuy nhin n cn c th chy trn bt k phin bn Windows 32 bit no. Windows Server 2003 c cc file ci t ca Remote Desktop Connection trong a CD ci t ng thi n cn c chp vo trong th mc Systemroot\System32\Clients\Tsclient\Win32. Bn c th ci t phn mm my khch ny trn bt k mt my tnh no t c hai b ci ny bng cch s dng cc thao tc sau: QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -77--
QUN TR H IU HNH MICROSOFT WINDOWS SERVER 2003 T a CD: Cho a CD ci t Windows Server 2003 vo trong . Khi mn hnh Welcome to Microsoft Windows Server 2003 xut hin, nhn vo lin kt Perform Additional Tasks (thc hin cc tc v khc) v chn Set Up Remote Desktop Connection (Ci t Kt ni Mn hnh T xa. Lm theo cc ch th hin th trn mn hnh ca Trnh Hng dn Ci t Kt ni Mn hnh T xa (Remote Desktop Connection InstallShield Wizard) T trn mng: To mt th mc chia s t th mc Systemroot\System32\Clients\Tsclient\Win32. Kt ni n th mc chia s ny t my tnh khch v chy file Setup.exe. Lm theo cc ch th hin th trn mn hnh ca trnh hng dn Remote Desktop Connection InstallShield Wizard HNG DN NHANH Cp nht My khch: Bn nn nng cp cc my tnh chy cc phin bn trc ca dch v Terminal my khch bng phin bn mi nht ca Remote Destop Connection nhn c cc tnh nng u vit ca n nh: Giao din ngi dng c sa li, M ha 128 bit, v La chn Cng Thay th, Khi chng trnh c ci t, bn c th kt ni n my ch bng cch chy chng trnh thng qua shortcut Remote Desktop Connection trong thc n Start v cu hnh my khch thng qua hp thoi Remote Desktop Connection. Cc th trong hp thoi ny cho php bn cu hnh cc tham s my khch nh sau: LU : Xem cc la chn my khch: Nhn chut vo nt Options (cc la chn) hin th ton b hp thoi Remote Desktop Connection General (Tng quan): Cho php bn xc nh my khch ny kt ni n my ch no, cc thng s m my khch s dng ng nhp v liu c lu cc thit lp cu hnh cho kt ni ny hay khng.
Display (Hin th): Cho php bn xc nh kch thc ca ca s Remote Desktop, su mu v liu cc thanh kt ni c xut hin hay khng trong ch ton mn hnh.
Local Resource (Ti nguyn ni b): Cho php bn cu hnh liu c truyn cc tn hiu m thanh trn my ch n my khch hay khng, cch thc kt hp phm ca Windows th hin trn my xa nh th no v liu a cng, my in v kt ni bng cng serial c gn vo phin lm vic t xa ny khng. V d la chn Disk Drives s cho php cc a cng trn my khch s xut hin trong phin kt ni Remote Desktop nh l cc a cng cc b ca my ch
Programs (Chng trnh): Cho php bn xc nh tn v th mc khi u cho mt ng dng s c np ngay khi kt ni t xa c thit lp.
Experience (Kinh nghim): Cho php bn xc nh tc ca kt ni gia my khch v my ch v v hiu ha mt s thuc tnh ca mn hnh hin th tng bng thng kt ni v tng kh nng giao tip gia my khch v my ch.
QUN TR H IU HNH MICROSOFT WINDOWS SERVER 2003 LU : Remote Desktop v Terminal Services.Remote Desktop for Administration v Terminal Services s dng chung rt nhiu thnh phn. Vi mt giy php thch hp, ngi dng mng c th s dng cng my khch truy cp mt my ch terminal chy mt ng dng chia s no hoc s dng Remote Desktop for Administration.
Khc phc cc s c ca Terminal Services

Khi bn s dng Remote Desktop for Administration, bn to ra mt kt ni gia chng trnh my khch v mt my ch. Remote Desktop for Administration s dng cng kiu kt ni ging nh Terminal Services s dng chy cc ng dng chia s, v do cc nguyn nhn ca cc s c kt ni cng s ging nhau. Trong trng hp mt kt ni b t hoc phin lm vic khng th s dng v l do no , nguyn nhn c th xc nh theo cc phn on sau: LU : Mc ch ca k thi. Mc ch ca k thi 70-290 l hc vin phi c kh nng X l cc S c ca Terminal Services, Chn on v Gii quyt cc vn lin quan n Bo mt Terminal Services v Chn on v Gii quyt cc vn lin quan n cc Truy cp ca My khch n My ch Terminal Services Kt ni mng hng: Vi bt k ng dng no da trn kt ni my ch/my khch, cc s c thng do trc trc ng kt ni mng, v d nh cc thit lp cu hnh ca TCP/IP khng ng, trc trc trong vn phn gii tn DNS, vn nh tuyn hoc phn cng mng hat ng khng tt. Bn c th kim tra cc kt ni mng bng cch xem cc ng dng mng khc c hot ng tt hay khng, th kt ni s dng IP thay v dng tn DNS v xem cc ngi dng khc c b hin tng tng t hay khng. Kim tra cc thit lp TCP/IP trn cc my ch v my khch xem c chnh xc cha, kim tra my ch DNS c hot ng tt khng v cc phn cng mng c trc trc g khng. Cc thit lp cng: Terminal Services s dng cng TCP v UDP 3389 cho tt c cc kt ni gia my ch v my khch theo mc nh. Nu hoc my ch hay my khch c cu hnh s dng cc cng khc nhau hoc nu v mt l do no cng ny b chn li (V d nh Tng la), kt ni gia my ch v my khch s khng thc hin c. QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -81--
QUN TR H IU HNH MICROSOFT WINDOWS SERVER 2003 Cc thng s cp php (Credential): ngi dng phi thuc nhm Administrators hoc Remote Desktop Users c th kt ni n cc my ch bng Remote Desktop for Administration. Hn na, bn c th chn cc kt ni t mt ngi dng xc nh bng cch kch hat quyn ngi dng Deny Logon Through Terminal Services (T chi Truy cp thng qua Dch v Du cui) trong chnh sch bo mt ni b hoc s dung chnh sch nhm (GP). S lng cc kt ni: Nu phin lm vic ngi dng b ngt khi ngi dng cha log off, my ch c th coi kt ni vn m v iu ny c th dn ti vic t n gii hn kt ni mc d c khng qu hai ngi ang kt ni ti thi im . Remote Desktop for Administration cho php ti a hai kt ni ti cng mt thi im.
S DNG REMOTE ASSISTANCE

Remote Desktop c thit k cung cp cc truy cp qun tr t xa n my tnh, tuy nhin cc ngi dng cui i khi cng c th tn dng kh nng ny. Rt nhiu ngi dng, nht l nhng ngi khng c kh nng k thut tt, hay c cc vn d v cu hnh v c cch t cc cu hi m cc chuyn gia h tr (thm ch l bn b, ngi thn) kh c th gii quyt hoc tr li thng qua in thoi. Remote Assistance l mt bin th khc ca Terminal Services cho php ngi dng c th yu cu s gip t mt ngi dng khc xa v nhn s gip ny thng qua cc hng dn hoc lm mu ngay trn mn hnh ca h m khng cn phi n tn ni. Remote Assistance cho php ngi gip (hoc chuyn gia theo cch m cc ng dng vn cp n) c th h tr, gii quyt s c v thm ch o to ngi dng khi h cn, vi chi ph thp v thi gian tr rt nh. LU : Mc dch ca k thi. Mc ch ca k thi 70-290 l hc vin c th Qun tr My ch T xa S dng Remote Assistance
Kch hot Remote Assistance

Trc khi bn c th nhn c cc tr gip t xa, bn phi kch hot chc nng ny bng mt trong cc cch sau: S dng Control Panel: M System Properties trong Control Panel v la chn th Remote. nh du chn Turn On Remote Assistance And Allow Invitations To Be Sent From This Computer (Bt chc nng h tr t xa v cho php cc ngh c th gi i t my tnh ny). Nhn vo phm Advance, bn c th cu hnh cho php chuyn gia nm ton quyn iu khin my tnh hoc ch cho php QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -82--
QUN TR H IU HNH MICROSOFT WINDOWS SERVER 2003 xem cc hot ng trn my tnh, ng thi xc nh thi gian c hiu lc ca li ngh gip t xa. S dng Chnh sch nhm: S dng bng iu khin Group Policy Object Editor (gpedit.msc) m mt GPO ca mt min hoc mt OU cha cc my khch. Duyt n mc Computer Configuration\Administrative Templates\System\Remote Assistance v kch hot chnh sch Solicited Remote Assistance (Thu ht cc h tr t xa). Chnh sch ny s cho php bn c th xc nh mc iu khin ca chuyn gia trn my khch, khong thi gian hiu lc ca li ngh gip v phng php gi th ngh. Chnh sch Offer Remote Assistance ( xut H tr T xa) cho php bn xc nh tn ngi dng hoc nhm c gi l chuyn gia v liu cc chuyn gia ny c th thc hin cc tc v trn my khch hay ch quan st theo di my khch m thi.
To li ngh
nhn c cc tr gip t xa, mt my khch phi a ra li ngh v gi n n mt chuyn gia no . My khch c th gi li ngh ny s dng mt trong cc phng php sau y. Microsoft Windows Messenger (Dch v Truyn thng ip ca Windows): s dng dch v Windows Messenger cho kt ni Remote Assistance, bn phi c tn ti khon Windows Messenger ca chuyn gia trong danh sch lin lc v gi yu cu trc tip t Windows Messenger trn my khch. Remote Assistance ch c php yu cu trc tip khi chuyn gia ang trc tuyn trn mng (online) Th in t: gi mt li ngh bng th in t, c hai my tnh u phi l cc my trm tng thch v c kh nng truyn/nhn th in t bng giao thc MAPI (Messaging Application Programming Interface Giao din Lp trnh ng dng Truyn thng ip) File: Khi bn lu li ngh vo mt file, bn c th s dng bt k phng thc no gi file n chuyn gia,c th bng th in t (khng cn thit phi s dng giao thc MAPI), bng mt giao dch FTP (File Tranfer Protocol Giao thc Truyn File trn Internet) hay s dng a mm. to ra mt ngh, bn la chn Help And Support (Tr gip v h tr) t thc n Start m mn hnh Help And Support Center (Trung QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -83--
QUN TR H IU HNH MICROSOFT WINDOWS SERVER 2003 tm tr gip v h tr) v nhn vo lin kt Remote Assistance hin th mn hnh nh Hnh 2-16:
Hnh 2-16: Mn hnh Remote Assistance Khi bn nhn vo lin kt Invite Someone To Help You ( ngh ai gip bn), bn s thy mt giao din nh Hnh 2-17. Sau bn lm theo cc hng dn la chn phng thc lin lc
Hnh 1-17: Trang Remote Assistance trong Help And Support Center HNG DN NHANH S dng mt khu. Khi ngi dng to ra mt li ngh, h c th ch nh mt khu m chuyn gia s phi s dng kt ni n my tnh ca h. Bn nn yu cu ngi dng lun lun s dng mt khu trong cc kt ni Remote Assistance v hng dn h cch cung cp mt khu ny cho cc chuyn gia s dng mt phng thc truyn thng khc vi phng thc h s dng khi gi li ngh ny i. Chuyn gia khi nhn c li ngh c th tham gia vo vic tr gip bng cch chy ng dng Remote Assistance, ng dng ny cho php chuyn gia kt ni n my tnh xa nh hnh 2-18. S dng giao din ny, ngi dng v chuyn gia c th ni chuyn hoc nhn tin cho nhau v theo mc nh, chuyn gia c th nhn thy mi th, mi c ch ca ngi dng ang thc hin trn my tnh ca h. Nu my trm xa c cu hnh cho php iu khin t xa, chuyn gia c th nhn vo nt Take Control v thc hin cc thao tc iu khin my tnh ny.
Hnh 1-18: Giao din Remote Assistance ca chuyn gia
Bo mt Remote Assistance
Bi v mt chuyn gia khi s dng kh nng iu khin t xa mt my khch s c th thc hin tt c cc tc v trn my tnh nh mt ngi dng ti nn tnh nng ny c th gy ra vn v bo mt. Khi mt ngi dng cha c xc thc c th nm quyn iu khin mt my tnh bng Remote Assistance th hon ton c th gy nn cc ph hoi khng gii hn. Tuy nhin, Remote Assistance c thit k gim thiu cc nguy c ny bng cch s dng mt s tnh nng sau: Invitations ( ngh): Khng ai c th kt ni n mt my tnh khc bng Remote Assistance tr khi ngi nhn c li ngh t my khch. My khch c th cu hnh khong thi gian hiu lc ca li mi tnh bng pht, gi, hoc ngy hn ch khng cho cc chuyn gia c mi kt ni n my tnh ca mnh sau . Interactive connectivity (Cc kt ni tng tc): Khi mt chuyn gia chp nhn li mi t mt my khch v kt ni n my tnh , mt ngi dng phi ngi ti my khch v cho php chuyn gia QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -86--
QUN TR H IU HNH MICROSOFT WINDOWS SERVER 2003 quyn truy cp. Bn khng th s dng Remote Assistance kt ni n mt my tnh m khng c ai cho php. Client-site Control (iu khin ti my khch): Cc my khch lun l ngi c quyn quyt nh cui cng trn mt kt ni Remote Assistance. My khch hon ton c th ngt kt ni bt k lc no bng cch nhn phm ESC hoc nhn vo Stop Control (ESC) trong trang Remote Assistance hin th trn my khch. Remote Control Configuration (Cu hnh iu khin t xa): S dng hp thoi System Properties hoc cc chnh sch nhm tr gip t xa (Remote Assistance Group Policy), ngi dng v ngi qun tr c th xc nh liu chuyn gia c c php iu khin my khch hay khng. Mt chuyn gia khi ch c quyn c s khng c kh nng chnh sa cu hnh my tnh khi s dng Remote Assistance. Cc chnh sch nhm cng c th cho php ngi qun tr c quyn ch nh ngi dng no c coi l chuyn gia v khng mt ngi dng no khc c th s dng Remote Assistance kt ni n my khch mc d c quyn trn my . Firewalls (Tng la): Remote Assistance s dng cng 3389 trong giao thc TCP khi truyn thng trn mng. Khi cc h thng mng s dng Remote Assistance ni b v c kt ni n Internet, ngi qun tr mng nn chn cng ny trn tng la ngn cn ngi dng bn ngoi mng c th nm quyn iu khin my tnh thng qua cc ngh h tr t xa bng Remote Assistance. Tuy vy, chng ta hon ton c th cung cp kh nng h tr t xa n cc my khch thng qua Internet khi m cng 3389 ny. LU : S dng Windows Messenger. Nu bn mun s dng Windows Messenger gi li ngh Remote Assistance, bn phi m cng 1863 cho php ng dng Windows Messenger c th truyn thng.
TNG KT
Microsoft Management Console l cng c qun tr h thng chnh dnh cho Windows Server 2003 MMC l mt ng dng lp v m bn s dng chy cc snap-in, l cc cng c ring bit c np vo trong MMC C hai loi snap-in: Stand-Alone (n l) v Extention (M rng) trong cch thc hin th v chc nng ca loi m rng trong MMC s ty thuc vo ng cnh. Mt s snap-in c th s dng vi c my tnh ti ch v xa, mt s th ch gii hn trong cc my tnh ti ch. Bng iu khin MMC c th lu ch Tc gi (Author Mode), cho php ngi dng c ton quyn vi cu hnh ca bng iu khin hoc Ch Ngi dng (User Mode), cho php gii hn cc quyn truy cp. Remote Desktop for Administration cho php bn qun tr mt my ch xa nh l bn ng nhp vo my ch ti ch vi vai tr qun tr. Remote Assistance l mt s tr gip c tnh cht tha thun: Ngi dng ngh chuyn gia gip hoc chuyn gia, nu c cu hnh thng qua chnh sch nhm, c th khi to mt phin h tr. Trong cc trng hp khc, ngi s dng phi chp nhn thit lp kt ni v lun lun trong trng thi iu khin phin h tr ny. Khng bao gi chuyn gia c th nm quyn iu khin my tnh m ngi dng khng c thng bo. Remote Desktop Connection l thnh phn mc nh ca Windows XP v Windows Server 2003, c th ci t trn bt k h iu hnh Windows 32 bit no t a CD ci t Windows Server 2003 (hoc sau khi chia s th mc) hoc t bt k my tnh Windows Server 2003 no. C hai tnh nng Remote Desktop for Administration v Remote Assistance u s dng Dch v u cui (Terminal Services) truyn thng, nhng khng bao gi yu cu mt giy php Terminal Services c bit no.
BI TP THC HNH
Bi tp thc hnh 2-1: M mt ca s MMC
Trong bi tp thc hnh ny, bn m mt ca s th hai trong mt bng iu khin MMC. 1. Nhn Start, tr vo Administrative Tools v nhn Computer Management. Bng iu khin Computer Management xut hin 2. T thc n Window, chn New Window. Mt ca s th hai xut hin bn trn ca s th nht. 3. T thc n Window, la chn Tile Horizontally (xp theo hang ngang). Bng iu khin thay i v hin th 2 ca s cng mt lc. Lu rng bn c th thao tc trn hai ca s hon ton c lp nhau.
Bi tp thc hnh 2-2: To mt bng iu khin MMC ty chn

Trong bi tp thc hnh ny, bn s to mt bng iu khin MMC ty chn mi 1. Nhn Start v sau chn Run. Hp thoi Run xut hin 2. Trong hp vn bn Open, nhp vo mmc v nhn OK. Mt ca s c tn Console1 xut hin 3. T thc n File, la chn Add/Remove Snap-in. Hp thoi Add/Remove Snap-in xut hin 4. Nhn Add. Hp thoi Standalone Snap-in xut hin 5. Trong danh sch Available Standalone Snap-in, la chn Device Manager v nhn Add. Hp thoi Device Manager xut hin 6. Nhn Finish chp nhn cc thit lp mc nh v nhn Close sau nhn OK. Snap-in Device Manager xut hin trong phm vi (scope pane) ca bng iu khin 7. T thc n File, la chn Save as v sau lu bng iu khin trong th mc mc nh Administrative Tools vi tn l DevMgr.msc.
Bi tp thc hnh 2-3: Kch hot Remote Desktop for Administration

Trong bi tp thc hnh ny, bn cu hnh my khch chp nhn cc kt ni Remote Desktop 1. Nhn Start, tr vo Control Panel v la chn System. Hp thoi System Properties xut hin 2. La chn th Remote v sau chn Allow Users To Connect Remotely To This Computer 3. Nhn OK
CC CU HI N TP
1. Ch mc nh khi bn to mt Bng iu khin MMC l g ? 2. Liu mt snap-in c th hng vo c my tnh ti ch v my tnh xa cng lc c khng ? 3. Nu cc thng s cp php cn thit qun tr mt my tnh xa s dng MMC ? 4. Liu mt MMC c sn c th thay i ng cnh t Ti ch sang T xa hay phi np mt snap-in kiu tng t vo trong bng iu khin thc hin kt ni t xa? 5. Liu mi chc nng ca snap-in c lun lun sn sng s dng khi bn kt ni n mt my tnh xa? 6. Bao nhiu kt ni ng thi c kh nng thc hin n mt my ch Terminal chy ch Remote Administration? Ti sao ? 7. Cng c no c s dng kch hot Remote Desktop trn mt my ch ? a. Terminal Services Manager b. Terminal Services Configuration c. System Properties trong Control Panel d. Terminal Services Licensing
CC KCH BN TNH HUNG

Tnh hung 2-1: S dng Remote Assistance
Cng ty ca bn kch hot Remote Assistance trong mi my tnh trong h thng. Nhn vin kinh doanh thng xuyn i cng tc v s dng my xch tay thc hin cng vic khi h ang trn ng. Trong h thng mng ni b, bn s dng Windows Messenger lin lc vi cc my trm v s dng Remote Assistance. Tuy nhin, bn cm cc d liu kiu Instant Messenger vi Internet bng cch ng cng TCP 1863 ti tng la. Bn mun thc hin tc v Remote Assistance i vi cc my khch xa nhng bn khng th kt ni n h bng Windows Messenger xem h c online hay khng. M t hai phng php thay th cho cc nhn vin kinh doanh c th gi cc ngh Remote Assistance n cc chuyn gia trong vn phng cng ty?
Tnh hung 2-2: S dng kt ni Remote Desktop

Bn ang c gng kt ni n mt my ch Windows Server 2003 trong mng ca bn bng Remote Desktop Connection, tuy nhin bn lun nhn c thng bo sau khi bn c gng kt ni:
Bn kim tra thit lp trn my ch v xc nhn cc iu sau y: 1. Bn l thnh vin ca nhm Remote Desktop Users 2. Bn khng phi l thnh vin ca nhm Administrators 3. Bn c kh nng kt ni n mt th mc chia s trn my ch Terminal v my tnh ny c phn hi vi lnh ping. Thit lp no m bn phi kim tra trn my ch Terminal gii quyt s c ny ?
GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003
CHNG 3: GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003

Mt trong nhng nhim v chnh ca ngi qun tr h thng l m bo cho h thng mng chy trn tru v hiu qu v Windows Server 2003, vi mt b su tp cc cng c cho php bn thc hin iu ny. Mt my ch c th hot ng vi kh nng cao nht ngay sau khi ci t, tuy nhin hiu nng ca n c th gim dn theo thi gian v rt nhiu l do. Mt ngi qun tr h thng tt phi gim st hiu nng ca my ch thng xuyn u n nhn bit chiu hng v pht hin cc s c c th nh hng n hiu nng. Hc cch s dng cc cng c qun tr ca Windows Server 2003 mt cch ng n l mt k nng c bn bn c th nhn bit cc thay i hiu nng h thng trc khi ri vo tnh trng thm ha. Sau khi hon thnh chng ny, bn c kh nng: S dng Event Viewer gim st nht k h thng Cu hnh Task Manager hin th cc d liu hiu nng S dng System Monitor hin th cc d liu hiu nng thi gian thc To cc counter log (Nht k ca cc bin m) v cc Alert (Cnh bo)
QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -92-
CC K NNG GIM ST MY CH
Cc cng c gim st hiu nng my ch c trong Windows Server 2003 cho php ngi qun tr c th kim tra rt nhiu cc tham s h thng theo rt nhiu cch khc nhau. Cch thc bn s dng cc cng c ph thuc vo cc ti nguyn m bn mun gim st cng nh cc s thch c nhn ca bn. C hai kiu gim st h thng c bn nh sau: Gim st theo thi gian thc: Gim st thi gian thc s dng cc cng c hin th chui lin tc cc thng s, m t h thng ang lm g ti thi im hin ti. Cc thng s ny c th hin th bng s liu hoc di dng th. Hin nhin, phng php ny cung cp cc thng tin gn vi hin ti nht, tuy nhin ch c mt s t qun tr h thng c thi gian v s thch ngi xem th cc tham s hiu nng h thng sut c ngy di. Gim st bng nht k: Gim st nht k thng thng cung cp cc thng tin tng t nh gim st thi gian thc tuy nhin cc thng tin ny c lu trong mt thit b lu tr c nh thay v (hoc thm vo) hin th chng ngay lp tc. Phng php ny cho php ngi qun tr c th quan st xu hng pht trin qua thi gian di hn l theo di trong mt phin gim st thi gian thc. Khi s dng gim st bng nht k, cc qun tr h thng phi m bo cung cp khng gian lu tr lu cc d liu chp c v ng nhin, h phi kim tra cc thng tin ny u n Cch thc s dng ca vic gim st thi gian thc v gim st bng nht k khng c tnh cht loi tr nhau. Mi phng php c gi tr ring ca n v mt s cng c gim st ca Windows Server 2003 h tr c hai.
Gim st cc phn h
Hiu nng h thng Windows Server 2003 c th chia thnh 4 phn h c bn, mi phn h ny phi hot ng tt my tnh c th vn hnh c mt cch hon ho. Bn phn h ny l: B vi x l: Mt b vi x l trong my tnh thc hin hng triu php tnh s dng cc chu k ng h (Clock Cycles) ca b vi x l, vi mi php tnh ton dnh cho mt tc v c bit. Cc chu k ng h trong b vi x l c phn chia cho rt nhiu cc tin trnh chy trong my tnh. B vi x l cng nhanh th cng c nhiu chu k ng QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -93-
GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003 h trong mt khong thi gian nht nh. Gim st hiu nng b vi x l thng thng s kim tra mc hot ng ca b vi x l khi n thc hin cc tc v thng l. Nu vic s dng chu k ng h ca b vi x l lun t n 100%, hiu nng h thng c th ang qu ti do khng nng lc x l. B nh: B nh truy cp ngu nhin (RAM) l mt khng gian lu tr tm thi m mt my tnh s dng nh mt vng m cho d liu i t v n b vi x l. Khi khng b nh RAM sn sng hon thnh cc tc v c th no , Windows s dng khng gian a cng thay cho RAM trong mt tin trnh gi l paging (phn trang). Bi v truy cp cc a cng chm hn rt nhiu so vi truy cp RAM nn hiu nng h thng s gim khi c qu nhiu vic phn trang din ra. Gim st hiu nng b nh l mt cng vic quan trng m bo my tnh c b nh hon thnh cc tc v chuyn bit ca n. a cng: Cc a cng trong my tnh cung cp kh nng lu tr lu di cho h iu hnh v cc file ng dng, cng nh cc d liu s dng v to ra bi cc ng dng. Gim st hiu nng ca phn h a cng thng thng s phi kim tra s lng cc yu cu truy cp a cng ang i x l ti mt thi im c th. Nu mt lng ln cc d liu ang i c hoc ghi vo a, hiu nng ni chung ca my tnh c th l ang qu ti. Mng: Gim st phn h mng c s khc bit i cht so vi 3 phn h trn bi v hiu nng ca mng c th b nh hng bi cc yu t bn ngoi cng nh bn trong. Mt lng ln cc yu cu truyn thng qua mng c xp hng c th lm gim hiu nng h thng, iu ny c th c cc ngi dng trn mng cm nhn, mc d bn thn my tnh vn hot ng hon ho. Xc nh phn h no trong my tnh yu cu gim st k cng hn ph thuc vo cc ng dng m my tnh ny ang chy. Cc ng dng khc nhau yu cu hiu nng ca cc phn h cc mc khc nhau v mt s c vi mt phn h nht nh no c th c cc tc ng khc nhau i vi cc ng dng khc nhau.
Thit lp mt Baseline (ng c s)

Khi bn gim st cc c tnh ca hiu nng h thng, gi tr hiu nng thc ca cc phn h l khng quan trng bng s thay i ca cc gi tr ny theo thi gian. V d nu bn kim tra hiu nng ca b vi x l ca mt my ch m c ci t ln u cch y mt nm v pht hin ra mc s QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -94-
GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003 dng ca b vi x l l 100%, bn khng c cch no bit c liu n lun nh vy hay l c s thay i no gn y tc ng n hiu nng ca b vi x l ny. Do cc nguyn nhn trn, mt trong nhng phn quan trng nht trong vic gim st hiu nng my ch l thit lp ng c s cho cc mc hiu nng h thng m bn c th tham kho sau ny. l l do ti sao phn gii thiu ca chng ny ch ra rng bn nn hc cch s dng cc cng c gim st trc khi mi th c th h hng. Mt ng c s l mt tp hp ca cc mc hiu nng khi my tnh hot ng mt cch bnh thng, tt nht l ngay sau khi n c ci t v cu hnh y . Bng cch so snh cc mc sau ny vi ng c s, bn c th xc nh liu hiu nng ca cc phn h ny ang b suy gim hay khng. Bn s hc thm v cch to cc ng c s trong phn sau ca chng ny v tho lun v rt nhiu cng c gim st c trong Windows Server 2003.
S DNG EVENT VIEWER

Windows Server 2003 duy tr rt nhiu nht k cha cc thng tin v cc tin trnh ang chy. xem cc nht k ny, bn c th s dng snap-in Event Viewer (Trnh xem s kin) trong MMC. Event Viewer c th hot ng nh mt snap-in n l hoc m rng. Nhm chng trnh Administrative Tools trong Windows Server 2003 c mt shortcut dn n bng iu khin cha Event Viewer, ng thi snap-in ny cng i km vi rt nhiu cc cng c khc trong bng iu khin Computer Management. LU : Mc ch ca k thi. Mc ch ca k thi 70-290 l hc vin c kh nng gim st v phn tch s kin. Cc cng c c th bao gm Event Viewer v System Monitor
Cc nht k trong Event Viewer

Khi bn np ng dng Event Viewer (Th hin trong Hnh 3-1), khung Phm vi cha mt danh sch cc nht k duy tr trong h thng. Ba nht k c bn xut hin trong tt c cc my tnh chy Windows Server 2003 l: ng dng: Cha cc thng tin v cc chng trnh chy trong my tnh, c xc nh bi cc nh pht trin ng dng H thng: Cha cc thng tin v cc s kin do cc cu thnh ca Windows Server 2003 sinh ra, v d nh cc dch v hoc trnh iu khin thit b. V d, mt dch v khng khi ng c hoc mt trnh iu khin khng th np trong qu trnh khi ng h thng s QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -95-
GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003 c ghi li trong nht k H thng. Cc kiu s kin ghi c trong nht k ny c h iu hnh cu hnh trc v khng th thay i c. y l cc nht k c bn ca Windows Server 2003 v bn nn lun lun xem cc nht k ny u tin khi bn tm kim thng tin v mt s c h thng no . Bo mt: C th cha cc thng tin v cc s kin lin quan n bo mt, v d nh khng ng nhp thnh cng, cc truy cp n cc ti nguyn c bo v (V d nh cc th mc chia s hoc file h thng) v s thnh cng hoc tht bi ca cc s kin c kim nh (audit). Windows Server 2003, trong cu hnh mc nh ca n, khng ghi thng tin trong nht k Bo mt. Cc s kin ghi li trong nht k ny c xc nh bi cc chnh sch kim nh m bn c th kch hot bng cc Chnh sch Cc b ca My tnh (Local Computer Policy) hoc cc Chnh sch Nhm (Group Policy). Theo mc nh, ch c cc thnh vin ca nhm Administrators mi c kh nng xem cc nht k ny.
Hnh 3-1: Bng iu khin Event Viewer Khi mt my tnh c thng cp thnh mt my ch qun tr min, hai nht k sau y c thm vo Event Viewer: Dch v th mc (Dircetory Service): Cha cc thng tin v dch v th mc s dng Active Directory, v d nh vic ng b cc i QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -96-
GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003 tng khng th cng tn ti hoc cc s kin quan trng trong th mc. Dch v ng b file (File Replication Service): Cha cc thng tin v s thnh cng hoc tht bi ca cc hot ng ng b xy ra gia cc my ch qun tr min. Cui cng, khi my tnh c ci t dch v Microsoft DNS Server, Event Viewer c cha thm nht k: DNS Server: Cha cc thng tin v tnh trng v hot ng ca dch v DNS Server Mc d Event Viewer cha cc nht k quan trng nht ca Windows Server 2003 nhng n khng cha tt c. Mt s lng ln cc dch v c trong h iu hnh s duy tr cc nht k ring ca n. Trong hu ht cc trng hp, cc nht k ny l cc file vn bn n gin m bn c th m bng bt k trnh son tho vn bn no, v d nh ng dng Windows Notepad. Mt s cc nht k ring l bn c th tim thy trn my tnh chy h iu hnh Windows Server 2003 nh sau: Kim nh DHCP Dr. Watson (Cc li ca chng trnh) Cc hot ng Fax Internet Connection Firewall (ICF Tng la cho cc Kt ni Internet) Microsoft Internet Information Services (IIS Dch v Thng tin Internet ca Microsoft) Cc my khch ca Windows Media Services Cc giao dch CSDL trong WINS (Dch v Chuyn i Tn Internet)
Hiu cc kiu s kin

Khi bn la chn mt trong cc nht k lit k trong khung Phm vi ca snap-in Event Viewer, bn s thy mt danh sch cc s kin ring bit trong khung Chi tit. Kiu ca mi s kin s c hin th ngay bn cnh n bng cc biu tng. Kiu ca s kin th hin tm quan trng ca n v cho bit n l kt qu ca mt qu trnh thng thng hay mt s c no . Cc kiu s kin s dng trong snap-in Event Viewer c lit k trong QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -97-
GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003 Bng 3-1. Hin nhin, cc bo li v cc cnh bo l nhng kiu s kin c ngha nht i vi mt ngi qun tr mng bi v chng th hin rng cc s c quan trng ang xy ra. Bng 3-1: Cc kiu s kin trong Windows 2000 Kiu s kin Li Cnh bo Thng tin Kim nh thnh cng Kim nh tht bi Biu tng M t Mt s c c ngha quan trng, v d nh mt d liu hoc sai chc nng Mt s kin c th khng c ngha nhng c th th hin mt s c trong tng lai Mt s kin m t hot ng thnh cng ca mt ng dng, trnh iu khin hoc dch v Mt truy cp bo mt thnh cng c kim nh Mt truy cp bo mt tht bi c kim nh
Nhn p vo mt s kin trong khung khung Chi tit ca Event Viewer s hin th hp thoi thuc tnh ca s kin . Nh th hin trong Hnh 3-2. Hp thoi ny cha mt hoc nhiu thng tin v s kin, bao gm: Date (Ngy): Ngy s kin din ra Time (Thi gian): Thi gian s kin din ra Type (Kiu): Kiu s kin din ra (Li, cnh bo, thng tin, kim nh thnh cng hoc kim nh tht bi) User (Ngi dng): Tn ca ngi dng lin quan n tin trnh sinh ra s kin ny Computer (My tnh): Tn ca my tnh trn s kin ny xy ra. Source (Ngun): Module phn mm sinh ra s kin ny Category (Hng mc): S phn loi ca s kin ny, c nh ngha bi tin trnh ngun Event ID (M s ca s kin): Mt gi tr n nht nhn bit s kin c th ny. Description (M t): Mt thng bo vn bn m t bn cht ca s kin, c to ra bi tin trnh ngun Data (D liu): D liu nh phn sinh ra bi s kin QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -98-
Hnh 3-2: Hp thoi Event Properties
Cu hnh nht k trong Event Viewer

Mi nht k trong snap-in Event Viewer c hp thoi thuc tnh ring ca n m bn c th s dng cu hnh cc tham s duy tr nht k v iu khin thng tin no c hin th trong nht k. Cc thit lp ny c ni n trong phn tip sau y ca chng trnh Cc thit lp duy tr nht k s kin Trn th General ca mi hp thoi Properties ca nht k (nh ch ra trn Hnh 3-3), bn c th ch nh kch thc ti a ca nht k v cch x l ca n khi cc nht k ny t n kch thc ti a. Cc la chn duy tr nht k c th l: Overwrite Events As Needed (Ghi cc s kin khi cn): Nht k s xa tng mc c nht nu cn khi file nht k t n kch thc ti a xc nh
GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003 Overwrite Events Older Than X Days (Ghi s kin c hn X ngy): Nht k s duy tr cc mc trong mt s ngy (1 n 365) xc nh bi la chn ny v ghi cc mc c hn nu cn. Nu nht k t n gi tr ti a xc nh v khng c mc no c hn s ngy ch nh, h thng ngng ghi s kin mi vo nht k. Do Not Overwrite Events (Clear Log Manually) (Khng ghi nht k (Xa nht k th cng)): H thng duy tr mi mc ca nht k cho ti khi chng c xa i mt cch th cng bi ngi qun tr. Khi nht k t n kch thc ti a xc nh, h thng s ngng ghi cc s kin vo nht k.
Hnh 3-3: Th General trong hp thoi Properties ca nht k s kin H thng Cc thit lp mc nh cho cc nht k s kin trong mt my ch qun tr min Windows Server 2003 chy dch v Microsoft DNS Server th hin trong Bng 3-2. Cc nht k ca dch v th mc v ng b file c kch thc ti a rt nh (512K) bi v cc mc vo ca nht k ny l tng i him. Nht k H thng, tuy vy, li c kch thc ti a v cng ln (128 QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -100-
GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003 MB). iu ny xy ra khi my tnh c thng cp thnh mt my ch qun tr min v mt phn ca vic cu hnh mc nh cho my ch qun tr min Windows Server 2003 l kch hot mt s chnh sch kim nh, iu ny gy ra mt s lng ln cc s kin c ghi vo trong nht k H thng. Trong khi , gi tr ti a mc nh cho nht k Bo mt trong mt my tnh Windows Server 2003 m khng phi my ch qun tr min l 16MB Bng 3-2: Cc thit lp mc nh duy tr nht k s kin Event Log Application Directory Service DNS Server Maximum Log Size Log Retention Setting 16,384 KB (16 MB) 512 KB 16,384 KB (16 MB) Overwrite events as needed (Ghi khi cn) Overwrite events as needed Overwrite events older than 7 days (Ghi cc s kin c hn 7 ngy) Overwrite events as needed
File Replication 512 KB Service Security System
131,072 KB (128 Overwrite events as needed MB) 16,384 KB (16 MB) Overwrite events as needed
LU : Cu hnh cc thit lp duy tr s dng cc chnh sch nhm. Ngoi cch cu hnh cc thit lp duy tr cho cc nht k s kin mt cch th cng bng cch s dng snap-in Event Viewer, bn cn c th cu hnh cc tham s tng t cho cc nht k ng dng, H thng v Bo mt bng cch kch hot cc chnh sch nhm Event Log trong i tng chnh sch nhm (GPO) v p dng n vo cc my tnh ring l hoc vo mt i tng cha trong Active Directory. Trn mt my ch qun tr min, vic thit lp mc nh Overwrite Events As Needed trong nht k Bo mt c th dn n vic cc d liu lin quan n vn bo mt hoc cc truy cp ti nguyn quan trng s b ghi nu ngi qun tr khng thng xuyn lu cc mc trong nht k li. m bo cc nht k Bo mt khng b mt, Windows Server 2003 c QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -101-
GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003 mt bin php mnh di hnh thc mt chnh sch nhm cho la chn bo mt gi l Audit: Shut Down System Immediately If Unable To Log Security Audits (Kim nh: Tt h thng ngay lp tc nu khng th ghi nht k kim nh Bo mt).
S dng cc b lc Khi bn s dng Event Viewer ln u tin, snap-in ny hin th mi s kin c ghi li trong nht k la chn theo th t thi gian. Ty vo kch thc ca nht k v cc thit lp duy tr, danh sch ny c th rt di. Tuy nhin, nhiu mc trong nht k l thuc kiu Thng tin, l cc kt qu ca cc hat ng thng thng hng ngy. nh v cc mc c bit trong danh sch ny, bn c th chnh sa th t sp xp ca n bng cch nhn vo mt trong cc tiu ca ct hoc bn c th gii hn hin th cc thng tin xut hin trong nht k tp trung vo cc s kin quan trng, bng cch s dng Filter (B lc) hoc dng lnh Find (Tm kim) trin khai mt B lc trn mt nht k trong Event Viewer, t thc n View, la chn Filter hin th th Filter trong hp thoi Properties ca nht k s kin, nh th hin trong Hnh 3-4. Trong hp thoi ny, bn c th ch nh kiu s kin no bn mun hin th v la chn cc s kin tiu biu gim bt danh sch s kin v kch thc c th qun l c.
Hnh 3-4: Th Filter trong hp thoi Properties ca nht k s kin kim tra cc mc c bit trong danh sch cc s kin, bn c th la chn lnh Find t thc n View hin th hp thoi Find (Th hin trong Hnh 3-5) C hai hp thoi trong Th Filter v Find u cho php bn la chn t cc danh sch s kin tiu biu trong Cc kiu s kin Windows 2000 ni n trong chng trc, nh v cc mc c bit.
Hnh 3-5: Hp thoi Find trong Event Viewer Truy cp nht k s kin t xa Nh rt nhiu snap-in MMC khc, bn c th s dng Event Viewer xem cc nht k trn cc my tnh Window khc nh l xem trn my tnh bn ang lm vic. thc hin iu ny, trong khung Phm vi, la chn i tng Event Viewer (Local) v la chn Connect To Another Computer (Kt ni ti my tnh khc) t thc n Action. Trong hp thoi Select Computer, ch ra tn ca my tnh m bn mun xem cc nht k s kin trn my .
Lu gi cc Nht k s kin Snap-in Event Viewer c th lu cc nht k thnh file trong mt s nh dng, bao gm dng vn bn (.txt), dng bng (.csv) v mt nh dng nht k s kin c phn m rng l .evt, nh dng ny c th m bng snap-in. Khi bn lu cc nht k ny vo mt file, bn c mt bn ghi lu di ca QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -104-
GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003 cc mc vo v khi bn c th xa cc nht k ny. Lu nht k thng xuyn u n m bo rng cc file nht k khng tng trng qu ln v gy ra mt mt d liu.
S DNG TASK MANAGER

Task Manager (Trnh Qun l Tc v) l mt ng dng quan trng ca Windows m bn c th s dng hin th thng tin v cc mc hiu nng hin ti ca my tnh cng nh qun l cc chng trnh hoc cc tin trnh ang chy trong h thng. Bn c th m Task Manager bng cch nhn phi chut vo vng trng ca thanh tc v v la chn Task Manager t thc n ng cnh, hoc c th nhn ng thi Ctrl+Alt+Del v chn vo phm Task Manager. Hp thoi Windows Task Manager theo mc nh s cha 5 th: Applications (ng dng) Processes (Tin trnh) Performance (Hiu nng) Networking (Mng) Users (ngi dng) Chc nng ca mi th c m t trong cc phn sau y ca chng. LU : Mc ch ca kha hc. Mc ch ca kha hc 70-290 l hc vin c kh nng gim st file v my ch in n. Cc cng c c th s dng bao gm Task Manager, Event Viewer v System Monitor
Lm vic vi cc ng dng
Th Applications (Th hin trong Hnh 3-6) ch ra trng thi ca cc chng trnh mc ngi dng ang chy trong h thng. Cc dch v v ng dng h thng chy trong cc ng cnh khc vi ngi dng ang ng nhp s khng hin th. i vi cc ng dng lit k y, ct Status (Trng thi) s ch ra liu ng dng ang chy (running) hay l khng phn ng (not responding).
Hnh 3-6: Th Applications trong Task Manager Bng cch la chn mt ng dng t trong danh sch v nhn vo Switch To, bn c th chuyn sang mn hnh hat ng ca ng dng ny v vn Task Manager m nh l ng dng nn. Bn cn c th la chn mt mc trong danh sch v nhn End Task ng ng dng li. LU : ng cc tc v. ng mt ng dng bng cch s dng Task Manager khng phi l cch c khuyn khch tr khi ng dng c trng thi Not Responding v khng th ng c bng cc cch khc. Khi bn kt thc mt tc v bng cch ny, bn thng mt cc d liu m bn cha kp lu vo trong a cng. Khi bn nhn phi chut vo mt ng dng trong danh sch v la chn Go To Process t thc n ng cnh, hp thoi chuyn sang th Processes v tr vo tin trnh lin quan n ng dng . y l mt tnh nng hu ch khi bn ang mun tm xem tin trnh ca mt ng dng c bit no khi tn ca tin trnh kh c th on bng trc gic. QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -106-
GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003 Khi bn nhn vo phm New Task, mt hp thoi Create New Task (to tc v mi) xut hin, trong bn c th nhp vo hoc duyt n tn ca bt k mt file chy hoc lnh chun no . Hp thoi ny c chc nng tng t nh hp thoi Run m c th truy cp t thc n Start. Gim st cc tin trnh Th Processes (Th hin trong Hnh 3-7) lit k tt c cc tin trnh ca cc ngi dng hin ti ang chy trn my tnh. Khi bn la chn Show Processes From All Users (Hin th cc tin trnh t tt c ngi dng), bn cnh cc ng dng mc ngi dng, danh sch ny cn hin th c cc dch v v cc tin trnh h thng. Theo mc nh, danh sch ny bao gm cc thng tin sau y v mi tin trnh: Image Name: Tn ca file chy tin trnh ny. User Name: Tn ti khon ngi dng l ch nhn ca tin trnh ny CPU: Phn trm ca b vi x l do tin trnh ny s dng Mem Usage: Dung lng b nh tin trnh ny s dng
GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003 Hnh 3-7: Th Processes trong Task Manager Bng cch chn Select Columns t thc n View, bn m hp thoi Select Columns (Th hin trn Hnh 3-8), trong bn c th thm hoc bt cc ct d liu trong khung hin th. Task Manager cung cp mt b su tp cc counters (bin m), cho php bn c th hin th cc thng tin chi tit v b vi x l, b nh v kh nng s dng I/O ca mi tin trnh trong danh sch. Bn c th sp xp danh sch hin th theo bt k bin m no bng cch nhn vo tiu ca ct .
Hnh 3-8: Hp thoi Select Columns gim st thng tin d dng v cc tin trnh h thng, bn c th thao tc chng bng Task Manager. Bng cch nhn phi chut vo bt k tin trnh no trong danh sch, bn c th thc hin cc tc v sau: Set Priority (Thit lp mc u tin): Chnh sa thi gian b vi x l s dng cho tin trnh trong mi tng quan vi cc tin trnh khc trong h thng Set Proccessor Afinity (Thit lp mi quan h vi x l): Ch nh bn mun chy tin trnh bng b vi x l no trn mt h thng my tnh c nhiu b vi x l. End Proccess (Kt thc tin trnh): Dng tin trnh ngay lp tc. Mi ti nguyn cha lu s b mt QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -108-
GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003 End Proccess Tree (Kt thc cy tin trnh): Dng mi tin trnh v cc tin trnh con hoc tin trnh lin quan ngay lp tc. Mi d liu cha lu s b mt. Debug (G li): To ra mt trng hp ngoi l ngt tin trnh v gn n vi mt trnh g li c ci t trong h thng. CNH BO: Thao tc vi cc tin trnh. Thay i cc thit lp ca mt tin trnh v d nh mc u tin hay mi lin h vi b vi x l c th gy ra nhng tc ng c hi n hiu nng ca cc ng dng khc trong h thng. Kt thc mt tin trnh v c bit l mt cy tin trnh ch nn lm khi cc thao tc thng thng kt thc tin trnh l khng thc hin c. Windows Server 2003 c c ch bo v cc tin trnh ca h iu hnh khng b ngt bi Task Manager, tuy nhin chng vn c th d b nh hng bi s thiu ti nguyn h thng do vic iu chnh mc u tin ca cc tin trnh khc gy ra. Gim st mc hiu nng Th Performance (Th hin trong Hnh 3-9) hin th cch nhn trong thi gian thc v hiu sut s dng b vi x l v b nh. Mc s dng ca mi b vi x l v mc s dng ca page file (file phn trang b nh) c hin th bng th cng vi cc gi tr thng k t trc ca cc thng s ny. Nhn p chut vo mt trong cc th s m rng n theo chiu dc (trc tung) hin th cc gi tr mt cch r rng hn. Cc hin th s bn di s cho bit mc s dng b nh vt l (Physical), b nh li (Kernel) v b nh cam kt (Commit), ng thi c s lng cc Handle (Lin kt gia cc tin trnh), Thread (Lung), v cc tin trnh ang hot ng
Hnh 3-9: Th Performance trong Task Manager Gim st cc hot ng ca mng Th Networking (Th hin trong Hnh 3-10) cho thy cc kt ni mng ang hot ng theo tn, cng vi tc kt ni, phn trm bng thng s dng v trng thi hot ng ca n. ng thi c mt th hin th bng thng s dng trong kt ni mng ang chn hin ti. Cng ging nh trn, vic nhn p vo trong th ny s hin th th mt cch r rng hn bng cch m rng trc tung y ca n.
Hnh 3-10: Th Networking trong Task Manager Gim st ngi dng Th Users (Th hin trong Hnh 3-11) s lit k tt c cc ngi dng ang ng nhp vo my tnh. Cc ngi dng ng nhp c th l ngi dng lm vic trc tip ti mn hnh iu khin hoc ngi dng ng nhp qua kt ni t xa trn mng. S dng cc iu khin trong th ny, bn c th ng xut ngi dng , ngt kt ni ca h n my tnh hoc gi thng bo cho h.
Hnh 3-11: Th Users trong Task Manager
S DNG PERFORMANCE CONSOLE (BNG IU KHIN HIU NNG)

Performance console (Bng iu khin hiu nng) l mt trong nhng cng c gim st mnh nht trong Windows Server 2003. Bng iu khin ny cha hai snap-in sau y: System Monitor (Gim st H thng): Hin th cc d liu hiu nng thi gian thc thu thp c t cc phn t cu hnh gi l cc performance counters (Bin m hiu nng) Performance Logs and Alerts (Nht k v Cnh bo Hiu nng): Ghi d liu t cc Bin m Hiu nng theo mt chu k thi gian nht nh v thc thi cc hnh ng xc nh khi cc bin m ny t n mt gi tr no . Performance l mt bng iu khin MMC c th truy cp t mt shortcut trong nhm chng trnh Administrative Tools. Bn cng c th thm cc QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -112-
GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003 snap-in khc vo trong bng iu khin ty chn. Theo mc nh, Bng iu khin Performance s gim st my tnh hin ti, tuy nhin bn c th cu hnh snap-in ny gim st hiu nng ca bt k my tnh no trong mng nu nh bn c cc quyn thch hp. THNG TIN THM. S dng cc Snap-in trong MMC. c thm thng tin v vic to ra cc bng iu khin MMC, xem Chng 2 trong cun sch ny. LU . Mc ch ca k thi. Mc ch ca k thi 70-290 l hc vin phi c kh nng gim st hiu nng h thng
S dng System Monitor (Gim st H thng)

Khi bn m Bng iu khin Performance, theo mc nh th snap-in System Monitor (Gim st h thng) xut hin, th hin trong Hnh 3-12. Khung Chi tit ca snap-in c mt th dng ng, c cp nht theo thi gian thc, cho ta thy cc mc hin ti ca ba Bin m Hiu nng sau y: Memory: Pages/Second (B nh:Trang/giy): T l cc trang b nh c c t hay ghi vo a gii quyt cc li hard page (li Hard page xy ra khi cc tin trnh gi n cc on m hay d liu cn thit nhng hin khng sn sng trong cc tp lm vic (worrking set) hay trong b nh RAM, v chng buc phi ti to cc thng tin trn t a cng). Bin m ny l thng s chnh cho bit cc kiu/dng li gy ra tr trong h thng. PhysicalDisk(_Total): Average Disk Queue Length (a cng: di Hng i a Trung bnh). Bin m o di c gi tr l trung bnh s lng ca cc yu cu c v ghi trong hng i truy cp a cng c ly mu theo mt khong thi gian xc nh.
Hnh 3-12: Mn hnh hin th System Monitor theo mc nh Processor(_Total): % Processor Time (B vi x l: % Thi gian ca B vi x l). Phn trm ca thi gian tri qua m b vi x l tiu tn thc hin mt chui lnh lin tc (non-idle thread). Bin m ny l thng s ch yu th hin hat ng ca b vi x l v hin th trung bnh phn trm thi gian bn ghi c trong mt khong thi gian ly mu nht nh. Thay i cch Quan st th Mu nh dng c trnh by bn di ca th th hin mu dng k ca mi bin m trong ba bin m trn, gi tr tng ng ca mi bin m v cc thng s nhn dng khc v cc bin m ny. Khi bn la chn mt bin m trong s , gi tr hin ti s hin th di dng s di y ca th. Nhn vo phm Highlight trong thanh cng c (hoc nhn Ctrl+H) thay i th ca bin m chn thnh mt dng k rng mu trng gip ta d dng phn bit c chng trn th (Th hin trong Hnh 3-13)
Hnh 3-13: Mt th System Monitor vi bin m (counter) c t sng Nu my tnh ca bn ang trong trng thi ngh, bn c th lu rng cc ng k trong th mc nh s nm l lng gn y ca thang chia v s kh khn nhn thy c cc gi tr ca chng. Bn c th gii quyt vn ny bng cch chnh sa thang chia trong trc y (trc tung). Nhn vo phm Properties trn thanh cng c (hoc nhn Ctrl+Q) hin th hp thoi System Monitor Properties, sau la chn th Graph (Th hin trong Hnh 3-14). Trong hp Vertical Scale, bn c th gim gi tr ti a ca trc y, u ny s dn n vic ta s c mt th rng hn hin th cc d liu ca bin m
Hnh 3-14: Th Graph ca hp thoi System Monitor Properties Trong th General ca hp thoi System Monitor Properties, bn cn c th chnh sa tn sut ly mu ca th. Theo mc nh, th cp nht cc gi tr ca bin m sau mi 1 giy, tuy nhin bn c th tng gi tr ny hin th d liu trong khong thi gian lu hn trn mt trang ca th. iu ny cho php ta c th d dng pht hin cc xu hng c tnh cht lu di trong cc gi tr ca bin m. LU . Chnh sa thuc tnh ca th. Hp thoi System Monitor Properties cha mt lng ln cc iu khin khc m bn c th s dng chnh sa cch hin th b ngoi ca th. V d, trong th Graph, bn c th thm vo Tiu ca trc v cc ng k li ng thi trong th Appearance, bn c th thay i mu nn ca th v la chn cc kiu (font) ch khc. S dng cc cch Quan st khc. Bn cnh th dng ng, System Monitor cn hai cch thc xem khc bn c th quan st cng mt d liu: Cch xem Biu v cch xem Bo co. Bn c th thay i cch hin th sang cc cch trn bng cch QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -116-
GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003 nhn vo cc phm View Histogram hoc View Report trn thanh cng c, hoc bng cch nhn Ctrl+B hay Ctrl+R. tr v cch xem th c, bn nhn vo phm View Graph hoc nhn Ctrl+G. Cch xem bng Biu l mt th bao gm cc thanh thng ng cho mi bin m, th hin trong Hnh 3-15. Trong cch xem ny, d dng gim st mt lng ln cc bin m bi v cc dng k khng trng ln nhau.
Hnh 3-15: Cch xem bng biu trong System Monitor Cch xem bng Bo co (Th hin trong Hnh 3-26) hin th cc gi tr s cho mi performance counters (Bin m hiu nng)
Hnh 3-16: Cch xem bng Bo co trong System Monitor Cng nh cch dng th, cch xem bng Biu v Bo co u cp nht cc gi tr ca bin m sau khong thi gian c nh c thit lp trong th General ca hp thoi System Properties. Nhc im chnh ca hai cch xem ny l chng khng hin th gi tr trc ca cc bin m, ch hin th gi tr hin ti. Mi ln ly mu mi s ghi gi tr trc trn mn hnh hin th, khng ging nh kiu th dng ng hin th c cc gi tr trc . Thm cc bin m (counter). Ba Bin m Hiu nng xut hin trong System Monitor theo mc nh l cc thc o rt hu ch cho hiu nng my tnh, tuy nhin cc snap-in cn bao gm hng t cc bin m khc m bn c th thm vo khung hin th. thm cc bin m vo trong khung Chi tit ca System Monitor, nhn vo phm Add trn thanh cng c hoc nhn Ctrl+I hin th hp thoi Add Counters (Th hin trn Hnh 3-17)
Hnh 3-17: Hp thoi Add counter LU . Truy cp cc chc nng ca System Monitor. Khng ging nh cc snap-in MMC khc, System Monitor khng thm cc chc nng thng xuyn s dng ca n vo trong thc n Action ca bng iu khin. Cch duy nht truy cp vo cc chc nng ca System Monitor l s dng thanh cng c, kt hp vi cc phm tt v thc n ng cnh xut hin khi bn nhn phi chut vo khung hin th. Trong hp thoi ny, bn phi ch r bn mc thng tin sau y thm mt bin m vo khung hin th. Computer (My tnh). Tn ca my tnh bn mun gim st bin m chn. Khng ging nh cc snap-in MMC khc, bn khng th chuyn hng ton b vic theo di ca System Monitor vo mt my tnh khc trn mng cng lc. Thay vo , bn phi ch r tn my tnh cho mi bin m m bn thm vo khung hin th. iu ny cho php bn to ra mt khung hin th th hin cc bin m cho cc my tnh khc nhau trong mng, v d mt th n hin th cc hot ng ca b vi x l ca tt c cc my tnh trn mng. Performance object (i tng cn o hiu nng). L vic phn loi i tng th hin cc thnh phn phn cng v phn mm ring QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -119-
GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003 bit trong my tnh. Mi i tng cn o hiu nng ny cha mt s cc Bin m Hiu nng lin quan n cc thnh phn Performance counters (Bin m hiu nng). Mt bin s th hin mt kha cnh c bit no trong cc hot ng ca cc Performance object. Instance (Trng hp ring): Mt phn t th hin mt trng hp ring nht nh ca Bin m Hiu nng chn. V d, trn mt my tnh c hai giao tip mng, mi bin m trong i tng cn o hiu nng Giao tip Mng s c hai instance, mi instance cho mt Giao tip, cho php bn theo di hiu nng ca mi cc mng ring bit. Mt s bin m cng c mt s instance nh Tng s hoc Trung bnh, cho php bn theo di hiu nng ca tt c mi instance kt hp li hoc gi tr trung bnh ca cc instance. Khi bn xc nh tn mt my tnh, mt i tng cn o hiu nng, mt bin m hiu nng v instance ca i tng , nhn vo Add thm bin m ny vo khung hin th. Hp thoi vn cn m cho bn c th thm vo nhiu bin m khc na. Nhn Close khi bn hon thnh cng vic thm bin m hiu nng. LU : Hiu cc bin m. Nhn vo phm Explain s m ra mt hp thng bo Explain Text cha m t chi tit v Bin m Hiu nng m bn la chn. Cc Perfomance Object, Perfomance counter, v cc instance xut hin trong hp thoi Add Counter ty thuc vo cu hnh phn cng ca my tnh, phn mm trn my tnh v vai tr ca my tnh trong mng. V d, vic ci t dch v DNS Server trn my tnh s thm vo i tng cn o Hiu nng DNS, i tng ny cha mt lot cc bin m bn theo di cc hot ng ca my ch DNS. To cch hin th hiu qu nht. Trong hu ht cc trng hp, khi ngi dng ln u tin khm ph snap-in System Monitor, h s lng tng khi nhn thy hng trm bin m hiu nng sn sng s dng v h c th to ra mt th cha hng t cc bin m khc nhau. S lng ca cc bin m bn c th hin th mt cch hiu qu ph thuc vo kch thc ca mn hnh v phn gii ca cc mn hnh. Bn nn quan tm n cc li khuyn sau y khi la chn cc bin m: QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -120-
GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003 Gii hn s lng ca cc bin m. Qu nhiu bin m s dn ti khung ha tr nn kh hiu ng thi lm gim ng k hiu nng ca h thng. hin th mt lng ln cc thng s thng k, bn c th hin th nhiu mn hnh ca s trong bng iu khin v la chn cc bin m khc nhau trong mi ca s, hoc s dng cch xem Biu hoc Bo co hin th mt s lng ln cc bin m trong mt nh dng hiu qu hn (ng ngha vi vic bn s phi hi lng khi khng xem c cc gi tr trc nh cch xem trong th) Chnh sa thuc tnh hin th ca bin m. Ty thuc vo kch thc v kh nng ca mn hnh ca bn, mu mc nh v rng ca cc ng s dng trong th ca System Monitor c th gy kh khn khi phn bit cc bin m. Trong th Data ca hp thoi System Monitor Properties ca mi bin m, bn c th chnh sa mu sc, kiu v rng ca ng th hin bin m trong th d dng phn bit vi cc bin m khc. La chn bin m vi cc gi tr c th so snh c. System Monitor chp nhn khng gii hn s kt hp ca ca cc bin m bn la chn trong mt th n, tuy nhin mt s thng s thng k s khng th hin th cng vi nhau bi v cc gi tr ca chng khc hn nhau. Khi mt th cha mt bin m c gi tr in hnh l di 20 v mt bin m khc c gi tr in hnh l hng trm, rt kh c th sp xp hin th cc gi tr ny ta c th c c c hai bin m cng lc. La chn cc bin m c gi tr khc nhau khng ng k bn c th hin th cc gi tr cho d c. Hn na, nu bn mun hin th cc bin m vi cc khong gi tr khc nhau, bn c th s dng cch xem bng Bo co thay cho cch xem bng th. Lu Bng iu khin System Monitor Khi bn hi lng vi cch hin th m bn to ra, bn c th lu n li nh mt file bng cch chn Save as t thc n File v ch ra tn ca file vi phn m rng .msc. Np bng iu khin t file ny s m Performance console v hin th snap-in System Monitor, vi tt c cc bin m v cc thuc tnh hin th m bn cu hnh trc khi lu n li.
Gim st hiu nng ca my ch.

Khi bn hiu cch s dng System Monitor, bc tip theo l quyt nh bin m no trong hng trm bin m hiu nng m bn s dng gim st hiu nng my tnh hiu qu nht. Hin nhin l khng th c mt cu tr li n gin cho vn trn trong mi trng hp. C th, bn s mun to ra vi bng iu khin gim st cc kha cnh khc nhau ca hiu nng my ch hoc cng mt kha cnh nhng trn nhiu my ch khc nhau. Phng php thc hnh tt nht l to ra mt chin lc gim st my ch ngay sau khi my ch ny c ci t v cu hnh y . Theo cch ny, bn c th thit lp mt ng c s hiu nng (baseline) cho my ch trong cc trng thi hiu nng lc s dng thng thng, lc ngh v lc lm vic ti mc nh. Khi c s c xy ra trong cc ln gim st sau , vic o li ln na gi tr ng c s ny c th gip bn tm ra gii php cho vic gii quyt s c. LU : Tng mc ti khi gim st. Cn nh rng trong mt s trng hp, mc hiu nng o c bi System Monitor bao gm c ti nguyn s dng bi chnh tin trnh o ny. V d, snap-in System Monitor s dng mt s ti nguyn ca b nh v thi gian ca CPU ging nh bt k chng trnh no khc, v nu bn ang gim st cc bin m trn my tnh khc, tin trnh ny c th gy ra mt s ti lu thng mng nht nh. Cn phi tnh n cc yu t thm vo ny khi bn phn tch kt qu ca System Monitor L do chnh ca vic gim st hiu nng my ch s dng System Monitor l m bo cc ng dng chy trn my ch hot ng tt v pht hin ra hin tng nghn c chai nh hng n hiu sut hot ng ca my tnh. Vic cc qun tr h thng phi i mt vi cc vn s c hiu nng my tnh l rt bnh thng v khng th ngay lp tc qui cho mt nguyn nhn c th no v d nh vic trc trc ca mt dch v no . Ngi dng c th phn nn v vic my ch chm trong khong thi gian no trong ngy hoc hiu nng gim dn sau mt khong thi gian tnh bng tun hoc thng. Khi iu ny xy ra, mt trong nhng nguyn nhn l hin tng nghn c chai ti u trong ng truyn mng gia my khch v d liu trn my ch m ngi dng cn s dng. Hin tng nghn c chai (Bottleneck) xy ra khi mt thnh phn no khng cung cp mt mc hiu nng chp nhn c so vi hiu nng ca cc thnh phn khc trong h thng. V d ngi dng c th phn nn rng hiu nng my ch file ca h rt chm v bn c th mt nhiu thi gian v QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -122-
GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003 tin bc nng cp mng LAN ca bn t 10Base-T thnh 100Base-TX, hy vng c th ci thin c tnh hnh. Tuy nhin nu my ch ca bn l mt my ch c s dng cc b vi x l Pentium thi u, s ci thin l khng ng k bi v rt c th l do b vi x l my ch, ch khng phi cng ngh mng LAN, l nguyn nhn ca hin tng nghn c chai. Mi thnh phn khc c th chy tt nhng b vi x l khng th x l kp vi lung d liu do h thng mng mi v nhanh cung cp c. LU : Mc ch ca k thi. Mc ch ca k thi 70-290 l hc vin phi c kh nng gim st hin tng nghn c chai phn cng my ch v gim st v ti u mi trng my ch cho hiu nng ca ng dng bng cch gim st cc i tng cn o Hiu nng nh b nh, mng, b vi x l v a cng. Hin tng nghn c chai c th xut hin do rt nhiu nguyn nhn nh sau: Tng mc ti trn my ch. Mt my ch c th hot ng tt trong mt vai tr c th no lc u, tuy nhin sau khi bn tng mc ti ca my ch bng cch thm vo nhiu ngi dng v nhiu tc v, c th nhn thy cc phn t trong my ch khng hot ng tt nh trc na. V d mt my ch Web c th l dng cho Web site ca cng ty trong giai on u, tuy nhin sau khi cng ty gii thiu thm nhiu sn phm v lu lng d liu n site tng ln gp 3 ln. t nhin bn nhn thy hiu nng ca a trn my ch Web l khng p ng cc lu lng d liu tng ny. Li Phn cng. Li Phn cng khng phi lc no cng gy ra vic ngng hot ng nghim trng ca h thng. Mt phn t no c th hot ng khng ng chc nng mt cch khng lin tc trong mt khong thi gian di, gy nn vic gim hiu nng ca my ch mt cch kh chu. V d li cp mng kt ni my ch n thit b switch/hub c th gy nn vic lu thng mng thng thong b ngt v lm gim hiu nng ca my ch. Thay i vai tr ca my ch. Cc ng dng khc nhau yu cu cc ti nguyn khc nhau. Bn c mt my tnh thc hin chc nng ca mt my ch Web, tuy nhin khi bn thay i vai tr ca my ch ny thnh my ch CSDL, bn c th thy b vi x l hot ng khng nhanh chu mc ti ca ng dng mi trn n. Vic xc ddinhj v tr nghn c chai gy ra vic gim hiu nng h thng l mt nhim v rt phc tp, nhng gim st cc Bin m Hiu nng mt QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -123-
GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003 cch hp l trong System Monitor l mt cch tt bt u nhim v ny. Trong rt nhiu trng hp, nguyn nhn ca hin tng ny c th thu hp v bn phn h chnh lit k phn u ca chng (B vi x l, b nh, a cng v mng) Khi bn gim st cc mc hiu nng my ch, tt nht l nn bt u t trn xung di-c ngha l bn bt u vi vic gim st bao qut ton b cu hnh ca mi phn h xc nh mt phn h no c kh nng gy ra s c nht. Khi bn xc nh c vng gy s c tng qut, bn c th nhn su hn vo tng dch v v ng dng s dng phn h nhiu nht v thm ch xem c mc giao thc v lung nu cn. Thng thng, s c gy ra bi mt ng dng hoc thit b, hoc thiu ti nguyn trong h thng. Mt thit b n c th c cu hnh li hoc thay th v cc ti nguyn chung c th c tng cng (v d bng cch thm nhiu b nh RAM hoc thm b vi x l) mt cch thch hp. Cc mc sau y s tho lun v cc vn cn tm hiu v cc Bin m Hiu nng c s dng gim st mi phn h trong bn phn h trn. Gim st hiu nng ca b vi x l Mt mng cc b vi x l b trc trc hoc hot ng khng cng sut c th dn n vic my ch s a cc yu cu ca my khch vo hng i, ngn cn vic my ch p ng cc yu cu ca ngi dng mt cch nhanh chng. gim st tng quan phn h vi x l, s dng cc Bin m Hiu nng sau y: LU . Xc nh cc bin m. Cc bin m hiu nng trong phn ny v phn sau c vit theo nh dng sau: i tng cn o Hiu nng:bin m hiu nng Processor: % Processor time (Vi x l:% Thi gian x l). Cho bit phn trm thi gian m b vi x l bn. Gi tr ny cng thp cng tt v di 85% th coi l chp nhn c. Nu gi tr ny lun gi mc cao, bn phi xc nh tin trnh no chim qu nhiu thi gian x l, nng cp b vi x l hoc thm mt b vi x l khc nu c th System: Processor Queue Length (H thng: di hng i vi x l). Ch ra s lng cc lung chng trnh ang i c x l bi b vi x l. Gi tr ny cng thp cng tt, thng thng di 10 l c th chp nhn c. Nu gi tr ny lun gi mc cao, nng cp b vi x l hoc thm mt b vi x l khc. QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -124-
GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003 Server Work Queues: Queue Length (Hng i cng vic ca my ch: di hng i). Ch ra s lng yu cu ang nm i s dng mt b vi x l no . Gi tr ny cng thp cng tt v thng thng di 4 l chp nhn c. Nu gi tr ny lun gi mc cao, nng cp b vi x l hoc thm mt b vi x l khc. Processor: Interrupts/sec (B vi x l:Ngt/giy). Ch ra s lng cc ngt phn cng m vi x l phc v tnh theo giy. Gi tr ny c th bin i rt ln v c ngha ch trong mi tng quan vi mc ng c s c thit lp trc . Mt thit b phn cng sinh ra nhiu ngt c th c quyn chim b vi x l, ngn cn b vi x l phc v cc tc v khc. Nu gi tr ny tng mt cch nhanh chng, kim tra cc thnh phn phn cng khc nhau trong h thng xc nh thnh phn no sinh ra qu nhiu ngt. Gim st hiu nng b nh Mt b nh khng trong my ch c th khng cho my tnh lu m thng xuyn cc d liu cn thit, gy ra vic cc tin trnh phi da vo vic c a hn l c b nh v do lm gim tc ca ton h thng. B nh l mt phn h n quan trng nht cn phi gim st bi v cc s c trong b nh c th nh hng n tt c cc phn h khc. V d, khi tnh trng ca b nh gy ra qu nhiu thao tc phn trang n a, h thng trng c v nh c trc trc trong phn h lu tr trong khi thc t b nh l th phm Mt trong cc nguyn nhn thng thng c th gy ra cc trc trc lin quan n b nh l r r b nh (Memory leak). Vic r r b nh l kt qu ca vic mt chng trnh chim dng qu nhiu b nh m khng gii phng sau khi khng s dng na. Theo thi gian, cc b nh trng trong my tnh c th b chim dng hon ton, lm gim hiu nng h thng v cui cng lm dng h thng. Vic r r b nh c th rt nhanh, gy ra s suy gim ngay lp tc i vi hiu nng h thng, tuy nhin ta cng c th mt nhiu thi gian v rt kh khn pht hin ra chng, khi m vic gim hiu nng h thng ny din ra t t theo hng ngy hoc hng tun. Trong hu ht cc trng hp, s r r b nh c th gy ra bi cc ng dng ca cc hng th ba m h iu hnh cha tng bit n. gim st hiu nng c bn ca b nh, s dng cc bin m sau y: Memory: Page Faults/Sec (B nh:Li trang/giy). Ch ra s ln trn giy m on m hoc d liu cn x l khng tm thy trong b nh. Gi tr ny cng thp cng tt, thng thng di 5 l chp QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -125-
GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003 nhn c. Bin m ny bao gm c li nh (trong trang yu cu c th tm thy u trong b nh) v li nng (trong trang yu cu buc phi truy cp t a cng). Cc li nh sinh ra khng phi l mt vn ln, tuy nhin cc li nng c th gy ra tr ng k v truy cp a cng chm hn rt nhiu so vi truy cp b nh. Nu gi tr ny qu ln, bn nn kim tra xem h thng c ang phi chu qu nhiu li nng bng cch s dng Bin m Memory: Pages/Sec. Nu s lng li nng l qu nhiu, bn nn xem xt tin trnh no gy nn vic phn trang qu nhiu hoc ci t thm b nh RAM cho h thng. Memory: Pages/Sec (B nh:Trang /giy). Ch ra s lng trang d liu trn giy khng nm trong RAM v phi truy cp t a hoc phi ghi ln a to khng gian trng cho RAM. Gi tr ny cng thp cng tt v thng thng di 20 l c th chp nhn c. Nu gi tr ny qu cao, bn nn xem xt tin trnh no gy nn s phn trang qu nhiu hoc ci t thm RAM cho h thng. Memory: Available Bytes (B nh:Cc byte trng). Ch ra dung lng b nh vt l cn trng tnh theo Byte. (Cn c cc bin m khc hin th cng loi gi tr ny nhng c tnh theo kilobyte hoc megabyte). Gi tr ny cng cao cng tt v khng nn di 5% ca tng s b nh RAM trong h thng, vic b nh cn trng cn qu t c th l biu hin ca b nh ang b r r. Nu gi tr ny qu thp, xem xt vic thm RAM cho h thng. Memory: Committed Bytes (B nh: Cc Byte cam kt ). Cho bit dung lng b nh o c khong khng gian c d tr trn tp phn trang. Gi tr ny nn cng thp cng tt v nn lun gi thp hn dung lng RAM vt l c trong h thng. Gi tr ny qu ln cho thy c th c s r r b nh v bn nn xem xt vic thm RAM cho h thng Memory: Pool Non-Paged Bytes (B nh: cc byte ca vng khng phn trang). Cho bit kch thc ca vng trong b nh c s dng bi h iu hnh cho cc i tng m khng th ghi vo trong a. Gi tr ny nn l mt s n nh v khng tng trng khi khng c thm cc hot ng ca my ch. Nu gi tr ny tng theo thi gian, iu th hin c th h thng ang b r r b nh.
Gim st hiu nng a cng. QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -126-
GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003 Phn h a cng b qu ti khi c v ghi lnh c th lm gim t l my ch x l cc yu cu ca my khch. Cc a cng trong my ch cha mt lng ln cc d liu vt l hn bt k mt phn h no do phi p ng cc yu cu I/O ca rt nhiu my khch, u c a cng phi di chuyn lin tc ti cc v tr khc nhau trn vng a phng. K thut m u c di chuyn l rt nhanh, tuy nhin mt khi a t n tc c/ghi ti a, cc yu cu thm na c th bt u gy ra s chn p trong hng i x l. i vi l do ny, phn h lu tr l mt phn t cn quan tm hng u khi c nghn c chai. PhysicalDisk: Disk Bytes/sec (a vt l:Byte/giy). Cho bit s byte trung bnh c chuyn n hoc ra khi a trong mi giy. Gi tr ny nn tng ng vi mc thit lp trong ng c s ban u hoc cao hn. Vic gi tr ny gim i cho thy trc trc trong a cng thm ch c th l hng. Nu trng hp ny xy ra, xem xt vic nng cp phn h a lu tr. PhysicalDisk: Avg. Disk Bytes/Transfer (a vt l: byte trung bnh /Giao dch). Cho bit s byte trung bnh c chuyn vn trong qu trnh vn hnh c v ghi. Gi tr ny nn tng ng vi mc thit lp trong ng c s ban u hoc cao hn. Vic gi tr ny gim i cho thy trc trc trong a cng thm ch c th l hng. Nu trng hp ny xy ra, xem xt vic nng cp phn h a lu tr. PhysicalDisk: Current Disk Queue Length ( di hng i a hin ti). Cho bit s lng yu cu c hoc ghi a ang tn ng. Gi tr ny nn cng thp cng tt, vi mc thng thng thp hn 2 l c th chp nhn c trn 1 trc quay a. Gi tr bin m ny m ln c th cho thy a cng ang trc trc hoc n khng c kh nng p ng cc yu cu i vi n. Trong trng hp ny, bn nn xem xt vic nng cp phn h a lu tr PhysicalDisk: % Disk Time (a cng:Phn trm thi gian a). Cho bit phn trm thi gian m a cng bn. Gi tr ny cng thp cng tt v thng thng di 80% l chp nhn c. Gi tr ca bin m ny cao chng t rng hot ng ca a ang trc trc, hoc n khng c kh nng theo kp cc yu cu i vi n, hoc trc trc trong b nh gy nn vic phn trang a qu nhiu. Kim tra vic b nh r r hoc cc vn lin quan v nu khng c li no tm thy, bn nn xem xt vic nng cp phn h a lu tr. LogicalDisk: % Free Space (a logic:%a trng). Cho bit phn trm a trng trn a cng. Gi tr ny cng ln cng tt, thng QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -127-
GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003 thng ln hn 20% l chp nhn c. Nu gi tr ny qu thp, bn nn thm a cng. Hu ht cc s c trong phn h a cng, khi khng phi do phn cng trc trc gy ra, u dn n kt qu l phi nng cp h thng lu tr. Vic nng cp ny c th bao gm cc phng php sau y: Ci t cc a cng mi nhanh hn Ci t thm a cng v phn chia d liu trn cc a , gim truy cp I/O trn mi a Thay th cc a n bng cc dy a RAID (Redundant Array of Independent Disks Dy cc a c lp d tha) Thm nhiu a vo trong dy a RAID sn c Gim st hiu nng mng. Gim st hiu nng mng l nhim v phc tp hn rt nhiu vic gim st cc phn h khc bi v rt nhiu yu t bn ngoi my tnh c th nh hng n hiu nng mng. Bn c th s dng cc bin m sau y th xc nh nu nh mt s c mng xy ra, nhng nu bn nghi ng mt s c no , bn nn bt u tm kim nguyn nhn t ngoi my tnh ca bn trc Network Interface: Bytes Total/sec (Giao tip mng:Tng s Byte/giy). Cho bit s lng byte gi v nhn trn giy trn mt giao tip mng. Gi tr ny nn tng ng vi mc thip lp ti ng c s d kin ban u hoc cao hn. Gi tr ny gim chng t c trc trc trong thit b mng hoc s c khc trong mng. Network Interface: Output Queue Length (Giao tip mng: di hng i ra). Cho bit s lng gi tin i truyn i qua giao tip mng. Gi tr ny cng thp cng tt v c th l zero mc d gi tr l 2 hoc thp hn l c th chp nhn c. Nu gi tr ny l qu cao, giao tip mng c th b trc trc hoc c th tn ti s c mng khc. Server: Bytes Total/Sec (My ch: Tng s byte/giy). Cho bit tng s byte gi v nhn bi my ch trn tt c cc giao tip mng ca n. Gi tr ny nn khng qu 50% ca tng bng thng ca giao tip mng trong my ch. Nu gi tr ny qu cao, xem xt vic chuyn mt s ng dng sang my ch khc hoc nng cp sang mt mng nhanh hn. QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -128-
GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003 Bng thng ca cc kt ni mng gii hn lu lng n my ch thng qua cc giao tip mng. Nu gi tr ca cc bin m ny cho bit rng mng ang b nghn, c hai cch nng cp mng v khng c cch no l n gin c: Tng tc ca mng. iu ny c ngha l thay th tt c cc giao tip mng trong mi my tnh, hub, router v cc thit b khc trn mng v c th thay th c cp mng. Ci t thm thit b giao tip mng trong my ch v ti phn b li mng. Nu lu lng d liu thng xuyn lm ngp trn giao tip mng trn my ch, ch c mt cch tng cng bng thng mng m khng cn tng tc mng l ci t thm cc giao tip mng. Tuy nhin, vic kt ni thm cc giao tip trong cng mt mng s khng cho php ti c nhiu lu lng mng hn n my ch. Thay vo , bn phi to thm cc subnet (mng con) trn mng v ti phn b cc my tnh vo trong mng con , do s c t lu lng mng hn trong mi subnet. Gim st cc vai tr my ch Khi bn gim st hiu nng my ch v tm kim cc nghn c chai, iu quan trng l bn phi hiu s lin quan ca cc vai tr m my ch thc thi. Cc ng dng v dch v c cc yu cu khc nhau n ti nguyn h thng v chnh sch gim st ca bn cho mi my ch nn tp trung vo cc i tng cn o Hiu nng v cc Bin m Hiu nng ca cc ti nguyn nh hng ln nht n my ch . Bng 3-3 lit k mt s vai tr my ch thng dng, ti nguyn quan trng i vi mi vai tr v cc i tng cn o Hiu nng m bn nn gim st. Bng 3-3: Vai tr my ch v cc i tng cn gim st Vai tr my ch Ti nguyn s dng My ch ng B nh, mng v b dng vi x l My ch sao lu My ch CSDL B vi x l v mng Lu tr, mng v b vi x l Cc Performance Object cn gim st B nh, B vi x l, Giao tip mng v H thng H thng, My ch, B vi x l v Giao tip mng a vt l, a logic, B vi x l, Giao tip mng v H thng
GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003 B nh, B vi x l, H thng, Giao tip mng, cc i tng giao thc (ph thuc vo mng nhng c th bao gm TCPv4, UDPv4, ICMP, IPv4, Kt ni NBT, NWLink IPX, NWLink IPX, NWLink NetBIOS, v NWLink SPX), a vt l v a logic B nh, Giao tip mng, a vt l, a logic v Hng i my in
My ch qun tr B nh, b vi x l, min mng v a
My ch file v in n My ch Mail/Truyn tin My ch Web
B nh, a v cc phn t mng
b vi x l, a, mng B nh, Cache, B vi x l, H thng, v b nh a vt l, Giao tip mng v a logic Cache trn a v cc phn t mng Cache, Giao tip mng, a vt l v a logic
S dng Performance Logs and Alerts

Mc d snap-in System Monitor l rt hu ch tuy nhin rt t qun tr mng c thi gian hay s thch ngi xem cc th dng ng trn mn hnh ha tm cc du hiu s c trn my ch ca h. Performance Logs and Alerts (Nht k v Cnh bo Hiu nng) lm gim thiu c nhu cu lm vic . Performance Logs and Alerts l mt snap-in trong MMC cung cp kh nng gim st bng nht k s dng cc i tng cn o Hiu nng v Bin m Hiu nng ging nh System Monitor s dng. Vi snap-in ny, bn c th thu thp cc d liu hiu nng t ng t cc my tnh ni b v xa, lu n trong cc nh dng khc nhau v to ra cc cnh bo khi mt bin m c bit no t n mc ngng xc nh. Khi bn la chn snap-in Performance Logs And Alerts trong bng iu khin Hiu nng (Performance console), bn c th thy ba tiu ph nh sau: Counter Logs (Nht k cc bin m). Cho php Performance console chp cc thng s thng k cho cc bin m nht nh vo mt file nht k ti cc thi im xc nh v u n sau mt khong thi gian c nh Trace Logs (Nht k theo di). Cho php Performance console ghi li cc thng tin v cc ng dng h thng khi mt s kin no xy ra, v d nh li hot ng I/O ca a hoc li phn trang b nh. Alerts (Cnh bo). Cho php Performance console gim st gi tr ca mt bin m nht nh no theo cc khong thi gian lp v QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -130-
GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003 thc hin mt hnh ng xc nh khi bin m t n gi tr gii hn no . Mt trong nhng li ch chnh ca Performance Logs and Alerts l cho php bn chp cc thng tin v hiu nng ca cc bin m nghin cu v sau. Snap-in ny h tr rt nhiu nh dng file cho php bn lu cc thng tin chp c vo cc chng trnh bng v CSDL. Bn c th s dng nht k cc bin m thit lp mt ng c s cho hiu nng h thng v sau u n kim tra cc nht k ny xem sai lch so vi ng c s chun l bao nhiu. Bn cn c th to ra cc cnh bo bo ng cho bn bit khi tnh trng mng sai lch qu nhiu so vi trng thi thng thng. LU : Ghi nht k t ng. Performance Logs and Alerts chy nh mt dch v, iu ny c ngha l bn c th cu hnh snap-in ny gim st cc bin m hiu nng nht nh. Dch v ny s c np trong qu trnh h thng khi ng v tip tc hot ng thm ch c khi khng c ngi dng no ng nhp vo h thng. To ra cc counter log (Nht k bin m): to ra cc nht k bin m trong snap-in Performance Logs and Alerts, bn c th la chn i tng Counter Logs trong khung Phm vi v la chn New Log Settings t thc n Action. Sau khi bn nhp vo tn ca nht k mi, bn s thy mt hp thoi (Th hin trong Hnh 3-18) trong bn nhp vo cc thng tin sau y: Cc Performance objects v Performance counters. Bn s chn cc Performance objects v Performance counters v c giao din ging nh khi bn s dng System Monitor. Sample Interval (Thi gian lp ly mu). Thi gian lp m ti snap-in ny s ghi vo nht k gi tr ca bin m bn la chn. Lu rng thi gian lp ly mu m ngn s cho ra file nht k ln v ng thi h thng s phi lm vic nhiu hn. Gi tr chn nn ty thuc vo thi gian bn m d nh ghi nht k cho bin m l bao lu. Run as credentials (Cc thng s ng nhp Run as). Tn ngi dng v mt khu m dch v Performance Logs and Alerts s dng ng nhp vo h thng trc khi chp cc thng tin vo trong nht k bin m.
GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003 Log file type (Kiu file nht k). nh dng file nht k m bn mun s dng cho nht k bin m v th mc m bn mun lu. Bn c th lu nht k ny nh mt file vn bn c phn cch cc trng d liu bng du phy hoc du cch (tab), mt file nh phn dng thng thng hoc dng lp vng (c th xem trong System Monitor), hoc mt file CSDL trong SQL. Bn cn c th ch ra kch thc ti a ca file nht k v cch to tn ca file t ng. LU : S dng file lp vng. Mt file lp vng nh phn l file trong snap-in lin lc ghi cc thng tin vo cng mt file v ghi cc d liu c nht m n tng ghi trc . Scheduling information (Cc thng tin lp lch). Bn c th cu hnh nht k bin m khi ng v dng ti cc thi im ngy v gi xc nh hoc bn c th la chn khi ng hoc dng qu trnh ghi nht k mt cch th cng t snap-in. Close Command (Lnh khi ng). Cho php bn ch nh lnh m snap-in phi chy khi file nht k c ng li.
Hnh 3-18: Hp thoi cu hnh nht k bin m (Counter Log) QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -132-
GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003 Khi bn cu hnh nht k bin m, n xut hin trong khung Phm vi ca snap-in vi mt biu tng, mu ca biu tng th hin trng thi hin ti ca nht k. Mt biu tng mu c ngha l ang dng v mu xanh c ngha l ang chy.
To ra mt Trace log. Qu trnh to ra mt trace log (Nht k Theo di) tng t nh qu trnh to ra mt nht k bin m, ngoi tr vic thay v la chn performance counters, bn li la chn cc s kin h thng (System events) m bn mun gim st, s dng giao din trong Hnh 3-19.
Hnh 3-19: Hp thoi cu hnh trace log Xem nht k bin m (counter log). QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -133-
GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003 Khi bn la chn lu mt nht k bin m thnh mt file nh phn, n s xut hin trong th mc ch nh mt file c phn m rng .blg. m mt trong cc file ny v xem ni dung ca n, bn vo snap-in System Monitor v nhn vo thanh cng c View Log Data hoc nhn Ctrl+L. Trong hp thoi System Monitor Properties (Th hin trong Hnh 3-20), bn phi cu hnh cc thnh phn sau y: Ngun d liu. Trong Th Source, nhn vo ty chn Log Files v la chn file nht k m bn mun hin th. Khong thi gian. Trong th Source, nhn vo phm Time Range hin th mt thanh trt cha khong thi gian m d liu c chp vo trong nht k. Bn c th s dng thanh trt ny la chn tt c hoc mt phn ca nht k hin th. Bin m. Trong th Data, nhn vo Add v la chn cc bin m m bn mun hin th. Trong trng hp ny, hp thoi Add Counter ch cha cc i tng cn o Hiu nng v Bin m Hiu nng m bn tng chn ghi li trong nht k.
GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003 Hnh 3-20: Hp thoi System Monitor Properties c cu hnh hin th mt file nht k Khi bn nhn vo OK ng hp thoi ny li, th dng ng trong System Monitor hin th cc d liu c ghi trong nht k. Bn c th thc hin thao tc cu hnh cch hin th trong th cng ging nh cch m bn lm khi mn hnh hin th cc hot ng hin ti trong h thng.
To cc Alerts (Cnh bo) Chc nng cnh bo cho php my tnh chy Windows Server 2003 thng bo cho bn khi mc hiu nng h thng t n gi tr ngng xc nh. to cc cnh bo, bn la chn i tng Alerts trong khung Phm vi ca snap-in Performance Logs and Alerts v la chn New Alert Setting t thc n Action hin th hp thoi (Th hin trong Hnh 3-21) trong bn s nhp vo cc thng tin sau y: Counters (bin m). Cc performance object v cc performance counter m bn c th la chn cnh bo, v giao din m bn s dng la chn chng ging nh trong System Monitor Gi tr gii hn ca bin m. i vi mi bin m bn la chn, bn phi ch ra mt gi tr gii hn v liu bn mun cnh bo ny s c kch hot khi gi tr ca bin m ny thp hn hay cao hn gii hn. Qung ngt ly mu. Thi gian lp m theo snap-in s thu thp gi tr ca bin m m bn la chn Cc thng s ng nhp Run as. Tn ngi dng v mt khu m dch v Performance Logs and Alerts s dng ng nhp vo h thng trc khi gim st cc bin m c la chn. Hnh ng (Action). Hnh ng m bn mun snap-in thc hin khi mt trong cc bin m la chn ca bn t n gi tr gii hn. Snap-in c th to ra mt mc trong nht k s kin, gi mt thng bo qua mng n ngi dng xc nh no , bt u ghi cc d liu hiu nng ca bin m vo nht k hoc chy mt chng trnh hoc dng lnh no .
GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003 Cc thng tin lp lch. Bn c th cu hnh snap-in khi ng v dng khi gim st cc bin m la chn ti cc thi im ngy gi c th hoc bn c th la chn khi ng hoc dng tin trnh gim st th cng t snap-in.
Hnh 3-21: Hp thoi cu hnh cnh bo
TNG KT
Event Viewer l mt snap-in MMC hin th cc nht k oc my tnh duy tr. Mi my tnh Windows Server 2003 u c cc nht k ng dng, Bo mt v H thng; my ch qun tr min cn c thm hai nht k cho Dch v Th mc v Dch v ng b File v my ch DNS cn c thm nht k cho dch v DNS Server. Mi mc vo ca nht k s kin c th cha cc thng tin, cnh bo, thng bo li hoc kt qu kim nh. Task Manager hin th cc d liu v hiu nng theo thi gian thc ca b vi x l, b nh my tnh, lit k cc ng dng v tin trnh chy trong my tnh, cc thng tin v mng v ngi dng. Bn c th ng thi s dng Task Manager dng mt ng dng v tin trnh, thit lp mc u tin hoc ngt ngi dng khi kt ni ti my tnh ang theo di. Performance console cha hai snap-in: System Monitor v Performance Logs and Alerts System Monitor hin th cc d liu v hiu nng theo thi gian thc ca cc thnh phn phn cng v phn mm trong h thng, s dng cc cch xem kiu th, Biu v Bo co gim st thng tin thng k v mt h thng no bng System Monitor, bn la chn mt performance object th hin mt phn t xc nh, mi performance counter th hin mt kha cnh xc nh ca i tng la chn, hoc trong mt s trng hp l ca mt trng hp ring (instance) ca i tng la chn. Performance Logs and Alerts ghi cc thng tin v hiu nng ca cc bin m vo nht k v cc s kin ca h iu hnh theo di cc nht k ny theo cc chu k thi gian c lp lch trc, cho php bn chp c mt s ln cc mu d liu kim tra sau ny. Performance Logs and Alerts cn c th gim st cc bin m xc nh v thc hin mt hnh ng no khi gi tr ca cc bin m ny t n mt mc ngng xc nh.
BI TP THC HNH
Bi tp thc hnh 3-1: S dng Event Viewer
Trong bi tp thc hnh ny, bn s dng bng iu khin Event Viewer kim tra nht k H thng ca my tnh. 1. ng nhp vo my tnh vi ti khon Administrator. 2. Nhn Start, tr vo Administrative Tools v nhn vo Event Viewer. Bng iu khin Event Viewer xut hin 3. Trong khung Phm vi ca bng iu khin, nhn vo i tng System. Mt danh sch cc mc nht k h thng hin ln trong khung Chi tit 4. Nhn p vo mt trong nhng mc trong khung Chi tit hin th hp thoi Event Properties
Bi tp thc hnh 3-2: S dng Task Manager

Trong bi tp thc hnh ny, bn s dng Task Manager khi ng mt ng dng v nhn bit cc tin trnh 1. ng nhp vo my tnh vi ti khon Administrator 2. Nhn phi chut vo vng trng trong thanh tc v v la chn Task Manager t thc n ng cnh. Ca s Windows Task Manager xut hin. 3. Trong th Applications, nhn vo New task. Nhp vo notepad v nhn OK. Mt ca s son tho vn bn Untitled-Notepad hin ra v mt mc Untitled-Notepad xut hin trong th Applications ca Task Manager 4. Trong th Applications ca Task Manager, nhn phi chut vo mc Untitled-Notepad v la chn Go to Process t thc n ng cnh. Task Manager chuyn sang th Process vi tin trnh Notepad c t sng.
Bi tp thc hnh 3-3: To mt Bng iu khin System Monitor

Trong bi tp thc hnh ny, bn s to mt bng iu khin System Monitor mi 1. ng nhp vo my tnh vi ti khon Administrator QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -138-
GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003 2. Nhn Start, tr vo Administrative Tools v nhn vo Performance. Bng iu khin Performance xut hin 3. Trong khung khung Chi tit, nhn vo phm Add trong thanh cng c. Hp thoi Add xut hin 4. i tng Processor c la chn nh mc nh, nhn vo bin m % Idle Time v sau nhn Add. Sau thm vo cc bin m % Interrupt Time v Interrupts/Sec theo cch trn v nhn Close. 5. T thc n File, la chn Save as. Hp thoi Save as xut hin 6. Lu bng iu khin li vi tn l procmon.msc.
CC CU HI N TP
1. Bn khng mun d liu trong nht k Bo mt b ghi , tuy nhin bn cng khng mun my tnh ca bn ngng giao tip vi mng bt k lc no. Thit lp no m bn nn cu hnh trong my ch ? 2. Mc ch ca bn l gim st tt c cc my ch ca mnh chng c th c chng phn mnh u n theo lch sp xp sao cho hiu qu nht. Chng trnh chng phn mnh a m bn mun s dng yu cu ti thiu 20% dung lng a cng trong mi a thc hin tt nhim v. Bn nn lm g ? 3. My tnh m bn s dng gim st cc h thng khc trong mng ang qu ti vi nhim v ny, do bn mun gim nh mc ti cho n. Bn nn lm g gim nh mc ti ca nhim v gim st trong khi duy tr cc d liu gim st mc ti a c th ? 4. Bn ang chy mt ng dng CSDL trn my tnh vi hai b vi x l. Bn mun ng dng CSDL ny chy trn b vi x l th hai. Lm th no bn c th s dng Task Manager thc hin vic ny? 5. Mnh no sau y l ng nu System Monitor hin th gi tr ca bin m PhysicalDisk:Current Disk Queue Length ln hn 2 trong mt h thng a khng phi l RAID ? a. Bn cn nhiu khng gian a cng hn b. Bn cn a cng nhanh hn c. Bn cn thng tin thm xc nh liu a c vn g khng? d. Bn gp trc trc vi b nh, khng phi vi a cng . QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -139-
GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003 6. Cc nht k no sau y c th s dng Event Viewer xem trn mt my ch thnh vin c chc nng my ch ng dng (Chn tt c cc cu tr li ng) ? a. ng dng b. Dch v th mc c. H thng d. Bo mt e. Dch v ng b file 7. Ti sao mt s cc Bin m Hiu nng trong System Monitor li c nhiu trng hp ring (instance) khc nhau ? 8. Hai cch cha phn h a lu tr b nghn c chai trong phn hiu nng my ch?
CC KCH BN TNH HUNG

Kch bn 3-1: Pht hin trng hp nghn c chai
Bn l qun tr mng cho cng ty cng ngh cao Fabrikam, Inc., cng ty gn y k kt c mt hp ng li nhun cao vi chnh ph. Kt qu ca hp ng ny l cng ty s phi tri qua qu trnh m rng din ra trong 12 thng ti. S lng ngi dng truy cp vo CSDL my khch ca cng ty d kin l gp i v Gim c IT ch th cho bn xc nh liu my ch CSDL ca cng ty, vi cu hnh hin ti ca n, c th p ng c nhu cu tng mc ti theo d tnh khng, v nu khng th s phi nng cp ci g. hon thnh nhim v ny, hnh ng u tin ca bn l trin khai mt k hoch gim st my ch xem c nghn c chai hay khng. Bc u tin ca k hoch ny, bn thit lp mt ng c s bng cch s dng snap-in Performance Logs and Alerts to ra mt nht k bin m theo di gi tr ca cc bin m quan trng ca cc i tng cn o Hiu nng nh b vi x l, b nh, a vt l v giao tip mng. Sau khi thit lp cc gi tr cho cc bin m ny trong qu trng thi hot ng thng thng, bn phi lm g tip theo cu hnh Performance console pht hin ra s nghn c chai ? a. cc nht k hiu nng ny chy ton thi gian v kim tra gi tr ca cc bin m ny theo cc khong thi gian lp u n. QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 -140-
GIM ST H IU HNH MICROSOFT WINDOWS SERVER 2003 b. S dng System Monitor, to ra th ca cng cc bin m trn v cu hnh snap-in to ra mt cnh bo bng m thanh khi bt k gi tr ca mt bin m no vt qu mc ngng ti a. c. Trong snap-in Performance Logs And Alerts, to ra mt lot cc cnh bo gi thng bo n my trm ca bn khi bt k gi tr ca bin m no vt qu mt mc xc nh. d. Trong snap-in Performance Logs And Alerts, to ra mt trace log s dng cng cc bin m nh khi xc nh ng c s.
Kch bn 3-2: Loi b nghn c chai

Bn l qun tr mng dc giao nhim v xc nh ti sao my ch file v in n chy Windows Server 2003 trong mt mng LAN li hot ng km. Bn cng ng thi phi trin khai cch gii quyt trng hp ny. Sau khi gim st cc Bin m Hiu nng trong my ch bng cch s dng Performance console, bn xc nh c rng h thng mng gy nghn lm gim hiu sut hot ng ca my ch. Gii php no sau y s cho php bn t c mc tiu tng cng mc hiu nng ca my ch file v in n ny? a) Ci t thm mt thit b giao tip mng trong my ch ny v kt ni n vi cng mng ca giao tip cn li. b) Tng tc ca mng bng cch thay th cc giao tip mng 10BaseT trong cc my tnh trn mng v thit b hub m cc my tnh kt ni n bng cc thit b c tc 100Base-TX c) Phn chia mng thnh 2 mng LAN ring bit vi s lng my tnh ngang nhau trong mi mng. Sau ci t mt thit b giao tip mng th hai trong my ch file v in n v kt ni my ch n c hai mng LAN ny d) Thay th cc thit b giao tip mng trong my ch file v in n ny bng mt thit b c b nh m ln hn.
SAO LU V PHC HI D LIU
CHNG 4: SAO LU V PHC HI D LIU

S so snh tng ng thng dng nht c s dng m t mi lin h gia mt a trong a cng (ni lu tr d liu) v u c ca n ( c v ghi d liu ln a) l hnh nh mt chic my bay dn dng 747 loi ln bay vi tc 600 dm mt gi trn cao 5 feet so vi mt t. Khi bn quan tm n iu ny, bn s tht s kinh ngc khi a cng c kh nng lm vic tt v lu c nh th. Mt ngy no , bn rt c th b mt mt a cng cha cc d liu rt quan trng. iu ny c th cha xy ra ngay ngy hm ny hoc ngy mai, tuy nhin cng c th n s n vo mt ngy no . Cc a cng ny c th b ly trm cng vi my tnh, b ph hy bi chy nh hoc cc thm ha khc, hoc n gin l n b hng. V cho d ti bt k nguyn nhn g, d liu ca bn cng s b mt v vic c ly li c d liu hay khng l ty thuc vo bn. Ngy xy ra chuyn l ngy bn s phi cm n chnh mnh v tt c nhng n lc ca bn khi thit lp chin lc sao lu cho h thng. Nu bn khng c mt chin lc sao lu ng n, rt c th mt ngy no bn phi bt u cng vic bng cch vit s yu l lch xin vic. Thc hin vic sao lu u n l mt trong nhng chc nng c bn nht ca qun tr mng v qun tr h thng. Khng ging nh hu ht cc thnh phn khc trong my tnh, a cng c mt b phn chuyn ng vi tc cao, lm vic vi mt dung sai rt nh. V kt qu a cng hng l mt iu kh thng thng, v bn phi chun b cho iu bng cch u n sao lu d liu ca mnh trn cc phng tin lu tr khc. Sau khi hon thnh chng ny, bn c th: M t cc kiu phn cng khc nhau s dng sao lu. Hiu bit v kh nng ca cc phn mm sao lu mng. Hiu bit s khc nhau gia cc tc v sao lu full (Ton b), sao lu incremental (Tng ln) v sao lu differential (Sai khc). Lit k cc kh nng ca chng trnh Microsoft Windows Server 2003 Backup Sao lu v khi phc CSDL ca Active Directory S dng volume shadow copies (Cc bn sao ca a) QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 142
HIU BIT V SAO LU

Nhim v sao lu n gin l sao chp d liu ca bn mt cch u n nu nh thit b lu tr ca bn b h hng hoc ph hy v d liu trn b mt, bn c th khi phc li cc d liu ny mt cch kp thi. Sao lu l mt tiu chun nh gi kh nng chng li c bn. Thm ch nu nh bn c cc cng ngh lu tr khc cung cp kh nng chng li, v d nh h thng a RAID hoc cm my ch cluster, bn vn cn phi c mt gii php sao lu cho mnh. H thng mng lm cho tc v sao lu u n tr nn va phc tp va n gin. Mt chin lc sao lu cho mt my tnh n bao gm vic ci t mt thit b sao lu trong h thng. Qu trnh sao lu mng s phc tp hn bi v bn c d liu lu trn nhiu my tnh cn bo v v vic ci t mt thit b sao lu trn mi my l khng thc t. Tuy vy, qu trnh sao lu mng li n gin bi thc t bn c th s dng mng truy cp n cc my ch cn sao lu, iu ny cho php bn s dng mt thit b sao lu bo v rt nhiu my tnh. Mt chin lc sao lu s phi ch ra d liu no cn sao lu, sao lu theo tn sut nh th no v phng tin lu tr no m bn s dng lu cc d liu sao lu. Quyt nh ca bn ty thuc vo phn cng v phn mm sao lu ng thi cc chnh sch qun tr m bn s dng, ty thuc vo dung lng d liu m bn phi sao lu, thi gian bn sao lu v mc bo v m bn mun p dng. Mt gii php sao lu mng bao gm hai thnh phn sau y: Mt hoc nhiu thit b sao lu Sn phm phn mm sao lu Mt k hoch sao lu hiu qu phi ch ra cch tn dng cc kh nng ca hai thnh phn trn cung cp mc bo v m doanh nghip cn. Tiu chun m bn nn s dng khi nh gi cc sn phm phn cng v phn mm sao lu s c bn lun trong cc phn sau. LU . Mc ch ca k thi. Mc ch ca k thi 70-290 l hc vin phi c kh nng qun l cc tc v sao lu
Phn cng sao lu

Bn c th sao lu bng bt k loi thit b lu tr no, mc d thng thng ngi ta hay dng cc thit b s dng cc phng tin lu tr c QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 143
SAO LU V PHC HI D LIU kh nng tho ri. Ba tiu ch quan trng nht nh gi cc thit b phn cng sao lu l: Dung lng. Mt trong nhng mc ch chnh ca vic pht trin mt chin lc sao lu hiu qu l t ng ha qu trnh sao lu cng nhiu cng tt. Mc d bn c th sao lu hng gigabyte d liu trn cc a mm 1.44MB, tuy nhin chc bn khng mun phi ngi lin tc nht 712 chic a mm vo a. Do , bn nn la chn mt thit b c kh nng lu tr d liu nhiu nht c th m khng cn phi thay th cc phng tin lu tr. Trng hp l tng nht l mt phng tin lu tr v khi ton b tc v sao lu c th lu va trong mt cun bng t n hoc cc phng tin lu tr khc. iu ny cho php bn c th lp lch sao lu v chy hon ton t ng m khng cn can thip. Tuy nhin iu ny khng c ngha l bn phi mua mt thit b lu tr c th cha ton b d liu ca tt c cc my tnh trong mng ca bn. Bn c th la chn cn thn d liu no m bn mun sao lu. V vy cho nn vic xc nh dung lng d liu cn bo v v tn sut bao lu l iu rt quan trng trc khi bn quyt nh dung lng ca thit b lu tr. Tc . Mt trong nhng tiu ch quan trng khc khi bn la chn mt thit b sao lu l tc m thit b ny c th ghi d liu ln cc phng tin lu tr. Cc thit b lu tr c th hot ng vi rt nhiu tc khc nhau v tht khng ngc nhin khi thit b nhanh nht thng thng cng s t nht. Mt tc v sao lu in hnh s chy khi h thng mng ang khng s dng, iu ny m bo mi d liu trn mng sn sng cho nhim v sao lu. Khong thi gian m bn s dng sao lu i khi c gi l backup window (ca s sao lu). Thit b sao lu m bn s dng nn ph thuc mt phn vo dung lng d liu bn mun bo v v khong thi gian m bn mun s dng sao lu. V d nu bn c 10GB d liu cn sao lu v cng ty ca bn s ng ca t 5 gi chiu n 9 gi sng hm sau, nh vy bn c mt khong thi gian sao lu (backup window) l 16 gi - rt nhiu thi gian sao chp d liu s dng cc thit b lu tr tc trung bnh. Tuy nhin, nu nh cng ty bn hot ng trong ba ca v cho bn ch 1 gi, t 7 gi n 8 gi, sao lu 100 GB d liu, bn phi s dng mt thit b sao lu nhanh hn nhiu hoc trong trng hp ny c th l vi thit b. Chi ph. Chi ph lun lun l mt nhn t trong vic la chn mt sn phm phn cng. Bn c th mua mt thit b sao lu loi thng vi QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 144
SAO LU V PHC HI D LIU gi khong 100$ n 200$, thit b ny ph hp sao lu mt my tnh gia nh v tc v dung lng khng phi l cc nhn t chnh. Tuy nhin, khi bn chuyn sang cc thit b c tc v dung lng ph hp vi nhim v sao lu mng, gi c ca chng s tng t ngt. Cc thit b sao lu cao cp c th c mc gi gm 5 con s. Khi bn nh gi mt thit b lu tr, bn phi quan tm n cc chi ph thm vo ca thit b. Cc thit b sao lu s dng cc phng tin lu tr c th tho di, v d nh bng t hoc u quay a. Cc phng tin lu tr ny cho php bn c th lu cc bn sao d liu ca bn ti ni khc (offsite), v d nh trong hm an ton c kt st ca mt ngn hng no . Nu ta nh m h thng mng ca bn t ti b ph hy bi la hoc thm ha no , bn vn cn d liu v bn c th khi ng li hot ng ca h thng ti mt ni no . Do , ngoi vic mua mt thit b lu tr, bn cng phi mua thm cc phng tin lu tr. Mt s sn phm lc u c v l kinh t bi v thit b l khng t, tuy nhin sau mt thi gian di chy th n khng cn nh th na bi cc phng tin lu tr l qu t. Mt trong nhng phng php thng thng nh gi cc thit b sao lu l xc nh chi ph trn mt MB (hoc GB) trong kh nng lu tr ca n. Chia gi ca cc phng tin lu tr cho s lng MB (hoc GB) n c th lu tr v s dng con s ny so snh vi chi ph ca cc thit b khc tng ng. ng nhin, trong mt s trng hp, bn c th cn thit phi hy sinh tnh kinh t c c kh nng tc hoc dung lng. Mt s thit b lu tr c kh nng tho ri c th s dng nh l thit b sao lu s c xem xt trong cc phn sau y: Cc thit b CD-ROM v DVD-ROM. S ph bin ca cc thit b CD-ROM c kh nng ghi, v d nh cc a compact disc-recordable (CD-R) v compact disc-rewritable (CD-RW), tng cng kh nng s dng chng nh cc thit b lu tr. Mc d dung lng ca mt a CD b gii hn xp x khong 650MB nhng vi chi ph thp ca cc a lu tr, ta c th xem vic s dng a CD nh l mt gii php c tnh kinh t, thm ch c khi cc a ny ch c s dng mt ln nh trong trng hp cc a CD-R. Hin ti gi c ca cc a DVD-ROM gim, s dng DVD-ROM thch hp hn CD-ROM bi v kh nng lu tr ca n ln hn rt nhiu (trn 4GB). Yu t ln nht trong vic s dng rng ri CD-ROM hay DVD-ROM sao lu l rt nhiu my tnh u QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 145
SAO LU V PHC HI D LIU c trang b cc thit b CD, DVD cho cc mc ch khc, do gim i s cn thit phi mua thm cc thit b sao lu chuyn dng khc. i vi vic sao lu mng, CD-ROM khng c s dng thng xuyn bi hu ht cc h thng mng u c hng gigabyte d liu gi tr sao lu, khi s yu cu rt nhiu vic thay a. DVD-ROM gim s lng a phi thay v c th ph hp vi cc h thng mng nh, tuy nhin chng vn khng dung lng sao lu mt cch hiu qu trong cc mng ca doanh nghip ln. Hn na, CD-ROM v DVD-ROM cng thng khng c cc sn phm phn mm sao lu mng h tr. Mc d cc thit b ny thng c gn km cc phn mm c kh nng sao lu hn ch (thng p dng cho cc nhim v sao lu h thng n, qui m nh), cc phn mm ny thng xuyn khng cung cp cc tnh nng cn thit sao lu mt h thng mng mt cch hiu qu. Cc a Cartrigde Mt trong nhng thit b lu tr thng dng khc c th s dng d dng cho vic sao lu l cc a Cartrigde ( a c bc) c kh nng tho di. Cc sn phm nh Iomega ZIP hay JAZ c th c dng nh cc a cng, tuy nhin chng li s dng cc Cartrigde c kh nng tho di. Cc thit b ny c gn vo trong h thng file ca my tnh v bn c th lm vic nh vi cc a cng. Cc Cartrigde ZIP cha khng nhiu hn 750MB, do chng c ngha thc t hn khng ng k so vi CD. Tuy nhin, cc JAZ c cc phin bn 1GB v 2GB, cho nhim v sao lu, thm ch cho mt h thng mng nh. Nhc im ca vic s dng thit b ny sao lu l chi ph cao ca cc phng tin lu tr. Mt Cartrigde 2GB cho JAZ c th c gi khong 125$ - nh vy l 6 cent trn mt MB t hn rt nhiu so vi hu ht cc thit b lu tr khc. Cc a bng t Thit b phn cng c s dng thng dng nht cho nhim v sao lu d liu l cc bng t, trng ging nh thit b trong hnh 4-1. Khng ging nh a cng, a mm v a CD-ROM, bng t khng phi l thit b truy cp ngu nhin. iu ny c ngha l thit b khng th di chuyn u c ca n c bt k file c bit no trn bng t m khng phi cun qua tt c cc file nm trc n. Cng ging nh cc loi thit b bng t khc, v d nh audio v video, thit b ny tho bng t ra khi ng trc v ko n qua u c n khi tm c im trn bng t cha d liu m n cn. Kt qu l bn khng th gn mt bng t vo h thng file ca mt my QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 146
SAO LU V PHC HI D LIU tnh, cp cho n mt k t a v sao chp file vo nh bn lm vi cc a cng c. Mt chng trnh phn mm c yu cu nh a ch cho bng ny, gi d liu bn la chn n n lu tr v khi phc d liu sau ny. iu ny c ngha l cc bng t rt t s dng cho cc nhim v khc ngoi sao lu, trong khi cc loi thit b lu tr c th tho di khc, v d nh a CD-ROM, c th s dng cho cc chc nng khc.
Hnh 4-1: Mt bng t lu tr ngoi Cc a bng t l rt ph hp cho nhim v sao lu. Chng kh nhanh, c th cha mt lng ln d liu, c th lu tr lu di khng gii hn thi gian, v cc phng tin lu tr ca n c gi trn mt MB l thp thng thng thp hn 1,5 cent trn mt MB. C rt nhiu dng thit b bng t, chng khc nhau v tc , dung lng v gi c. Nguyn tc chung cho cc thit b bng t l bn tr chi ph kh ln khi cn nhiu tc v dung lng. Cc sn phm loi cp thp nh cc bng t inch (QIC), gi ca chng vo khong 200$. C rt nhiu nh dng QIC khc nhau, vi dung lng ca mt cun bng t QIC trong khong t 150MB n 20GB. Cc sn phm cao cp trn th trng l cc thit b bng t s tuyn tnh (digital linear tape - DLT) v bng t tuyn tnh chun m (linear tape-open LTO) vi gi tr c th ln n vi ngn USD v c th cha hng trm GB trn mt bng t n. Cc cng ngh bng t thng thng c s dng sao lu c lit k trong Bng 4-1.
SAO LU V PHC HI D LIU Bng 4-1. Cc kiu thit b bng t
LU : Nn bng t. Dung lng ca cc thit b bng t thng thng c phn chia thnh 2 loi, v d nh 40GB v 80GB. Cc con s ny th hin dung lng ca mt bng t cha nn v nn. Hu ht cc thit b bng t u c kh nng nn d liu bng phn cng c trang b sn, nhng dung lng trng m bn c th c thm khi nn th da vo kiu ca d liu c lu tr. Dung lng thng thng m nh sn xut thit b s dng c gi nh da trn t l nn 2:1, y l t l nn in hnh p dng vi cc kiu file chy v cc dng file ng dng khc. Mt s loi file khc, v d nh file hnh nh m s dng cc nh dng cha nn nh BMP hay TIF, c th c nn vi t l cao hn nh 8:1. tuy nhin cc file hnh nh c nn nh file GIF hay JPG s khng th nn thm c na v c lu tr vi t l nn l 1:1. Cc Autochanger Trong mt s trng hp, thm ch cc thit b bng t c dung lng cao nht cng khng sao lu mt h thng mng vi cc d liu lin tc thay i. Mt h thng mng c th phi lm vic vi mt lng d liu rt ln sao lu hoc thi gian sao lu (backup window) rt nh. to ra mt gii php sao lu t ng vi dung lng ln hn kh nng cung cp ca mt bng t n, bn c th mua mt thit b c gi l autochanger (Thit b c kh nng np t ng). Mt autochanger (Th hin trong Hnh 4-2) l mt thit b phn cng c cha mt hoc nhiu a (thng thng l cc bng t, tuy nhin cng c cc thit b autochanger s dng a quang v CD-ROM), mt dy cc a QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 148
SAO LU V PHC HI D LIU lu tr v mt kt cu robot my c th tro i cc a lu tr vo v ra khi a. i khi cc thit b ny cn c gi l jukeboxe hoc tape library. Khi cc tc v sao lu ghi y d liu vo mt bng t (hoc cc phng tin lu tr khc), kt cu robot ny s rt a t ny ra khi v nht mt a khc vo, sau tc v sao lu s tip tc. Thit b autochanger ny ng thi duy tr mt b nh ghi li a no cn cha s dng, thng thng c gi l mt danh mc, v do n c th t ng np cc bng t tng ng cn tip tc nhim v.
Hnh 4-2. Mt thit b autochanger s dng bng t Mt s autochanger l cc thit b nh vi mt ghi n v mt dy bn hoc nm bng t, trong khi rt nhiu thit b c bn hoc nm ghi v mt dy gm mt trm bng t hoc nhiu hn. Nu bn mua mt autochanger ln, bn c th to ra mt chin lc sao lu lu di, cho php nhim v sao lu ca bn lun hot ng mt cch t ng hon ton vo mt thi gian nht nh hng tun. Tuy nhin, trc khi bn c th xem xt v cng c k hoch ca mnh mt ln na quyt nh mua mt thit b autochanger c kch thc nh ci t lnh khng bao gi phi np mt bng t bng tay, bn hy nn bit rng chi ph mua cc thit b ny l rt ln, ln mt cch ng kinh ngc v trong mt s trng hp c th t n mt con s c su ch s.
SAO LU V PHC HI D LIU La chn giao tip cho thit b Cc thit b sao lu c th s dng bt k mt giao tip my tnh chun no, v d nh Thit b in t Tch hp (Integrated Device Electronics - IDE), ng Ni tip a nng (Uuniversal Serial Bus - USB), v Giao tip H thng My tnh Nh (Small Computer System Interface - SCSI), cng vi giao tip mi nht theo xu th ch yu hin nay, IEEE 1394 (FireWire). Mt s thit b sao lu thm ch cn c th kt ni n my tnh thng qua cng song song mc d y ch l mt dng ca giao tip SCSI s dng cc cng khc. Giao tip thng dng nht c s dng hin nay trong cc gii php sao lu mng cao cp l SCSI. Cc thit b SCSI hot ng c lp hn cc thit b s dng IDE, iu ny c ngha l cc chu trnh sao lu, thng phi c t mt thit b v ghi vo mt thit b khc trn cng mt giao din, s hot ng hiu qu hn. Khi hai thit b IDE chia s mt knh th ch mt thit b c th hot ng. Mi thit b phi nhn, thc thi, v hon thnh mt lnh trc khi thit b kia c th nhn lnh tip theo. Mt khc, cc thit b SCSI c th duy tr mt hng i cc lnh m chng nhn c t cc thit b giao tip my tnh v thc thi chng mt cch tun t v c lp. Cc bng t thng thng yu cu mt dng d liu lin tc ghi vo cc bng t vi hiu sut cao nht. Nu c s ngt qung lin tip trong dng d liu ny, iu hay xy ra vi cc giao tip IDE, thit b bng t phi lp i lp li vic khi ng v dng bng t (cn gi l shoeshining), iu ny lm gim tc v kh nng lu tr tng th ca n. Mt thit b SCSI c th thng xuyn hot ng lin tc m khng cn phi tm dng i cc thit b khc trn knh truyn. Mt thit b sao lu SCSI thng thng t hn khi so snh vi cc thit b IDE tng ng bi v cc a yu cu nhiu linh kin in t hn v cng bi v bn phi c mt b giao tip SCSI c ci t trong my tnh. Hu ht cc thit b SCSI u c cc sn phm loi cm trong hoc nm ngoi my tnh. Thit b nm ngoi c cc b cp ngun ring ca n v chi tit ny s tn thm chi ph. Tuy nhin, cc chi ph thm cho cc thit b SCSI s ng gi cho cc gii php sao lu mng nhanh v ng tin cy. Phn mm sao lu Bn cnh phn cng, mt thnh phn chnh trong mt gii php sao lu mng l phn mm m bn s dng thc hin nhim v sao lu. Cc thit b lu tr c thit k cho cc gii php sao lu chuyn dng s khng ging nh cc phn h lu tr khc trong my tnh; mt sn phm phn QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 150
SAO LU V PHC HI D LIU mm c bit c yu cu ly d liu m bn cn sao lu v gi chng n a. Windows Server 2003 c km theo mt chng trnh phn mm sao lu cung cp chc nng c bn cho cc nhim v sao lu h thng n, nhng cng ging nh hu ht cc chng trnh sao lu i km h iu hnh, phn mm ny thiu cc tnh nng tin tin cn thit sao lu hiu qu trong mt mi trng mng phc tp. Chc nng chnh ca mt phn mm sao lu tt s c xem xt trong cc phn sau y. Kh nng la chn mc tiu. Chc nng c bn nht ca mt chng trnh phn mm sao lu l cho php bn la chn ci g bn mun sao lu, i khi cn c gi l mc tiu (Target). Mt chng trnh sao lu tt cho php bn lm vic ny theo rt nhiu cch. Trong hu ht cc trng hp, bn c th la chn Ton b my tnh Cc a cng xc nh trong mt my tnh Cc th mc xc nh trong mt a cng Cc file xc nh trong mt th mc S dng la chn trong cy. Hu ht cc chng trnh sao lu u cung cp mt cch hin th hnh cy m bn c th s dng la chn mc tiu cho tc v sao lu. Hnh 4-3 th hin giao din m chng trnh Backup ca Windows Server 2003 s dng la chn mc tiu sao lu.
Hnh 4-3. Th Backup trong chng trnh Windows Server 2003 Backup Trong hu ht cc trng hp, bn khng cn thit phi sao lu mi d liu trong cc a ca my tnh. Nu mt a cng b xa hoc ph hy hon ton, bn c th phi ci t li h iu hnh trc khi bn khi phc cc file t mt bng t sao lu v do vic sao lu mi file ca h iu hnh mi khi bn chy mt tc v sao lu l khng c gi tr nhiu. Tng t i vi cc ng dng, bn c th ci t li mt ng dng t b ci gc, do bn c th ch cn sao lu cc file d liu v cc thit lp cu hnh ca ng dng . Hn na, hu ht cc h iu hnh hin nay u to ra cc file tm khi chy, nhng file ny bn cng khng cn thit phi sao lu. V d Windows to ra file phn trang b nh c th c kch c hng trm hoc hng ngn MB. Bi v cc file ny c to ra t ng, bn c th tit kim dung lng trong cc bng t sao lu ca bn bng cch b qua file ny v cc file tng t trong cc tc v sao lu. S la chn ng n cc mc tiu sao lu c ngha trong trng hp hoc bn c th lu va ton b d liu cn sao lu vo trong mt bng t hoc c th bn phi li mun sau gi lm vic nht bng t th hai vo trong a. S dng cc Filter (B lc). Vic la chn cc file, th mc v cng ring r m bn mun sao lu c th kh nhm chn trong mt mng ln, do rt nhiu cc chng trnh sao lu cung cp mt cch khc la chn mc tiu. Mt trong nhng phng php thng dng l s dng b lc, cho php QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 152
SAO LU V PHC HI D LIU phn mm nh gi tng file v th mc trn mt a cng v sau quyt nh liu c sao lu khng. Cc chng trnh phn mm sao lu in hnh c h tr b lc thng cho php bn s dng cc b lc bao hm v b lc loi tr; c ngha l mt b lc c th nhn bit cc file bn mun sao lu hoc cc file bn mun loi b ra khi qu trnh sao lu. Mt chng trnh sao lu tt cung cp rt nhiu b lc cho php bn la chon mc tiu da trn cc thng s sau y: Tn file v th mc. Vic chn tng file v th mc bng b lc l khng d hn cch hin th bng cy th mc, tuy nhin kh nng s dng cc k t i din trong tn file v th mc l mt tnh nng rt mnh. Bn c th s dng cc du hi (?) i din cho cc k t n hoc du hoa th (*) i din cho nhiu k t. V d to ra mt b lc loi tr s dng i din file *.tmp s loi b cc file c phn m rng l .tmp (thng thng c s dng cho cc file tm) trong tc v sao lu. Kch thc file. B lc da trn kch thc file cho php bn loi tr cc file c ln zero ra khi tc v sao lu hoc loi tr cc file rt ln, v d nh file phn trang b nh Pagefile.sys Ngy gi ca file. Mt h thng file s duy tr ti thiu mt thng s ngy v gi cho mi file lu tr, in hnh l cc thng tin khi file c chnh sa gn y nht. Mt s h thng file, v d nh h thng file Windows NTFS, bao gm rt nhiu thng tin ngy gi cho mi file, v d nh thi im file c to ra, thi im file c truy cp ln cui cng, v thi im file c chnh sa ln cui. B lc da trn cc thng s thi gian ny cho php bn sao lu ch cc file thay i t mt thi im nht nh hoc ch cc file c hn mt ngy xc nh no . Thuc tnh ca file. Thuc tnh l cc c gi tr 1-bit c gn km theo cc file cho bit cc c tnh ca chng. Hu ht cc h thng file h tr bn thuc tnh DOS chun, l H Thuc tnh n, R - thuc tnh Ch c, S thuc tnh H thng v A thuc tnh Lu tr, tuy nhin mt s h thng file cn c cc thuc tnh khc na. Phn ln cc chng trnh sao lu u da ch yu vo cc b lc thuc tnh lm nhim v sao lu, iu ny cho php chng sao lu ch cc file thay i t ln sao lu gn nht trc . Kiu b lc ny l kiu c bn s dng cho cc tc v sao lu incremental (Tng ln) v differential (vi sai). LU : B lc trong Windows Server 2003 Backup. Chng trnh sao lu Windows Server 2003 Backup cho php bn to ra cc b lc ty chn theo tn file v th mc loi b cc file c bit ra khi tc v sao lu. Tuy nhin, chng trnh ny khng h tr cc QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 153
SAO LU V PHC HI D LIU b lc bao hm hoc cc b lc kch thc, ngy/gi v thuc tnh ngoi cc b lc sn c trong cc tc v sao lu chun. Hiu bit v cc kiu tc v sao lu. Hu ht, tuy nhin khng phi l tt c, cc phn mm sao lu u bao gm mt lot cc kiu tc v sao lu chun m thc cht l vic kt hp cc b lc cu hnh trc. V d chng trnh Windows Server 2003 Backup cho php bn la chn t nm kiu tc v sau (Th hin trong Hnh 4-4): Normal (Thng thng). Sao lu tt c cc file vo phng tin lu tr v t li bit lu tr trong mi file ch nh rng cc file ny c sao lu. Copy (Sao chp). Sao lu tt c cc file vo phng tin lu tr v khng t li bit lu tr ca cc file ny. Differential (Vi sai). Ch sao lu cc file thay i t ln sao lu Normal gn y nht v khng t li bit lu tr ca chng. Incremental (tng ln). Chi sao lu cc file thay i t cc ln sao luu Normal hoc Incremental gn y nht v t li bit lu tr ca cc file Daily (Hng ngy). Ch sao lu cc file m c to ra hoc chnh sa ngy hm nay v khng t li bit lu tr trong cc file .
Hnh 4-4: Th Backup Type trong hp thoi Option ca chng trnh Windows Server 2003 Backup Kiu c bn nht ca tc v sao lu l sao lu y ton b (cn gi l sao lu normal trong Windows Server 2003 Backup), kiu ny s sao chp ton b cc mc tiu la chn vo bng t hay cc phng tin sao lu khc. Bn c th thc hin vic sao lu y hng ngy, nu bn mun, hoc ch lm th mi khi bn tin hnh sao lu mt my tnh c th no . Tuy nhin, vic lm nh th c th khng thc t do cc l do sau: C qu nhiu d liu sao lu. Cc a cng in hnh trong cc my tnh ngy nay cha nhiu d liu hn bao gi ht v trong mt mng ln, tng dung lng lu tr c th d dng t ti hng ngn GB. Tr khi bn mun tiu rt nhiu tin vo cc bng t lu tr v phn cng autochanger, cn li nu bn sao lu ton b d liu trong mi my tnh hng ngy l khng kh thi cht no. Khng c thi gian tin hnh sao lu. Hu ht cc qun tr mng u lp lch sao lu mng vic ny c tin hnh vo bui m hoc khi ht gi lm vic. Sao lu trong thi gian khng lm vic s cho php chng trnh sao lu khng phi b qua cc file ang QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 155
SAO LU V PHC HI D LIU trong trng thi m v n cng ti thiu ha cc tc ng n lu lng mng gy ra bi cc qu trnh sao lu t xa. i vi mt s doanh nghip, thi gian tin hnh sao lu l khng sao lu ton b h thng mng tr khi s dng rt nhiu thit b sao lu tc cao. C qu nhiu d liu d tha. Hu ht cc d liu lu trong mt cng ca my tnh in hnh l d liu tnh; n khng thay i hng ngy. Cc file ng dng v file h iu hnh khng bao gi thay i, v mt s file ti liu vn bn c th tn ti lu di m khng c ngi dng no thay i n c. Sao lu cc file nh vy hng ngy c ngha l lu cc d liu ging nhau vo bng t mi mi v mi mi, rt tn thi gian v phng tin lu tr. LI KHUYN. Lu tr trn my ch. Mc d dng ca sao lu l mt trong nhng l do m nhiu qun tr mng yu cu ngi dng lu cc file d liu ca h trn my ch hn l trn cc a cng ca my trm ni b. Bng cch cp cho mi ngi dng mt home directory (th mc gc ring) trn mt my ch, ta c kh nng sao lu cc file d liu ca ngi dng bng vic sao lu mt my ch n thay cho vic phi cu hnh phn mm sao lu kt ni n mi my trm hng ngy. lu bng t v lm ngn thi gian sao lu, rt nhiu qun tr h thng tin hnh sao lu y mt ln trong mt tun hoc thm ch t hn. Gia cc ln sao lu y , h tin hnh cc kiu sao lu c bit khc m ch sao lu cc file c chnh sa gn y. Kiu tc v sao lu ny c gi l incremental backup v differential backup (Sao lu phn thay i v sao lu vi sai). Incremental backup l tc v sao lu m ch sao lu cc file thay i t bt k ln sao lu no trc . Differential backup l tc v sao lu m ch sao lu cc file thay i t ln sao lu y trc . Phn mm sao lu s lc cc file cho cc tc v ny bng cch s dng thuc tnh Lu tr, cn c gi l archive bit (bit lu tr), m mi file trong my tnh u c. Thc t bit lu tr khng chnh sa cc chc nng ca file ging nh cc thuc tnh Ch c v n, n ch n gin l mt bit nh du phn mm sao lu s dng xc nh liu c sao lu file ny khng. Trng thi ca cc bit lu ny trong cc tc v sao lu in hnh nh sau: 1. Khi mt file c ghi vo trong a cng my tnh ln u tin, bit lu ca n c kch hot, gi tr ca n c thit lp l 1. QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 156
SAO LU V PHC HI D LIU 2. Trong ln sao lu y u tin bn tin hnh trn my tnh, phn mm sao lu s sao lu ton b ni dung ca a cng v ng thi t li (ngha l a gi tr ny v 0) bit lu tr ca tt c cc file. Ti thi im ny, bn c mt bn sao lu y ca a cng trn bng t v khng mt file no trn a cng c bit lu tr c kch hot. 3. Khi bt k mt file trn a cng c chnh sa bi bt k ng dng hoc tin trnh no, h thng file s ti kch hot bit lu tr ca file 4. Trong ln sao lu tip theo, bn tin hnh mt tc v sao lu kiu incremental hoc differential. Phn mm sao lu s qut tt c cc bit lu tr ca cc file trn a cng v ch sao lu cc file c bit lu tr ang c kch hot. Ti thi im ny, bn c mt bn sao lu y ca ton b a cng v mt bn sao lu ca tt c cc file thay i t ln sao lu y trc. Nu s c hoc thm ha xy ra dn n ton b ni dung ca a cng b mt, bn c th khi phc v trng thi hin ti bng cch tin hnh khi phc t bng t sao lu y trc, sau khi phc t bng t incremental hay differential, cho php phin bn thay i ca cc file ghi ln phin bn gc. Bi v cc cc bn sao lu incremental hay differential ch cha mt phn ca ni dung a nn chng s chy nhanh hn v tn t bng t hn l sao lu y . Mt chin lc sao lu mng in hnh bao gm mt ln sao lu y vo mt ngy trong tun v cc tc v sao lu incremental hoc differential trong cc ngy cn li. Vi cch b tr ny, bn lun lun c th khi phc c a cng v trng thi gc m khng mt qu 24 gi. Khc nhau gia mt tc v sao lu incremental v differential nm cch x l ca phn mm sao lu khi n t li hoc khng t li bit lu tr ca cc file m n sao chp vo bng t. Tc v sao lu incremental s t li bit lu tr cn differential th khng. Vic chy cc tc v sao lu incremental hay differential thng xuyn cho php t ng ha ch sao lu ca bn m khng tn nhiu phn cng. V d bn sao lu y ca bn tng s l 50GB, bn c th mua mt thit b a 20GB. Bn s phi t tay nht hai bng t thm vo trong qu trnh sao lu y , mt tun mt ln, tuy nhin bn c th chy cc tc v sao lu incremental hay differential trong cc ngy cn li trong tun s dng ch mt tape cho mi ln, iu ny c ngha l tc v ny c th chy t ng m khng cn phi gim st. S dng sao lu Incremental. iu ny c ngha l khi bn chy mt tc v sao lu Incremental, bn ch sao lu cc file thay i t ln sao lu QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 157
SAO LU V PHC HI D LIU trc gn nht, ln c th l sao lu y hoc sao lu incremental. Thc hin sao lu Incremental gia cc ln sao lu y s s dng t bng t nht, tuy nhin iu ny cng ko di thi gian khi phc. Nu bn phi khi phc li ton b my tnh, u tin bn phi khi phc t bng t sao lu y trc, sau bn phi tip tc khi phc theo th t cc ln sao lu Incremental sau ln khi phc y . V d, bn c th xem xt lch sao lu th hin trong Bng 4-2: Bng 4-2: Lch sao lu mu theo kiu Incremental
Bn sao lu ngy Ch nht l bn sao y duy nht ca a cng my tnh v mi bn sao lu Incremental cha cc file thay i trong 24 gi trc. Bi v Data1.txt thay i hng ngy, n xut hin trong mi bn sao lu incremental. Bit lu ca file ny c kch hot mi ln n thay i v mi ln sao lu incremental s t li bit ny ln na. Data2.txt thay i ch mt ln vo th T nn n ch xut hin trong bn sao lu y v bn sao lu incremental ca ngy th T. Data3.txt thay i hai ln vo ngy th Ba v th Nm, do n xut hin trong bn sao lu y v bn sao lu incremental ca ngy th ba v th nm. Nu cc a cng trong my tnh b trc trc trong ngy th Su, hu qu l mi d liu u b mt ht, bn c th bt u qu trnh khi phc bng cch khi phc bn sao lu y ca ngy Ch nht gn nht, sau bn s phi khi phc cc bn sao lu incremental ca ngy th Hai, th Ba, th T v th Nm theo ng th t sau bn sao lu y . Kt qu ca qu trnh khi phc l ba file d liu s nh sau: Data1.txt. Bn sao chp gc t ln sao lu y s b ghi bi bn sao chp mi hn trong cc ln khi phc incremental, li phin bn mi nht (ca th Nm) trn a cng sau khi qu trnh khi phc chm dt. Data2.txt. Bn sao chp gc t ln sao lu y ngy Ch nht s c duy tr trn a cng n khi khi phc bn sao lu incremental QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 158
SAO LU V PHC HI D LIU ca ngy th T, n lc phin bn mi nht (ngy th T) s ghi phin bn ca ngy Ch nht. Phin bn ca ngy th T s cn li trn a cng sau khi qu trnh khi phc chm dt. Data3.txt. Bn sao chp gc t ln sao lu y ngy Ch nht s b ghi hai ln, ln u bi phin bn ca ln sao lu incremental ngy th Ba v sau l bi phin bn ca ln sao lu incremental ngy th Nm, li phin bn mi nht (ca th Nm) trn a cng sau khi qu trnh khi phc chm dt. LU : Khi phc Incremental. Khi bn khi phc t cc bn sao lu Incremental, th t ca cc bng t bn khi phc l rt quan trng. Bn phi khi phc cc phin bn Incremental theo th t ng nhu khi n c ghi vo, nu khng bn c th kt thc vi phin bn c ca file ghi ln phin bn mi nht. S dng sao lu Differential. Nu bn tin hnh cc bc sao lu ging nh trn nhng thay cc tc v incremental bng differential, kt qu s c nh trong Bng 4-3. Bng 4-3. Lch sao lu mu theo kiu Differential
Bi v cc file Data1.txt thay i hng ngy, n s xut hin trong tt c bn sao lu differential, cng nh khi n xut hin trong cc ln incremental. Tuy nhin, bi v cc tc v differential khng t li bit lu tr trong cc file n sao lu, nn khi mt file xut hin trong mt ln differential, n s xut hin trong mi ln tip theo cho n ln sao lu y k tip. Do , file Data2.txt ln u tin xut hin trong bn incremental ngy th T s ng thi c sao lu trong cc ngy th Nm, th Su v th By bi v bit lu tr ca n vn cn c kch hot. Cng ging nh th, file Data3.txt m xut hin ln u tin trong bn differential ngy th Ba cng s xut hin trong tt c cc bn sao lu differential tip theo tr bn Differential vo ngy th Nm, y l phin bn mi hn bn c sao lu hng m QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 159
SAO LU V PHC HI D LIU trc . Cc bit lu tr ca ba file ny khng c t li cho n ln sao lu y tip theo, din ra vo ngy Ch nht k tip. Khi bn s dng cc sao lu differential, tc v ny din ra lu hn v s dng nhiu bng t hn mt cht bi v trong mt s trng hp, bn phi sao lu cc file ging nhau trong vi ngy lin tip. Tuy nhin, khi phc t cc ln sao lu differential s n gin hn v nhanh hn bi v bi v bn ch phi khi phc bn sao lu y v bn sao lu differential gn nht. Nu a trong v d ny b s c trong ngy th By, bn ch phi khi phc bn sao lu y ca ngy Ch nht trc v bn sao lu differential ca ngy hm trc (Th Su). Bng t ca ngy th Su s cha cc file Data1.txt, Data2.txt v Data3.txt trong n. Phin bn ca Data1.txt s l ca ngy th Su, Data2.txt s l phin bn ca ngy th T v Data3.txt s l phin bn ca ngy th Nm. S dng cc tc v Copy v Daily. Cc chng trnh phn mm sao lu cho php bn tin hnh cc kiu sao lu Norman, incremental v differential, tuy nhin ng dng Windows Server 2003 Backup cn bao gm thm hai tnh nng m khng nht thit s c trn cc sn phm phn mm khc. Mt tc v sao lu Daily (Hng ngy) s dng mt b lc da trn ngy thay cho da trn cc bit lu ch sao lu cc file c to ra hoc thay i trong ngy m tc v sao lu ny chy. Mt tc v sao lu kiu Copy (Sao chp) ging nh mt tc v sao lu y ngoi tr vic phn mm sao lu ny khng chnh sa gi tr ca bit lu tr trong cc file m n sao chp ra bng t. Bn c th s dng kiu sao lu Copy tin hnh cc bn sao lu y vo bt k thi im no, v d nh cho cc thit b lu tr ngoi h thng, m khng nh hng n trnh t u n thng xuyn ca cc tc v sao lu y v incremental hoc differential. LU . Cc tn ca tc v sao lu. Ch c chng trnh Windows Server 2003 Backup s dng tn ca tc v sao lu y l Normal v khng c g l nu cc chng trnh phn mm sao lu khc s dng cc tn khc nhau khi cp n cc kiu sao lu c bn. Lp lch cho cc tc v Mi sn phm sao lu u cho php bn to ra cc tc v sao lu v thc hin chng ngay lp tc, nhng cha kha cho vic t ng ha cc chu trnh sao lu l kh nng lp lch cc tc v sao lu thc hin m khng cn gim st. Khng phi tt c cc chng trnh sao lu trang b cng h iu hnh hoc thit k cho cc my tnh n u h tr kh nng lp lch, nhng mi sn phm phn mm sao lu mng u c. QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 160
SAO LU V PHC HI D LIU LU . Mc ch ca k thi. Mc ch ca k thi 70-290 l hc vin c kh nng lp lch cho cc tc v sao lu Hu ht cc doanh nghip u tin hnh cc tc v sao lu incremental hoc differential hng ngy v mt ln sao lu y mt ln trong tun. Cch b tr ny cung cp mt s cn bng tt gia kh nng bo v vi thi gian v phng tin lu tr dnh cho nhim v sao lu l rt hp l. Trng hp l tng cho mt qun tr mng l d liu ca mi ln sao lu incremental hay differential hng ngy s cha va trong mt bng t n. iu ny cho php ngi qun tr c th lp lch cho cc tc v ny c th chy khng cn gim st khi vn phng ng ca v h thng mng ang ri ri. Kt qu l mi ti nguyn u sn sng cho nhim v sao lu v hiu sut lm vic ca ngi dng khng b gim bi s nghn mng do cc lu lng d liu trong qu trnh sao lu, ng thi khng cn phi c ngi thay th cc phng tin lu tr. Khi bn c mt lch sao lu, bn ch cn n gin nht ng cc bng t vo cc a mi ngy. Cc ln sao lu y c th yu cu nhiu hn mt bng t v do vy ai phi c mt thay th cc phng tin lu tr. LI KHUYN. La chn phn cng sao lu. Kh nng to ra cc lch sao lu t ng khng cn gim st l nhn t quan trng nht xem xt khi bn nh gi cc sn phm phn cng sao lu. Trc khi la chn mt a, bn nn c lng dung lng d liu m bn s phi sao lu mi ngy (c tnh n c phn d liu tng trng) v xem xt cc a c th lu tr ti thiu l lng d liu trn trong mt bng t n. Cc chng trnh sao lu s dng rt nhiu phng php thi hnh cc tc v t ng. Chng trnh Windows Server 2003 Backup thm cc tc v ny vo trong danh sch Scheduled Tasks ca h iu hnh; cc chng trnh khc thng cung cp chng trnh hoc dch v ring ca chng m lin tc chy v kch hot cc tc v ti cc thi im tng ng. Mt s sn phm sao lu mng cao cp c th s dng dch v th mc v d nh Microsofts Active Directory hay Novells eDirectory lp lch. Cc chng trnh ny chnh sa schema (lc ) ca th mc (m cho bit kiu i tng no c th tn ti trong th mc) to ra cc i tng th hin hng i ca tc v ch c x l. ,Chu trnh lp lch ca cc phn mm sao lu l ging nhau, khng ph thuc vo k thut no m chng s dng np cc tc v. Bn c th ch ra liu bn c mun thc hin tc v mt ln hay lp li ti cc thi im xc nh mi ngy, tun hoc thng, s dng mt giao din ging nh chng QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 161
SAO LU V PHC HI D LIU trnh Windows Server 2003 Backup (Th hin trong Hnh 4-5). Mt tng ca tnh nng lp lch l cho ngi qun tr mng to ra s tun t logic ca cc tc v sao lu m t thc hin bi chnh chng sau cc khong thi gian lp u n. Sau khi ngi qun tr mng lm iu , hnh ng duy nht yu cu l thay i cc bng t mi ngy. Nu bn c mt thit b autochanger, bn thm ch cn c th loi b thao tc ny v to ra mt tc v sao lu tun t chy hng tun hoc hng thng m khng cn phi gim st mt cht no.
Hnh 4-5. Hp thoi Schedule Job ca chng trnh Windows Server 2003 Backup Duy tr cc nht k sao lu (Backup Logs). Khi mt tc v sao lu chy, phn mm truy cp vo mc tiu xc nh v lu d liu vo trong a sao lu theo cc cch thch hp. Do chc nng vn c ca cc phng tin lu tr thng c s dng cho sao lu, nn vic d liu i n thit b lu tr mt cch n nh v vi mt tc thch hp l iu rt quan trng. Phn mm, v vy, phi c thit k xc nh cc a theo cc phng thc thch hp i vi cc thit b ny. Khi phn mm a d liu vo trong bng, n cng ng thi theo di cc hot ng ca phn mm. Hu ht cc sn phm phn mm c th duy tr mt nht k cc chu trnh sao lu khi n din ra. Bn c th thng xuyn ch nh mc chi tit ca nht k, v d nh liu n c cha mt danh sch hon chnh ca mi file c sao lu hay ch ghi li cc s kin chnh QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 162
SAO LU V PHC HI D LIU din ra trong qu trnh sao lu. Chng trnh Backup trong Windows Server 2003 s dng mt giao din nh trong Hnh 4-6 xc nh liu chng trnh s gi mt nht k Detail (Chi tit), mt bn Summary (Tng kt) hay None (Khng lu nht k no c).
Hnh 4-6. Th Backup Log trong hp thoi Options ca chng trnh Windows Server 2003 Backup. Trong hu ht cc trng hp, mt nht k chi tit ca tc v sao lu l khng cn thit. Kiu nht k ny thng cha mt danh sch cc file m chng trnh thc hin sao lu (Th hin trong Hnh 4-7) v do tc v sao lu thng cha hng ngn file nn mt nht k chi tit c th rt di v cc mc cn ch (v d nh li) li rt kh tm kim. Vic xem kch thc ca cc file nht k cng l rt quan trng, nht l khi bn cu hnh duy tr mc rt chi tit. Cc file ny c th tng dung lng rt nhanh v c th s dng ht dung lng trng trn a cng ni chng c lu tr.
Hnh 4-7. Mt bn nht k sao lu ca chng trnh Windows Server 2003 Backup Vic kim tra nh k cc nht k l mt phn thit yu ca vic qun tr chng trnh sao lu mng. Cc nht k cho bn bit khi no cc file c th no b b qua do l do bt k no , v d nh khi file ang c m bi ng dng hoc khng th tm thy my tnh m chng c lu trn . Nht k cng cho bn bit khi no li xy ra trn cc a sao lu hoc trn mt trong cc my tnh nm trong chu trnh sao lu. Mt s sn phm phn mm sao lu cn c th to ra cc cnh bo khi li xy ra, thng bo cho bn bng cch gi i cc thng ip trng thi ti mt bng iu khin qun tr mng, bng cch gi cho bn mt thng ip email hoc bng cc phng php khc. LU . Mc ch ca k thi. Mc ch ca k thi l hc vin phi c kh nng xc nhn s hon thnh ca cc tc v sao lu Cataloging (Lp mc lc) Bn cnh nhim v ghi nht k cc hot ng ca mnh, cc chng trnh phn mm sao lu cn lp mc lc cho cc file chng sao lu lm cho qu trnh khi phc sau ny c d dng hn. Mt mc lc bn cht l mt danh sch cc file m phn mm sao lu li trong cc tc v sao lu. khi phc cc file t cc phng tin sao lu, bn duyt qua mc lc v la chn cc file, th mc hay a m bn mun khi phc. Cc sn phm phn mm sao lu khc nhau s lu th mc theo cc cch khc nhau. Cc chng trnh cp thp, v d nh cc phn mm sao lu cho cc my tnh n, thng lu mc lc cho mi bng t trong chnh cc bng t ny. Vn QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 164
SAO LU V PHC HI D LIU vi phng php ny l bn phi a mt bng t vo trong bng th mi c c mc lc v duyt cc file trn bng t . Cc chng trnh sao lu mng cng phu hn c cc phng thc tip cn khc nhau bng cc duy tr mt CSDL ca cc mc lc cho mi bng t sao lu trong my tnh, ni m phn mm sao lu ny c ci t. CSDL ny cho php bn duyt qua cc mc lc ca tt c cc bng t v bn c th la chn khi phc bt k phin bn no ca file hoc th mc. Trong mt s trng hp, bn c th xem ni dung ca cc CSDL ny theo cc cch khc nhau, v d nh theo my tnh, a hay th mc ni lu tr gc ca cc file ny, theo cc tc v sao lu hoc theo cc bng t hay cc tn khc ca phng tin lu tr. Sau khi bn la chn, chng trnh s nh v bng t no cha cc file hay th mc bn cn; bn a n vo trong bng v qu trnh khi phc s c tin hnh. Cc tnh nng ca CSDL c th s dng rt nhiu khng gian a trn my tnh v nhp x l ca b vi x l, tuy nhin chng li tng cng rt nhiu kh nng cho phn mm, c bit l trong mi trng mng. LU . CSDL sao lu. Cc sn phm phn mm sao lu da trn CSDL thng lu mt bn sao ca CSDL trn cc bng t ng thi trn cc a cng my tnh. Vi tnh nng ny, nu my tnh dng chy cc tc v sao lu ca bn b hng a cng th bn vn c th khi phc cc c CSDL ny. Rt nhiu sn phm ng thi cho php bn xy dng li CSDL trn my tnh bng cch c ni dung ca bng t v chuyn cc ch mc ca n sang mt file CSDL mi. Quay vng s dng cc phng tin sao lu. Mt s qun tr mng kh tnh s dng cc bng t mi cho cc tc v sao lu v lu chng lu di. Tuy nhin, cch lm ny kh tn km. Vic s dng li cc bng t sao lu l thng dng hn. lm tt iu ny, bn phi nh ra chnh sch quay vng cc phng tin sao lu mt cch cn thn khng v tnh ghi mt bng t no sau ny. Bn c th t to chnh sch ring ca mnh, tuy nhin mt s phn mm sao lu s lm vic ny cho bn. LU . Mc ch ca k thi. Mc ch ca k thi 70-290 ch ra rng hc vin phi c kh nng qun l cc phng tin sao lu Mt trong nhng chnh sch quay vng phng tin sao lu thng dng nht c gi l phng php Grandfather-Father-Son (ng-B-Con). Trong QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 165
SAO LU V PHC HI D LIU phng php ny, cc khi nim ng, B v Con tham chiu tng ng n cc bng t hng thng, hng tun v hng ngy. Vi cc tc v sao lu hng ngy, bn c mt tp cc bng t mc con c s dng li hng tun. i vi cc tc v sao lu hng tun, bn c cc bng t mc cha c s dng li hng thng. Sau , vo mi thng, bn tin hnh thm mt ln sao lu y vo tp cc bng t mc ng, cc bng t ny c s dng li hng nm. Phng thc ny cho php bn tin hnh khi phc mt cch hon chnh ti bt k thi im no v duy tr danh mc cc file trong mt nm ca bn. Ngoi ra cn c cc chnh sch sao lu khc c th thay i mc phc tp v s tin dng, ty vo sn phm phn mm sao lu. Khi chng trnh phn mm thc thi chnh sch quay vng, n cung cp mt lch trnh cho cc tc v (m bn c th chnh sa cc tc v c thc hin ti cc thi gian xc nh trong ngy), cho bn bit tn cn ghi trn mi bng t s dng n v khi bn bt u s dng li cc bng t ny, n s cho bn bit bng t no cn cho vo bng cho mi tc v. Kt qu cui cng l bn duy tr mt bn ghi lu di cc d liu ca bn trong khi li s dng ti thiu s lng bng t m khng s ghi ln bt c mt bng t no bn cn. Cu hnh thit b Bi v cc sao lu chuyn dng ch c th truy cp c thng qua vic s dng cc chng trnh c bit nn hu ht cc chng trnh sao lu u c cc giao din cho php bn tng tc trc tip vi cc bng thc hin cc tc v sau: nh dng bng t. Mi bng t u phi c nh dng trc khi phn mm sao lu c th ghi d liu vo. Phn ln cc phn mm sao lu u t ng nh dng bng t mi khi bt u tc v sao lu, tuy nhin chng ta vn c th nh dng mt cch th cng. Cc dng khc nhau ca cc cun bng t yu cu cc kiu nh dng khc nhau. Mt s nh dng cn yu cu ton b bng t phi c ghi li trong khi mt s loi ch yu cu ghi mt header ( mc) mi ti phn u ca bng t. Vic nh dng s ghi tt c cc d liu hin ang c trn bng t. Xa bng t. Xa mt bng t thnh thong ch n gin l ti nh dng li bi v qu trnh ti nh dng s ghi li ton b chiu di ca cun bng. i vi mt s loi bng t khc, ti nh dng ch l thay th header v phn cn li ca bng t l khng thay i. Phn ln cc sn phm phn mm sao lu mng u cho php bn xa d QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 166
SAO LU V PHC HI D LIU liu t bt k bng t no bng cch ghi ln ton b chiu di ca cun bng do mc ch bo mt. iu ny khng c ngha l ton b d liu khng th ti to li bng cc phng php khc, tr bn thn phn mm sao lu khng th c c cc d liu b xa khi bng t. Duy tr bng t. Mt s dng bng t c th cait thin c tnh trng ca n nh vic Duy tr Bng t,, trong bng s quay bng t t u n cui cun bng v li quay ngc tr li m bo rng ton b chiu di ca bng t c qun vo trong ng cun vi cng u n. Sn phm phn mm c kh nng ny thng ch lm nh trn i vi mt s loi bng t cn thit thc hin ng tc ny. a nn. Hu ht cc nh sn xut bng t hin nay u tch hp kh nng nn d liu vo trong sn phm phn cng ca mnh v cc chng trnh phn mm sao lu cng thng cung cp kh nng la chn tt hoc bt chc nng nn ca phn cng a. Mt s chng trnh cn cung cp kh nng t nn da vo phn mm s dng vi cc thit b khng c kh nng nn bng phn cng. Tuy nhin, kh nng s dng ca nn bng phn cng lun c a thch hn nn bng phn mm bi v vic nn bng phn mm s tiu tn mt lng ti nguyn ca b vi x l my tnh. Thc hin phc hi. Khi phc d liu t cc bn sao lu, tt nhin, l l do duy nht to nn cc bn sao lu nh trong phn trc. Cm gic thanh thn ca bn khi xem v duyt cc file khi phc l mt trong nhng tnh nng quan trng ca bt k phn mm sao lu no. iu ct yu l bn nn tin hnh th nghim mt cch nh k kh nng khi phc d liu t cc bng t sao lu hoc cc phng tin lu tr khc m bo bn c kh nng ly li mi d liu b mt. Thm ch khi cc tc v sao lu ca bn dng nh thnh cng hon ton v cc file nht k ch ra rng mi d liu u c sao lu, khng c bi kim tra kh nng ca cc tc v sao lu no tin cy bng vic khi phc thc t t chnh cc bn sao lu . C rt nhiu cu chuyn ly k v nhng ngi qun tr mng, thc hin sao lu hng ngy, nhng ch n khi c mt s c xy ra mi bit c rng cc bng t dn nhn cn thn kia u trng rng do mt a hot ng khng c tt. LU . Mc ch ca k thi. Mc ch ca k thi ch ra rng hc vin phi c kh nng khi phc cc d liu sao lu. QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 167
SAO LU V PHC HI D LIU Mc d tin hnh sao lu u n l mt bin php d phng bo v d liu khi thm cnh mt ton b cng nhng phn ln cc tc v khi phc tin hnh trong mi trng mng li thng ch v mt s file m ngi dng v tnh xa i mt. Nh cp trn, kh nng to mc lc ca cc phn mm sao lu l mt phn quan trng ca qu trnh khi phc. Nu ngi dng cn khi phc mt s file v bn phi nht ht bng t n bng t kia vo trong a nh v ra cc file th thi gian ca mi ngi ang b lng ph. Mt chng trnh sao lu vi mt CSDL s cho php bn tm kim cc file c bit , lm cho nhim v ca bn d dng hn ng thi cho php bn c th khi phc bt k file no trong vi pht. Nhim v khi phc cng tng t nh nhim v sao lu trong bn la chn file hoc th mc no m bn mun khi phc, s dng mt giao din trng ging nh trong Hnh 4-8. Khi bn to ra mt bn sao lu, mt phn mm sao lu thng thng s cho php bn cu hnh cc tham s sau y: La chn file. Bn s c th la chn bt k s kt hp no ca cc file, th mc hay a trn bt k bng t no. Mt s phn mm sao lu cho php bn chuyn qua gia cch nhn phng tin lu tr, trong hin th ni dung ca tng bng t trong t a, v cch nhn a, trong hin th cc mc tiu sao lu v mt danh sch cc phin bn khc nhau ca tng file c trong rt nhiu cc bng t. V tr khi phc. Bn s c kh nng la chn khi phc cc file bn chn vo v tr gc ca n mt cch t ng hoc ch ra a im thay th; bn s c kh nng ti to li cy th mc gc hoc chuyn tt c cc file vo trong mt th mc n. La chn ghi . Khi khi phc cc file vo v tr gc ca n, bn s phi ch ra cc lut cho php ghi cc file c vi cng tn da trn ngy ca chng hoc cc thng s khc.
SAO LU V PHC HI D LIU Hnh 4-8. Th Restore And Manage Media trong chng trnh Windows Server 2003 Backup
Cc tnh nng la chn thm ca sao lu mng

Khi bn ang pht trin mt gii php sao lu cho mt h thng mng, mt iu rt quan trng l bn la chn sn phm phn mm sao lu c thit k cho mc ch sao lu mng. S khc nhau chnh gia phn mm sao lu mng v mt ng dng thit k cho cc h thng n l n c kh nng sao lu cc my tnh khc trong mng. iu ny c ngha l bn c th mua mt a sao lu v s dng n bo v ton mng. Rt nhiu sn phm sao lu n c th truy cp cc a cng trn cc my tnh mng, tuy nhin mt sn phm sao lu mng hon chnh cn c kh nng sao lu cc tnh nng quan trng ca h iu hnh trn cc my tnh khc, v d nh Windows registry v CSDL ca dch v th mc. Kiu sao lu t xa ny c th yu cu bn ci t thm cc thnh phn phn mm trn my tnh ch. Trong rt nhiu trng hp, sn phm sao lu mng u c thm cc thnh phn cho php bn thc hin cc tc v sao lu c bit, v d nh sao lu cc CSDL ang chy hoc cc my tnh chy cc h iu hnh khc. Mt s cc thnh phn ny c m t trong phn sau y. LU . Cc thnh phn b sung. Trong rt nhiu trng hp, cc gi phn mm sao lu mng ch bao gm cc thnh phn c bn m t trong cc chng trc. thm vo cc tnh nng tt hn m t trong phn sau, bn phi mua cc thnh phn khc nh l cc modul b sung ring r m c th cng lm vic vi phn mm sao lu chnh. Cc Agent sao lu t xa. Hu nh tt c mi phn mm sao lu u c th sao lu cc a c chia s trn cc my tnh mng bn cnh kh nng sao lu trn chnh my ci t phn mm , tuy nhin iu ny khng c ngha l chng c coi l cc phn mm sao lu mng. Mt bn sao lu ng ngha l mt bn c th s dng khi phc li mt a cng b xa hon ton tr v trng thi tt trc . Vic truy cp mt my tnh Windows t xa thng qua mt a cng hay th mc chia s, v l thuyt s cho php bn sao lu mi th xut hin trong h thng file nhng bn khng th truy cp n cc phn t v d nh Windows registry hoc mt CSDL Active Directory theo cch ny. Do , mt bn sao lu ca mt th mc hoc a chia s s khng hon chnh v khng th s dng khi phc mt my tnh xa v trng thi nguyn gc ca n. QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 169
SAO LU V PHC HI D LIU Trong chng trnh Windows Server 2003 Backup, bn la chn mt i tng tn l System State (Trng thi H thng - Th hin trong Hnh 4-9) sao lu cc phn t sau trong my tnh ni b. Cc file khi ng h thng Cc file h thng nm trong Windows File Protection Windows registry CSDL ng k COM+ Class Dch v th mc Active Directory (ch trong my ch qun tr min) Th mc Sysvol (ch trong my ch qun tr min) Cc thng tin v dch v Cluster (ch i vi cc nt trong cluster) Siu th mc Internet Information Services (IIS) (ch trong my ch IIS) CSDL dch v Certificate (Ch vi certification authority - y quyn chng nhn) LU . Sao lu v khi phc System State. Bn c th sao lu v khi phc System State nh l mt i tng n. V d bn khng th ch khi phc CSDL Windows registry t mt bn sao lu System State v cng khng th i vi cc phn t khc trong i tng ny, v d nh cc file khi ng h thng.
Hnh 4-9. Sao lu i tng System State Tuy vy, trong Windows Server 2003, bn khng th sao lu i tng System State trn mt my tnh khc ngoi my tnh m bn ang chy chng trnh Backup ny. S dng cc sn phm phn mm sao lu mng, bn c th sao lu cc phn t h thng ny trn mt my tnh xa, tuy nhin trong phn ln cc trng hp, bn phi ci t mt thnh phn phn mm thng thng c gi l agent trn cc my tnh xa ny trc. Agent ny cho php my ch sao lu thit lp mi lin lc vi my tnh xa v ti v cc thnh phn h iu hnh cn thit thc hin vic sao lu hon chnh ca cc a my tnh. LU . Mua cc agent. Cc sn phm sao lu c th bao gm cc agent sao lu t xa khc nhau km theo thnh phn c bn. V d, khi bn mua mt sn phm m chy phn sao lu chnh trn mt my tnh Windows Server 2003, sn phm ny c th bao gm cc agent cn thit sao lu cc my tnh Windows khc trong mng. Tuy nhin, nu bn c cc my tnh chy cc h iu hnh khc, bn c th phi mua thm cc agent ring cho cc h iu hnh ny. Sao lu cc file ang m. Trong rt nhiu trng hp, khi mt ng dng m mt file vn bn, file ny b kha trng thi m v do khng c ng dng hoc tin trnh no QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 171
SAO LU V PHC HI D LIU khc c th truy cp n. iu ny bo v khng cho cc chng trnh khc thay i bn sao trn a ca mt file ang nm trong b nh. Mt trong nhng l do chnh ti sao cc qun tr mng li tin hnh sao lu sau gi lm vic l ngn cn tnh trng b qua cc file v chng ang c m bi ngi dng. Do vy, nu ngi dng ng dng chy vi mt file ang m, tc v sao lu vn c th khng bo v c file ny. gii quyt vn ny, mt s phn mm sao lu c kh nng sao lu cc file ang m cho php kh nng sao lu cc kiu file ny thm ch ngay c khi cc ng dng khc ang m chng. Sao lu CSDL Cc CSDL hay c vn khi sao lu, bi v chng thng cha cc d liu quan trng sng cn cn bo v v cng bi chng thng xuyn trng thi chy lin tc khng ngh. Cc CSDL ang chy thng kha cc file d liu ca chng trng thi m ging nh cc ng dng khc, cho php cc tc v sao lu bo v cc file chng trnh CSDL (m rt d dng thay th) tuy nhin li b qua chnh bn thn cc CSDL ny. sao lu CSDL, bn phi tt chng i trc m kha trng thi ca cc file d liu. Trong trng hp vic tt cc ng dng l khng th c bi v cc CSDL ny lun phi sn sng i vi ngi dng, rt nhiu phn mm sao lu c mt agent c bit cho CSDL cho php d dng sao lu cc CSDL ny bng cch s dng cc th tc nh sau: 1. Agent to ra mt bn sao tm thi ca cc file CSDL c gi l delta file 2. Agent ny hng cc yu cu ca ngi dng i vi cc thng tin CSDL vo delta file 3. Agent ng file CSDL nguyn gc li 4. Agent giao tip vi my ch sao lu v chuyn pht ni dung ca cc file CSDL ny sao lu sang bng t. 5. Sau khi qu trnh sao lu hon thnh, agent sao chp tt c cc thay i bi ngi dng i vi delta file sang file CSDL nguyn gc 6. Agent li m li file CSDL 7. Agent hng cc yu cu ngi dng tr li vo file CSDL nguyn gc 8. Agent xa delta file. QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 172
SAO LU V PHC HI D LIU Khi phc sau thm ha Cng ging nh bt k ng dng no, phn mm sao lu yu cu mt h iu hnh chy. Nu nh cc a h thng hoc my ch sao lu ca bn c s c, bn c mt bn sao lu y ca a cng th bn phi lm th no khi phc li n. Trong iu kin bnh thng, bn phi ci t li h iu hnh v sau ci t li phn mm sao lu trc khi bn c th khi phc li a cng tr v trng thi nguyn gc. i vi mt doanh nghip m thi gian cht c ngha l tn tht v doanh thu, th s chm tr ny c th khng th chp nhn c LU . Mc ch ca k thi. Mc ch ca k thi 70-290 ch ra rng hc vin phi c kh nng thc hin khi phc h thng cho mt my ch v ti to li h thng sau khi phn cng my ch c s c Mt s phn mm sao lu c th gii quyt vn ny bng cch cung cp tnh nng khi phc thm ha. Phn mm c tnh nng ny c thit k cho php ngi qun tr tin hnh khi phc li hon ton cc a h thng trn my tnh trong thi gian ngn nht. Phn mm ny to ra mt bn sao lu y kt hp vi mt a khi ng ch cha cc file h iu hnh cn thit chy chng trnh sao lu v thc hin vic khi phc. Sau khi khi ng t a khi ng ny, bn c th tin hnh vic khi phc v my tnh s tr li trng thi nguyn gc, nhanh hn rt nhiu so vi vic bn phi ci li h iu hnh mt cch th cng. Chng trnh Windows Server 2003 Backup c tnh nng khi phc sau thm ha c gi l Automated System Recovery (Khi phc h thng t ng-ASR). Khi bn chy Automated System Recovery Preparation Wizard (Trnh chun b khi phc h thng t ng) (th hin trong Hnh 4-10), phn mm s hng dn bn qua cc qu trnh to ra bn sao lu y ca my ch v sau nhc bn a a mm vo, trnh ny s s dng a mm to ra a khi ng cho h thng. Trong trng hp thm ha m ton b ni dung ca a h thng b mt, bn ch cn n gin l a bng t sao lu vo trong bng t v khi ng t a mm ni trn hon tt vic khi phc h iu hnh.
Hnh 4-10. Trnh Automated System Recovery Preparation Wizard LU . Mc ch ca k thi. Mc ch ca k thi 70-290 ch ra rng hc vin phi c kh nng s dng Automated System Recovery (ASR)
Bo mt sao lu
Cc bn sao lu cha cc bn sao ca cng d liu bn lu trn cc a cng, do bn s phi mt cng sc bo mt cc bn sao lu ny nh khi bn bo mt cc d liu gc. Cc chng trnh sao lu mang cho php bn ch nh tn ti khon v mt khu m phn mm ny s dng truy cp cc mc tiu sao lu. Phng php thc hnh tt nht l to ra mt ti khon c bit cho mc ch ny m ch c quyn cn thit thc hin sao lu hn l s dng ti khon Administrator hoc cc ti khon khc c nhiu tnh nng. Bn c th d dng cung cp mt ti khon ngi dng vi cc quyn ny bng cch thm n vo trong nhm Backup Operators to sn trong Active Directory. Cch ny s ngn cn cc ngi dng cha xc thc khng th gy hi cho tnh bo mt ca mng bng cch s dng cc phn mm sao lu.
SAO LU V PHC HI D LIU LU . Mc ch ca k thi. Mc ch ca k thi 70-290 ch ra rng hc vin phi c kh nng cu hnh bo mt cho cc nhim v sao lu gi cho d liu ca bn c bo mt, bn phi bo v cc file trong cc bng t sao lu. Cc phn mm sao lu mng thng thng cho php bn s dng mt khu bo v cc bng t sao lu ny. Bn c th ch nh mt khu trong qu trnh to ra cc tc v sao lu v bn phi cung cp mt khu ging th khi phc d liu t cc bn sao lu . Khi s dng mt khu bo v bng t ca bn, bn nn s dng cng yu cu cho mt khu m bn dng cho h thng mng, v d nh di v tnh phc hp ca mt khu. Bn cng phi bo mt mc vt l cc bng t, khng ch bo mt d liu m cn phi m bo tnh an ton ca ni ct gi. Bo v bng mt khu c th ngn nga nhng k xm phm v tnh khng khi phc d liu ca bn bng phn mm sao lu nhng thc t d liu vn trong bng t vi mt nh dng khng c bo v v mt ai c k nng v thit b c th vn truy cp c cc file ny. Do , bn nn lun gi bn sao lu ca mnh c kha cht ch, tt nht l trong cc t chng chy hoc cc khu vc lu tr bo mt no . Bn cng nn lu cc bn sao lu ny xa khu vc lm vic nu c trm hoc thm ha cng khng lm cho cc bn sao lu ny mt i cng vi my tnh ca bn.
S DNG WINDOWS SERVER 2003 BACKUP

Chng trnh Backup trang b trong Windows Server 2003 khng phi l mt gi phn mm sao lu y tnh nng nh m t phn trc, tuy nhin n cng sao lu mt my ch. Vi chng trnh Backup, bn c th thc hin cc tc v sau y: Sao lu cc cng ti ch, cc chia s trn mng v i tng System State ni b La chn mc tiu sao lu bng cch s dng cch hin th hnh cy Thc hin cc tc v sao lu normal, incremental, differential, copy hoc daily. Loi b cc file c bit c nh du khi tc v sao lu Sao lu cc file sang mt bng t hoc sang file trn cc a ni b khc, sau bn c th chuyn sang mt a CD-ROM, DVD-ROM hoc cc phng tin lu tr khc. QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 175
SAO LU V PHC HI D LIU Lp lch sao lu din ra ti cc thi gian xc nh hoc lp li sau cc khong thi gian xc nh. Xc nhn cc bn sao lu bng cch so snh d liu nh trn cc phng tin sao lu vi bn nguyn gc ca n. Khi phc cc file sao lu vo v tr nguyn gc ca n hoc n mt v tr thay th khc Ch nh khi no v liu cc file khi phc c ghi cc file tn ti. Mt s cc tnh nng lin quan n sao lu m Windows Server 2003 cung cp c cp trong cc phn sau y.
S dng Volume Shadow Copy

Volume Shadow Copy (Bn sao hnh bng ca a) l mt tnh nng ca Windows Server 2003 cho php duy tr mt th vin cha cc phin bn khc nhau ca cc file la chn. Mc d khng th thay th cho vic sao lu h thng, Volume Shadow Copy cho php ngi dng truy cp cc phin bn lu trc ca file m h v tnh xa hoc ph hy. Tnh nng ny gim bt cho ngi qun tr mt trong cc cng vic lt vt phin h nht: khi phc file n l cho ngi dng khi h l xa file . LU . Mc ch ca k thi. Mc ch ca k thi 70-290 ch ra rng hc vin phi c kh nng khi phc d liu t shadow copy volume kch hot volume shadow copy cho mt a trn my tnh ca bn, bn cho hin th hp thoi Local Disk Properties ca a logic v la chn th Shadow Copies (th hin trong Hnh 4-11). Khi bn la chn mt a logic trong danh sch v nhn vo Enable, Windows Server 2003 to ra mt bn sao chp ca tt c cc fie trong th mc chia s trn a logic v dn nhn ln bn sao chp thng tin ngy gi hin ti. Sau khi kch hot tnh nng ny cho a, Windows Server 2003 tip tc to ra hai bn sao ca cc file ny mi ngy trong tun v lu chng cho n khi dung lng a ch nh dnh cho chc nng ny y. Bn c th chnh sa c tn sut m h iu hnh Windows to ra cc bn sao v kch thc ca khng gian a s dng lu cc bn sao ny. QUAN TRNG. Gii hn ca Volume Shadow Copy. Volume Shadow Copy ch bo v cc file trn a logic m lu trong cc th mc chia s, v a ny phi s dng nh dng h thng file NTFS. QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 176
Hnh 4-11. Th Shadow Copy ca hp thoi Local Disk Properties ca mt a logic Ch nhng my tnh chy Windows Server 2003 v Windows XP mi c th truy cp cc file shadow copy trn cc a. Trn cc my trm Windows XP, u tin bn phi ci t phn mm my khch c th s dng chc nng ny. Sau ngi dng c th truy cp shadow copy bng cch hin th hp thoi Properties ca file trong shadow volume v la chn th Previous Versions (th hin trong hnh 4-12)
Hnh 4-12. Th Previous Versions trong hp thoi Properties ca file. LU . Volume Shadow Copy Clients. Windows Server 2003 bao gm phn mm my khch ca volume shadow copy trong th mc Systemroot\System32\Clients\Twclient. Bn c th ci t phn mm ny mt cch th cng trn cc my trm Windows XP hoc bng cch ci t t ng, v d nh s dng chnh sch nhm Bn cnh vic cung cp cho ngi dng kh nng truy cp vo cc phin bn khc nhau ca cc file, volume shadow copy cn cung cp k thut sao lu cc file m cho trng trnh Windows Server 2003 backup. Theo mc nh, Backup s dng cc bn sao volume shadow ca cc file m ang kha trng thi m khi thc hin sao lu. iu ny cho php chng trnh Backup sao lu cc file m ang s dng bi cc ng dng trong thi im tin hnh sao lu. Bn c th khng cho Backup s dng cc bn sao volume shadow trong cc tc v sao lu c bit no bng cch la chn Disable Volume Shadow Copy trong hp thoi Advanced Backup Options (th hin trong hnh 4-13) QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 178
Hnh 4-13. Hp thoi Advanced Backup Options
Sao lu v khi phc Active Directory.

Nh cp trong phn trc ca chng, bn c th sao lu CSDL Active Directory trn my ch qun tr min Windows Server 2003 bng cch s dng chng trnh Backup v la chn i tng System State nh l mc tiu sao lu. Tuy nhin vic khi phc my ch qun tr min Active Directory l khng n gin. Trc khi bn c th khi phc CSDL Active Directory t bn sao lu System State, bn phi khi ng my tnh trong ch Directory Services Restore Mode. Bn lm iu ny bng cch nhn F8 khi my tnh ang khi ng v la chn Directory Services Restore Mode t thc n Windows Advanced Options. Theo cch ny my tnh s khi ng vi CSDL Active Directory c ng v do bn c th truy cp chng trnh Backup v khi phc li CSDL ny t bng t. LU . ng nhp. Khi bn khi ng my tnh trong ch Directory Services Restore Mode bn phi ng nhp vi ti khon Administrator s dng tn ti khon v mt khu Security Accounts Manager (SAM) ch khng phi tn ti khon v mt khu trong Active Directory. l bi v Active Directory ang offline ( trng thi ng, khng kch hat) nn vic xc nhn ti khon khng th thc hin c. CSDL ti khon SAM c s dng iu khin truy cp vo Active Directory trong khi Active Directory ang offline. Bn phi nhp mt khu ny khi bn ci t Active Directory QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 179
SAO LU V PHC HI D LIU Khi my tnh khi ng trong ch Directory Services Restore Mode, bn c th chy chng trnh Backup v khi phc li i tng System State t bng t hoc cc phng tin sao lu khc. Chng trnh Windows Server 2003 Backup h tr 2 kiu khi phc Active Directory: Khi phc non-authoritative (khng c thm quyn). Cc i tng trong CSDL Active Directory c khi phc chnh xc nh n xut hin trong System State vi cc s th t cp nht gc c gi nguyn. Bi v cc s th t ny c gi tr bng vi gi tr m cc i tng c c khi tc v sao lu c tin hnh, chng qu hn v qu trnh ng b Active Directory s ghi cc i tng ny bng cc phin bn mi hn trong cc my ch qun tr min khc. Bn c th s dng phng php khi phc non-authoritative ny khi bn mun xy dng li mt my ch qun tr min m b hng vi cc thng tin Active Directory mi nht c cp nht t cc my ch qun tr min khc. Chng trnh Windows Server 2003 Backup theo mc nh s thc hin tc v khi phc theo kiu nonauthoritative. Khi phc Authoritative (c thm quyn). Cc i tng trong CSDL Active Directory s c khi phc m cc s th t cp nht s khng b ghi trong cc qu trnh ng b Active Directory sau . Bn s dng khi phc kiu Authoritative khi bn mun dng bn sao lu System State phc hi li cc i tng Active Directory m bn v tnh xa i. thc hin vic khi phc Authoritative, ban u bn phi thc hin khi phc kiu non-authoritative trc, sau trc khi khi ng li my tnh, bn s dng mt tin ch dng lnh c gi l Ndsutil.exe nh du cc i tng trong Active Directory hin ti nh l authoritative. Tin ch Ndsutil.exe c th tm thy trong th mc Systemroot\System32. Vic nh du cc i tng l authoritative s thay i s th t cp nht ca i tng cao hn bt k s th t cp nht no khc trong khi ng b h thng Active Directory. iu ny m bo rng mi d liu m bn khi phc s c ng b trong ton h thng. Khi my ch qun tr min c khi phc v trng thi trc tuyn v kt ni vo h thng mng, cc tc v ng b thng thng s a cc d liu trong my ch qun tr min ny cp nht vi cc thay i trong cc my ch qun tr min khc m khng b ghi bi n c khi phc kiu authoritative. Vic ng b ng thi cng phn tn cc i tng c khi phc sang cc my ch qun tr min khc trong forest. Cc i tng tng b xa c nh du l authoritative s c ng b t my ch qun tr min c khi phc ti cc my ch qun tr min khc. Bi v cc QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 180
SAO LU V PHC HI D LIU i tng c khi phc c cng thuc tnh i tng nn kh nng bo mt c gi nguyn v s ph thuc ca cc i tng s c duy tr. V d, gi s bn sao lu h thng vo ny th Hai v sau to mt ngi dng mi tn l Jeff Smith vo th Ba, thng tin ny s dc ng b vi cc my ch qun tr min khc trong min. Sau , vo ngy th T, bn v tnh xa i tng ngi dng Nancy Anderson. khi phc ngi dng Nancy Anderson m khng phi to li cc thng tin v khng mt ti khon ca Jeff Smith, bn tin hnh khi phc nonauthoritative my ch qun tr min vi bn sao lu System State c to trong ngy th Hai. Sau , s dng Ntdsutil.exe bn s nh du i tng ngi dng Nancy Anderson l authoritative v khi ng li my ch qun tr min ny. Kt qu l i tng Nancy Anderson c khi phc m khng tc ng g n ti khon Jeff Smith. LU .Mc ch ca k thi. Mc ch ca k thi 70-290 ch ra rng hc vin phi c kh nng sao lu cc file v d liu System State sang cc phng tin lu tr
TNG KT
Mt gii php sao lu mng bao gm phn cng sao lu, phn mm sao lu v k hach s dng chng. Khi bn nh gi mt phn cng sao lu, tc cao hn v dung lng ln hn gn nh c ngha l gi s t hn. Bng t l phng tin sao lu thng dng nht sao lu bi bng t c tc sao lu nhanh, khng t v cha c rt nhiu d liu. Cc bng t c rt nhiu loi khc nhau v tc , dung lng v khong gi c ph hp vi cc nhu cu ci t khc nhau. Chc nng chnh ca phn mm sao lu l cho php ngi qun tr mng c th la chn cc mc tiu sao lu v sau chuyn d liu ny n cc bng t hoc cc thit b khc. Cc tc v sao lu Incremental v differential s tit kim bng t bng cch ch sao lu cc file m thay i t ln sao lu cui cng, da trn tnh trng ca bit lu trong mi file. Mt phn mm sao lu tt cho php bn lp lch sao lu chy vo bt k thi im no v n duy tr phin bn mc lc ca tt c cc file sao lu trn c bng t v trn a cng Phn mm sao lu mng cho php bn sao lu mi d liu trong cc my tnh trong mng ca bn v cng cung cp cc tnh nng tin tin v d nh sao lu cc CSDL trc tuyn. sao lu Windows registry, CSDL Active Directory v cc ti nguyn h thng khc, bn phi sao lu i tng System State. Volume shadow copy l mt tnh nng ca Windows Server 2003 cho php ni dng c th truy cp cc bn sao khc nhau ca cc file m h v tnh xa mt hoc b hng Khi bn khi phc d liu System State trong ch nonauthoritative, mi thnh phn trong d liu System State m c ng b vi cc my ch qun tr min khc, v d nh CSDL Active Directory, s c cp nht bi qu trnh ng b sau khi bn khi phc. Khi bn khi phc d liu System State trong ch Authoritative, cc thay i sau khi sao lu ln cui cng s khng c khi phc, cc i tng b xa s c phc hi v ng b. thc hin khi phc authoritative, bn s dng tin ch dng lnh Ntdsutil.exe. QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 182
BI TP THC HNH
Bi tp thc hnh 4-1: La chn mc tiu sao lu
Trong bi tp thc hnh ny, bn thc hnh s dng cch hin th cy th mc trong chng trnh Backup la chn cc mc tiu sao lu. 1. ng nhp vo my tnh Windows Server 2003 bng ti khon Administrator 2. Nhn Start, tr vo All Programs, chn Accessories, chn System Tools v sau chn Backup. Trang Welcome To The Backup Or Restore Wizard xut hin. 3. Nhn vo lin kt Advanced Mode. Ca s Backup Utility xut hin 4. La chn th Backup 5. M rng a Local disk (C) v la chn th mc Windows 6. La chn hp chn System State 7. T thc n Job, la chn Exit
Bi tp thc hnh 4-2: Sao lu Incremental v Differential

1. Nu bn sao lu h thng mng ca bn bng cch thc hin sao lu y vo cc ngy th T lc 6h P.M v sao lu differential trong cc bui chiu su ngy cn li trong tun, bao nhiu tc v m bn cn thit phi thc hin khi phc li my tnh khi mt a cng b hng vo tra ngy th Ba ? 2. Nu bn sao lu h thng mng ca bn bng cch sao lu y vo 6h P.M ngy th T, bao nhiu tc v cn thit nu bn tin hnh cc tc v sao lu incremental trong cc bui chiu su ngy cn li trong tun v mt a cng b hng vo tra ngy th Ba ? 3. khi phc li hon ton mt my tnh b hng vo tra ngy th Ba, bao nhiu tc v cn thit nu bn tin hnh sao lu y vo 6h A.M cc ngy t T v th By hng tun v sao lu incremental vo 6h P.M cc ngy cn li?
Bi tp thc hnh 4-3. Kch hot Volume Shadow Copy

1. Trong bi tp thc hnh ny, bn kch hot tnh nng volume shadow copy trong a C: ca my tnh. QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 183
SAO LU V PHC HI D LIU 2. ng nhp vo my tnh Windows Server 2003 bng ti khon Administrator 3. Nhn Start, tr vo All Programs, chn Accessories, v chn Windows Explorer. Ca s Windows Explorer xut hin 4. M rng i tng My Conputer trong khung phm vi, la chn Local Disk (C:), v t thc n File, la chn Properties. Hp thoi Local Disk (C:) Properties xut hin 5. La chn th Shadow Copy v nhn Enable. Hp thng bo Enable Shadow Copy xut hin 6. c cnh bo v nhn Yes. Sau mt khong thi gian tr, ngy v gi xut hin trong danh sch Shadow Copies Of Selected Volume, ch nh rng h thng to ra bn shadow copy u tin
CC CU HI N TP
1. Ti sao tin hnh sao lu li tt nht sau khi ht gi lm vic? 2. Cc kiu tc v sao lu no sau y khng t li bit lu tr trong cc file m n sao chp sang cc phng tin lu tr ? (La chn tt c cc cu tr li ng) a. Full b. Incremental c. Differential d. Copy 3. Cc thit b bng t no sau y c dung lng ln nht ? a. LTO b. QIC c. DAT d. DLT 4. Cc tiu chun no di y c s dng nhiu nht lc cc file trong cc tc v sao lu? a. Tn file b. Phn m rng ca file c. Cc thuc tnh ca file QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 184
SAO LU V PHC HI D LIU d. Kch thc ca file 5. Lm th no m mt autochanger tng dung lng lu tr tng ca mt gii php sao lu? 6. Ba thnh phn ca h thng quay vng s dng phng tin sao lu Grandfather-Father-Son l g ? a. Cc a cng, CD-ROM v cc bng t b. Cc tc v sao lu Incremental, differential v full c. Cc tc v sao lu hng thng, hng tun v hng ngy? d. Cc bng t QIC, DAT v DLT 7. Cc thit b sao lu mng s dng thng xuyn nht giao tip thit b no? a. IDE b. SCSI c. USB d. Parallel port 8. Lm th no Windows Backup xc nhn cc d liu ghi vo phng tin sao lu ? 9. Khi bn khi ng my tnh trong ch Directory Services Restore Mode, bn s dng ng nhp nh th no? Ti sao ?
KCH BN TNH HUNG

Bn ang thit k mt gii php sao lu cho h thng mng ca cng ty. d dng sao lu cc d liu quan trng ca cng ty, bn cp cho 125 ngi dng mng mi ngi mt th mc gc trn mt a chia s trn my ch v hng dn ngi dng lu cc file d liu ca h trn cc th mc . Bn cng ng thi to ra mt hn ngch a cho php mi ngi dng c s dng ti a 1GB dung lng a. Bi thit k nh trn, bn s phi sao lu ch my ch m khng phi l cc my trm ngi dng. Bn cnh my ch file cha cc th mc gc ca mi ngi dng, trong mng cn c 6 my ch Web, mi my ch c mt cng 40 GB cha cc file trang ch, mt my ch CSDL vi cng 80GB cha xp x 10GB file d liu v mt my ch Email vi 25GB d liu th. Da trn cc thng tin nh trn, bn hy tr li cc cu hi sau: QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 185
SAO LU V PHC HI D LIU 1. Tng dung lng xp x ca d liu thay i thng xuyn m bn phi sao lu mi ngy l bao nhiu ? a. 60 GB b. 160 GB c. 360 GB d. 480 GB 2. Gi nh rng bn quyt nh thc hin sao lu y hng tun v sao lu incremental hng ngy, dung lng d liu xp x t 6 my ch Web m bn mong i tm thy trong mi bng t sao lu Incremental l bao nhiu? Gii thch cu tr li ca bn. 3. Da trn cc thng tin trn trong Bng 4-1, kiu bng t no ph hp nht cho h thng mng ny, gi nh rng bn mun s dng ch mt bng t n cho cc tc v sao lu Incremental hng ngy ? a. DLT b. 8 mm c. QIC d. DAT
DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003
CHNG 5: DUY TR H IU HNH

Cc sn phm phn mm hin nay ang trong giai on pht trin lin tc v cc nh sn xut lun u n a ra cc bn cp nht v nng cp . H iu hnh cng khng phi l mt ngoi l v mt iu rt quan trng l gi cho h iu hnh Windows Server 2003 ca bn lun c cp nht. Vic cp nht cc my tnh n l l mt vic n gin, tuy nhin cp nht mt h thng mng ln mt cch ng lc v hiu qu th phc tp hn rt nhiu. Trong chng ny bn s hc v cc kiu cp nht h iu hnh m Microsoft a ra v mt s phng php bn c th s dng trin khai cc bn cp nht ny Sau khi hon thnh chng ny, bn c th: Hiu s khc nhau gia cc service pack (Cc gi dch v) v hotfix (Bn sa li nng) Trin khai service pack bng cc ng dng Windows Update (Cp nht Windows), Automatic Update (T ng cp nht) v cc chnh sch nhm Tch hp cc bn service pack and hotfix vo trong cc b ci t ca h iu hnh Windows Server 2003 S dng phn mm Microsoft Baseline Security Analyzer (Trnh phn tch ranh gii bo mt) Ci t v cu hnh mt my ch Microsoft Software Update Services (Dch v cp nht phn mm ca Microsoft ) Hiu cc ch giy php bn quyn Per Server v Per Device hoc Per User (Tnh theo my ch, thit b hoc theo ngi dng) Cu hnh cc giy php bn quyn s dng cng c Choose Licensing Mode (La chn Ch Giy php) trong Control Panel v cng c Licensing Administrative (Qun tr Giy php) To cc nhm giy php bn quyn
CC BN CP NHT CA H IU HNH WINDOWS

c thi k, vic cp nht phn mm l mt vn rt nh. Nu c mt s c no trong mt ng dng hay h iu hnh, nh sn xut s pht hnh mt bn cp nht di dng mt bn v li m ngi dng c th p dng cho cc my tnh ca mnh. Mt bn cp nht (Update) l mt phn ph ca bn ci t phn mm c sa li v thng c xu hng gii quyt mt vn c bit no hn l thm vo cc tnh nng mi cho phn mm . Khi nh sn xut a ra phin bn tip theo ca phn mm, h s tch hp cc bn v vo trong phin bn nng cp (Upgrade). Mt phin bn nng cp l mt bn ci t phn mm chnh v c th cha cc tnh nng mi cng nh cha c cc bn v ca phin bn trc ca sn phm ny. LU . Mc ch ca k thi. Mc ch ca k thi 70-290 yu cu hc vin c kh nng qun tr mt c s h tng cp nht phn mm Khi sn phm phn mm pht trin ngy cng phc tp, s lng ca cc s c trong chng trnh cng c xu hng tng theo v tng ng l s lng cc bn v li. Mt s sn phm, thng thng l cc h iu hnh, c th c hng t cc bn v li c pht hnh gia cc ln nng cp. Vic cp nht cc chng trnh v cc h iu hnh do thng lm tng thm cc vn kh gii quyt bi mt s l do sau: S lng cc bn v li. Khi mt sn phm phn mm c s lng ln cc bn v li, n s tr nn kh khn trong vic theo di xem cc bn v no c p dng v phin bn no ca file sn phm ang c s dng trong ln ci t no. Th t ca cc bn v. Khi cc bn v c p dng theo cc th t khc nhau, kt qu l cu hnh phn mm c th thay i, in hnh l vic mt sn phm c nhiu bn v s cha cc phin bn khc nhau ca cng mt file.
Cc bn Service Pack
Khi i mt vi hng trm cc bn v cho h iu hnh hin i ngy nay, Microsoft quyt nh la chn s dng mt phng php khc pht hnh cc bn cp nht ny. Thay v rt nhiu bn v nh, Microsoft to ra mt bn cp nht tm thi ln hn dc gi l service pack. Mt bn service pack l mt tp hp ca cc bn v v cc bn cp nht khc tng c kim tra QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 188
DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 v ng gi li thnh mt khi n l. Mt chng trnh ci t n s p dng tt c cc bn cp nht cng mt lc, thng nht mt cu hnh phn mm cho mi my tnh m trn bn service pack c p dng. Cc bn service pack n gin qu trnh cp nht cho tt c mi ngi tham gia. i vi Microsoft, pht hnh cc bn cp nht trong mt bn service pack c ngha l c th kim tra ton b gi phn mm ny thay cho vic phi kt hp vic kim tra rt nhiu cc bn v khc nhau li. i vi ngi qun tr h thng v ngi dng cui, qu trnh ci t s c gim bt v ch cn chy mt chng trnh n thay cho tin hnh ci t rt nhiu ln cc bn v ring bit. i vi cc nhn vin h tr k thut, qu trnh gii quyt s c cng n gin hn bi v h khng gp phi tnh trng mt s lng ln cc bn v c ci t theo bt k th t no. D dng xc nh c bn service pack no c ci t trn mt my tnh Windows Server 2000, Windows XP hay Windows Server 2003 bng cch nhn vo th General trong hp thoi System Properties (Th hin trong Hnh 5-1)
Hnh 5-1. Hp thoi System Properties Cc bn service pack ca Microsoft c pht hnh theo kiu tch ly dn, ngha l mi bn service pack cho mt sn phm no u cha cc bn cp nht t khi bn ci t chnh gn nht ca sn phm c pht hnh, bao gm c cc bn service pack trc . Do , khi bn tin hnh ci t QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 189
DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 mt h iu hnh Windows hoc mt sn phm no ca Microsoft, bn ch phi p dng bn service pack gn y nht. Pht hnh cc bn service pack Microsoft pht hnh cc bn service pack ca h iu hnh theo ba dng: CD-ROM. Chng ta c th nhn c cc bn service pack cha trong CD-ROM trc tip t Microsoft ch vi chi ph danh ngha khng ng k. a CD ny c cha cc file ci t service pack v mt chng trnh ci t tn l Update.exe. a ny cn cha cc ti liu ca bn service pack, cc cng c trin khai v cc cng c h tr cp nht m thng thng khng c trong cc bn ci t c ti v t Internet. Express Download (Bn rt gn). Bn rt gn ch cha mt s file cn thit bt u qu trnh ti bn service pack v. Khi bn chy chng trnh ci t, phn mm s kim tra h thng, truy cp trang Web ca Microsoft v ti cc file cn thit v hon thnh qu trnh cp nht. Bi v chng trnh ci t kim tra xem bn service pack no c ci t trong my tnh, n c th ch ti cc file n cn, iu ny c th lm gim ng k kch thc tng ca cc file cn ti v. chy qu trnh ci t rt gn, my tnh phi c kh nng truy cp Internet. Network Download (ti v t mng). Vic ti v t mng s bao gm ton b bn service pack di dng mt file chy n. Cch thc ny s dng cho cc qun tr mng khi trin khai service pack trn mt s lng ln my tnh. Khi bn tin hnh ti xong, bn c th np file chy v ci t service pack trn bt k my tnh no ang chy h iu hnh m khng cn thit phi c kh nng truy cp Internet. Tuy nhin bi v phin bn ny cha tt c cc file service pack nn bn ny c th rt ln, thng thng l 100MB hoc hn. Ci t mt ln. Khi bn ci t bn service pack trn my tnh chy mt trong cc h iu hnh Windows, chng trnh ci t s p dng ch cc cp nht cho cc thnh phn c trong h thng. V d, nu bn ci t Microsoft Internet Information Services (IIS) v Certificates Services trn my tnh chy Windows Server 2003, vic ci t service pack s ch p dng cc bn cp nht cho hai thnh phn ny m khng cp nht cho cc thnh phn khc m khng c ci t trong h thng. QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 190
DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 Mt lc no , nu bn chnh sa cu hnh phn cng hoc phn mm trong mt my tnh chy Windows NT, bn s phi ci t li bn service pack mi nht p dng phn mm cp nht cho cc thnh phn c ci t. Tuy nhin, bt u t Windows Server 2000, iu ny khng cn cn thit na. Chng trnh ci t service pack ngy nay lu v tr ca cc file cabinet (.cab) cha tt c cc trnh iu khin c cp nht cho my tnh cng nh cc file thng tin c gi l Layout.inf. iu ny m bo bt c khi no bn ci t li cc thnh phn h iu hnh mi, k c l cc trnh iu khin thit b, mt ng dng hay mt dch v, h thng s s dng cc phin bn mi nht ca cc file t cc bn service pack pht hnh.
Cc bn sa li nng (Hotfix).
Mc d lch trnh ca vic pht hnh cc bn service pack l d thay i, cc bn cp nht xut hin ngy cng t i, thng l khng hn mt ln trong mt nm. Mc d vy, mt iu cng rt bnh thng khi mt h iu hnh ny sinh ra cc vn m yu cu cn phi ch ngay lp tc v khng th i n khi pht hnh bn service pack tip theo c. i vi cc trng hp ny, Microsoft pht hnh cc bn v li ring r, c gi l hotfix (bn sa li nng). Mt hotfix l mt phn mm cp nht m gii quyt mt li c bit no . Ging nh cc bn service pack, hotfix c pht hnh nh l mt file chy n v s ci t bn v li trn my tnh m n chy. Microsoft thng pht hnh cc bn hotfix kt hp vi mt bi Knowledge Base (Kin thc C bn) gii thch cho s c ny v cc trng hp m ngi dng hoc qun tr mng nn p dng bn cp nht ny. THNG TIN THM. Microsoft Knowledge Base. Microsoft Knowledge Base l mt th vin ca cc bi vit cung cp cc thng tin h tr cho mi sn phm Microsoft. Bn c th truy cp Knowledge Base ti a ch http://support.microsoft.com. Khng ging nh cc bn service pack, m Microsoft yu cu ci t trn mi my tnh, cc bn hotfix thng c p dng cho cc my tnh b mt s c c bit no hoc chy mt cu hnh phn cng hoc phn mm c bit. Bn phi lun lun lm quen vi chc nng ca cc bn hotfix v iu kin s dng trc khi ci t n vo cc my tnh.
Khi no phi cp nht

Cu hi khi no phi p dng cc bn service pack v hotfix l mt vn c tranh ci nng hi gia cc qun tr mng trong nhiu nm. Khng phi tt c cc bn cp nht pht hnh u c th tin cy c v mt s QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 191
DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 qun tr mng rt kh tnh trong vic p dng cc bn service pack cho ti khi h thy c s n nh m chng mang li. Trong thc t, mt s ngi dng thch i n bn service pack 3 c pht hnh trc khi h ci t bn service pack 2. S cn trng ny tng c coi l thch hp vi thi gian trc, tuy nhin by gi th hon ton khng phi nh vy. Cc bn service pack v hotfix c pht hnh thng xuyn gii quyt cc vn v bo mt v d cc virus mi hoc su my tnh khc, v vic trin khai cc bn cp nht ny ng lc l iu rt quan trng. Tuy nhin, ni nh th khng c ngha l nht thit mi ngi dng u phi p dng tt c cc bn cp nht ny ngay lp tc sau khi n c pht hnh. i vi cc my tnh n, trang Web Windows Update s lm cho qu trnh ti v p dng cc bn cp nht tr nn d dng hn v trong hu ht cc trng hp, bn c th g ci t cc bn cp nht ca Microsoft khi cn. Do , hu ht ngi dng u c th p dng cc bn cp nht mt cch an ton ngay sau khi chng c pht hnh. Tuy nhin trong mt mi trng mng ln, quyt nh bn cp nht no cn c ci t v khi no phi ci t s khng th ty thuc vo ngi dng. Ngi qun tr mng phi chu trch nhim ly cc bn cp nht v sau khi chng c pht hnh v trin khai chng trong mng ca mnh ng lc. Tuy nhin ngi qun tr mng khng cn thit phi ci t mi bn cp nht ngay lp tc sau khi n c pht hnh. iu rt quan trng l bn phi kim tra cc bn cp nht ny trc v l l do ti sao mt doanh nghip phi c cc chnh sch cp nht c thit lp trc trong h thng ca mnh. Chnh sch cp nht phn mm c thit k h tr qun tr mng trong vic tin hnh cc tc v sau: Duy tr kh nng nhn bit cc bn cp nht mi dc pht hnh. Microsoft thng xuyn pht hnh cc bn cp nht m c th cn thit p dng hoc khng trong h thng mng ca bn. Qun tr mng phi bit c cc bn cp nht mi khi chng c pht hnh v phi hiu mi bn cp nht cp v gii quyt nhng vn g. Xc nh my tnh no cn phi cp nht. Trong mt s trng hp, mt bn cp nht c th ch p dng cho cc my tnh thc hin mt chc nng nht nh, s dng mt ng dng hoc tnh nng c bit no , hoc c mt thnh phn phn cng c bit. Cc qun tr mng phi hiu c chc nng c th ca mi ln pht hnh v xc nh c my tnh no cn bn cp nht . QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 192
DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 Kim tra cc bn cp nht pht hnh trn cc cu hnh my tnh khc nhau. Mt bn cp nht phn mm c th gy ra s trc trc trong hot ng ca mt my tnh n. iu ny c th ch gy ra phin phc cho chnh my tnh ny, tuy nhin trong mt h thng mng ln, n c th gy ra mt thm ha. Qun tr mng phi tin hnh cc bin php kim tra ca ring mnh i vi cc bn cp nht trc khi trin khai chng cho ton h thng mng. Trin khai cc bn cp nht trn mt mng c qui m ln. Vic ci t cc bn cp nht mt cch th cng trn hng trm my tnh yu cu rt nhiu thi gian, cng sc v chi ph. trin khai cc bn cp nht trn mt mng ln mt cch hiu qu, qu trnh ny phi c t ng ha. Microsoft cung cp cc cng c h tr qun tr mng hon thnh cc tc v ny, v d nh cc cng c c trnh by trong cc phn sau y ca chng trnh.
Th nghim cc bn cp nht bo mt.

Trc khi bn c th cp nht cc bn cp nht phn mm trong mng, bn phi th nghim chng m bo chng tng thch vi cc tt c cc cu hnh h thng ca bn. S lng v cch thc kim tra ph thuc vo ngun gc ca cc bn cp nht v s phc tp ca h thng mng ca bn. i vi mt bn cp nht nh mt bn service pack, vic th nghim nn dc thc hin rng ri. Bn c th nn tin hnh th nghim bn pht hnh ny trong mt mng th nghim c lp vi mng ang vn hnh trc, sau thc hin trin khai th im trong mt phn ca h thng mng trc khi tin hnh vic trin khai i tr. i vi cc bn cp nht ph v nh, vic trin khai th im c th coi nh l hon thnh vic th nghim v sau c th trin khai i tr lun nu nh khng c s c no xy ra.
G ci t cc bn Service pack
Khi bn ci t mt bn service pack, chng trnh ci t lun cho php bn c hi lu cc bn sao lu d phng ca cc file h iu hnh m bn service pack ny thay th. iu ny cho php bn g ci t bn service pack sau v khi phc li cu hnh nguyn gc ca h thng nu cn thit.
S DNG MICROSOFT BASELINE SECURITY ANALYZER

Microsoft Baseline Security Analyzer (Trnh phn tch ranh gii bo mt ca Microsoft - MBSA) l mt cng c ha (Th hin trong Hnh 5-2) c th kim tra cc l hng bo mt thng thng trong mt my tnh n hoc nhiu my tnh chy cc phin bn h iu hnh Windows khc nhau. Cc l hng thng thng l do vic cu hnh cc tnh nng bo mt khng chun hoc cha hon chnh v vic ci t cc bn cp nht bo mt l khng c thc hin hon ho. Cc li bo mt m MBSA c th pht hin tra nh sau: Thiu cc bn cp nht bo mt. S dng mt bn lit k cc bn cp nht pht hnh t my ch ca Microsoft trn Internet hoc t mt my ch Microsoft Software Update Services (SUS) ni b, MBSA xc nh liu cc bn service pack v cc bn cp nht m n yu cu c ci t trong my tnh hay cha v nu cha, n s son ra mt danh sch cc bn cp nht cn thit phi ci t.
Hnh 5-2. Giao din Microsoft Baseline Security Analyzer
DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 LU . Hfnetchk.exe. MBSA l chng trnh thay th tin ch kim tra cp nht trc kia ca Microsoft c tn Hfnetchk.exe, tin ch ny thc hin t giao din dng lnh v ch kim tra cc bn cp nht cn thiu trong my tnh. MBSA bao gm tt c cc tnh nng ca Hfnetchk.exe, bao gm c giao din dng lnh, trong bn c th kch hot bng cch chy file chy Mbsacli.exe vi tham s /hf. iu ny cho php ngi qun tr tip tc s dng cc file b (batch) v cc kch bn (script), kt hp vi dng lnh Htnetchk.exe vi rt t chnh sa. Cc im yu ca Ti khon. MBSA kim tra xem liu ti khon Guest c c kch hot trong my tnh hay khng, liu c nhiu hn hai ti khon c quyn Administrator, liu cc ngi dng n danh (anonymous) c qu nhiu quyn truy cp n cc thng tin h thng hay khng v liu my tnh c s dng tnh nng Autologon. Mt khu khng hon chnh. MBSA kim tra mt khu ca cc ti khon my tnh xem liu chng c cu hnh gii hn thi gian hiu lc ca mt khu khng, c l mt khu trng hoc qu n gin khng. Vic kim tra ny khng c thc hin trn cc my ch qun tr min. Cc im yu ca h thng file. MBSA kim tra xem liu cc a trn my tnh c s dng h thng file NTFS hay khng. Cc im yu ca cc ng dng IIS v SQL. Nu my tnh chy dch v IIS hay SQL, MBSA kim tra cc ng dng ny xem c cc im yu bo mt khng. Bn cnh , MBSA cn hin th cc thng tin khc v cc vn bo mt trn my tnh, v d nh danh sch cc chia s trn mng, s phin bn ca h iu hnh Windows v liu vic kim nh (audit) c c kch hot hay khng. LU . Ti MBSA. MBSA khng i km trong h iu hnh Windows Server 2003, tuy nhin n li c th ti v min ph t trang Web ca Microsoft. MBSA l mt cng c thng tin m c th hin th cc thng tin bo mt ca my tnh, tuy nhin n khng th thc hin bt k mt hnh ng no gii quyt cc im yu d b tn cng m n tm thy. Bn c th s dng MBSA xc nh xem bn cp nht bo mt no cn thit ci t trn cc my tnh nht nh, tuy nhin xy dng mt chnh sch cp nht hiu QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 195
DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 qu, bn phi trin khai h thng theo di xem cc bn cp nht no c ci t trn cc my tnh trong doanh nghip.
S DNG WINDOWS UPDATE

Windows Update l mt Web site, do Microsoft duy tr, cho php cc my tnh chy Windows Server 2003 v hu ht cc phin bn khc ca Microsoft Windows c th nh v v ti cc bn cp nht v bn v li mi nht ca h iu hnh v cc trnh iu khin. Khi bn truy cp site Windows Update bng cch nhn vo Start, tr vo All Program v la chn Windows Update, hoc bng cch s dng a ch URL http://windowsupdate.microsoft.com, my tnh s ti mt ng dng kim tra cu hnh hin ti ca my tnh ca bn v lit k ra mt danh sch cc bn cp nht v bn v li m h thng c th cn (Th hin trong Hnh 5-3), trong cc mc sau y: Cc bn cp nht v service pack mang tnh quan trng mu cht Cc bn cp nht cho cc phin bn nht nh ca Windows Cc bn cp nht trnh iu khin Ngi dng c th la chn t mt danh sch cc cp nht, ti chng v ci t tt c cng lc, do s n gin ha qu trnh bo dng.
Hnh 5-3. Giao din Web ca Windows Update i vi ngi dng n l s dng my tnh gia nh, Website Windows Update l phng thc hu hiu nht gi cho my tnh ca bn c cp nht, tuy nhin s l khng ph hp khi s dng trong h thng mng, do cc l do sau: Bng thng. Mi khi mt my tnh nhn mt bn cp nht pht hnh bng Windows Update, n ti phn mm t my ch Microsoft trn Internet. Trong mt h thng mng ln, iu ny c ngha hng trm my tnh s cng ti cc file ging nhau. i vi cc bn cp nht nh, iu ny c th khng c vn g, tuy nhin cc bn service pack ca Windows thng ln hn 100MB v vic ti cc file ging nhau cho mi my tnh s gy ra s chim dng mt lng ln bng thng kt ni Internet ca mng. Kim th. Mc d Microsoft th nghim cc bn cp nht cn thn trc khi pht hnh chng nhng h khng th kim tra kt hp tt c cc kiu thit lp cu hnh v cc sn phm phn mm c. Do , mt bn cp nht c bit no c th gy ra s c cho mt s my tnh trong h thng mng ca bn. Hn na, i vi mt my tnh n, u ny c th khng phi l vn ln, tuy nhin nu bn QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 197
DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 cp nht ny gy ra s c trn tt c cc my tnh trong mng, thit hi v nng sut v gnh nng cho cc nhn vin h tr k thut c th l rt ln. LU . Windows Update v Software Update Service. Hn ch lit k y khi s dng Windows Update gi nh rng my tnh c cu hnh truy cp Web site Windows Update trn Internet. Tuy nhin, cng c th cu hnh Windows Update truy cp n cc bn cp nht phn mm ny t mt my ch SUS trong mng ni b. Vic lm ny s gim thiu cc vn v s dng bng thng v vn th nghim. Bn c th hc thm v SUS trong phn sau ca chng ny.
S dng Automatic Update.

Mc d bn lun lun c th truy cp Web site mt cch th cng bng cch s dng Internet Explorer, bn cn c th cu hnh Windows Server 2003 ti t ng v ci t cc bn cp nht phn mm ngay sau khi chng c pht hnh. Tnh nng ny c gi l Automatic Updates (T ng cp nht) v n c sn trong Windows Server 2003, Windows XP ci t service pack 1 v trong Windows Server 2000 ci t service pack 3. LU . Cp nht bng Automatic Update. i vi cc my trm chy cc h iu hnh trc y nhng c h tr kh nng cp nht, bn c th ti Automatic Update nh l mt phn mm cho my trm t trang Web Microsoft SUS ti a ch http://go.microsoft.com/fwlink/?LinkID=6930. Theo mc nh, ng dng Automatic Update trong Windows Server 2003 c cu hnh kt ni t ng n mt my ch Windows Update, ti cc bn cp nht v sau nhc ngi dng ci t chng. Bn c th chnh sa cch hot ng mc nh ny bng cch m hp thoi System Properties t Control Panel v la chn th Automatic Update (th hin trong Hnh 5-4), hoc bng cch chy trnh hng dn ci t Automatic Updates Setup Wizard (Trnh Hng dn Ci t Cp nht T ng) bng cch nhn vo biu tng Stay Current With Automatic Updates trn khay tc v. Bn cn c th cu hnh Automatic Update bng cch s dng i tng chnh sch nhm GPO, nh m t trong mc Configuring Automatic Updates phn sau ca chng ny.
Hnh 5-4: Th Automatic Updates trong hp thoi System Properties Khi bn cu hnh Automatic Update, bn c th la chn mt trong ba la chn sau y: Notify Me Before Downloading Any Updates And Notify Me Again Before Installing Them On My Computer (Thng bo cho ti trc khi ti bt k bn cp nht no v thng bo cho ti ln na trc khi ci t chng trn my tnh). Khi cc bn cp nht sn sng, my tnh s to ra mt mc trong nht k H thng (m bn c th truy cp bng Event Viewer) v thng bo cho qun tr h thng bng mt hnh qu bng bay trong khay tc v Download The Updates Automatically And Notify Me When They Are Ready To Be Installed (Ti cc bn cp nht t ng v thng bo cho ti khi chng sn sng ci t). My tnh s ti t ng cc bn cp nht t Web site Windows Update ngay khi chng c pht hnh, s dng dch v Background Intelligent Transfer Service (BITS Dch v Vn chuyn Thng minh Di nn) tin hnh vic truyn file khi bng thng mng ri ri. BITS m bo rng hiu nng h thng khng b nh hng bi vic truyn file. Phn mm my khch Automatic Update s xc nhn ch k s ca Microsoft trn cc file c ti, Thc hin vic xc nhn CRC (Cyclical Redundancy Check mt bit c bit trong mi gi tin c QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 199
DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 gi, m bo cho gi tin l nguyn vn trong sut qu trnh vn chuyn) trn mi gi ci t v thng bo qun tr mng v s hin din ca chng bng cch ghi mt mc vo nht k H thng v hin th mt hnh qu bng trn khay tc v. Ngi qun tr sau s la chn cc bn cp nht ci t t danh sch cc bn ti v c. Automatically Download The Updates, And Install Them On The Schedule That I Specify (Ti t ng cc bn cp nht v ci t chng theo lch m ti ch nh). My tnh s ti cc bn cp nht t site Windows Update ngay khi chng c pht hnh, s dng BITS, v ci t chng theo thi gian xc nh hng ngy hoc hng tun. Nu ngi qun tr mng ng nhp vo my tnh ti thi im trong lch, mt thng bo hin th s m ngc hin ra trc khi ci t v ngi qun tr mng c th la chn li vic ci t n thi im tip theo trong lch. Nu mt ngi dng khng phi l qun tr mng ng nhp vo, mt hp thoi cnh bo xut hin nhng ngi dng khng th li vic ci t. Nu khng c ngi dng no ng nhp vo, vic ci t s c thc hin t ng. Nu cc bn ci t cp nht yu cu h thng khi ng, mt thng bo vi b m li nm pht xut hin, thng bo ngi dng v vic khi ng sp xy ra. Ch c ngi qun tr mng mi c th hy b vic khi ng ny.
TRIN KHAI CC BN CP NHT TRONG H THNG MNG

Mt ngi qun tr mng khi quyt nh rng ngi dng khng phi ti cc bn cp nht h iu hnh t Internet c th s dng rt nhiu phng php khc nhau chuyn cc bn cp nht ny n tng my tnh trong mng, nh m t trong cc phn sau:
Ci t cc bn service pack th cng.

Khi bn mua mt a CD cha cc bn service pack, bn s nhn c mt a c tt c cc file ca bn service pack trong mt nh dng m rng. ci t bn service pack ny, bn chy chng trnh Update.exe trong folder Update. Vic ny s np trnh ci t Service Pack Setup Wizard (Th hin trong Hnh 5-5), trnh ny s hng dn bn qua cc bc ci t bn service pack. Sau khi bn ng tha thun giy php cho ngi dng cui b sung, trnh ci t ny s nhc bn bn ch nh rng liu bn c mun to ra cc bn sao lu di ca cc file m service pack thay th bn c th QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 200
DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 g ci t bn service pack ny sau nu cn. Sau khi qu trnh ci t hon thnh, bn s c nhc nh khi ng my tnh.
Hnh 5-5: Windows XP Service Pack 1 Setup Wizard Khi bn ti v phin bn trn mng (Network version) ca mt bn service pack, bn s nhn c mt file chy nn n (File chy c th t gii nn) vi tn file cho bit h iu hnh m bn cp nht ny p dng v s pht hnh ca bn service pack ny. V d, file chy ca Windows XP service pack 1 l Xpsp1.exe. Khi bn chy file ny, my tnh s bung tt c cc file trong file nn ny, ghi chng vo folder tm trong a h thng, sau chy file Update.exe v qu trnh ci t s ging nh l ci t t phin bn trn CD. Bn c th t file ny ln mt folder chia s trn mng v c th chy file t bt k my tnh no trong mng. Chng trnh chy ny lun sao chp cc file ci t vo cng cc b v chy chng trnh ci t t folder . File Update.exe trong bn service pack v file chy ti t mng cng h tr kh nng s dng cc kha chuyn dng lnh m bn c th s dng tc ng n qu trnh ci t. Bn c th chy file chy ny vi cc kha chuyn sau y t mt du nhc dng lnh hoc t hp thoi Run. Cc kha chuyn, ging nhau i vi c file Update.exe v file chy nn n, c cc tham s nh sau: QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 201
DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 /D:Tn folder. Theo mc nh, chng trnh ci t s to ra cc bn sao lu ca tt c cc file m n b ghi trong folder gi l $ntservicepackuninstall$. Kha chuyn ny cho php bn ch nh mt tn folder khc cha cc file sao lu. /F. Chng trnh ci t s ng tt c cc chng trnh ang m m khng lu cc d liu khi n khi ng my tnh sau khi qu trnh ci t hon thnh. /L.hin th mt danh sch cc hotfix c ci t trong my tnh /N Khng cho chng trnh ci t to ra cc bn sao lu ca cc file b ghi trong qu trnh ci t /O Chng trnh ci t s ghi cc file thng tin v nh sn xut thit b gc (OEM) trong qu trnh ci t m khng thng bo vi ngi dng. /Q. Chy chng trnh ci t trong ch khng hin th. Trong ch ny, chng trnh ci t s dung cc gi tr mc nh cho cc la chn, tuy nhin khng hin th thanh tin trnh hoc bt k thng bo li no. /S:Tn folder. Kt hp cc file service pack vi cc file ci t ca h iu hnh to ra mt b ci t tch hp. Qu trnh ny cn c gi l slipstreaming. Tn folder l folder m bn ch nh l ng dn n folder cha cc file ci t ca h iu hnh. /U. Qu trnh ci t s c thc hin trong ch khng cn gim st. Trong ch ny, chng trnh ci t s dng cc gi tr mc nh cho mi la chn v hin th thanh tin trnh, tuy nhin ch cc thng bo li nghim trng mi lm dng qu trnh ci t ny c. /X Vic np file chy ca service pack s bung cc file trong n v lu chng trong mt cu trc th mc i386 trn a cng m khng chy file Update.exe. /X:Tn folder. Vic np file chy ca service pack s bung cc file trong n v lu chng trong folder m bn ch nh trn a cng m khng chy file Update.exe. /Z. Khng cho qu trnh ci t khi ng li my tnh sau khi vic ci t hon thnh. La chn ny c s dng thng xuyn khi bn c k hoch ci t cc hotfix ngay sau khi ci service pack v mun hon vic khi ng li cho ti khi hon thnh vic ci t hotfix. QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 202
Ci t th cng cc hotfix
Cng ging nh cc bn service pack, ngi dng c th ti v ci t cc bn hotfix thng qua trang Web Windows Update, tuy nhin ta cng c th ti chng nh cc file chy ring r. iu ny cho php cc qun tr mng trin khai cc bn hotfix cho mt lng ln cc my tnh m khng cn phi tin hnh ti nhiu ln t Internet. Mt file hotfix l mt file chy nn, ging nh file ti trn mng ca service pack, nhng c dung lng nh hn. Tn ca file ny s dng nh dng sau y: OperatingSystem-KBKnowledgeBase#-Platform-Language.exe (H iu hnh-KB+s hiu bi vit v vn bn hotfix s chnh sa-loi CPUngn ng) V d, mt bn cp nht bo mt in hnh cho Windows Server 2003 tn l WindowsServer2003-KB823980-x86-ENU.exe. S 823980 l s ca bi vit trong Knowledge Base m t vn m bn hotfix ny gii quyt c, x86 l nn tng b vi x l m bn hotfix ny p dng v ENU cho bit bn hotfix ny cho phin bn U.S English ca Windows Server 2003. LU . Thay th cc file ca hotfix. Khng ging nh service pack, cc hotfix ch cp nht phn mm m thc t ci t trong my tnh khi bn chy chng trnh ci t ny. Nu bn hy b mt thnh phn h iu hnh v sau ci t li thnh phn , bn phi ng thi ci t li cc bn hotfix m p dng cho thnh phn ny. Vic np file chy ca hotfix s bung cc file trong n ra mt folder tm trn h thng ni b v chy file chng trnh Update.exe, cng ging nh trong service pack. Cc hotfix theo mc nh lun lun to ra cc bn sao chp sao lu ca cc file b ghi bn c th g b ci t. Lu chng trong mt folder n trong folder gc h thng v c tn $NtUninstallKB######$, trong ###### l s ca bi vit trong Knowledge Base ca bn hotfix . thay i cc hnh x mc nh ca chng trnh ci t ca hotfix, bn c th chy file ny vi bt k trong cc kha chuyn sau y: /F. Chng trnh ci t s ng tt c cc ng dng ang m m khng lu d liu khi n khi ng my tnh sau khi qu trnh ci t hon thnh. /L Hin th danh sch cc bn hotfix ci t trong my tnh /N Khng cho php qu trnh ci t to cc bn sao chp sao lu cc file b ghi trong qu trnh ci t. QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 203
DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 /Q. Chy chng trnh ci t trong ch khng hin th. trong ch ny, chng trnh ci t s dung cc gi tr mc nh cho cc la chn, tuy nhin khng hin th thanh tin trnh hoc bt k thng bo li no. /U. Qu trnh ci t s c thc hin trong ch khng cn gim st. Trong ch ny, chng trnh ci t s dng cc gi tr mc nh cho mi la chn v hin th thanh tin trnh, tuy nhin ch cc thng bo li nghim trng mi lm dng qu trnh ci t ny c. /X Vic np file chy ca service pack s bung cc file trong n v lu chng trong mt cu trc th mc trn a cng m khng chy file Update.exe. /Z. Khng cho php qu trnh ci t khi ng my tnh sau khi vic ci t hon thnh. LU . Kim tra cc hotfix. Khi bn ci t cc bn hotfix, chng trnh ci t lun lun kim tra xem bn service pack no tng c ci t trong my tnh. Nu bn hotfix bn ang ci t l c hn bn service pack hin ti ang c trong my tnh, qu trnh ci t s b dng bi v bn hotfix lun c p dng nh l mt phn ca bn service pack. Nu bn hotfix l mi hn bn service pack hin ti trong my tnh, qu trnh ci t s c thc hin.
Xu chui cc hotfix.
Bt u t bn Windows Server 2000 service pack 3, mi hotfix u c mt chng trnh gi l Qchain.exe cho php ci t rt nhiu hotfix, bn ny ngay sau bn kia m khng cn phi khi ng li my tnh sau mi ln ci t. Nu bn ci t nhiu hotfix m bao gm cc phin bn khc nhau ca cng mt file, Qchain.exe m bo rng h thng s s dng ng phin bn chun nht ca cc file sau khi qu trnh ci t hon thnh. xu chui cc qu trnh ci t cc bn hotfix, bn c th chy cc chng trnh ci t hotfix vi kha chuyn dng lnh /Z, iu ny s ngn cn cc chng trnh ny khi ng my tnh. Tuy nhin, bn phi nh khi ng my tnh sau khi bn hotfix cui cng c ci t cc bn hotfix ny c tc dng. t ng qu trnh ci t cc bn hotfix ny, bn c th to ra mt file b (batch) ging nh sau y: WindowsServer2003-KB8239809-x86-ENU.exe /Z /U WindowsServer2003-KB8239810-x86-ENU.exe /Z /U QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 204
DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 WindowsServer2003-KB8239811-x86-ENU.exe /U Lu rng lnh ci t 2 hotfix u tin trong file b ni trn bao gm kha chuyn /Z, ngn khng cho khi ng h thng trong khi dng lnh cui li khng c kha chuyn ny my tnh c th khi ng li sau khi tt c cc hotfix c ci t xong. C ba dng lnh ny u c kha chuyn /U, kha ny khng cho php chng trnh tm dng nhn thng tin nhp vo ca ngi dng. Bn c th tch hp mt qu trnh ci t service pack trong mt file b, iu ny s cho php t ng ha ton b qu trnh cp nht nh sau: Update.exe /Z /U WindowsServer2003-KB8239809-x86-ENU.exe /Z /U WindowsServer2003-KB8239810-x86-ENU.exe /Z /U WindowsServer2003-KB8239811-x86-ENU.exe /U
Thc hin Slip streaming

Khi bn ci t mt my tnh mi trong mng, vic ci t h iu hnh khng hn l qu trnh cui cng. Bn cn c th phi ci t thm cc bn service pack v rt nhiu hotfix. Ngay c khi c th ci t cc thnh phn ny mt cch ring r, ngi ta thng chn mt phng php hiu qu hn l phng php tch hp cc bn service pack v hotfix ny trong qu trnh ci t h iu hnh. Qu trnh ny c gi l Slipstreaming (Kt hp lin mch cc qu trnh) Slipstreaming mt bn service pack Slipstreaming mt bn service pack trong qu trnh ci t h iu hnh Windows Server 2003, u tin bn phi to ra mt folder phn phi trn mt folder chia s trn mng v sao chp folder I386 trong a CD ci t Windows Server 2003 vo folder ny. Sau , t folder cha file chng trnh ci t service pack, bn np file Update.exe hoc file chy ci t vi kha chuyn /S, ch nh v tr ca folder phn phi m bn to ra nh trong v d sau y: Update.exe /s:distfolder W2k3sp1.exe /s:distfolder Chng trnh ci t s bung cc file ca service pack t file chy sang mt folder tm (nu cn) v sau sao chp cc file vo v tr tng ng trong folder phn phi. Sau bn c th bt u qu trnh ci t h iu QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 205
DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 hnh t folder phn phi ny v cc file service pack s c ci t ng thi trong cng thi im ny.
S dng cc chnh sch nhm

Phng php khc t ng ha qu trnh ci t service pack l s dng kt hp Windows Installer (Trnh ci t Windows) v chnh sch Software Installation (Ci t phn mm) trong mt GPO. Windows Installer l mt chng trnh ci t phn mm m c lu nh l mt file Windows Installer Packet (Gi phn mm ci t Windows) vi phn m rng .msi. Cc bn service pack c pht hnh u bao gm mt phin bn Windows Installer Packet ca chng trnh ci t gi l Update.msi. Update.msi nm trong folder Update trn a CD service pack. Nu bn ti phin bn trn mng ca service pack, bn phi bung cc file trong n ra bng cch chy file ny vi kha chuyn /X trc khi bn c th s dng Update.msi. trin khai mt bn service pack bng cch s dng file Update.msi v chnh sch nhm, bn phi la chn mt i tng trong Active Directory c cha cc my tnh m bn mun cp nht. Nu tt c my tnh trong h thng mng ca bn u chy cng mt phin bn Windows, bn c th cu hnh chnh sch Software Installation trong GPO mc nh ca min v gn vi cc i tng trong min s dng Active Directory ca bn. Nu bn c cc my tnh chy nhiu phin bn h iu hnh khc nhau, bn c th to ra cc i tng OU cho mi phin bn v sau to ra mt GPO cha cc bn Windows Installer Package tng ng vo trong mi OU ny, hoc bn c th to ra nhiu Windows Installer Package trong GPO min mc nh v s dng vic gn cc Cp php ch nh my tnh no s nhn c cc gi phn mm ny. THNG TIN THM. S dng chnh sch nhm GPO. c thm thng tin v vic s dng i tng chnh sch nhm, xem kha hc cho k thi 70-294 Lp k hoch, trin khai v duy tr mt c s h tng da trn Windows Server 2003 Active Directory Thm Windows Installer Package thm mt Windows Installer Package (Gi phn mm ci t Windows) vo trong chnh sch nhm GPO mc nh ca min, s dng cc thao tc sau y: 1. ng nhp vo my tnh Windows Server 2003 bng ti khon Administrator QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 206
DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 2. Bung cc file trong file nn service pack vo mt folder trong mt chia s trn mng 3. Nhn Start, tr vo administrative Tools v nhn vo Active Directory Users And Computers. Bng iu khin Active Directory Users And Computers xut hin 4. La chn biu tng min trong khung Phm vi v t thc n Action, la chn Properties. Hp thoi Properties ca i tng min ca bn xut hin 5. La chn th Group Policy v sau nhn Edit. Bng iu khin Group Policy Object Editor xut hin 6. Trong khung Phm vi, m rng folder Computer Configuration/Software Settings v la chn biu tng Software Installation Mc User Configuration cng c mt folder Software Settings v mt biu tng Software Installation, tuy nhin bn khng th s dng chng ci t mt service pack. Bn phi s dng mc Computer Configuration 7. Trong thc n Action, tr vo New v la chn Package. Mt hp thoi Open xut hin 8. Nhp vo ng dn y ca file Windows Installation Package Update.msi trong folder con Update ca folder chia s ca bn. Mt hp thoi Deploy Software xut hin. Hy chc chn rng ang bn s dng tn Universal Naming Convention (UNC) ca ng dn n file ng gi, ch khng phi bng cc k t a. V d, bn c th s dng \\Server01\d$\sp1\i386\update\update.msi nhng khng th l D:\sp1\i386 \update\update.msi. 9. Nhn vo OK chp nhn la chn mc nh Assigned. Gi phn mm ci t ca bn service pack xut hin trong khung Chi tit (Th hin trong hnh 5-6).
Hnh 5-6. Bng iu khin Group Policy Object Editor vi mt gi ci t service pack Ln khi ng sau ca cc my tnh trong min, h thng s ti file ci t service pack t folder chia s ni trn ci t chng.
S DNG MICROSOFT SOFTWARE UPDATE SERVICES - SUS (DCH V CP NHT PHN MM CA MICROSOFT)
Vic trin khai bt k phn mm no trong mt h thng mng ln l mt nhim v phc tp, v cc bn cp nht h iu hnh cng khng l mt ngoi l. Nhng tc v c coi l n gin trong mt my tnh n s l vn ln khi bn c hng trm hoc hng ngn my tnh. SUS l mt sn phm min ph, n thng bo cho ngi qun tr mng khi mt bn cp nht bo mt mi xut hin, ti bn cp nht v trin khai chng n cc my tnh trn mng (th hin trn hnh 5-7)
Hnh 5-7. Giao din qun tr SUS THNG TIN THM. S dng SUS. SUS c service pack 1 khng c sn trong Windows Server 2003 hoc bt k h iu hnh Windows no nhng n c th c ti min ph t trang Web ca Microsoft ti a ch: http:// www.microsoft.com/windowsserversystems/SUS/default.mspx. Nh cp phn trn ca chng, vic ngi dng t ti v ci t cc bn cp nht h iu hnh bng cch s dng Web Site Windows Update l lng ph thi gian v bng thng. SUS v bn cht l mt phin bn intranet ca Web Site Windows Update, cho php gim thiu nhu cu ti bn cp nht cho phn mm cho mi my tnh t Internet v gip ngi qun tr khng phi trin khai cc bn cp nht mt cch th cng trn cc my tnh. Ngi qun tr c th iu khin bn cp nht no p dng vo cc my tnh trn mng v khi no th qu trnh ny xy ra, cho php t ng ha qu trnh ny do vic cp nht c th hon thnh m ngi dng khng h hay bit SUS bao gm cc thnh phn sau y: My ch ng b. Mt my tnh chy SUS, ng vai tr nh mt my ch ng b, s ti cc bn cp nht phn mm t Web Site Windows Update ngay sau khi chng c pht hnh. Ngi qun tr c th cho php vic ti ny din ra nu cn, lp lch cho chng din ra ti cc thi im xc nh (v d nh thi im ht gi lm vic) hoc c th kch hot vic ny mt cch th cng. Khi m my ch QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 209
DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 SUS ti cc bn cp nht, n lu chng trn my ch. iu ny gim thiu vic qun tr mng lin tc kim tra Web Site Windows Update tm kim cc bn mi pht hnh. My ch Intranet Windows Update. Khi my ch SUS ti cc bn cp nht, ngi qun tr phi quyt nh liu my ch c trin khai chng trn mng ngay lp tc hoc lu chng li th nghim v trin khai sau. Khi cc bn cp nht sn sng trin khai, chc nng ca SUS nh l my ch Windows Update cho cc my tnh trn mng ngoi tr vic n l my ch trong mng intranet v khng yu cu ngi dng kt ni ra Internet. Automatic Update. Automatic Update l mt tnh nng ca h iu hnh Windows cho php my tnh ti v ci t cc bn cp nht phn mm m khng cn ngi dng tc ng. Bn c th cu hnh tnh nng ny trn my trm cc my ny c th nhn cc bn cp nht t mt my ch SUS trong mng ni b hn l t Web site Windows Update, do hn ch vic cp nht s dng ch cc bn cp nht m ngi qun tr mng cho php. LP K HOCH. Cc yu cu h iu hnh ca SUS. SUS ch chy trn cc h iu hnh Windows Server 2003 v Windows Server 2000 vi service pack 2 hoc hn. Cc my khch s dng SUS phi chy trn nn h iu hnh Windows Server 2003, Windows 2000 hoc Windows XP Trin khai SUS Qu trnh trin khai SUS bao gm cc bc c bn sau y: 1. Ci t my ch SUS. SUS l mt lot cc trang Web v ng dng intranet, cung cp cho my khch v ngi qun tr kh nng truy cp n dch v ny, Bn phi ci t IIS trn my ch trc khi bn ci t SUS 2. ng b ha my ch. ng b ha l mt qu trnh trong my ch SUS ti cc bn cp nht t Web site Windows Update trn Internet v lu chng trn a cng ni b 3. Ph chun cc bn cp nht. Trc khi cc my khch c th truy cp cc bn cp nht lu trong my ch SUS, chng phi c ph chun (Approve), hoc th cng bi ngi qun tr mng hoc t ng. Ngi qun tr c th la chn t cc bn cp nht mi trn QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 210
DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 trong mt ch th nghim trc khi ph chun chng cho cc my khch truy cp. 4. Cu hnh Automatic Updates trn cc my khch. S dng cc chnh sch nhm, bn c th cu hnh tnh nng Automatic Update trn cc my khch ly cc bn cp nht v t my ch SUS ch khng phi t Web site Windows Update
Ci t SUS
Do SUS s dng Web site cho c my khch v cc tc v qun tr truy cp, bn phi ci t IIS trn my ch ny trc khi bn ci t SUS. Windows Server 2003 cha IIS trong b ci t nhng khng ci t n theo mc nh. ci t IIS, m Add Or Remove Programs trong Control Panel, nhn vo Add/Remove Windows Components v la chn Internet Information Services (IIS) t trong danh sch cc thnh phn ca Application Server Khi bn ci t IIS, bn c th chy chng trnh ci t SUS m bn ti v t Web Site ca Microsoft v Microsoft Software Update Services Setup Wizard (Trnh Hng dn Ci t Dch v Cp nht) s c np. Sau khi bn ng vi cc iu khon tho thun v giy php ca ngi dng phn mm, trnh hng dn ci t ny s hng dn bn qua cc bc cu hnh cc tham s nh sau: V tr ca file. Mi bn v Windows Update bao gm hai thnh phn: Bn thn file v li v metadata (Siu d liu) trong ch nh nn tng h thng v ngn ng m bn v ny s p dng. SUS lun lun ti metadata, y l d liu m bn s dng ph chun cc bn cp nht v cc my khch trong mng intranet c th ti to c cc d liu ny t my ch SUS. Bn c th la chn liu c ti cc file hay khng v nu c th lu cc file ny u. Nu bn la chn duy tr cc file cp nht trn my ch Microsoft Windows Update, cc my khch s kt ni n my ch SUS ly danh sch cc bn cp nht c ph chun nhng li kt ni n Web site Windows Update ti cc file. Nu bn la chn lu cc file cp nht my ni b, bn s phi s dng mt folder trn a cng c nh dng NTFS. xut mt dung lng ti thiu khong 6GB cho vic lu tr ny. Cc thit lp v ngn ng. Ch nh ngn ng no m bn mun lu cc bn cp nht trn my ch. Nu tt c cc my khch ca bn s dng phin bn ngn ng ting Anh ca Windows, bn c th s dng la chn English Only. Nu cc my khch ca bn s dng cc ngn ng khc ngoi ting Anh, bn c th ti cc bn cp nht cho tt c QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 211
DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 cc ngn ng c sn hoc la chn mt s ngn ng c th. Tham s ny c cu hnh ch khi bn la chn lu cc bn cp nht ni b. Cc thit lp ph chun bn cp nht. Khi SUS ti phin bn mi ca mt bn cp nht m c ph chun, thit lp ny ch nh liu phin bn mi ny c c ph chun mt cch t ng hay i n khi c ph chun mt cch th cng. LU . Cc a ch URL ca SUS. Khi trnh ci t kt thc, n hin th mt URL cho giao din qun tr ca my ch SUS v URL m my khch phi s dng nhn c cc bn cp nht t my ch. Hy lu n cc URL ny bi v bn s cn chng qun tr my ch v cu hnh cc my khch. Trnh Microsoft Software Update Services Setup Wizard ci t ba thnh phn sau y vo my ch: Dch v Software Update Synchronization Service, dch v ny ti ni dung bn cp nht v my ch SUS Mt Web site s dng IIS phc v cho cc yu cu cp nht ca cc my khch c t ch Automatic Update Mt trang Web qun tr SUS, t bn c th tin hnh ng b my ch SUS v ph chun cc bn cp nht. Khi qu trnh ci t kt thc, Internet Explorer hin th giao din qun tr Web ca SUS LU . Cu hnh cc tnh nng bo mt tin tin ca Internet Explorer. Bn c th cn phi thm my ch ca bn vo trong danh sch cc site ni b mng intranet c tin cy truy cp site ny. M Internet Explorer v la chn Internet Option t thc n Tool. La chn th Security, la chn Trusted Site v nhn vo Sites. Thm tn my ch ca bn vo danh sch cc site tin cy.
ng b SUS
Hai tc v qun tr chnh cho my ch SUS l ng b my ch v ph chun cc bn cp nht. Khi bn nhn vo siu lin kt Synchronize Server trong trang qun tr chnh, bn s thy mt giao din nh Hnh 5-8. trong trang ny, bn c th lp lch ng b vic ny din ra theo mt lch u n hoc kch hot chng mt cch th cng.
Hnh 5-8. Trang SUS Synchronize Server lp lch ng b, bn nhn vo phm Synchronization Schedule (Lch ng b) hin th hp thoi Schedule Synchronization (Th hin trong hnh 5-9). Trong qu trnh ng b, my ch kt ni n Web site Windows Update v ti danh mc ca cc bn cp nht c sn. Sau , ty vo cc thit lp m bn ch nh trong qu trnh ci t, SUS hoc ti tt c cc bn cp nht hoc tch hp metadata vo trong danh mc cp nht ring ca n.
Hnh 5-10. Hp thoi Schedule Synchronization
Ph chun cc bn cp nht
Khi qu trnh cp nht hon thnh, bn c a ti trang Approve Update, th hin trn Hnh 5-10. ti y, ngi qun tr c th xem mt danh sch cc bn cp nht c ng b v la chn bn no c th cung cp cho cc my khch.
Hnh 5-10. Trang SUS Approve Updates Mi mc trong danh sch cc bn cp nht ny c mt siu lin kt Details (Chi tit) hin th mt trang Update Details (Chi tit Cp nht) ging nh th hin trong Hnh 5-11. Trang ny cung cp cc thng tin v bn cp nht c la chn, kch thc v ngy ca bn , ng thi cc tham s ci t m bn cp nht ny s s dng khi n c ci t trong cc my khch. Trang Update Details cng cha mt lin kt n cc bi vit Knowledge Base (trn Web site h tr ca Microsoft) tng ng vi bn cp nht ny v mt lin kt n chnh file chy ca bn cp nht ny ngi qun tr c th truy cp bn cp nht cho mc ch th nghim.
Hnh 5-11. Trang SUS Update Details
Cu hnh Automatic Update

Khi cc my ch SUS c ci t v hot ng, bc tip theo l cu hnh cc my khch s dng n. Nh cp trong phn trc ca chng, bn hc v cc tnh nng sn c ca Automatic Update trong Windows Server 2003, Windows XP v Windows 2000. Theo mc nh, Automatic Update s ti cc file cp nht t Web site Windows Update, tuy nhin bn c th cu hnh my khch ny ly cc bn cp nht t mt my ch SUS. lm iu ny, bn phi cu hnh phn mm my khch Automatic Update bng cc chnh sch nhm. trin khai cc tnh nng ny hoc bt k chnh sch nhm no, bn phi la chn mt min s dng Active Directory, site hoc i tng OU, m hp thoi Properties ca n, la chn th Group Policy v np bng iu khin Group Policy Object Editor bng cch chn Group Policy thch hp v nhn Edit, Trong bng iu khin ny, bn m rng cc folder Computer Configuration, Administrative Templates v Windows Components, sau la chn Windows Update hin th bn chnh sch nh trong Hnh 5-12
Hnh 5-12. Cc chnh sch Windows Update trong bng iu khin Group Policy Object Editor Cc chnh sch nh sau: Cu hnh Automatic Update. Ch nh hot ng mc nh ca phn mm my khch Automatic Update s dng mt trong ba la chn sau: Notify For Download And Notify For Install, Auto Download And Notify For Install, v Auto Download And Schedule The Install (Thng bo ti v thng bo ci t, T ng ti v thng bo ci t v T ng ti v lp lch ci t). Cc la chn ny bn cng c th cu hnh trong th Automatic Update ca hp thoi System Properties trn my khch. Ch nh my ch Intranet Microsoft Update Service. Ch nh my ch m t cc my khch truy cp cc bn cp nht ca Windows. y l chnh sch cho php bn hng cc phn mm my khch Automatic Update vo mt my ch SUS thay cho vic s dng Web site Windows Update. Trong hp thoi Set The Intranet Update Service For Detecting Updates (Thit lp my ch dch v cp nht Intranet pht hin cc bn cp nht), bn nhp vo URL ca my ch SUS m trnh ci t Microsoft Software Update Server Setup Wizard cung cp cho bn trong qu trnh ci t. Theo mc nh, my trm ghi nht k li cc tng tc gia n v my ch SUS, ni m n ly cc bn cp nht v. Tuy nhin chnh sch ny cng ng thi cho php bn tr my trm vo mt my ch IIS khc QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 217
DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 ghi nht k thng k. iu ny s cho php my khch ly cc bn cp nht t mt my ch SUS ni b trong khi li ghi nht k cc hot ng ca n vo mt my ch trung tm n no d dng thu hi v phn tch cc d liu nht k. Nht k IIS c t trong folder systemroot\System32\Logfiles\W3svc1 Reschedule Automatic Updates Scheduled Installations (Ti lp li lch ci t Automatic Update trc ). Nu vic ci t c lp lch nhng cc my tnh khch li tt ti thi im t lch, cch thc hot ng mc nh l i n thi im tip theo trong lch. Trong chnh sch ny, nu thit lp gi tr l gia 1 v 60, s lm cho Automatic Update ti sp xp li lch vic ci t din ra sau mt s pht sau khi h thng khi ng ln tip theo. No Auto-Restart For Scheduled Automatic Updates Installations (Khng t ng khi ng li khi ci t cc bn cp nht theo lch). Khi ngi dng ng nhp vo h thng, Automatic Update s yu cu khi ng li h thng khi bn cp nht c ci t. Thay vo vic h thng t khi ng, ngi dng nhn c thng bo rng h thng cn khi ng vic ci t c hon tt. Khi bn cu hnh GPO v cc chnh sch nhm c p dng, phn mm my khch Automatic Update s truy vn my ch SUS vi khong thi gian lp 22 gi, cng vi mt khong dch chuyn ngu nhin ( trnh s tng cao t ngt trong lu lng mng). Sau khi my khch ti cc bn cp nht c ph chun t my ch SUS, chng s c ci t v cu hnh th cng hoc t ng ti thi im c lp lch trc. Nu mt bn cp nht c ph chun m sau li khng c ph chun bi qun tr mng, bn cp nht s khng b g ci t nhng n khng th c ci thm na bi bt k my khch no khc. Cc bn cp nht c ci t thng qua SUS c th c g ci t mt cch th cng, tuy nhin phi s dng Add Or Remove Programs trong Control Panel. LU . Cc bn cp nht quan trng then cht. Trong mt s trng hp, mt bn cp nht s gii quyt mt vn bo mt then cht no v quan trng n mc bn khng cn phi i n khi cc my khch truy vn, ti v ci t. Trong trng hp ny, bn vn c th t ci t mt cch th cng.
Xy dng kin trc SUS

Mt my ch SUS n c th l cho mt doanh nghip nh, tuy nhin i vi cc doanh nghip ln, bn c th mun c nhiu hn mt my ch ny. QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 218
DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 Khi bn ci t nhiu my ch SUS trong h thng mng, bn c th cu hnh chng tng tc vi nhau theo mt trong bt k cc kin trc sau y: Kin trc a my ch. Mi my ch SUS s ng b ni dung ca n t trang Windows Update v qun tr danh sch cc bn cp nht ring ca n. Kin trc ny cho php ngi qun tr mi my ch c th iu khin c bn danh sch cp nht trong my ch v cng cho php mt doanh nghip c th duy tr rt nhiu cc bn v v cc cu hnh cp nht. Kin trc cha/con cht ch. Mt my ch SUS mc cha s ng b ni dung ca n t Web Site Windows Update v lu cc bn cp nht trong folder ni b. Ngi qun tr SUS sau s ph chun cc bn cp nht ny p dng cho cc my khch. Cc my ch SUS khc trong doanh nghip s ng b t my ch mc cha v c cu hnh ng b c cc file cp nht v bn danh sch cc bn cp nht c ph chun. Cc my khch c th ly cc bn cp nht t my ch SUS gn nht. Trong kin trc ny, ngi qun tr ca my ch SUS mc con khng th ph chun hoc khng ph chun cc bn cp nht, tc v ny ch c thc hin trn my ch SUS mc cha. Kin trc cha/con lng lo. My ch SUS mc cha ng b ni dung ca n t Windows Update v lu cc bn cp nht ny trn folder ni b. Cc my ch SUS khc trong doanh nghip ng b t my ch mc cha ny. Khng ging nh trong cu hnh cht ch, cc my ch SUS thm vo ny khng ng b danh sch cc bn cp nht c ph chun, do ngi qun tr mng ca mi my ch c th ph chun hoc khng i vi cc bn cp nht ny mt cch c lp. Mc d kin trc ny tng cng vic qun tr nhng n rt hu ch khi mt doanh nghip mun ti u ha vic s dng Internet v yu cu phn phi quyn ph chun cc bn cp nht, cc bn v li v cc cu hnh cp nht. SUS s dng kin trc a my ch theo mc nh. trin khai mt kin trc cha/con, bn truy cp trang Set Option (Thit lp la chn) trong trang qun tr my ch SUS v cu hnh la chn Select Which Server To Synchronize Content From (La chn my ch no ng b ni dung). i vi kin trc cha/con, bn c th gi nguyn cc thit lp mc nh trn my ch SUS mc cha v cu hnh my ch mc con vi la chn Synchronize From A Local Software Update Services Server (ng b t my ch dch v cp nht phn mm ni b) l tn ca my ch SUS mc cha. i vi kin trc cha/con cht ch, bn cng la chn Synchronize List QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 219
DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 Of Approved Items Updated From This Location (ng b danh sch cc bn cp nht c ph chun t ni y); i vi kin trc cha/con lng lo, bn c th xa b la chn ny.
Gim st SUS
Trang Monitor Server (Gim st my ch) ca Web site qun tr SUS hin th cc thng s thng k th hin s lng ca cc bn cp nht kh thi i vi tng nn tng my ch v cc thng s thi gian, ngy gi ca cc bn cp nht mi nht. Thng tin ny c tng kt t cc d liu metadata ca Windows Update m c ti trong mi qu trnh ng b. Thng tin metadata dc ghi vo a cng v lu trong b nh ci thin hiu nng khi h thng yu cu cc bn cp nht tng ng ca cc nn tng my ch Bn c th gim st SUS v Automatic Update bng cc nht k sau: Nht k ng b. Bn c th ly cc thng tin v cc qu trnh ng b trong qu kh hoc hin ti v cc gi phn mm xc nh c ti bng cch nhn vo View Synchronization Log trong thanh duyt bn tri. Nht k ph chun. c thng tin v cc gi phn mm c ph chun, nhn vo phm View Approval Log (Xem nht k ph chun) trong thanh duyt bn tri Nht k Windows Update. Cc my khch Automatic Update s ghi nht k v cc hot ng trong file systemroot\Windows Update.log trn a cng ni b ca my khch. Wutrack.bin. Cc tng tc gia my khch vi my ch SUS s c ghi li vo trong nht k thng k c bit ca my ch IIS, thng thng c lu trong folder systemroot \System32\Logfiles\W3svc1
Cc s kin h thng SUS

Dch v ng b s to ra cc thng bo nht k s kin cho mi khi vic ng b c thc hin bi my ch v khi bn cp nht c ph chun. Cc thng bo ny c th xem c trong Nht k H thng bng cch s dng Event Viewer. Cc s kin lin quan n tnh hung ny: Khng th kt ni. Automatic Update khng th kt ni n dch v cp nht (Windows Update hoc my tnh c ch nh lm my ch SUS) QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 220
DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 Sn sng ci t lch khng nh k. Cc bn cp nht lit k trong s kin ny c ti v ch ci t. Qun tr mng phi nhn vo biu tng thng bo v nhn Install Sn sng ci t lch nh k. Cc bn cp nht lit k trong s kin ny c ti v s c ci t vo ngy v gi xc nh ghi trong s kin. Ci t thnh cnng Cc bn cp nht c lit k trong s kin ny c ci t thnh cng. Ci t tht bi. Cc bn cp nht lit k trong s kin ny b trc trc v khng c ci t Yu cu khi ng li lch khng nh k. Mt bn ci t yu cu khi ng li h thng. Nu vic ci t c thit lp l phi thng bo th qu trnh khi ng li phi c thc hin th cng. Windows khng th tm kim cc bn cp nht khc trc khi vic khi ng li c thc hin. Yu cu khi ng li Lch nh k. Khi Automatic Update c cu hnh t ng ci t cc bn cp nht, mt s kin s c ghi li nu mt bn cp nht no yu cu khi ng. H thng s khi ng trong vng 5 pht. Windows khng th tm kim cc bn cp nht mi cho n khi khi ng xong
Gii quyt s c SUS

SUS trong mt my tnh Windows Server 2003 c th yu cu cc bc khc phc s c nh sau: Np li b nh m cache. Nu khng c bn cp nht mi no xut hin t ln cui cng bn ng b my ch, c kh nng l khng c bn cp nht no. Tuy nhin cng c th l do b nh m (cache) khng np cc bn cp nht mi mt cch tt p. T site qun tr SUS, nhn vo Monitor Server v nhn Refresh Khi ng li dch v ng b. Nu bn nhn c thng bo rng dch v ng b khng chy tt hoc bn khng th chnh sa cc thit lp trong trang Set Option ca Web Site qun tr SUS, m bng iu khin Service t nhm chng trnh Administrative Tools, nhn phi chut vo Software Update Services Synchronization Service (Dch v ng b SUS) v la chn Restart. QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 221
DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 Khi ng li IIS. Nu bn khng th kt ni n site qun tr hoc nu my khch khng th kt ni n my ch SUS, khi ng li World Wide Web Publishing Service bng cch s dng bng iu khin Service.
QUN L CC BN QUYN PHN MM

End-User License Agreement (Tha thun Giy php cho Ngi dng Cui - EULA) kh l phin toi khi cc bn phi c v nhn vo bt u ci t h iu hnh, cc bn cp nht hoc cc ng dng mi. EULA l mt hp ng kt hp cho bn quyn hp php s dng phn mm. Trong mt mi trng doanh nghip ln, qun l cc giy php s dng phn mm l iu quan trng then cht v Windows Server 2003 bao gm nhiu cng c giy php m bn c th s dng ng k v gim st cc giy php v mc tun th ca ngi dng trong doanh nghip.. LU . Cc phin bn th nghim. Phin bn th nghim nh gi ca Windows Server 2003 l khng h tr ch qun tr giy php. Bn khng th theo ht cc v d trong bi hc ny khi khng c mt phin bn thng mi y ca sn phm ny.
Nhn Giy php Truy cp My khch (Client Access License CAL)

Giy php cho my ch Windows Server 2003 cho php bn ci t h iu hnh ln my tnh, tuy nhin bn cn cn Client Access License (Giy php truy cp cho my khch - CAL) trc khi ngi dng hoc thit b c th c xc thc mt cch hp php kt ni n my ch. CAL thng c mua di dng gi v c th bao gm trong bn mua h iu hnh. V d bn thng thy mt bn Windows Server 2003 bn ra vi mt gi giy php 5 hoc 10 ngi dng. Tuy nhin, nu h iu hnh khng bao gm bt k mt CAL no, bn phi mua chng ring bit. Gi li cc chng nhn CAL v EULA ca bn trong mt kp ti liu phng trng hp doanh nghip ca bn b kim nh xem c tun th theo giy php hay khng. LU . Cc giy php nng cp. Khi bn nng cp mt my ch t Windows NT hoc Windows 2000 sang Windows Server 2003, bn phi mua CAL nng cp tng ng. Bn phi mua CAL cho bt k kt ni no ti my tnh Windows Server 2003 m s dng cc thnh phn ca my tnh, bao gm dch v file v in n QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 222
DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 hay xc thc. Rt t ng dng my ch chy c lp m kt ni my ch/my khch khng yu cu CAL. Trng hp ngoi l c ngha nht m khng yu cu CAL l cc kt ni khng xc thc c kim sot thng qua Internet. Khi khng c s trao i thng tin xc thc trong qu trnh truy cp Internet, v d nh ngi dng Internet duyt cc Web site mt cch v danh, th CAL l khng cn thit. Do cng khng yu cu CAL cho phin bn Web ca Windows Server 2003. C hai loi CAL: Windows Device CAL(Giy php Truy cp theo Thit b), loi ny cho php mt thit b kt ni n mt my ch m khng quan tm n s lng ngi dng c th s dng thit b , v Windows User CAL(Giy php Truy cp theo Ngi dng), loi ny cho php mt ngi dng kt ni n mt my ch t rt nhiu thit b. Windows Device CAL c li cho mt doanh nghip m c nhiu ngi dng trn mt thit b, v d nh cng nhn lm ca. Windows User CAL s dng cho hu ht cc doanh nghip c nhn vin truy cp mng t rt nhiu thit b, k c cc thit b cha tng c bit n. LU . User CAL v Device CAL. Cc cng c giy php v giao din ngi dng s khng phn bit gia Windows User v Windows Device CAL. Mt Device CAL c ng k gin tip, s dng nhm giy php S lng cc giy php CAL bn yu cu v lm th no c th theo di cc giy php ph thuc vo ch giy php cho my khch m bn c. C hai ch giy php: Giy php Per Server v giy php Per Device hay Per User
Giy php Per Server

Giy php Per Server yu cu mt Windows User hoc Windows Device CAL cho mi kt ni ng thi. Nu mt my ch c cu hnh vi 1000 CAL, kt ni ng thi th 1001 s b t chi truy cp. CAL c thit k s dng trn mt my ch c th, do nu 1000 ngi dng yu cu kt ni ng thi n mt my ch th hai, bn phi mua thm 1000 CAL na. Giy php Per Server c li im ch trong cc trng hp gii hn truy cp, v d nh mt mng nh ngi dng truy cp vo rt t my ch. Giy php Per Server l khng hiu qu trong trng hp nhiu ngi dng truy cp vo nhiu ti nguyn trong nhiu my ch. Nu bn khng chc chn v cc ch giy php tng ng, hy chn Per Server. Tha thun giy php cho php chuyn i khng mt chi ph, mt ln, mt chiu t Per Server QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 223
DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 sang ch giy php Per Device hay Per User khi bn c th thc hin iu ny mt cch thch hp.
Giy php Per Device hay Per User.

Ch giy php Per Device hay Per User chuyn i t m hnh Per Seat trong cc phin bn trc ca Windows. Trong ch mi ny, mi thit b hoc ngi dng c th kt ni n mt s my ch trong doanh nghip. Ch Per Device hay Per User thng l ch la chn cho cc mi trng my tnh phn tn trong nhiu ngi dng truy cp nhiu my ch. V d, mt developer (Nhn vic pht trin phn mm) s dng mt my xch tay v hai my bn s yu cu ch mt Windows User CAL. Mt mng ngang hng gm 10 my PC bn m s dng bi 30 cng nhn lm ca s yu cu ch 10 Windows Device CAL. Tng s CAL bng vi s lng ngi dng hoc thit b, hoc s pha trn ca cc i tng trn m truy cp n cc my ch. CAL c th c cp li trong cc iu kin c bit. V d, mt giy php Windows User CAL c th c cp li t mt ngi dng lu di sang mt ngi dng tm thi trong khi ngi dng lu di ri cng ty. Mt Windows Device CAL c th c cp li cho mt thit b mn trong khi thit b gc ang c sa cha. Cc ch giy php Per Server v Per Device hay Per User c minh ha trong Bng 5-1 Bng 5-1. Cc ch giy php CAL
Cp giy php kiu truyn thng trong ch Per Server khi c t my ch v chng yu cu truy cp gii hn
Cp giy php kiu truyn thng trong ch Per User hay Per Device khi c nhiu my ch v chng yu cu cc truy cp trng
DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 xuyn trn din rng
S lng cn thit ca CAL c xc nh bi s kt ni ng thi yu cu
Thng kinh k hn khi s lng cc CAL cn thit c xc nh bi s lng ngi dng hoc thit b, hoc c hai, c yu cu truy cp n my ch
LU . Cc giy php cho Terminal Services. Windows Server 2003 bao gm Terminal Services, dch v ny c sn giy php cho 2 kt ni ng thi cho php qun tr mng c th kt ni n mt my ch t xa. Khi Terminal Services thc hin chc nng ca mt my ch ng dng, cho php mt ngi dng khng c quyn qun tr kt ni n v chy ng dng th bn phi c cc Terminal Services CAL, cc CAL ny c km theo trong Windows XP Professional
Cc cng c cho giy php

C hai tin ch m bn c th s dng theo di v qun l giy php s dng phn mm: Licensing trong Control Panel. Cng c Choose Licensing Mode trong Control Panel, th hin trong hnh 5-13, qun l cc giy php yu cu cho mt my tnh n chy Windows Server 2003. Bn c th s dng Licensing thm hoc bt cc CAL cho my ch chy trong ch Per Server, thay i ch giy php t Per Server sang Per Device hoc Per User, hoc cu hnh vic ng b giy php.
Hnh 5-13. Cng c Choose Licensing Mode trong Control Panel QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 225
DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 Licensing trong Administrative Tools. Cng c qun tr Licensing, tho lun trong phn ti y, cho php bn qun l cc giy php cho mt doanh nghip bng cch tp trung vic iu khin cc giy php v ng b giy php trong m hnh da trn cc site.
Qun l giy php cho cc site.

Dch v License Logging (Ghi nht k giy php), chy trong mi my tnh Windows Server 2003, thc hin vic cp php v theo di cc giy php khi my khch truy cp ti nguyn my ch. m bo vic tun th giy php, thng tin v cc giy php s c ng b vi mt CSDL giy php tp trung trn mt my ch trong site. My ch ny c gi l my ch giy php ca site. Ngi qun tr site, hoc ngi qun tr my ch giy php ca site c th s dng cng c Licensing trong nhm chng trnh Administrative Tools xem v qun l cc giy php cho ton site. Tnh nng qun l v theo di giy php mi ny tch hp cc giy php khng ch cho cc dch v file v in n, m cn cho IIS, Terminal Services v cc sn phm khc ca Microsoft (v d nh my ch Exchange v SQL) My ch giy php ca site Mt my ch giy php ca site thng thng l mt my ch qun tr min c to ra trong mt site. tm kim my ch no l my ch giy php cho mt site, m Active Directory Sites And Services, m rng la chn nt Site v sau nhn phi chut vo Licensing Site Settings (Cc thit lp giy php ca site) v la chn Properties. My ch giy php hin ti ca site hin th, nh trong Hnh 5-14.
Hnh 5-14. Nhn bit v thay i my ch giy php ca site bng Active Directory Sites and Services gn vai tr my ch giy php ca site cho mt my ch khc hoc my ch qun tr min, nhn vo Change v la chn my tnh mun gn. duy tr lch s ca cc giy php trong doanh nghip ca bn, bn phi dng dch v License Logging trn my ch giy php mi ngay lp tc sau khi chuyn giao vai tr v sau sao chp cc file sau y t my ch c sang my ch giy php mi: Systemroot\System32\Cpl.cfg, trong cha lch s vic mua bn ca doanh nghip Systemroot\Lls\Llsuser.lls, trong cha thng tin ngi dng v s lng kt ni Systemroot\Lls\Llsmap.lls, trong cha cc thng tin nhm giy php Sau khi tt c cc file c sao chp, khi ng dch v License Logging QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 227
DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 Qun tr cc giy php ca site. Khi bn xc nh my ch qun l giy php ca site, bn c th xem cc thng tin v giy php trn my ch bng cch m Licensing t nhm chng trnh Administrative Tools. Th Server Browser trong Licensing (Th hin trong Hnh 5-15) cho php bn qun l cc giy php cho mt site hoc doanh nghip.
Hnh 5-15. Th Server Browser trong cng c qun tr Microsoft Licensing Th Server Browser trong Licensing cho php bn qun l bt k my ch no trong bt k site hoc min no m bn c quyn qun tr. Bn c th nh v my ch v qun l cc giy php ca my ch bng cch nhn phi chut vo n v la chn Properties. i vi cc sn phm my ch c ci t trong my ch , bn c th thm hoc bt cc giy php ch Per Server. Bn cn c th chuyn i cc ch giy php ti ni no thch hp. Hy nh rng ch giy php Per Server s xut ra mt giy php khi mt ngi dng no kt ni n sn phm my ch. Khi mt ngi dng ngt kt ni t mt sn phm my ch, dch v License Logging s cho giy php ny sn sng vi ngi dng khc. Cc thuc tnh ca my ch cn cho php bn cu hnh vic ng b cc giy php, trong bn c th cu hnh mt my ch bng cch s dng cc thuc tnh Licensing ca n trong Control Panel. Theo mc nh, cc thng tin v giy php c ng b t mt my ch dch v License Logging n my ch giy php ca site c sau 24 gi v h thng s t ng b tr vic ng b xen k trnh vic qu ti cho my ch giy php ca site. Nu QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 228
DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 bn mun iu khin lch ng b hoc tn sut xy ra, bn phi thay i thi gian Start At v tn sut Start Every ca mi my ch ng b vi my ch giy php ca site c th no qun l cc giy php Per Device hay Per User, nhn vo Licensing trong nhm chng trnh Administrative Tools v sau la chn lnh New License t thc n License. Trong hp thoi New Client Access License (Giy php truy cp cho my trm mi), la chn sn phm my ch v s giy php mua. Cc giy php s c thm vo trong qu ca cc giy php. Khi mt thit b hoc mt ngi dng kt ni n bt c sn phm no trong site, chng s c phn chia mt giy php t qu ny v mi giy php l cho mt thit b hoc ngi dng. Khi qu cc giy php ny c pht ht, s vi phm giy php xy ra khi bt k mt thit b hay ngi dng thm vo no truy cp n sn phm. Th Purchase History (Lch s mua) trong Licensing (Th hin trong hnh 5-16) cung cp mt cch nhn tng qut cc giy php mua cho mt site, cng nh s lng, ngy v cc vn qun tr lin quan n vic thm hay bt cc giy php ny.
Hnh 5-16. Th Purchase History trong cng c qun tr Microsoft Licensing QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 229
DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 xem cc thng tin tch ly v cc giy php v s tun th theo ng giy php hay khng, la chn th Products View. th ny cho bit bao nhiu giy php c mua v phn chia cho ngi dng hoc thit b (trong ch Per Device hay Per User) hoc s lng cc giy php mua c cho cc my ch trong site v s lng kt ni nhiu nht trong ngy (trong ch Per Server). Bn cng c th xc nh xem hot ng c ng nh giy php mua hay khng bng cch s dng cc biu tng trng thi giy php th hin trong Bng 5-2. Bng 5-2. Cc k t trng thi ca giy php Sn phm ny ang tun th ng vi yu cu giy php hp php. S lng kt ni t hn s lng giy php mua Sn phm ny khng tun th ng vi yu cu giy php hp php. S lng kt ni vt qu s lng giy php mua Sn phm ny t n mc ngng hp php. S lng cc kt ni bng vi s lng giy php mua. Nu mt thit b hoc ngi dng khc kt ni n sn phm my ch, bn phi mua thm v ghi nht k li cc giy php mi Cc nhm giy php. Cc giy php Per Device hoc Per User yu cu mt CAL cho mi thit b. tuy nhin, dch v License Logging cung cp v theo di cc giy php ny theo tn ngi dng. Khi nhiu ngi dng chia s mt hoc nhiu thit b, bn phi to ra cc nhm giy php, hoc nu khng cc giy php s c dng n ht rt nhanh. Mt nhm giy php l mt tp hp cc ngi dng cng chung mt hoc nhiu CAL. Khi mt ngi dng kt ni n mt sn phm my ch, dch v License Logging theo di ngi dng bng tn nhng li cp mt CAL t cc CAL cp cho nhm giy php. Khi nim d hiu nht c th hiu qua v d nh sau: 10 ngi dng chia s mt thit b cm tay thc hin vic kim k. Bn to ra mt nhm giy php vi thnh vin l 10 ngi dng ny, Nhm giy php ny c cp 1 CAL, th hin nh mt thit b n m h chia s. 100 sinh vin t khi s dng mt phng lab my tnh vi 10 my tnh. Bn to ra mt nhm giy php vi thnh vin l 100 ngi dng v cp cho nhm 10 CAL. QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 230
DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 to ra nhm giy php, nhn vo thc n Options v t thc n Advanced, la chn New License Group. Nhp vo tn nhm v cp mt giy php cho mi thit b m bn s dng kt ni n my ch. S lng ca cc giy php phn chia cho mt nhm s tng ng vi s lng thit b s dng bi thnh vin ca nhm. LU . Mc ch ca k thi. Mc ch ca k thi 70-290 yu cu sinh vin c kh nng qun l giy php phn mm ca site
TNG KT
Microsoft pht hnh cc bn cp nht cho h iu hnh di dng cc bn service pack v hotfix Mt bn service pack l mt tp hp ca cc bn cp nht m c kim th cng nhau v c ph chun ci t trong tt c cc my tnh Mt hotfix l mt bn v li gii quyt mt vn n l no v c gii thch trong mt bi vit i km ca Microsoft Knowledge Base. Cc hotfix khng cn thit phi ci t trn tt c cc my tnh, mt s ch dnh cho cc my tnh thc hin cc tc v c bit hoc gp phi s c c th no . Cc bn service pack c th c ly v t Microsoft trn mt a CD ch vi mt t l ph hoc c th ti min ph trn Internet. Nu cc bn service pack ny l mt file n, n c th c gii nn bng cch thc hin file vi kha chuyn /X Cc bn service pack c th c trin khai mt cch th cng trn mi my tnh, tch hp trong bn ci t gc ca h iu hnh (slipstreamed) v c th t ng ci t thng qua cc chnh sch nhm. Microsoft Software Update Services cho php bn tp trung v qun l cc ph chun v phn phi ca cc bn cp nht then cht trong Windows cng nh cc bn v bo mt ca Windows. Mt hay nhiu my ch SUS cha danh sch cc bn cp nht c ph chun v bn thn cc file cp nht, vic cha cc file cp nht ny l mt ty chn nhng kh thng dng, Phn mm my khch Automatic Update c cu hnh, thng thng thng qua cc GPO, ly cc bn cp nht t cc my ch SUS trong intranet thay cho ly trc tip t Microsoft Windows Update Theo di v qun l cc giy php v s tun th ca ngi dng l mt phn quan trng ca nhim v qun tr. Windows Server 2003 cho php bn cp cc giy php cho cc kt ni ng thi cho mt my ch c th hoc duy tr giy php cho mi thit b hoc ngi dng m kt ni n bt k my ch no trong doanh nghip ca bn. Cc giy php c ng b gia my ch dch v License Logging v my ch giy php ca site. My ch giy php ca site c th c nhn bit thng qua Active Directory Sites And Services, tuy QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 232
DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 nhin giy php cho site c qun tr bng cng c Licensing trong nhm chng trnh Administrative Tools Mt nhm giy php cho php ngi dng chia s mt hoc nhiu thit b. Mt s lng nht nh cc Windows Device CAL c cp cho nhm giy php ny.
BI TP THC HNH
Bi tp thc hnh 5-1: S dng Windows Update
Trong bi tp thc hnh ny, bn s dng Windows Update ti cc bn hotfix mi nht cho Windows Server 2003 1. ng nhp vo my tnh Windows Server 2003 m c kh nng truy cp Internet bng ti khon Administrator 2. Kt ni vo Internet (nu cn) 3. Nhn Start, tr vo All Program v la chn Windows Update. Site Windows Update xut hin, sau hp thoi Security Warning xut hin, hi bn c mun ti v ci t ng dng Windows Update hay khng. 4. Xem cc cnh bo bo mt m bo rng ni dung c k bi Microsoft v nhn Yes tip tc 5. Nhn vo lin kt Scan For Updates (Qut cc bn cp nht) 6. Nhn vo lin kt Review And Install Updates (Xem qua v ci t cc bn cp nht) 7. Xem li cc bn cp nht c lit k v nhn vo Install Now. Mt hp thoi Microsoft Windows Update xut hin, cha tha thun giy php cho cc bn cp nht ny. 8. Nhn Accept ng vi cc iu khon trong tha thun giy php. Mt hp thoi Windows Update xut hin, cha mt thanh ch th tin trnh 9. Khi vic ci t hon thnh, nu cc bn cp nht ci t yu cu khi ng li, mt thng bo Microsoft Internet Explorer xut hin, nhc nh bn khi ng li h thng. Nhn OK khi ng li h thng.
Bi tp thc hnh 5-2: Cu hnh Automatic Updates

Trong bi tp thc hnh ny, bn cu hnh Automatic Update ti cc bn cp nht theo mt thi gian lp lch c trc. 1. ng nhp vo Windows Server 2003 bng ti khon Administrator 2. Nhn Start, tr vo Control Panel v sau nhn System. Hp thoi System Properties xut hin. 3. La chn th Automatic Updates 4. Trong hp Settings, la chn Automatically Download The Updates, And Install Them On The Schedule That I Specify 5. Trong danh sch lp lch x xung, la chn Every Sunday v 6:00 A.M, sau nhn OK.
Bi tp thc hnh 5-3: Gii nn mt bn Service Pack

Trong bi tp thc hnh ny, bn s gii nn phin bn mng ca mt bn service pack vo trong mt cu trc folder. 1. ng nhp vo my tnh bng ti khon Administrator 2. M Windows Explorer v to ra mt folder trn C: c tn l temp 3. Ly bn service pack cho Windows Server 2003 hoc Windows XP t trang Web ca Microsoft hoc t ging vin ca bn v sao chp n vo trong folder temp m bn va to ra. 4. Nhn vo Start, tr vo All program, tr vo Accessories v la chn Command Prompt. Mt ca s du nhc dng lnh xut hin 5. Trong ca s dng lnh, nhp vo cd \temp. Mt du nhc C:\temp> xut hin. Ti du nhc, nhp vo tn y ca file service pack ti v, theo sau l du cch v kha chuyn /X, ging nh trong v d sau: xpsp1.exe /X 6. Sau nhn Enter. Mt hp thoi Directory For Extracted Files xut hin 7. Nhn OK chp nhn folder mc nh C:\temp. Chng trnh ci t s to ra mt folder mc cha i386 trong folder temp cha cc file ci t service pack gii nn. 8. ng ca s Command Prompt
CC CU HI N TP
1. Bn ang cu hnh mt c s h tng Software Update Services s dng kin trc cha/con lng lo. Mt my ch c ng b cc d liu metadata v ni dung t Windows Update. Cc my ch khc (mt my trong mt site) c ng b ni dung t my ch SUS mc cha. Cc bc no sau y c yu cu hon thnh c s h tng SUS? (La chn tt c cc cu tr li ng) a. Cu hnh my khch Automatic Update s dng Control Panel trong mi my. b. Cu hnh GPO hng cc my khch vo my ch SUS trong site ca chng. c. Cu hnh mt im phn phi ni dung mt cch th cng d. Ph chun cc bn cp nht bng cch s dng trang qun tr SUS trn cc my ch mc con 2. Bn ang cu hnh SUS cho mt nhm cc my ch Web. Bn mun cc my ch Web ny t cp nht hng m da trn mt danh sch cc bn cp nht c ph chun trn my ch SUS. Tuy nhin, khi mt ngi qun tr ng nhp vo, thc hin vic bo tr vo lc m mun trn my ch Web v bn khng mun ci t cc bn cp nht v c th yu cu khi ng li lm nh hng n cc tc v ny. Chnh sch cu hnh Windows Update no m bn s dng trong kch bn ny? a. Notify For Download And Notify For Install b. Auto Download And Notify For Install c. Auto Download And Schedule The Install d. Auto Download And Install Immediately 3. Bn mun tt c my khch trn mng ti v ci t cc bn cp nht mt cch t ng vo gi m v bn cu hnh lp lch cch ci t cho Automatic Update. Tuy nhin, bn pht hin ra rng mt s ngi dng tt my tnh ca h vo bui m v cc bn cp nht khng c p dng. Chnh sch nhm no cho php bn x l tnh hung ny m khng phi thay i lch ci t? a. Ch nh mt Intranet Microsoft Update Service Location QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 235
DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 b. No Auto-Restart Installations For Scheduled Automatic Updates
c. Reschedule Automatic Updates Scheduled Installations d. Cu hnh Automatic Updates 4. Lnh no bn mun s dng gii nn file n bn ti ca mt bn service pack? a. Setup.exe -u b. Update.exe -x c. Update.msi d. Servicepackname.exe x 5. Ch giy php hp l trong Windows Server 2003 (La chn tt c cc cu tr li ng) a. Per User b. Per Server c. Per Seat d. Per Device hay Per User 6. Bn ang thu mt i ng gii quyt mt d n pht trin phn mm. S c ba ca cho su lp trnh vin. Mi lp trnh vin s dng bn my tnh lp trnh v kim th phn mm, phn mm ny xc thc qua mt my tnh Windows Server 2003. S CAL ti thiu m bn yu cu nu my ch ny ang trong ch giy php Per Device hay Per User? a. 6 b. 4 c. 18 d. 24 7. Cng c no cho php bn nhn bit my ch giy php ca site trong site ca bn ? a. Active Directory Domains And Trusts b. Cng c Licensing trong Control Panel c. Active Directory Sites And Services d. DNS QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 236
DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 8. Bn qun tr mt mng cho mt i ng gm 500 nhn vin kinh doanh in thoi. Bn c 550 giy php cu hnh trong ch giy php Per Device hay Per User. Mt chin dch mi c khi ng v bn s phi thu thm mt ca lm vic na cho 500 nhn vin ny. Bn cn lm g qun l hiu qu nht vic theo di v kim tra vic thc hin c ng theo cc giy php ny khng ? a. Yu cu li cc giy php t cc my khch c sn b. Xa cc giy php c v mua thm 500 giy php mi c. To ra cc nhm giy php d. Chuyn i ch giy php Per Server
CC KCH BN TNH HUNG

Kch bn 5-1. Trin khai Microsoft SUS
Bn l ngi qun tr mng cho mt doanh nghip c va v ang quan tm xem xt vic trin khai SUS mt cch rng ri trn cc my trm Windows XP Professional v cc my Windows Server 2003. Trc khi trin khai i tr vic ny, mt chng trnh trin khai th im c s c thc hin. Bn c giao cho mt phng Lab vi 10 my tnh Windows XP Professional, mt my ch thnh vin chy Windows Server 2003, mt my ch qun tr min chy Windows Server 2003 v mt my ch n chy Windows Server 2003. bn mun cu hnh tt c cc my tnh ngoi tr my ch SUS thc hin vic t ng kt ni n my ch SUS mi bui sng vo lc 7.A.M ti v ci t cc bn cp nht mi. Bn phi thc hin cc bc no sau y hon thnh nhim v trn ? (La chn tt c cc cu tr li ng) S dng th Automatic Update trong hp thoi System Properties trong tt c cc my trm Windows XP thit lp my ch cp nht l a ch ca my ch SUS. Thit lp tt c cc my trm Windows XP t ng ti v ci t cc bn cp nht vo lc 7 A.M mi ngy. a) S dng th Automatic Update trong hp thoi System Properties trong tt c cc my tnh Windows Server 2003 ngoi tr my ch SUS thit lp my ch cp nht l a ch ca my ch SUS. Thit lp tt c cc my tnh Windows Server 2003 t ng ti v ci t cc bn cp nht vo lc 7 A.M mi ngy. b) t cc my trm Windows XP v my ch qun tr min Windows Server 2003 trong mt OU ring bit c tn SUStest. Cu hnh thuc QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 237
DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 tnh Windows Update ca GPO s p dng cho OU SUStest, ch ra a ch ca my ch cp nht l my ch SUS trong phn chnh sch Specify Intranet Microsoft Update Service Location. Thit lp Configure Automatic Updates Policy to Automatic Download And Schedule The Install v thit lp lch ci t l hng ngy v thi gian l 7 A.M. p dng GPO ny vo OU SUStest c) Trn my tnh Windows Server 2003 n, cu hnh thuc tnh Windows Update trong GPO ni b ca my, ch nh a ch ca my ch cp nht l my ch SUS trong phn chnh sch Specify Intranet Microsoft Update Service Location. Thit lp Configure Automatic Updates Policy to Automatic Download And Schedule The Install v thit lp lch ci t l hng ngy v thi gian l 7 A.M. p dng GPO ny vo OU SUStest d) Trn my ch SUS, cu hnh thuc tnh Windows Update trong GPO ni b ca my, ch nh a ch ca my ch cp nht l my ch SUS trong phn chnh sch Specify Intranet Microsoft Update Service Location. Thit lp Configure Automatic Updates Policy to Automatic Download And Schedule The Install v thit lp lch ci t l hng ngy v thi gian l 7 A.M. p dng GPO ny vo OU SUStest
Kch bn 5-2: Trin khai mt bn service pack

Fred l ngi qun tr h thng cho mt vn phng hc vin ti mt trng i hc. Vn phng c 40 my trm Windows XP v 2 my ch Windows Server 2003. Mt trong hai my ch ny c cu hnh thnh mt my ch qun tr min, cn li l my ch dch v file v in n. Cc my tnh trong vn phng l thnh vin ca mt min Windows Server 2003 n. Microsoft gn y c pht hnh mt bn service pack cho Windows XP v, sau khi kim th n, Fred cm thy t tin trin khai bn service pack trn cho cc my trm Windows XP trong vn phng. Anh ta gii nn file service pack vo mt folder trn my ch file l \\Fileshare\newsrvpk. phng php no sau y c th s dng c ci t bn service pack trn tt c cc my trm Windows XP? (La chn tt c cc cu tr li ng) a) Anh ta c th vo tng my Windows XP v ci t bn service pack mt cch th cng t file chia s ny b) Anh ta c th to ra mt nhm c tn l Xpwkstn v t tt c cc my trm Windows XP vo trong nhm . Sau anh ta c th to ra mt GPO trong cu hnh gi phn mm mi trong mc Computer QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 238
DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 Configuration\Software Settings, s dng a ch ca file .msi ca bn service pack trn folder chia s \\Fileshare\newsrvpk. Trong hp thoi Deploy Software, anh ta la chn Assign v sau p dng GPO ny vo nhm Xpwkstn c) Anh ta c th to ra mt nhm c tn l Xpusrs v t tt c cc ngi dng s dng my trm Windows XP vo trong nhm . Sau anh ta c th to ra mt GPO trong cu hnh gi phn mm mi trong mc Computer Configuration\Software Settings, s dng a ch ca file .msi ca bn service pack trn folder chia s \\Fileshare\newsrvpk. Trong hp thoi Deploy Software, anh ta la chn Assign v sau p dng GPO ny vo nhm Xpusrs d) Anh ta c th to ra mt OU c tn l Xpwkstn v t tt c cc my trm Windows XP vo trong OU . Sau anh ta c th to ra mt GPO trong cu hnh gi phn mm mi trong mc Computer Configuration\Software Settings, s dng a ch ca file .msi ca bn service pack trn folder chia s \\Fileshare\newsrvpk. Trong hp thoi Deploy Software, anh ta la chn Assign v sau p dng GPO ny vo OU Xpwkstn
PHN 2
QUN L V DUY TR H IU HNH
LM VIC VI TI KHON NGI DNG
CHNG 6: LM VIC VI TI KHON NGI DNG

Trc khi bt c ngi dng no c th truy nhp vo my tnh chy Microsoft Windows 2003 t bt c bng iu khin no hoc qua mng th hc u phi c xc thc. Xc thc l mt qu trnh nhn dng v xc nhn cc iu kin ca ngi dng. Trong hu ht cc trng hp, qu trnh xc thc yu cu ngi dng cung cp tn ti khon v mt khu my ch kim tra bn ghi trc khi truy nhp. Qun l ti khon ngi dng v mt khu l mt trong cc tc v thng thng ca ngi qun tr. Trong chng ny, cc bn s hc cch to, qun l v x l cc tnh hung xy ra i vi ti khon ngi dng. Sau khi hon thnh chng ny, bn c kh nng: Hiu c s khc nhau gia ti khon ngi dng cc b, ti khon ngi dng min. Lp k hoch to ti khon ngi dng. To v qun l ti khon ngi dng. To v qun l ti khon ngi dng bng mu (template), nhp vo t ngun c sn v cc cng c dng dng lnh. Qun l khi lc ngi dng (User Profile) Hiu c s khc nhau gia cc khi lc cc b (Local), di tr (Roaming) v bt buc (Mandatory). X l cc tnh hung i vi vic xc thc ngi dng.
TM HIU TI KHON NGI DNG (USER ACCOUNT)

Mng Microsoft Windows da trn hai m hnh t chc thng c bit n l nhm (Group) v min (Domain). C hai m hnh ny u yu cu NSD c Ti khon Ngi dng xc thc. Nhng v mt bn cht cc ti khon ngi dng v cc cng c dng to v qun l chng i vi hai m hnh ny c khc nhau i cht. Cc im khc nhau gia ti khon ngi dng cc b s dng cho nhm v ti khon ngi dng min c tng kt trong bng 6-1. Bng 6-1 Cc c im ca Local User Name v Domain User Name. Local User Names Domain User Names Cng c qun l Local Users And Groups Active Directory Users And Computers Ni cha ti Trnh Qun l cc Ti CSDL Active Directory khon ngi khon Bo mt (SAMdng. Security Accounts Manager) trn mi my tnh cc b. Ni ng nhp My tnh cc b Min Active Directory Truy nhp ti Ti nguyn trn my tnh Ti nguyn trn min v cc b trn mng.
NHM LM VIC (Workgroup)

Nhm lm vic (Workgroup) l tp hp cc my tnh m trong chng tng tc mt cch khng chnh thc vi quyn khng tp trung. Mi my tnh trong nhm c mt tp cc ti khon ngi dng cc b ring lu ti c s d liu ca my tnh ny, c gi l Trnh Qun l cc Ti khon Bo mt (SAM - Sercurity Accounts Manager). Cc my tnh s dng cc ti khon ny xc thc v cho php ngi dng truy nhp vo ti nguyn ch trn ring my tnh ny. Nu mun truy nhp vo ti nguyn trn my tnh khc trong nhm th ngi dng phi c cc ti khon khc trn chnh cc my tnh v c n xc thc bi tch bit ring trc khi c php truy nhp vo. Mc d mi my tnh trong nhm thc hin vic xc thc ring ca mnh nhng khng nht thit ngi dng phi cung cp tn ti khon v mt khu kt ni ti tng my tnh. Nu mi my tnh u c ti khon cho ngi
QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 242
LM VIC VI TI KHON NGI DNG dng c cng tn ti khon v cng mt khu th tt c cc ln xc thc sau ln u tin s thc hin ngm v t ng. to ti khon ngi dng cc b, bn s dng MMC snap-in gi ti Local User and Group. Mun ng nhp bng ti khon ngi dng cc b, ti hp thoi Log On To Windows bn cung cp tn ti khon, mt khu v chn This Computer ti danh sch Log On To. Qu trnh to ti khon ngi dng cc b kh n gin, nhng hn ch ca m hnh nhm lm vic l buc ngi qun tr duy tr cc ti khon cho cng mt ngi dng trn ng thi nhiu my tnh khc nhau. V d, nu ngi dng c ti khon trn 10 my tnh khc nhau th bn phi thay i mt khu tng ti khon ring r trn 10 my tnh. V vy, m hnh nhm lm vic l khng thc t, tr khi l mng nh.
MIN (Domain)
M hnh min do Microsoft Windows 2003, Microsoft Windows XP v Microsoft Windows 2000 s dng da trn nn tng dch v Microsoft Active Directory. Trong chng 1, bn hiu v kin trc v chc nng ca Active Directory. Cc Ti khon Ngi dng Active Directory nm di dng ca cc i tng Ngi dng, v chng c lu, cng ging nh tt c cc thng tin ca Active Directory, trn my tnh iu khin min, ni m chng c th c truy nhp ti t mi ni trong min. Khi ng nhp bng ti khon ngi dng min ngi dng s c xc thc bi my ch iu khin min, ch khng phi bi my tnh m ngi dng ang lm vic hoc truy nhp vo. Ti khon ngi dng min gm c tn ng nhp v mt khu, tn ny l duy nht v c gi l m nhn dng bo mt (SID - Security Identifier). Trong khi ng nhp, Active Directory xc thc tn ngi dng v mt khu a vo. Tip theo, h thng bo mt s to th truy nhp tng ng vi ngi dng ny. Th truy nhp cha m nhn dng bo mt ca ti khon ngi dng v m nhn dng bo mt cc nhm ca ngi dng ny. Th ny sau c th c s dng kim tra li quyn gn cho ngi dng, bao gm c quyn ng nhp cc b v quyn c php truy nhp vo ti nguyn c bo mt bi danh sch iu khin truy nhp(ACLsAccess Control Lists). Trong m hnh min, mi ngi dng ch c mt ti khon min, nh vy s gim nh cng vic ca ngi qun tr mng. Ch mt ti khon ny c th c ngi dng s dng truy nhp vo mi ti nguyn trn mng. CSDL Active Directory thng xuyn c ng b gia cc my tnh iu khin QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 243
LM VIC VI TI KHON NGI DNG min, nn cc ti khon ngi dng gn nh lun sn sng xc thc cho ngi dng truy nhp ti ti nguyn mi. Ngi Qun tr s dng snap-in Active Directory User and Computer to i tng ngi dng min . ng nhp bng ti khon ngi dng min bn phi cung cp tn ti khon, mt khu v ti Log On To la chn min mun ng nhp, ch ra trong hnh 6-1.
Hnh 6-1: Hp thoi ng nhp vo Windows LU : ng nhp vo my tnh iu khin min. Khi my tnh Microsoft Windows 2003 ng vai tr l my tnh iu khin min th khng c s la chn no khc nngoi tr vic ng nhp vo min. Ti khon ngi dng cc b v snap-in Local User And Group cng khng c s dng.
LP K HOCH TI KHON NGI DNG

Khi bn thc s bt tay vo vic to ti khon ngi dng cc b hoc ti khon ngi dng min, bn nn cn nhc gia cc k hoch c vch ra, nht l khi bn lm vic vi mt mng ln v phc tp. Mc d vic to ti khon ngi dng ban u dng nh l n gin, thu thp cc tn v la chn ti khon, mt khu cho php v cu trc ca phn cp Active Directory s gip bn gii quyt cc vn sau ny.
T TN CHO TI KHON
Khi bn to ti khon ngi dng, c dng cc b v min, bn phi xc nh Firt Name (Tn gi) v Last Name (H) ca ngi dng, nhng thc s c dng khi ng nhp v xc thc l tn ti khon. Tn ca ti khon ngi dng cc b v ti khon ngi dng min c di ti a cho php l 20 k t, nhng thun li cho ngi dng nn t ngn hn. Cc tn khng phn bit ch hoa ch thng (mc d Microsoft Windows 2003 gi nguyn kiu ch bn nhp vo) v khng c cha cc k t sau:
LM VIC VI TI KHON NGI DNG /\[]:;|=,+*?<>@ LU : tn ti khon v a ch th in t. Khi to tn ti khon m ng thi mun s dng chngcho a ch E-mail, phi m bo chc chn n ch gm cc k t cho php ca phn mm E-Mail, mt s h thng E-mail khng cho php s dng tn c du cch hoc du ngoc n, cho d n vn c Microsoft Windows 2003 chp nhn.. Dng ca tn ti khon, ti nhiu t chc s dng mt s kiu kt hp ca Firt Name hoc Last Name v mt hoc thm cc ch ci u. V d , tn ngi dng l Mark Lee c th c tn ti khon l mlee hoc markl, Mc d vy, i vi cc t chc c qui m ln, s dng First Name l khng thc t v rt d c hai ngi cng tn l Mark, thm ch rt c th c hai Mark u c Last Name bt u bng ch L". Cho d bn s dng bt c dng no cho Tn Ti khon ca bn, iu quan trng nht l bn phi to c mt tp cc lut to ra chng v trung thnh vi chng. Vic gn cc tn ti khon mt cch khng thng nht, s dng cc bit hiu (Nickname) ti ngha hay theo s thch ca ngi s dng s dn n vic nhm ln ca cc qun tr khc khi xc nh tn ti khon cho mt ngi s dng c th no . Lut ca bn nn ch ra mt s kt hp chun gia First Name v Last Name hay cc ch vit tt, cng nh cc phng php c chun ha to ra cc tn ti khon duy nht. v khi bn nghe tn ti khon bn c th d dng suy ra c tn ngi dng .
LA CHN MT KHU
Ngy nay, bo mt nh hng mnh m n nhim v ca qun tr trn ton mng v vic to ti khon ngi dng cng khng thuc ngoi l. Khi to ti khon ngi dng mi bn phi xc nh mt khu v p dng chnh sch vi mt khu tu theo mc bo mt m t chc ca bn mun. Mc nh, khi to ti khon ngi dng min trong Microsoft Windows 2003, bn phi t mt khu dng phc tp, c di ti thiu 7 k t. Nhng rng buc ny bc n nh ti chnh sch nhm, c cu hnh mc nh ti Default Domain Policy Group Object - GPO. Ti khon ngi dng cc b s khng b cc rng buc ny. Bn c th iu chnh li cc rng buc v cc quy tc gn mt khu mc nh bng cch s dng bng iu khin Group Policy Object Editor sa li cc thit lp chnh sch mt khu. Enforce Password History: Xc nh s lng mt khu khc nhau trc khi ngi dng c php s dng li mt khu c, gi tr mc nh l 24.
LM VIC VI TI KHON NGI DNG Maximun Password Age (Tui di nht ca mt khu): Xc thi gian bao lu mt mt khu c th c dng trc khi h iu hnh buc ngi dng i li, gi tr mc nh l 42 ngy. Minimun Password Age (Tui ngn nht ca mt khu): Xc thi gian bao lu mt mt khu phi s dng trc khi h iu hnh cho php ngi dng i li, gi tr mc nh l 1 ngy. Minimum Password Length ( di mt khu ti thiu): di ti thiu ca mt khu m h iu hnh cho php, gi tr mc nh l 7. Password Must Meet Complexity Requirements (Mt khu phi tha mn iu kin phc tp): Xc nh iu kin i vi mt khu nh di t nht l 6 k t, khng trng vi ton b tn hoc mt phn ca tn ti khon, bao gm t nht 3 trong s 4 kiu k t: Ch hoa, ch thng, s v k t c bit. Mc nh, h iu hnh enable (cho php) chnh sch ny. Cc thit lp mc nh cho ngi dng mi l thit lp User Must Change Password At Next Logon (Ngi dng bt buc phi i mt khu ti ln ng nhp sau). Thit lp ny gi s l cc ngi dng s c trch nhim cung cp mt khu ca h v thay i chng nh k. Ngi qun tr to ti khon ch l cp mt khu tm thi cho ln ng nhp u tin ca ngi dng. Vic bn mun ngi dng cung cp mt khu ca h l mt quyt nh v bo mt m bn phi thc hin trc khi bn bt tay vo to ti khon. Ni chung, vic ngi dng t cp mt khu l thng dng hn v hai l do, mt l s d dng hn cho ngi dng nh c mt khu v hai l vic phi thay i mt khu nh k 42 ngy mt ln s l gnh nng ln i vi qun tr mng. Chnh sch mt khu mc nh bt ngi dng thay i nh k thay i li mt khu ng thi cng ngn cn vic h s dng li cng mt mt khu thng xuyn. Ty thuc vo yu cu bo mt mng, bn c th mun thit lp cc chnh sch mt khu khc cho ngi dng m khng th thc hin bng phn mm c, nh: Khng tit l mt khu cho ng nghip hoc vi bt k ai trong hoc ngoi t chc Khng ghi mt khu v n c th d dng c tm thy Khng to mt khu s dng thng tin nh ngy sinh, tn, con hoc vt nui. Ni mt khu qua in thoi hoc gi bng th in t. QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 246
THIT K M HNH PHN CP ACTIVE DIRECTORY

Do cc ti khon ngi dng cc b khng c d nh dng trong cc mng ln, chng c lu ti c s d liu dng CSDL khng phn cp. SAM thc s nh hn mt danh sch ngi dng v nhm vi mt vi thuc tnh chnh c bn cho mi ti khon. Do vy khng cn c mt thit k cho loi ti khon ny. Ngc li, Ti khon ngi dng min l mt phn ca kin trc Active Directory, v vic thit k kin trc ny l mt phn rt quan trng ca k hoch c s h tng mng. Nh bn tm hiu ti chng 1, cu trc c bn ca min Active Directory l theo kiu hnh cy, tng t nh cu trc th mc ca h thng file. Trong , i tng min l ngn ca cy (i khi cng c gi l gc) v vi mt hoc mt s phn cp di n l OU - Organization Unit(n v t chc). Tt nht l chng ta nn ginh cc tc v thc s ca vic thit k kin trc ny cho cc nh thit k mng, nhng ngi qun tr c trch nhim to cc ti khon ngi dng cn bit r cc kin trc ny v cc m hnh c s to nn chng. to ngi dng min, u tin l bn phi quyt nh t h vo OU no. Quyt nh ny da vo chc nng ca OU to. Cy Active Directory thit k c th da vo chnh sch phn chia ca t chc nh theo phng ban, theo nhm hoc v tr a l nh ton nh, tng, vn phnghoc ht hp ca cc yu t trn v nhiu cc yu t khc na. Mc ch ca phn cp gip n gin ho vic nh v ccc i tng trong cy v thc hin vic gn cc thuc tnh cho mt s lng ln cc i tng bng cch gn chng cho cc OU v cc thuc tnh ny, lp tc s c cc di tng con tha hng theo kin trc hnh cy. t cc i tng ngi dng vo ng v tr trong kin trc s gip chng s nhn c cc thit lp cu hnh cn thit m khng phi thc hin cu hnh n l v trnh cho bn khng phi di chuyn cc ngi dng sau ny.
LM VIC VI TI KHON NGI DNG CC B

Ti khon cc b c php truy nhp vo ti nguyn trn my tnh m bn to ti khon t bng iu khin hoc qua mng. Mc nh, Microsoft Windows 2003 s to 3 ti khon ngi dng cc b sau: Administrator (Qun tr): Ti khon ny yu cu cho ln ng nhp h thng u tin, s dng mt khu c cp trong qu trnh ci t h thng. Ngi dng Administrator l thnh vin nhm Administrators, c ton quyn truy nhp n mi ni trong h thng. Bao gm c vic c th khi QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 247
LM VIC VI TI KHON NGI DNG to ti khon ngi dng cc b, phn quyn cho cc ti khon ngi dng cc b, ci t phn cng v phn mm. Ti khon Administrator cc b lun c cn n, thm ch trn mng Active Directory, do c cc cng vic i hi Administrator cc b truy nhp ti chnh my tnh ny. Guest (Khch): Ti khon s dng cho ngi dng tm thi v b gii hn truy nhp vo h thng. Ti khon ny s c to t ng trong qu trnh ci t h thng, mc nh s c trng thi v hiu ho v khng c mt khu. Bn cn phi kch hot (Enable) ti khon ny trc khi c bt k mt ai s dng n ng nhp. Ti khon Guest l thnh vin ca nhm Guests v b gii hn quyn truy nhp vo h thng. Trong hu ht cc trng hp, bn nn v hiu ho n v to cc ti khon mi, ring cho cc ngi dng c th thay cho vic cho h ng nhp vo tt c u s dng ti khon Guest. SUPPORT_number Ti khon ny to cho Nhn vin H tr K thut ca Microsoft khi h kt ni vo h thng s dng tnh nng Remote Assistance. Mc nh ti khon ny trng thi v hiu ho v phi c kch hot trc khi k thut vin ca Microsoft c th truy nhp vo my tnh. Nu my tnh c kt ni vo min khng cn thit to thm ti khon ngi dng cc b bi v ngi dng s ng nhp s dng ti khon ngi dng min v t c th truy nhp vo ti nguyn h thng. Nhng nu my tnh cu hnh tham gia vo nhm lm vic th bn c th to ti khon ngi dng cc b mi bng cch s dng snap-in Local Users And Groups. Ti my khng phi l my ch iu khin min, snap-in ny c tch hp vi bng iu khin Computer Managerment chy t nhm chng trnh Administrator Tools ti thc n StartThc n
Hnh 6-2: Snap-in Local Users and Groups
TI KHON NGI DNG CC B

to ti khon ngi dng cc b bn chn Folder User t thc n Action, s xut hin hp thoi (hnh 6-3), bn a vo cc thng tin sau: User Name: Tn ti khon ng nhp vo my tnh (bt buc). Full Name: Tn y ca ngi dng (tu chn). Description: Din gii v ngi dng hoc chc nng ca ngi dng (tu chn). Password: mt khu xc thc ngi dng, c di ti a l 127 k t (tu chn). Confirm Password: Vo li mt khu thm mt ln na chc chn bn g vo ng. Nu hai ln khng trng khp nhau th s yu cu bn vo li thm mt ln na. User Must Change Password At Next Logon: Chn la chn ny nu bn mun ngi dng thay i li mt khu khi ng nhp vo h thng ln u. Bn s khng th chn la chn ny nu bn chn Password Nerver Expires (Mt khu khng gi hn thi gian). La chn ny cng s t ng xo b la chn User Cannot Change Password (Ngi dng khng thay i c mt khu) User Cannot Change Password: Chn la chn ny, ngi dng s khng thay i li c mt khu, thng th bn s dng la chn ny khi c ng thi t hai ngi tr ln dng chung mt ti khon ngi dng min hoc bn mun qun l dch v mt khu ngi dng. Bn khng th chn la chn ny nu chn User Must Change Password At Next Logon. Password Nerver Expires: Bn chn la chn ny nu mun mt khu khng bao gi b ht hn. Bn s khng chn c la chn ny nu bn chn User Must Change Password At Next Logon. Thng bn s chn la chn ny qun l dch v mt khu ti khon. Account Is Disable: Chn la chn ny v hiu ho ti khon, v nh l cho nhn vin mi, nhng ngi ny li cha cn truy nhp vo mng.
Hnh 6-3: Hp thoi New User
QUN L TI KHON NGI DNG CC B

Ti khon ngi dng cc b c tng i t cc thuc tnh. Bn chn Account ti Folder Users t snap-in Local User And Group v chn Properties t Thc n Action. Hp thoi Properties s xut hin (ch ra ti hnh 6-4). Hp thoi ny cho php bn sa li cc thuc tnh trong khi to ti khon ngi dng, ngoi tr tn ngi dng v mt khu. i li tn bn chn lnh Rename v i li mt mt khu chn Set Password t Thc n Action. Hp thoi ny cung cp cc thng s ca ti khon ti cc th sau: General Member Of Profile Environment Sessions Remote Control Terminal Services Profile Dial-in
Hnh 6-4: Hp thoi Properties ca ngi dng cc b Thit lp ti cc th ging nh ti hp thoi Properties ca hp thoi ngi dng min. Xem thm Qun l ti khon ngi dng min ti chng sau.
LM VIC VI TI KHON NGI DNG MIN

Lm vic vi ti khon ngi dng min tng t nh l vi ti khon ngi dng cc b nhng ti khon ngi dng min c nhiu thng tin hn. Khi bn to min Active Directory bng cch thng cp my tnh iu khin min u tin, Microsoft Windows 2003 mc nh s to cc ngi dng sau: Administrator: Ti khon min Administrator l thnh vin ca nhm Administrators ca min v thc hin cng chc nng chnh nh ti khon ngi dng cc b. l ti khon u tin ng nhp vo min v c ton quyn truy nhp ti tt c cc chc nng v tnh nng ca min. iu quan trng l bn phi phn bit ti khon min Administrator v ti khon cc b Administrator l hai ti khon tch bit nhau. Hai ti khon ny c mt khu khc nhau, cc Cp php khc nhau v cc kh nng khc nhau. Vi my tnh chy Microsoft Windows 2003 th my ch thnh vin ca min (nhng khng phi l my ch iu khin min) c th ng nhp s dng c hai ti khon ny tu theo thit lp ti la chn Log On To ti hp thoi Log On To Windows. Guest: Tng t nh ti khon cc b Guest, ti khon min Guest trng thi v hiu ho v dnh cho ngi dng tm thi truy nhp vo min. LU : Mc ch ca bi thi. Mc ch ca bi thi 70-290 xc nh bn c th to v qun l ti khon ngi dng. QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 251
LM VIC VI TI KHON NGI DNG Microsoft Windows 2003 cng to cc ti khon dng sn mc nh khc khi bn ci t cc dch v trn my tnh ny. V d, khi thng cp mt my ch thnh my ch iu khin min s to cc i tng ngi dng n gi l krbtgt c chc nng nh l i tng bo mt ca dch v Trung tm Phn phi Kho (Key Distribution Center - KDC). Khi bn ci Microsoft Internet Information Services (IIS) c hai ngi dng c to l IUSR_computerName l ngi dng v danh kt ni ti my ch Web v IWAM_computername m IIS s dng khi chy cc ng dng c lp (out-of-process) Cc i tng ngi dng dng sn trong min c t ti i tng cha (Container) tn l Users. Thm ch, bn c th to i tng ngi dng mi ti y hoc ti i tng cha khc, thm tr trc tip ti chnh min. Tt nht l bn nn to ti OU tin cho vic s dng chnh sch nhm sau ny. Bn ch c th lin kt mt i tng chnh sch nhm (Group Policies Objects- GPO) vi mt min, Site hoc OU nhng khng th lin kt vi i tng cha Users. Do , Bn nn to cc OU ph hp vi thit k Active Directory ca c quan bn, trc khi bn bt u tay vo to ngi dng. LU : Cc i tng cha. Cc i tng Users, Builtin, Computers, v ForeignSecurity- Principals thuc v cc lp i tng c bit c gi l i tng cha (Container). Trong Dch v Th mc (Directory Service) thut ng Container c s dng mt cch khi qut ch n mt i tng no c cha cc i tng con khc. Do , trong trng hp bn i tng lit k trn, theo ng nh ngha, u c gi l Container. Bn khng th p dng GPOs cho bn i tng cha ny, hoc xo n i hay to cc i tng mi cng kiu. Tuy vy, bn c th chuyn cc i tng t cc Container ny ti cc i tng OU m bn to ra tin cho vic qun l hn. Trong my ch iu khin min, chy Microsoft Windows 2003 bn to i tng ngi dng min bng cch s dng snap-in Active Directory Users And Computers (hnh 6-5),. chn t nhm chng trnh Administrative Tools trong Thc n Start . to i tung ngi dng, bn phi l thnh vin ca nhm Enterprise Admins, Domain Admins hoc Account Operators hoc bn phi c u quyn qun tr cn thit to i tng ngi dng. LU : Ci t bng iu khin. Mc d, Bng iu khin Active Directory Management trong nhm chng trnh Administrative Tools ch c ti my my iu khin min, nhng bn cng c th QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 252
LM VIC VI TI KHON NGI DNG chy chng t Microsoft Windows 2003 Server, Windows XP workstations. ci gi Administrative Tools bn chy Adminpak.msi t Folder I386 trn a CD ci t Microsoft Windows 2003.
Hnh 6-5: Bng iu khin Active Directory Users And Computers
TO TI KHON NGI DNG MIN

to i tng ngi dng t thc n Action chn New chn tip User khi s xut hin New Object User wizard. Khng nh hp thoi New User to i tng ngi dng cc b, trnh hng dn New Object User xut hin nh sau: Ti trang u ca trnh hng dn (ch ra ti hnh 6-6) gm cc tham s sau: First Name: Tn gi ca ngi dng (tu chn). Initials: Ch ci u tn m ca ngi dng (tu chn). Last Name: Tn h ca ngi dng (tu chn).
Hnh 6-6: Trang u ca trnh hng dn New Object User Full Name: Tn y ca ngi dng (bt buc). Khi bn g vo First Name hoc Last Name th gi tr Full Name c t ng a vo v sau bn c th sa li c. Gi tr a vo ny s sinh ra mt s cc thuc tnh ca i tng ngi dng: common Name (CN tn ph bin), distinguished Name (DN tn phn bit), Name (tn) v DisplayName (tn hin th) . Do thuc tnh CN buc phi l duy nht trong mt Container. nn, tn y bn nhp vo y phi l duy nht mt cch tng i so vi cc i tng khc trong OU ni m i tng ngi dng c to ra(hoc vi cc Container khc) . User Logon Name (Tn ng nhp): Tn ca ti khon s dng ng nhp (bt buc). Tn ny s c dng trong User principal Name (UPN tn chnh ca ngi dng), bao gm tn ng nhp v ui UPN, mc nh l tn h thng tn min (Domain Name System - DNS) ca min. ton b tn UPN c nh dng Tn-ng-nhp@ ui-UPN (logon-Name@UPN-suffix) v phi l duy nht trong rng Active Directory. V d UPN l someone@ACNA.com. UNP s dng ng nhp vo mi my tnh chy Microsoft Windows 2003, Windows XP hoc Windows 2000. User Logon Name (PreWindows 2000): tn ti khon s dng ng nhp vo cc my khch trc Windows 2000 (bt buc), c th l Windows 95, Windows 98, Windows Millennium Edition (Windows Me) hoc Windows NT. Gi tr ny s c a vo t ng theo tn ngi dng ng nhp v c di ti 20 k t. Gi tr ny cng phi l duy nht trong mt min. Sau khi vo cc gi tr cho trang u bn chn Next, s xut hin trang th 2 bao gm cc tham s sau: QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 254
LM VIC VI TI KHON NGI DNG Password: Mt khu xc thc ngi dng, c di ti a l 127 k t (tu chn). Confirm Password: Vo li mt khu thm mt ln na chc chn bn g vo ng. Nu hai ln khng trng khp nhau h thng s yu cu bn vo li thm mt ln na. User Must Change Password At Next Logon: Chn la chn ny nu bn mun ngi dng thay i li mt khu khi ng nhp vo h thng ln u. Bn s khng th chn la chn ny nu bn chn Password Nerver Expires. La chn ny cng s t ng xo b la chn User Cannot Change Password
Hnh 6-7: Trang th hai ca trnh hng dn New Object-User User Cannot Change Password: Chn la chn ny, ngi dng s khng thay i li c mt khu, thng th bn s dng la chn ny khi c ng thi t hai ngi tr ln dng chung mt ti khon ngi dng min hoc bn mun qun l dch v mt khu ngi dng. Bn khng th chn la chn ny nu chn User Must Change Password At Next Logon. Password Nerver Expires: Bn chn la chn ny nu mun mt khu khng bao gi b ht hn. Bn s khng chn c la chn ny nu bn chn User Must Change Password At Next Logon. Thng bn s chn la chn ny qun l ccmt khu ca ti khon dch v Account Is Disable: Chn la chn ny v hiu ho ti khon, v nh l cho ngi mi n, nhng ngi ny li cha cn truy nhp vo mng. Mt s tu chn ca ti khon c th mu thun vi chnh sch nhm thit lp m n c k tha t min hoc i tng cha. V d, chnh sch QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 255
LM VIC VI TI KHON NGI DNG nhm ca min mc nh l mt khu phi i theo chu k l 42 ngy. Trong khi bn li chn Password Never Expires th n s ghi ln chnh sch nhm v ngi dng s khng nhn c nhc nh phi i li mt khu na. Sau khi bn vo cc gi tr ti trang th 2 ny chn Next, khi s xut hin tramh summary. Chn Finish hon thnh vic khi to i tng ngi dng mi ti i tng cha chn.
QUN L TI KHON NGI DNG MIN

Sau khi bn to i tng ngi dng, bn s dng bng iu khin Active Directory Users And Computers qun l cc thuc tnh ca n. Bng cch chn i tng ngi dng, sau chn thc n Action, bn c th thc thi cc cng vic sau: Add To A Group: a i tng ngi dng vo thnh thnh vin ca nhm c Disable Account: V hiu ho ti khon, khng cho php ng nhp vi ti khon ny. Nu mun dng li bn ch cn xo du chn ti hp kim tra Account Is Disable trong danh sch Account Option trn th Account ca hp thoi Properties ca i tng ngi dng ny. Reset Password: Cho php qun tr t li mt khu ti khon m khng cn bit mt khu c. Open Home Page: M Microsoft Internet Explorer v kt ni ti a ch trang web (Uniform Resource Locator - URL) c xc nh ti hp Web Page trong th General ti hp thoi Properties ca i tng ngi dng Send Mail : Dng ng dng Th in t mc nh, to th mi vi a ch ti hp Email trong th General ti hp thoi Properties ca i tng ngi dng. Delete : Xo i tng ngi dng khi CSDL Active Directory. Rename: Sa i li trng Full Name ca i tng ngi dng v m hp thoi Rename User bn c th sa i li First Name, Last Name, Display Name, User Logon Name v User Logon Name (PreWindows 2000). Lu : Mc ch ca bi thi. Mc ch ca bi thi 70-290 xc nh bn c th to mi v sa i li ti khon bng cch s dng snap-in Active Directory Users And Computers.. QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 256
LM VIC VI TI KHON NGI DNG Khi bn to ti khon ngi dng mi, bn ch cn a vo cc thuc tnh c bn nht. Sau , bn c th s dng mt cng c qun tr mnh dnh cho i tng ngi dng l hp thoi Properties ca chnh i tng ny. Bn m hp Properties bng cch chn i tng ngi dng sau ti thc n Action chn tip Properties sa li. Mc nh hp thoi ny c 13 th, vi rt nhiu cc thuc tnh m bn c th thit lp cho User. Cc th ny c phn loi nh theo bng 6-2 i y LU : Active Directory Schema and Object Properties. Trong mt s trng hp hp thoi Properties c nhiu hn 13 th hay c th c thm cc trng khc trn mt vi th mc nh.iu ny xy ra do lc (schema) Active Directory, ni xc nh s cc thuc tnh cho mi kiu i tng, l c th m rng c. . Ngi qun tr c th m rng thm lc mt cch th cng bng cch thm cc thuc tnh cho kiu i tng (Microsoft khuyn co l khng nn lm nh vy) hoc lc cng c th t ng c m rng khi ci t cc sn phm phn mm nh ci t Microsoft Exchange th s to thm cc th Exchange General, Exchange Features, and E-mail Addresses ti hp thoi Properties ca i tng ngi dng. Bng 6-2: Phn loi cc thuc tnh ngi dng trong cc th ca hp thoi User Properties Phn loi General Thng tin c nhn (Personal information) Address Telephones Organization Thuc tnh Ti khon (Account properties) Qun l cu hnh ngi dng (User configuration Account Th
Profile
management)
Quan h thnh vin nhm Member Of (Group membership)
LM VIC VI TI KHON NGI DNG Terminal Services Profile Dch v u cui (Terminal Environment Services) Remote Control Sessions Truy cp t xa (Remote Access) ng dng (Applications) Dial-in COM+
Thit lp ti tng th s c nu r trong cc phn sau:
Th General
Th General gm cc thng tin c bn ca ngi dng nh First Name v Last Names m bn nhp vo khi to i tng ngi dng. Bn cng c th a vo cc trng khc nh Display Name, Office Location (v tr c quan) v Description, thm vo l Telephone Numbers (s in thoi), Web page addresses (a ch trang WEB) v E-mail address (a ch Th in t) ca ngi dng. Rt nhiu trng trong cc Th General, Address, Telephones v Organization l cc thng tin c nhn v cc trng ny l tu chn v cc gi tr ca n khng c mi lin quan trc tip ti cc hot ng ca i tng ngi dng hay ca dch v Active Directory, n n gin ch cung cp cc thng tin v ngi dng.. Vic cung cp cc thng tin ny gip cho ngi qun tr d dng tm kim ti khon ngi dng min bng cch s dng cng c tm kim (Search) vi bt k thng tin no h c v ngi QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 258
LM VIC VI TI KHON NGI DNG dng . cc ngi dng trn mng cng c th tm kim mt ngi dng c th no tm ra cc thng tin lin h hoc d liu khc.
Th Address
Th Address gm cc trng thng tin cho php qun tr nhp cc thng tin a ch ngi dng vo Active Directory.
Th Telephones
Th Telephones gm cc trng cho php qun tr lu cc s in thoi ca ngi dng. Mc d cc trung nh vy ch n thun l thng tin trong cu hnh mc nh ca Active Directory, nhng cng khng th ni l n chng lm g c. C rt nhiu thng tin c ch, v d nh c th to ng dng quay s in thoi cho php bn tm kim ti khon ngi dng khc trong Active Directory v t ng quay s vo s in thoi t trong th ny.
Th Organization
Th Organization bao gm cc trng m ngi qun tr c th xc nh thng tin v v tr ca ngi dng trong t chc, c c trng m bn c th chn ti khon ngi qun l ca ngi dng ny trogn CSDL Active Directory .
Th Account
Th Account cha cc trng User Logon Name, UPN Suffix, and User Logon Name (PreWindows 2000) c cc gi tr bn a vo khi to ngi dng, tu theo bn la chn t ttrnh hng dn Create Object User. Th ny cng s bao gm mt s cc tu chn khc nh sau. Logon Hours (Gi ang nhp): Hin hp thoi Logon Hours, ti qun tr c th t thi gian hng ngy hoc theo ngy xc nh trong tun m ngi dng s c php ng nhp vo min. Mc nh, tnh nng ny ch cm ngi dng ng nhp vo. Nu ngi dng ng nhp v ht thi gian cho php th s khng b ngt. Nhng nu trong Network Security ti i tng chnh sch nhm (GPO) chn QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 260
LM VIC VI TI KHON NGI DNG Network Security l Force Logoff When Logon Hours Expire, th qun tr s ngt kt ni ca ngi dng mt cch t ng. Hn ch ca Logon Hours l ch p dng cho ng nhp min ch khng p dng cho ng nhp cc b.
Log On To (ng nhp vo): Hin hp thoi Logon Workstations, ti qun tr c th xc nh tn ca cc my tnh trn mng m ngi dng ny c th ng nhp vo. Tnh nng ny cn c gi l Computer Restrictions. Bn phi chn Enable NetBIOS over TCP/IP trn mng s dng tnh nng ny do n hn ch vic ng nhp vo my tnh da trn tn NetBIOS ca my.
Account Is Locked Out (Ti khon b kha): Mc nh ch v hiu ho, n ch c kch hot v chn khi ti khon ngi dng b kho do nhiu ln c tnh ng nhp khng thnh. Bn c th t kha cc ti khon tu theo cc gi tr Account Lockout Duration (Thi gian kha ti khon), Account Lockout Threshold (ngng kha ti khon), v Reset Account Lockout Counter After (t li bin m kha ti khon sau) ca chnh sch nhm (GPO). V d, Account Lockout Threshold t l 3 th ti khon s b kho sau 3 QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 261
LM VIC VI TI KHON NGI DNG ln ng nhp khng thnh cng. Khi ti khon b kho th qun tr c th m li bng cch xo la chn ny. Store Password Using Reversible Encryption (Lu mt khu s dng m ha o): Buc Active Directory lu mt khu ca i tng vi thut ton m ho o, thay cho vic s dng cc thut ton m ha thun chiu, mnh hn v hin ang c s dng ph bin trong vic m ha mt khu. La chn ny c thit k cho cc ng dng yu cu o mt khu , nh phin bn u tin ca Challenge Handshake Authentication Protocol (CHAP). Trong tt c cc trng hp khc, la chn ny nn dng v hiu ho. Bn cng c th thit lp l kch hot hoc v hiu ho la chn ny bng cch s dng Group Policies. Khi la chn ny c chn th n s ln gi tr cng loi trn cc Group Policy khc nu c xung t. Account Is Disabled (Ti khon b v hiu ha): Cho php qun tr v hiu ho hoc kch hot ti khon ngi dng Smart Card Is Required For Interactive Logon (Yu cu c Smart Card khi ng nhp): ngi dng c yu cu smart card khi ng nhp. Smart card l thit b th cha thng tin nh danh ca ngi dng, thng l di dng chng ch s v kho m ring. ngi dng ng nhp bng smart card th my tnh phi c thit b u c v phn mm tng ng v ngi dng phi c chnh xc s PIN (personal identification number) ca Card. La chn ny dnh cho cc ti khon yu cu tng cng tnh nng bo mt. Bi v vic dng smart card khng cn ti mt khu , la chn ny thay i mt khu ti khon thnh gi tr phc tp v ngu nhin v kch hot la chn Password Never Expires. Account Is Trusted For Delegation (Ti khon c tin cy cho y quyn): La chn ny cho php dch v chy di tn ti khon ngi dng (gi l service account ti khon dch v) nhm ng vai tr l mt ngi dng truy nhp vo ti nguyn my tnh thay mt cho ti khon ngi dng khc trn mng. Trn mng, la chn ny him khi c chn, nu c, trong i tng ngi dng thay mt cho ngi dng thc s. Account Is Sensitive And Cannot Be Delegated (Ti khon l nhy cm v khng c y quyn): U quyn cho php qun tr trao quyn kim sot cho mt ti khon c th, thng l dng tm thi, v d nh l ti khon Guest. La chn ny ngn cm ti khon c u quyn bi cc ti khon khc, QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 262
LM VIC VI TI KHON NGI DNG Use DES Encryption Types For This Account (S dng kiy m ha DES cho ti khon ny): Active Directory s s dng thut ton m ho DES (Data Encryption Standard) cho cc i tng ngi dng ny. Do Not Require Kerberos Preauthentication (khng yu cu qu trnh tin xc thc Kerberos): Active Directory b qua th tc tin xc thc Kerberos (qu trnh tin xc thc kerberos l qu trnh so snh thi gian trn my khch c m hoa bng mt khu ca ngi dng, nu thnh cng mi thc hin tip qu trnh xc thc) khi thc hin vic xc thc ngi dng ny. La chn ny l dnh cho cc ti khon s dng cc thc thi xc thc khc ca giao thc xc thc kerberos, m khng h tr vic xc thc trc. B qua vic thc thi tin xc thc giao thc Kerberos, s gy gim tnh nng an ton c cung cp bi giao thc ny, do vy, khng nn kch hot la chn ny tr khi c l do c bit. Account Expires: Cho php qun tr xc nh ngy ti khon t ng b v hiu ho, s dng giao din sau:
Th Profile
Th Profile gm cc trng bn c th ch nh v tr t User profile (Khi lc Ngi dng), Home Folder (Th mc ch) v Logon Script (Kch bn ng nhp) s thc thi khi ngi dng ng nhp. THNG TIN THM: bit thm thng tin v User Profiles xem phn Qun l User Profiles ti chng sau. Th Member Of
Th Member Of lit k cc nhm m ngi dng l thnh vin v cho php qun tr sa i li cc quan h thnh vin nhm ca ngi dng. Mc nh, ngi dng mi to l thnh vin ca nhm Domain Users. LU : bit thm thng tin v nhm Active Directory xem chng 7 Lm vic vi Nhm
Th Terminal Services Profile
Cho php qun tr cho php ngi dng kt ni vo Terminal Servers (My ch Dch v u cui) v ch nh v tr ca User Profile v Home Folder s c p dng khi ngi dng kt ni vo Terminal Server.
Th Environment
Th Environment (Mi trng) cho php qun tr ch nh ng dng s chy ngay khi ngi dng kt ni vo My ch Dch v u cui. Ti y cn c cc la chn c cho php hay khng kt ni ti cc a c gn kt (Map) v cc my in trn my trm ngay sau khi ng nhp. V ch nh liu c in vo my in mc inh ti mmy trm hay khng.
Th Remote Control
Th Remote Control cho php bn cu hnh cc thit lp iu khin t xa Dch v u cui (Terminal Services) cho i tng ngi dng. Cc la chn ny ch nh liu cc phin lm vic ca ngi dng c th c truy nhp bng cch s dng tnh nng kim sot t xa ca Dch v u cui hay khng, liu cc Cp php cho ngi dng c cn thit hay khng khi thc hin truy cp ni trn, v liu ngi kim nh (Auditor) ch n thun quan st cc phin lm vic ca ngi dng hay thc s tham gia vo cc phin lm vic ny. Cc la chn ny cng cn c th c cu hnh thng qua bng iu khin Terminal Services Configuration hoc Chnh sch Nhm (Group Policies-GP), Trong trng hp nu cc thit lp cho cc la chn ny s dng cc cng c khc nhau ni trn c xung t th cc thit lp trong Chnh sch Nhm s c u tin.
Th Sessions
Th Sessions (Phin) cho php qun tr c th cu hnh hnh vi khi ngt kt ni phin lm vic Dch v u cui ca ngi dng, s dng cc iu khin sau: QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 266
LM VIC VI TI KHON NGI DNG End A Disconnected Session (Kt thc phin lm vic c ngt): t thi gian cho phin lm vic (secsion) ca ngi dng s dng Terminal Services tip tc duy tr trn my ch sau khi ngi dng ngt kt ni. Active Session Limit (Gii hn ca Phin lm vic ang hot ng): t khong thi gian ti a cho phin lm vic ca ngi dng s dng Dch v u cui, Phin lm vic s b ngt khi t ti gii hn t. Idle Session Limit (Gii hn ca phin lm vic ang dng ): t khong thi gian ngh ti a cho php ca phin lm vic trc khi my ch ngt kt ni. When A Session Limit Is Reached Or Connection Is Broken (Khi t ti giihn ca phin lm vic hy kt ni b t): Thit lp My ch Dch v u cui ngt hay hy b phin lm vic khi phin t n gii hn, ngi dng c th lp li phin b ngt nhng khng th kt ni li n phin b my ch hy b. Allow Reconnection (Cho php kt ni li): Ch nh liu ngi dng c hay khng c php kt ni li ti My ch Dch v u cui t mt my trm bt k hoc t my trm khi to phin.
Th Dial-in
th Dial-in (quay s vo) bao gm cc iu khin cho php qun tr thit lp cc kh nng truy nhp t xa ca ngi dng, bao gm: Remote Access Permission (Dial-In Or VPN) (Cp php Truy nhp T xa Quay s hay VPN): Bn c th chn cc la chn cho php truy nhp, t chi truy nhp hoc iu khin truy nhp thng qua cc thit lp trong Chnh sch Truy nhp T xa (Remote Access Policy). QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 267
LM VIC VI TI KHON NGI DNG Nu bn la chn Allow Access (cho php truy nhp), cc d nh kt ni ca ngi dng ti my ch thm ch vn b t chi do cc thit lp t trong Chnh sch Truy nhp T xa, cc thuc tnh ca Ti khon Ngi dng hay ti cc thuc tnh ca Khi lc (Profile) Dch v u cui . Verify Caller ID (Kim tra nh danh Ngi gi): My ch kt ni t xa kim tra li s nh danh Ngi gi m ngi dng s dng kt ni bng cch so snh n vi nh danh Ngi gi (Caller ID) c nhp trong th ny. Nu s nh danh Ngi goi ca ngi dng khng c xc nhn hoc khng ng s in thoi nh trc th kt ni ny s b t chi. Callback Options (cc ty chn gi li): Cho php ngi qun tr cho php ngi dng s dng tnh nng gi li khi kt ni ti my ch t xa hay khng. Nu c, sau khi ngi dng kt ni ti my ch th n s ngt kt ni ng thi sau thit lp kt ni quay li ti ngi dng theo s in thoi c ngi dng ch nh hay theo s m qun tr t trc ngay trong th ny. Tnh nng gi li s tit kin cho ngi dng, cc ha n s c tnh cho s in thoi ti my ch, v m bo tnh an ton, do ch nhng ngi gi ti mt trong cc s in thoi nht nh c cho php mi c th truy nhp t xa vo my ch. Assign A Static IP Address (Gn IP tnh): Cho php qun tr t a ch IP tnh m my ch t xa s lun gn cho ngi dng ny. Apply Static Routes: Cho php qun tr ch nh cc bn ghi nh tuyn tnh s c thm vo bng nh tuyn ca my trm khi kt ni Demand-Dial (Quay theo yu cu) c thit lp.
Th COM+
LM VIC VI TI KHON NGI DNG Th COM+ cho php qun tr gn mt tp partition COM+ xc nh cho ngi dng. Tp Partition COM+ l tp hp ca cc cc partition COM+ m cc ng dng COM+ c lu. Chn mt tp partition COM+ no s cho php ngi dng truy nhp n cc ng dng khc nhau c trong tp ny.
QUN L NG THI NHIU NGI DNG

Khi qun l cc ti khon ngi dng min, khi bn phi lm cc cng vic sa i ging nhau cho nhiu ti khon ngi dng v bn thc hin chng mt cch ring l th s thc s l mt cng vic mt thi gian v nhm chn. Trong nhng trng hp nh vy, bn hon ton c th cng lc thay i cc thuc tnh ca nhiu ti khon ngi dng bng cch s dng bng iu khin Active Directory Users And Computers. n gin l bn chn ng thi cc i tng ngi dng bng cch gi phm CTRL trong khi bm chn tng ngi dng trong khung chi tit, sau chn Properties t thc n Action. Hp thoi Properties On Multiple Objects xut hin nh hnh 6-8.
Hnh 6-8: Hp thoi Properties On Multiple Objects LU : Chnh sa cc lp i tng (Object Classes). Khi bn chn ng thi cc i tng thay i, bn s nhn c cc kt qu tt nht khi tt c cc i tng l cng mt lp. V d, nu bn chn ng thi cc i tng l ngi dng th s sa c rt nhiu cc thuc tnh, nhng nu bn chn i tng ngi dng v i tng my tnh th ch c mt thuc tnh chung ca chng c th sa c l Description.
LM VIC VI TI KHON NGI DNG Hp thoi Properties On Multiple Objects khc mt cht so vi hp thoi Properties chun ca i tng ngi dng. N ch c mt s gii hn cc thuc tnh, l cc thuc tnh c p dng \cho ng thi nhiu i tng. Cc thuc tnh ca hp thoi ny c tng kt trong bng 6-3 Bng 6-3: Cc thuc tnh c th c hin cho vic chnh sa khi chn ng thi cc i tng ngi dng Th General Thuc tnh Description Office Telephone Number Fax Web Page E-mail UPN Suffix Logon Hours Computer Restrictions Account Options Account Expires Street P.O. Box City State/Province Zip/Postal Code Country/Region Profile Path Logon Script Home Folder Title Department Company Manager
Account
Address
Profile
Organization
DI CHUYN CC I TNG NGI DNG

Mc d vic c trong tay bn thit k v cu trc Active Directory cho t chc ca bn khi bn to cc i tng ngi dng tht s l mt iu l tng do bn c th to chng trong ng cc i tng cha c th, nhng vic phi di chuyn cc i tng ny sau vn hon ton c th xy ra. QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 270
LM VIC VI TI KHON NGI DNG Kh nng ny cng cn cho php bn iu chnh li cho ph hp vi vic thuyn chuyn nhn s hoc ti c cu li cng vic. di chuyn i tng ngi dng (hay bt c mt i tng no khc) bn chn i tng ny v sau t thc n Action bn chn Move, khi s xut hin hp thoi Move (ch ra trong hnh 6-9). Sau chn i tng cha bn mun chuyn n n v nhn OK. Bn cng n th di chuyn i tng bng cch ko v th.
Hnh 6-9: Hp thoi Move LU : Xo cc i tng Khi bn chuyn cc i tng trong cu trc Active Directory, bn phi cn thn khng tnh c xo chng. SID tng ng vi i tng ngi dng l mt gi tr duy nht c gn cho i tng khi n c khi to. Khi bn xo v to li vi cng tn v cc thuc tnh th SID vn l khc nhau. y khng phi l vn ln khi to mi i tng, nhng nu bn xo i tng th bn phi cu hnh li mi Cp php ca ngi dng v chng c cp cho ngi dng theo SID ca h.
KHI TO NG THI NHIU NGI DNG

i khi, qun tr mng c yu cu phi to nhiu i tng ngi dng mt cch nhanh chng, p ng cho mt t tuyn dng mi hoc mt lp sinh vin mi nhp hc. Khi , bn s c cc phng php m bn c th s dng lm n gin ha hay t ng ha qu trnh to i tng ngi dng thay cho vic phi to ring l tng ti khon. Bng iu khin Active Directory Users And Computers l mt cng c thit k ch yu dnh cho vic to v qun l cc i tng mt cch n l. Tuy nhin, Windows Server 2003 c c cc cng c khc dng cho vic to cc i tng s dng cc k thut nh nhp (import) v cc kch bn dng dng lnh (command-line scripting). QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 271
S dng cc mu (Template) i tng

Thng thng th cc i tng ca Active Directory trong cng mt lp (class) s chia s cc thuc tnh tng t nhau. V d, tt c cc thnh vin cng mt phng ban s cng cc nhm ging nhau, c php ng nhp vo mng cng gi v c cc Home Folders (Th mc ch) v Roaming Profiles (Khi lc di tr) t trn cng mt my ch. Trong trng hp ny s rt thun tin khi bn bt u vic to ti khon cho cc ngi dng mi bng cch to mt i tng c cc thuc tnh chung, i tng ngi dng chung, hay cn gi l Template (Mu) v sau s dng vic sao chp i tng ny to cc i tng ngi dng mi. to i tng ngi dng mu, ta to i tng ngi dng mi, gn tn cho n v d l UserTemplate v t cu hnh cc thuc tnh ca n l cc thuc tnh chung ca tt c mi ngi dng mi m bn mun to, cch lm nh l bn cu hnh cho tng ngi dng vy. Cc thuc tnh s c sao chp ti i tng mi c tng kt trong bng 6-4. Sau khi cu hnh cc thuc tnh cho i tng mu ny, bn phi v hiu ho (Disable) chng khng ai c th s dng i tng ny ny truy nhp vo mng. Bng 6-4: Cc Propertie sao chp ti i tng ngi dng mi. Th General Address Telephones Organization Account Cc thuc tnh (Properties) s c chp Khng Tt c, ngoi tr Street Address Khng Tt c, ngoi tr Title Tt c, ngoi tr User Logon Name v User Logon Name (Pre-Windows 2000), s c xc nh trong qu trnh thc hin sao chp. Tt c, gm Profile Path v Local Path, s c chnh sa tng ng logon Name ca ngi dng mi Tt c Khng
Profile
Member Of Terminal Services Profile
LM VIC VI TI KHON NGI DNG Environment Remote Control Sessions Dial-in COM+ Khng Khng Khng Khng Khng LU : To ng thi nhiu Templates. Tu theo quy m ca t chc v mc phc tp cu hnh i tng ngi dng, bn phi to ng thi mt s cc i tng mu ti cc v tr khc nhau trong cy Active Directory. V d, to ring r cc i tng mu ca ngi dng ti mi OU s cho php bn cu hnh cc gi tr thuc tnh theo tng OU . Mt khi i tng mu c to ra, bn c th s dng n to ti khon ngi dng mi bng cch chn i tng mu thch hp, sau chn thc n Action, chn Copy, khi s xut hin trnh Hng dn Chp i tng Ngi dng (Copy Object-User) gn ging nh trnh Hng dn To i tng Ngi dng Mi (New Object-User) bn s dng trong phn trc ca chng ny. Trnh hng dn s dn bn qua cc bc ca qu trnh cu hnh cc thuc tnh ca i tng bt buc phi c cc gi tr duy nht, nh First Name, Last Name, Initials, Logon Name, Password v cc tu chn ca ti khon. Khi trnh Hng dn kt thc, i tng ngi dng mi s c to vi cc gi tr thuc tnh ging nh ca i tng mu i vi cc thuc tnh c lit k trong bng trn. LU : Vic sao chp i tng v cc Cp php. Mt ngi dng c to bng cch sao chpi tng mu c cng quan h nhm ging nh i tng mu,do vy cc Cp php v Quyn gn cho nhm ny cng s c p dng cho ngi dng mi. Tuy nhin, cc Cp php v cc Quyn c gn trc tip cho i tng mu s khng c sao chp ti i tng ngi dng, do vy, i tng ngi dng mi cng khng c c cc Cp php v Quyn ny..
NHP I TNG NGI DNG S DNG CSV DIRECTORY EXCHANGE

CSV Directory Exchange (Csvde.exe) l tin ch dng dng lnh cho php nhp vo hoc kt xut ra cc i tng t Active Directory, s dng file vn bn c cc trng c phn cch bng du phy ( ,), Cc file ny, QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 273
LM VIC VI TI KHON NGI DNG cn c gi l file CSV (Comma-Separated Value), l dng lit k dng vn bn tng minh (Plain-text) ca cc thng tin CSDL vi mi bn ghi l mt dng, v cc trng c phn cch bi du phy (,). LU : Mc ch k thi. Mc ch bi thi 70-290 xc nh bn thy c th import User Accounts (nhp cc ti khon ngi dng).
To CSV file
Phn kh nht ca vic s dng CSV Directory Exchange to i tng ngi dng nm chnh bn thn nh dng ca file CSV. Dng u ca file CSV c gi l tiu , bt buc phi bao gm danh sch cc thuc tnh c trong tt c cc hng tip theo. Bn lit k cc thuc tnh s dng tn gn cho chng trong Lightweight Directory Access Protocol (LDAP), l giao thc giao tip Active Directory tiu chun. Dng CSV tiu c dng tiu biu nh sau: DN,ObjectClass,sAMAccountName,sn,givenName,UserPrincipalName Trong dng ny, tn trng i din cho cc thuc tnh nh sau: DN: Distinguished Name (DN), n xc nh khng ch ring tn ca i tng m c v tr ca n trong cy phn cp AD. DN gm c tn thng dng (Common Name - CN) ca ngi dng v tip theo sau l tn ca tt c cc i tng cha bn trn ca n, ton b ng i ti gc (Root, Top) ca cy. ObjectClass: Xc nh kiu ca i tng. sAMAccountName: Xc nh preWindows 2000 logon Name ca i tng sn: Xc nh tn h (Surname) ca ngi dng givenName: Xc nh tn gi (first Name) ca ngi dng UserPrincipalName: Xc nh UPN y , bao gm c tn, ca ngi dng min (UserName@DomainName.com). Cc dng tip theo sau tiu (header) phi xc nh gi tr cho tng thuc tnh lit k trn tiu . V d cc bn ghi trong file CSV nh sau: "CN=Scott Bishop,OU=Employees,DC=ACNA,DC=com", User,sbishop,Bishop,Scott,scott.bishop@ACNA.com File ny, khi c nhp vo, s to i tng ngi dng trong OU Employees c tn l Scott Bishop. Logon Name, First Name v Last Name cng c cu hnh bng file CSV ny. y ch l mt v d n gin ca
LM VIC VI TI KHON NGI DNG file CSV vi ch mt vi thuc tnh. Dng tiu c th di hn nhiu v c th bao gm bt k mt thuc tnh no bn c th tm thy i tng. LU : To cc thuc tnh trng. Khi to cc dng trong file CSV, bn c th gi tr ca ca mt vi thuc tnh nht nh l trng, nhng bn vn phi tnh n n khi trnh by.. V d, nu bn b trng First Name trong v d trn th file CSVs c dng sau: "CN=Scott Bishop,OU=Employees,DC=ACNA,DC=com", user,sbishop,Bishop,,scott.bishop@ACNA.com S lng cc du phy(,) vn hon ton ging nhau gia hai v d, do trng Givenname (tn gi) vn c tnh n, nhng khng c gi tr. Cch tt nht to file CSV l s dng mt file c sn nh l mt v d. Bn c th s dng CSV Directory Exchange kt xut ra ton b CDSL Active Directory thnh tp CSV, bng cch g lnh sau ti ca s dng lnh: csvde f outputFileName Trong : outputFileName l file c kt xut ra Bn c th m file ny bng bt c h son tho vn bn no, nh Notepad chng hn v s dng n xc nh cc tn LDAP cho cc thuc tnh bn mun s dng v ly nh dng chun ca mi bn ghi.
Nhp vo tp CSV
Sau khi bn to to c file CSV c nh dng chun, c cha cc thng tin ca rt nhiu cc i tng Active Directory, bn c th nhp chng vo CSDL th mc ca bn tt c cng lc bng cch chy chng trnh Csvde.exe t ca s dng lnh ca Windows cng vi tn ca file CSV, theo c php sau: csvde i f FileName k Chc nng ca cc tham s nh sau: -i : Chuyn sang ch nhp. Nu khng c tham s ny th ngm nh l ch kt xut ra. -f fileName: Xc nh tn ca file CSV s c nhp vo k: Buc chng trnh b qua cc li, v d nh Object already exists(i tng tn ti) , constraint violation(vi phm cc rng buc) attribute or value already exists (thuc tnh hay gi tr
LM VIC VI TI KHON NGI DNG tn ti), trong khi vic nhp vo ang thc hin v tin trinh vn c thc hin tip.
TO I TNG NGI DNG BNG DSADD.EXE

Dsadd.exe l chng trnh ca Windows Server 2003 cho php bn to mi cc i tng Active Directory, vi y cc thuc tnh,t ca s dng lnh. Khi bn c mt s lng ln cc i tng ngi dng to, s u vit ca vic s dng Dsadd.exe l bn c th to file b (batch) gm nhiu dng lnh nhm to ng thi nhiu i tng cng lc vi s lng ln bao nhiu ty thch. LU : Mc ch ca k thi. Mc ch bi thi 70-290 yu cu cc th sinh c kh nng To v sa cc ti khon ngi dng mt cch t ng. C php chnh to i tng ngi dng bng Dsadd.exe nh sau: dsadd User UserDN [parameters] LU : To cc kiu i tng khc. Bn c th s dng Dsadd.exe to bt k mt kiu i tng Active Directory no bng cch thay cc tham s ngi dng bng tn ca bt k mt lp i tng no m dch v th mc h tr v cung cp cc tham s tng ng vi lp i tng . Tham s UserDN l mt hoc nhiu hn cc tn phn bit (Distinguished Names) cho mt (hoc nhiu) i tng ngi dng mi. DN s dng cng mt nh dng ging nh nh dng ca n trong tp CSV, nh nu phn trn. Trong trng hp DN c du cch, th bn phi t n trong du ngoc kp (). Khi bn s dng Dsadd.exe mt cch tng tc t du nhc dng lnh, bn c th cung cp tham s UserDN theo mt trong cc cch sau: Nhp tng tn DN mt, phn cch nhau bi du cch, trong v tr ca n ti dng lnh. Ly danh sch cc DN t cu lnh khc, v d nh t Dsquery.exe B trng tham s DN, Bn s nhp DN ti du nhc a ra t chng trnh. Bn n Enter sau mi DN v nhn CTRL+Z v Enter sau DN cui cng.
LM VIC VI TI KHON NGI DNG Ngoi tham s UserDN, bn c th thm bt c mt trong cc tham s sau trong cu lnh Dsadd.exe, nhm ch nh cc gi tr cho cc thuc tnh ca i tng: -samid SAMName (tn truy nhp vi cc h iu hnh trc Windows 2000) -upn UPN (tn chnh ca ngi dng) -fn FirstName (Tn gi) -mi Initial (Ch ci u ca tn m) -ln LastName (Tn h) -display DisplayName (Tn hin th) -empid EmployeeID (M nh danh nhn vin) -pwd {Password | *}, (mt khu), nu bn t du * trong cu lnh, mn hnh s hin du nhc cho bn g mt khu. -desc Description(m t) -Memberof GroupDN (Tn y ca nhm) -office Office (tn vn phng) -tel PhoneNumber (s in thoi) -email Email -hometel HomePhoneNumber (in thoi nh ring) -pager PagerNumber (S my nhn tin) -mobile CellPhoneNumber (s di ng) -fax FaxNumber -iptel IPPhoneNumber -webpg WebPage -title Title -dept Department -company Company -mgr ManagerDN -hmdir HomeDirectory (th mc ch) -hmdrv DriveLetter (K t a) -profile ProfilePath (ng dn n khi lc ngi dng) QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 277
LM VIC VI TI KHON NGI DNG -loscr ScriptPath (ng dn n kch bn ng nhp) -mustchpwd {yes | no} -canchpwd {yes | no} -reversiblepwd {yes | no} -pwdneverexpires {yes | no} -acctexpires S ngy s ht hn -Disabled {yes | no} Bn cng c th thm cc tham s s, -u v p ch nh my iu khin min s thc thi Dsadd.exe v tn ngi dng, mt khu cng s c dng chy lnh ny. {-s Server | -d Domain} -u UserName -p {Password | *} Mt bin c bit, $UserName$ (khng phn bit ch hoa hay ch thng), c th s dng cung cp tn ti khon SAM ca ngi dng trong gi tr ca cc tham s -email, -hmdir, -profile v -webpg. V v, nu tn SAM ca ti khon l Denise tham s -hmdir s c ghi l mt trong cc dng sau: -hmdir\Users\Denise\home -hmdir\Users\$UserName$\home to i tng cho ngi dng Scott Bishop ti v d trc y, bn c th s dng dng lnh Dsass.exe nh sau: dsadd User "CN=Scott Bishop, OU=Employees, DC=ACNA, DC=com" samid sbishop ln Bishop fn Scott upn scott.bishop@ACNA.com
Sa i tng ngi dng bng Dsmod.exe

Dsmod.exe l mt lnh khc ca Windows Server 2003 bn c th dng chnh sa cc i tng Active Directory. C php v dng lnh sa i tng ngi dng hon ton ging nh vi Dsadd.exe. dsmod User UserDN [parameters] Ngoi tr, bn khng th d dng tham s samid sa thuc tnh User Logon Name, bn cng khng th dng tham s Memberof thay i nhm cha n. Mc d vy, ban vn c th sa quan h nhm bng lnh Dsmod Group. QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 278
QUN L KHI LC NGI DNG

Khi lc ngi dng (User Profile) l tp hp ca cc Folder v d liu m trong lu tr cc mi trng nn, cc thit lp ng dng v cc d liu c nhn hin thi ca ngi dng. Khi lc ngi dng gm tt c cc khon mc ca thc n Start ca ngi dng v cc a nh x ti my ch. Khi lc ngi dng duy tr cho ngi dng c cng mi trng nn m chng c t ln ng nhp cui vo my tnh. LU : Mc ch ca k thi. Mc ch ca k thi 70-290 nhm xc nh sinh vin c kh nng Qun l khi lc ngi dng cc b, di tr v bt buc. Trn my tnh chy Windows Server 2003, khi lc ngi dng s t ng c to v duy tr thit lp nn cho tng ngi dng ti chnh my ny. H thng to khi lc ngi dng mi cho mi ngi dng khi h ng nhp vo my ln u. Khi lc ngi dng cung cp mt vi tnh nng u vit cho ngi dng nh sau: Nhiu ngi dng c th lm vic trn cng mt my, v mi ngi trong s h u c th duy tr cc thit lp nn ring ca mnh mi khi ng nhp vo my tnh. Khi ngi dng vo my trm ca mnh, h s nhn c cc thit lp nn ging nh ln thot ra trc . Vic chnh sa mi trng nn ca mt ngi dng no s khng lm nh hng ti cc thit lp ca bt k ngi no khc. Khi lc ngi dng c th trn my ch, bi vy vi cng mt ngi dng trn cc my khc nhau th vn dng chung c mt khi lc ngi dng. Khi , n c gi l khi lc ngi dng di tr (Roaming User Profiles). Nhng ng dng m c xc nhn l tng thch vi Windows 2000 v cc h iu hnh sau s lu cc thit lp ca chng ti Khi lc Ngi dng. Ging nh mt cng c qun tr, Khi lc Ngi dng cung cp cc la chn sau: o Bn c th to khi lc ngi dng mc nh thch hp vi cc tc v ca ngi dng.
LM VIC VI TI KHON NGI DNG o Bn c th thit lp Khi lc Ngi dng Bt buc (Mandatory User Profile), l loi Khi lc m ngi dng khng th thay i c, p t mt cu hnh h thng nht nh cho mi ngi dng. o Bn c th ch nh cc thit lp mc nh cho ngi dng, s c a vo Khi lc Ngi dng ca tt c cc ngi dng ring l.
NI DUNG KHI LC NGI DNG

Khi lc ngi dng bao gm cu hnh cc s thch cc ty chn cho mt ngi dng c th. Bng 6-5 s lit k cc thit lp c trong Khi lc Ngi dng. Bng 6-5: Cc thit lp ti khi lc ngi dng Cc thng s c lu Ngun
Tt c cc thit lp cho Windows Windows Explorer Explorer ngi dng c th xc nh Cc vn bn lu tr ca ngi dng Cc file nh lu tr ca ngi dng My Documents My Pictures
cc Shortcut v cookie cho cc web site Favorites/Cookies a thch trn Internet Cc mng c nh x m ngi dng Mapped network drive to ra Lin kt ti cc my tnh khc trn My Network Places mng Biu tng t trn mn hnh nn, thanh Desktop contents tc v v cc yu t shortcut. Mu mn hnh v cc thit lp hin th Screen colors and fonts ch D liu ng dng v cc thit lp cu Application data and registry hnh do ngi dng xc nh Cc kt ni ti my in mng Printer settings
LM VIC VI TI KHON NGI DNG Tt c cc thit lp ngi dng c th Control Panel xc nh trong Control Panel Cc thit lp chng trnh hng ngi Programs certified for use with dng (Per-User) cho cc ng dng c Windows 2000 and later thit k theo di cc thit lp chng operating systems trnh. Chng ch Certificate store
Cu trc Th mc Khi lc Ngi dng

Khi lc ngi dng cc b t ti a h thng ca my tnh ti Folder Documents And Settings. Khi bn ng nhp vo ln u, Windows Server 2003 to Folder con trong Documents And Settings, vi tn l tn ng nhp. Hnh 6-10 ch ra cu trc th mc ca khi lc ngi dng.
Hnh 6-10: Cu trc ca th mc Khi lc Ngi dng Chc nng ca cc Folder trong khi lc ngi dng nh sau: Application Data: Folder n cha d liu xc nh trong chng trnh, nh t in ty chnh. Nh pht trin ng dng s quyt nh d liu no s c lu trong Folder ny. Cookies: Cha cc thng tin ngi s dng trang WEB v cc s thch ca ngi dng c Internet Explorer lu. Desktop: Cha cc biu tng trn mn hnh nn, bao gm shortcut n cc file v Folder. Favorites: Cha shortcut ti cc trang c a thch trn Internet. Local Settings: L Folder n,cha Folder Application Data v Folder History, cng nh cc Folder ph thm khc dnh cho vic cha cc file tm thi .
LM VIC VI TI KHON NGI DNG My Documents: Cha cc ti liu c lu tr bi ngi dng. My Recent Documents: L Folder n, cha shortcuts ca cc ti liu mi va c s dng hoc cc Folder mi c truy nhp ti. NetHood: L Folder n, cha cc shortcut ti cc mc trong My Network Places. PrintHood: L Folder n, cha cc shortcut ti cc mc ca Folder printer. SendTo: L Folder n, cha cc shortcut ti cc tin ch qun l vn bn (document-handling). Thc n Start : Cha cc shortcut n cc file chy v cc file khc to thnh thc n Start . Templates: Cha cc mc mu ca ngi dng. Thm vo , khi lc ngi dng cn cha mt bn ca file NtUser.dat, y l file ng k ca Windows Server 2003 cha cc thit lp ca ngi dng. Ngoi ra, cc thit lp ny cn gm rt nhiu cc ty chn m bn c th cu hnh ti Control Panel.
S dng Khi lc Ngi dng Cc b

Vic s dng Khi lc Ngi dng Cc b trn my tnh s dng Windows Server 2003 l hon ton n i vi cc ngi dng thng thng. H iu hnh khi to Khi lc Ngi dng mt cc t ng cho mi ngi dng khi ng nhp ln u. Cc ln ng nhp tip theo, Windows Server 2003 s ti cu hnh t ng Khi lc Ngi dng ca h trc . Thm ch ngi dng khng bit c rng chnh h cc thay i Khi lc Ngi dng Cc b ca mnh, n gin nh l thay i thit lp mn hnh nn, lu cc a ch a thch mi hoc i li mu mn hnh. Khi ngi dng thay i mi trng mn hnh nn, Windows Server 2003 s kt hp cc thay i vo khi lc ngi dng lu trn my tnh v s dng cho ln ng nhp tip theo. Nh vy, ngi dng ng nhp vo my tnh chy Windows Server 2003 s lun nhn c thit lp mn hnh nn nh phin kt ni cui trc . Khi nhiu ngi dng chung mt my tnh th mi ngi dng duy tr v nhn c Khi lc Ngi dng ring.
S dng Khi lc Ngi dng Di tr (Roaming Profiles)

h tr ngi dng lm vic trn nhiu my tnh, qun tr mng c th thit lp cc Khi lc Ngi dng Di tr cho ngi dng. Khi lc Ngi dng Di tr n gin l bn sao chp ca Khi lc Ngi dng Cc b v QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 282
LM VIC VI TI KHON NGI DNG c lu tr chia s trn mng (ti ni ngi dng c cc Cp php ph hp), do ngi dng c th truy nhp ti t bt c my tnh no trn mng. Cho d ngi dng ng nhp t bt k my tnh no, h cng s lun nhn c cng mt thit lp mn hnh nn v v kt ni t Khi lc Ngi dng c trn my ch, hon ton ngc li vi Khi lc Ngi dng Cc b, ch nm ti mt my trm. ngi dng truy nhp vo Khi lc Ngi dng Di tr thay cho Khi lc Ngi dng Cc b, bn phi m hp thoi Properties ca ngi dng v ch nh v tr ca Khi lc Ngi dng Di tr to hp Profile Path trong Profile th. Ln tip theo ngi dng ng nhp, Windows Server 2003 truy nhp vo Khi lc Ngi dng Di tr theo cch sau: 1. Khi ngi dng ng nhp ln u tin, my tnh sao chp ton b ni dung ca Khi lc Ngi dng Di tr vo Folder con v file tng ng trong Folder Documents And Settings trn a cc b ca my tnh ny. 1. Ni dung Khi lc Ngi dng Di tr ca ngi dng cha trn a cho php ngi dng ng nhp v truy nhp ti Khi lc Ngi dng ngay c khi my ch cha Khi lc Ngi dng Di tr khng hot ng. 2. My tnh p dng cc thit lp c trong Khi lc Ngi dng Di tr dnh cho n. 3. Khi ngi dng lm vic m c bt k thay i no nh hng ti Khi lc Ngi dng, chng s c lu vo bn sao trn a cc b. 4. Khi ngi dng thot khi Windows (log off), my tnh s ng b cc thay i t bn sao cc b ln Khi lc Ngi dng Di tr trn my ch. 5. Ln ng nhp tip theo trn cng my tnh ny, h thng s so snh ni dung ca Khi lc Ngi dng uc ti my cc b vi Khi lc Ngi dng Di tr trn my ch 6. My tnh ch sao chp nhng thnh phn ca Khi lc Ngi dng Di tr b thay i vo bn sao cc b, vic ny lm tin trnh ng nhp vo nhanh v hiu qu hn. Bn nn to Khi lc Ngi dng Di tr trn My ch Qun l File (File Sever) no bn thng xuyn thc hin vic sao lu (Backup), nh bn s c c cc bn sao ca cc Khi lc Ngi dng mi nht cho cc ngi dng ca bn. tng tc ng nhp trn cc mng co nhiu lu thng, hy t Khi lc Ngi dng Di tr trn my ch thnh vin thay QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 283
LM VIC VI TI KHON NGI DNG cho my ch iu khin min. Vic sao chp Khi lc Ngi dng Di tr gia my ch v cc my trm c th tn nhiu ti nguyn h thng nh bng thng mng v cc chu k x l. Nu Khi lc Ngi dng trn my ch iu khin min, tin trnh xc thc ca cc ngi dng min s b chm. LU : L do chia s profile. Khi bn to mt Khi lc Ngi dng Di tr cho nhiu my trm, cn m bo l bn cn nhc n vic phn chia cc chng loi cu hnh phn cng khc nhau trn cc h thng s dng chung mt if. V d nh nu cc Shortcut trn mn hnh nn c cu hnh cho phn gii mn hnh l 1024768 v bn ang nhp vo h thng c cc mn hnh ch p ng phn gii 800600 th mt s shortcut c th khng nhn thy c. Cc Khi lc Ngi dng cng khng hon ton l c th dng cho tt c cc h iu hnh.. Khi lc Ngi dng thit k cho Windows 98 khng c y cc chc nng nh trn Windows Server 2003. Thm ch, bn s gp phi cc s khng ng nht khi thc hin di tr gia cc h thng chy Windows Server 2003 v chy Windows XP hoc Windows 2000.
S DNG KHI LC NGI DNG BT BUC

Khi lc Ngi dng Bt buc chnh l Khi lc Ngi dng Di ch dng ch c. Ngi dng cng nhn c cc thip lp mn hnh nn nh khi h lm vic vi Khi lc Ngi dng Di tr v h c th cu hnh mn hnh nn sau khi ng nhp nhng khng mt thay i no c ghi li khi h thot ra khi Windows. Ln ng nhp tip theo, Khi lc Ngi dng li ging nh ln ng nhp trc. Windows Server 2003 ti Khi lc Ngi dng Bt buc vo my tnh cc b mi ln ngi dng ng nhp. Bn c th gn mt Khi lc Ngi dng Bt buc cho nhiu ngi dng c chung mt yu cu i vi cc thit lp mn hnh nn, v d nh mt nhm ngi dng c cng mt cng vic. Do Khi lc Ngi dng khng bao gi b thay i, nn bn khng cn lo lng l ai lm thay i gy nh hng ti nhng ngi dng khc. Ngoi ra, Khi lc Ngi dng Bt buc cn gip bn c th thay i mi trng mn hnh nn cho nhiu ngi dng bng cch ch thay i duy nht mt Khi lc Ngi dng m thi. to Khi lc Ngi dng Bt buc bn ch cn i li tn file NtUser.dat trong Folder cha Khi lc Ngi dng Di tr thnh NtUser.man, NtUser.dat l file n cha cc thit lp ng k ca Windows Server 2003 p dng cho cho tng ti khon ngi dng n l v cha cc QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 284
LM VIC VI TI KHON NGI DNG thit lp mi trng ca ngi dng nh hin th nn. i tn file ny vi phn m rng l .man lm n thnh ch c, ngn khng cho cc my tnh ngi dng lu cc thay i vo Khi lc Ngi dng khi ngi dng thot ra khi Windows.
GIM ST V KHC PHC S C VIC XC THC NGI DNG

Khi bn cu hnh i tng ngi dng v v cc ngi dng s c xc thc thng qua cc ti khon nh vy, bn s gp phi hai thch thc l cc im yu bo mt, trong trng hp nu khng c xc nh r s lm nh hng.n tnh ton vn ca mng, v cc thch thc v k nng x hi, khi bn lm cho qu trnh xc thc tr nn thn thin v ng tin cy i vi ngi dng. Khng may l hai im ny li bt ng vi nhau, nu tnh bo mt cng cao bao nhiu th tnh thn thin vi ngi dng cng km by nhiu. Vic thc thi cc tnh nng bo mt cho qa trnh xc thc ngi dng ca Windows Server 2003 s thng xuyn gay ra cc rc ri khi ngi dng ang nhp. v mt phn cng vic ca ngi qun tr mng l gii quyt cc rc ri khi chng xy ra. Trong phn tip theo, chng ta s kho st mt s cc nguyn nhn ph bin gy ra cc rc ri khi xc thc ngi dng v cc cng c m bn c th dng pht hin v khu tr chng.
S dng cc Chnh sch Mt khu

Trong phn trc ca chng ny, ti phn La chn Mt khu, bn tm hiu v Chnh sch Mt khu m Windows Server 2003 cung cp, cho php bn xc nh chiu di, phc tp v thi hn ca mt khu c ngi dng cp cho ti khon ca h. Mc ch chnh ca cc chnh sch ny l buc ngi dng t mt khu mt cch hiu qu v h phi nh k thay i mt khu. Tht l d dng khi s dng Chnh sch Mt khu buc ngi dng phi s dng cc mt khu c an ton rt cao, nhng vic yu cu ngi dng mt khu phc tp c 15 k t v thay i li hng tun dng nh lm ny sinh thm cc vn rc ri nhiu hn l cc li ch m n mang li. Nhn vin h tr mng c l s nhn c cc cuc goi qun mt khu thng xuyn ca ngi dng, v thm ch cn t hn, ngi dng s ghi mt khu li v nhng ni khng m bo an ton. Bn phi thit k Chnh sch Mt khu sao cho n lm nn ch mt cch c hiu qu cc k xm nhp trong khi vn m bo c tnh thn thin tt cho ngi dng, h khng b qun mt khu hay phi vit chng ra. QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 285
LM VIC VI TI KHON NGI DNG LU : Xc nh di mt khu. Khi bn trin khai chnh sch mt khu cn nh rng Windows Server 2003, Windows XP Professional v Windows 2000 h tr cc mt khu di ti 127 k t, nhng Windows 95, Windows 98 v Windows Me ch h tr cc mt khu c di ti a ti 14 k t. C nm chnh sch mt khu c a ra phn trn ca chng ny c th p dng vi cc i tng Chnh sch Nhm Active Directory. M bn c th cu hnh bng cch s dng bng iu khin Group Policy Object Editor, trong bn duyt n Computer Configuration\Windows Settings \Security Settings\Account Policies\Password Policy. Tuy nhin, bn cng c th xc nh cng cc chnh sch nh vy cho cc Ti khon Ngi dng Cc b bng cch s dng bng iu khin Local Security Policy, c trong nhm chng trnh Administrative Tools trn bt c mt my ch thnh vin chy Windows Server 2003 no LU : Thay i Chnh sch Mt khu. Cu hnh di mt khu v cc yu cu v phc tp khng gy nh hng ti cc mt khu t t trc. Nhng thay i ny ch nh hng vi cc ti khon mi v mt khu s thay i sau khi p dng chnh sch mt khu mi.
S DNG CHNH SCH KHO TI KHON

Vic kho ti khon xy ra sau mt s ln c tnh ng nhp khng thnh cng ca ngi dng, h thng gi thit l c tn cng c hi ti ti khon bng cch d tm mt khu, bi vy s kho ti khon khng c ng nhp tip na. Chnh sch kho ti khon min xc nh s ln ng nhp khng hp l c php thc hin trong mt khong thi gian nh trc trc th ti khon b kho. Cc chnh sch ny thm ch cn c xc nh c phi lin h vi qun tr b kho ti khon ny hay khng hay ch n gin l b kha sau khi ht mt thi hn xc nh. LU : Mc ch ca k thi. Mc ch ca k thi 70-290 xc nh th sinh c kh nng chn on v gii quyt cc ti khon b kho. Bn s dng chnh sch nhm kim sot kho ti khon nh sau: Account Lockout Threshold: Xc nh s ln c tnh ng nhp khng thnh cng gy ra vic kho ti khon, gi tr ny trong khong t 0 ti 999. Gi tr qu thp (v d l 3) c th gy nn kho i vi li ngi dng thng thng trong khi ng nhp. Gi tr l 0 ngn khng cho ti khon ngi dng b kho. QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 286
LM VIC VI TI KHON NGI DNG Account Lockout Duration: Xc nh thi hn m ti khon ngi dng sau khi b kho s c Active Directory t ng m li. Chnh sch ny khng oc thit lp mc nh do n ch c tc dng khi s dng kt hp vi chnh sch Account Lockout Threshold. Gi tr ny trong khong t 0 ti 99.000 pht (khong 10 tun). Vic t gi tri ny thp (5 ti 15 pht) l gim ng k cc cuc tn cng m khng lm nh hng cc ngi dng hp l b kha do li. Gi tr 0 yu cu ngi dng lin h vi ngi qun tr m kha ti khon ny. Reset Account Lockout Counter After: Xc nh thi hn sau ln c tnh ng nhp khng thnh trc khi bin m kha (Lockout counter) c t li v gi tr 0. Gi tr trong khong t 1 ti 99.999 pht v phi nh hn hay bng gi tr ca Account Lockout Duration. Cng ging nh i vi Chnh sch Mt khu, bn c th cu hnh chnh sch ti khon ti bng iu khin Group Policy Object Editor, chn Computer Configuration\Windows Settings\Security Settings\Account Policies\Account Lockout Policy. Chnh sch kho ti khon cng c th c ti bng iu khin Local Security Policy. Khi bn trin khai chnh sch kho ti khon trn mng, bn chc chn l s nhn c mt s cuc gi h tr nht nh t ngi dng m h khng bit l t kho chnh mnh. Cc cuc gi nh vy i khi li uc bo co l h gp mt s trc trc khc, nh mt mt khu hay cc chc nng khc hot ng khng ng. Khi d cc nhn vin h tr k thut hiu bit cn phi bit r v chnh sch kho ti khon trn mng v th tc m ti khon b kho c th xc nh c chnh xc v trc trc thc t xy ra da trn bo co dng nh khng my chnh xc ca ngi dng. LU : Mc ch ca k thi. Mc ch ca k thi 70-290 xc nh th sinh c kh nng khc phc s c ca ti khon ngi dngv Khc phc cc s c lin quan n vic xc thc ngi dng.
DCH V ACTIVE DIRECTORY MY KHCH

Khi bn lm vic trn mt mng hn hp, bn cn nh l khng phi mi h iu hnh thm ch khng phi tt c cc h iu hnh Windows u h tr Active Directory. Active Directory c gii thiu u tin ti Windows 2000 v ch trn cc h iu hnh Windows 2000, Windows XP v Windows Server 2003 mi c cc tnh nng ca dch v Active Directory my khch.
LM VIC VI TI KHON NGI DNG Cc my tnh chy Windows 95, Windows 98, Windows Me, and Windows NT 4 c th c chc nng ca dch v Active Directory my khch, nhng trc ht bn phi ti phn mm Active Directory Client t trang Web ca Microsoft v ci t n. Cc my khch c th thc hin rt nhiu tnh nng ca Active Directory trn h thng Windows Server 2003, Windows XP v Windows 2000, gm c: Site-awareness: My tnh chy dch v Active Directory my khch s ng nhp vo my iu khin min gn nht trn mng thay cho vo my ch iu khin min chnh (PDC - Primary Domain Controller). Active Directory Service Interfaces (ADSI): kch hot kh nng s dng cc kch bn (script) qun l Active Directory. Distributed File System (Dfs): Cho php my khch truy nhp vo ti nguyn chia s ca h thng file phn phi (Dfs) trn my ch chy Windows Server 2003 v Windows 2000. NT LAN Manager (NTLM) version 2 authentication: My khch s dng tnh nng xc thc ci tin trong NTLM version 2. Active Directory search capability: my khch c th tm kim cc i tng Active Directory bng cch s dng cc tnh nng tm kim (Find hoc Search). Ngi dng c cc Cp php thch hp cn c th s dng cc trang thuc tnh ca Windows Address Book (WAB) cu hnh cc thuc tnh ca cc i tng. Cc tnh nng sau y h tr trong Windows 2000 Professional and Windows XP Professional nhng khng dnh cho dch v Active Directory my khch trn Windows 95, Windows 98, and Windows NT 4: Xc thc Kerberos V5 H tr Group Policy hoc Change And Configuration Management Service Principal Name (SPN) hoc xc thc ln nhau H tr Internet Protocol Security (IPSec) hoc Layer 2 Tunneling Protocol (L2TP). Thm vo , bn nn thc c cc vn sau trong mi trng hn hp: Khng c dch v Active Directory my khch, ngi dng trong h thng chy cc phin bn trc Windows 2000 ch c th thay i mt khu nu h thng truy nhp c ti my iu khin min c chc nng nh l Primary Domain Controller Emulator. xc nh QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 288
LM VIC VI TI KHON NGI DNG PDC-Emulator trong min, m Active Directory Users And Computers, chn min, chn lnh Operations Masters t thc n Action , sau chn th PDC. Nu PDC Emulator khng lm vic (hoc khgn trn mng (offline) hoc ang nm trn pha bn kia ca kt ni mng b t) th ngi dng khng th thay i c mt khu ca h. Nh bn bn tm hiu trong phn trc ca chng ny, i tng ngi dng duy tr hai thuc tnh tn ngi dng ng nhp. Tn ng nhp PreWindows 2000, hay tn SAM l tng ng vi tn ngi dng trong Windows 95, Windows 98 hoc Windows NT 4. Khi ngi dng ng nhp, h nhp tn ngi dng v chn min t danh sch chn Log On To. Cch khc na l tn ngi dng c th c vo theo dng DomainName\UserLogonName. Ngi dng ng nhp vo my chy Windows 2000 hoc cc phin bn sau ca h iu hnh Windows c th ng nhp theo cng cch nh vy, hoc h c th s dng tn UPN theo dng UserLogonName@UPN Suffix, trong UPN suffix mc nh l tn DNS min ca i tng ngi dng. Khi bn khng cn phi chn min t Log On To. Trn thc t hp chn ny s b v hiu ho ngay sau khi bn g k hiu @.
KIM NH XC THC
Nu bn lo lng rng c th c cc cuc tn cng d tm mt khu hoc bn mun bit thm thng tin v khc phc cc vn s c xc thc, bn c th cu hnh Chnh sch Kim nh ghi cc s kin li vo nhtj k bo mt (Security log) gip bn thy r qu trnh xc thc din ra nh th no.. Cc chnh sch kim nh sau c t ti Computer Configuration \Windows Settings\Security Settings\Local Policies\Audit Policy c hai bng iu khin Group Policy Object Editor v Local Security Policy. Bn c th cu hnh ghi li cc s kin thnh cng hoc b li. Audit Account Logon Events: Ghi li tng s kin ng nhp thnh cng hoc li. i vi My ch iu khin Min, chnh sch ny c xc nh trong Chnh sch My ch iu khin Min Mc nh (Default Domain Controllers Policy GPO). Vic kch hot chnh sch trn s khi to mt mc vo ca nht k bo mt trn My ch iu khin Min mi ln ngi dng ng nhp trc tip hoc qua mng s dng ti khon min. nh gi y kt qu ca vic kim nh bn phi kim tra nht k bo mt trn tt c cc My ch iu khin
LM VIC VI TI KHON NGI DNG Min do ngi dng c xc thc phn tn trn tt cc cc My ch iu khin Min trong site hoc min Audit Account Management: Cu hnh kim nh trong tc v qun tr bao gm to, xo hoc sa ti khon ngi dng, nhm, my, my tnh, cng nh vic t li mt khu Audit Logon Events: S kin ng nhp gm ng nhp v thot ra khi Windows, trc tip hoc qua mng. Nu bn kch hot chnh sch kim nh s kin ti khon ng nhp cho nhng ln thnh cng trn my iu khin min, vic ng nhp my trm s khng to ra cc mc vo kim nh khi ng nhp. Ch ng nhp trc tip v qua mng vo My ch iu khin Min mi to ra cc s kin ng nhp. Cc s kin ng nhp ca ti khon c to trn my cc b cho ti khon cc b v trn My ch iu khin Min cho cc ti khon mng. Cc s kin ng nhp c sinh ra bt c lc no khi vic ng nhp xy ra. LU : Mc ch k thi. Mc ch ca k thi 70-290 xc nh th sinh c kh nng Phn on v gii quyt cc vn lin quan ti cc thuc tnh ti khon ngi dng. Mt khi bn cu hnh chnh sch kim nh, nht k bo mt s bt u in cc thng ip s kin. Bn c th xem cc thng ip ny bng cch s dng bng iu khin Event Viewer . THNG TIN THM: bit thm thng tin v vic s dng bng iu khin Event Viewer, xem chng 3 Gim st Microsoft Windows Server 2003.
TNG KT
Cc my tnh chy Windows Server 2003 c th c ti khon ngi dng cc b v min. Ti khon ngi dng cc b c lu ti h thng cc b v c th cho ngi dng truy nhp vo ch cc ti nguyn cc b m thi. Ti khon ngi dng min ti CSDL Active Directory ca My ch iu khin Min v cho ngi dng truy nhp vo ton b ti nguyn trn mng. to ti khon ngi dng min, bn phi l thnh vin ca nhm Enterprise Admins, Domain Admins hoc Account Operators. Hoc bn phi c u quyn to i tng ngi dng. i tng ngi dng gm cc thuc tnh chnh tng ng vi ti khon ngi dng, bao gm tn ng nhp, mt khu v m nhn dng bo mt (SID) ca ngi dng. Chng cn bao gm mt s cc thuc tnh lin quan n c nhn ngi dng m n i din nh thng tin c nhn, quaqn h nhm v cc thit lp qun tr. Windows Server 2003 cho php bn c th thay i mt s cc thuc tnh ny cho nhiu i tng ngi dng mt cch ng thi. i tng ngi dng mu (Template) l cc i tng c sao chp trong qu trnh to cc ngi dng mi. Nu mu khng l ngi dng tht, n nn l v hiu ho. Ch mt s cc thuc tnh ca ngi dng l c chp t mu. CSV Directory Exchange cho php bn c th nhp cc i tng t tp vn bn c phn cch cc trng bi du phy (,). Windows Server 2003 gm cc cng c dng dng lnh m bn c th s dng to v qun l cc i tng Active Directory bao gm c Dsadd.exe v Dsmod.exe Khi lc ngi dng l cc tp cc Folder ca cc Folder v file to thnh mi trng cho ngi dng xc nh. Khi lc ngi dng gm cc ti liu c nhn, biu tng trn mn hnh nn, cc thc n Start shortcut v cc thit lp Control Panel nh mu mn hnh, Windows Server 2003 to khi lc ngi dng ring cho tng c nhn ng nhp vo h thng. Khi lc Ngi dng c t mc nh cc b ti Systemdrive\Documents and Settings\UserName. Khi lc ngi dng cc b c ti a cc b, cn khi lc ngi dng di tr trn my ch. Khi lc Ngi dng Di tr cung cp cho ngi dng c cng khi lc ngi dng t bt k my tnh no trn mng. QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 291
LM VIC VI TI KHON NGI DNG Khi lc Ngi dng Bt buc khng bao gi b thay i, cung cp cng mt cu hnh nn thng nht ti mi ln ngi dng ng nhp. Kim nh xc thc to ra cc s kin cho nht k bo mt ca My ch iu khin Min.
BI TP THC HNH
Bi tp thc hnh 6-1: Thay i cc Thit lp Chnh sch Mt khu
Trong Bi tp thc hnh ny, bn sa li cc thit lp chnh sch mt khu mc nh trn my tnh ca bn. 1. ng nhp vo Windows Sever 2003 domain nh Administrator. 2. Bm chn Strat, ch n Administrative Tools v chn Active Directory Users And Computer, khi s xut hin bng iu khin Active Directory Users And Compute. 3. Chn i tng min, chn thc n Action, chn Properties, xut hin hp thoi Properties . 4. Ti th Group Policy, chn Default Domain Policy v chn Edit, xut hin bng iu khin Group Policy Object Editor. 5. Di Computer Configuration, m Windows Settings, Security Settings v Account Policies, sau chn Password Policy. 6. Kch p Minimum Password Length policy, xut hin hp thoi Minimum Password Length Properties. 7. Thay i Minimum Password Length thnh 8 k t v sau chn OK. 8. Kch p Maximum Password Age, xut hin hp thoi Maximum Password Age Properties. 9. Thay i thit lp maximum password age thnh 7 ngy, sau chn OK. 10. ng bng iu khin Group Policy Object Editor. 11. Bm OK v ng hp thoi Properties ca min. 12. ng the bng iu khin Active Directory Users And Computers.
Bi tp thc hnh 6-2: To i tng ngi dng min

Trong Bi tp thc hnh ny, bn s to i tng mi trong i tng cha Active Directory. 1. ng nhp vo Windows Server 2003 My ch iu khin Min nh Administrator.
LM VIC VI TI KHON NGI DNG 2. Bm Start, ch n Administrative Tools v bm Active Directory Users And Computers. Xut hin bng iu khin Active Directory Users And Computers. 3. M i tng min v chn the i tng cha Users. Trong thc n Action tr ti New v bm User. Xut hin trnh hng dn New Object User. 4. Ti Full Name, g vo Mark Lee. 5. Ti User Logon Name, g mlee, v bm Next. 6. Ti Password v Confirm Password, type rabbit!runs4all, v chn Next. 7. Bm Finish to i tng mi. 8. ng bng iu khin Active Directory Users And Computers.
Bi tp thc hnh 6-3

Trong Bi tp thc hnh ny, bn s di chuyn mt i tng ngi dng n mt i tng cha khc. 1. ng nhp vo Windows Server 2003 my iu khin min nh Administrator. 2. Bm Start, tr ti Administrative Tools v bm Active Directory Users And Computers. Xut hin bng iu khin Active Directory Users And Computers. 3. M i tng min v chn i tng cha Users. Chn tip Guest.Trn thc n Action , chn Move. Xut hin hp thoi Move. 4. Chn i tng cha Computers, bm OK. Ngi dng Guest c chuyn ti i tng cha Computers. 5. Chn i tng cha Computers. 6. Chn i tng ngi dng Guest v ko n vo i tng vha Users. i tng Guest c chuyn li vo i tng cha Users.
CC CU HI N TP
1. Bn s dng bng iu khin Active Directory Users And Computers cu hnh i tng ngi dng trong min, v bn c th thay i thuc tnh address v telephone number ca i tng ngi dng. Tuy nhin, Lnh New User khng chn c. Hy gii thch? 2. Cc thuc tnh no sau y c th cu hnh ng thi trn hn mt i tng ngi dng. a. Password Never Expires b. Direct Reports c. User Must Change Password At Next Logon d. Last Name e. Logon Hours f. Computer Restrictions (Logon Workstations) g. User Logon Name h. Title 3. Trong ba phng php to ng thi nhiu i tng ngi dng tho lun trong chng ny, phng php no l hiu qu nht sinh ra 100 i tng ngi dng mi, vi tt c cc thuc tnh xc nh ca Profile Path, Home Folder, Title, Web Page, Company, Department v Manager 4. Bin no c th c s dng trong vi lnh chng trnh Dsadd.exe v Dsmod.exe to folder ch v folders Profile cho ngi dng xc nh. a. %Username% b. $Username$ c. CN=Username d. <Username> 5. Bn lm th no to mt khi lc ngi dng di tr bt buc? a. Cu hnh Cp php trong thuc tnh Security ca folder vi quyn write l Deny. b. Cu hnh Cp php trong thuc tnh Sharing ca folder vi ch c quyn read only l allow. QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 295
LM VIC VI TI KHON NGI DNG c. Cu hnh thuc tnh ca folder profile l Read Only d. i tn file Ntuser.dat thnh Ntuser.man. 6. Phn bit s khc nhau gia khi lc ngi dng cc b v khi lc ngi dng di tr? 7. Lm th no bn c th chc chn l mt ngi dng trn my tnh chy Windows Server 2003 c Khi lc Ngi dng Bt buc? 8. Bn c th kch hot yu cu Password Must Meet Complexity Requirements trong min ca bn. Hy din t cc yu cu cho mt khu v khi no th cc yu cu ny s thc hin
CC KCH BN TNH HUNG

Kch bn 6-1: Cu hnh i tng ngi dng Properties
Bn s to mt s cc i tng ngi dng cho mt nhm cng nhn thi v ca t chc ca bn. H s lm vic hng ngy t 9 A.M. n 5 P.M., theo hp ng thi gian kt thc trong khong t mt n hai thng v h s khng lm vic ngoi gi. Thuc tnh no sau y bn s cu hnh m bo bo mt ti a cho cc i tng ny? 1. Password 2. Logon Hours 3. Account Expires 4. Store Password Using Reversible Encryption 5. Account Is Trusted For Delegation 6. User Must Change Password At Next Logon 7. Account Is Disabled 8. Password Never Expires
Kch bn 6-2: Qun l kho ti khon

Ngi dng b qun mt khu nhng li c tnh ng nhp vi ln vi mt khu sai. Rt cc l ngi dng nhn c thng bo ng nhp ch ra ti khon ny b v hiu ho hoc b kho, thng bo ngh lin h vi qun tr mng. Khi qun tr s phi lm g? 1. Xo i tng ngi dng v to li. 2. i tn i tng ngi dng. 3. Kch hot i tng ngi dng. QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003 296
LM VIC VI TI KHON NGI DNG 4. M kha i tng ngi dng. 5. t li mt khu ca i tng ngi dng.
LM VIC VI NHM
CHNG 7: LM VIC VI
NHM
Trong chng 6, bn bit cc i tng ngi dng cung cp s truy cp n cc ti nguyn trong mng s dng Active Directory cho cc ngi s dng mng nh th no. Mt cng c qun tr quan trng khc l i tng Nhm (Group Object). S dng Nhm, cc qun tr vin c th n gin ha qu trnh cp php truy cp cho ngi dng. Trong chng ny bn s c hc v cc loi nhm m Active Directory h tr, to chng nh th no, v lm th no c th s dng chng mt cch hiu qu. Kt thc chng ny, bn c th Hiu c cc chc nng ca Nhm v cch s dng chng nh th no. Hiu c s khc nhau gia Nhm Cc b (Local Group) v Nhm Min (Domain Group). Nhn bit hai Kiu Nhm (Group type) v ba loi Phm vi Nhm (Group Scope) v lm th no s dng chng c hiu qu. Lit k cc Nhm Dng sn (Build-in) v cc Nhm Xc nh Trc (Predefined) trong Microsoft Windows Server 2003. Hiu c s khc nhau gia cc Nhm v cc nhm ng nht c bit (Special Identities)
-298-
LM VIC VI NHM
HIU V NHM
ngi dng c kh nng truy cp cc ti nguyn trn mng Active Directory, h nht thit phi c cc cp php thch hp. Cc th mc, a, my in c chia s, v ni rng hn l tt c cc loi ti nguyn khc trn mng u c mt Danh sch Kim sot Truy cp (Access Control List ACL). ACL chnh l danh sch ca cc i tng c cho php truy cp n ti nguyn, theo cc mc truy cp khc nhau m mi i tng c cp. Trong Microsoft Windows Server 2003, ACL c hin th ti th Sercurity (Bo mt) ca phn ln trong bt c hp thoi Properties no, nh c th hin trong hnh 7-1. Cc i tng trong ACL c gi l Sercurity Principals (i tng bo mt). Bn c th s dng Di tng ngi dng nh l cc i tng Bo mt trao cho ngi dng quyn truy cp n cc ti nguyn h cn, do i lng ngi dng xc nh tnh duy nht ca ngi dng thng qua qu trnh xc thc
Hnh 7-1: Th Security trong hp thoi Properties ca th mc V mt l thuyt, Qun tr vin c th to ton b cc cp php cho mi ngi dng bng cch thm cc i tng ngi dng vo ACL, v vic thc hin iu ny vi ton b cc mng my tnh (tr trng hp i vi cc mng rt nh) l iu khng th do vic tiu tn mt cch lng ph thi gian v lao ng. Hy tng tng bn ang tuyn thm 250 nhn vin mi v, sau khi to cc i tng ngi dng cho h, phi cp php cho h truy cp khong mt t hoc hn cc ngun ti nguyn tri di trn ton b mng. Thm ch vi trng hp xu nht, gi s my ch b hng v bn cn
-299-
LM VIC VI NHM
ci t nhanh mt my ch thay th v sau tin hnh cp php cho 250 ngi h c th truy cp n my ch mi. trnh nhng cng vic kinh hong nh nu trn, Qun tr mng s dng Nhm. Nhm s lm n gin ha danh sch ca cc ngi dng c chc nng nh cc i tng Bo mt. Trong Active Directory i tng Nhm c th bao gm cc i tng ngi dng, My tnh, Mi lin h (Contact), v trong nhng iu kin nht nh, thm ch bao gm cae Nhm. Khi bn s dng i tng Nhm nh l i tng Bo mt bng cch thm chng vo trong danh sch ACL, tt c cc thnh vin trong nhm u nhn cc cp php m bn gn cho nhm (nh ch ra trong hnh 7-2). Nu bn thm thnh vin mi vo nhm ti cc thi im sau ny, h cng s nhn c cc cp php ging nh vy. Nu bn loi b thnh vin no , cc cp php cho h cng b loi b theo. Trong v d nu trn, bn c th to ra mt i tng Nhm v gn cho n cc cp php m nhng ngi mi c nhn vo lm vic cn c. Khi cc nhn vin mi n lm vic, ton b cc cng vic bn phi lm ch l to ra cc i tng ngi dng cho h v thm h vo Nhm. n gin ha vic t chc mt my ch thay th, bn cn to ra mt nhm cha ton b cc ngi dng ca my ch ban u. Nu my ch hng v bn cn chuyn sang s dng my ch thay th, tt c cc cng vic bn cn lm l gn cc cp php truy cp n my ch mi cho i tng Nhm to, v tt c cc ngi dng s c chuyn qua s dng my ch mi mt cch m thm. Trn cc mng c h thng cc nhm c thit k tt, Qun tr mng rt him khi, nu c, phi gn cc cp php cho cc ngi dng ring l.
Hnh 7-2: L i tng Bo mt, mt Nhm tng ng vi nhiu ngi dng

-300-
LM VIC VI NHM
Nhm cng c th gip chng ta gn Quyn ca ngi dng cho nhiu ngi dng cng lc. Trong Microsoft Windows Server 2003, khi nim Quyn (Right) hon ton khc vi khi nim Cp php (Permission). Quyn ca ngi dng (User right) trao cho ngi dng hay nhm kh nng thc hin mt tc v nht nh, nh truy cp n mt my tnh no thng qua mng, thay i thi gian h thng, hoc ginh quyn s hu (Take ownership) i vi file hay cc i tng khc. Thm vo , bn cng c th s dng Nhm to ra cc danh sch phn phi th in t.
S dng Nhm (Group) v cc Chnh sch Nhm (Group Policies - GP).

Trong chng 6, bn bit rng cu trc ca cy Active Directory l mt phn rt quan trng ca qu trnh to Ti khon ngi dng trong Min do cc Quyn v Cp php ta gn cho cc i tng cha s c cc i tng con ca n tha hng, bao gm c cc i tng ngi dng. Vic tha k gia cc nhm cng lm vic ging nh th, vi cc thnh vin s nhn c cc thit lp gn cho nhm. S kc bit ch yu gia i tng nhm v i tng Cha l i tng Nhm khng b chi phi bi cu trc hnh cy ca Active Directory. Bn c th to ra nhm vi cc thnh vin bt c u trong min, thm tr ti cc min khc, v trao cho chng cc c quyn ch vi mt thao tc n gin. Chnh sch Nhm, mc d vi tn nh vy, c kt hp cht ch vi cc i tng Cha nhiu hn l vi cc i tng Nhm. i tng Chnh sch Nhm (Group Policy Object - GPO) ch c th gn vi cc i tng Min, V tr (Site), OU c s dng Active Directory, v cc thit lp ca chng s c truyn xung theo cy Active Directory. Bn khng th gn GPO cho nhm, mc d trong nhiu trng hp, bn c th cu hnh cc thit lp Chnh sch Nhm cu hnh mt vi tnh nng ca h iu hnh trn tt c cc thnh vin ca Nhm. V d, bn c th to i tng OU trong cy Active Directory bao gm tt c cc i tng my trm trong min ca bn v gn GPO cho OU ny. Tt c cc my tnh trong OU s c tha hng cc thit lp chnh sch nhm t GPO ny, v mt trong cc thit lp ny c th kch hot Quyn Qun l Kim nh v Nht k Bo mt (Manage Auditing And Security Log), gn quyn ny cho i tng nhm c cc Nhn vin H tr K thut Tin hc. Trong trng hp ny, cc my tnh trong OU nhn c cc thit lp chnh sch nhm t GPO, v cc chnh sch nh vy s trao quyn cho cc i tng nhm nht nh.
-301-
LM VIC VI NHM
Tm hiu v cc Cp Chc nng ca Min

Mt trong s cc hiu lm ph bin nht i vi khi nim Active Directory chnh l Cp Chc nng. Cc Qun tr mng i khi cng nn lng trc vin cnh ca vic thay i Cp Chc nng ca Min hay Rng do n l mt trong vi quyt nh m bn s khng th thu hi c trong Microsoft Windows Server 2003. Khi bn thay i cp chc nng, bn s khng c c hi i ngc n li. Ni nt cch n gin, cc phin bn khc nhau ca Windows c mt cht khc nhau trong vic thc thi cc chc nng ca Active Directory. Mi phin bn thnh cng s c mt vi tnh nng mi khng c s dng ti khi mt vi My ch Qun tr Min (DC) hin ang chy cc phin bn c ca Windows. Vic thay i Cp Chc nng ca Min s thng bo cho h iu hnh bit rng tt c cc My ch Qun tr Min u tng thch v l an ton kch hot cc tnh nng ch c trong phin bn mi. Trong Microsoft Windows Server 2003, bn Cp Chc nng c th c ca chgn bao gm: Windows 2000 mixed (Pha trn), Windows 2000 Native (T nhin), Windows 2003 Interim (Chuyn tip), v Windows Server 2003. Cc cp chc nng ni trn h tr cc My chu Qun tr Min chy trong mi trng kt hp rt nhiu cc h iu hnh, v chng s cung cp rt nhiu cc tnh nng ph thm, v mt vi tnh nng ny s c p dng cho chc nng ca i tng Nhm trong Min. Cc c tnh ca Cp Chc nng cho Min c lit k sau y: LU : Cp Chc nng cho Min v cc My ch Thnh vin: Nng cp Chc nng cho Min khng hn ch cc my tnh chy cc phin bn c ca Windows gia nhp vo min. Cp chc nng ch cp n cc My ch Qun tr Min. Cc min ang chy cp chc nng Windows Server 2003 vn c th h tr cc my ch thnh vin v my trm chy cc h iu hnh Windows 2000, Windows NT, Windows XP, Windows Me, Windows 98 v Windows 95 mt khi chng c ci t ng cc phn mm Active Directory my khch. Windows 2000 Mixed: l Cp chc nng mc nh ca My ch Qun tri Min Windows Server 2003. o H tr cc My ch Qun tri Min chy Windows Server 2003, Windows Server 2000, v Windows NT 4. o H tr Nhm Phn phi Tng hp (Universal Distribution Group), nhng khng h tr Nhm Bo mt Tng hp (Universal Security Group).
-302-
LM VIC VI NHM
o Nhm Ton cc (Global Group) khng th cha cc nhm khc (nhm trong nhm). o Vic chuyn i cc nhm l khng c php. Windows 2000 Native: H tr cc My ch Qun tri Min chy Windows Server 2003 v Windows Server 2000. o H tr cc Nhm Phn phi v Bo mt Tng hp. o Cho php mt hay nhiu nhm l thnh vin ca nhm khc. o Cho php chuyn i qua li gia cc Nhm Bo mt v Nhm Phn phi. o Cho php di chuyn cc i tng Bo mt (Security Principal) t Min ny qua Min khc (Lch s SID). Windows Server 2003 Interrim: H tr cc My ch Qun tri Min chy Windows Server 2003 v Windows NT 4. Cp chc nng ny ch c s dng khi bn c nh nng cp cc My ch Qun tri Min ang chy Windows NT 4 ln My ch Qun tri Min chy Windows Server 2003. o Khng cung cp cc tnh nng mi. Windows Server 2003: Ch h tr cc My ch Qun tri Min chy Windows Server 2003. o H tr cc Nhm Phn phi v Bo mt Tng hp. o Cho php mt hay nhiu nhm l thnh vin ca nhm khc (nhm trong nhm). o Cho php chuyn i qua li gia cc Nhm Bo mt v Nhm Phn phi. o Cho php di chuyn cc i tng Bo mt (Security Principal) t Min ny qua Min khc (Lch s SID). LU : Cc tnh nng ca Cp chc nng trong Min: cc chc nng lit k trn ch bao gm cc tnh nng ca Active Directory i vi cc Cp chc nng m gn lin vi i tng nhm v cc hot ng ca n. Tng cp chc nng cho min ng thi cng kch hot nhiu tnh nng khc, nh kh nng i tn min, . Mt vi tnh nng ph thm ca Active Directory cng s c kch hot trong trng hp bn tng cp chc nng cho rng trn mng ca bn, khi tt c cc My ch Qun tri Min trong ton b rng u
-303-
LM VIC VI NHM
chy Windows Server 2003. V mc d vy, cc chc nng ny khng h nh hng n vic s dng cc i tng Nhm. qun tr Cp chc nng trong Windows Server 2003, ta s dng bng iu khin Active Directory Doman And Trusts nm trong nhm chng trnh Administrative Tools. xem c Cp chc nng hin ti ca Min v Rng, Chn i tng Min trong Phm vi v nhn Properties trong thc n Action. Hp thoi Properties ca min s hin th Cp chc nng hin ti trn th General, nh c ch ra trn hnh 7-3.
Hnh 7-3: Hp thoi Properties ca min. thay i Cp chc nng, chn i tng min v t thc n Action, nhn Raise Domain Functional Level (Tng cp chc nng cho min) hin th hp thoi nh hnh 7-4. Trong danh sch x Select An Available Doamain Functional Level (La chn cp chc nng cho min), chn cp chc nng bn mun s dng v nhn Raise (Nng cp). Nh ni trn, bn khng th h cp chc nng sau khi nng cp chng, ngoi tr trng hp bn ci t li Active Directory trn ton b cc My ch Qun tri Min trong mng ca bn, do vy chng trnh s cnh bo bn cn chc chn v cc quyt nh ca chnh mnh. Mt khi cp chc nng c nng cp ti mt My ch Qun tri Min, thay i s c nhn bn n ton b cc My ch Qun tri Min khc trong min.
-304-
LM VIC VI NHM
Hnh 7-4: Hp thoi Raise Domain Functional Level LU Nng cp chc nng cho Rng: nng cp chc nng cho rng, bn chn i tng Active Directory Domains And Trusts trong Phm vi v t thc n Action, nhn Raise Forest Function Level.
S DNG NHM CC B
Trong chng 6, bn bit Windows Server 2003 h tr c hai loi ti khon: Ti khon ngi dng Cc b, v Ti khon ngi dng trong Min. Mi vic cng ng nh vy vi Nhm. Windows Server 2003 h tr cc Nhm Cc b (Local Group) v Nhm trn Min (Domain Group). Mt nhm Cc b l mt tp hp ca cc Ti khon ngi dng Cc b trn mt my tnh nht nh. Nhm cc b thc hin cng cc chc nng c bn ca Nhm: n cho php bn c th gn cc Cp php cho nhiu ngi dng trong cng mt bc thc hin. Bn to Nhm cc b bng Snap-in Local Users And Groups c tch hp trong bng iu khin Computer Management (c th truy cp t nhm chng trnh Administrative Tools), nh ch ra trong hnh 7-5. Khi bn to ta Nhm Cc b, h thng s lu chng ti CSDL ca Trnh Qun l Ti khon bo mt (Security Accounts Manager - SAM) Cc nhm Cc b cng c nhng hn ch ging nh i vi cc ngi dng cc b. Cc hn ch ca nhm cc b c lit k sau: Bn ch c th s dng Nhm Cc b ch trn my tnh ni bn to ra n. Ch c cc ngi dng cc b trn cng my tnh c th l thnh vin ca Nhm cc b.
-305-
LM VIC VI NHM
Khi my tnh l thnh vin ca mt min, thnh vin ca nhm cc b c th bao gm cc ngi dng v cc nhm ton cc ca min ny hay bt c min no khc c tin cy. Nhm cc b khng th c cc thnh vin l cc nhm cc b khc. Vic cp php cho nhm cc b ch cung cp vic truy cp n cc ngun ti nguyn trn chnh my tnh m bn to ra nhm. Bn khng th to ra nhm cc b trn my tnh chy Windows Server 2003 ng vai tr nh l My ch Qun tri Min
Hnh 7-5: Snap-in Local Users And Groups
S DNG NHM ACTIVE DIRECTORY

Cc nhm Active Directory c phn bit bi Kiu (Type) v Phm vi (Scope) ca chng. Nhm Active Directory c hai kiu, m mi kiu u c ba Phm v khc nhau. Vic xy dng cc nhm ny ng phm vi ca n s gip chng ta s dng tt nht ngun lc qun tr khi to, gn, v qun l vic truy cp n cc ngun ti nguyn. Kh nng ca vic xy dng cc nhm cng ph thuc vo Cp chc nng ca min m ti cc nhm c to ra. Windows Server 2003 c hng lot cc nhm c to sn, v bn cng c th to ra thm bao nhiu nhm l ty vo yu cu ca bn. Nhm Active Directory, khng ph thuc vo kiu hay phm vi ca n, l cc i tng trong CSDL Active Directory, cng ging nh Ti khon ngi dng v i tng Cha l cc i tng. So snh vi i tng ngi dng, i tng nhm l hon ton tng t. Thay vo hng t cc thuc tnh (attribute) ca i tng ngi dng, i tng nhm ch c mt vi thuc tnh, m quan trng nht trong s l danh sch cc thnh vin. Nh tn ca n ch ra, Danh sch Thnh vin n gin ch l mt danh sch cc i tng, nh ngi dng, cc nhm khc, my tnh, v Lin lc
-306-
LM VIC VI NHM
(Contact), l cc thnh vin ca nhm. Tt c cc Cp php v Quyn c gn cho nhm s c mi i tng c tn trong danh sch thnh vin ca nhm tha k. Trong Windows Server 2003, bn c th to v qun tr tt c cc nhm Active Directory bng cch s dng bng iu khin Active Directory Users And Computers, m ta c th truy cp t nhm chng trnh Adminitrative Tools. Nh ch ra trn hnh 7-6. Ging nh i vi bt c mt i tng Active Directory no, c th to v qun tr c nhm bn cn c cc cp php thch hp ti i tng cha, ni nhm c b tr.
Hnh 7-6: Bng iu khin Active Directory Users And Computers
Kiu ca Nhm Active Directory

Nhm Active Directory c hai kiu: nhm Bo mt (Security) v nhm Phn phi (Distribution). Nhm Bo mt Nhm bo mt l nhm bn dng gn cc cp php n c th truy cp ti cc ti nguyn mng. Khi mt ngi no ni ti nhm lin quan ti Windows Server 2003 hay Active Directory, thng thng l h cp n nhm Bo mt. Cc chng trnh c thit k lm vic vi Active Directory cng c th s dng cc nhm Bo mt cho cc mc ch khng lin quan ti vic bo mt, v d nh gi cc thng tin ngi dng s dng trong cc ng dng Web. LU Windows Server 2003 ch s dng nhm Bo mt: Nhm Bo mt c th s dng nh cc nhm Phn phi, ngc li, nhm Phn phi khng th s dng nh nhm Bo mt. Bn thn Windows Server 2003 ch c th s dng nhm Bo mt nhng do nhm Bo mt c y cc tnh nng ca nhm Phn phi nn y khng phi l mt thiu st ca h iu hnh.
-307-
LM VIC VI NHM
Nhm Phn phi Nhm Phn phi c s dng cho cc chng trnh c cc chc nng khng lin quan ti bo mt. Bn s dng nhm Phn phi ch khi chc nng ca nhm khng lin quan n vic bo mt, nh gi E-mail n mt nhm cc ngi dng trong cng thi im. Bn khng th s dng nhm Phn phi gn Quyn hay Cp php. Ch cc chng trnh c thit k lm vic vi Active Directory l co sth s dng nhm Phn phi. Th d nh Microsoft Exchange s dng nhm Phn phi nh l danh sch gi th gi E-mail
Phm vi ca nhm Active Directory.

Phm vi ca nhm xc nh vic cc Cp php c gn cho cc thnh vin ca nhm nh th no. Tt c cc nhm Active Directory, c nhm Phn phi v nhm Bo mt, u c th xp vo mt trong ba Phm vi: Domain Local (cc b Min), Global (Ton th), v Universal (Tng hp). Nhm Domain Local (cc b min) Nhm cc b min thng c s dng gn cc Cp php truy cp n cc ti nguyn, hoc trc tip hoc bng cch thm nhm Global vo nhm Doain Local. Nhm Doain Local c cc c tnh sau: Nhm Doain Local tn ti trong tt c cc cp chc nng: Windows 2000 Mixed, Windows 2000 native, Windowws Server 2003 interim, v Windows Server 2003. Bn ch th s dng nhm cc b min trao cc Cp php truy cp ch n cc ti nguyn trn cng min bn to ra nhm. Khi bn s dng Cp Chc nng Windows 2000 mixed hay Windows 2003 interim, thnh vin ca nhm cc b min c th bao gm cc Ti khon ngi dng, Ti khon My tnh v cc nhm Global t bt c min no trong rng. Ngoi ra, khng tn ti bt c mt kiu nhm trong nhm no khc. Khi bn s dng Cp chc nng Windows 2000 native hay Windows Server 2003, nhm cc b min c th bao gm cc Ti khon ngi dng, My tnh, cc nhm Global v Universal t bt c min no trong rng, v cc nhm cc b min khc trong cng min. Nhm cc b min c th c chuyn thnh nhm Universal khi n khng c thnh vin no l nhm cc b min.
-308-
LM VIC VI NHM
LU Nhm cc b (Local) v nhm cc b trn min (Domain Local) : do cc nhm Active Directory c phm vi Domain Local i khi c cp n nh l nhm local, cn c s phn bit chnh xc gia cc nhm local trn mt my tnh no (i khi c gi l nhm local trn my tnh) v nhm Active Directory c Phm vi Domain Local. Nhm cc b min c s dng thng thng nht kim sot s truy cp ti cc ti nguyn ch trong mt min n. V d nh bn c th to mt nhm cc b min trao cp php cho cc thnh vin ca n c truy cp n mt my in nht nh. Sau bn c th thm trc tip cc ngi dng trong min vo nhm cc b min to, hoc bn c th to ra cc nhm Global gm cc ngi dng cn truy cp n my in v t nhm Global ny l thnh vin ca nhm cc b min to. Nhm Global Nhm Global c s dng cung cp cc thnh vin c phn loi trong nhm cc b min cho cc i tng Bo mt hay cho vic gn cc Cp php mt cch trc tip (ring cho trng hp mng s dng Cp chc nng Windows 2000 mixed, hay Windows Server 2003 interim). Thng thng, nhm Global c s dng gom cc ngi dng v My tnh trong cng mt min m c cng cng vic, vai tr, hay chc nng hoc h c cng cc nhu cu tng t trong vic truy cp mng. Nhm Global c cc c tnh sau: Nhm Global c mt ti tt c cc Cp Chc nng: Windows 2000 Mixed, Windows 2000 native, Windowws Server 2003 interim, v Windows Server 2003. Nhm Global ch bao gm cc thnh vin t cng mt min. Khi bn s dng Cp chc nng Windows 2000 native hay Windows Server 2003, thnh vin ca nhm Global c th bao gm cc Ti khon ngi dng, My tnh cng nh cc cc nhm Global khc trong cng min. Nhm Global c th chuyn i thnh nhm Universal mt khi n khng phi l thnh vin ca bt c mt nhm Global no khc. Khi bn s dng Cp Chc nng Windows 2000 Mixed, nhm Global chi bao gm cc thnh vin l Ti khon ngi dng, My tnh trong cng min m thi.
-309-
LM VIC VI NHM
Nhm Global c th l thnh vin ca nhm Machine Local (My tnh Cc b) hay nhm Domain Local (cc b min). Nhm Global c th c trao cc Cp php truy cp n cc ti nguyn trn bt c min no trong rng v trn cc min c tin cy nm trn rng khc. Nhm Global c s dng thng dng nht trong vic qun l cc Cp php cho cc i tng Th mc, nh Ti khon ngi dng v My tnh, thng yu cu vic bo tr trng xuyn. Trn mt mng bao gm nhiu min, li ch chnh ca vic s dng nhm global thay cho nhm Universal trong vic qun l cc Cp php l ch nhm global khng b nhn bn ngoi phm vi ca min. iu ny lm gim cc lu thng mng c dng cho vic nhn bn n Global Catalog, l th mc ca ton b cc ti nguyn trong rng. S dng nhm Global gn cc Cp php cho cc i tng cn nhn bn n Global Catalog s l thch hp hn so vi vic s dng nhm Domain Local cho mc ch ny. Nhm Universal Nhm Universal c s dung ch yu trao cc Cp php truy cp n cc ti nguyn trn nhiu min. Nhm Universal c cc c tnh sau: Nhm Universal ch xut hin trong cc Cp chc nng Windows 2000 native v Windows Server 2003. Thnh vin ca nhm Universal c th bao gm cc Ti khon ngi dng, My tnh, cc nhm Global, v cc nhm Universal khc trong bt c min no trong rng. Nhm Universal c th chuyn i thnh nhm Domain Local, nhm Global khi chng khng c cc nhm Universal khc l thnh vin. Khi bn s dng Cp Chc nng Windows 2000 mixed, bn khng th to ra nhm Universal. Nhm Universal c th c trao cc Cp php truy cp n cc ti nguyn trong bt k min no trong rngv trong cc min nm trong cc rng c tin cy. Chc nng chnh ca nhm Universal l tp hp cc nhm m rng qua nhiu min. Ni chung, nhm Universal l khng cn thit trn mng ch bao gm mt min n. s dng nhm Universal mt cch hiu qu, tt nht l chng ta to nhm Global trn mi min, trong c cha cc Ti khon ngi dng v My tnh, sau thm cc nhm Global ny vo danh sch thnh vin ca nhm Universal. Vic ny cho php bn c th to ra
-310-
LM VIC VI NHM
mt nhm Universal n m c th s dng trn ton b doanh nghip, vi mi quan h thnh vin khng b xo trn mt cch thng xuyn. Phng php trn thng c la chn hn so vi vic thm trc tip ngi dng v My tnh vo nhm Universal mt cch trc tip do mi thay i v thnh vin ti nhm Universal s dn ti vic ton b cc mi quan h thnh vin u phi c nhn bn n Global Catalog. Qun l cc ngi dng v My tnh trong nhm Global s khng nh hng n quan h thnh vin ca nhm Universal v do khng sinh ra cc lu thng ph thm cho vic nhn bn. Nhm Universal cng l hu dng khi chng ta mun trao Cp php cho ngi dng c truy cp n cc ti nguyn nm trn nhiu hn mt min. Khng ging nhm cc b min, ban c th gn cc Cp php cho nhm Universal c truy cp n cc ngun ti nguyn c b tr ti bt c min no trn mng ca bn. V d, nu ban lnh o cn truy cp n cc my in trn ton b mng ca ban, bn c th to nhm Universal cho mc ch ny v gn Cp php cho n, nh vy ton b cc thnh vin ca nhm ny c th s dng tt c cc my in hin c trn tt c cc min trong mng. Nhm trong nhm (Group nesting). Nh bit trong phn trc, kh nng a mt nhm l thnh vin ca nhm khc l mt trong cc tnh nng hu dng ca vic thc thi i tng nhm Active Directory. K thut ny c gi l Nhm trong nhm: (Group nesting). Thc thi nhm trong nhm to cho bn c kh nng qun l vic cp php truy cp ti nguyn mt cch hiu qu hn trong doanh nghip ca bn m khng gy ra cc lu thng ph thm bt thng cho vic nhn bn. Nh nhc ti trn, min ca bn bt buc phi s dng Cp chc nng Windows 2000 native hay Windows Server 2003 nhn c y cc tnh nng u vit ca kh nng nhm trong nhm ca Active Directory, v thm ch nh vy, vn cn cc hn ch trong vic thc thi k thut nhm trong nhm ca cc loi Phm vi nhm khc nhau. Cc hn ch ny, cng vi ton b cc hn ch v thnh vin trong ba phm vi nhm, c tng kt trong bng 7-1
-311-
LM VIC VI NHM
Bng 7-1: Cc qui tc thnh vin ca Phm vi nhm Thnh vin i vi cp chc nng Windows 2000 Mixed hay Windows Server 2003 Interim: Ti khon ngi dng, My tnh v nhm global t bt c min no Ti khon ngi dng, My tnh trong cng min Khng p dng Thnh vin i vi cp chc nng Windows 2000 Native hay Windows Server 2003: Ti khon ngi dng, My tnh, nhm universal, and nhm global t bt c min no; nhm cc b min trong cng min Ti khon ngi dng, My tnh, nhm global khc trong cng min Ti khon ngi dng, My tnh, nhm universal, v nhm global t bt c min no trong rng
Phm vi nhm cc b min Global Universal
Cc qui tc thnh vin trong bng trn l yu t u tin ca vic qun tr nhm mt cch hiu qu. Nu bn ri vo trng hp bn khng th thm thnh vin nht nh no vo mt nhm hay khng th s dng nhm cung cp vic truy cp n mt ngun ti nguyn no , qu trnh x l s c nn bt u bng vic th li Phm v nhm v Cp chc nng, xc nh bn c c h tr trong vic thc hin cc tc v ni trn khng. Mc d k tht nhm trong nhm l mt cng c ng gi, Qun tr mng nn thn trng vi cc tnh nng ca n. Khi bn b tr nhm theo nhiu lp su, c th lm cho vic theo di cc quan h thnh vin v cc cp php c tha k th no trn ton mng tr nn kh khn hn. Mt qui lut chung, b tr nhm trong nhm mt cp l hu hiu trong phn ln cc mi trng mng v l d duy tr hn.
Chuyn i nhm
Khi bn to nhm, bn phi xc nh kiu v phm vi ca n. Mc d vy, trong min s dng cp chc nng Wind 2000 Native hay Windows Server 2003, bn c th chuyn i cc nhm to sang phm vi khc bt c lc no, c lu n mt s hn ch trong quan h thnh vin. Bng 7-2 tng kt cc chuyn i Phm vi nhm c php v cc iu kin cn thit chuyn i.
-312-
LM VIC VI NHM
Bng 7-2: Cc hn ch chuyn i Phm vi nhm Active Directory T Domain Local T Global T Universal n Domain Local Khng p dng n Global Khng c php n Universal Cho php ch trong trng hp khng c thnh vin l nhm cc b min Khng p dng Cho php nu khng l thnh vin ca nhm Global khc Cho php nu Khng p dng khng c nhm Universal khc l thnh vin
Khng c php Khng hn ch
Xy dng Nhm Global v Domain Local

S l mt tng tt nu bn c mt chin lc nhm sn sng trc khi to ra cc nhm Active Directory. To ra cc nhm vi Kiu v Phm vi sai s dn n vic gp cc li khi thc thi cc tc v nh. i vi phn ln vic ci t mng, phng php thng thy nht l pht trin cc nhm s dng Phm vi Global v Domain Local theo cc tiu ch sau: To nhm cc b min cho cc ti nguyn c chia s: Xc nh cc ti nguyn, nh th mc hay my in m ngi dng cn truy cp, v to mt hay hai nhm cho cc ti nguyn ny. V d: nu bn c mt s cc my in mu trong cng ty, to nhm cc b min c tn Color Printer. Gn cc Cp php truy cp ti nguyn cho nhm cc b min : gn cc Cp php cn thit truy cp ti nguyn cho nhm cc b min tng ng. V du: bn cn gn cc Cp php cn thit c th s dng cc my in mu cho nhm Color Printer. To cc nhm Global cho cc ngi dng c cng cc yu cu cng vic: Xc nh cc ngi dng c cng cc yu cu cng vic v thm i tng ngi dng ca h vo nhm Global. V du: trong phng K ton, thm i tng ngi dng ca tt c cc k ton vin vo nhm Accounting. Thm nhm Global cn truy cp ti nguyn vo nhm cc b min tng ng: Xc nh tt c cc nhm Global c yu cu truy
-313-
LM VIC VI NHM
cp n mt ngun ti nguyn nht nh, v a cc nhm Global l thnh vin ca nhm domain local tng ng. V du: cc k ton vin c th truy cp n cc my in mu, thm nhm Global Accounting vo nhm domain local Color Printer. Cc ngi dng trong nhm Accounting s nhn c cc Cp php trao cho nhm Color Printer. Khi bn to ra cc nhm theo cc tiu ch trn, bn s iu chnh cc Cp php cho nhm cc b min khi ngun ti nguyn cn thay i v s iu chnh thnh vin ca nhm Global khi nhn s cn thay i. C th bn s ngh rng vic s dng c hai loi Phm vi nhm: Domain Local v Global l khng cn thit. Sau ht, bn vn c th ch to mt nhm n, hoc Domain Local hoc Global, trao cho n cc cp php cn thit truy cp ti nguyn, v thm cc i tng ngi dng ca cc nhn vin cn truy cp ti nguyn vo l thnh vin ca nhm. Mc d vy, s c cc hn ch r rt trong chin lc ny, bt k bn ang s dng nhm domain local hay nhm Global. t i tng ngi dng vo nhm cc b min v trao cp php cho nhm cc b min: Chin lc ny khng cho php bn gn cc Cp php cho cc ti nguyn ngoi min, n lm gim mc linh hot ca chin lc nhm khi mng ca bn pht trin. t Ti khon ngi dng vo nhm Global v trao Cp php cho nhm Global: Chin lc ny lm phc tp hn cng vic qun tr khi bn s dng m hnh nhiu min. Nu cc nhm Global trong cc min khc nhau yu cu cng mt tp cc cp php, bn phi gn cc cp php ny cho mi nhm Global ring r.
CC NHM MC NH CA WINDOWS SERVER 2003

Windows Server 2003 s t ng to ra mt s ln cc nhm trong cha cc Ti khon ngi dng dng sn. Bn c th s dng cc nhm ny, thay i chng nu cn (trong mt vi trng hp), hay to ra cc nhm mi ca ring bn. C bn loi nhm mc nh trong Windows Server 2003: Nhm Cc b dng sn, ch tn ti trong trng hp my tnh khng phi l My ch Qun tri Min, v ba loi nhm mc nh trong Active Directory nhm xc nh trc (Predefined Group), nhm dng sn (Built-in Group), v nhm ng nht c bit (Special Identities Group). Ta s tho lun v cc nhm mc nh ny trong phn tip theo.
-314-
LM VIC VI NHM
Nhm Cc b Dng sn (Built-in Local Group)

My ch c lp chay My ch thnh vin chy Windows Server 2003 tt c u c cc nhm cc b dng sn. My ch Qun tri Min khng c cc nhm cc b (hay ngi dng cc b) do SAM ca n c chuyn i sang s dng Active Directory. Cc nhm cc b dng sn trao cho ngi dng quyn thc thi cc tc v h thng trn mt my tnh n l, nh l vic sao lu v phc hi file, thay i thi gian h thng, v qun tr cc ngun ti nguyn h thng. Cc nhm cc b dng sn nm trong th mc Group ca Snap-in Local Users And Groups. Cc nhm cc b dng sn trong Windows Server 2003 v cc kh nng ca n c ch ra di y. Ngoi tr ti nhng ch s c ch ra c th, khng mt nhm no khc c sn cc thnh vin. Administrators (Nhm Qun tr): Thnh vin ca nhm ny c cc quyn y v khng hn ch khi truy cp n my tnh v min, gip h c th thch thi tt c cc tc v qun tr. Mc inh, ngi dng cc b dng sn Administrator l thnh vin ca nhm ny. Khi my tnh gia nhp vo min, Windows Server 2003 thm nhm xc nh trc Domain Admins vo nhm ny. Backup Operators (nhm Sao lu): Cc thnh vin ca nhm ny c Quyn (User Rights) cho php h c th b qua cc hn ch v bo mt c th thc hin cc tc v Sao lu v Phc hi file. Guests (Nhm Khch): Thnh vin ca nhm ny ch c th thc hin cc tc v m bn trao quyn cho h, v ch c th truy cp n cc ti nguyn m bn cp php cho h truy cp. H cng khng th to ra cc thay i thng trc trn mi trng mn hnh ca h. Mc nh, Ti khon ngi dng cc b dng sn ca my tnh Guest l thnh vin ca nhm ny. Khi my tnh gia nhp min, Windows Server 2003 thm nhm ton cc xc nh trc Domain Guest vo nhm ny. Network Configuration Operators (Nhm cu hnh mng): Thnh vin ca nhm ny c mt s quyn qun tr gii hn, gip h c th thc hin cc thay i thit lp ca TCP/IP, v lm mi hay gii phng a ch IP. Performance Log Users (Nhm ghi chp hiu nng): Thnh vin ca nhm ny c trao cc quyn gip h c th qun l
-315-
LM VIC VI NHM
c cc bin m hiu nng (Performance Counter), nht k (Logs), v Cnh bo (Alerts) trn my tnh, c ti ch ln t xa. Performance Monitor Users (Nhm Theo di Hiu nng): Thnh vin ca nhm ny c trao cc quyn gip h c th theo di cc bin m hiu nng trn my tnh, c ti ch ln t xa. Power Users (Nhm Quyn lc): Thnh vin ca nhm ny c th to ra cc Ti khon Nhm hay hay ngi dng cc b trn my tnh v thay i cc ngi dng hay nhm h to ra . H cng c th thm hay loi b ngi dng trong cc nhm cc b Power Users, Users v Guest, to cc ngun ti nguyn chia s, qun tr cc ngun ti nguyn chia s h to ra. Power Users khng th chim quyn s hu (Take Ownership) file, Sao lu v Phc hi th mc, ti v d b cc trnh iu khin thit b, hay qun tr cc Bn ghi Bo mt (Security Log). Print Operators (Nhm Vn hnh My in): Thnh vin ca nhm ny c th qun tr cc my in v hng i in trn my tnh. Remote Desktop Users (Nhm Truy cp Mn hnh T xa): Thnh vin ca nhm ny c th s dng dch v u cui (Terminal Service) truy cp t xa vo my tnh. Replicator (Nhm Nhn bn): Nhm ny c to h tr chc nng nhn bn th mc. Thnh vin duy nht ca n, thng l Ti khon ngi dng trong min, l ti khon thng xuyn ng nhp vo dch v nhn bn (Replicator) ca My ch Qun tri Min. Khng thm cc ti khon ca ngi dng thc s vo nhm ny. Users (Nhm Ngi dng): Thnh vin ca nhm ny c th thc thi cc tc v nh chy cc ng dng, s dng cc my tnh cc b hay trn mng, v kha my ch. Thnh vin ca nhm ny khng th chia s th mc hay ci t cc my in cc b. Tt c cc ti khon ngi dng cc b dc to ra trn my tnh s c t ng thm vo nhm ny. Khi my tnh gia nhp min, Windows Server 2003 thm cc nhm Domain Users, Authenticate Users, v Interactive vo nhm cc b Users. V do , ton b cc ti khon ngi dng trn min tr thnh thnh vin ca nhm cc b Users ny.
-316-
LM VIC VI NHM
Trong phn ln cc trng hp, cc c quyn m cc nhm cc b ny c c l do vic gn cc quyn ngi dng cho cc nhm ny. Bng 7-3 lit k danh sch cc Quyn ngi dng c gn cho cc nhm cc b dng sn (Cc nhm khng lit k khng c cc quyn mc nh gn cho chng) Bng 7-3 Cc Quyn ngi dng mc nh c gn cho nhm cc b dng sn. Local Group Default User Rights Administrators Access This Computer From The Network (Truy cp my tnh t mng) Adjust Memory Quotas For A Process (iu chnh hn ngch b nh dnh cho cc tin trnh ) Allow Log On Locally (Cho php ng nhp cc b) Allow Log On Through Terminal Services (Cho php ng nhp qua dch v u cui) Back Up Files And Directories (Sao lu file v th mc) Bypass Traverse Checking (Khng kim tra Cp php khi ngi dng duyt th mc) Change The System Time (thay i thi gian h thng) Create A Pagefile (to b nh o) Debug Programs (g ri chng trnh) Force Shutdown From A Remote System (Tt Windows t xa) Increase Scheduling Priority (tng cp u tin ca chng trnh lp lch) Load And Unload Device Drivers (ci t v d b Trnh iu khin thit b) Manage Auditing And Security Log (Qun l vic kim nh v nht k bo mt) Modify Firmware Environment Variables (thay i cc bin mi trng phn sn) Perform Volume Maintenance Tasks (thc thi vic bo tr cng) Profile Single Process (lp h s cc tin trnh n) Profile System Performance (lp h s hiu nng ca h thng)
-317-
LM VIC VI NHM
Remove Computer From Docking Station (d b my tnh khi trm ni) Restore Files And Directories (Phc hi file v th mc) Shut Down The System (Tt windows) Take Ownership Of Files Or Other Objects (Chim quyn s hu ca file hay cc i tng khc) Backup Operators Access This Computer From The Network Allow Log On Locally Back Up Files And Directories Bypass Traverse Checking Restore Files And Directories Shut Down The System Power Users Access This Computer From The Network Allow Log On Locally Bypass Traverse Checking Change The System Time Profile Single Process Remove Computer From Docking Station Shut Down The System Remote Desktop Allow Log On Through Terminal Services Users Users Access This Computer From The Network Allow Log On Locally Bypass Traverse Checking Bypass Traverse Checking
Nhm Xc nh trc Active Directory

Tt c cc min Active Directory u c mt tp cc nhm xc nh trc (Predefined Group). y l nhm Bo mt, phn ln thuc Phm vi Global, vi mc ch l nhm cc loi ti khon ngi dng min thng dng li vi nhau. Mc nh, Windows Server 2003 s t ng thm cc thnh vin vo mt vi nhm xc nh trc. Bn cng c th thm cc i tng ngi dng vo cc nhm xc nh trc ny h c tha hng cc Quyn v Cp php c trao cho cc nhm ny. Khi bn to min Active Directory, Windows Server 2003 to ra cc nhm ton cc xc nh trc trong i tng cha Users, nh trn hnh 7-7. Mc nh, cc nhm xc nh trc ny khng c tha hng bt c mt
-318-
LM VIC VI NHM
Quyn hay Cp php no. Bn c th gn Quyn v Cp php cho chng bng cch thm cc nhm ton cc xc nh trc ny vo nhm min cc b hay bng cch gn trc tip cc Quyn hay Cp php cho cc nhm ton cc xc nh trc ny.
Hnh 7-7: Th mc Users ca min Active Directory cha cc nhm ton cc xc nh trc. Cc nhm ton cc xc nh trc do Windows 2000 to ra v cc thnh vin ca n bao gm: CertPublishers (Xut bn Giy Chng nhn) Thnh vin ca nhm ny c trao cc Cp php c th to v trao cc Certificate (Giy chng nhn) cho ngi dng v My tnh. Khng ging phn ln cc nhm xc nh trc khc, nhm ny l nhm cc b min. Domain Admins (Qun tr Min) Thnh vin ca nhm ny c ton quyn qun tr trn min. Mc inh, ngi dng ca min Administrator l thnh vin ca nhm ny. Khi my tnh gia nhp min hay n c nng cp thnh My ch Qun tri Min, nhm Domain Admins s tr thnh thnh vin ca nhm cc b Administrators ca my tnh. iu ny cho php cc qun tr min c ton quyn truy cp n tt c cc my tnh trong min. Domain Computers (Cc My tnh trong Min) nhm ny cha ton b cc my tnh trong min (tr cc My ch Qun tri Min). Mc nh, tt c cc i tng my tnh mi c to ra trong min (tr cc My ch Qun tri Min mi to) s tr thnh thnh vin ca nhm ny. Domain Controlers (My ch Qun tri Min) nhm ny c cc thnh vin l cc i tng my tnh ca ton b cc My ch Qun tri Min trong min. Mc nh, cc i tng ni trn khi c thm vo min s tr thnh thnh vin ca nhm ny.
-319-
LM VIC VI NHM
Domain Guests (Khch ca min) Mc nh, i tng Domain Guest l thnh vin ca nhm ny, v Windows Server 2003 s t ng thm nhm ton cc Domain Guests vo nhm cc b min dng sn Guests. Domain Users (ngi dng ca min) Nhm ny c to ra i din cho tt c cc ngi dng ca min. Windows Server 2003 t ng thm tt c cc i tng ngi dng ca min vo nhm ny v ng thi cng thm nhm ton cc Domain Users vo nhm cc b min dng sn Users. Enterprise Admins (Qun tr Doanh nghip) Nhm Enterprise Admins ch xut hin min gc ca rng (min u tin trong rng), cc thnh vin ca n, c ton quyn qun tr trn tt c cc min trong rng. Mc nh, nhm Enterprise Admins l thnh vin ca nhm cc b trn min Administrators v i tng ngi dng min Administrator l thnh vin ca nhm Enterprise Admins. Group Policy Creator Owners (nhm To ra Chnh sch Nhm) Thnh vin ca nhm ny c php thay i cc thit lp chnh sch trong min. Mc nh, ti khon min Administrator l thnh vin ca nhm ny. RAS and IAS Servers (nhm My ch RAS v IAS) Cc my ch l thnh vin ca nhm ny c php truy cp cc thuc tnh truy cp t xa ca ngi dng. Schema Admins (nhm Qun tr Lc ) Nhm ny ch xut hin ti min gc ca rng, v cc thnh vin ca n c php thay i Lc Active Directory. Mc nh, ti khon min Administrator l thnh vin ca nhm ny. LU Enterprise Admins v Schema Admins Phm vi ca cc nhm xc nh trc ny ph thuc vo Cp chc nng ca min. vi min chy ti Cp chc nng Windows 2000 Mixed hay Windows Server 2003 Interim, n l Global, vi min chy ti Cp chc nng Windows 2000 Native hay Windows Server 2003, n l Universal. Ngoi nhng nhm xc nh trc lit k trn, mt vi nhm khc s c to ra khi bn ci t cc cu thnh phn mm nht nh ca Windows
-320-
LM VIC VI NHM
Server 2003, nh nhm DnsAdmins v DnsUpdateProxy (Khi bn ci dch v DNS Server), nhm IIS_WPG (khi bn ci IIS). Cng ging nh i vi cc nhm dng sn cc b, mt vi nhm xc nh trc Active Directory cng c cc c quyn thng qua vic gn cc Quyn ngi dng. Trong trng hp ny, mc d vy, ch ng vi cc nhm Domain Admins v Enterprise Admins. Cc Quyn ngi dng c gn cho cc nhm ny mt cch mc nh c lit k trong bng 7-4. Bng 7-4: Cc Quyn ngi dng mc nh c gn cho cc nhm xc nh trc Local Group Default User Rights
Domain Admins Access This Computer From The Network and Enterprise Adjust Memory Quotas For A Process Admins Back Up Files And Directories Bypass Traverse Checking Change The System Time Create A Pagefile Debug Programs Enable Computer And User Accounts To Be Trusted For Delegation Force Shutdown From A Remote System Increase Scheduling Priority Load And Unload Device Drivers Allow Log On Locally Manage Auditing And Security Log Modify Firmware Environment Values Profile Single Process Profile System Performance Remove Computer From Docking Station Restore Files And Directories
-321-
LM VIC VI NHM
Shut Down The System Take Ownership Of Files Or Other Objects
Cc nhm Active Directory dng sn

Mi min Active Directory u c cc i tng cha, trong h thng s to ra hng lot cc nhm Bo mt, m tt c chng u l cc nhm c phm vi Domain Local. Cc nhm ny cung cp cho ngi dng c cc Quyn ngi dng v Cp php kh nng thc hin cc tc v trn My ch Qun tri Min v trong cy Active Directory. Cc nhm cc b min dng sn cung cp cc Quyn v Cp php xc nh trc cho cc ti khon ngi dng khi bn thm cc i tng ngi dng hay nhm Global vo l thnh vin ca nhm cc b min dng sn ny. Nhm cc b min dng sn v cc kh nng c gn cho cc thnh vin ca n nh sau: Accounts Operators (Nhm Vn hnh Ti khon) Thnh vin ca nhm c th to, xa v thay i cc i tng ngi dng, My tnh v Nhm trong i tng cha Users and Computers v trong ton b cc OU ngoi tr i tng cha Domain Controlers. H khng c cp php thay i nhm Administrators v nhm Domain Admins, cng nh khng c thay i cc ti khon l thnh vin ca cc nhm ny. Thnh vin ca nhm ny c th ang nhp cc b vo My ch Qun tri Min v tt Windows ca chng. Administrators (Qun tr) Thnh vin ca nhm c ton quyn truy cp n stt c cc My ch Qun tri Min v ti ton b min. Mc nh, nhm Domain Admins, nhm Enterprise Admins v ti khon Administrator l thnh vin ca nhm ny. Backup Operators (Vn hnh Sao lu) Thnh vin ca nhm c cc Quyn ngi dng cho php h tin hnh Sao lu v phc hi file trn ton b cc My ch Qun tri Min trong min, thm ch khi h khng c cc Cp php nht nh i vi file. Thnh vin ca nhm ny cng c th ng nhp cc b vo My ch Qun tri Min v tt windows ca chng. Guests (Khch) Thnh vin ca nhm khng c cc Quyn mc nh. Mt cch mc nh, nhm Global Domain Guest v i tng ngi dng trong min Guest l thnh vin ca nhm ny.
-322-
LM VIC VI NHM
Incoming Forest Trust Builders (Ngi Xy dng mi Quan h Tin cy Trong rng) Thnh vin ca nhm c th to cc mi quan h tin cy mt chiu trong rng n min gc ca rng. Network Configuration Operators (Vn hnh Cu hnh Mng) Thnh vin c th thay i cc thit lp TCP/IP, lm mi hay d b cc a ch TCP/IP trn cc My ch Qun tri Min trong min. Perfomance Log Users (Ngi qun l nht k hiu nng) Thnh vin ca nhm c trao cc c quyn h c kh nng qun l cc bin m hiu nng, cc nht k, v cc cnh bo trn My ch Qun tri Min trong min, c ngay trn my cc b hay t xa. Perfomance Monitor Users (Ngi Gim st hiu nng) Thnh vin ca nhm c tra cc c quyn c th theo di cc b m hiu nng trn My ch Qun tri Min, ngay trn my cc b hay t xa. Pre-Windows 2000 Compatible Access (Truy cp tng thch cc phin bn trc Windows 2000) Thnh vin ca nhm c th truy cp c cc i tng nhm v ngi dng trong min. nhm ny c xy dng nhm tha mn s tng thch ngc i vi cc my tnh chy cc phin bn Windows NT 4 hay cc phin bn trc . Khi bn chn ty chn Permissions Compatible With Pre-Windows 2000 Server Operating Systems (cc Cp php tng thch vi cc h iu hnh trc Windows 2000 Server) trong Trnh hng dn ci t Active Directory, nhm ng nht c bit Everyone s tr thnh thnh vin ca nhm ny. Print Operators (Vn hnh in n) Thnh vin ca nhm ny c th qun l, to, chia s v xa cc my in c ni ti My ch Qun tri Min trong min v h cng c th qun l cc i tng my in trong Active Directory. Cc thnh vin ny cng c th ng nhp cc b vo My ch Qun tri Min v tt Windows ca chng. Remote Desktop Users (ngi dng Mn hnh T xa) Thnh vin ca nhm c th ng nhp vo My ch Qun tri Min trong min thng qua Dch v u cui. Replicators (nhm Nhn bn) Nhm ny c dng h tr cc chc nng nhn bn th mc. Thnh vin duy nht ca n, thng l Ti khon ngi dng trong min, l ti khon thng xuyn ng nhp vo dch v nhn bn (Replicator) ca My ch Qun tri Min. Khng thm cc ti khon ca ngi dng thc s vo nhm ny.
-323-
LM VIC VI NHM
Server Operators (nhm Vn hnh My ch) Trn My ch Qun tri Min, thnh vin ca nhm ny c th ng nhp, to v xa cc ngun ti nguyn chia s, khi ng hay dng mt vi dch v, Sao lu v phc hi file, nh dng cng v tt Windows ca my. Terminal Server Licence Servers (nhm cc my ch qun l giy php ca my ch chy dch v u cui) Thnh vin ca nhm ny c th truy cp cc my ch qun l giy php ca my ch chy dch v u cui, c s dng cung cp cc giy php (License) cho cc my khch chy Dch v u cui trn mng. Users (nhm ngi dng) Thnh vin ca nhm ny c th thc thi cc tc v thng thng nht nh chy cc ng dng, s dng cc my tnh cc b hay trn mng, v kha my ch. Mc nh, nhm Domain Users, v cc nhm ng nht c bit Authenticated Users (ngi dng c xc thc), Interactive l thnh vin ca nhm ny. Do vy, bt c ti khon ngi dng no c to ra trong min u l thnh vin ca nhm ny. Windows Authorization Access Group (Nhm Truy cp Xc thc ca Windows) Thnh vin ca nhm ny c php truy cp n thuc tnh TokenGroupsGlobalAndUniverrsal ca cc i tng ngi dng min. LU Nhm cc b dng sn v nhm cc b dng sn trong min Mt vi nhm cc b dng sn trong min, nh nhm BackUp Operators, Network Configuration Operators v mhm Remote Access Users l do nhn bn (duplicate) t cc nhm cc b dng sn c cng tn trn cc my ch c lp v my ch thnh vin chy Windows Server 2003. Cc nhm ny c s dng thc hin cng cc chc nng nh vi cc nhm cc b dng sn nhng trn My ch Qun tri Min khng tn ti cc nhm cc b dng sn ca chnh n. Cc Quyn ngi dng mc nh c trao cho cc nhm cc b min dng sn c lit k trong bng 7-5. Bng 7-5: Quyn ngi dng Mc nh c gn cho cc nhm dng sn Active Directory . Local Group Default User Rights
-324-
LM VIC VI NHM
Account Operators
Allow Log On Locally Shut Down The System
Administrators, domain local
Access This Computer From The Network Adjust Memory Quotas For A Process Back Up Files And Directories Bypass Traverse Checking Change The System Time Create A Pagefile Debug Programs Enable Computer And User Accounts To Be Trusted For Delegation Force Shutdown From A Remote System Increase Scheduling Priority Load And Unload Device Drivers Allow Log On Locally Manage Auditing And Security Log Modify Firmware Environment Values Profile Single Process Profile System Performance Remove Computer From Docking Station Restore Files And Directories Shut Down The System Take Ownership Of Files Or Other Objects
Backup Operators, Back Up Files And Directories domain local Allow Log On Locally Restore Files And Directories Shut Down The System
-325-
LM VIC VI NHM
PreWindows 2000 Access This Computer From The Network Compatible Access Bypass Traverse Checking Default User Rights Local Group Print Operators Allow Log On Locally Shut Down The System Server Operators Back Up Files And Directories Change The System Time Force Shutdown From A Remote System Allow Log On Locally Restore Files And Directories Shut Down The System
Cc nhm ng nht c bit (Special Identities)

Cc nhm ng nht c bit tn ti trn tt c cc my tnh chy Windows Server 2003. khng phi l cc nhm thc s do bn khng th to ra, xa hay trc tip thay i cc thnh vin ca n. Cc nhm ng nht c bit khng xut hin trong Snap-in Local Users And Groups hay trong bng iu khin Active Directory Users And Groups. Nhng bn c th s dng chng ging nh nhm, bng cch thm chng vo ACL ca h thng v cc ti nguyn mng, nh hnh 7-8 i y:
Hnh 7-8: Nhm ng nht c bit trong ACL

-326-
LM VIC VI NHM
Cc nhm ng nht c bit ban u ch l cc khong trng dnh cho mt hay nhiu ngi dng. Khi bn thm nhm ng nht c bit vo ACL, h thng s thm cc ngi dng tha mn cc c im nhn dng ca nhm ti thi im ACL x l. Cc nhm ng nht c bit i din cho cc ngi dng khc nhau ti cc thi im khc nhau, ph thuc vo cch thc ngi dng truy cp vo my tnh hay cc ngun ti nguyn nh th no. V d, nhm ng nht c bit Authenticated Users s bao gm ton b cc ngi dng hin ti ang ng nhp, c My tnh hay My ch Qun tri Min xc thc thnh cng. Ti bt c thi im no c ch ra, danh sch ngi dng xut hin trong nhm ng nht c bit Authenticated Users c th thay i, do ngi dng c th ng nhp hay thot khi Windows. Danh sch chnh xc ca cc ngi dng nm trong nhm ng nht c bit Authenticate Users c xc nh ti thi im ti nguyn c truy cp v ACL ca n c x l, ch khng phi ti thi im m nhm ng nht c bit ny c thm vo ACL. Cc nhm ng nht c bit hin c trong Windows Server 2003 c lit k sau y: Anonymous Logon (ng nhp khuyt danh) Bao gm tt c cc ngi dng kt ni ti my tnh nhng khng tin hnh xc thc. Authenticated Users (ngi dng xc thc) bao gm tt c cc ngi dng c cc ti khon cc b hay trn min hp l, v cc yu t nhn dng ca h c xc thc. Nhm ny khng bao gm ngi dng Guest ngay c trong trng hp ti khon ny c mt khu. Batch (B) Gm tt c cc ngi dng hin ti ang ng nhp thng qua cc tin nghi dng b, v d cc tc v c dt lch (Task Scheduler Job). Creator Owner (ngi s hu) Gm nhm ngi dng chnh to ra hay chim quyn s hu (Take Ownership) ti nguyn. DialUp (Quay s) Gm tt c cc ngi dng hin ang ng nhp thng qua ng in thoi. Everyone (Mi ngi) Trn cc my tnh chy Windows Server 2003, nhm ng nht c bit Everyone bao gm tt c nhm Authenticated Users cng vi ti khon ngi dng Guest. Trn cc my tnh chy cc phin bn trc ca Windows, Everyone bao
-327-
LM VIC VI NHM
gm Authenticated Anonymous.
Users,
ti
khon
Guest
nhm
Interactive (Tng tc) bao gm tt c cc ngi dng hin ang ng nhp qua mng. Service (Dch v) Gm tt c cc i tng Bo mt hin ang ng nhp nh l mt dch v. Terminal Service Users (ngi dng Dch v u cui) Gm tt c cc ngi dng hin ang ng nhp vo My ch Dch v u cui (Terminal Service Server) ang chy Dch v u cui phin bn 4, ch ng dng.
TO V QUN L CC I TNG NHM

Mt khi bn xc nh bn nh s dng nhm nh th no trn mng ca bn v nghin cu cc hng dn cng nh cc hn ch ca rt nhiu kiu v phm vi nhm khc nhau, bn sn sng bt tay thc s vo vic to ra cc nhm mnh cn. Rt may mn l vic to ra nhm l d rng hn nhiu so vi vic bn hiu v chng v cc kh nng ca chng. Phn sau y m t v mt vi trong cc tc v thng thng nht ca vic qun tr nhm m cc nh qun tr mng v h thng cn thc hin mt cch thng xuyn. LU Mc ch ca k thi Mc ch ca k thi 70-290 yu cu sinh vin c kh nng To v Qun l nhm
To nhm cc b
to nhm cc b trong Windows Server 2003, bn bt buc phi lm vic trn my ch c lp hay my ch thnh vin do My ch Qun tri Min khng c nhm cc b. bn cng nht thit phi ng nhp vi mt ti khon ngi dng l thnh vin ca nhm cc b Administrators hay nhm cc b Power Users (hoc nhm Domain Admins trong min, m bn thn n l thnh vin ca nhm cc b Administrators). to ra nhm cc b, bn theo cc bc sau: 1. ng nhp vo my tnh vi ti khon Administrator (hoc c th s dng cc ti khon khc c cc c quyn thch hp). 2. Nhn chut vo Start, tr n Administrative Tools v chn Computer Management. Bng iu khin Computer Management xut hin.
-328-
LM VIC VI NHM
3. M rng im Local Users And Groups trong phm vi, sau chn th mc Groups.
Trong Snap-in Local Users And Group, ngi dng v nhm c t trong cc th mc ring r, khng c t ln nhau trong cc i tng cha nh trong Active Directory. 4. T thc n Action chn New Group (nhm mi). Hp thoi New Group xut hin.
-329-
LM VIC VI NHM
5. Trong hp vn bn Group Name (tn nhm), g tn ca nhm bn cn to. 6. Nhn Add (thm). Hp thoi Select Users (chn ngi dng) xut hin.
7. G tn ca ngi dng cc b hay ca nhm ng nht c bit trong hp vn bn Enter The Object Name To Select (Nhp tn ca i tng la chn). Sau nhn OK. ngi dng hay nhm ng nht c bit c thm vo danh sch thnh vin. Bn cng c th nhn vo Advanced (nng cao) tm kim ngi dng cc b hay cc nhm ng nht c bit. 8. Nhn Create (to). Snap-in s to ra nhm mi trong th mc Groups, v n lm trng hp thoi New Group bn c th tip tc to nhm khc. 9. Nhn Close (ng).
-330-
LM VIC VI NHM
Sau khi to nhm cc b, bn c th chn n v t thc n Action, chn Properties (thuc tnh) m hp thoi Properties ca nhm, nh ch ra trn hnh 7-9. Ti y, bn c th thm thnh vin hay loi b chng khi nhm vo bt c lc no.
Hnh 7-8: Hp thoi Properties ca nhm cc b. Bn cng c th qun l thnh vin ca nhm cc b t hp thoi Properties ca ti khon ngi dng, nh ch ra trong hnh 7-10. mi hp thoi Properties ca ngi dng cc b u cha th Member Of (Thnh vin ca) m bn c th dng thm cc nhm cc b bn mun ngi dng tr thnh thnh vin.
-331-
LM VIC VI NHM
Hnh 7-10: Th member Of trong hp thoi Properties ca ngi dng cc b
Lm vic vi nhm Active Directory

Mc d nhm Active Directory phc tp hn nhm cc b rt nhiu, do c rt nhiu loi Kiu v Phm vi khc nhau, nhng qu trnh to v qun l chng cng kh l n gin. Trong phn sau, bn s hc cch to, qun l cc thnh vin ca n v thay i cc thuc tnh (Properties) ca chng nh th no bbng cch s dng bng iu khin Active Directory Users And Computers. LU Mc ch k thi Mc ch ca k thi 70-290 yu cu sinh vin c kh nng S dng bng iu khin Active Directory Users Anh Computers to v thay i nhm. To nhm Bo mt Khng ging nh trong Local Users Anh Computers, bt buc bn phi to nhm trong mt th mc ring, Bng iu khin Active Directory Users And Computers cho php bn to cc i tng nhm ti bt c u bn mun. Bn c th to nhm ca mnh ti i tng cha Users vi cc nhm ton cc xc nh trc, hay to trong i tng cha Built-in vi nhm cc b min dng sn, trong bt c i tng OU no do bn to ra, v thm ch trc tip ngay di i tng min. Cng nh i vi vic to ra bt c i tng Active Directory no, v tr bn chn cho i tng cn da trn thit k cy th mc ca bn. Nu bn c k hoch s dng nhm gn Quyn ngi dng cho cc ngi dng ca bn, bn cn to cc i tng OU thch hp, trong bn s t cc nhm. Nh cc bn bit trong chng 6, cc i tng cha Users v Built-in khng phi l cc OU v bn khng th gn cc Chnh
-332-
LM VIC VI NHM
sch Nhm cho chng. gn cc Quyn ngi dng cho nhm trong cc i tng cha ny, bn phi s dng GPO p dng cho Min (Domain) hay V tr (Site), v cc Chnh sch nh vy s c tt c cc i tng trong Min hay trong V tr (Site) tha k. to i tng nhm, bn chn i tng cha trong Phm vi ca bng iu khin Active Directory Users And Computers v t thc n Action, tr n New v chn Group. Hp thoi New Object Group s xut hin nh trong hnh 7-11.
Hnh 7-11: Hp thoi New Object - Group Trong hp thoi ny, bn cn xc nh cc thng tin sau: Group Name (tn nhm): Tn bn mun t cho i tng nhm. Tn ny c th di ti 64 k t v nht thit phi l duy nht trong min. Group Name (Pre-Windows 2000) (tn tng thch vi cc phin bn trc Windows 2000): ngay khi bn nhp tn nhm, tn tng thch vi cc phin bn trc Windows 2000 s xut hin trong ny. Group Scope (Phm vi nhm): Chn ty chn no p ng c mong mun ca bn khi chn Phm vi nhm: Domain Local, Global hay Universal. Cc Phm vi bn c th chn la ph thuc vo Cp chc nng ca min bn ang lm vic, nh m t ti phn trn ca chng ny. Bng iu khin Active Directory Users Anh Computers khng cho php bn chn cc loi Phm vi khng c php trong Cp chc nng hin ti ang dng.
-333-
LM VIC VI NHM
Group Type (Kiu nhm): chn ty chn no p ng c mong mun ca bn: Security (Bo mt), hay Distribution (Phn phi). Trong phn ln cc trng hp, bn s to cc nhm Bo mt. Khi bn nhn OK, bng iu khin s to ra i tng nhm mi trong i tng cha bn chn.
Qun l thnh vin nhm

Khng ging nh Snap-in Local Users And Groups, bn c th xc nh cc thnh vin ca nhm ngay khi tao ra nhm, trong Active Directory Users And Computers, bn phi to i tng nhm trc, sau thm cc thnh vin vo. thm thnh vin vo nhm, bn chn n trong bng iu khin v t thc n Action, chn Properties m hp thoi Properties ca nhm, nh ch ra trong hnh 7-12. LU Mc ch ca k thi Mc ch ca k thi 70-290 yu cu sinh vin c kh nng Qun l thnh vin nhm
Hnh 7-12: Hp thoi Properties ca i tng nhm. Hp thoi Properties ca mi i tng nhm u c th Member (thnh vin) v th Member Of (thnh vin ca), cho php bn thm thnh vin vo nhm v a nhm tr thnh thnh vin ca mt nhm khc. thm thnh vin vo nhm, chn th Member sau nhn Add, hp thoi tiu chun Select Users, Contacts, Computers, Or Groups (chn ngi dng, Lin lc, My tnh hay Nhm) xut hin, nh ch ra trong hnh 7-13.
-334-
LM VIC VI NHM
Hnh 7-13: Hp thoi Select Users, Contacts, Computers, Or Groups Trong hp thoi ny, bn c th g tn ca i tng bn mun thm vo danh sch thnh vin ca nhm, hoc bn c th nhn Advanced xut hin hp thoi nh hnh 7-14, trong bn c th tm cc i tng bn mun thm.
Hnh 7-14: Hp thoi Advanced ca Select Users, Contacts, Computers, Or Groups Mt khi bn nhp hay tm cc i tng bn mun thm, nhn OK trong hp thoi Select Users, Contacts, Computers, Or Groups s thm cc i tng ny vo danh sch thnh vin ca n. Khi bn thm tt c cc thnh vin cn thit vo nhm, nhn OK ng hp thoi Properties. Lc ny, bn nn m hp thoi Properties ca i tng bn va thm vo nhm v xem i tng nhm trong th Member Of, nh hnh 7-15 i y.
-335-
LM VIC VI NHM
Hnh 7-15: Th Member Of ca hp thoi i tng ngi dng.
Lp Nhm trong nhm

Nh bn d bit trong phn trc ca chng ny, kh nng lp nhm trong nhm ca cc i tng nhm ph thuc vo Cp chc nng ca min bn ang dng v vo Kiu v Phm vi ca nhm bn ang s dng. Xem li bng 7-1 nu bn khng chc chn liu Cp chc nng ca min bn ang dng c h tr kiu nhm trong nhm m bn nh to hay khng. Bn khng th t nhm trong nhm trong bng iu khin Active Directory Users And Computers bng cch to nhm mi trong mt nhm d tn ti. Thay vo , bn phi to hai nhm ring bit, sau thm nhm ny vo l thnh vin ca nhm kia. Active Directory Users And Computers s khng cho php bn thc hin nhm trong nhm nu min ca bn khng h tr vic ny.
Thay i Kiu v Phm vi ca nhm.

Khi cc chc nng ca nhm thay i, bn c th cn thit phi i i tng nhm t Kiu ny sang Kiu khc. V d, bn c th to ra nhm Phn phi gm 100 thnh vin trong nhiu phng ban khc nhau cng lm vic vi mt d n vi mc ch dng gi E-mail. Trong qu trnh tin trin ca d n, cc thnh vin c th cn truy cp n CSDL chung. Bng vic chuyn nhm t Phn phi sang Bo mt v gn cc Cp php cho nhm, bn c th cung cp kh nng truy cp CSDL chung m khng cn to ra nhm mi v thm 100 thnh vin vo nhm li mt ln na. Bn ch c th chuyn i Kiu nhm khi min ca bn ang s dng Cp chc nng Windows 2000 Native hay Windows Server 2003.
-336-
LM VIC VI NHM
LU Mc ch k thi mc ch ca k thi 70-290 yu cu sinh vin c kh nng Nhn dng v thay i Phm vi ca nhm. thay i Kiu nhm, m hp thoi Properties ca nhm trong bng iu khin Active Directory Users And Computers, nh hnh 7-16. Trn th General bn c th nhn thy Group Type option (cc la chn Kiu nhm), nhn chut vo la chn cha c chn v nhn OK. Qu trnh thay i Phm vi nhm cng ging ht nh vy, ngoi tr vic bn chn mt trong cc Group Scope Option trong th General. Bng iu khin ch cho php bn chn cc phm vi c th. Trong hnh i ay, vi d, bn c th thy la chn Domain Local khng c hiu lc do bn khng th chuyn i nhm Global thnh nhm domain local. Xem bng 7-2 bit thm cc thng tin v cc phm vi bn c php chuyn i.
Hnh 7-16: Th General trong hp thoi Properties ca i tng nhm.
Xa nhm
Cng nh i vi i tng ngi dng, mi i tng nhm bn to ra trong Active Directory l c mt nh danh Bo mt (Security Identifier SID) duy nht v khng s dng li c. Windows Server 2003 s dng SID nhn dng nhm v cc Cp php c gn cho n. Khi bn xa nhm, Windows Server 2003 khng s dng cng SID li cho nhm mt ln na, thm ch nu bn to nhm mi cng tn vi nhm xa. Do vy, bn khng th phc hi cc Cp php truy cp bn gn cho ti nguyn
-337-
LM VIC VI NHM
bng cch to li nhm xa. Bn bt buc phi to li tt c t u mt nhm mi nh l mt i tng Bo mt trong ACL ca ti nguyn. Khi bn xa nhm, bn ch xa i tng nhm v cc Cp php cng cc Quyn ch ra rng nhm l mt i tng bo mt. Vic xa nhm s khng xa cc i tng l thnh vin ca chng. LU Li xa nhm Bn khng th xa nhm nu mt trong cc thnh vin ca n c thit lp nhm t nhm nh xa l nhm chnh (Primary Group). Thot khi s hn ch ca vic xa nhm ny, nhm chnh ch lin quan n cc my khch Macintosh v trong cc ng dng POSIX. thay i nhm chnh ca ngi dng, m hp thoi Properties ca i tng ngi dng, v trong th Member Of, chn mt nhm khc v nhn Set Primary Group. xa nhm, bn cn chn chng trong bng iu khin Active Directory Users And Computers v t thc n Action, chn Delete. Mt hp thng bo Active Directory xut hin, nhc bn xc nhn li quyt nh ca mnh. Nhn Yes, nhm s b xa.
QUN L NHM T NG
Mc d bng iu khin Active Directory Users And Computers l mt cng c thun tin trong vic to v qun l nhm, n vn khng phi l phng php hiu qu nht trong vic to mt s lng ln cc i tng bo mt. Cc cng c dng lnh Active Directory do Windows Server 2003 cung cp gip bn c kh nng to v qun l cc nhm vi s lng ln bng cch s dng cc file b hoc cc kch bn (script), tng t nh diu cc bn lm trong chng 6 i vi ngi dng. Chng ta s tho lun v mt vi cng c nh vy trong phn di y. LU Mc ch ca k thi Mc ch ca k thi 70-290 yu cu cc sinh vin c kh nng To v qun l nhm bng cch s dng cc cng c t ng.
To i tng Nhm bng Dsadd.exe

Bn s dng cng c Dsadd.exe trong chng 6 to ngi dng mi, bn cng hon ton c th dng cng cng c ny to cc i tng nhm. C php c bn trong vic s dng Dsadd.exe to nhm nh sau:
-338-
LM VIC VI NHM
Dsadd GroupDN [parameters] Trong , GroupDN l tn phn bit (Distinguished Name - DN) ca i tng nhm bn mun to. Tn DN s dng cng nh dng ca n trong file CSV, nh chng ta tho lun trong Importing User Objects Using CSV Directory Exchange (Nhp i tng ngi dng s dng Exchange Directory CSV) trong chng 6. Nu tn DN c khong trng, bn phi t chng trong du ngoc. Khi bn s dng Dsadd.exe mt cch tng tc t du nhc lnh, bn c th cung cp tham s GroupDN bng mt trong cc cch sau: Bng cch g tn DN ca cc nhm ngay trong dng lnh, gia cc tn DN cch nhau bng khong trng. Bng cch dn ra danh sch ca DN t mt lnh khc, nh Dsquery.exe Bng cch trng tham s tn DN, v bn c th g tng tn mt sau du nhc ca chng trnh, nhn Enter sau mi tn DN, nhn Ctrl + Z v Enter sau tn DN cui cng. Mc nh, Dsadd.exe to ra nhm bo mt Global, nhng bn vn c th s dng cc tham s dng dng lnh to cc nhm vi Kiu v Phm vi khc, ch nh cc thnh vin ca n hay cc nhm cha n, cng nh cc thuc tnh khc ca nhm. Cc tham s (parameters) dng lnh thng thng nht c trnh by di y: -secgrp [yes|no] Ch nh chng trnh hoc to ra nhm Bo mt (yes) hay nhm Phn phi (no). Gi tr mc nh l yes. -scope [l|g|u] Ch nh chng trnh s to ra nhm c phm vi Domain Local (l), Global (g), hay Universal (u). Gi tr mc nh l g. -samid SAMname Ch nh tn ca SAM (Security Accounts Manager Trnh Qun l cc Ti khon Bo mt) cho i tng nhm, c s dng i vi cc h thng chy cc phin bn trc Windows 2000. -desc description Ch nh cc m t cho i tng nhm. -memberof GroupDN ch nh tn DN ca mt hay nhiu nhm m nhm mi to ra s l thnh vin ca chng. -member GroupDN Ch nh tn DN ca mt hay nhiu nhm s tr thnh thnh vin ca nhm mi to.
-339-
LM VIC VI NHM
Bn cng c th thm cc tham s -s, -u, -p ch nh My ch Qun tri Min m lnh Dsadd.exe s chy, v tn ngi dng v mt khu c s dng chy lnh. {-s Server | -d Domain} -u UserName -p {Password | *} LU Ch nh mt khu khi s dng Dsadd.exe s dng k t thay th * cng vi kha p thay cho vic nhp mt khu s lm cho chng trnh nhc bn nhp mt khu trc khi thc hin lnh. V d, to ra nhm c tn Sales trong i tng cha Users v a ngi dng Administrator l thnh vin ca nhm ny, bn s s dng cu lnh sau: Dsadd group CN=Sales, CN=Users, DC=ACNA, DC=com member CN=Administrator, CN=Users, DC=ACNA, DC=com
Qun l i tng nhm bng Dsmod.exe

Dsmod.exe cho php bn c th thay i cc thuc tnh ca cc i tng nhm ang tn ti t du nhc lnh ca Windows Server 2003. S dng lnh ny, bn c th thc hin cc tc v nh thm thnh vin cho nhm, loi b chng ra khi nhm, v thay i Kiu v Phm vi ca nhm. C php c bn ca lnh Dsmod.exe nh sau: dsmod group GroupDN [parameters] Cc tham s (parrameters) thng dng nht ca lnh ny nh sau: -secgrp {yes|no} t kiu nhm l Bo mt (yes) hay Phn phi (no). -scope {l|g|u} t phm vi nhm l Domain Local (l), global (g), hay Universal (u). -addmbr members Thm thnh vin vo nhm. Thay tham s ph members bng tn DN ca mt hay nhiu i tng. -rmmbr members Loi b cc thnh vin ra khi nhm. Thay tham s ph members bng tn DN ca mt hay nhiu i tng.
-340-
LM VIC VI NHM
-chmbr members Thay ton b danh sch ca cc thnh vin nhm. Thay tham s ph members bng tn DN ca mt hay nhiu i tng. V d, thm ngi dng Administrator vo nhm Guests, bn s dng lnh sau: dsmod group "CN=Guests,CN=Builtin,DC=ACNA,DC=com" addmbr "CN=Administrator,CN=Users,DC=ACNA,DC=com"
Tm kim i tng s dng Dsget.exe

Mt khi CSDL Active Directory bt u pht trin, n c th rt nhanh t ti qui m m khi , ta kh c th dng cc bng iu khin, v d nh Active Directory Users And Computers, khi cn lm vic vi mt i tng c th no , do vn thi gian v s phc tp. Khi chuyn xy ra, rt nhiu qun tr mng s quay sang s dng cc cng c dng dng lnh. Mt trong cc cng c nh vy, l chng trnh Dsget.exe, cho php bn c th nh v v hin th cc thng tin v bt k mt i tng no trong CSDL Active Directory. Dsget.exe s dng c php tng t nh cc c php s dng trong Dsadd.exe, Dsmod.exe. trong bn s ch nh lp i tng (Object class), tn DN ca mt hay nhiu i tng, v cc tham s ch ra cc thng tin bn cn hin th, th d: dsget objectclass ObjectDN [parameters] Gi tr ca bin ObjectClass c th l Computer Contact Subnet Group OU Server User Quote Partition
-341-
LM VIC VI NHM
Mi lp i tng trn li c mt tp hp cc tham s lin quan dn lp , cho php bn c th hin th gi tr ca cc thuc tnh ca kiu i tng . Vi lnh Dsget user, vi trong cc tham s ca n l: dn hin th tn DN ca ngi dng. samid Hin th tn SAM ca ti khon ngi dng sid Hin th M s Nhn dng Bo mt (SID) ca ngi dng upn Hin th tn chnh (principal) ca ngi dng. fn Hin th tn gi (first name) ca ngi dng ln tel Hin th tn gia nh (last name) ca ngi dng Hin th tn hin th (display name) ca ngi dng Hin th a ch E-mail ca ngi dng Hin th cc nhm m ngi dng l thnh vin Hin th s din thoi ca ngi dng display email memberof trc tip
expand Hin th danh sch cc nhm qui m ngi dng l thnh vin V d, hin th danh sch cc nhm m ngi dng l thnh vin, ta s dng cu lnh sau: dsget user "CN=Administrator,CN=Users,DC=ACNA,DC=com Memberof -
LU Mc ch ca k thi Mc ch ca k thi 70-290 yu cu cc sinh vin c kh nng Tm cc nhm trn min m mt ngi dng c th no l thnh vin.
-342-
LM VIC VI NHM
TNG KT
Nhm l mt i tng gm c mt danh sch cc ngi dng. Bn c th Cp php bo mt cho nhm bng cch thm n vo trong danh sch ACL, ging nh bt c mt i tng bo mt no khc, v d ngi dng hay My tnh. Tt c cc Cp php bn gn cho nhm s c cc thnh vin trong nhm tha k. Windows Server 2003 h tr cc nhm cc b v cc nhm Active Directory trn min theo cng phng thc m n h tr cho ngi dng cc b v ngi dng trn min. Cp chc nng Active Directory ca min xc nh cc Kiu v Phm vi ca nhm bn c th s dng, loi nhm no bn c th t trong cc nhm khc, v loi nhm no bn c th chuyn i. Trong Active Directory, c hai Kiu nhm: Bo mt (Securitiy) v Phn phi (Distribution), v c ba loi Phm vi: Domain Local, Global, Universal. Nhm Bo mt c th c gn cc Cp php, trong khi nhm Phn phi c s dng truy vn cc i tng cha, nh cc nhm Phn phi E-mail, v khng th Cp php truy cp ti nguyn cho n. Nhm cc b min c s dng gn cc Cp php truy cp cc ti nguyn. Nhm Global nhm tp hp cc ngi dng c cng mt nhu cu i vi ti nguyn. Nhm Universal c s dng chnh cho vic truy cp n cc ti nguyn nm trn nhiu min. to v qun l nhm cc b, bn s dng Snap-in Local Ussers And Groups. to v qun l nhm Active Directory, bn s dng bng iu khin Active Directory Users And Computers. Bn c th to cc nhm trn min ti bt k i tng cha no hay ti OU trong cy Active Directory. K thut Nhm trong nhm (Nesting) l bn lm cho mt nhm ny tr thnh thnh vin ca nhm kia. Bn c th to ra hay chnh sa nhm bng cc cng c dng dng lnh, v d nh: Dsadd.exe, Dsmod.exe, Dsget.exe.
-343-
LM VIC VI NHM
BI TP THC HNH
Bi tp thc hnh 7-1: To nhm Bo mt
Trong bi tp thc hnh ny, bn s to nhm Active Directory trn min ca bn. 1. ng nhp vo My ch Qun tri Min Windows Server 2003 vi ti khon ca Administrator. 2. Nhn Start, tr n Administrative Tools, v nhn Active Directory Users And Computers. Bng iu khin Active Directory Users And Computers xut hin. 3. Chn i tng cha Users trong Phm vi (scope pane), v trn thc n Action, tr n New v nhn Group. Hp thoi New Object Group xut hin. 4. Trong hp vn bn Group Name, g Accountants. 5. Trong hp Group Scope, chn ty chn Global, v nhn OK. 6. Thc hin cc bc tng t nh trn to nhm bo mt c Phm vi Global th hai c tn Development.
Bi tp thc hnh 7-2: Thm thnh vin vo nhm

Trong bi tp thc hnh ny, ta thm cc i tng ngi dng vo lm thnh vin ca nhm. 1. ng nhp vo My ch Qun tri Min Windows Server 2003 vi ti khon ca Administrator. 2. Nhn Start, tr n Administrative Tools, v nhn Active Directory Users And Computers. Bng iu khin Active Directory Users And Computers xut hin. 3. Chn i tng cha Users trong Phm vi. 4. Trong Chi tit, chn nhm trn min Users v t thc n Action, chn Properties. Hp thoi Domain Users Properties xut hin. 5. Chn th Members v nhn Add. Hp thoi Select Users, Computers, Contacts, Or Groups xut hin. 6. Trong hp Enter The Object Names To Select, g Guest, v nhn OK. i tng ngi dng Guest c thm vo danh sch thnh vin ca nhm.
-344-
LM VIC VI NHM
7. Nhn OK ng hp thoi Domain Users Properties.
Bi tp thc hnh 7-3: a nhm vo trong nhm

Trong bi tp thc hnh ny, bn s to cc nhm cha nhau bng cch thm mt nhm vo lm thnh vin ca mt nhm khc. 1. ng nhp vo My ch Qun tri Min Windows Server 2003 vi ti khon ca Administrator. 2. Nhn Start, tr n Administrative Tools, v nhn Active Directory Users And Computers. Bng iu khin Active Directory Users And Computers xut hin. 3. Chn i tung cha Users trong Phm vi, v trn thc n Action menu, tr n New v nhn Group. Hp thoi New Object Group xut hin. 4. Trong hp vn bn Group Name , g Printers. 5. Trong hp Group Scope, chn ty chn Domain Local, v nhn OK. Lc ny, bn nn gn cho nhm Printers cc Cp php cn thit c th truy cp cc my in trn mng. 6. To i tng nhm bo mt th hai s dng phm vi Global c tn Sales. 7. Chn i tng nhm Printers bn va to, v t thc n Action, chn Properties. Hp thoi Printers Properties xut hin. 8. Chn th Members, v nhn Add. Hp thoi Select Users, Computers, Contacts, Or Groups. 9. Trong hp Enter The Object Names To Select, g Sales, v nhn OK. i tng nhm Sales c thm vo danh sch thnh vin ca nhm Printers. 10. Nhn OK ng hp thoi Domain Users Properties. Lc ny, nhm Sales s tha hng ton b cc Cp php bn trao cho nhm Printers v truyn n cho cc thnh vin ca mnh.
-345-
LM VIC VI NHM
CC CU HI N TP.
1. Loi nhm no trong min l ging nht so vi nhm cc b (Local Group) trn cc my ch thnh vin? Chng ging nhau nh t no? 2. Trong min chy Cp chc nng Windows Server 2003, cc i tng bo mt no c th l thnh vin ca nhm Global? (chn tt c cc cu tr li ng). a. Users b. Computers c. Universal groups d. Global groups 3. Trong hp thoi Properties bn truy cp vo th no thm ngi dng vo nhm? 4. Bn cn a nhm IT Administrators vo trong nhm Sales cc thnh vin ca n c th truy cp n cng cc ti nguyn ( c t cc Cp php trong ACL) nh l cc thnh vin ca nhm Sales. T trang Properties ca nhm IT Administrator, bn cn truy cp th no thc hin vic ny? 5. Nu mi trng ca bn c hai min, mt chy Windows Server 2003, mt chy Windows NT 4, cc phm vi nhm no bn c th s dng gn cc Cp php i vi bt k ti nguyn no nm trn mt My ch Qun tri Min bt k? 6. Cc s thay i phm vi nhm no sau y l c php? (Chn tt c cc cu tr li ng.) a. Global thnh universal b. Domain local thnh universal c. Universal thnh global d. Domain local thnh local e. Global thnh domain local 7. Bn s s dng cng c no to nhm cc b trn my tnh chy Windows 2000 khng phi l My ch Qun tri Min? 8. Bn d nh xa nhm Bo mt Global bng bng iu khin Active Directory Users And Computers, v bng iu khin khng cho php
-346-
LM VIC VI NHM
bn thc hin tc v ny. Cc nguyn nhn no sau y gy nn li trn? (Chn tt c cc cu tr li ng.) a. Vn cn thnh vin trong nhm. b. Mt trong cc thnh vin ca nhm c thit lp nhm t n l nhm chnh (Primary Group.) c. Bn khng c y cc Cp php cn thit i vi i tng cha m nhm ny ang c nh v trong n. d. Bn khng th xa nhm Global bng cch s dng bng iu khin Active Directory Users And Computers. 9. Ti sao bn khng nn s dng cc nhm cc b trn my tnh sau khi n tr thnh thnh vin ca min.
-347-
LM VIC VI NHM
CC KCH BN TNH HUNG

Kch bn 7-1: S dng Phm vi nhm
Bn l Qun tr ca min Windows Server 2003 ang hot ng ti Cp chc nng Windows 2000 Mixed. Min Windows 2003 ca bn, Consoto.com, c thit lp quan h tin cy vi min Windows NT 4, ACNA_north, trong ACNA_north l min c tin cy. Bn ang lp k hoch s dng cc nhm trong min ca bn v cn phi xc nh loi phm vi nhm no c th s dng trn bt c min no trong rng ca bn. Loi Phm vi nhm no bn c th s dng nh l cc i tng bo mt tha mn cc iu kin trn? a. Domain local b. Global c. Universal d. Domain local with a nested global group
Kch bn 7-2: To nhm s dng Dsadd.exe

Bn l Qun tr mng ang xy dng Active Directory trn mt mng mi c tn Fabrikam, Inc., v bn cn to i tng ngi dng cho 75 nhn vin ca phng Inside Sales. Bn to min Fabrikam.com v mt OU c tn Inside Sales cho mc ch ny. Phng nhn s cp cho bn mt bn danh sch cc nhn vin v yu cu bn to tn ti khon vi ch ci u ca tn gi v tn h. Mi ngi dng nht thit phi c gi tr Inside Sales trong thuc tnh Department v gi tr Fabrikam, Inc. trong thuc tnh Company. S dng tn u tin trong danh sch, Mark Lee, lm v d, cc nh dng cu lnh no sau y gip bn c th to c 75 i tng ngi dng c cc gi tr thuc tnh ng theo yu cu? a. dsadd "Mark Lee" company "Fabrikam, Inc." dept "Inside Sales" b. dsadd user CN=Mark Lee,CN=Inside Sales,DC=fabrikam,DC=com company Fabrikam, Inc. dept Inside Sales c. dsadd company "Fabrikam, Inc." dept "Inside Sales""CN=Mark Lee,CN=Inside Sales,DC=fabrikam,DC=com" e. dsadd user "CN=Mark Lee, CN=Inside Sales, DC=fabrikam, DC=com" company "Fabrikam, Inc." dept "Inside Sales"
-348-
LM VIC VI TI KHON MY TNH
CHNG 8: LM VIC VI TI KHON MY TNH

Trong hai chng trc, bn tm hiu k v cc i tng ca Active Directory nh ngi dng, nhm v OU, l cu trc logic cho php ngi dng truy nhp vo cc ti nguyn trn mng. Tuy nhin, cn c cc i tng ca Active Directory i din cho nhng ti nguyn c th, vt l v mt trong nhng i tng quan trng nht ny l Computer Object (i tng my tnh). Khng c i tng my tnh ngi dng vn c th c cc Cp php truy nhp vo cc ti nguyn nhng h li khng c c ch vt l cung cp truy nhp . Trong chng ny bn s tm hiu lm th no to v qun l cc i tng my tnh trn mng Active Directory. Sau khi hon thnh chng ny, bn c kh nng: M t qu trnh a thm my tnh vo min Active Directory To v qun l i tng My tnh Gii quyt s c ca Ti khon My tnh
- 349 -
TM HIU I TNG MY TNH (COMPUTER OBJECT)

Trong cu hnh mc nh ca Windows Server 2003 v tt c cc h iu hnh khc ca Windows, mt my tnh thuc v mt nhm lm vic (Workgroup). Nh bn tm hiu trong chng 6, cc my tnh thuc Nhm lm vic xc thc ngi dng bng ti khon c lu tr ti h thng cc b. Nu ngi dng mun truy nhp vo mt ti nguyn trn mt my tnh thucNhm lm vic th ngi phi c mt ti khon ngi dng trn my tnh , nh ch ra trong hnh 8-1. Thm ch, bn vn c th kt ni ti my tnh thuc Nhm lm vic thng qua mng, nhng mi h thng chu trch nhim bo mt v kim sot truy nhp ring ca mnh. Do , trn Nhm lm vic khng c bt c cu hi no v my tnh no m bn ang s dng bi v bn phi c xc thc s dng ti khon trn chnh my tnh ny.
Hnh 8-1 Lu tr ti khon ngi dng trongNhm lm vic Hu ht cc mng chy Windows c nhiu hn mt vi my tnh ngi ta khng s dng m hnh Nhm lm vic (Workgroup) m h s dng m hnh Min (Domain), c thc thi trong Windows Server 2003 nh Dch
- 350 -
v Th mc Active Directory.Trong Dch v Active Directory, ngi dng c ti khon trong mt Min thay cho ti khon trn nhng my tnh ring r. Ngi qun tr c th s dng ti khon min gn ngi dng truy nhp vo ti nguyn trn cc my tnh trn ton mng. Ti khon ngi dng min c lu tr ti th mc tp trung trn my ch c gi l My ch iu khin Min, ngi dng c th ng nhp vo Min t my tnh bt k trn mng v c xc thc bi My ch iu khin Min. Do mng Min Windows s dng th mc tp trung, vic theo di cc my tnh thc s, l mt phn ca Min, s c mt s ngha nht nh. lm c vic ny, Active Directory s dng Ti khon My tnh, trong nh dng ca i tng My tnh trong cy Active Directory (ch ra nh trong hnh 8-2). Bn c th c mt ti khon ngi dng Active Directory v mt khu hp l, nhng nu my tnh ca bn khng c biu din bng mt i tng My tnh th bn s khng th ng nhp vo Min. Cc i tng My tnh c lu tr ti phn cp Active Directory ging nh vic lu cc i tng Ngi dng hay i tng Nhm, chng c cng cc kh nng nh sau: Chng cha cc thuc tnh xc nh tn ca my tnh, ni m n nh v v ai l ngi c php qun l n. Chng k tha cc thit lp Chnh sch Nhm t cc i tng Cha nh l Min, Site v OU. Chng c th l thnh vin ca cc nhm Bo mt (Security Group) v nhm Phn Phi (Distribution Groups) v k tha cc Cp php ca cc i tng Nhm.
- 351 -
Hnh 8-2 Lu tr ti khon my tnh Min Active Directory. Khi mt ngi dng thc hin ng nhp vo Min Active Directory, my trm thit lp mt kt ni ti mt My ch iu khin Min xc thc nh danh ca ngi dng. Nhng trc khi xy ra vic xc thc ngi dng, hai my tnh thc hin chun b xc thc s dng cc i tng My tnh tng ng m bo l c hai h thng u l cc phn ca Min ny. Dch v Truy nhp Mng (NetLogon service) ang chy trn my trm kt ni ti cng dch v ny trn My ch iu khin Min v sau tng my kim tra li h thng kia c ti khon my tnh hp l cha. Khi s kim tra c hon tt, hai h thng thit lp mt knh kt ni bo mt m sau chng c th s dng bt u qu trnh xc thc ngi dng. S kim tra Ti khon My tnh gia my trm v My ch iu khin Min l qu trnh xc thc thc s dng tn ti khon v mt khu ng nh khi xc thc ngi dng Min. S khc nhau l ch mt khu c s dng bi ti khon my tnh c sinh ra mt cch t ng v c gi di dng n. Ngi qun tr c th khi to li (Reset) Ti khon My tnh nhng h khng phi cung cp mt khu cho chng. LU : H iu hnh Windows v cc i tng My tnh: Cc my tnh chy trn nn tng h iu hnh Windows NT nh Windows Server 2003, Windows XP, Windows 2000 v Windows NT h tr Min mt cch t nhin v lun c i din bi cc i tng My tnh trong Active Directory . Cc h iu hnh Window
- 352 -
trn nn tng MS-DOS gm c Windows Millennium Edition (Me), Windows 98 v Windows 95 c th tham gia vo Min thng qua vic ci t Active Directory my khch nhng chng s dng tn Min c ch ra trong khi ci t Active Directory trn my trm v khng c i tng My tnh cho cc my trm ni trn trong Min ny.
B SUNG THM MY TNH VO MIN

Ngi qun tr, ngoi vic to ti khon ngi dng v ti khon nhm trong Min, cng phi chc chn rng cc my tnh mng l mt phn ca Min. Vic b sung thm my tnh vo Min Active Directory bao gm hai bc sau: To ti khon my tnh Bn to ti khon my tnh bng cch to mt i tng My tnh mi trong Active Directory v gn tn ca n cho mt my tnh thc s trn mng. Kt ni my tnh vo Min Khi bn kt ni my tnh vo Min, h thng lin lc vi My ch iu khin Min, thit lp mt quan h tin cy vi Min, nh v (hoc to) i tng My tnh tng ng vi tn ca my tnh, sa nhn dng bo mt SID ca n ph hp vi i tng My tnh v chnh sa quan h thnh vin nhm ca n. Thc hin cc bc ny nh th no v ai thc hin chng, ph thuc vo vic cc my tnh c trin khai trn mng nh th no. C nhiu cch to i tng My tnh mi v lm th no ngi qun tr la chn lm vic ny ph thuc vo mt s cc yu t, gm s lng cc i tng h cn to, v tr ca cc i tng ny khi to v cng c g h thch dng. Ni chung, bn s to cc i tng My tnh khi bn trin khai cc my tnh mi trong Min. Khi mt my tnh c i din bi mt i tng My tnh v kt ni vo Min, bt c ngi dng no trong Min c th ng nhp vo t my tnh . V d, bn khng phi to i tng My tnh mi hoc kt ni li cc my tnh vo Min khi c nhn vin ri khi cng ty v nhn vin mi s dng cc my tnh ca h. Tuy nhin, nu bn ci li h iu hnh trn my tnh th bn phi to i tng My tnh mi cho n (hoc khi to li (Reset) Ti khon My tnh c) bi v my tnh ny s c m nhn dng bo mt (SID) khc sau khi ci t li. Vic kt ni mt my tnh mi vo Min lun c thc thi ti chnh my tnh bi ngi qun tr hoc bi ngi dng. Tuy nhin, vic to i tng My tnh c th xy ra trc hoc trong khi xy ra qu trnh kt ni.
- 353 -
Ngi qun tr thng chu trch nhim to i tng My tnh nhng ngi dng cui cng c th t to cc i tng ca h vi nhng iu kin nht nh. LU : Mc ch k thi Mc ch ca k thi 70-290 yu cu cc th sinh c kh nng To v qun l ti khon my tnh trong mi trng Active Directory.
TO I TNG MY TNH
Vic to i tng My tnh lun lun phi xy ra trc khi my tnh tng ng thc s c th kt ni vo Min, mc d n i khi khng xut hin theo cch . C hai chin lc c bn cho vic to i tng My tnh trong Active Directory: To cc i tng My tnh trc s dng cng c Active Directory, sao cho cc my tnh c th nh v cc i tng sn c khi chng gia nhp Min. Bt u qu trnh gia nhp Min trc v cho php my tnh ny t to cc i tng My tnh ca mnh. Trong mi trng hp, i tng My tnh lun xut hin trc khi s kin my tnh gia nhp min xy ra. Ti chin lc th hai, qu trnh gia nhp xut hin trc nhng my tnh s to ra i tng My tnh trc khi thc s bt u qu trnh gia nhp Min. Khi bn c mt s cc my tnh cn trin khai, c bit l nhiu v tr khc nhau, hu ht cc qun tr thch to cc i tng My tnh trc hn. i vi s lng my tnh ln thm ch c th thc hin qu trnh to cc i tng My tnh t ng bng cch s dng cc cng c dng dng lnh v cc file b (*.BAT). Trong cc phn tip theo ta s nghin cu cc cng c bn c th s dng to cc i tng My tnh. To cc i tng My tnh s dng Active Directory And Computers Cng nh i vi cc i tng Ngi dng v i tng Nhm bn nghin cu ti cc chng trc, tin ch chnh ca Windows Server 2003 to cc i tng My tnh l bng iu khin Active Directory Users And Computers, nh c ch ra trong hnh 8-3.
- 354 -
Hnh 8-3 Bng iu khin Active Directory Users And Computers to cc i tng My tnh ti Min Active Directory bng cch s dng bng iu khin Active Directory Users And Computers hay bt c tin ch no khc bn phi c cc Cp php thch hp cho i tng Cha s b tr cc i tng ny. Mc nh, nhm Administrators c Cp php to cc i tng ti bt k ni no trn Min v nhm Account Operators c Cp php c bit Create Computer Objects v Delete Computer Objects to v xo i tng My tnh ra khi i tng Cha Computers, cng nh l ra khi bt k OU mi no m bn to. Nhm Domain Admins v Enterprise Admins l thnh vin ca nhm Administrators, bi vy thnh vin ca cc nhm ny cng c th to cc i tng My tnh ti bt c ni no. Ngi qun tr cng c th u quyn iu khin i tng Cha cho cc ngi dng hay cc nhm nht nh cho php h to cc i tng My tnh ti cc i tng Cha ny. THNG TIN THM: Ngi dng bnh thng cng c php to mt s lng gii hn cc i tng My tnh. bit chi tit hn, xem Nhp My tnh vo Min ti phn sau ca chng ny. Qu trnh to mt i tng My tnh ti Active Directory Users And Computers tng t nh qu trnh to ngi dng hoc nhm. Bn chn i tng Cha m bn mun t i tng v chn thc n Action, tr ti New v chn Computer. Xut hin trnh hng dn New Object Computer, nh trong hnh 8-4.
- 355 -
Ti trang u ca trnh hng dn, bn c th cu hnh cc thuc tnh sau ca i tng My tnh : Computer Name Ch ra tn ca my tnh c di ti 63 k t, c gn cho i tng My tnh. Tn ny phi ng vi tn ca my tnh c kt ni vi i tng ny. Computer Name (PreWindows 2000) Khi bn nhp vo tn my tnh, 15 k t u xut hin trong trng ny. y l tn ca my tnh m cc my tnh trc Windows 2000 trn mng s dng. User Or Group Ch ra ngi dng v nhm c php nhp my tnh vo Min. Gi tr mc nh l nhm Domain Admins. thay i bm Change m hp thoi chun Select User or Group. Assign This Computer Account As A PreWindows 2000 Computer Chn hp chn ny nu my tnh gia nhp vo Min s dng i tng ny chy Windows NT 4.0. Assign This Computer Account As A Backup Domain Controller Chn hp chn ny nu my tnh gia nhp vo Min s dng i tng ny c chc nng nh My ch iiu khin Min D phng chy Windows NT 4.0 (Backup Domain Controller - BDC).
- 356 -
Hnh 8-4 Trnh hng dn New Object Computer Sau khi hon thnh trang ny, bm Next hin th trang Managed, ch ra ti hnh 8-5. Trn trang ny, bn c th ch ra liu my tnh c nh x ti i tng My tnh trn min l c th qun l c m bn s ci t s dng Dch v Ci t T xa (Remote Installation Services - RIS) hay khng. Nu bn chn hp chn ny, bn phi cung cp M nhn dng Duy nht Ton cc (Globally Unique Identifier - GUID) hoc M nhn dng Duy nht Tng hp (Universally Unique Identifier - UUID) cho my tnh ny.
- 357 -
Hnh 8-5 Trang Managed ca trnh hng dn New Object Computer Bm Next hin th trang Summary v bm Finish, trnh hng dn s to i tng My tnh trong i tng Cha chn. To i tng My tnh s dng Dsadd.exe Cng nh i vi ngi dng v nhm, bng iu khin Active Directory Users And Computers rt tin li cho vic to v qun l cc i tng n l, nhng rt nhiu ngi qun tr dng cc cng c dng dng lnh ca Active Directory trong Windows Server 2003 khi h phi to ng thi nhiu i tng. Tin ch Dsadd.exe cho php bn to cc i tng My tnh t dng lnh tng t nh vic to i tng Ngi dng v i tng Nhm trong cc chng trc. Bn c th to file b (*.BAT) ca lnh Dsadd.exe sinh ra ng thi cc i tng. C php c bn to mt i tng My tnh bng Dsadd.exe nh sau: dsadd computer ComputerDN [parameters] Tham s ComputerDN l Tn Phn bit (Distinguished Name) ca i tng My tnh mi bn mun to. DN s dng cng nh dng nh ti file CSV (Comma-Separated Value), nh chng ta tho lun trong chng 6.
- 358 -
Nu DN cha du cch th bn phi trong du ngoc kp (). Khi s dng Dsadd.exe mt cch tng tc t du nhc lnh bn s cung cp tham s ComputerDN theo mt trong cc cch sau: Bng cch g DN ngay trn dng lnh, phn tch nhau bi du cch. Bng cch dn nhp danh sch DN t dng lnh khc, nh Dsquery.exe. Bng cch b trng tham s DN, ti du nhc ca chng trnh bn c th g DN vo. n phm Enter sau mi DN , n Ctrl+Z v Enter sau DN cui cng. Bn cng c th b sung thm bt k mt tham s no sau y vo dng lnh Dsadd.exe, xc nh cc gi tr cho cc thuc tnh ca i tng My tnh: -samid SAMName Ch ra tn SAM (Security Accounts Manager) cho i tng My tnh, c cc h thng trc Windows 2000 s dng. -desc description Ch ra din gii cho i tng My tnh -loc location Ch ra v tr ca my tnh tng ng vi i tng My tnh -memberof GroupDN Ch ra DN ca mt hoc nhiu nhm m my tnh mi s tr thnh thnh vin. Bn cng c th b sung thm cc tham s -s, -u v -p ch ra My ch iu khin Min m lnh Dsadd.exe s chy trn , tn ngi dng v mt khu s c dng thc thi lnh ny, nh ch ra di y: {-s Server | -d Domain} -u UserName -p {Password | *} , Khi c du *, bn s c nhc nhp mt khu ti du nhc lnh. V d, to mt i tng My tnh c tn l webserver1 trong i tng Cha Computers, bn s s dng lnh sau: dsadd computer DC=com" "CN=webserver1, CN=Computers, DC=ACNA,
To i tng My tnh s dng Netdom.exe Netdom.exe l cng c dng lnh khc na m bn c th dng to i tng My tnh cng nh thc hin nhiu cc cng vic v ti khon Min
- 359 -
v cc tc v bo mt khc. Li ch ca vic s dng Netdom.exe thay cho Dsadd.exe l bn khng phi ch ra tn ca i tng My tnh bn mun to nh l DN. Lnh n gin sau to ra mt i tng My tnh trong i tng Cha Computers : netdom add webserver1 LU Netdom.exe Netdom.exe c sn trong Windows Server 2000, nhng n khng c ci cng vi h iu hnh. Bn c th ci Netdom.exe t Windows Support Tools bng cch chy Suptools.msi t folder Support\Tools trong a CD ci t Windows Server 2003. C php y ca Netdom.exe, khi bn s dng cu lnh ph add nh sau: netdom add computername [/Domain:DomainName] /UserD:User/PasswordD:UserPassword] [/OU:OUDN] Chc nng ca tham s ca dng lng nh sau: computername Ch ra Tn Ph bin (Common Name) ca i tng My tnh c to. /Domain:DomainName Ch ra tn Min m ti bn to i tng My tnh. Khi b qua, chng trnh to i tng ny trong Min m ngi dng hin thi ang ng nhp. /UserD:User Ch ra tn ca ti khon ngi dng m chng trnh s s dng to i tng My tnh. Khi b trng, chng trnh s dng ti khon ca ngi dng hin ang ng nhp. /PasswordD:UserPassword Ch ra mt khu tng ng vi ti khon ngi dng ch ta bi tham s /UserD. Tham s ny phi c khi dng lnh cha tham s /UserD. K t i din (*) c th c s dng nhc bn nhp mt khu. /OU:OUDN Ch ra DN ca OU ti ni m i tng My tnh s c to. Khi b trng, chng trnh to i tng trong i tng Cha Computers. Nhp my tnh vo Min Qu trnh nhp mt my tnh vo Min phi thc s xy ra ti chnh my tnh ny v c thc thi bi thnh vin ca nhm Administrators ca my tnh cc b. Sau khi ng nhp, bn nhp my tnh chy Windows Server
- 360 -
2003 vo Min t th Computer Name ti hp thoi System Properties (chy t biu tng System ti Control Panel), nh trong hnh 8-6.
Hnh 8-6 Th Computer Name trong hp thoi System Properties Trn my tnh khng gia nhp vo Min, Th Computer Name hin th tn gn cho my tnh trong khi ci t h iu hnh v tn ca Nhm lm vic m h thng hin ang thuc v ( l WORKGROUP theo mc nh). nhp my tnh vo Min bm Change hin th hp thoi Computer Name Changes (ch ra trong hnh 8-7).
- 361 -
Hnh 8-7 Hp thoi Computer Name Changes Ti hp thoi ny, hp Computer Name cho php bn thay i tn gn cho my tnh trong khi ci t. Ph thuc vo vic bn to i tng My tnh hay cha, cn nhc k cc kh nng phng sau: Nu bn mun nhp my tnh vo Min c i tng My tnh trong Active Directory, tn nhp vo ti hp ny phi ph hp chnh xc vi tn ca i tng tn ti. Nu bn d nh to i tng My tnh trong khi thc hin tin trnh nhp my tnh vo Min, tn ti hp ny phi cha tn ti trong Min. Tip theo, chn tu chn Domain v g tn ca Min m my tnh s kt ni ti v bm OK. Khi my tnh thit lp lin h vi My ch iu khin Min ca Min ny, xut hin hp thoi Computer Name Changes th hai, nh ch ra trong hnh 8-8, nhc bn cho vo tn ti khon v mt khu ca ti khon ngi dng min c Cp php nhp my tnh vo Min.
- 362 -
Hnh 8-8 Hp thoi xc thc Computer Name Changes LU : Giao tip vi My ch iu khin Min Nu bn nhn thy thng bo cho bn bit l my tnh khng th tm thy my ch iu khin min m bn ch ra, y thng l li cu hnh mng. Thng thng, l a ch my ch DNS ti cu hnh TCP/IP khng ng. Windows Server 2003 da vo H thng Tn Min (Domain Name System - DNS) tm my ch iu khin min v nu my tnh khng c kt ni ti my ch DNS gi tn min th giao tip vi my ch iu khin min khng th thc hin c. Khi bn c xc thc vi My ch iu khin Min, c mt thng bo vi ni dung cho n my tnh gia nhp vo Min v bn c ch dn khi ng li my tnh. Nhp my tnh vo Min s dng Netdom.exe Bn cng c th s dng tin ch dng lnh Netdom.exe kt ni my tnh ti Min. C php ca dng lnh nh sau: netdom join computername /Domain:DomainName [/UserD:User /PasswordD:UserPassword] [/UserO:User /PasswordO:UserPassword] [/OU:OUDN] [REBoot:seconds] Chc nng ca cc tham s dng lnh nh sau: computername Ch ra tn my tnh c kt ni. /Domain:DomainName Ch ra tn Min my tnh s kt ni ti.
- 363 -
/UserD:User Ch ra tn ti khon ngi dng min m chng trnh s s dng nhp my tnh vo Min. /PasswordD:UserPassword Ch ra mt khu tng ng vi ti khon ngi dng min ch ra bi tham /UserD. /UserO:User Ch ra tn ca ti khon ngi dng cc b m chng trnh s s dng truy nhp ti my tnh ny. /PasswordO:UserPassword Ch ra mt khu tng ng vi ti khon ngi dng cc b ch ra bi tham s /UserO. /OU:OUDN Ch ra DN ca OU m ti i tng My tnh s c to ra. Nu trng, chng trnh to i tng ti i tng Cha Computers. /REBoot:seconds Ch ra my tnh s t ng tt v khi ng li sau khi gia nhp Min. Bn cng c th ch thi gian tnh theo giy trc khi my tnh khi ng li. Gi tr mc nh l 20 giy. To i tng My tnh trong khi nhp my tnh vo Min Bn c th nhp my tnh vo Min cho d bn to i tng My tnh cho n hay cha. Khi my tnh xc thc vi My ch iu khin Min, My ch iu khin Min s qut CSDL Active Directory tm i tng My tnh cng tn vi my tnh ny. Nu khng tm thy i tng ph hp My ch iu khin Min s to i tng My tnh ti i tng Cha Computers dng tn do my d nh gia nhp Min cung cp. i vi i tng My tnh c to t ng theo cch ny, n s i hi ti khon ngi dng m bn ch ra khi kt ni ti My ch iu khin Min phi c quyn Khi to i tng (Create Object) ti i tng Cha Computers,v d nh l thnh vin ca nhm Administrators. Tuy nhin, khng phi lc no cng ng nh vy. Ngi dng min cng c th t to i tng My tnh ca h mt cch gin tip. Chnh sch Nhm ca My ch iu khin Min Mc nh (Default Domain Controllers Policy) gn Quyn Ngi dng Add Workstations To Domain cho nhm ng nht c bit Authenticated Users, nh trong hnh 8-9. iu ny c ngha l bt c ngi dng no xc thc thnh cng vi Active Directory s c quyn nhp ti 10 my trm vo Min v to 10 i tng My tnh tng ng, thm ch c khi h khng c quyn Create Object.
- 364 -
Hnh 8-9 Phn quyn ngi dng Default Domain Controllers Policy iu quan trong cn phi lu v Quyn Ngi dng Add Workstations To Domain, mc d vy, l Workstations l t c ngha nht. Ngi dng xc thc c th thm ti 10 my trm vo Min cn my ch th khng. iu ny c ngha my tnh phi chy Windows XP Professional, Windows 2000 Professional hoc mt trong nhng bn Active Directory my khch thp hn. Ngi dng xc thc khng th nhp my tnh chy Windows Server 2003 hoc Windows 2000 Server vo Min. Nhp vo Min trong khi ci t h iu hnh Mc d bn c th nhp mt my tnh Windows Server 2003 tn ti vo Min bt k lc no, bn cng c th thc hin nhp chng trong khi ci t h iu hnh. Khi trnh hng dn ci t Windows hin trang Workgroup Or Computer Domain, nh trong hnh 8-10, bn c th ch ra tn ca Min m my tnh s gia nhp. Bn c nhc vo ti khon ngi dng min v mt khu xc thc vi My ch iu khin Min v qu trnh gia nhp c din t trn.
- 365 -
Hnh 8-10 Trang The Workgroup Or Computer Domain ca trnh Hng dn Ci t Windows
nh v i tng My tnh
Mc nh, mi Min Active Directory mi c hai i tng Cha l Computers v Domain Controllers, nh ch ra trong hnh 8-11. Khi bn to Min bng cch thng cp My ch iu khin Min u tin, Trnh hng dn ci t Active Directory to ra hai i tng Cha ny v tip l to i tng My tnh cho My ch iu khin Min mi ti i tng Cha Domain Controllers.
- 366 -
Hnh 8-11 i tng Cha Computers v Domain Controllers trong Min Active Directory nh v i tng My tnh ca My ch iu khin Min i tng Cha Domain Controllers l mt i tng OU. Bn khng bao gi phi to i tng My tnh cho My ch iu khin Min bi v Trnh hng dn ci t Active Directory to v t chng vo OU Domain Controllers. i tng Cha ny phi l mt OU bi v c GPO p dng cho n c gi l Default Domain Controllers Policy GPO. GPO ny cha cc thit lp ca chnh sch ch yu cho vic bo mt ca My ch iu khin Min. Trong hu ht cc bn ci t Active Directory th i tng My tnh ca My ch iu khin Min vn ng ch c ca n. Nu bn mun di chuyn chng, bn phi m bo p dng chnh sch Default Domain Controllers Policy GPO cho OU mi c cha My ch iu khin Min hoc to mt GPO tng ng c cha cc thit lp dnh ring cho vai tr My ch iu khin Min. nh v cc i tng My tnh khc i tng Cha Computers l v tr mc nh cho tt c cc i tng My tnh khc m c to bng phng php t ng, nh l khi mt my tnh gia nhp Min v cha tn ti i tng My tnh tng ng vi n. S dng bng iu khin Active Directory Users And Computers, bn c th
- 367 -
to i tng My tnh ti mt i tng Cha bt k, qun l v di chuyn chng. C th, bn s thy rt l, l i tng Cha Computers khng phi l mt OU, n l mt trong cc i tng c bit, l loi i tng m lp i tng ny theo ngha en th ng l mt i tng Cha, cng nh cc i tng Cha Users, Builtin v Foreign- SecurityPrincipals. Nh bn tm hiu ti chng 6, bn khng th to hoc xo nhng i tng Cha ny v bn khng th p dng GPO cho chng. Do vy bn khng th trin khai cc thit lp chnh sch nhm cho cc i tng My tnh ct gi mt cch n gin. V l do ny, nn to t nht mt OU v di chuyn cc i tng My tnh t i tng Cha Computers ti . Nhiu mng Active Directory to ng thi cc OU cho cc i tng My tnh theo t chc hoc theo phn cp a l trong cy Active Directory hoc to cc i tng Cha ring r theo cc vai tr khc nhau m cc my tnh thc hin. V d, bn nn to mt OU cho my trm ca bn v mt lot cc OU cho cc My ch Thnh vin (Member Server). iu ny cho php bn trin khai mt GPO cha cc thit lp chnh sch cho tng OU, t to mt cu hnh h thng khc theo mi vai tr ca tng my tnh. Chuyn hng i tng My tnh Mc d bn c th to cc i tng My tnh trong i tng Cha Computers v di chuyn chng ti bt k v tr no m bn mun v bn cng c th cu hnh Windows Server 2003 t ng t cc i tng My tnh n to ra vo mt i tng Cha khc. Cch ny thng c s dng hn v n cho php bn t i tng My tnh mi vo OU thch hp trc khi my tnh thc s gia nhp Min. Vic ny m bo l my tnh c kim sot bi cc chnh sch p dng cho OU ngay sau khi my tnh gia nhp Min. chuyn hng i tng My tnh mi, Min ca bn phi s dng Domain functional level (Cp chc nng Min) Windows Server 2003 . M ca s du nhc lnh v t dng lnh chy tin ch Redircmp.exe, c cung cp cng vi Windows Server 2003, ch ra DN ca OU hoc i tng Cha khc bn mun t i tng mi vo, nh v d sau: redircmp ou=workstations,DC=ACNA,dc=com THNG TIN THM: bit chi tit hn v Cp chc nng Min (domain functional level) v lm th no chng nh hng n vic to v qun l cc i tng ca Active Directory, xem Tm hiu v cc Cp Chc nng Min ti chng 7.
- 368 -
QUN L CC I TNG MY TNH

Khi bn to cc i tng My tnh v nhp chng vo Min, bn c th qun l cc i tng v cc my tnh t bng iu khin Active Directory Users and Computers. Mt s cc chc nng qun l bn c th thc thi c m t phn sau.
CHNH SA CC THUC TNH CA I TNG MY TNH

Ging nh l tt c cc i tng trong Active Directory, i tng My tnh cng bao gm cc thuc tnh cha rt nhiu cc thng tin v h thng m i tng i din cho n. chnh sa cc thuc tnh ca i tng My tnh, bn chn n ti bng iu khin Active Directory Users and Computers v t thc n Action, chn Properties hin th hp thoi Properties ca i tng, nh ch ra trong hnh 8-12.
Hnh 8-12 A Hp thoi Properties ca i tng My tnh Hp thoi c 7 th: General Ti y, bn c th g vo din gii cho my tnh i din bi i tng ny. Cc hp khc (Computer Name [PreWindows
- 369 -
2000], DNS Name, v Role) cha cc thng tin c th c cung cp t ng khi my tnh gia nhp Min. Operating System Gm c tn, phin bn v mc ca gi dch v (service pack level) ca h iu hnh chy ang chy trn my tnh c i din bi i tng ny. Thng tin ny c cp t ng khi my tnh nhp vo Min. Khng c thc tnh no do ngi dng nh ngha ti th ny. Member Of Cho php bn ch ra nhm m i tng My tnh ny l thnh vin. Mc nh, tt c cc i tng My tnh mi khng phi l My ch iu khin Min c a vo nhm ton cc Domain Computers. Delegation Cho php bn gn cc dch v chy di Cp php ca ti khon my tnh gi cc yu cu dch v ti my tnh khc trn mng vi t cch mt ngi dng. Bn c th cho php i tng ny yu cu dch v bt k hoc to danh sch cc dch v c bit n c th yu cu, s dng ti khon u quyn khc. Location C cha hp m bn c th s dng xc nh v tr ca my tnh tng ng vi i tng ny. Managed By Cho php bn ch ra i tng ngi dng chu trch nhim qun l ca my tnh i din bi i tng ny. Khi bn lm nh vy, cc thuc tnh thch hp t ca i tng ngi dng chn s hin th trong th ny, nh trong hnh 8-13. Cc thng tin ny c ly mt cch ng t i tng ngi dng; ch c tn ca ngi dng l c lu tr nh l mt phn ca i tng My tnh. Dial-In Cho php bn ch ra gi tr cho cc thuc tnh kim sot truy nhp quay s t xa ti my tnh i din bi i tng ny, nh l s c php truy nhp hay b t chi v s s dng hay khng cc tnh nng nh l nh danh ngi gi (caller ID) v gi li (callback).
- 370 -
Hnh 8-13 Th Managed By trong hp thoi Properties ca i tng My tnh
XO , V HIU HO V KHI TO LI I TNG MY TNH

Di cc iu kin bnh thng, cc i tng My tnh khng i hi ngi qun tr bo tr v chm sc. Tuy nhin, trong mt s hon cnh ngi qun tr nn thao tc vi cc i tng My tnh, nh l trnh cho chng b s dng sai hoc tin hnh cc thay i cho ph hp vi my tnh vt l. Xa i tng My tnh Xo mt i tng My tnh trong bng iu khin Active Directory Users and Computers rt n gin, bn chn i tng ny v t thc n Action chn Delete. Sau khi bn xc nhn li thao tc ny th i tng b xo vnh vin. Tuy nhin, trc khi bn bt u xo i tng My tnh cn bo m l bn hiu rt r hnh ng ny ca bn. Cng nh vi cc i tng Ngi dng v Nhm, SID ca i tng My tnh m c gi tr duy nht cng b mt khi i tng b xo.Vic to mt i tng mi c cng tn v cng gi tr thuc tnh s khng to li cng SID nh c v bt c quyn v nhm no gn cho n ban u khi i tng b
- 371 -
xo cng u b mt khng th cu li c. Bi th bn khng nn xo cc i tng My tnh (hoc bt k i tng no, chnh v l do ny) tr khi bn hon ton chc chn l bn kkng cn li n chng. Bn c th trnh cho i tng b s dng thay bng cch khc l v hiu ho n. LI KHUYN Tch ri my tnh ra khi Min Khi mt my tnh b di chuyn ra khi Min bng cch nhp n ti mt nhm hoc mt Min khc, n s c gng xo i tng My tnh ca mnh. Nu my tnh khng th xo c i tng do vn trc trc v mng, do khng quyn hoc bt k l do no khc, ti khon ny vn cn trn Active Directory. N c th xut hin, ngay lp tc hoc t t, nh l b v hiu ho. Nu i tng ny l khng cn thit ti Min th n phi c xo th cng. V hiu ho i tng My tnh Nu bn d kin s t my tnh ri khi mng (offline) trong mt thi gian di, cch tt nht l ng xo n, hy v hiu ha (Disable) n. Mt nhng nguyn tc c bn nht ca bo mt l lu gi cc nh danh nhn dng cng t cng tt, cho php vic xc thc xy ra ch vi mt s lng ti thiu cc ti khon cn thit phc v cho c quan ca bn. Khi bn v hiu ho mt i tng My tnh, SID v tt tt c cc gi tr thuc tnh ca n vn cn nguyn vn, bi vy khi bn kch hot li i tng ny c th dng ngay m khng cn chnh sa. v hiu ho mt i tng My tnh, ti bng iu khin Active Directory Users And Computers, chn i tng ny v t thc n Action chn Disable Account. Xut hin du X mu ti biu tng ca i tng bo l n b v hiu ho, nh trong hnh 8-14. Khi i tng b v hiu ho, my tnh ny khng th thit lp knh bo mt ti Min. Ngi dng trc cha tng ng nhp vo my tnh, do s khng c cc thng tin ng nhp c lu tm trn my tnh s khng th ng nhp c cho ti khi bn thit lp li knh thng tin bo mt bng cch kch hot li ti khon ny.
- 372 -
Hnh 8-14 V hiu ho ti khon my tnh kch hot li i tng, s dng cng qui trnh nh trn v chn Enable Account t thc n Action. Reset (khi to li) i tng My tnh i khi ngi qun tr mun thay th mt my tnh trn mng nng cp phn cng hoc v cc l do khc, nhng vn mun s dng i tng My tnh ban u cng vi nhm v cc quyn c gn ca n. Khi mt my tnh gia nhp vo mt Min v tng ng vi mt i tng My tnh c th, bn khng th nhp mt my tnh khc vo cng i tng v bn cng khng th tch ri my tnh ra khi Min v nhp li mt my tnh khc c cng tn m khng cn to li i tng ny v khng b mt SID cng nh nhm v cc quyn tng ng. Mc d vy, bn vn c th s dng li cng i tng My tnh cho hai my tnh khc nhau bng cch khi to li (Reset) i tng ny. Vic khi to li mt i tng My tnh phi t li mt khu ca n nhng vn duy tr c tt c cc thuc tnh ca n. Bng cch t li mt khu, i tng ny c php dng li. Bt c mt my tnh no c t tn thch hp l c th gia nhp vo Min v s dng li c i tng . khi to li mt i tng My tnh ta s dng bng iu khin Active Directory Users
- 373 -
And Computers, chn i tng v t thc n Action chn tip Reset Account. Sau khi xc nhn li s xut hin hp thng bo tnh trng ti khon c khi to li thnh cng. Bn cng c th khi to li ti khon my tnh bng cch s dng tin ch dng lnh Netdom.exe. LU Mc ch k thi Mc ch k thi 70-290 i hi th sinh c kh nng Khi to li ti khon my tnh. Qun l my tnh t xa Ngoi cc thao tc vi cc i tng My tnh, bng iu khin Active Directory Users And Computers cng cho php bn truy nhp vo my tnh ca chnh n. Khi bn chn i tng My tnh v t thc n Action chn Manage s m ra bng iu khin Computer Management mi, tr ti my tnh c chn. Tip theo bn c th thc hin bt c chc nng chun no t bng iu khin ny vi my tnh chn (vi cc Cp php thch hp).
Qun l cc i tng My tnh bng dng lnh

Tt c cc cng vic qun l i tng My tnh m bn tm hiu trong cc phn trc cng c th s dng cc cng c dng lnh c trong Windows Server 2003. Phn trnh by sau y s kho st vic s dng cc cng c ny. Qun l thuc tnh ca i tng My tnh bng Dsmod.exe Cng c Dsmod.exe c th chnh sa cc thuc tnh ca i tng My tnh, cng ging nh i vi i tng ngi dng v i tng nhm. Ngoi ra, bn c th s dng Dsmod.exe v hiu ho, kch hot v khi to li i tng My tnh (nhng khng xa c chng). C php chnh sa li i tng My tnh ca cng c ny nh sau: dsmod computer ComputerDN [parameters] Chc nng ca cc tham s dng lnh nh sau: ComputerDN Ch ra DN ca i tng My tnh cn chnh sa. -desc Description Ch ra gi tr thuc tnh Description ca i tng My tnh. -loc Location Ch ra gi tr thuc tnh Location ca i tng My tnh. -disabled [yes|no] V hiu ho hoc kch hot i tng My tnh nh. -Reset t li mt khu ca i tng My tnh nh.
- 374 -
-s Server Ch ra tn ca My ch iu khin Min m chng trnh dng truy nhp ti i tng My tnh ny. Khi b trng th chng trnh mc nh tr ti My ch iu khin Min m ngi dng ang ng nhp. -d Domain Ch ra tn ca Min m i tng My tnh ang nh v trong . Khi b trng chng trnh s mc nh ly Min m ngi dng ang ng nhp. -u UserName Ch ra tn ca ti khon ngi dng chng trnh s s dng truy nhp vo Min. Khi b trng, chng trnh s mc nh ti khon ngi dng m h thng ang ng nhp. -p [Password | *] Ch ra mt khu ng vi ti khon ngi dng ch ra ti tham s -u . Nu c du hoa th (*), chng trnh dng li v nhc ngi dng nhp mt khu. v hiu ho ti khon my tnh, s dng dng lnh sau: dsmod computer CN=webserver1, CN=Computers, DC=ACNA, DC=com disabled yes khi to li ti khon my tnh, s dng dng lnh sau dsmod computer CN=webserver1, CN=Computers, DC=ACNA, DC=com Reset Xa i tng My tnh bng Dsrm.exe Dsmod.exe c th chnh sa i tng My tnh nhng khng xo chng c. xo i tng My tnh bn phi s dng tin ch Dsrm.exe. Bn cn ch ra DN cu i tng m bn mun xo ti dng lnh Dsrm.exe, s dng c php sau: Dsrm ObjectDN Khi bn xc nhn yu cu xo, chng trnh s xo i tng ny. Mt v d ca chng trnh Dsrm.exe nh sau: dsrm CN=webserver1,CN=Computers,DC=ACNA,DC=com
KHC PHC S C TI KHON MY TNH

Active Directory xem i tng My tnh nh l Ch th Bo mt (Sercurity Principal). iu ny c ngha l my tnh cng ging ngi dng l c cc thuc tnh nh tn, mt khu v SID, cho php n c a vo Danh sch Kim sot Truy nhp (ACLs) ca cc i tng khc. Cc ti khon my tnh v quan h bo mt gia cc my tnh v Min thng rt
- 375 -
mnh. Tuy nhin, ging nh cc ti khon ngi dng, cc ti khon my tnh i khi yu cu c bo tr v khc phc s c. Him khi gp tnh hung l mt ti khon hoc knh bo mt b b gy, cc du hiu ca li thng rt r rng. Cc du hiu ph bin ca s c ti khon my tnh nh sau: Thng bo lc ng nhp ch ra l khng th lin h c vi My ch iu khin Min, ti khon my tnh c th b mt hoc quan h tin cy (cch khc ch ti knh bo mt) gia my tnh ny v Min b mt. Mt v d thng bo li t my trm Windows XP, nh hnh 8-15. Thng bo li hoc ghi li cc s kin ch ra cc vn tng t hoc gi l mt khu, s tin cy, knh bo mt, hoc quan h vi Min hoc My ch iu khin Min b li. Ti khon my tnh trong Active Directory b mt.
Hnh 8-15 Thng bo ng nhp Windows XP ch ra c th ti khon my tnh gp s c LU Mc ch k thi Mc ch ca k thi 70-290 yu cu th sinh c kh nng khc phc s c ti khon my tnh v d on v gii quyt cc vn lin quan n cc ti khon my tnh bng cch s dng bng iu khin Active Directory Users and Computers. Nu mt trong cc tnh hung ny xy ra th bn phi khc phc s c Ti khon My tnh. Bn c hc phn trn l lm th no xa, v hiu ha, v khi to li ti khon my tnh v lm th no nhp c my tnh vo Min. Cc quy tc khc phc s c ti khon my tnh khi mt trong cc s kin xy ra nh sau: 1. Nu ti khon my tnh c trong Active Directory th bn phi khi to li n.
- 376 -
2. Nu ti khon my tnh b mt trong Active Directory th bn phi to li ti khon my tnh. 3. Nu my tnh vn thuc Min th bn phi di chuyn n ra khi min bng cch thay i quan h thnh vin ca n sang Nhm lm vic (Worrkgroup). Tn ca Nhm lm vic l khng quan trng. 4. Nhp li my tnh vo Min. Cch khc l nhp mt my tnh khc vo Min ny, nhng my tnh mi phi c cng tn nh ti khon my tnh. khc phc bt k s c no ca ti khon my tnh bn p dng tt c cc quy tc ny. Chng c th c tin hnh theo mt th t bt k, tr quy tc 4, nhp li my tnh vo Min phi lun l bc cui cng. Hai tnh hung di y minh ho vic s dng cc quy tc ny: Ngi dng phn nn l khi c y ng nhp, h thng xut hin thng bo li thng bo ti khon my tnh c th b mt. p dng quy tc 1, bn m Active Directory Users And Computers v tm thy ti khon my tnh trong Min. Bn khi to li i tng ny. Khng p dng quy tc 2 - i tng tn ti. Sau , s dng quy tc 3, bn tch ri h thng ny ra khi Min v theo quy tc 4, kt ni li n vo Min ny. Ti khon my tnh b khi to li do ri ro, v th quy tc 1 l c p dng. D cho vic khi to li l ngu nhin, bn vn phi tip tc cu li bng cch p dng ba quy tc cn li. Quy tc 2 khng p dng do i tng My tnh tn ti trong Min. Theo quy tc 3 v 4, tch my tnh ra khi Min v sau nhp li.
- 377 -
TNG KT
ngi dng ng nhp vo Min Active Directory, h khng ch cn c i tng Ngi dng, m cn phi c c i tng i din cho my tnh ca h. i tng My tnh i din cho mt h thng c th trn mng v cha cc thng tin thuc tnh v h thng. Cc i tng My tnh c chc nng nh l Ch th Bo mt . Bn c th a chng vo cc nhm v gn cho chng cc Cp php. thm my tnh vo Min, bn phi to i tng My tnh cho n trong Active Directory v sau kt ni my vt l vi Min. i tng My tnh c th c to trc hoc trong tin trnh kt ni. Bn phi ng nhp vi t cch nh l thnh vin ca nhm Administrators cc b thay i quan h thnh vin Min ca my tnh. to i tng My tnh bn c th s dng bng iu khin Active Directory Users And Computers, tin ch Dsadd.exe hoc Netdom.exe. Nhm Administrators v Account Operators c quyn to i tng My tnh mi v bn cng c th u quyn thch hp ti ngi dng v nhm khc. i tng My tnh m khng ng vai tr l My ch iu khin Min mc nh c t ti i tng Cha Computers . Bn khng th p dng chnh sch nhm cho i tng Cha ny, bi vy cc i tng My tnh thng c t ti OU thay cho vic t ti v tr mc nh ny. nhp mt my tnh vo Min, bn s dng th Computer Name ti hp thoi System Properties hoc dng tin ch Netdom.exe. Nu i tng My tnh ca my tnh cha tn ti th khi bn tin hnh nhp n vo Min th h thng s to ra i tng ny (gi thit l bn c cc Cp php cn thit to n.) S dng bng iu khin Active Directory Users and Computers, tin ch Dsmod.exe v Dsrm.exe, bn c th qun l cc thuc tnh ca i tng My tnh cng nh xo, v hiu ho v khi to li chng. i tng My tnh c M nh danh Bo mt - SID m Active Directory s dng ch dn n cc quan h thnh vin nhm ca n v cc Cp php khc. Vic b xo ngu nhin l nguyn nhn lm cho SID ca n b mt khng cu li c, bt buc bn phi to li
- 378 -
cc Cp php. Phi cn thn khi xo i tng My tnh, thay vo hy v hiu ha chng v ta c th kch hot li chng m khng mt thng tin. Cc bc chnh gii quyt s c ca i tng My tnh bao gm vic to hoc khi to li i tng, loi b my tnh khi Min v nhp li n vo Min.
- 379 -
BI TP THC HNH
Bi tp thc hnh 8-1: To i tng My tnh s dng Active Directory Users And Computers
Trong bi tp thc hnh thc hnh ny, bn to i tng My tnh mi s dng bng iu khin Active Directory Users and Computers. 1. ng nhp vo My ch iu khin Min Windows Server 2003 vi t cch l Administrator. 2. Bm Start, tr ti Administrative tools v chn Active Directory Users And Computers. Xut hin Bng iu khin Active Directory Users And Computers. 3. Chn Computers i tng Cha v thc n Action tr ti New v chn Computer. Xut hin New Object Computer trnh hng dn. 4. Ti hp Computer Name , g Computer1 v tip theo chn Next. 5. Bm Next v sau bm Finish. i tng My tnh ca Computer1 xut hin trong Computers i tng Cha.
Bi tp thc hnh 8-2: To i tng My tnh s dng Dsadd.exe

Trong bi tp thc hnh ny, bn to i tng My tnh mi s dng tin ch Dsadd.exe. 1. ng nhp vo My ch iu khin Min Windows Server 2003 vi t cch l Administrator. 2. Bm Start chy Command Prompt. Xut hin du nhc lnh. 3. Ti du nhc, g lnh sau (vi xx l s hiu ca bn) v nhn Enter: dsadd computer "CN=Computer2, CN=Computers, DC=ACNAxx, DC=com" desc "Mark Lee's Workstation" 4. Bm Start, tr ti Administrative tools v chn Active Directory Users And Computers. Xut hin bng iu khin Active Directory Users And Computers. 5. Chn i tng Cha Computers . Xc nhn l i tng My tnh ca my tnh Computer2 xut hin trong i tng Cha v c din gii Description l Mark Lees Workstation trong th General ca hp thoi Properties ca i tng.
- 380 -
Bi tp thc hnh 8-3: V hiu ho v kch hot i tng My tnh

Trong bi tp thc hnh ny, bn s v hiu ho v kch hot li i tng My tnh s dng Bng iu khin Active Directory Users And Computers. 1. ng nhp vo My ch iu khin Min Windows Server vi t cch l Administrator. 2. Bm Start, tr ti Administrative tools v chn Active Directory Users And Computers. Xut hin Bng iu khin Active Directory Users And Computers. 3. Chn i tng Cha Computers . Sau chn i tng My tnh Computer1 bn to bi tp thc hnh 8-1 v ti thc n Action chn Disable Account. Xut hin thng bo ca Active Directory nhc bn xc nhn li lnh. 4. Bm Yes. Xut hin thng bo khc xc nhn l i tng Computer1 b v hiu ho. 5. Bm Yes. Biu tng Computer1 xut hin cng vi du X mu . 6. Chn li i tng My tnh ca my tnh Computer1 v ti thc n Action chn Enable Account. Xut hin thng bo ca Active Directory cho bn bit l i tng c kch hot. 7. Bm Yes. Biu tng Computer1 xut hin khng c du X mu na.
CC CU HI N TP
1. Ti thiu cn phi l thnh vin ca nhm no c th to c ti khon my tnh Windows Server 2003 trong mt OU ca Min? Cn nhc tt c cc bc x l v gi thit l i tng My tnh ca h thng ny cha tng tn ti trong Active Directory. (Chn tt c cc cu tr li ng.) a. Domain Admins b. Enterprise Admins c. Administrators trn My ch iu khin Min d. Account Operators trn My ch iu khin Min e. Server Operators trn My ch iu khin Min f. Account Operators trn my tnh ny
- 381 -
g. Server Operators trn my tnh ny h. Administrators trn my tnh ny 2. Cc cng c dng lnh no sau y c th to c i tng My tnh trong Active Directory? a. Dsmod.exe b. Dsrm.exe c. Netdom.exe d. Dsadd.exe e. Net.exe 3. Trn nn Windows no sau y c kh nng nhp mt i tng My tnh vo Min Active Directory? a. Windows 95 b. Windows NT 4 c. Windows 98 d. Windows 2000 e. Windows Me f. Windows XP g. Windows Server 2003 4. Khi bn m hp thoi Properties ca i tng My tnh trong Bng iu khin Active Directory Users And Computers, bn pht hin ra rng khng c thuc tnh no c hin th trong th Operating System. Cc nguyn nhn no lm cho cc thuc tnh ny b vng mt? 5. Sau mt thi k di, cng ty ca bn to Min th hai. Tun cui cng, mt s cc my tnh m tng trong Min ca bn c chuyn ti Min mi. Khi bn m Active Directory Users And Computers th i tng ca my tnh ny vn Min ca bn v xut hin biu tng X m . Vic thch hp tip theo l g? a. Kch hot i tng ny b. V hiu ho i tng ny c. Khi to li i tng ny d. Xo i tng ny
- 382 -
6. Ngi dng thng bo l khi tin hnh ng nhp, anh y nhn c thng bo tnh trng my tnh khng th lin h c vi Min v My ch iu khin Min b tt hoc ti khon my tnh c th b mt. Bn m Active Directory Users And Computers v pht hin ra l ti khon ca my tnh b mt. Cc bc bn nn lm l g? 7. Mt ngi dng thng bo l khi tin hnh ng nhp, anh y nhn c thng bo tnh trng my tnh khng th lin h c vi Min v My ch iu khin Min b tt hoc ti khon my tnh c th b mt. Bn m Active Directory Users And Computers v nhn thy ti khon xut hin bnh thng. Cc bc bn nn lm l g?
CC KCH BN TNH HUNG

Kch bn 8-1: Khi to li i tng My tnh
Ti Windows Server 2003 Min ACNA.com, bn c i tng My tnh ca mt My ch Thnh vin (Member Server) c tn l Pserver01 trong OU c tn l Pservers. i tng ny i din cho my ch Print server b rt mng trong thi gian di v khng lin h c vi my tnh khc trong Min chp nhn lnh in. Bn xc nh l mt khu ca ti khon my tnh trong Min cn phi c khi to li. Lnh no bn c th s dng khi to li chnh xc ti khon my tnh ny? a. dsmod CN=pserver01, DC=com Reset CN=PSERVERS, DC=ACNA,
b. dsmod computer pserver01.ACNA.com Reset c. dsmod ACNA\pserver01 Reset d. dsmod computer CN=pserver01, DC=ACNA, DC=com Reset CN=PSERVERS,
Kch bn 8-2: Khc phc s c i tng My tnh

Sau khi thc hin bo tr cc my tnh vn phng chi nhnh ti pha ng vo cui tun, ngi dng phn nn gp trc trc ng nhp. Bn kim tra cc nht k s kin ca my tnh ti chi nhnh ny, thy ghi li nh sau:
- 383 -
Dng nh c vn vi ti khon my tnh. Ch ra ti cc bc no sau y bn nn thc hin gii quyt vn ny, theo ng trt t. a. Xo ti khon my tnh. b. Khi to li ti khon ngi dng. c. Nhp my tnh vo Nhm lm vic. d. V hiu ho ti khon my tnh. e. Khi to li ti khon my tnh. f. Kch hot ti khon my tnh. g. To ti khon my tnh mi. h. Nhp my tnh vo Min.
- 384 -
PHN 3
QUN L V DUY TR CC NGUN TI NGUYN CHIA S
- 385 -
CHIA S CC TI NGUYN H THNG FILE
CHNG 9: CHIA S CC TI NGUYN H THNG FILE

Mt trong nhng l do chnh ca s tn ti cc mng d liu l kh nng chia s cc file cho nhiu ngi s dng trn cc my tnh khc nhau. Trn mt mng nh, chia s file thng l mt tin trnh thng thng c thc hin bi ngi s dng u cui, tnh cht bo mt t c ch ti. Tuy nhin, trn mt mng ln, m c bit l trong cc t chc thng xuyn vn hnh vi cc d liu nhy cm. Ngi qun tr mng cn m bo rng cc file cn thit c chia s, m bo chng phi c bo v trnh nhng ph hy do yu t khch quan hoc ch quan v ch nhng ngi no c xc thc mi c th lm vic vi chng.Trong chng ny, chng ta s im li cc ni dung v cc yu cu chia s file cho nhng ngi s dng mng mt cch hiu qu v an ton. Hon thnh chng ny bn c kh nng: To/qun l cc th mc chia s v lm vic vi cc Cp php chia s S dng cc Cp php truy cp NTFS kim sot qu trnh truy cp n cc file Qun l vic chia s file bng Microsoft Internet Information Services
386
TM HIU V CC CP PHP
Cp php l mt trong nhng khi nim c bn trong qu trnh qun tr h thng trn h iu hnh Windows Server 2003. Ni cch khc, Cp php l mt c n c gn cho mt thc th xc nh nh mt ngi s dng, nhm hoc my tnh chng hn nhm cho php thc th ny hnh thnh mt hnh ng xc nh hoc truy cp ti mt ti nguyn c th. Windows Server 2003 v tt c cc h iu hnh Windows khc s dng cc Cp php theo mt lot cc phng php khc nhau kim sot truy cp ti cc thnh phn khc nhau trn h iu hnh. Windows Server 2003 c nhiu loi Cp php, trong ni bt l cc Cp php c lit k di y. Mi loi Cp php ny c phn bit hon ton vi nhau mc d chng c th c cp cho cng cc thnh phn h thng. Cc Cp php trn file: c s dng kim sot vic truy cp ti cc file v th mc trn cc a NTFS. Tt c cc ngi dng u s dng cc Cp php ny truy cp ti cc file v th mc NTFS, bt k h ang lm vic trn mng hoc trn my tnh cha d liu. Cc Cp php chia s: c s dng kim sot vic truy cp ti cc file/folder/my in c chia s. c th truy cp n cc ti nguyn chia s ny, cc ngi dng phi c cc Cp php nht nh. Cc Cp php Active Directory: c s dng kim sot vic truy cp ti cc i tng ca dch v Active Directory. Ngi dng phi c mt s Cp php nht nh c th ng nhp vo Min v truy cp ti cc ti nguyn trn mng. Ngi qun tr cn c cc Cp php cao hn nhm duy tr cc c tnh ca cc i tng v cu trc cy Active Directory. Cc Cp php registry: c s dng kim sot vic truy cp ti cc kha ca registry. c th thay i cc kha ny, ngi qun tr cn c cc Cp php tng ng. Trong s cc Cp php ni trn, mt s cn c s duy tr nhiu hn so vi nhng ci cn li. Mt ngi qun tr mng thng thng c th lm vic vi cc Cp php trn file mi ngy nhng s khng bao gi thay i bng tay cc Cp php registry. Trong cc chng 6,7 v 8 bn c hc v cc Cp php Active Directory nhm cho php ngi qun tr
387
CHIA S CC TI NGUYN H THNG FILE (Administrator) to v qun tr cc i tng nh: ngi dng, nhm v my tnh chng hn. Trong nhiu trng hp, cc Cp php Active Directory c chuyn giao mt ln cho cc nhm qun tr c th v khng cn phi iu chnh li tr phi c s ti c cu li cu trc t chc doanh nghip ca bn.
Danh sch Kim sot Truy cp (ACL)

Chc nng ca cc Cp php ni trn da trn khi nim Danh sch iu khin Truy cp (Access Control List - ACL). Hu ht cc thnh phn ca Windows bao gm cc file, cc ti nguyn chia s, cc i tng ca Active Directory v cc kha ca registry u c mt ACL. ACL thc cht l mt danh sch cc Cp php nhm xc nh xem ai c Cp php truy cp v truy cp n mc no. ACL ca mt thnh phn xc nh bao gm cc Mc vo Kim sot Truy cp (Access Control Entry - ACE). Mt ACE xc nh tn ca Ch th Bo mt ( c th l ngi dng, nhm hoc my tnh c gn Cp php) v cc Cp php xc nh c gn cho ch th . CH : Vy cc ACL c t u? Ngi qun tr h thng cn phi hiu rng ACL lun lun c i km vi cc thnh phn c kim sot ch khng phi i km vi cc Ch th Bo mt. V d, mt th mc trn a NTFS c mt ACL cha danh sch cc ngi dng hay nhm c Cp php truy cp ti th mc . Nu bn xem c tnh ca mt i tng c th, bn s khng th tm thy danh sch cc th mc m i tng c php truy cp. y chnh l mt im quan trng khi bn khi bn di chuyn cc thnh phn gia cc v tr khc nhau hoc sao lu chng ra mt thit b lu tr khc. Di chuyn cc file t mt a NTFS ti mt a FAT, s lm cho cc Cp php b mt i do h thng file FAT khng cha cc ACL. Lm vic trn cc ACL l kh n gin do tt c cc Cp php trn h iu hnh Windows Server 2003 u s dng mt giao din ging nhau. Tt c cc thnh phn h thng c bo v bng cc Cp php u c hp thoi Properties cha th Security, nh c ch ra trong hnh v 9-1. Trong hp thoi ny, phn trn hin th danh sch cc ACE ( chnh l cc ch th bo mt) cn phn di xc nh cc Cp php tng ng c cp cho cc ACE pha trn. Bn c th thm v xa cc ACE khi cn v xc nh cc Cp php c cho php hoc cm cho tng ACE.
388
Hnh 9-1: Th Security trong hp thoi Properties
Cc Cp php
Cc Cp php trong cc ACE c thit k nhm cung cp cho vic kim sot truy cp mt cch tp trung cho cc thnh phn m chng cung cp. Khi bn gn Cp php truy cp n mt th mc cho mt ngi dng, vic truy cp khng ch n thun l C hay Khng. Bn c nhiu la chn cho php xc nh mc truy cp m ngi dng nhn c. Mi Cp php ca h thng Cp php c lit k trn u c mt danh sch cc Cp php ring r nhm xc nh cc loi ti nguyn m chng kim sot. Khi to mt ACE, bn la chn mt ch th bo mt sau la chn cc Cp php ring l m bn nh gn cho i tng . V d, cc Cp php NTFS cho php bn xc nh mt ngi dng c kh nng c cc file trong mt th mc nhng khng c php thay i chng hoc bn cng c th cp nhiu Cp php hn so vi nhu cu ca anh ta. Ty thuc vo ti nguyn bn ang lm vic, bn c th c hng t cc Cp php khc nhau, bn c th kt hp chng theo bt k cch no m bn thch. Trong mt s trng hp, s lng cc Cp php chnh xc c th lm cho ngi qun tr ACL cm thy phc tp. n gin ha vn ny, Windows Server 2003 s dng 02 mc Cp php: cc Cp php Chun v Cp php c bit. Cc Cp php Chun l cc Cp php m bn nhn thy trong th Security trong hp thoi Properties. y l cc Cp php m bn c th lm vic hng ngy do chng cung cp iu khin c bn ti thnh phn c bo v. Tuy nhin, cc Cp php Chun l s kt hp ca hai hay nhiu Cp php c bit (bn c th c thm v vic s dng cc Cp php c bit ny
389
CHIA S CC TI NGUYN H THNG FILE nh th no trong chng ny). truy cp n cc Cp php c bit, bn kch chut vo nt Advanced trong Th Security, hin th hp thoi Advanced Security Settings nh trong hnh v 9.2.
Hnh 9-2: Hp thoi Advanced Security Settings Trong hp thoi ny, bn c th kim sot qu trnh truy cp ti mt ti nguyn vi mc tp trung cao hn bng cch la chn t mt danh sch y cc Cp php c bit trong hp thoi Permission Entry (xem hnh 9-3 bit thm chi tit). iu ny thng khng cn thit trn mt mng thng dng, nhng mt s cc thit lp v Cp php mc nh c Windows Server 2003 to ra trong sut tin trnh ci t h iu hnh li da trn cc Cp php c bit ny.
Hnh 9-3: Hp thoi Permission Entry CH : Bn lm vic vi tt c cc h thng Cp php trn Windows Server 2003 theo cng mt phng php, ngoi tr cc Cp php Chun v c bit c th khc nhau ty thuc vo ti nguyn m bn cn bo v.
390
Tnh k tha
Mt trong nhng c tnh quan trng ca cc h thng Cp php trn Windows Server 2003 l cc i tng con s tha hng cc Cp php t i tng cha. Cc Cp php lun lun i theo mt dng chy da trn tnh cht phn cp ca h thng file, kin trc phn cp ca dch v Active Directory hay cu trc ca registry. Khi bn gn Cp php truy cp n mt th mc NTFS hoc chia s, mt i tng Active Directory hoc kha registry cho mt i tng bo mt no , i tng ny cng s nhn c cc Cp php ging ht khi truy cp n cc th mc con bn trong th mc NTFS hoc chia s, cc i tng con bn trong i tng Active Directory hoc cc kha con bn trong mt kha xc nh. V d, bn gn Cp php cho mt ngi dng ti th mc gc ca a NTFS iu c ngha rng ngi dng s nhn c cc Cp php ging ht trn tt c cc file v th mc con nm trn a . Trong hu ht cc trng hp, s k tha Cp php c u im to ln l trnh cho ngi qun tr phi cung cp cc Cp php ring bit cho tng th mc con, tng i tng trn dch v Active Directory hoc cc kha. Trong thc t, i vi hu ht cc nh qun tr mng, u im tip theo c tnh n ca tnh k tha l ng dng chng khi thit k cu trc dch v th mc, chia s trng thi v cc cy Active Directory. Tuy nhin, trong mt s trng hp s k tha ny l khng cn thit v loi b tnh cht mc nh ny chng ta c hai phng php: Tt tnh nng k tha: khi bn lm vic trn cc Cp php c bit, bn c th iu khin cc Cp php m bn gn cho mt thnh phn xc nh c c cho mt s hoc tt c cc thnh phn con bn trong k tha hay khng. Cm cc Cp php: tt c cc h thng Cp php u cho php bn ngn cm mt Cp php c th i vi mt i tng xc nh. iu ny s ngn cn Cp php k tha m i tng nhn c t cc i tng cha.
Cc Cp php Hiu dng

Cc i tng c gn Cp php thng l cc ngi dng, nhm hoc my tnh, v vy rt d xy ra trng hp mt i tng s nhn c cc Cp php khc nhau t cc ngun khc nhau v trong mt s trng hp cc Cp php ny l xung t vi nhau. V l do ny m c mt s chnh sch cho php xc nh xem cc Cp php m i tng nhn c t cc ngun
391
CHIA S CC TI NGUYN H THNG FILE khc nhau tng tc vi nhau nh th no. Tt c cc Cp php m mt i tng nhn c mt cch ring r thng qua tnh k tha v thnh vin nhm u l cc thng s u vo cho cc lut ny. Chng c nhim v kt hp cc Cp php ny li v to nn cc Cp php Hiu dng ca ngi dng. Cc lut to nn cc Cp php Hiu dng ca cc i tng bao gm: Cc Cp php cho php (Allow) l tch ly: tt c cc Cp php cho php c gn cho mt i tng c kt hp to nn cc Cp php nh hng ca i tng . V d, mt ngi dng no c gn Cp php truy cp ton quyn (Full Control) n mt th mc trn a NTFS. Tuy nhin lc ny ngi dng cng ang l thnh vin ca mt nhm c Cp php truy cp ch c (readonly) trn th mc ny. Ngoi ra, ngi dng cn tha hng Cp php read v write t th mc cha ca th mc ni trn. Trong trng hp ny tt c cc Cp php ca ngi dng bt k l c gn hay tha hng t bt k ngun no cng s c kt hp li. Cc Cp php ngn cm (Deny) loi b cc Cp php cho php (Allow): cc Cp php deny m mt i tng nhn c s loi b tt c cc Cp php allow bt k t ngun no. V d, nu mt ngi dng nhn c Cp php truy cp ton quyn ti mt th mc thng qua tnh k tha v ng thi cng nhn c Cp php truy cp ton quyn thng qua c ch thnh vin nhm. Tuy nhin Cp php m bn to ra nhm ngn chn ngi dng ny truy cp ti th mc ni trn s ghi tt cc Cp php tha hng t th mc cha v nhm. V vy trong trng hp ny, Cp php Hiu dng ca ngi dng l khng c php (Deny) truy cp ti th mc ny. Cc Cp php gn ring r c mc u tin cao hn cc Cp php k tha: khi mt i tng bo mt k tha cc Cp php t i tng cha hoc thng qua nhm, bn c th loi b cc Cp php ny bng cch gn trc tip cc Cp php khc nhau cho chnh i tng . Cc Cp php k tha tun theo lut cn cc Cp php gn ring r nm ngoi lut . V vy, cc Cp php cho php gn ring r s loi b cc Cp php k tha ngn cm.
CC TH MC CHIA S
Khi bn ang ngi vo mt my tnh s dng h iu hnh Windows Server 2003, bn c th truy cp n cc file v th mc trn cc a ca n t
392
CHIA S CC TI NGUYN H THNG FILE mn hnh giao din (hay cn gi l bng iu khin h thng System Console) vi gi thit bn c cc Cp php thch hp. Bn cng c th cho php cc ngi dng trn mng truy cp ti cc file v th mc trn my tnh ca bn, nhng lm c iu trc ht bn phi to mt chia s nhm xc nh nhng g m h c th truy cp. THNG TIN THM Bn c th to ra hai loi chia s trn cc my tnh s dng h iu hnh Windows: cc chia s trn h thng file v cc chia s my in. Trong chng ny bn s c lm quen vi cc chia s trn h thng file. Vic to cc chia s my in s c cp trong chng 10. Tnh nng to ra cc chia s trn Windows Server 2003 c da trn hai dch v c chy trn mi my tnh Windows: dch v Workstation (dch v my trm) v dch v Server (dch v my ch). Hai dch v ny c thc hin bi hai module: Client For Microsoft Networks v File And Printer Sharing For Microsoft Networks. C hai module ni trn u xut hin trong hp thoi Local Area Connection Properties ca tt c cc giao din mng c ci t trn my tnh (xem hnh v 9-4). Dch v Server chu trch nhim to ra cc ti nguyn chia s sn sng trn mng cn dch v Workstation cho php cc my tnh khc truy cp ti nhng ti nguyn ny. CH Workstations v Servers Mc d cc tn ny c nhiu phin bn khc nhau nhng Windows l mt h iu hnh ngang hng (peer-to-peer) c ngha l mi my tnh u c kh nng hot ng c c ch my trm ln my ch. Thm ch cc my tnh khng s dng h iu hnh c tn Server trn vn c th chy dch v Server.
393
Hnh 9-4: Hp thoi Local Area Connection Properties
Cc chia s dng qun tr

Trc khi bn to ra cc chia s trn h iu hnh Windows Server 2003, c mt s chia s mc nh. Mc nh, tin trnh ci t Windows Server 2003 to ra cc chia s sau nhm mc ch qun tr (xem hnh 9-5):
Hnh 9-5: Cc chia s qun tr trong snap-in Shared Folders Cc chia s a Mi a trn my tnh u c mt chia s qun tr mc nh ti mc gc. Chia s ny s c t tn da theo k t a vit hoa v k t $ (v d C$). K t ny lm cho chia s khng c hin th trong My Network Places mc d vn c th truy cp chng trc tip bng cch s dng snap-in Shared Folders trong MMC bng vic to mt shortcut hoc s dng Windows Explorer. Mc nh nhm Administrators (nhm qun tr) c gn Cp php Full Control cho cc chia s ny. Cc Cp php ny l khng th thay i hay xa c.
394
CHIA S CC TI NGUYN H THNG FILE Admin$ Th mc gc h thng (mc nh n c ng dn l C:\Windows) t ng c chia s vi tn Admin$. y cng l mt chia s n, n cho php cc thnh vin ca nhm Administrators truy cp y ti th mc gc h thng m khng cn bit chnh xc v tr ca chng. IPC$ Mt chia s c to ra nhm cung cp qu trnh truy cp t xa ti cc Named Pipe trn my tnh. y l mt phn ca b nh c s dng chuyn thng tin t mt tin trnh ny sang mt tin trnh khc. Chia s ny l cn thit d thc hin cc cng vic qun tr my tnh t xa qua mng. Ngoi ra, Windows Server 2003 cn to ra cc chia s qun tr khc khi bn ci t cc thnh phn xc nh: Print$ Khi bn ci t mt my in c chia s u tin trn my tnh, Windows Server 2003 to ra mt chia s n ti th mc <Systemroot>\System32\Spool\Drivers vi tn l Print$. Chia s ny cho php cc h thng khc trn mng truy cp ti cc trnh iu khin my in c ci t tn my tnh. Cc nhm Administrators, Print Operators, Server Operators c Cp php Full Control i vi chia s ny. Nhm ng nht c bit Everyone ch c Cp php Read. Faxclient Khi bn ci t dch v Fax trn my tnh, Windows Server 2003 t ng to ra mt chia s ti th mc C:\WINDOWS\system32\clients\faxclient c tn l faxclient. Chia s ny cho php cc ngi dng trn mng truy cp n phn mm fax dnh cho my trm. Nhm ng nht c bit Everyone c Cp php Read trn chia s ny. FxsSrvCp$ Khi bn ci t dch v Fax trn my tnh, Windows t ng to ra mt chia s n ti th mc C:\Document and Settings\All Users\Application Data\Microsoft\Windows NT\MSFax\Common Coverpage vi tn chia s l FxsSrvCp$. Chia s ny cho php cc my khch fax truy cp ti cc trang c lu trn my ch. Nhm Administrators c Cp php Full Control (ton quyn) trn chia s ny trong khi nhm ng nht c bit Everyone ch c Cp php Read. SYSVOL Khi bn nng cp mt my tnh Windows Server 2003 thnh mt DC (My ch iu khin Min), h thng s chia s th mc <Systemroot>\SYSVOL\sysvol v t tn n l SYSVOL. My ch iu khin Min s dng chia s ny lu tr cc GPO
395
CHIA S CC TI NGUYN H THNG FILE (Group Policy Object chnh sch nhm) v cc script (kch bn), chng s c nhn bn n cc my tnh khc thuc Min. Cc nhm Administrators v Authenticated Users (nhm nhng ngi s dng c xc thc) c Cp php Full Control trn chia s ny trong khi nhm c bit Everyone ch c Cp php Read. NETLOGON Khi bn nng cp mt my tnh Windows Server 2003 thnh mt My ch iu khin Min, h thng s chia s th mc Systemroot\SYSVOL\sysvol\<tn Min>\SCRIPTS v t tn n l NETLOGON. y l mt chia s c to ra nhm to tnh tng thch ngc cho cc h iu hnh mng trc y. My ch iu khin Min s dng chia s ny nhm cung cp chc nng c bn ging nh SYSVOL cho cc My ch iu khin Min Windows NT4. Nhm Administrators c Cp php Full Control (ton quyn) trn chia s ny trong khi nhm c bit Everyone ch c Cp php Read. CH Cc chia s n Bn cht n ca cc chia s qun tr khng gii hn cc chia s xc nh khc. Bn c th n bt k chia s no bng cch s dng k t $ ti cui ca tn chia s. N khng ngn nga ngi s dng truy cp ti cc chia s, n ch ngn khng cho chng hin th trong Windows Explorer.
Chun b cho qu trnh to cc th mc chia s

to mt h thng file chia s, bn phi c cc quyn sau: Trn My ch iu khin Min: trn my ch iu khin Min, to cc th mc chia s, bn phi l thnh vin ca nhm Administrators hoc Server Operators. Do cc nhm Enterprise Admins v Domain Admins l thnh vin ca nhm Administrators nn cc nhm ny cng c th to cc th mc chia s. Trn My ch thnh vin hoc my trm gia nhp min: to cc th mc chia s trn my ch thnh vin hoc my trm thuc Min, bn phi l thnh vin ca nhm Administrators, Server Operators hoc Power Users. Trn nhm lm vic hay my c lp: to cc th mc chia s trn mt my tnh khng phi l thnh vin ca mt Min, bn phi l thnh vin ca nhm Administrators hoc Power Users.
396
CHIA S CC TI NGUYN H THNG FILE Trn a NTFS: Nu th mc m bn nh chia s trn a NTFS, bn phi ng nhp vo my tnh vi ti khon c t nht Cp php Read rrn th mc . Cng nh nhiu cc cng vic khc trn Windows Server 2003, bn c th to cc th mc chia s theo nhiu cch. Trong phn sau s cung cp mt s cc cng c gip bn to v qun tr cc th mc chia s. CH Mc ch ca k thi Mc ch ca k thi 70-290 yu cu hc vin c th "cu hnh truy cp ti cc th mc chia s"
To th mc chia s bng Windows Explorer

Phng php thng dng nht l s dng Windows Explorer la chn th mc cn chia s sau thc hin chia s chng. Bn c th chia s bt k th mc no trn bt k a no ca my tnh. Khi ngi s dng trn mng duyt cc th mc chia s, chng s xut hin nh cc th mc ring bit nhng khng c li ch thch. Tr phi bn ni vi ngi s dng, cn h khng th bit c cc th mc chia s nm trn a no hoc v tr ca chng. chia s th mc trong Windows Explorer, nhp chut phi vo n v la chn Sharing And Security hin th hp thoi nh trn hnh v 9-6. bn cng c th truy cp ti hp thoi ny bng cch la chn mt th mc ri chn theo ng dn File -> Properties -> Sharing.
Hnh 9-6: Th Sharing trn hp thoi Properties ca folder Khi bn la chn Share This Folder, bn s thc hin cng vic kch hot cc iu khin khc trong th Sharing cho php cu hnh cc tham s sau:
397
CHIA S CC TI NGUYN H THNG FILE Share Name (tn chia s): Xc nh tn hin th trn mng ca th mc chia s. Mc nh, tn ca th mc xut hin trong hp vn bn nhng bn c th t bt c tn no vi chiu di cho php ln ti 80 k t. Trng ny l bt buc. Description (m t): cho php bn cung cp cc thng tin thm v th mc chia s nh: mc ch ca th mc chia s, ni dung ca n hoc bt k thng tin khc. Trng ny l khng bt buc. User limit (gii hn ngi s dng): cho php bn xc nh c bao nhiu ngi c kh nng kt ni ti th mc chia s ti cng mt thi im. c tnh ny gip bn ngn nga tnh trng cc ti nguyn h thng b qa ti do c qu nhiu ngi s dng truy cp ng thi. Permissions (Cp php truy cp): cho php bn xc nh ai c Cp php truy cp n th mc chia s v mc truy cp. bit thm chi tit v vn ny xem phn qun l cc Cp php chia s trong chng ny. Offline Settings (cc thit lp v c ch lm vic khng kt ni): c cho php ngi s dng mng lu tr tm thi ni dung th mc chia s trn my tnh ca h hay khng. bit thm chi tit v vn ny, xin xem phn iu khin lu tr khng kt ni trong chng ny. Mt khi bn hon tt vic cu hnh cc tham s trong th Sharing, nhp OK to th mc chia s. xc nhn th mc c chia s, bn c mt vi phng php bao gm: Trong Windows Explorer, phn My Computer th mc c chia s s c biu tng hnh bn tay m ra.
398
Trong Windows Explorer, phn My Network Places, mt biu tng th mc chia s s xut hin trn my tnh m bn to n.
Lc ny, cc ngi dng trn mng c th truy cp n th mc chia s v cc file/th mc bn trong n nu h c Cp php truy cp thch hp.
Chia s a bng cch s dng Windows Explorer

Bn c th to ra mt chia s cho a c th bng cch s dng Windows Explorer nhng tin trnh thc hin c khc i cht so vi thng thng do s tn ti ca chia s qun tr trn mi a. Khi bn la chn a trong Windows Explorer v nhp vo th Sharing, bn s thy mt giao din nh hnh v 9-7.
399
Hnh 9-7: Mt a chia s y, bn c th thy la chn Share This Folder c la chn v tn ca chia s qun tr xut hin trong hp vn bn Share Name. Nu bn mun gn Cp php truy cp cho ngi s dng nhng khng mun xung t vi tnh bo mt ca chia s qun tr, bn phi to ra mt chia s th hai ti mc gc ca a. thc hin cng vic ny, bn nhp New Share hin th hp thoi New Share nh hnh v 9-8.
Hnh 9-8: Hp thoi New Share Trong hp thoi ny, bn xc nh mt tn mi chia s, m t v n, gii hn s lng ngi s dng, cc Cp php chia s ging nh bn to mt th mc chia s lc trc. Khi bn nhp vo OK, chia s mi c to ra v c a vo hp danh sch s Share Name trong th Sharing. By gi bn c th la chn bt k chia s mc gc no t hp lit k th phc v cho cng tc qun tr. Bt k bn la chn chia s no th n cng c kim sot bi cc thng s: gii hn v ngi s dng, Cp php v cc thit lp v c ch khng kt ni.
To th mc chia s bng cch s dng snap-in Shared Folders

S dng Windows Explorer l mt phng php thun tin to cc th mc chia s nhng n cng c mt nhc im: bn ch c th to ra cc chia s khi bn ang lm vic trn chnh my tnh . Bn khng th la
400
CHIA S CC TI NGUYN H THNG FILE chn cc th mc trn cc my tnh khc v chia s n. Tuy nhin, Windows Server 2003 cho php bn thc hin iu nh cng c Shared Folders, mt dang snap-in MMC. Snap-in Shared Folders c tch hp vo trong mn hnh qun tr Windows Server 2003 nh trn hnh v 9-9. Bn cng c th to mt mn hnh qun tr MMC ty bin cha Shared Folders v bt k snap-in no m bn mun. Nhp vo th mc con Shares ca snap-in s hin th mt danh sch cc chia s hin ti trn my tnh k c nhng chia s n khng hin th trong Windows Explorer.
Hnh 9-9: Snap-in Shared Folders CH Qun l cc chia s t xa qun tr mt my tnh khc trn mng, la chn biu tng Computer Management (Local), tip theo trn thc n Action la chn Connect To Another Computer. Nhp tn my tnh m bn mun qun tr v nhp OK. Sau , bn c th to v qun tr cc chia s trn my tnh khc nh th bn ang lm vic trn my tnh . to mt chia s mi la chn th mc con Shares v trn thc n Action la chn New Share khi to Trnh hng dn Share A Folder. Trnh hng dn ny bao gm 03 trang: Folder Path (ng dn th mc) xc nh ng dn ti th mc m bn mun chia s
401
Name, Description, And Settings (tn, m t v cc thit lp) xc nh tn v m t dnh cho chia s. Bn cng c th nhp Change cu hnh cc thit lp khng kt ni cho chia s.
Permissions (cc Cp php) la chn Cp php m bn mun gn cho th mc chia s.
402
CHIA S CC TI NGUYN H THNG FILE Kt thc Trnh hng dn, h thng s a chia s mi vo danh sch.
To mt h thng file chia s bng cch s dng Net.exe

Windows Server 2003 cho php bn to chia s t ch dng lnh bng cch s dng chng trnh net.exe vi cu lnh con share. C php cu lnh nh sau: net share <tn chia s>=< a>:\<ng dn> [<cc tham s>] Cc tham s m bn c th a vo trong cu lnh bao gm: /grant:<i tng bo mt>, [read|change|full] gn cho mt i tng bo mt Cp php Read (c), Change (thay i) hoc Full Control (ton quyn iu khin) i vi th mc chia s. /users:<s lng> xc nh s lng ln nht ngi s dng c th truy cp ng thi n th mc chia s. /unlimited khng hn ch s lng ngi s dng truy cp n th mc chia s. /cache:[manual|documents|programs|none] cu hnh cc thit lp khng kt ni dnh cho th mc chia s. V d di y minh ha vic to mt th mc chia s Documents nm trong th mc C:\Docs v gn cho nhm Users Cp php Read: net share documents=c:\docs /grant:users. read
QUN L CC TH MC CHIA S
Khi bn to cc h thng file chia s, bn c th qun l chng bt c lc no vi Windows Explorer, bng cch s dng th Sharing ca hp thoi Properties m bn s dng chia s. Bn cng c th la chn chia s trong snap-in Shared Folders khi trong thc n Action, la chn Properties hin th hp thoi trn hnh 9-10.
403
Hnh 9-10: Hp thoi Properties ca th mc chia s Hn na, c th thay i cc c tnh chia s c thit lp trong qu trnh to chia s chng hn nh gii hn ngi dng hoc miu t, bn cng c th cu hnh cc tnh nng c m t trong cc phn di y.
Kim sot lu tr khng kt ni ( offline)

Bo mt thng l mt vn quan trng i vi h thng chia s d liu. Bn mun cc file lu trn th mc chia s lun lun sn sng i vi nhng ngi s dng thch hp v ch nhng ngi dng m thi. Ngi qun tr c th dng cc Cp php kim sot ai s l ngi c th truy cp n cc th mc chia s nhng anh ta khng th lm nh vy i vi cc file ang c s dng. Mt phng n cho php khc phc tnh trng ny l gii hn tnh nng Offline Files (cc file ch khng kt ni) ca ngi dng truy cp ti cc chia s. Khi bn nhn vo la chn Offline Settting trong hp thoi Properties ca chia s, bn s thy hp thoi nh trn hnh v 9-11. y bn c th la chn cc my tnh trm khi truy cp vo chia s c c php lu thng tin vo b nh m thng qua tnh nng Windows Offline Files hay khng.
404
Hnh 9-11: Hp thoi Offline Settings Trn Windows Server 2003, Microsoft Windows XP, v Microsoft Windows XP, Offline Files l c ch nhm duy tr mt phin bn ca cc file nm trn my tnh ca ngi s dng khi h truy cp trn mng. Nu lin kt mng ca cc my trm ti my ch b mt hay t, ngi dng vn c th tip tc lm vic vi cc phin bn ny ca cc file. Khi kt ni c thit lp li, my trm s cp nht nhng thay i trn phin bn offline ln phin bn gc ca cc file nm trn th mc chia s. Vn pht sinh vi cc file offline l cc phin bn nm trn my tnh cc b khng c Cp php bo v nh cc file gc nm trn th mc chia s. Cc file nhy cm mc d c bo v cn mt trn th mc chia s nhng khi c lu tr ti cc my trm li khng c bo v t no. La chn trong hp thoi Offline Settings s cho php ngi qun tr quyt nh c cho php cc my trm lu cc phin bn offline ca cc file hay khng vi tnh nng Offline Files. La chn ny c miu t nh sau: CH : S dng Net.exe Bn cng c th cu hnh cc thit lp offline t dng lnh, bng cch s dng chng trnh Net.exe vi cu lnh con share. Cc thng s dng lnh tng ng vi cc la chn trong hp thoi Offline Settings c lit k di y. Only The Files And Programs That Users Specify Will Be Available Offline (Ch cc file v chng trnh m ngi s dng xc nh mi c th dng offline): cho php ngi dng la chn ti liu v cc chng trnh c lu tr offline trn cc my trm ca ngi s dng. Cc tham s dng lnh cho Net.exe l /cache:manual All Files And Programs That Users Open From The Share Will Be Automatically Available Offline (Tt c cc file v chng trnh m ngi s dng m t th mc chia s s t ng offline)
405
CHIA S CC TI NGUYN H THNG FILE T ng lu tt c ti liu chia s offline trn cc my trm ca ngi s dng. nh du chn ti hp kim tra Optimized For Performance s t ng ghi vo b nh m tt c cc chng trnh dng thc thi ni b trn my trm. Cc tham s dng lnh cho Net.exe l /cache:documents v /cache:programs. Files And Programs From The Share Will Not Be Available Offline (Cc file v chng trnh trn th mc chia s s khng c dng c ch offline) Ngn khng cho tt c cc ti liu v cc file thc thi c lu tr offline trn my trm. Cc thng s dng lnh tng ng cho Net.exe l /cache:none.
Cng b cc th mc chia s trong Active Directory

Khi bn nhn th Publish trn hp thoi Properties ca th mc chia s trong snap-in Shared Folders (xem hnh 9-12), th ny s cho php bn cng b cc th mc chia s trn Active Directory. Cng b cc th mc chia s trn Active Directory khng c ngha l lu chng trong c s d liu ca Active Directory m n s to ra mt i tng th mc chia s tr n v tr thc s ca th mc ny trn mng. Khi th mc chia s c cng b, ngi dng c th tm kim n trn Active Directory bng cch s dng ngay cng c Active Directory Users and Computers.
Hnh 9-12: Th Publish trong hp thoi Properties ca th mc chia s cng b mt th mc chia s trn Active Directory, bn cn la chn hp kim tra Publish This Share In Active Directory v cung cp tn ca ngi s hu th mc chia s . Bn cng c th cung cp cc t kha miu t
406
CHIA S CC TI NGUYN H THNG FILE ni dung i tng chia s nhm tng tnh hiu qu ca qu trnh tm kim thng tin.
Qun l cc Cp php chia s

Nh cp trong chng trc, cc i tng chia s u c cc h thng Cp php ring cho php ai c php truy cp chng. xc nh Cp php cho cc th mc chia s, bn c th dng mt trong cc giao din sau: Trong Windows Explorer, m hp thoi Properties ca th mc v nhn Permissions trong phn th Sharing. Trong snap-in Shared Folders, m hp thoi Properties ca th mc chia s v chn th Share Permissions. CH : Mc tiu ca k thi Mn thi 70-290 yu cu hc vin c th "qun l cc Cp php chia s th mc" Bt k bn dng phng php no, bn u thy giao din nh trn hnh 913.
Hnh 9-13: Th Share Permissions trong hp thoi Properties ca th mc chia s H thng phn Cp php cho cc chia s l mt trong nhng h thng n gin nht trong Windows Server 2003. Trong trng hp ny, khng c s phn bit gia cc Cp php Chun v Cp php c bit m ch c 3 Cp php n gin nh sau:
407
CHIA S CC TI NGUYN H THNG FILE Read (c): Ngi dng c th hin th tn th mc, tn file, ni dung file v cc thuc tnh. Ngi dng cng c th thc thi cc file chng trnh (v d cc file .exe, .com,.) v truy cp ti cc th mc khc trong th mc chia s. Change (Thay i): Ngi dng c th to cc th mc, thm file vo th mc, thay i ni dung ca file, thm d liu vo file, thay i thuc tnh file, xa th mc v file cng nh thc hin cc hot ng cho php trn Cp php Read. Full Control (Ton quyn iu khin): ngi dng c th thay i cc Cp php truy cp file, chim Cp php s hu file v thc hin mi cng vic cho php trn Cp php Change. thit lp cc Cp php truy cp, nhp vo Add, la chn i tng bo mt (nh ngi dng, nhm hoc my tnh) ri xc nh cc Cp php m bn cho php hay ngn cm i vi cc i tng . Bn c th chn cc i tng c sn trong danh sch Group Or User Names thay i cc Cp php theo mun. S dng cc Cp php chia s Cc Cp php chia s l mt dng ca iu khin truy cp nhng ch cung cp mt cch hn ch kh nng bo v cho cc file chia s. Mt vi hn ch ca cc Cp php chia s bao gm: Phm vi b gii hn: cc Cp php chia s ch p dng cho cc truy cp ti file v folder qua mng. Cc Cp php chia s ny khng ngn chn c kh nng truy cp ca ngi s dng khi h lm vic ngay trn my tnh cha th mc ny hoc truy cp n my tnh bng cc cng c khc nh: Web, FTP, Telnet v cc ng dng Terminal Server. Thiu tnh mm do: Cc Cp php truy chia s khng c tnh mm do. Chng ch cung cp mt phng tin chia s n gin vi ba la chn, c ng dng cho mi file v th mc bn di th mc chia s. Bn khng th thay i Cp php chia s cho cc th mc hoc file c th bn trong th mc chia s. Khng th sao chp: cc Cp php chia s khng th sao chp bng dch v sao chp file (FRS - File Replication Service) Khng c tnh phc hi: Cc Cp php chia s khng th sao lu c hoc phc hi khi xy ra mt mt d liu.
408
CHIA S CC TI NGUYN H THNG FILE D mt: Cc Cp php chia s s b mt khi bn di chuyn hay i tn th mc ang chia s. Khng kim sot (Audit): Bn khng th cu hnh s kim sot da trn cc Cp php chia s. u im duy nht ca cc Cp php chia s l n gin ha h thng v chng lun sn sng i vi mi h thng file c Windows Server 2003 h tr. Trong a dng h thng file FAT, cc Cp php chia s l cch duy nht qun l s truy cp vo a. Trong cc mng nh vi t cc yu cu bo mt, Cp php chia s c th l mt gii php chp nhn c. Tuy nhin trong hu ht cc trng hp, ngi qun tr mng s la chn cc Cp php linh hot v mnh m hn c cung cp bi h thng file NTFS. Nu bn la chn gii php ny, cn ch n cc im sau: H thng Cp php chia s s vn c bt k bn c dng NTFS hay khng H thng Cp php chia s l hon ton c lp i vi h thng Cp php NTFS C hai h thng Cp php ny u c th p dng trn cng mt i tng. Do , cch tt nht s dng Cp php NTFS qun l truy cp l cho tt c ngi s dng (c bit n thng qua nhm Everyone) Cp php Full Control trn tt c cc th mc chia s. iu ny s trnh mi xung t gia hai h thng Cp php. Ngha l bn nn s dng mt trong hai Cp php ni trn qun l file nhng khng nn dng ng thi c hai. Nu khng dng cch ny, Cp php Hiu dng ngi dng nhn c l s kt hp Cp php ca c hai h thng. V d nu bn gn Cp php chia s c (Read) v Cp php NTFS l ton quyn iu khin (Full Control) cho nhm Users th tng hp li ngi s dng s ch nhn c cc gii hn do Cp php chia s cung cp. iu ny, cng vi s phc tp khi tha k, thnh vin nhm, cc Cp php b t chi c th s gy nn mt cn c mng. Mt trong nhng nguyn nhn thng thng nht i vi vic truy cp h thng file chia s l xung t gia Cp php chia s v Cp php NTFS. Khi gii quyt cc vn nh th ny, cn kim tra c hai loi Cp php chc chn ngi dng nhn c Cp php truy cp ti file h cn.
409
CHIA S CC TI NGUYN H THNG FILE THNG TIN THM: Li ch v kh nng ca h thng Cp php NTFS s c miu t chi tit phn sau ca chng ny. Cp php chia s mc nh Tt c cc h iu hnh windows trc y cho n Windows 2000, khi to ra mt th mc chia s mi mc nh Cp php Full Control s c gn cho tt c ngi dng (Everyone). iu ny khin cc chia s c l m toang theo quan im bo mt, d dng hn cho ngi qun tr khi ln k hoch cc Cp php NTFS, nhng gy kh khn cho nhng ngi mun dng cc Cp php chia s. K t Windows XP tr i , cc Cp php mc nh cho cc file chia s c thay i. Windows XP v Windows 2003 Server gn Cp php Read cho nhm ng nht c bit Everyone v trao Cp php Full Control cho nhm qun tr Administrators . iu ny c ngha nu mun dng cc Cp php NTFS kim sot truy cp, bn phi nh thay i bng cch gn Cp php Full Control cho nhm Everyone.
To chin lc cho h thng file chia s

Chin lc n gin nht cho h thng file chia s l chia s th mc gc ca cc a (volume) trn mi my tnh trn mng. Tuy nhin c hai l do khin y l mt phng php ti: Gy nhm ln: Khi ngi dng gp cc chia s khc nhau th hin cho cc a trn cc my tnh khc nhau, s rt kh khn cho h tm ra u l file m h mun tm. Ngi dng c th phi tm kim qua mt vi h thng khc nhau trc khi h c th xc nh ng v tr file cn tm. Thm ch vi mt a ln duy nht, chia s t th mc gc c th dn ti cu trc th mc ln v phc tp. Bo mt: chia s ton b a, c bit l cc a h thng s cho php ngi dng c Cp php truy cp ti rt nhiu file v th mc m h khng nn nhn thy. Ngi dng thng thng khng cn truy cp ti cc file h thng v ng dng trn cc my tnh khc, h c th gy h hng nu v tnh xa mt mt file hay th mc cn thit. Gii php cho vn ny l to chia s i vi th mc xc nh ch khng phi trn c a. Trn thc t, snap-in Shared Folders s hin th mt hp thoi cnh bo khi bn c gng chia s mt a no v l do bo mt. Cc file thng c truy cp qua mng l cc file ti liu v d liu. Do , bn nn t chc cc cu trc th mc trn h thng sao cho cc ti liu v
410
CHIA S CC TI NGUYN H THNG FILE cc file chia s c lu trn th mc c tn ring v to cc Cp php chia s trn cc th mc ny. Chia s cc a di ng Mt ngoi l i vi chin lc trn l khi bn chia s file trn cc a di ng nh: CD-ROM, DVD-ROM hay cc bng. Khng c g ngn cn bn thc hin cng vic chia s mt th mc trn cc a ny nhng cn nh rng chia s s ch c hiu lc khi a hoc bng lu th mc nm trong . Chia s gc ca cc ny cho php bn hon i cc phng tin theo mun m vn m bo tnh sn sng ca th mc chia s. Lng cc chia s Nh c cp trn, bn c th chia s bt k th mc no trn a, thm ch c cc th mc nm trong cc th mc c chia s. V d: bn c th chia s a D vi tn chia s D, sau to ra mt th mc chia s khc D:\docs vi tn chia s Docs. Hai i tng ny c th c cc Cp php truy cp khc nhau. Tuy nhin bn cn nh rng mc d cc th mc chia s lng vo nhau trn Windows Explorer nhng i vi ngi dng trn mng th chng vn l hai i tng chia s ring bit v hon ton c lp. Hn na, cc Cp php cho hai i tng cng ring bit. V d nh nu bn gn cho ngi dng Cp php Full Control trn D v ch cho Cp php Read trn Docs, s gii hn Cp php truy cp trn th mc D:\docs qua i tng Docs khng nh hng ti Cp php iu khin ton b ca h khi truy cp ti th mc dng i tng D.
S DNG CC QUYN NTFS

Windows 2003 Server h tr hai h thng file chnh: FAT v NTFS. H thng file FAT c pht trin t h iu hnh MS-DOS cung cp cc chc nng c bn nhng c rt t cc tnh nng dnh cho lu tr trn mng. Thun li duy nht khi s dng cc a FAT l bn c th khi ng my tnh bng a khi ng MS-DOS v vn c th truy cp c ti chng. H thng file NTFS c gii thiu u tin trn Microsoft Windows NT 3.1 bao gm mt s cc tnh nng thun tin cho ngi qun tr mng. Tnh nng quan trng nht m NTFS mang li l cho php bn cung cp cc Cp php mt cch chi tit n tt c cc file v th mc trn a. CH : Mc ch ca k thi: Mc ch ca mn thi 70-290 yu cu hc vin c th "cu hnh H thng cp php file"
411
CHIA S CC TI NGUYN H THNG FILE Mi file v th mc trn a NTFS c mt ACL cha cc ACE, lit k cc i tng bo mt c gn Cp php trn cc file/th mc . Khi ngi dng truy cp ti mt file hoc th mc, h thng s so snh th truy cp b mt ca ngi s dng (cha cc nhn dng bo mt (SIDs) ca ti khon ngi dng) vi cc SID trong cc ACE ca ACL (cc SID ny l ca cc nhm m ngi dng l thnh vin). Mt khi ngi s dng c xc thc, Cp php truy cp ti file/folder s c cp. So vi Cp php chia s c cp trong chng trc, Cp php NTFS c rt nhiu u im bao gm: Phm vi (scope): cc Cp php NTFS p dng trn file v th mc bt k phng php m n c truy cp. Ngi dng truy cp cc b hay kt ni qua mng bng bt c phng tin no u b qun l bi cc Cp php ging nhau. Tnh linh hot (Flexibility): NTFS cung cp mt danh sch di cc Cp php c bit, chng c th kt hp li vi nhau to nn cc Cp php chun, u c th p dung cho bt c file/folder no trn a. ng thi NTFS cho php iu khin ton b thng qua tnh k tha Cp php. Tnh sao chp (replication): Cp php NTFS c sao chp bi FRS. Tnh gi nguyn trng thi (resilience): khi sao lu hay khi phc d liu trn mt a, cc Cp php NTFS cng c nh km. V vy bn khng phi lo lng v vic sa cha li cc Cp php NTFS khi c s c xy ra. Khng thay i (Less fragile): Cp php NTFS s khng b mt nu bn di chuyn hay i tn file/folder c cc Cp php ang p dng (min l file hay th mc vn nm trn cng NTFS) Kh nng kim nh (Audit): bn c th gim st v ghi li qu trnh truy cp ti cc file/folder NTFS ca cc i tng bo mt. Lm vic vi cc Cp php NTFS phc tp hn nhiu so vi Cp php chia s, nhng vi cc tnh nng bo v m n em li th NTFS thc s l mt cng c tuyt vi cho ngi qun tr mng.
Qun tr cc Cp php NTFS chun

Hu nh ngi qun tr mng u lm vic vi cc Cp php NTFS chun v n cung cp tnh linh hot kim sot truy cp ti cc file/folder chia s. Trong Windows Explorer, mi file v th mc trn a NTFS u c
412
CHIA S CC TI NGUYN H THNG FILE hp thoi Properties vi th Security nh trn hnh 9-14, bn c th dng thit lp cc Cp php NTFS chun cho file/folder cng nh truy cp ti cc Cp php iu khin phc tp hn c tho lun phn di ca chng ny.
Hnh 9-14: Th Security ca mt th mc NTFS. CH : Qun tr NTFS t xa Windows Explorer c kh nng cu hnh cc Cp php NTFS cho bt c file hay th mc no trn mng min l ngi s dng c cc c quyn ph hp. iu ny tri ngc vi Cp php chia s ca Windows Explorer, ch dng c trong cc h thng file cc b. Qu trnh gn cc Cp php NTFS chun cho file/folder tng t nh vic gn cc Cp php chia s. Bn phi chn i tng chia s trong danh sch "Group Or User Names" hay nhp "Add" thm i tng bo mt mi. Tip theo bn phi la chn cc hp kim tra Allow (cho php) hay Deny (cm) trn cc Cp php m bn mun cung cp cho i tng trong hp Permissions. Cc Cp php NTFS chun v cc cng vic m bn c th thc hin c vi cc Cp php c lit k trn bng 9-1. CH : Cc Cp php trn file/folder C mt s khc bit nh gia Cp php c gn mt file v th mc. Cp php List Folder Contents (lit k ni dung th mc) khng p dng cho file.
413
CHIA S CC TI NGUYN H THNG FILE Bng 9-1: Cc Cp php NTFS chun Cp php Khi gn cho mt th mc, Khi gn cho mt file, cho NTFS cho php ch th bo mt: php ch th bo mt: chun Read Xem cc file v cc th mc con trong th mc . Xem ch s hu, cc Cp php v cc c tnh ca th mc. Read and Excute Cho php i qua cc th mc b ngn cn ti cc file v th mc khc. Cho php thc hin tt c cc chc nng do Cp php Read v List Folder Contents cung cp. Write To cc file v cc th mc con mi bn trong mt th mc. Thay i cc c tnh th mc. Xem ch s hu v cc Cp php trn th mc Modify Xa th mc Cho php thc hin tt c cc chc nng do Cp php Write v Cp php Read Thay i file Xa file Cho php thc hin tt c cc chc nng do Cp php Write v c ni dung file Xem ch s hu, cc Cp php v cc c tnh ca file.
Cho php thc hin tt c cc chc nng do Cp php Read cung cp. Chy cc ng dng
Cho php ghi ln file Thay i cc c tnh ca file Xem ch s hu v cc Cp php trn file
414
CHIA S CC TI NGUYN H THNG FILE and Excute cung cp. List Folder Contents Xem cc tn ca cc file v cc th mc con cha trong th mc cha. Thay i cc Cp php trn th mc Chim Cp php s hu th mc Xa cc th mc con v cc file nm trong th mc cha Cho php thc hin tt c cc chc nng do tt c cc Cp php NTFS khc cung cp. Cp php Read and Excute cung cp. Khng p dng
Full Control
Thay i cc Cp php trn file Chim Cp php s hu file Cho php thc hin tt c cc chc nng do tt c cc cp php NTFS khc cung cp.
CH : Cc Cp php tha k Khi hp kim tra trong th Security c chn v c mu xm, c ngha l Cp php ny c k tha t th mc cha.
S dng cc thit lp bo mt nng cao

Giao din c bn trong th Security cho php ngi qun tr thit lp cc Cp php thng thng nhanh chng v d dng nhng n khng cung cp nhiu thng tin hay cung cp cng c s dng ht cc tnh nng ca h thng file NTFS. Nhn vo nt Advanced trong hp thoi Advanced Security Settings (hnh v 9-15) bn s thu c giao din tng t nh bn xem ACL thc s ca file hay th mc trong giao din ha ca Windows.
415
Hnh v 9-15: Hp thoi Advanced Security Settings Th Permissions mc nh ca hp thoi Advanced Security Settings cha mt danh sch cc mc vo Cp php, v c bn y l mt danh sch ca cc ACE ring l trong ACL ca file/folder. Mi mc vo cha cc thng tin sau: Type (loi) Cho bit mc vo cho php hay t chi Cp php Name (tn) Cho bit tn ca i tng bo mt nhn cc Cp php . Permission (Cp php): cho bit cc Cp php NTFS chun c gn cho i tng bo mt. Nu ACE c dng gn cc Cp php c bit, t "Special" s xut hin trong trng ny. Inherited From (k tha t) Cho bit Cp php c c k tha khng v nu c th k tha t u. Apply to (p dng cho) Cho bit Cp php ny c c p dng cho cc th mc con hay cc file bn trong n hay khng. Nu c th l nhng th mc con hoc file no. Danh sch cc mc vo Cp php c th cha nhiu mc vo cho cng mt i tng. iu c ngha rng i tng nhn c nhiu Cp php t cc ngun khc nhau v d nh c Cp php c gn trc tip cho i tng, c Cp php c k tha hoc c th c cc i tng c thit lp c hai Cp php Allow v Deny. Trong trng hp ny, mi mc vo trong danh sch c qun l ring bit. lm vic vi mi mc vo trong danh sch, bn la chn v nhn Edit m hp thoi Permission Entry. Ngoi ra, ch c hai iu khin c kch hot trong hp thoi Advanced Security Settings cung cp thm hai la chn:
416
CHIA S CC TI NGUYN H THNG FILE Allow Inheritable Permissions From The Parent To Propagate To This Object And All Child Objects (cho php cc Cp php k tha t i tng cha c truyn n i tng ny v tt c cc i tng con): Xc nh xem cc file/folder c k tha Cp php t i tng cha hay khng. Mc nh hp kim tra ny c la chn. Khi bn loi b la chn ny mt thng bo s xut hin cho php hoc xa b hoc gi li cc Cp php k tha t th mc cha xung. Nu bn la chn gi li, cc Cp php nh hng vn c gi nguyn nhng file/folder khng cn k tha Cp php t th mc cha na. Nu bn thay i cc Cp php trn th mc cha, file v cc th mc con s khng b nh hng g. Replace Permission Entries On All Child Objects With Entries Shown Here That Apply To Child Objects (Thay th Mc vo Cp php y cho cc i tng con) La chn ny lm cho cc i tng con c tha hng cc Cp php t th mc ny tr cc Cp php c gn ring chng. Hp kim tra ny ch p dng cho cc th mc.
Qun l cc Cp php c bit

Khi bn thay i mt trong cc Mc vo Cp php trong hp thoi Advanced Security Settings hay thm mt Mc vo mi vo hp thoi bn u nhn c hp thoi Permission Entry c m t trong hnh 9-16. Ln u tin, bn truy cp trc tip n cc Cp php c bit to nn xng sng ca h thng Cp php NTFS.
Hnh 9-16: Hp thoi Permission Entry NTFS c 14 Cp php c bit, chc nng ca chng c m t chi tit di. Trong trng hp cc Cp php c bit xut hin theo cp v c
417
CHIA S CC TI NGUYN H THNG FILE ngn cch bi mt du cho c ngha l Cp php u tin s c p dng cho th mc v Cp php tip theo s p dng cho file. Traverse Folder/Execute File (duyt th mc/thc thi cc file) Cp php Traverse Folder cho php hay ngn cm cc i tng bo mt kh nng di chuyn qua cc th mc m h khng c Cp php truy cp, v vy h c th ti c file hay th mc m h c Cp php. Cp php ny ch p dng cho cc th mc. Cp php Execute File cho php hay ngn cm cc i tng chy chng trnh. Cp php ny ch p dng cho file. List Folder/Read Data (Lit k th mc/c d liu) Cp php List Folder cho php hay ngn cm cc i tng bo mt kh nng hin th file v tn cc th mc con. Cp php ny ch p dng vo cc th mc. Cp php Read Data cho php hay ngn cm cc i tng xem ni dung file. Cp php ny ch p dng cho cc file. Read Attributes (c thuc tnh) Cho php hay ngn cm cc i tng bo mt kh nng xem cc thuc tnh NTFS ca file hay th mc. Read Extended Attributes (c thuc tnh m rng) Cho php hay ngn cn cc i tng bo mt kh nng xem cc thuc tnh m rng ca file hay th mc. Create Files/Write Data (to cc file/thay i ni dung) Cp php Create Files cho php hay ngn cn i tng bo mt kh nng to file trong th mc. Cp php ny ch p dng cho cc th mc. Cp php Write Data cho php hay ngn cm i tng kh nng thay i ni dung file sn c. Cp php ny ch p dng cho cc file. Create Folders/Append Data (To th mc/Chn d liu) Cp php Create Folders cho php hay ngn cn i tng bo mt kh nng to th mc con trong mt th mc. Cp php ny ch p dng cho cc th mc. Cp php Append Data cho php hay ngn cm i tng kh nng thm d liu vo cui file nhng khng c thay i ni dung sn c trong file. Cp php ny ch p dng cho file. Write Attributes (thay i thuc tnh) Cho php hay ngn cm i tng bo mt kh nng thay i cc thuc tnh NTFS ca mt file hay th mc sn c.
418
CHIA S CC TI NGUYN H THNG FILE Write Extended Attributes (thay i thuc tnh m rng) Cho php hay ngn cm i tng bo mt kh nng thay i cc thuc tnh m rng ca mt file hay th mc sn c. Delete Subfolders and Files (Xa cc th mc con v file) Cho php hay ngn cm i tng bo mt kh nng xa cc th mc con v file thm ch Cp php Delete khng c gn cc th mc con hay file. Delete (xa) Cho php hay ngn cm i tng bo mt kh nng xa file hay th mc. Read Permissions (cho php hin th cc Cp php) Cho php hay ngn cm i tng bo mt kh nng c cc Cp php trn file hay th mc. Change Permissions (Thay i Cp php) Cho php hay ngn cm i tng bo mt kh nng thay i cc Cp php ca file hay th mc. Take Ownership (Chim quyn s hu) Cho php hay ngn cm i tng bo mt kh nng chim quyn s hu ca file hay th mc. Synchronize (ng b) Cho php hay ngn cm cc thread (chui) khc nhau ca mt multithread (a chui), cc chng trnh a x l c kh nng ch i vic iu khin file hay th mc v ng b n vi cc thread khc thng bo cho n. Hp thoi Permission Entries cho mt ACE hin th cc Cp php c bit ring r m v chc nng n tng ng vi cc Cp php NTFS chun c xc nh trong hp thoi Advanced Security Settings. Cc Cp php c bit to nn su Cp php NTFS chun c lit k trong bng 9-2. Bng 9-2: Cc Cp php NTFS chun v cc Cp php c bit tng ng Cp php NTFS Cc Cp php c bit chun Read List Folder/Read Data (lit k th mc/c d liu) Read Attributes (c cc c tnh) Read Extended Attributes (c cc c
419
CHIA S CC TI NGUYN H THNG FILE tnh m rng) Read Permissions (c cc Cp php) Synchronize (ng b) Read and Excute List Folder/Read Data (lit k th mc/c d liu) Read Attributes (c cc c tnh) Read Extended Attributes (c cc c tnh m rng) Read Permissions (c cc Cp php) Synchronize (ng b) Traverse Folder/Execute File (cho php duyt th mc/thc thi file) Modify Create Files/Write Data (to cc file/c kh nng ghi d liu) Create Folders/Append Data (to th mc/thm d liu) Delete (xa) List Folder/Read Data (lit k th mc/c d liu) Read Attributes (c cc c tnh) Read Extended Attributes (c cc c tnh m rng) Read Permissions (c cc Cp php) Synchronize (ng b) Traverse Folder/Execute File (cho php duyt th mc/thc thi file) Write Attributes (thay i cc c tnh) Write Extended Attributes (thay i cc c tnh m rng) Write Create Files/Write Data (to cc file/c kh nng ghi d liu)
420
CHIA S CC TI NGUYN H THNG FILE Create Folders/Append Data (to th mc/c kh nng thm d liu) Read Permissions (c cc Cp php) Synchronize (ng b) Write Attributes (thay i cc c tnh) Write Extended Attributes (thay i cc c tnh m rng) List Folder Contents List Folder/Read Data (lit k th mc/c d liu) Read Attributes (c cc c tnh) Read Extended Attributes (c cc c tnh m rng) Read Permissions (c cc Cp php) Synchronize (ng b) Traverse Folder/Execute File (cho php duyt th mc/thc thi file) Full Control Change Permissions (thay i cc Cp php) Create Files/Write Data (to cc file/c kh nng ghi d liu) Create Folders/Append Data (to th mc/c kh nng thm d liu) Delete (xa) Delete Subfolders and Files (xa cc th mc con v cc file) List Folder/Read Data (lit k th mc/c d liu) Read Attributes (c cc c tnh) Read Extended Attributes (c cc c tnh m rng) Read Permissions (c cc Cp php)
421
CHIA S CC TI NGUYN H THNG FILE Synchronize (ng b) Take Ownership (ot Quyn s hu) Traverse Folder/Execute File (cho php duyt th mc/thc thi file) Write Attributes (thay i cc c tnh) Write Extended Attributes (thay i cc c tnh m rng) Khi thay i mt Mc vo Cp php, bn c th thay i bt k thng s no di y: Name (Tn) Xc nh tn ca i tng bo mt c gn Cp php. Khi bn mun thay i Cp php t mt i tng ny sang mt i tng khc, thay v to ra mt ACE mi, bn c th dng giao din ny thay i tn i tng c gn Apply Onto (Gn cho) Xc nh i tng no c gn Cp php bng cch s dng cc la chn trn hnh 9-17. Giao din ny cho php bn iu khin hon ton tnh k tha cc Cp php c gn cho mt th mc cha: cho cc file, cc th mc, cc th mc con v cc file su hn na.
Hnh 9-17: Cc la chn Apply Onto Permissions (Cp php) Xc nh cc Cp php c bit c gn cho cc i tng bo mt. Hp danh sch Permissions bao gm tt c cc Cp php c bit c th dng c lit k trn cng thm Cp php NTFS chun Full Control. CH : S dng la chn Apply Onto Khi bn s dng la chn Apply Onto gi hn cc i tng nhn Cp php k tha, tt c
422
CHIA S CC TI NGUYN H THNG FILE cc th mc con v file vn nhn c ACE t th mc cha. ngn khng cho cc i tng con k tha ch cn ngn khng cho chng nhn cc Cp php trong ACE. Trng hp ACE c k tha bi mt s lng ln cc i tng con iu ny s nh hng ti hot ng ca mng, khi s dng la chn Apply Onto s khng phi l mt gii php tt gii hn k tha Cp php.
Hin th cc Cp php Hiu dng

Mc d h thng Cp php NTFS phc tp nhng rt may mn l Windows Server 2003 cha mt c ch cho php hin th Cp php Hiu dng ca mt i tng bo mt trn mt file hoc th mc xc nh. xem cc Cp php Hiu dng, hy m hp thoi Advance Security Settings ca file hoc th mc v chn th Effective Permissions nh trn hnh 9-18. Khi bn nhn Select v xc nh tn ca i tng bo mt trong hp thoi "Select User, Computer, Or Group" hp kim tra trong danh sch Effective Permission s thay i hin th Cp php tng hp i tng nhn c.
Hnh 9-18: Th Effective Permissions ca hp thoi Advanced Security Settings CH Mc tiu ca k thi Mc tiu cho mn thi 70-290 yu cu hc vin c th "xc nh Cp php Hiu dng khi gn Cp php" Mc d th Effective Permissions rt thun tin sa cc li lin quan ti vic truy cp cc file chia s tuy nhin n cng khng c tht s hon ho. Cp php Hiu dng hin th trn giao din ny c xc nh nh tng hp cc vn sau: Cc Cp php c gn ring r cho i tng Cp php k tha t i tng cha
423
CHIA S CC TI NGUYN H THNG FILE Cp php k tha t nhm cc b hay Min Tuy nhin danh sch Cp php Hiu dng khng tnh n cc Cp php chia s hay Cp php c k tha t cc nhm ng nht c bit do chng ph thuc vo trng thi truy cp ca i tng bo mt. V d, th Effective Permissions c th ch ra rng mt nhm c th c Cp php Full Control trn mt th mc ca a chia s. Tuy nhin nu bn vn s dng Cp php chia s mc nh iu c ngha l nhm ng nht c bit everyone ch c Cp php Read (c) tc l nhm ny ch c Cp php c bt k Effective Permissions hin th nh th no. Cng theo cch nh vy, Cp php Hiu dng khng th tnh n trng thi truy cp ca i tng bo mt ti mt thi im bt k. Windows Server 2003 cho php gn Cp php da trn cc nhm ng nht c bit nh: Truy cp nc danh (Anonymous Logon), quay s qua ng thoi (Dialup) v tng tc (Interactive). Nh hc chng 7, nhng ng nht c bit ny c xc nh da trn cch m ngi dng truy nhp vo h thng hay mng. V d mt ngi s dng truy cp vo mng bng cch s dng dialup l mt phn ca nhm ng nht c bit Dialup trong sut qu trnh kt ni . V i tng bo mt khng cn truy nhp khi bn xem Cp php Hiu dng ca h v vy khng c cch no h thng c th bit c ng nht c bit no s c nh hng ti cc i tng khi h truy nhp. CH : Lin quan n Cp php Hiu dng xem xt cc Cp php c cp cho cc nhm ng nht c bit c th c nh hng th no ti ngi s dng ca bn, bn c th dng th Effective Permissions hin th Cp php Hiu dng ca mt nhm ng nht c bit no , sau bn c th chuyn nhng kt qu vo Cp php Hiu dng ca ngi s dng.
S hu ti nguyn (Resource Ownership)

Mi file v th mc trn h thng file NTFS (cng nh mi i tng trn Active Directory) u c mt ch s hu. Mc nh, ch s hu l ngi to ra file hay th mc . Trong trng hp file hay th mc c to bi h iu hnh th nhm Administrators s l ch s hu. Tuy nhin cc thnh vin ca nhm Administrators hoc nhng ngi s dng c cp Cp php c bit Take Ownership (chim quyn s hu) i vi file hay th mc u c kh nng chim ot quyn s hu ca file hay th mc ti bt k thi im no.
424
CHIA S CC TI NGUYN H THNG FILE CH Mc tiuca k thi Mc tiu ca mn thi 70-290 yu cu hc vin c kh nng "thay i quyn s hu ca file hay th mc" Quyn s hu file hay th mc c hai mc tiu chnh sau Cc ch s hu c th thay i cc ACL Bt k ch s hu ca mt file hay th mc c Cp php g anh ta vn c th thay i c ACL ca file hay th mc. V vy c th coi s s hu nh mt c ch d phng khi c mt ai kha file hay th mc i vi tt c mi ngi. V d nu bn to mt file mi v ngu nhin b ht mi Cp php ca bn i vi file , quyn s hu file cho php bn c th thay i ACL v khi phc li cc Cp php. Hn ngch a c xc nh theo ch s hu Hn ngch a cho php ngi qun tr theo di v kim sot mi ngi s dng c th s dng bao nhiu khng gian a cng trn my ch. Bn s c hc vn ny trong chng 12. Ngoi Cp php Take Ownership (chim quyn s hu) cng c hai Cp php nhm cung cp kh nng qun l ch s hu ca file hoc th mc NTFS: Take Ownership Of Files Or Other Objects (chim quyn s hu ca cc file v cc i tng khc) Ngi dng hay nhm s hu Quyn ny c th chim quyn ca bt k file hay th mc NTFS. Mc nh, nhm Administrators nhn c quyn ny t chnh sch nhm Default Domain Controller Policy (chnh sch nhm mc nh dng cho cc my ch iu khin vng). Restore Files And Directories (phc hi cc file v th mc) Ngi dng hay nhm s hu Quyn ny c th chim quyn s hu ca bt k file hoc th mc NTFS no hay gn quyn s hu cho ngi dng hay nhm khc. Mc nh, chnh sch nhm Default Domain Controller Policy s gn Quyn ny cho cc nhm Administartors (nhm qun tr), nhm Backup Operator (thc hin cc cng vic sao lu) v nhm Server Operators (nhm qun tr cc hot ng trn my ch). xem hay chim quyn s hu ca file hay th mc, m hp thoi Advanced Security Settings v chn th Owner nh trn hnh 9-19. Th ny lit k ch s hu hin thi ca file hay th mc. Nu bn c Cp php c bit Take Ownership i vi file hay th mc hoc c quyn Take Ownership Of Files Or Other Objects, bn c th la chn ti khon ca bn trong hp Change Owner To ri nhn Apply hay OK chim quyn s
425
CHIA S CC TI NGUYN H THNG FILE hu i tng . Nu bn c quyn Restore Files And Directories, bn cng c th nhn vo Other Users Or Groups la chn i tng bo mt khc ri cp quyn s hu i tng cho n.
Hnh 9-19: Th Owner ca hp thoi Advanced Security Settings Nu bn l ngi ch s hu hin ti cu file hay th mc v bn mun chuyn quyn s hu cho ngi khc nhng bn li khng c quyn Restore Files And Directories, bn vn c th thay i ACL v cp cho ngi s dng Cp php Take Ownership. Sau ngi s dng kia s dng cc tin trnh nh trn chim quyn s dng ca file hay th mc.
QUN TR IIS
Cho ti chng ny, chng ta hc cch cung cp cho ngi dng mng kh nng truy cp ti cc file trn mt my tnh chy Windows Server 2003 thng qua vic cng b cc im chia s bng dch v Server. Dch v ny cho php cc my trm s dng dch v Worksbntion c th truy nhp c. Tuy nhin trn Windows Server 2003, y khng phi l cch duy nht chia s cc file. Thay vo bn cng c th s dng cc dch v Internet c cung cp bi Microsoft IIS k c khi my trm ca bn nm trong mng LAN. CH Mc tiu ca k thi Cc mc tiu cho mn thi 70-290 yu cu cc hc vin c kh nng qun tr dch v IIS IIS l mt ng dng ca Windows Server 2003 c kh nng cng b cc file v cc ng dng bng vic s dng cc giao thc chun Internet nh HTTP (l mt giao thc chun cho truyn thng Web ) v FTP . So snh vi vic chia s file thng thng, vic chia s file trong IIS, vi cu hnh mc nh ca IIS, l mt phng php hn ch trong vic cng b cc file . V cc l do an ninh , IIS c ci t trong ch kha v bo mt cho php my
426
CHIA S CC TI NGUYN H THNG FILE ch ch cung cp ni dung tnh cho cc my trm. Ngi dng c th ly cc file t mt my ch IIS v a ni b ca mnh v lm vic vi chng trn my c nhn nhng h khng th m file trc tip t my ch cng nh lu cc phin bn c sa i so vi trng thi ban u ca file nh h vn lm trn h thng file chia s thng thng. Tuy nhin , k c khi trong trng thi kha, IIS vn cung cp nhng phng tin ph bin cc file mt cch d dng v bo mt. Trong cc phn sau y, chng bn s hc cch ci t v cu hnh IIS trn mt my tnh chy Windows Server 2003 v qun l vn bo mt ca mt my ch IIS .
Ci t IIS
Khng ging nh Windows 2000, mc nh Windows Server 2003 khng ci t IIS. Vic lm ny nhm phng nga l hng an ninh tim n trong h iu hnh. Mc nh, cc phin bn trc ca Windows ci t dch v IIS, kch hot dch v World Wide Web Publishing v to mt trang Web mc nh . Trong cc trng hp m ngi qun tr khng dng ti v qun tt dch v, n s tr thnh mt li vo tim n cho nhng ngi dng tri php . Trong Windows Server 2003 , bn phi ci t IIS mt cch th cng sau khi hon tt vic ci t h iu hnh. ci t IIS, m Add Or Remove Programs trong Control Panel ri chn Add/Remove Windows Components khi ng Trnh hng dn Windows Components . Trong Trnh hng dn ny , chn Application Server , nhn Details , ri chn Internet Information Services (IIS) . Bn c th nhn Details mt ln na ch r cc thnh phn IIS no m bn mun ci t . Mc nh, Trnh hng dn s ci t cc thnh phn sau : Common Files: Ci t cc file chng trnh cn thit dnh cho IIS . Internet Information Services Manager: ci t snap-in IIS Manager. Bn s dng snap-in ny qun l cc dch v IIS v cu hnh an ninh site . World Wide Web Service: Ci t dch v cung cp kt ni HTTP vi cc my trm TCP/IP trn mng . CH Ci t cc thnh phn b sung Mc d chng khng cn thit cho cc chc nng s c m t trong chng ny, bn vn c th chn cc thnh phn IIS b sung cung cp tnh nng cao hn cho my ch, nhng khng c b bt c thnh phn mc nh no lit k y .
427
CHIA S CC TI NGUYN H THNG FILE Sau khi bn hon tt Trnh hng dn , Windows Server 2003 s ci t cc thnh phn m bn la chn v kch hot dch v World Wide Web Publishing.
Qun tr mt Web Site IIS

Khi IIS c ci t, mt trang Web mc nh c to ra, cho php bn thc thi mt mi trng Web nhanh chng v d dng. Ban u, site mc nh cha c ni dung g (ngoi tr mt bn tin Under Construction) . Bng cch b sung cc file ca bn vo th mc gc ca site mc nh , bn c th to ra mt trang ch nhm cung cp cho cc my trm kh nng truy cp ti bt k file, th mc v thng tin no m bn mun cng b. CH Mc tiu ca k thi Cc mc tiu cho mn thi 70-290 yu cu cc hc vin c kh nng qun tr mt my ch Web qun tr cc Web site trn mt My ch IIS, bn s dng snap-in IIS Manager (nh trong hnh 9-20) , bng cch truy nhp Administrative Tools trn thc n Start . Snap-in ny cho php bn to v qun l mt s lng Web site ring bit nhiu ti mc m phn cng ca my ch c th chy c.
Hnh 9-20: Snap-in qun tr dch v IIS Ban u ch c mt Web site duy nhy trn my ch, gi l Default Web Site. xem cc site trn my ch, m rng nt ca my ch trong khung Phm vi ri m rng th mc Web Sites. Bng cch chn mt trong cc web site c lit k ri chn Properties t thc n Action, bn c th m hp thoi Properties ca site . Hp thoi ny cha mt lng ln cc chc nng iu khin cho php bn cu hnh cc thng s cho Web site ny . Cc phn sau y xem xt mt vi chc nng iu khin quan trng ca hp thoi ny . S dng th Web Site
428
CHIA S CC TI NGUYN H THNG FILE Th Web Site ca hp thoi Properties (hnh v 9-21), cha cc thit lp xc nh cch thc cc my trm c th truy nhp ti Web Site. IIS c th duy tr (Host) mt s lng khng gii hn cc Web site o trn mt my tnh, nhng cho cc my trm c th truy nhp c ti chng, phi c mt cch thc phn bit gia site ny vi cc site khc.
Hnh 9-21: Th Web Site trong hp thoi Properties ca mt Web site Cc my ch Web thng thng s dng cc k thut sau y duy tr nhiu site cng lc : Cc a ch IP khc nhau: Bng cch cu hnh my tnh vi nhiu a ch IP khc nhau v gn mi a ch IP khc nhau cho mt Web site, my ch Web c th hng cc yu cu ti site thch hp, da trn a ch IP c xc nh trong yu cu. Cc cng khc nhau: Mc nh, giao thc HTTP s dng cng thng dng l 80 cho thng tin TCP/IP ca n. Khi kt ni vo mt Web site, trnh duyt s mc nh s dng cng 80 tr phi bn ch nh khc i, bng cch s dng mt a ch URL nh http://www.ACNA.com:81. Bng cch gn cc cng khc nhau cho cc Web site, mt my ch c th hng cc yu cu ti site thch hp da trn s cng c ch r trong yu cu. Host headers: Mc d cc my trm thng thng s dng tn truy nhp vo cc Web site nhng qu trnh truyn thng TCP/IP vn da trn cc a ch IP. Cc my ch DNS chu trch nhim chuyn i cc tn ny sang cc a ch IP. Host Header l mt trng ty chn trong bn tin yu cu HTTP bao hm tn URL ca my ch Web. Cc yu cu vi cc gi tr host header khc nhau c th c hng ti mt my ch Web n vi mt a ch IP v mt cng duy nht. Sau , my ch c th hng cc yu cu ti site thch hp da vo gi tr host header. V d, mt cng ty c th
429
CHIA S CC TI NGUYN H THNG FILE duy tr (host) hai Web site www.adatum.com v www.ACNA.com trn mt my ch Web. My ch DNS ca cng ty s chuyn i c hai tn gi sang cng mt a ch IP v vy cc bn tin yu cu gi n mi site u ti cng mt my ch. My ch Web sau s phn bit hai ch bng cch xem xt cc trng host header. Vi cc chc nng iu khin trong th Web Site, bn c th s dng bt c phng php no trong 3 phng php nu trn phn bit cc Web site vi nhau. Web site mc nh c cu hnh s dng cng 80 v tt c cc a ch IP ca my tnh s khng c gn cho cc Web site khc. Nu bn mun to thm cc Web site khc trn my ch, bn c th thay i cc gi tr ny bng cch chn mt gi tr a ch IP xc nh, thay i gi tr cng TCP hoc nhp vo nt Advanced xc nh tn host header cho site . Th ny cn cho php bn nh ra mt gii hn thi gian trc khi nhng ngi dng trng thi inactive (khng hot ng mc d vn ang kt ni) b ngt kt ni ra khi my ch, cng nh kim sot cch thc ng nhp ca my ch i vi site ny bng cch chn mt nh dng file nht k, xc nh thng tin no c ghi vo nht k v cu hnh thi gian biu ghi nht k. S dng th Home Directory Th mc gc ca mt web site l v tr mc nh cha cc file ni dung ca mt web site. Khi bn xc nh mt URL trong trnh duyt Web vi tn site no (nh www.ACNA.com chng hn), my ch s t ng cung cp cho bn cc file ni dung trong th mc gc ca site . Trong th Home Directory (hnh v 9-22) bn c th xc nh v tr ca th mc gc cho mt Web site nht nh. Bng cch to ra cc th mc gc khc nhau cho cc site khc nhau chy trn mt my ch duy nht, bn c th duy tr ni dung ring bit cho mi site.
430
CHIA S CC TI NGUYN H THNG FILE Hnh 9-22: Th Home Directory trong hp thoi Properties ca mt Web site IIS cho php bn xc nh mt th mc gc bng cch chn mt trong ba ty chn sau : A Directory Located On This Computer (th mc trn my tnh ny) s dng k hiu ch ci a chun xc nh th mc gc trn mt trong cc a logic ca my tnh. A Share Located On Another Computer (th mc chia s trn my tnh khc) s dng ng dn Universal Naming Convention (UNC) xc nh th mc gc nm trn mt vng chia s u trn mng. A Redirection To A URL (chuyn hng ti URL) s dng ng dn URL xc nh th mc gc trn mt my ch Web khc. Web site mc nh s dng mt th mc gc cc b c to ra mc nh trong qu trnh ci t IIS t ti th mc C:\Inetpub\wwwoot. Ban u th mc ny khng cha mt ni dung thc s no ngoi tr cc file th hin trang Under Construction nhng bng vic a cc file ni dung vo th mc ny, bn c th bin chng s dng c ngay lp tc i vi cc my trm. Ngoi vic cho php bn xc nh v tr thc s ca th mc gc, th ny cn cho php bn cu hnh cc kiu truy nhp m my trm c th s dng truy nhp ti th mc ny. Bn c th chn cc ty chn di y sau khi xc nh th mc gc trn a cc b hay trn im chia s trn mng: Script Source Access: cho php cc my trm c th truy nhp cc file kch bn (script) trong th mc vi gi thit rng cc Cp php Read hay Write c thit lp. Read: cho php cc my trm c th c v ti v cc file trong th mc . Write: cho php cc my trm ti ln th mc cc file hoc thay i ni dung ca cc file cho php ghi. Directory Browsing: gi thit rng khng c ti liu mc nh (Default Documents), cho php ngi dng xem mt danh sch cc lin kt siu vn bn lit k cc file v cc folder c trong th mc .
431
CHIA S CC TI NGUYN H THNG FILE Log Visits: gi thit rng tnh nng ghi nht k c kch hot cho site ny, cho php ghi li cc cuc truy nhp vo th mc vo nht k Index This Resource: to mt ch mc ca cc ni dung vn bn (full-text index) ca th mc trong dch v Microsoft Indexing (bn phi ci t dch v Indexing bng cch nhn Add/Remove Windows Components trong cng c Add or Remove Programs). Application Settings: cho php bn xc nh cc kiu ng dng Web m my trm c php chy. S dng th Documents Trong th Documents (hnh v 9-23) bn c th xc nh tn ca file ni dung m IIS phn phi ti cc my trm mt cch mc nh. Khi mt my trm a mt URL khng cha bt c mt tn tp no trong trnh duyt, my ch Web phn phi file vi tn mc nh c ch r trong hp Enable Default Content Page. Nu tn tp u tin c lit k khng tn ti trong th mc, my ch s kim tra ln lt cc file c lit k trong hp ni trn theo th t t trn xung. Nu khng c tp no trong danh sch tn ti, my ch hoc hin th mt siu vn bn lit k ni dung ca th mc (nu ty chn Directory Browsing c kch hot trong th Home Directory) hoc mt bn thng bo li (nu Direcoty Browsing b v hiu).
Hnh 9-23: Th Documents trong hp thoi Properties ca mt Web site Hp Enable Document Footer cho php bn cung cp tn ca file footer c gn vo tt c cc ti liu c Website xut bn. S dng th Performance Trong th Performance (hnh v 9-24) bn c th gii hn bng thng s dng cho site ny cng nh s lng ngi dng c th kt ni ng thi.
432
CHIA S CC TI NGUYN H THNG FILE N cho php bn ngn chn tnh trng mt Web site c chim ton b bng thng h thng.
Hnh 9-24: Th Perfomance trong hp thoi Properties ca Web site
To cc th mc o
Khi bn xc nh mt th mc gc cho mt Website IIS, tt c cc file trong th mc v cc th mc con ca n u c my ch cng b v sn sng phc v cho cc my trm. Tuy nhin, nu bn mun cng b cc file v th mc sn c th bn cng khng cn phi di chuyn chng n cu trc th mc gc. Thay vo bn c th to ra mt th mc o. Mt th mc o l mt con tr n mt th mc nm ti mt v tr khc v i vi cc my trm chng l mt phn trong cu trc th mc ca Web site. to ra mt th mc o trn mt IIS Web site, bn la chn site trn mn hnh qun tr IIS Manager, sau trn thc n Action tr ti New ri la chn Virtual Directory. Hot ng ny kch hot Trnh hng dn Virtual Directory Creation, bn phi cung cp nhng thng tin sau: Virtual Directory Alias (cc b danh cho th mc o): cung cp tn ca th mc o cho cc my trm. B danh m bn nhp s xut hin nh mt th mc con ca Web site trong cc URL ca my trm. B danh m bn chn khng cn thit phi l tn tht ca th mc m bn mun cng b. Web Site Content Directory (th mc cha ni dung ca Web site): xc nh ng dn ti th mc m bn nh chia s cho th mc o. ng dn m bn a vo c th s dng mt k t a hoc ng dn UNC v c th c t trn mt a cc b hoc mt th mc chia s trn mng.
433
CHIA S CC TI NGUYN H THNG FILE Virtual Directory Access Permissions (cc Cp php truy cp n th mc o): xc nh Cp php cp cho cc my trm khi truy cp n th mc o (nh Read (c), Run Scripts (chy cc kch bn), Excute (thc thi), Write (ghi) v Browse (duyt trang Web)). Mt khi bn to th mc o, cc file trong th mc ni dung m bn mun cng b trn Web site s nm trong mt th mc con c xc nh theo b danh bn cung cp trn.
Cu hnh bo mt IIS
Hu ht cc Web site trn Internet u cung cp cho cc my trm Cp php truy cp nc danh (anonymous). Khi bn cu hnh mt IIS Web site cho vic truy cp nc danh, tt c cc my trm kt ni ti my ch u s dng mt ti khon c bit c thit k cho mc ch ny. Tn ti khon mc nh trong Windows Server 2003 l IUSR_servername trong servername l tn ca my tnh. V mt k thut, cc my khch vn c xc thc nhng khng c s trao i cc thng tin b mt v chng khng b hn ch trong qu trnh truy cp ti Web site. CH Mc tiu ca k thi Cc mc tiu cho k thi 70-290 yu cu cc hc vin c kh nng qun tr tnh bo mt ca IIS Tuy nhin, nu bn mun hn ch vic truy cp ti mt Web site, bn c th gia tng mc bo mt theo mt vi phng php sau y: Authentication and Access Control (kim sot truy cp v xc thc): yu cu cc my trm cung cp tn truy cp v mt khu khi truy cp Web site. IIS cung cp mt s loi m ha vi mc bo mt khc nhau. IP Address and Domain Name Restrictions (cc hn ch v tn min v a ch IP): bn c th cho php hoc ngn cm cc my khch nht nh truy cp ti site da trn a ch IP v tn min ca chng. Secure Communications (cc knh truyn thng bo mt): yu cu cc my trm s dng mt giao thc truyn thng bo mt hoc mt chng ch s khi truy cp ti Web site. Bn c th cu hnh tt c cc c ch bo mt ni trn trong th Directory Security trong hp thoi Properties ca Web site nh hnh v 9-25.
434
Hnh 9-25: Th Directory Security trong hp thoi Properties ca Web site CH IIS v cc Cp php NTFS Ngoi cc c ch bo mt trn bn cng c th s dng cc Cp php NTFS bo v cc Web site. Nh cp trong chng trc, cc Cp php NTFS cung cp cho cc ngi dng bt k h truy cp bng phng php no. iu c ngha rng mt ngi dng truy cp ti mt Web site vi ni dung c lu trn a NTFS phi c cc Cp php tng ng truy cp cc file ni dung. Xem phn S dng cc Cp php NTFS trong chng trc bit thm thng tin. Cu hnh xc thc IIS cu hnh mt IIS Web site s dng mt m hnh nhn thc khc vi truy cp nc danh mc nh, bn nhp vo nt Edit trong hp Authentication And Access Control trn th Directory Security hin th hp thoi Authentication Methods (xem hnh v 9-26).
435
CHIA S CC TI NGUYN H THNG FILE Hnh 9-26: Hp thoi Authentication Methods ngn chn hnh thc truy cp khng xc thc ti Web site, bn phi b du chn ti hp kim tra Enable Anonymous Access. Bn cng phi cp cc Cp php NTFS cho cc file v th mc m bn mun bo v. K bn phi la chn mt hnh thc xc thc thay th t cc la chn sau: Integrated Windows Authentication (xc thc tch hp vi Windows): my ch thc hin trao i mt m vi my trm v vy tn truy cp v mt khu c truyn i trong dng cc m ri (Hash) nhm ngn chn nhng ngi nghe trm c th c c ni dung v ti khon ca ngi s dng. Hnh thc xc thc ny khng ph hp vi vic truy cp qua my ch proxy hoc cc tng la. Digest Authentication For Windows Domain Servers (xc thc dng phn loi cho cc my ch Min): ch dnh cho cc my trm c cc ti khon Active Directory, My ch s thu thp cc chng thc ngi s dng v lu chng trn My ch iu khin di dng MD5 (Message Digest 5) Hash (m ri MD5). Basic Authentication (xc thc c bn): my trm truyn tn truy cp v mt khu theo dng vn bn tng minh, v vy s to nn mt nguy c tim n v bo mt. Bn ch s dng la chn ny khi khng c kh nng chn cc la chn khc mang tnh bo mt hn. .NET Passport Authentication (xc thc da trn .NET Passport): cc my trm kt ni ti my ch bng cch s dng cc ti khon .NET Passport sn c ca chng. Chng c xc thc bi mt my ch .NET Passport trung tm trn Internet. Cu hnh cc hn ch v a ch IP v tn min Khi bn nhp vo nt Edit trong hp IP Address And Domain Name Restrictions, bn s nhn thy hp thoi IP Address And Domain Name Restrictions nh hnh v 9-27. y bn c th xc nh cc a ch IP ring r, cc a ch mng v cc tn min sau bn s cho php hoc cm chng truy cp ti Web site.
436
Hnh 9-27: Hp thoi IP Address And Domain Restrictions Trong hp thoi IP Address And Domain Name Restrictions, trc ht bn phi xc nh xem bn mun cc a ch v cc tn m bn la chn s c php hay ngn cm truy cp n Web site. Tip theo bn nhp vo Add m hp thoi Granted Access or Denied Access, bn s nhp a ch IP ca my tnh no , a ch mng v mt n mng con hoc tn min. Loi hn ch ny c da trn my tnh ch khng phi da trn ngi s dng. Khi bn gn Cp php truy cp n Web site cho mt a ch IP no th bt k ngi s dng no lm vic trn my tnh cng c th truy cp n Web site ngoi tr c cc c ch bo mt khc c thc thi. Do nhng hn ch ny l c lp vi c ch xc thc ca Web site nn bn c th s dng n thay th hoc kt hp vi c ch xc thc. V d, bn c th gn Cp php truy cp n Web site cho mt ngi dng xc nh nhng vi mt iu kin l ngi dng phi truy cp t mt my tnh c th. Bng cch cho php xc thc v thc hin hn ch theo a ch IP, bn c th s dng ng thi c hai. Cu hnh bo mt truyn thng Khi bn nhp vo nt Edit trong hp Secure Communications, hp thoi Secure Communications s xut hin (hnh v 9-28), bn c th cu hnh cc la chn sau:
437
Hnh 9-28: Hp thoi Secure Communications Require Secure Channel (SSL) (yu cu knh bo mt): yu cu cc my tnh s dng mt giao thc truyn thng m ha khi kt ni ti Web server nh giao thc SSL chng hn. Bn cng c th yu cu cc my trm s dng m ha 128-bit tng tnh bo mt. Client Certificates (cc chng thc my trm): xc nh xem cc my trm c th, khng th hoc phi s dng cc chng thc s khi truy cp ti Web site. yu cu cc chng thc, bn phi chn la chn Secure Socket Layer (SSL). Enable Client Certificate Mapping (cho php nh x chng thc my trm): cu hnh my ch xc thc cc my trm truy nhp vi cc chng thc hp l. Nhp Edit nh x cc chng thc vi cc ti khon ngi s dng. Enable Certificate Trust List (kch hot danh sch chng thc tin cy): cu hnh my ch s dng mt danh sch cc trung tm y quyn chng thc tin cy xc minh tnh hp l cc chng thc ca ngi s dng. Cc ngi dng khng nhn mt chng thc t mt trong cc trung tm y quyn c lit k trn b cm truy cp.
438
TNG KT
Windows Server 2003 cha mt s cc h thng Cp php c lp bao gm: cc Cp php chia s, cc Cp php NTFS, cc Cp php Active Directory v cc Cp php trn registry. Mi mt h thng Cp php cho php bn kim sot vic truy cp ti mt loi ti nguyn h thng xc nh. Mi i tng c bo v thng qua cc Cp php u c mt ACL (Danh sch Kim sot Truy cp). Mi ACL l mt danh sch cc ACE (Mc vo Kim sot Truy cp) cha mt i tng bo mt (nh ngi dng, nhm hoc my tnh chng hn) v cc Cp php c gn cho i tng . H thng file chia s cho php cc ngi dng trn mng truy cp ti cc file v cc th mc nm trn cc my tnh khc. to ra cc chia s, bn c th s dng Windows Explorer hoc snap-in Shared Folders hoc cng c Net.exe ch dng lnh. Cc Cp php chia s cung cp mc bo v c bn cho cc th mc chia s, nhng chng khng c tnh a dng v mm do nh cc Cp php NTFS. Cc Cp php chia s ch p dng cho cc truy cp mng thng qua dch v Server. Cc file c bo v bng cc Cp php chia s vn c th truy cp c t my tnh cc b hoc thng qua cc dch v mng khc nh IIS hay dch v u cui (Terminal) chng hn. Cc Cp php NTFS c th cho php hoc ngn cm, gn Cp php mt cch ring r hoc c k tha t trn. Cp php ngn cm s loi b tt c cc Cp php cho php khc v cc Cp php gn ring r s c mc u tin cao hn so vi cc Cp php k tha. Kt qu l mt Cp php cho php gn ring r s loi b Cp php ngn cm k tha. Cc Cp php Hiu dng trn mt file hoc th mc l s tng hp ca tt c cc Cp php gn cho i tng xc nh bao gm c Cp php gn trc tip hoc thng qua c ch k tha. Cc Cp php truy cp NTFS c th b hn ch hn na nh cc Cp php khc v cc nhn t khc nh cc Cp php IIS trn mt Web site. Bt k hai kiu Cp php no c gn cho mt ti nguyn, nh cc Cp php chia s v Cp php NTFS chng hn, mi kiu cung cp mt tp hp cc Cp php khc nhau v bn phi tnh ton xem kiu no hn ch hn.
439
CHIA S CC TI NGUYN H THNG FILE Tnh k tha cho php ngi qun tr iu khin vic truy cp cc file v th mc bng cch cp Cp php cho mt th mc cha v cho php cc Cp php ny c a xung tt c cc th mc con v cc file nm bn trong n. Mi file v th mc NTFS u c mt ch s hu. Ch s hu lun lun c php thay i cc ACL (Danh sch Kim sot Truy cp) trn mt file hoc th mc thm ch i tng ny khng c Cp php. Bt k ngi s dng c Cp php Take Ownership (chim ot quyn s hu) hoc quyn hn ngi s dng Take Ownership Of Files Or Other Objects (quyn hn chim ot quyn s hu cc file hoc cc i tng khc) u c th ot li quyn s hu mt i tng. Mt ngi s dng vi quyn hn ngi s dng Restore Files And Directories u c th gn quyn s hu ca bt k i tng no cho bt k ngi s dng no. IIS l mt dch v trn h iu hnh Windows Server 2003 cho php chia s cc file v th mc bng cch s dng dch v my ch Web v FTP. Bn c th bo mt cc IIS site bng cch gn cc Cp php NTFS v yu cu xc thc ngi s dng thng qua vic hn ch truy cp i vi cc a ch v tn Min xc nh hoc bng cch s dng cc giao thc truyn thng m ha v cc chng ch s .
440
BI TP THC HNH
===============================================
Bi tp thc hnh thc hnh 9-1: To mt chia s bng cch s dng Windows Explorer
Trong bi thc hnh ny, bn s thc hin vic chia s mt th mc bng cch s dng Windows Explorer Truy cp vo h iu hnh Windows Server 2003 bng ti khon Administrator. Nhp Start v chn Windows Explorer. Mn hnh Windows Explorer xut hin. M rng biu tng My Computer v a C: Kch chut phi vo th mc Documents And Settings, t thc n ng cnh chn Sharing And Security. Hp thoi Documents And Settings Properties xut hin vi th Sharing c kch hot. Nhp vo Share This Folder. Trong hp vn bn Share Name g Test Share. Nhp OK. Biu tng ca th mc Documents And Settings b thay i v xc nhn rng n c chia s. ===============================================
Bi tp thc hnh thc hnh 9-2: S dng snap-in Shared Folders

Trong bi thc hnh ny, bn s s dng snap-in Shared Folders to mt chia s mi v cu hnh cc Cp php cho n. 1. Truy cp vo h iu hnh Windows Server 2003 bng ti khon Administrator. Nhp Start -> Administrative Tools -> Computer Management. Mn hnh qun tr Computer Management xut hin. M rng biu tng Shared Folders v la chn th mc con Shares.
441
CHIA S CC TI NGUYN H THNG FILE Trn thc n Action la chn New Share. Trnh hng dn Share A Folder xut hin. Nhp Next b qua trong gii thiu. Trang Folder Path xut hin. Trong hp vn bn Folder Path, g C:\Windows v nhp Next. Trang Name, Description, And Setttings xut hin. Trong hp vn bn Share Name, g Test Share 2 v nhp Next. Trang Permissions xut hin. La chn Administrators Have Full Access; Other Users Have Read-Only Access (cc thnh vin nhm qun tr c ton quyn cn cc ngi dng khc ch c Cp php c m thi) ri nhp Finish. Trang Sharing Was Successful xut hin. Nhp Close. ===============================================
Bi tp thc hnh thc hnh 9-3: Cu hnh cc Cp php NTFS

Trong bi thc hnh ny, bn s cu hnh cc Cp php NTFS cho mt th mc trn my tnh ca bn bng Windows Explorer. 2. Truy cp vo h iu hnh Windows Server 2003 bng ti khon Administrator. Nhp Start v chn Windows Explorer. Mn hnh Windows Explorer xut hin. M rng biu tng My Computer v a C: Kch chut phi vo th mc Documents And Settings, t thc n ng cnh chn Sharing And Security. Hp thoi Documents And Settings Properties xut hin vi th Sharing c kch hot. La chn th Security v nhp Add. Hp thoi Select Users, Computers, Or Groups xut hin.
442
CHIA S CC TI NGUYN H THNG FILE Trong hp vn bn Enter The Object Names To Select, g Guests ri nhp OK. Nhm ny s c thm vo hp danh sch Group Or User Name trong th Security. La chn i tng Guests v trong hp danh sch Permissions For Guests la chn cc hp kim tra Modify v Write trong ct Allow. Nhp OK gn cc Cp php v ng hp thoi Documents And Settings Properties li.
CC CU HI N TP
1. Trong cc cng c di y, cng c no cho php bn to mt chia s trn mt my ch xa? (La chn tt c cc cu tr li ng) a. Mt mn hnh qun tr MMC ty bin cha snap-in Shared Foldes. b. Windows Explorer chy trn my tnh cc b v kt ni ti chia s ADMIN$ ca my tnh xa c. Net.exe d. Mn hnh qun tr Computer Management 2. Mt th mc c chia s nm trn a FAT. Nhm Project Managers c gn ton quyn (Full Control) trn th mc ny. Nhm Project Engineers c gn Cp php c trn . Lc u, Julie l thnh vin ca nhm Project Engineers. Sau c ta c a vo nhm Project Managers. Cc Cp php Hiu dng ca c ta trn th mc ny l g? 3. Mt th mc c chia s nm trn a NTFS vi cc Cp php chia s mc nh. Nhm Project Managers c gn ton Cp php NTFS. Julie l mt thnh vin ca nhm Project Managers, thng bo vi bn rng c ta khng th to cc file trong th mc ni trn. Ti sao?
443
CHIA S CC TI NGUYN H THNG FILE 4. Cc Cp php NTFS yu cu ti thiu cho php ngi s dng m cc ti liu v chy cc chng trnh trn mt th mc chia s l g? e. Full Control f. Modify g. Write h. Read & Excute i. List Folder Contents 5. Bill phn nn rng anh ta khng th truy cp ti ti liu c cha thng v thng tin ti chnh ca phng. Bn m th Security ca ti liu v thy rng tt c cc Cp php trn u c tha hng t th mc cha. Cp php ngn cm Read c gn cho nhm Acctg3 m Bill l thnh vin. Trong cc phng php di y, ci no cho php Bill truy cp ti ti liu ny? (la chn tt c cc cu tr li ng) a. Thay i cc Cp php trn th mc cha bng cch thm Cp php cho php Full Control cho Bill b. Thay i cc Cp php trn th mc cha bng cch thm Cp php cho php Read cho Bill. c. Thay i cc Cp php trn ti liu bng cch gn thm Cp php cho php Read cho Bill. d. Thay i cc Cp php trn ti liu bng cch loi b Allow Inheritable Permissions, la chn Copy v loi b Cp php ngn cm. e. Thay i cc Cp php trn ti liu bng cch loi b Allow Inheritable Permissions, la chn Copy v thm Cp php cho php Full Control cho Bill. f. Loi b Bill ra khi nhm c gn Cp php ngn cm.
444
CHIA S CC TI NGUYN H THNG FILE 6. Bn mun m bo mc bo mt cao nht cho my ch IIS trong t chc ca bn m khng phi thm bt k dch v chng ch no. Mc tiu l cung cp qu trnh xc thc trong sut i vi ngi s dng v cho php bn bo mt cc ti nguyn Intranet vi cc ti khon nhm hin c trn Active Directory. Tt c ngi s dng u c bo v bi tng la ca t chc. Cc phng php xc thc no di y chop php thc hin mc tiu trn? a. Truy cp nc danh b. Xc thc c bn c. Xc thc da trn .NET Passport d. Xc thc tch hp vi Windows 7. Bn ang cu hnh cc Cp php chia s cho mt th mc chia s trn mt my ch file. Bn mun tt c ngi s dng c xc thc u c Cp php lu cc file ln th mc, c tt c cc file trong v thay i hoc xa cc file do h lm ch. Cc Cp php ti thiu bn cn t trn th mc chia s t c mc tiu trn l g? (la chn tt c cc cu tr li ng) a. Authenticated Users (nhm ngi dng c xc thc): Full Control (ton quyn) b. Authenticated Users: Read (c) c. Creator Owner (ch s hu to file): Change d. Creator Owner: Read
CC KCH BN TNH HUNG

===============================================
Kch bn 9-1: cng b Web server

Cc file ni dung my ch Web ca cng ty bn hin ang c t trn a D ca mt my tnh Windows Server 2003 ci t IIS. Tn ca my
445
CHIA S CC TI NGUYN H THNG FILE ch l Web1 v URL ca n l http://intranet.ACNA.com. Bn c yu cu to ra mt gii php IIS cho php phng nhn s c th cng b cc ti liu v li ch v chnh sch ca cng ty t my ch ca h. URL cho php truy cp ti cc thng tin ni trn s l http://intranet.ACNA.com/hr. Bn phi lm g? a. Ci t IIS trn my ch ca phng nhn s. b. To mt Web site mi trn Web1 v t tn l hr. c. Ci t dch v FTP trn Web1. d. To mt th mc o trn Web1 vi b danh l hr. ===============================================
Kch bn 9-2: Cu hnh cc Cp php chia s

Phng k ton c mt file server acctg01 ci t h iu hnh Windows Server 2003 nhm cung cp bng thi gian v cc mu thng bo cng tc ph cho cc nhn vin. Bn l qun tr mng chu trch nhim cu hnh cc Cp php chia s trn cc th mc chia s, cc Cp php phi p ng cc yu cu sau: Cc mu dng cho nhn vin c lu tr trn th mc Forms v c chia s vi tn chia s l Forms. Tt c cc nhn vin u c th truy cp n cc mu ny. Ch c nhng ngi s dng c xc thc mi c th truy cp n cc mu ni trn. Cc nhn vin c th ti ln cc mu c in y ln th mc c tn l Forms\Reports\username v c tn chia s l username. Ngi s dng phi c c cc mu ca chnh h nhng khng th c c cc mu ca ngi s dng khc. Cc mu dnh cho cc gim st vin c lu trn th mc Forms\Supervisors v c tn chia s l Supervisors. Ch c cc thnh vin ca nhm ton cc Supervisors mi c kh nng truy cp n th mc ny. Nhm p ng nhng yu cu ni trn, bn gn cc Cp php chia s nh bng di y:
446
CHIA S CC TI NGUYN H THNG FILE Th mc chia s Forms Supervisors Username Cc Cp php chia s Everyone: Allow read (cho php c) Supervisors: Allow read (cho php c) Username: Allow change (cho php thay i)
Gi thit rng cc Cp php NTFS cho tt c cc th mc u gn Cp php Modify (thay i) cho nhm Authenticated Users. Vi Cp php chia s c gn nh trn, nhng yu cu no di y c p ng? (la chn tt c cc cu tr li ng) a. Tt c cc nhn vin u c th ti xung cc mu ca h. b. Tt c cc nhn vin u c th ti ln cc mu c in y ln cc th mc ca h. c. Cc nhn vin ch c c cc mu ca chnh h. d. Ch c cc thnh vin nhm Authenticated Users mi c th ti xung cc mu. e. Ch c cc thnh vin nhm Supervisors mi c th ti xung cc mu dnh cho h.
447
LM VIC VI CC MY IN
CHNG 10: LM VIC VI MY IN

Ngoi chia s file, mt ng lc thc y khc cho s pht trin ca cc mng LAN l kh nng chia s cc my in. Cc my in thng em n nhng phin toi cho qun tr mng do chng khng ch n thun lin quan n cc thnh phn in t m cn lin quan n cc cng vic khng c sch s cho lm nh mc in v cc tin trnh lin quan n my mc nh cho giy vo khay chng hn. Microsoft Windows Server 2003 cung cp mt tp hp cc c tnh mnh m nhm h tr cho cc dch v in n trong mt t chc ln. ng thi cc tnh nng ny cng gip bn tm hiu cch thc s dng nhm ti thiu ha nhng rc ri bn gp phi khi c trc trc xy ra. Trong chng ny, bn s c hc phng php ci t, qun tr v x l s c cc my in cc b, my in mng v my in Internet. Hon thnh chng ny bn c kh nng: Hiu v m hnh v thut ng c s dng cho tc v in n trong Windows. Ci t mt my in logic trn mt my ch in n Chun b mt my ch in n cho cc my trm Kt ni mt my trm in n n mt my in logic trn my ch in n Qun tr hng i in n v cc c tnh my in X l s c cc li v my in
448
LM VIC VI CC MY IN
TM HIU V M HNH IN N TRONG WINDOWS SERVER 2003

Windows Server 2003 cung cp cc cng c mnh m, bo mt v mm do cho cc dch v in n. Bng cch s dng mt my tnh ci t Windows Server 2003 qun l cc my in, cc nh qun tr mng c th to nn kh nng sn sng i vi cc ng dng chy cc b trn my tnh hoc cc ngi dng trn bt k m hnh no bao gm cc phin bn trc ca Windows cng nh h iu hnh Novell Netware, UNIX v Macintosh. Windows Server 2003 v cc phin bn trc ca Windows h tr hai loi my in: Cc my in c gn trc tip: l cc my in c kt ni ti mt cng vt l trn my ch in n thng thng l cng USB hoc cng song song LPT. Cc my in c gn vo mng: l cc my in c kt ni trc tip n mng thay v kt ni ti mt cng vt l trn mt my tnh. Mt my in mng cha (hoc c kt ni ti) mt card mng v hot ng nh mt nt trn mng. Cc my tnh lin lc vi my in bng cch s dng giao thc mng chun nh TCP/IP hoc DLC chng hn. Khi bn ci t mt my in trn mt my tnh s dng Microsoft Windows, h iu hnh to ra mt my in logic m t cho thit b in n vt l. My in logic nh ngha cc c tnh v cch thc iu khin ca my in. N cha trnh iu khin my in, cc thit lp v my in, cc thit lp in n mc nh v cc c tnh khc nhm iu khin cch thc mt tc v in n c x l ra sao v c gi ti my in vt l nh th no. Vic o ha my in thng qua khi nim my in logic cho php cc nh qun tr mm do v linh hot trong vic cu hnh cc dch v in n.
S dng cc my in gn trc tip

Khi bn ci t mt my in gn trc tip trn my tnh ci t Windows Server 2003 (hoc bt k phin bn no ca Windows), my tnh s s dng n x l cc tc vin n. V vy bn c th chia s my in ny cho cc my tnh khc trn mng. Khi bn chia s my in, my tnh kt ni trc tip vi my in s tr thnh mt print server (my ch in n). Mt my ch in n l mt my tnh (hoc mt thit b c lp) nhn cc tc vt cc my trm
449
LM VIC VI CC MY IN trn mng, lu cc tc v ny trong mt hng i v gi tng ci mt n my in vt l. CH : Thut ng in n Trong ti liu trn cc phin bn trc ca Windows, my in vt l c xem nh mt thit b in n v my in logic c xem nh mt my in. Nhm trnh nhng s hiu lm v thut ng ny, Microsoft c nhng s thay i trong Windows Server 2003. By gi chng ta s dng thut ng my in (printer) v my in logic (logical printer).
S dng cc my in gn vo mng
Khi bn ang s dng mt my in c gn vo mng, bn c th s dng hai m hnh in n trn mng. Chng c m t trong cc phn di y. To mt my in logic trn tt c cc my trm Trong m hnh ny, bn s ci t mt my in logic trn mi my trm v kt ni trc tip chng ti my in mng. Trong trng hp ny khng c my ch in n. Mi my trm s duy tr cc thit lp in ca ring chng, x l cc tc v in n ca chng v lu cc tc v in n ln hng i ring. Trong mi trng mng, m hnh ny c nhng nhc im sau: Khi ngi s dng kim tra ni dung ca hng i, h ch thy cc tc v in n ca chnh h. Ngi s dng khng th bit c c nhng tc v no do nhng ngi s dng khc c gi ti my in. Cc nhn vin qun tr mng khng th qun l tp trung hng i in n. Cc nhn vin qun tr khng th thc hin cc tnh nng in n tin tin nh kh nng in trn nhiu my in khc nhau. Cc thng bo li ch xut hin trn cc my tnh ang thc hin tc v in n. Tt c cc tin trnh x l tc v in n u c hnh thnh trn my trm do chng khng th bit c tnh trng qu ti trn my ch in n. M hnh ny c th ph hp vi m hnh mng nhm lm vic (workgroup) nh nhng trong mi trng mng ln th n khng th cung cp kh nng qun tr tp trung. u im duy nht ca m hnh ny l d dng ci t k c i vi ngi s dng u cui. Mi my trm ci t my in theo phng
450
LM VIC VI CC MY IN php thng thng v khng cn quan tm n cc my trm khc (ngoi tr khi i cc tc v in n ca chng hon thnh). To mt my ch in n Do nhng nhc im ca m hnh ni trn nn cu trc in n thng dng nht dnh cho cc t chc ln l m hnh gm ba phn. M hnh ny gm c cc thnh phn sau: My in vt l My ch in n bao gm mt my in logic c kt ni ti my in vt l. My khch in n c kt ni ti my in logic ca my ch. In n thng qua mt my ch in n mang li nhng u im sau: My in trn my ch in n nh ngha cc thit lp in n v qun tr cc trnh iu khin. My in logic s dng mt hng i in duy nht v cc my trm u c th nhn c hng i ny. Do cc nhn vin qun tr mng v ngi s dng u c th thy c danh sch y cc tc v in n ang ch i. Cc bn thng bo nh ht giy hoc kt giy c gi ti tt c cc my trm do ngi s dng v cc nhn vin qun tr c th thc hin x l s c. Hu ht cc ng dng v cc trnh iu khin my in u c th phn nh tin trnh in n trc khi gi ti my ch in n. iu ny gia tng s phn hi ca my trm. Tc l, khi mt my trm thc hin in mt ti liu, tc v in s c gi ngay lp tc n my ch in v kim sot cc phn hi ca my tnh ti ngi s dng trong khi my ch in m nhn tc v x l cng vic in n. Cc chc nng bo mt, kim nh v kim tra, gim st v ghi nht k c qun tr tp trung.
TRIN KHAI MY IN CHIA S

Tin trnh trin khai mt my in chia s s dng m hnh my ch in bao gm cc bc sau: Ci t my in trn my ch in n To mt chia s my in trn my ch in n
451
LM VIC VI CC MY IN Kt ni cc my trm vi my ch in n Cc bc ni trn c m t chi tit trong cc phn sau.
Ci t mt my ch in n Windows Server 2003

Bc u tin trong vic trin khai mt my ch in n trn mng l ci t my in trn my tnh ng vai tr nh mt my ch in n. Qu trnh ny khng khc vi vic ci t mt my in trn my tnh thng thng. Thc hin cng tc chia s my in s cho php Windows Server 2003 hot ng nh mt my ch in n. Trong Windows Server 2003, bn qun tr cc my in bng cch s dng mn hnh Printers And Faxes t Control Panel hoc t thc n Start. Kch p vo biu tng Add Printer, trnh hng dn Add Printer xut hin. Sau khi nhp Next b qua trang Welcome, bn s hon thnh cc trang cn li trong trnh hng dn c m t danh sch di y. CH S dng cc my in USB Cc my in kt ni ti my tnh thng qua cng USB khng yu cu bn khi to trnh hng dn Add Printer bng tay. Do cc thit b USB l plug and play nn my tnh s t ng pht hin v ci t chng. Tuy nhin, bn c th cung cp cc trnh iu khin khng c Microsoft h tr cho cc my in. Local Or Network Printer (my in mng hay cc b) Trong trang ny, bn cn xc nh bn ang ci t mt my in cc b hay mt my in mng. Trong ng cnh ca trnh hng dn ny, my in cc b c xem nh mt my in vt l c gn trc tip vo mt my tnh hoc c gn vo mng nhng hin nay cha c chia s bi my ch in n khc. My in mng c xem nh mt my in chia s bi my tnh khc trn mng. V vy ci t mt my ch in n, bn lun lun la chn Local Printer Attached To This Computer (my in cc b c gn vi my tnh ny). Nu my in ny hin c kt ni v sn sng, bn c th la chn hp kim tra Automatically Detect And Install My Plug And Play Printer (t ng pht hin v ci t my in plug and play) ci t my in t ng. Tuy nhin, bn cng c th ci t my in logic m khng cn c s hin din ca mt my in vt l.
452
LM VIC VI CC MY IN
Select A Printer Port (la chn cng my in) Trong trang ny, bn s xc nh my tnh lin kt vi my in nh th no. Nu my in c kt ni ti cng LPT (cng song song) hoc cng COM (cng ni tip), bn s la chn Use The Following Port (s dng cng di y) t danh sch th xung. Nu my in c kt ni bng mt s phng tin khc, bn la chn Create A New Port (to mt cng mi) v la chn mt trong cc kiu cng t danh sch th xung. V d, cc my in c gn vo mng thng thng yu cu mt cng TCP/IP. Khi bn la chn Standard TCP/IP Port (cng TCP/IP chun), trnh hng dn Add Standard TCP/IP Printer Port (thm cng my in TCP/IP chun) xut hin. bn s xc nh a ch IP m bn gn cho my in v nu cn thit bn c th gn loi giao din mng dng kt ni my in ti mng.
Install Printer Software (ci t phn mm my in) Nu tnh nng plug and play khng pht hin v ci t chnh xc trnh iu khin cho my in, bn c th la chn my in ca bn t mt danh sch cc trnh
453
LM VIC VI CC MY IN iu khin my in c phn loi theo nh sn xut v cc model sn c trn Windows Server 2003. Nu my in khng xut hin trong danh sch ni trn, bn c th nhp Have Disk ci t cc trnh iu khin my in do nh sn xut thit b cung cp. Name Your Printer (tn my in ca bn) Trong trang ny, bn cn xc nh tn cho my in nhm cung cp cho cc ng dng chy trn my tnh. Mc nh, trnh hng dn s gn mt tn da trn tn nh sn xut v chng loi kt hp vi trnh iu khin my in c ci t nhng bn c th thay i tn ny. Nhm tng thch y vi cc ng dng, bn nn hn ch chiu di tn my in (ti a 31 k t). Khi cc my in khc c ci t, trang ny cn cho php bn xc nh my in no l my in mc nh trn my tnh ny c ngha l cc ng dng s t ng in trn my in tr phi bn la chn ci khc. Thit lp ny ch p dng cho cc ng dng chy trn my tnh cc b m thi ch khng p dng cho cc my trm trn mng.
Printer Sharing (chia s my in) Trong trang ny, bn cn xc nh bn c mun chia s my in ny khng lm cho n hot ng nh mt my ch in n. to mt my in chia s, bn la chn Share Name v xc nh tn dng cng b trn mng. Mc nh, trnh hng dn s gn mt tn bao gm 8 k t u tin ca tn bn cung cp trang trc tuy nhin bn c th s dng bt k tn no m bn mun. Nhm mc ch tng thch, tt nht tn my in khng cha cc k t trng. CH Cc my in chia s Trang Printer Sharing trong trnh hng dn Add Printer ch cung cp cc chc nng chia s my in c bn nht. cu hnh cc la chn chia s khc, bn phi s dng hp thoi Properties ca my in c m t trong phn k tip.
454
LM VIC VI CC MY IN
Location And Comment (v tr v ch thch) Trang ny cha cc trng m bn c th cung cp thng tin v v tr hay kh nng ca my in. Thng tin ny s hin th khi ngi s dng duyt mng v gip cho h xc nh my in chnh xc.
Print Test Page (in trang kim tra) Trang ny cho php bn thc hin mt tc v in kim tra nhm xc nh xem my tnh kt ni vi my in nh th no.
455
LM VIC VI CC MY IN
Khi bn hon thnh trnh hng dn Add Printer, h thng s ci t trnh iu khin my in tng ng v to mt biu tng my in logic cho my in ny trong ca s Printers And Faxes. Bn s s dng biu tng ny truy cp n tt c cc cng c cu hnh v duy tr my in. T thi im ny, cc ng dng trn my tnh cc b c th s dng my in v nu bn chia s n th cc my trm trn mng cng c th s dng n.
Chia s my in
Bn c th chia s mt my in bng cch s dng trnh hng dn Add Printer nhng bn c th iu khin chia s ny nhiu hn na bng cch s dng th Sharing trong hp thoi Properties ca my in (xem hnh v 10-1). truy cp ti th ny, la chn mt biu tng my in trong ca s Printers And Faxes v chn Sharing t thc n File.
Hnh 10-1: Th Sharing trong hp thoi Properties ca mt my in chia s my in (nu n cha c chia s) la chn Share This Printer (chia s my in ny) v xc nh tn chia s trong hp vn bn Share Name.
456
LM VIC VI CC MY IN Bn cng c th la chn hp kim tra List In The Directory (lit k trong dch v th mc Active Directory ) to mt i tng my in trong Active Directory. Kt qu l mt i tng my in c to ra nh mt con tr cho php ngi s dng xc nh mt my in bng cch tm kim trn dch v da theo tn hoc cc tnh nng ca n. Mt trong nhng ch li ca cc tham s trong trng Location v cc c tnh tng t l tng cng kh nng tm kim mt my in da trn cc c tnh ny. Nhp vo Additional Drivers m hp thoi Additional Drivers, nh hnh v 10-2. Khi mt my trm trn mng truy cp n mt my in chia s, n c th t ng ti v trnh iu khin my in t th mc chia s Print$ trn my ch. y l tnh nng m Windows gi l Point and Print (tr ti v in). Hp thoi ny cho php bn ci t cc trnh iu khin my in cho cc h iu hnh khc nhau m my trm ca bn c th s dng. y l u im nu my in s dng cc trnh iu khin khng c trong Windows Server 2003. Khi bn la chn cc h iu hnh khc trong hp thoi ny v nhp OK, h thng s ci t cc trnh iu khin yu cu v thng bo cho bn a a cha trnh iu khin ca nh sn xut nu cn thit.
Hnh 10-2: Hp thoi Additional Drivers CH Cp nht cc trnh iu khin Cc my trm ci t h iu hnh Windows NT, Windows 2000, Windows XP v Windows Server 2003 s ti trnh iu khin my in t my ch in n v khi kt ni ti my in chia s ln u tin. Mi ln in, chng xc nhn rng c trnh iu khin my in v nu khng c chng s ti mt trnh iu khin cp nht t my ch. Vi cc my trm ny, bn ch cn gi cc cp nht ca trnh iu khin my in trn my ch in n. Cc my trm ci t Windows 95, Windows 98 v Windows Me c th t ng ti v v ci t cc trnh iu khin khi chng kt ni ti my in chia s ln u tin nhng sau chng s khng kim tra cc cp
457
LM VIC VI CC MY IN nht. Nu bn nhn c mt cp nht ca trnh iu khin, bn phi ci t n bng tay trn cc my trm ny cng nh trn my ch.
Kt ni cc my trm n mt my ch in n
Khi bn ci t mt my in v chia s n th cc my trm c th truy cp ti my in ny thng qua mng. Chng c th truy cp n my in theo vi cch khc nhau c m t trong phn di y. S dng trnh hng dn Add Printer Tin trnh ci t mt my in trn my trm bng cch s dng trnh hng dn Add Printer cng tng t nh bn ci t trn mt my ch in n. Ch khc mt cht l khi ci t trn my ch trong trang Local Or Network Printer, bn la chn A Network Printer hoc A Printer Attached To Another Computer th by gi trn my trm bn phi xc nh my in mun s dng trong trang Specify A Printer (hnh v 10-3).
Hnh v 10-3: Trang Specify A Printer ca trnh hng dn Add Printer Cc phng php c lit k di y s gip bn xc nh mt my in: Find A Printer In The Directory (tm kim mt my in trong dch v th mc) Nu my trm gia nhp vo Min Active Directory, trang ny s hin th la chn ny. Vi la chn ny, trnh hng dn s hin th hp thoi Find Printers gip bn tm kim cc my in theo tn, v tr hoc cc c tnh khc m bn xc nh khi to cc i tng my in.
458
LM VIC VI CC MY IN
Browse For A Printer (duyt my in) Nu my trm l thnh vin ca mt nhm lm vic (workgroup), trang Printer s hin th la chn ny u tin. Vi la chn ny, trnh hng dn s hin th trang Browse For Printer cho php bn duyt cc my tnh xc nh trong cc Min hoc cc nhm lm vic v la chn cc my in chia s c ci t trn mi my tnh. Connect To This Printer (kt ni ti my in ny) Chn la chn ny cho php bn xc nh tn ca mt my in chia s trn mng bng cch s dng ng dn UNC (Universal Naming Connvention quy c t tn tng hp) nh \\tnmych\tnmyinchias. Nhp Next m khng cn xc nh tn tng t nh la chn Browse For A Printer thc hin trong trang Browse For Printer. Connnect To A Printer On The Internet Or On A Home Or Office Network (Kt ni ti mt my in trn Internet hay mng nh hoc mng vn phng) La chn ny cho php bn xc nh tn ca mt my in trn mng hoc trn Internet bng cch s dng mt URL (Uniform Resouce Locator quy c t tn chun hng ti mt trm Internet hoc mng ni b) nh http://www.adatum.com/printers/printername. Mt khi bn xc nh chnh xc my in cn ci t, trnh hng dn s ci t trnh iu khin tng ng (gi thit rng trnh iu khin ny sn c trn my ch hoc my trm) v to ra mt my in logic trong ca s Printers And Faxes. Duyt trong Windows Explorer Bn c th ci t n gin mt my in chia s trn mt my trm bng cch duyt trong My Network Places thng qua Windows Explorer. Khi bn m rng mt biu tng my tnh trong My Network Places, Windows Server 2003 s hin th mt danh sch cc chia s trn my tnh . Cc my in chia
459
LM VIC VI CC MY IN s c hin th trong mt khoang cha c tn l Printers And Faxes (xem hnh v 10-4). La chn mt my in chia s, t thc n File chn Connect bt u tin trnh ci t trnh iu khin my in logic.
Hnh 10-4: Duyt cc my in trong Windows Explorer Tm kim trong Active Directory i vi cc my trm trong cc Min Active Directory , trnh hng dn Add Printer s cung cp kh nntg tm kim cc i tng my in trong dch v th mc. Bn c th tm kim chng theo nhiu cch khc nhau trong Active Directory nh thc n Start trong trang Search chnh. Khi bn la chn Other Search Options, trang ny cho php bn xc nh cc cch tm kim khc nhau bao gm mt la chn Printers, Computers, Or People nh hnh v 10-5. La chn tm kim mt my in trn mng s hin th hp thoi Find Printers ging nh trnh hng dn Add Printer hin th. Bn c th truy cp n hp thoi ny theo nhiu cch khc nhau thng qua giao din Windows Server 2003.
Hnh 10-5: Tm kim cc my in trong Active Directory
460
LM VIC VI CC MY IN
CU HNH CC C TNH MY IN
Sau khi ci t my in logic trn my ch in n, bn c th cu hnh mt lot cc c tnh bng cch m hp thoi Properties ca my in (xem hnh v 106). Mt s iu khin trong hp thoi ny l ging ht nhau i vi tt c cc my in nhng mt s ci c trnh iu khin my in cung cp c c trng theo tng chng loi sn phm. V d, mt my in mu c th c cc iu khin qun l mu trong khi cc my in en trng li khng cn.
Hnh 10-6: Th General trong hp thoi Properties ca my in Th General cho php bn cu hnh tn my in, v tr v cc li ch thch. Tt c cc thng s ny u c cu hnh da trn cc gi tr bn a vo trong trnh hng dn Add Printer. Nh cp trn, th Sharing cho php bn xc nh my in logic c chia s cha v cho php cc my trm trn mng truy cp cha. Mt s chc nng khc, bn c th iu khin trong hp thoi Properties, s c cp trong cc phn di y.
Kim sot bo mt my in
Vi cc h thng file chia s, bn c th s dng cc Cp php gn truy cp nht nh n chng. Vi cc my in chia s bn cng thc hin tng t thng qua th Security trn hp thoi Properties ca my in nh hnh v 10-7.
461
LM VIC VI CC MY IN
Hnh 10-7: Th Security trn hp thoi Properties ca mt my in Cc Cp php chun m bn c th gn cho mt my in gm c: Print (in n) cho php cc i tng bo mt kt ni ti my in v thc hin cc tc v in n trn . Mc nh nhm Everyone c gn Cp php ny. hn ch vic truy cp ti my in bn c th loi b Cp php ny khi nhm Everyone v gn n cho cc i tng bo mt khc hoc bn c th ngn cm i vi cc i tng c th. Manage Printers (qun tr my in) cho php cc i tng bo mt thc hin tt c cc cng vic m Cp php Print cung cp i tng bo mt ng thi cung cp Cp php iu khin qun tr my in. i tng nhn Cp php ny c th thay i cc c tnh my in, dng v khi ng li my in, iu khin trng thi chia s my in, iu chnh cc thit lp b m (mt chng trnh tin ch ca h iu hnh cho php lu tr tm thi cc lnh in vo mt file trn a hoc RAM khi my ang bn sau s gi ti my in khi CPU rnh) v thay i cc Cp php my in. Mc nh trn mt my tnh khng phi l My ch iu khin Min nhm Administrators v Power Users c gn Cp php ny cn trn my My ch iu khin Min cc nhm Server Operators v Print Operators s c Cp php ny. Manage Documents (qun tr ti liu) cho php cc i tng bo mt iu khin cc ti liu trong hng i nh: dng, phc hi, khi to li, loi b hoc sp xp li th t. Tuy nhin Cp php ny khng cung cp kh nng gi ti liu ti my in hoc iu khin trng thi my in. Mc nh, nhm Creater Owner c gn Cp php ny. Cp php gn cho nhm Creator Owner c k tha t
462
LM VIC VI CC MY IN ngi to ra i tng nn Cp php ny cho php ngi s dng qun l cc tc v in n m h to ra. Cp php ny cng c gn cho cc nhm Administartors, Print Operators v Server Operators nn thnh vin ca cc nhm ny c th iu khin bt c ti liu no trn hng i. Trn cc my khng phi My ch iu khin Min, nhm Power Users c gn Cp php ny. Ngoi vic cung cp cc Cp php chun, th Security cn cho php truy cp n hp thoi Advanced Security Settings (xem hnh v 10-8). bn c th s dng qun tr cc ch mc ACL ring l v lm vic trn cc Cp php c bit ging nh bn ang lm vic vi cc Cp php NTFS. Tuy nhin khng ging nh NTFS cc Cp php c bit cho my in ch c thm ba tnh nng cho php cc i tng bo mt c cc Cp php, thay i cc Cp php v ot quyn s hu mt my in.
Hnh 10-8: Hp thoi Advanced Security Settings CH Thng tin thm Xem chng 9 bit r hn v vic s dng cc Cp php chu v c bit iu khin truy cp ti cc ti nguyn h thng.
Thit lp cc nh dng cho khay giy

Nu mt my in c nhiu khay cho php bn s dng cc kch thc giy khc nhau, bn c th thit lp mt nh dng cho mt khay xc nh. nh dng dng nh ngha kch thc giy in. Khi ngi s dng in mt ti liu vi nh dng trang in xc nh, Windows Server 2003 s nh tuyn tc v in n n khay tng ng vi kch thc . V d v cc nh dng gm c: Legal, Letter, A4, Envelope v Executive. gn mt nh dng cho mt khay, la chn th Device Settings trn hp thoi Properties ca my in (hnh v 10-9). S lng cc khay hin th trong
463
LM VIC VI CC MY IN phn Form To Tray Assignment ph thuc vo loi my in m bn ci t v s lng khay n h tr. Vi mi khay lit k, bn c th la chn mt nh dng khc nhau. Ngoi ra, khi m rng cy Device Settings bn s thy cc thit lp cho php xc nh trng thi ci t ca cc la chn my in nh cc khay giy thm vo, cc thnh phn iu khin giy in, phng ch v b nh my in. Tt c cc thit lp ny u c dnh cho my in v ph thuc vo kh nng ca n cng nh trnh iu khin.
Hnh 10-9: Th Device Settings trn hp thoi Properties ca my in
Thit lp cc tc v in n mc nh
Th General trn hp thoi Properties ca my in c la chn Printing Preferences v th Advanced c la chn Printing Defaults. C hai la chn ny u hin th hp thoi cho php bn iu khin cch thc thc hin cc tc v in n trn my in logic bao gm nh dng kiu in (in theo khun dng nm ngang hay nm dc), in hai mt (nu my in h tr tnh nng ny), phn gii v cc thit lp ti liu in n khc nh hnh v 10-10. Cc hp thoi ny ging nhau v cng ging hp thoi hin th khi bn nhp Properties hoc Preferences trn hp thoi Print ca ng dng.
464
LM VIC VI CC MY IN
Hnh 10-10: Hp thoi Printing Preferences S tn ti ca ba hp thoi ring bit vi cc iu khin ging nhau khng phi l s nhm ln hay d phng. Hp thoi Printing Defaults cu hnh cc thit lp mc nh cho tt c ngi s dng ca my in logic. Nu my in c chia s, cc thit lp in n mc nh ny s tr thnh cc c tnh mc nh cho tt c cc my in trn my trm. Hp thoi Printing Preferences dng cu hnh cho mt i tng c th. Nu c xung t xy ra th vi quyn u tin cao hn cc thit lp trong Printing Preferences s c cp cho ngi s dng. Hp thoi Properties hoc Preferences trn cc ng dng dng cu hnh cc c tnh dnh cho tc v in n m ng dng x l. Cc c tnh trong cc hp thoi ny s quyn u tin cao hn hai hp thoi nu trn (Printing Defaults v Printing Preferences).
To mt t hp my in (Printer Pool)
T hp my in l mt my in logic h tr nhiu my in vt l. Cc my in vt l c th c gn vo my ch hay vo mng hoc c hai. Khi bn to mt t hp my in, my ch in n s gi cc tc v in n c xc nhn pha my trm ti my in sn sng u tin. My in logic i din cho t hp my in s kim tra cng no ang sn sng v hng tc v in n cng . Bn cu hnh t hp my in trong th Ports trn hp thoi Properties ca my in. Nu bn la chn hp kim tra Enable Printer Pooling, bn c th xc nh nhiu cng cha cc thit b in n thuc mt t hp. Hnh v 10-11 biu din mt t hp my in c kt ni ti ba my in gn vo mng.
465
LM VIC VI CC MY IN
Hnh 10-11: Th Ports trn hp thoi Properties ca my in biu din mt t hp vi ba my in vt l CH Nhng yu cu v phn cng Do mt t hp my in gm c nhiu my in vt l c iu khin bi mt my in logic duy nht nn ch c mt trnh iu khin c ci t. Trong khi cc my in vt l khng ging nhau hon ton v chng phi tng thch vi trnh iu khin c ci t trn my in logic.
Cu hnh nhiu my in logic trn mt my in vt l

Trong khi mt t hp my in l mt my in logic duy nht c kt ni ti nhiu my in vt l th ngc li cu trc nhiu my in logic kt ni ti mt my in vt l duy nht thng dng hn v mnh hn. Bng cch to ra nhiu my in logic hng trc tip cc tc v in n ti cng mt my in vt l, bn c th cu hnh cc c tnh khc nhau, cc thit lp in mc nh, cc thit lp mc nh, c ch kim sot v ghi li, gim st vi mi my in logic. V d, bn mun cc cn b iu hnh trong cng ty c th thc hin cc tc v in ngay lp tc bt k cc tc v khc ang c thc thi bi ngi s dng khc. lm c iu ny, bn c th to ra mt my in logic th hai tr ti cng mt my in vt l nhng vi mc u tin cao hn. thc hin iu ny, bn ch cn s dng trnh hng dn Add Printer to thm cc my in logic s dng cng mt cng vi my in logic u tin. Mi my in logic phi c mt tn v tn chia s duy nht. Tip theo bn cu hnh ring r cc my in logic vi cc thit lp ph hp vi cc my trm s s dng my in logic .
466
LM VIC VI CC MY IN cu hnh cc c tnh khc nhau cho cc my in logic, bn la chn th Advanced trn hp thoi Properties (hnh v 10-12) v xc nh mt gi tr trong trng Priority ( u tin) nm trong di t 1 ( u tin thp nht) n 99 ( u tin cao nht). Nu bn gn gi tr 99 cho my in logic ca cc cn b iu hnh v 1 cho my in logic ca nhng ngi s dng khc, th cc ti liu gi ti my in logic vi u tin 99 s c thc hin trc cc ti liu khc trong hng i. Tuy nhin nh th khng c ngha l ti liu ca cn b iu hnh s loi b tc v in n ca ngi s dng khc m y mun cp khi my in ri, n s chp nhn cc tc v t my in logic c u tin cao hn trc khi chp nhn cc tc v t my in logic c u tin thp hn. ngn khng cho ngi s dng thc hin in n trn my in logic ca cn b iu hnh, bn c th cu hnh ACL ca n v loi b Cp php in c gn cho nhm Everyone, thay vo ch cp cho cc cn b iu hnh Cp php in.
Hnh 10-12: Th Advanced trn hp thoi Properties ca my in
GIM ST CC MY IN
Mt khi bn to, cu hnh v chia s my in cc b trn my ch in n cng nh cc my trm trn mng kt ni ti my cc my in ny th bn phi bt u xem xt cc cng vic qun tr chng trong sut qu trnh in n. Cc phn di y m t cc cng c khc nhau c Windows Server 2003 cung cp gip bn gim st tin trnh in n trn mng khi cn thit. CH : Mc tiu ca k thi Cc mc tiu cho k thi 70-290 yu cu cc hc vin c kh nng gim st cc my ch file v in n. Cc cng c gm c Task Manager, Event Viewer v System Monitor.
467
LM VIC VI CC MY IN
Gim st cc hng i in
Kch p vo mt biu tng my in trong mn hnh Printers And Faxes s m ra mt ca s khc c tiu l tn ca my in (xem hnh v 10-13). y l ca s hng i in, n lit k tt c cc tc v hin nay ang i gi ti my in vt l. Ty thuc vo Cp php ca mnh trn my in, ngi s dng c th can thip vo hng i my in v cc tc v in n theo nhiu cch khc nhau v cc mc khc nhau bng cch s dng cc thc n trn ca s. Cc cng vic chung m ngi s dng v ngi qun tr thc hin bao gm: dng, khi phc, loi b cc tc v c th trong hng i, sp xp li th t cc tc v, dng v khi phc hng i xc nh.
Hnh 10-13: Ca s hng i in CH Mc tiu ca k thi Cc mc tiu cho k thi 70-290 yu cu cc hc vin c kh nng qun l cc hng i in
nh hng li cc tc v in n
Nu mt my in gp trc trc, bn c th gi ti liu trong hng i trn my in ti mt my in khc c kt ni ti mt cng cc b trn my tnh hoc c gn vo mng. ng tc ny gi l nh hng li tc v in n. nh hng li cho php ngi s dng tip tc gi cc tc v ti mt my in logic cng loi v trnh cho ngi s dng phi thc hin li tc v in. nh hng li mt my in, n gin bn c th thay i cng m my in logic ang gi tc v ti. Bn thc hin iu ny bng cch m hp thoi Properties ca my in, la chn th Ports v chn mt cng khc hoc thm mt cng mi. Hp kim tra cha cng kt ni ti my in b li ngay lp tc b xa i tr phi t hp my in c la chn. Trong trng hp ny, bn phi xa bng tay hp kim tra ny. Do cc tc v trong hng i c my in logic sn sng cho vic in n nn my in m bn mun nh hng li phi tng thch vi trnh iu khin c my in logic s dng. Tt c cc tc v in n c nh hng li ti cng mi (tuy nhin bn khng th nh hng li cc ti liu ring r v bt k ti liu hin ang in n cng khng th nh hng li).
468
LM VIC VI CC MY IN Trong hu ht cc trng hp, vic nh hng li tc v in n rt hu ch khi bn s dng cc my in mng c truy cp thng qua cc cng TCP/IP. Khi mt my in b trc trc, bn c th thay i cng trong my in logic ca n ti a ch IP ca my in vt l khc trn mng. My in vt l ny phc v hai my in logic cho n khi bn xc nh c li trn my in v thay i thit lp cng tr li gi tr c.
S dng mn hnh qun tr hiu nng (Performance)

Bn c th truy cp vo mn hnh qun tr Performance t Administrative Tools. Mn hnh ny cha hai snap-in System Monitor v Performance Logs And Alerts cho php bn gim st hiu nng ca cc my in theo thi gian thc, s dng cc file nht k cho vic phn tch sau ny hoc thit lp cc mc cnh bo v cc hot ng. THNG TIN THM bit thm thng tin Xem chng 3 xem li kh nng v cc tin trnh thng qua mn hnh qun tr Performance. cu hnh System Monitor hoc Perfomance Logs And Alerts nhm gim st cc hot ng in n trn mng, thng thng bn la chn i tng o hiu nng Print Queue (hng i my in) trong hp thoi Add Counters (thm bin m) nh hnh v 10-14. i tng ny cung cp mt hnh nh hiu nng v mi my in c ci t trn my tnh v mt s bin m hiu nng gip bn gim st tin trnh in n, bao gm:
Hnh 10-14: La chn cc bin m hiu nng gim st cc hot ng trn my in vi mn hnh qun tr Performance Bytes Printed/Sec (s lng byte c in trong 1s) xc nh s lng d liu th tnh theo byte gi ti my in trong 1s. Gi tr ca
469
LM VIC VI CC MY IN bin m ny cng thp ng ngha vi vic my in ny hot ng khng ng mc hoc do my in khng c tc v in, do hng i cha c ti hoc do my ch qu bn. Gi tr ny thay i ty theo chng loi my in. Tham kho ti liu my in bit c gi tr m my in c th chp nhn c. Job Erros (cc li tc v in) xc nh s lng cc li tc v in n xy ra khi b m khi to ln cui cng. Cc li tc v in thng thng gy ra bi cu hnh cng khng chnh xc; kim tra cu hnh cng v cc thit lp khng hp l. Mt li tc v in s lm tng gi tr bin m ny ch mt ln duy nht thm ch li c th xy ra nhiu ln. Jobs (cc tc v) xc nh s lng cc tc v trong hng i. Mt gi tr ca bin m ny cao hoc tng c nh ng ngha vi vic my in hot ng khng bnh thng hoc cc tc v khng c thc hin mt cch chnh xc. Not Ready Errors (cc li khng sn sng) xc nh s lng cc li do my in khng sn sng xy ra k t khi b m c khi to. Out Of Paper Errors (cc li v tnh trng ht giy) xc nh s lng cc li xy ra do tnh trng ht giy xy ra k t khi b m c khi to. Total Jobs Printed (tng s cc tc v c in) xc nh s lng cc tc v c gi ti my in k t khi b m c khi to. Total Pages Printed (tng s cc trang c in) xc nh s lng cc trang ti liu c in k t khi b m c khi to. Bin m ny cung cp mt con s xp x gn ng dung lng ca my in mc d n khng phi tht l chnh xc do ty thuc vo loi tc v v cc c tnh ti liu ca cc tc v . CH S dng cc bin m hiu nng Mt s bin m hng i my in ph hp vi tin trnh ghi li nht k hiu nng nh chng c th lu li khi lng hot ng ca my in chng hn. Nhng mt s ci khc li ph hp vi cc cnh bo nh cc bin m li chng hn. S dng cc cnh bo, bn c th cu hnh cho h thng thng bo cho ngi qun tr mng khi c li xy ra.
S dng Event Viewer

Bn c th s dng cc file nht k h thng (System Log) trong Event Viewer kim tra hot ng ca my in v b m trn my in. Mc nh,
470
LM VIC VI CC MY IN b m ng k cc s kin lin quan ti vic to, xa v thay i my in. File nht k cng cha cc s kin v lu lng my in, khng gian a cng, cc li b m v cc vn bo dng. iu khin hoc thay i cc s kin v b m c ghi li, m th mc Printers And Faxes v la chn Server Properties t thc n File. La chn th Advanced truy cp cc c tnh nh hnh v 10-15. Trong th ny, bn c th iu khin cc s kin no c ghi li v cc thng bo tc v in n. Th ny cng cho php bn thc hin mt cng vic rt quan trng l di chuyn th mc b m khi bn cu hnh mt my ch in n hot ng hoc khi khng gian a cng cha th mc b m trn mt my in sn c b y.
Hnh 10-15: Th Advanced trn hp thoi Print Server Properties
Kim nh truy cp my in
Bn c th kim nh vic truy cp n mt my in tng t nh kim nh trn th mc v file. Bn c th thc hin kim nh i vi mt nhm hoc ngi s dng xc nh vi mt hot ng c th trn mt my in. Sau khi thit lp chnh sch kim nh truy cp, bn c th xem kt qu trong phn Security ca mn hnh qun tr file nht k Event Viewer. cu hnh kim nh cho mt my in, m hp thoi Properties ca n, la chn th Security ri nhp vo Advanced. Trong hp thoi Advanced Security Settings, la chn th Auditing v thm cc ch mc cho cc nhm v ngi s dng xc nh. Vi mi i tng bo mt m bn a vo danh sch kim nh, bn c th cu hnh kim nh cc s kin thnh cng hoc tht bi da trn cc Cp php my in chun bao gm Print, Manage Documents v Manage Printers.
471
LM VIC VI CC MY IN K tip bn phi cho php chnh sch Audit Object Access (kim nh vic truy cp i tng) t trn mn hnh qun tr Group Policy Object Editor hoc Local Security Policy trong Computer Configuration\Windows Settings\Security Settings\Local Policies\Audit Policy. Sau khi chnh sch c hiu lc, bn c th kim tra cc file nht k trong phn Security xem v phn tch cc ch mc. LI KHUYN Khi no th thc hin kim nh vn in n Kim nh my in to ra hng t cc mc vo i vi mt tc v in, v vy n ch ph hp khi bn ang x l s c. Khng nn s dng c ch kim nh nhm gim st mc s dng hoc lm ha n tnh tin. Thay vo , bn nn s dng cc bin m nh Total Jobs Printed hoc Total Pages Printed.
X L S C MY IN
X l s c l mt trong cc cng vic quan trng trong qu trnh qun tr my in. Phn ny gip bn hiu v xc nh cc li c th xy ra trong qu trnh in n trn Windows Server 2003. CH Mc tiu ca k thi Cc mc tiu cho k thi 70-290 yu cu cc hc vin c kh nng x l s c hng i Bn cn lu qu trnh x l s c in n gm nhiu thnh phn gm c: ng dng ang thc hin in n My in logic trn my tnh c ng dng ang chy Kt ni mng gia my khch in n v my in logic chia s trn my ch. My in logic trn my ch: b m, cc trnh iu khin, cc thit lp bo mt v cc thnh phn khc. Kt ni gia my ch in n v my in. Bn thn my in vt l: phn cng, cu hnh v cc trng thi. Mt phng php hiu qu gii quyt hu ht cc li trong in n l x l s c theo tng phn ring bit mt cch logic v c phng php.
Xc nh phm vi li
Nu mt ngi s dng khng th thc hin mt tc v in n t mt ng dng trn my tnh ca anh ta nhng vn c th thc hin c t cc ng dng khc cng trn my tnh th li dng nh xut pht t ng dng ch
472
LM VIC VI CC MY IN khng phi t my tnh, mng hay my ch in n hoc phn cng my in. Tuy nhin, trong mt s trng hp s dng mt trnh iu khin khc hoc loi d liu khc c th gii quyt c cc li in n ca ng dng. Nu ngi s dng khng th in t bt k ng dng no, bn cn xc nh xem anh ta c th in ra cc my in khc trn cng my ch in n khng hay trn my ch in n khc. Nu tt c cc kh nng ny vn khng thc hin c v nu cc ngi s dng khc vn c th in trn cc my in trn mng th li dng nh xy ra trn my tnh ca h. Nu my in c kt ni mng, c gng to ra mt my in cc b trn h thng ang c li tr trc tip ti cng my in ny. Tc l b qua vai tr qun l ca my ch in n. Nu vic in n thnh cng c ngha l li trn my ch hoc kt ni gia my ch v my trm c vn .
Kim tra xem my khch in n c th kt ni ti my ch

Bn c th kim tra li kt ni gia my in khch v my ch in n bng cch m ca s hng i t th mc Printers And Faxes trn my trm. Nu ca s ny m v hin th bt k ti liu no trn hng i c ngha l my trm kt ni thnh cng ti my ch. Nu c li xy ra c ngha rng mng c vn hoc c li v vic xc thc hay Cp php. Nu trng hp ny xy ra bn c th s dng cng c Ping kim tra kt ni ti a ch IP ca my ch hoc nhp Start, chn Run v g \\<my ch in n>. Nu ping thnh cng hoc mt ca s m ra hin th th mc Printers And Faxes v bt k th mc chia s no tc l my trm kt ni ti my ch. Trong trng hp ny, bn nn kim tra cc Cp php bo mt trn my in logic.
Xc nhn my in ang hot ng

Kim tra chnh my in v m bo rng n trng thi sn sng. Kim tra cc vn nh mc in b ht, tc giy v cc li khc sau in mt trang kim tra t mn hnh qun tr my in. Kim tra cp kt ni gia my in v my ch hoc mng. Nu my in c gn vi mng, bn cn chc chn rng n trn card giao din mng sng iu c ngha rng kt ni mng tt.
Xc nhn rng bn c th truy cp ti my in t my ch

Mt s my in c th hin th a ch IP ca chng trn mn hnh qun tr my in hoc bn c th in ra mt trang cu hnh. Xc nhn rng a ch IP ca my in ging vi a ch IP ca cng my in logic. a ch IP ca cng c th kim tra trn th Port trong hp thoi Properties ca my in. m bo rng bn c th kt ni vi my in qua mng bng cch ping a ch IP ca my in.
473
LM VIC VI CC MY IN
Xc nhn rng cc dch v trn my ch ang hot ng

S dng Bng iu khin Services kim tra cc dch v di y lin quan n in n ang hot ng tt: Print Spooler Qun l cc hng i in n cc b v trn mng. Nu dch v ny khng hot ng th vic in n khng th thc hin c. Remote Procedure Call (RPC) Mt dch v cn thit cho cc kt ni mng chun ti cc my in chia s. Bn cng c th kim tra dung lng th mc m b m c lu tr trn m bo rng khng gian a cng cn cho vic lu m. V tr ca th mc b m c th thay i c trong hp thoi Server Properties (bn c th truy cp vo hp thoi ny t thc n File ca th mc Printers And Faxes). Mc nh, b m ca cc tc v in n c lu tr ti th mc <Systemroot>\system32\spool\Printers. Vi mt my ch c mt in cao, bn nn cn nhc di chuyn th mc ny ti mt phn vng khc ch khng nn trn phn vng h thng hoc khi ng. Nu phn vng cha th mc b m y th qu trnh in n s ngng v nghim trng hn h iu hnh c th nh hng. Bn cng c th tm kim cc file nht k trong phn System xem b m c a ra bt k thng bo li no khng v trong th mc Printers And Faxes m bo rng my in ca bn khng ch khng kt ni. C gng thc hin mt tc v in n t mt ng dng trn my ch. Nu bn c th in t my ch c ngha rng li khng phi do my in. Nu bn khng th thc hin c iu ny, to mt my in logic tr trc tip ti cng cng v c gng in trn my in mi ny. Nu thc hin thnh cng tc l c vn vi cu hnh ca my in logic u tin. Nu thc hin khng thnh cng c ngha l c vn trong vic kt ni vi my in hoc chnh bn thn phn cng my in.
474
LM VIC VI CC MY IN
TNG KT
Kin trc in n trong Windows Server 2003 c module ha bao gm: my in vt l, my ch in n vi my in logic, chia s kt ni ti my in vt l thng qua mt cng cc b hoc mng v my in logic trn my trm kt ni ti my in logic, chia s trn my ch. My in logic c to ra vi mc ch h tr my in c gn trc tip vi my tnh hoc mng. My in mng kt ni ti my in logic do my tnh khc duy tr, hay cn c gi l my ch in n. Mc nh, cc my in chia s c cng b trong Active Directory, cho php ngi s dng d dng tm kim cc my in da trn v tr hoc cc c tnh khc ca my in. to mt my in logic, bn s dng trnh hng dn Add Printer v xc nh trnh iu khin v cng thch hp. Mt my in logic c th hng cc tc v ti nhiu hn mt cng bng cch to ra t hp my in (Printer pool). Mt my in vt l c th phc v nhiu my in logic khc nhau, mi my in c th cu hnh vi cc thuc tnh, cc trnh iu khin, cc thit lp, cc c tnh theo di v cc Cp php ring bit. Ca s hng i in n, cc nht k s kin v cc bin m hiu nng cho php bn gim st cc my in nhm x l s c, pht hin cc li tim n v mc s dng my in. Nu mt my in trng thi khng kt ni hoc b li, bn c th nh hng li tt c cc tc v in n cha thc hin ca n ti mt my in khc bng cch thm hoc la chn cng my in mi trong phn thit lp c tnh ca my in logic gc. My in trn cng thay th phi tng thch vi trnh iu khin m my in gc ang s dng. Do m hnh in n trong Windows Server 2003 c module ha vi chnh my in , vi my in logic trn my ch v vi my in logic trn my trm kt ni ti my in chia s trn my ch nn bn c th x l s c khi my in c li bng cch xc nh mi thnh phn c th gy nn li v s lin quan gia cc thnh phn vi nhau.
475
LM VIC VI CC MY IN
BI TP THC HNH
===============================================
Bi tp thc hnh thc hnh 10-1: To mt my in logic

Trong bi thc hnh ny, bn s ci t mt my in logic trn my tnh ca bn. Truy cp vo h iu hnh Windows Server 2003 bng ti khon Administrator. Nhp Start v chn Printers And Faxes. Ca s Printers And Faxes xut hin. Kch p vo biu tng Add Printer. Trnh hng dn Add Printer xut hin. Nhp Next b qua trang Welcome. Trang Local Or Network Printer xut hin. La chn Local Printer Attached To This Computer. m bo rng hp kim tra Automatically Detect And Install My Plug And Play Printer b xa ri nhp Next. Trang Select A Printer Port xut hin. Trong danh sch lit k Use The Following Port la chn cng my in LTP3: ri nhp Next. Trang Install Printer Software xut hin. Trong trng hp my tnh ca bn khng c cng LTP3, hy chn mt cng m my tnh ca bn khng s dng nh COM3 v COM4 chng hn. Trong ct Manufacturer la chn Generic. Trong ct Printers la chn Generic/Text Only ri nhp Next. Trang Name Your Printer xut hin. Trong hp vn bn Printer Name, g Test Printer ri nhp Next. Trang Printer Sharing xut hin.
476
LM VIC VI CC MY IN Nhp Next chp nhn cc tham s chia s mc nh. Nhp Next mt ln na b qua trang Location And Comment. Trang Print Test xut hin. La chn No ri nhp Next. Trang Completing The Add Printer Trnh hng dn xut hin. Nhp Finish. ===============================================
Bi tp thc hnh thc hnh 10-2: Thit lp cc Cp php trn my in

Trong bi thc hnh ny, bn s cu hnh cc Cp php trn my in chia s ca bn. 3. Truy cp vo h iu hnh Windows Server 2003 bng ti khon Administrator. 4. Ci t mt my in logic nh trong bi 10-1. Nhp Start -> Printer And Faxes. Ca s Printer And Faxes xut hin. La chn biu tng Test Printer trn my in logic m bn va to v t thc n File la chn Properties. Hp thoi Properties xut hin. La chn i tng bo mt Everyone trn th Security ri nhp Remove. Nhp Add. Hp thoi Select Users, Computers, Or Groups xut hin. Trong hp vn bn Enter The Object Names To Select g Users ri nhp OK. Nhm Users s xut hin trong danh sch cc i tng bo mt. La chn hp kim tra Allow i vi Cp php Manage Documents v nhp OK. ===============================================
477
LM VIC VI CC MY IN
Bi thc hnh 10-3: Loi b mt tc v in n

Trong bi thc hnh ny, bn s loi b mt tc v in cha hon thnh trong hng i . 5. Truy cp vo h iu hnh Windows Server 2003 bng ti khon Administrator. Ci t my in logic nh bi thc hnh 10-1. Nhp Start v la chn Printers And Faxes. Ca s Printers And Faxes xut hin. Trn my in logic bn va to, kch chut phi vo biu tng Test Printer v la chn Properties. Hp thoi Properties ca my in xut hin. Nhp Print Test Page trong th General in mt trang kim tra trn my in. Hp thng bo Test Printer m ra. Nhp OK ng hp thng bo v nhp OK ng hp thoi Properties ca my in. Trn my in logic bn va to, nhp p vo biu tng Test Printer. Ca s Test Printer xut hin. La chn ti liu Test Page trong danh sch v ch trng thi li ca n do khng c mt my in vt l no kt ni vi cng bn la chn. Trn thc n Document la chn Cancel. Mt hp thng bo Printers xut hin nhc nh bn xc nhn xa tc v in. Nhp Yes. Tc v s b xa khi hng i.
CC CU HI N TP
1. Bn ang ci t my in trn my trm. My in s c kt ni ti mt my in logic c ci t trn mt my ch in n Windows Server 2003. Nhng kiu thng tin no m bn phi cung cp cho tin trnh ci t my in? (La chn tt c cc cu tr li ng) a. Mt cng my in TCP/IP.
478
LM VIC VI CC MY IN b. Nh sn xut my in vt l v chng loi ca n. c. ng dn URL ti my in trn my ch d. ng UNC ti my in chia s e. Trnh iu khin my in 2. Mt trong nhng my in mng ca bn khng lm vic tt v bn mun ngn khng cho ngi s dng gi cc tc v ti my in logic kt ni ti my in ni trn. Bn s lm g? a. Dng chia s my in b. Loi b my in ra khi dch v th mc Active Directory c. Thay i cng my in d. Thay i tn chia s 3. Bn ang qun tr mt my tnh Windows Server 2003 c cu hnh nh mt my ch in n. Bn mun thc hin cng tc bo dng trn my in vt l c kt ni vi my ch. Hin ang c mt s ti liu trn hng i. Bn mun ngn khng cho cc ti liu c in trn my in ny nhng bn cng khng mun ngi s dng phi thc hin li tc v in n. Phng php ti u nht ca bn l g? a. M hp thoi Properties ca my in la chn th Sharing v la chn Do Not Share This Printer. b. M hp thoi Properties ca my in v trn th Ports la chn mt cng cha c thit b in n s dng. c. M ca s hng i, la chn ti liu u tin v tip theo la chn Pause t ca s Document. Lp li tin trnh ny vi mi ti liu. d. M ca s hng i v la chn Pause Printing t thc n Printer.
479
LM VIC VI CC MY IN 4. Bn ang qun tr mt my tnh Windows Server 2003 c cu hnh nh mt my ch in n. Ngi s dng trong nhm Marketing phn nn rng h khng th in cc ti liu thng qua my in trn my ch. Bn hin th cc Cp php trn hp thoi Properties ca my in. Nhm Marketing c Cp php Manage Documents. Ti sao ngi s dng khng in c trn my in ny? a. Nhm Everyone phi c gn Cp php Manage Documents. b. Nhm Administrators phi c gn Cp php Mange Printers c. Nhm Marketing phi c gn Cp php Print d. Nhm Marketing phi c gn Cp php Manage Printers 5. Bn ang ci t mt t hp my in trn my tnh Windows Server 2003. T hp my in cha ba thit b in n v tt c u ging nhau. Bn m hp thoi Properties trn my in ny v la chn Enable Printer Pooling trn th Port. Bn phi lm g tip theo? a. Cu hnh cng LPT1 h tr ba my in b. La chn hoc to cc cng nh x ti ba my in c. Trn th Device Settings, cu hnh cc la chn c kh nng ci t c nhm h tr hai thit b in n thm vo d. Trn th Advanced, cu hnh u tin cho mi thit b in n nhm m bo tin trnh in c phn phi cho ba thit b in. 6. Bn ang qun tr mt my tnh Windows Server 2003 c cu hnh nh mt my ch in n. Vo ngy gia tun lm vic, my in b li v cn c thay th. Ngi s dng gi cc tc v in n my in ny v n c a ch IP l 192.168.1.81.Mt my in tng t c a ch 192.168.1.217 c my ch khc h tr. Cc cng vic bn cn thc hin sao cho cc tc v ca ngi s dng vn c tip tc? (La chn tt c cc cu tr li ng)
480
LM VIC VI CC MY IN a. Trn hp thoi Properties ca my in li la chn Enable Printer Pooling. b. Trn hp thoi Properties ca my in li nhp Add Port c. Trn th mc Printer And Faxes kch chut phi vo my in li v la chn Use Offline. d. Trn hp thoi Properties ca my in li la chn cng 192.168.1.217. 7. Trong cc m hnh di y, m hnh no cho bn bc tranh gn ng nht v mc s dng trn my in, cho php bn hiu v mc tiu th ca mc v giy in? a. Cu hnh kim nh my in logic v kim nh cc s kin thnh cng trong vic s dng Cp php in ca nhm h thng Everyone. b. Xut cc nht k s kin h thng (System log) ra file vn bn phn cch cc trng bng du phy (*.csv) v s dng Excel phn tch cc s kin b m. c. Cu hnh nht k hiu nng v gim st bin m Total Pages Printed trn mi my in logic. d. Cu hnh nht k hiu nng v gim st bin m Jobs vi mi bin m logic.
CC KCH BN TNH HUNG

===============================================
Kch bn 10-1: Cp nht cc trnh iu khin my in

Phng marketing phn nn vi bn v cht lng in trn my in chia s c tn gi l MarketingPrinter. Khi ngi s dng in t my tnh PC Windows XP s dng cc ng dng Microsoft Office, cc ti liu c in tt. Nhng khi h in t cc ng dng Adobe, cc ti liu in ra khng c nh mong mun. Phng kinh doanh c mt my in chia s tng t c tn l SalesPrinter v s
481
LM VIC VI CC MY IN dng hn hp cc my trm Windows 2000/XP v Office khng thng bo bt c mt li no. Bn cn nhc trng hp ny, n xy ra v mt s ng dng khc nhau to ra cc kt qu khc nhau ph thuc vo my in c ang s dng PostScript hoc mt trnh iu khin khng phi PostScript hay khng. Bn s trin khai trnh iu khin my in hot ng tt u sao cho cc my tnh cn n c cp nht? e. Hp thoi Server Properties ca my ch in n f. Hp thoi Properties ca my in MarketingPrinter g. Hp thoi Properties ca my in SalesPrinter h. Hp thoi Properties ca cc my in logic c ci t trn cc my tnh ca mi ngi s dng phng marketing. ===============================================
Kch bn 10-2: Gia tng hiu nng in n

Bn l nh qun tr mng cho mt cng ty lut vi mt nhm gm c 20 nhn vin tr l v mt lut php cho cc lut s. Tt c cc nhn vin ny u s dng mt my in laser chia s, tc cao c ci t trn mt h thng Windows Server 2003. Theo mt lch trnh h phi in mt s lng ln ti liu. Mc d my laser in nhanh nhng n cn m bo hot ng gn nh khng i trong khi in n ti liu. Ti mt s thi im, cc nhn vin tr l phi i 20 pht hoc lu hn sau khi xc nhn mt tc v cho cc ti liu ca h cho ti khi ln ti v tr u tin trong hng i. Khng mt nhn vin no mun tm kim mt danh sch cc my in sn sng nhm kim tra xem ci no c t tc v nht trc khi thc hin tc v in. La chn no di y m bn s xem xt nhm ti thiu ha lng thi gian m cc my in tiu tn hon thnh cc ti liu in n cho tt c cc nhn vin tr l? a. Ci t mt my in my in laser th hai vi cng chng loi v to mt t hp my in. b. Thit lp cc u tin my in khc nhau cho mi nhn vin tr l da trn danh sch do ngi ng u nhm to ra. Nhn vin quan trng nht s c u tin l 1 cn ngi c vai tr quan trng thp nht s c u tin l 99.
482
LM VIC VI CC MY IN c. Thit lp cc u tin my in khc nhau cho mi nhn vin tr l da trn danh sch do ngi ng u nhm to ra. Nhn vin quan trng nht s c u tin l 99 cn ngi c vai tr quan trng thp nht s c u tin l 1. d. Mua thm cc my in laser tng t v ci t chng nh nhng my in chia s ring r trn my ch.
483
LM VIC VI CC MY IN
PHN 4
QUN L V DUY TR PHN CNG
484
QUN L CC TRNH IU KHIN THIT B
CHNG 11: QUN L CC TRNH IU KHIN THIT B

Khi bn lm vic vi mt h iu hnh phc tp nh Microsoft Windows Server 2003 chng hn, n cha nhiu mnh phn mm phc tp. Nhng phn mm ny tuy nh v hu nh bn khng thy s hin din ca n nhng li gip bn lm c mi th. Vi mt h iu hnh, c th s dng cc phn cng trn my tnh cn phi c mt phn mm gi l trnh iu khin thit b cho mi thit b phn cng. Lm vic vi cc trnh iu khin thit b c th khng phi l cng vic hng ngy nhng cc nhn vin qun tr h thng cn phi cn trng vi chng v bn cn phi bit lm g khi n thi im cp nht hoc x l s c. Hon thnh chng ny bn c kh nng: Hiu c mi quan h gia cc thit b phn cng v cc trnh iu khin. Ci t Trnh iu khin Thit b S dng Device Manager hin th v qun l cc thit b phn cng v cc trnh iu khin thit b ca chng. X l cc li v trnh iu khin thit b
485
TNG QUAN V TRNH IU KHIN THIT B

Trnh iu khin thit b l mt tp hp phn mm thc hin cc chc nng trn cc thit b c th cho cc hot ng vo ra (I/O - Input/Output). V d, khi mt ng dng chy trn Windows 2003 ghi mt file vo a, n s gi mt hm h iu hnh gi l WriteFile. Hm ny nh ngha mt hot ng c bn nh sau: d liu ti v tr b nh xc nh s c chp ti mt thit b lu tr xc nh c ci t trn my tnh. Tuy nhin, hm WriteFile khng bit g v thit b phn cng thc s, n ch lm vic vi thit b kha cnh th tc hon ton c lp vi thit b. thc hin cc hm cho mt thit b c th nhm hon thnh cc tc v, h iu hnh phi gi cc th tc do cc trnh iu khin cung cp cho thit b lu tr. Thng thng, ng dng s lu gi file trn a cng nhng n cng c th lu gi trn cc a mm hoc cc thit b lu tr khc. Cc trnh iu khin thit b khc nhau s cung cp kh nng truy cp ti cc thit b lu tr m ng dng c th s dng. Cc trnh iu khin thit b cng cung cp kh nng truy cp n cc th tc dnh cho cc thit b c th. a cng trong my tnh c th s dng giao din IDE hoc SCSI. a cng c th c sn xut bi hng chc nh sn xut thit b. Trnh iu khin thit b cung cp kh nng truy cp n cc th tc cho mt loi thit b xc nh, chy trn mt nn h iu hnh xc nh. Nh sn xut thit b cng c th a ra cc trnh iu khin thit b cho cc h iu hnh khc v cho cc dng cng khc m h sn xut.
Cc chc nng ca trnh iu khin thit b

Cc trnh iu khin thit b cung cp hai chc nng c bn sau: Chng to s c lp v thit b vi h iu hnh iu ny cho php cc ng dng v cc thnh phn phn mm khc giao tip vi vi phn cng c ci t trn my tnh. Khi mt ng dng gi hm WriteFile, h iu hnh s gi trnh iu khin a cng thc hin cc th tc, cho php a cng nhn d liu t h thng v ghi n vo a Chng thao tc vi cc c tnh vt l ca thit b phn cng Khi mt ng dng hay th tc trn h iu hnh gi mt hm no , trnh iu khin thit b c th thay i cu hnh vt l ca thit b phn cng. V d khi bn mun mt ng dng in ti liu theo kiu nm ngang thay v kiu thng ng nh mc nh, trnh iu khin
486
QUN L CC TRNH IU KHIN THIT B thit b s chu trch nhim vic thay i cu hnh phn cng ca my in. Hai chc nng ni trn thc s l hai kha cnh ca cng mt tin trnh nhng trong Windows Server 2003 chng c th c thc hin bi cc trnh iu khin khc nhau. Trong trng hp ny, mt trnh iu khin mc thp chu trch nhim lin kt thc s vi phn cng cn mt trnh iu khin mc cao s tng tc vi cc ng dng v cc hm ca h iu hnh. Bn khng th nhn thy kh nng ny trong giao din Windows tuy nhin bn khng phi tm v ci t hai trnh iu khin ring bit ni trn. CH Cc trnh iu khin v h iu hnh Thi im trc khi h iu hnh Windows xut hin, cc trnh iu khin thit b c thc thi bi cc ng dng n l. Khi bn ci t mt sn phm phn mm x l vn bn, bn phi la chn mt trnh iu khin cho dng my in ca bn. K nu bn ci t mt ng dng x l bng tnh (nh Excel by gi chng hn), bn khng th s dng cng mt trnh iu khin . ng dng ny yu cu mt trnh iu khin dnh ring cho n. Windows khc phc c nhng nhc im ni trn bng cch tch hp chng vo h iu hnh ch khng s dng ring r cho tng ng dng. Khi bn ci t mt trnh iu khin cho mt my in trn bt k phin bn no ca Windows, tt c cc ng dng chy trn h iu hnh u c th s dng cc hm th tc ca trnh iu khin.
Cc thit b v trnh iu khin

Mt my tnh bao gm nhiu thit b phn cng, hot ng nh cc thnh phn n l nhng hu ht chng u cn mt trnh iu khin thit b. Tuy nhin, da trn phng thc hot ng m mt s thit b c chun ho hn cc thit b khc. Thit b cng c chun ho th chng cng ph bin v cc nh qun tr h thng cng t quan tm ti vic cp nht hay duy tr. V d, hu ht mi my tnh u c bn phm v mi h iu hnh u cn c trnh iu khin thit b ny. Tuy nhin chc nng hot ng ca bn phm cng nh tn hiu m n trao i vi my tnh u c chun ha v n nh cho nn t khi h iu hnh no cn c trnh iu khin ca bn phm m vn nhn c bn phm. Trng hp duy nht mt trnh iu khin thit b bn phm c bit c yu cu khi bn ang s dng mt phn cng khng bnh thng vi cc kh nng c bit nh mt thit b u vo dnh cho ngi khim th.
487
QUN L CC TRNH IU KHIN THIT B Cui cng l hnh nh ca cc thit b nh card mn hnh yu cu cn phi c trnh iu khin c thit k lm vic vi cc thit b phn cng c th. Cc thit b c chng c th gy ra cc vn cho cc qun tr vin h thng, bao gm: Chng t c h tr bi h iu hnh H iu hnh Windows 2003 (cng ging nh tt c cc h iu hnh Windows) bao gm mt th vin cc trnh iu khin, cung cp kh nng tng thch vi mt danh sch di cc thit b phn cng ca mi loi. Cc thit b cng ph dng th cng chc chc c h tr bi trnh iu khin h iu hnh. Nhng i vi cc thit b cc c bit nht l cc thit b va sn xut hoc ngoi lung th c th khng c trnh iu khin h tr trong Windows hoc khng c phin bn gn nht ca trnh iu khin. Trong nhng trng hp ny, bn phi cung cp cho h iu hnh trnh iu khin bn nhn c t nh sn xut thit b. CH Microsoft v cc trnh iu khin thit b Mc d Windows Server 2003 v cc h iu hnh Windows khc cha hng trm cc trnh iu khin thit b cho cc sn phm phn cng khc nhau v mt s t trong ny thc s c to ra bi Microsoft. Microsoft nhn trnh iu khin t nh sn xut thit b v tch hp chng cng vi h iu hnh Windows. V l do ny, khi bn gp vn vi trnh iu khin, bn cn s gip t pha nh sn xut hn l t pha Microsoft. Khng c trnh iu khin ca nh cung cp phn cng Trong mt vi trng hp th cc nh sn xut phn cng pht trin trnh iu khin cho Windows 2003 cho cc thit b ca h sau khi h pht hnh phin bn WindowsXP v h iu hnh ny ch yu dng cho my trm hoc do h khng xem Windows Server 2003 nh l mt phn ca th trng sn phm. Thit b khng tng thch hoc hot ng khng ng Nhiu thit b thng c hin tng hot ng khng ng, iu ny thng xy ra khi m chng c iu khin hot ng ch cao hn. V d, cc trnh iu khin card mn hnh c xu hng b tnh trng ny do cc chc nng hot ng phc tp ca chng v do nhiu ng dng a chng n trng thi gii hn. Cc card mn hnh gn y c thit k cho chc nng chi tr chi in t thng gp trc trc hn so vi cc card mn hnh tch hp trong h thng mc thp. Khi trnh iu khin b li, ngi qun tr h thng
488
QUN L CC TRNH IU KHIN THIT B phi lin lc trc tip vi nh sn xut thit b phn cng thay th chng. Chng thng c cp nht nhiu hn so vi cc trnh iu khin ph dng y l mt kt qu tt yu ca tnh cht phc tp, mt s trnh iu khin thng c cp nht nhiu hn so vi cc trnh iu khin khc. Mt ln na, trnh iu khin card mn hnh li l mt v d in hnh. Cc trnh iu khin card mn hnh gn y thng xuyn c nh sn xut cp nht. Ty thuc vo thi im thit b phn cng c pht hnh v bn ang s dng phin bn no ca Windows, trnh iu khin i km vi h iu hnh c th c mt vi phin bn c. Trong hu ht cc trng hp, trnh iu khin i km cng vi Windows gip bn trong tin trnh ci t nhng bn c th phi ci t cc trnh iu khin cp nht dnh cho thit b nhm t c hiu nng y nht. Tt c cc thit b phn cng c chng nhn s dng cho Windows Server 2003 c lit k trong Windows Server Catalog, lun sn sng ti a ch www.microsoft.com/windows/catalog/server. Catalog ny thay th cho danh sch lit k cc thit b tng thch (HCL) c s dng trong cc phin bn trc ca Windows. Khi la chn phn cng cho cc my tnh Windows Server 2003, bn cn phi m bo rng cc thit b bn la chn c lit k trong catalog.
Trnh iu khin thit b v cc ti nguyn phn cng

Mt my tnh c nhn bao gm nhiu thit b phn cng c kt ni (trc tip hoc gin tip) ti bo mch chnh. B vi x l, cc module b nh, a cng, mn hnh v cc thit b khc tt c chng u c chc nng duy nht v h thng phi c kh nng lin kt vi mi thnh phn mt cch ring r. thc hin iu ny, mi thit b phi c mt s phng tin h thng c th xc nh tnh duy nht ca n v vy khi my tnh to ra d liu u ra cn hin th trn mn hnh th chng phi c chuyn ti card mn hnh ch khng phi bn phm hay a cng. c nhn ho cc thnh phn giao tip, PC s dng cc loi ti nguyn phn cng khc nhau (chng cn c gi l cc ti nguyn h thng). Mi trnh iu khin thit b c cu hnh s dng cc ngun ti nguyn cho php n lin kt vi thit b phn cng chnh xc v ch thit b m thi. Cc loi ti nguyn phn cng m cc thit b c th s dng gm c: Interupt Request (IRQ) Line (chui yu cu ngt) Mt yu cu ngt cng ging nh tn gi ca n, l mt tn hiu c gi t mt
489
QUN L CC TRNH IU KHIN THIT B thnh phn ny ti mt thnh phn khc (thng thng l t mt thit b ngoi vi ti b vi x l) vi ng thng bo cho bn nhn rng n nn tm dng cc hot ng hin thi thc hin mt cng vic khc. V d, mi ln bn n mt phm trn bn phm my tnh, bn phm s gi mt yu cu ngt ti b vi x l thng bo rng c d liu u vo mi gi ti b vi x l. Mt PC c 16 chui yu cu ngt c thit k cho vic s dng cc thit b phn cng khc nhau (mt s c th chia s mt chui yu cu ngt). I/O Address (a ch vo/ra) Mt a ch vo/ra (cn c gi l cng vo/ra) l mt v tr trong b nh c phn b mt thit b phn cng xc nh cho php n trao i thng tin vi h thng. Mi thit b trong my tnh u c gn mt a ch vo/ra duy nht, cho php h thng lin kt vi cc thit b n l. Direct Memory Access (DMA) channel (knh truy nhp b nh trc tip) Cc knh DMA l cc tuyn ng m mt s thit b s dng chng truyn trc tip d liu ti v t b nh h thng m khng cn lin quan ti b vi x l. Khi so snh vi cc chui yu cu ngt, th c tng i t thit b (nh cc a mm v cc card m thanh chng hn) s dng cc knh DMA do mi PC ch c 08 knh DMA. Memory address (a ch b nh) Mt vi thit b nh card mn hnh hay card mng chng hn cn c khng gian trong b nh cp trn vi mc ch ci t mt BIOS (h thng vo/ra c bn) b sung. Mt thit b thng yu cu ti nguyn phn cng ny l card giao tip SCSI vi BIOS ca chnh thit b ny cho php h thng khi ng t mt a SCSI. Mn hnh qun tr Device Manager trong Windows Server 2003 cho php bn hin th cc ti nguyn phn cng trn my tnh v cc thit b ang s dng chng nh hnh v 11-1.
490
Hnh 11-1: Cc ti nguyn phn cng ca mt thit b c hin th trong Device Manager Cu hnh cc ti nguyn phn cng mt thit b phn cng c th lin kt c vi my tnh, thit b v trnh iu khin ca n c hai u c cu hnh s dng cc thit lp ti nguyn phn cng chnh xc. V d, khi bn kt ni mt my in ti cng song song LPT1, bn cng phi cu hnh trnh iu khin my in s dng cng LPT1 lin kt vi my in. Nu my in c kt ni vi LPT1 v bn cu hnh trnh iu khin s dng cng LPT2 th s lin kt ni trn s khng xy ra v my tnh s khng th s dng c my in. Mi quan h gia cc thit lp ti nguyn phn cng dng nh kh n gin khi chng ta cp ti vn my in nhng khi ni ti cc thnh phn bn trong ca mt my tnh th vn li khng h n gin cht no. V d, ci t mt card mng trn my tnh thng yu cu mt chui yu cu ngt v mt cng vo/ra. Khi , card phn cng v trnh iu khin card phi c cu hnh s dng cng mt chui IRQ v cng vo/ra. Ngoi ra, khng c bt k xung t no vi thit b khc do s dng cng chui IRQ v cng vo/ra. Cng lc, bn cn cu hnh c thit b phn cng v trnh iu khin thit b mt cch th cng. cu hnh card mng, bn c th thit lp cc cu nhy (jumper) trn chnh card ny hoc chy mt chng trnh c bit do nh sn xut cung cp. Tip theo bn ci t trnh iu khin v cu hnh n s dng cc thit lp ti nguyn phn cng ging nh bn cu hnh lc trc. Vi tin trnh ny, mt s vn khng ng c th xy ra gm c:
491
QUN L CC TRNH IU KHIN THIT B Cc thit lp ti nguyn hn ch Mt s thit b ch c th s dng c mt s ti nguyn phn cng nht nh. V d, mt s card mng c ch c th s dng hai hoc ba IRQ. Nu cc IRQ ny u b s dng th bn phi cu hnh li cc thit b khc hoc s dng mt card khc. Cn kit ti nguyn Khi vn chia s IRQ khng cn ph bin, cc chui IRQ cc h thng c trang b y s b chim dng ht bi cc thit b khc dn n tnh trng ngn khng cho ci t cc thnh phn mi. Xung t thit b Khi hai thit b c cu hnh s dng cng ti nguyn h thng, thng thng mt trong hai s hot ng khng chnh xc. Khi la chn cc ti nguyn phn cng cho mt thit b mi bn phi bit c cc ti nguyn c cc thnh phn khc trn my tnh s dng. Plug and Play May mn, nhng li ny c loi tr bi s ra i ca chun Plug and Play (cm l chy) vo nm 1995. Plug and Play (PnP) l mt chun nh ngha cc c tnh ca cc thnh phn my tnh nhm cho php chng t ng pht hin v cu hnh phn cng trn mt my tnh. Vi chc nng PnP, tt c cc thnh phn di y phi h tr chun ny: Phn cng h thng Phn cng thit b ngoi vi BIOS h thng H iu hnh Hu ht cc thit b phn cng PC c sn xut t nm 1997 v ngy nay tt c u h tr chun PnP. iu ny c p dng cho hu ht cc sn phm BIOS h thng v tt c cc h iu hnh Microsoft k t Windows 95. iu c ngha khi bn ci t mt thit b mi trn mt my tnh chy Windows Server 2003 th hu nh bn khng phi quan tm cc ti nguyn h thng cng nh cu hnh thit b. H thng s m nhn mi th (vi gi thit trnh iu khin c sn). Khi bn ci t mt thit b PnP mi, my tnh s thc hin nh sau: Pht hin phn cng mi Ci t trnh iu khin thit b tng ng Xc nh xem thit b yu cu ti nguyn h thng no
492
QUN L CC TRNH IU KHIN THIT B D qut h thng xc nh cc ti nguyn phn cng cn trng La chn cc thit lp ti nguyn tng ng cho thit b Cu hnh c thit b ln trnh iu khin thit b s dng cc ti nguyn la chn. Nu khng c thit lp ti nguyn no cn trng cho thit b mi s dng, PnP c kh nng cu hnh li mt cch t ng phn cng khc trn my tnh gii phng cc ti nguyn cho thit b mi. Nu Windows Server 2003 khng c trnh iu khin, h iu hnh s nhc nh bn cung cp a c cha trnh iu khin hoc tm kim trnh iu khin tng ng. Khi bn ci t mt thit b phn cng mi khng h tr chun PnP, Windows Server 2003 c th hoc khng th pht hin ra n. Ty thuc vo loi thit b m c nhng trng hp sau xy ra: H thng khng th pht hin ra thit b mi Nu my tnh vn duy tr trng thi khng thng bo v thit b phn cng mi, bn phi chy Add Hardware Trnh hng dn t Control Panel v xc nh, ci t, cu hnh thit b v trnh iu khin n bng tay. H thng pht hin s hin din ca thit b mi nhng khng th xc nh n i khi my tnh pht hin ra s hin din ca thit b phn cng mi nhng khng th xc nh loi thit b l g. Mt ln na bn phi la chn bng tay loi thit b, nh sn xut v chng loi thng qua Add Hardware Trnh hng dn. H thng pht hin thit b mi v xc nh n mc c bn nhng khng th xc nh c chng loi c th My tnh c th xc nh c loi phn cng ci t nh card mng chng hn nhng khng th xc nh nh sn xut v chng loi ca n v vy bn phi la chn chng bng tay trong Add Hardware Trnh hng dn. H thng pht hin v xc nh thit b mi, tip theo ci t v cu hnh trnh iu khin thit b nhng n khng th cu hnh chnh bn thn phn cng Nu my tnh xc nh thnh cng phn cng mi v ci t trnh iu khin thch hp, h thng c th cu hnh trnh iu khin s dng cc thit lp ti nguyn phn cng hin ti ca thit b. Tuy nhin, nu cc thit lp mc nh ca thit b xung t vi cc thnh phn khc ca my tnh th h thng khng th cu hnh li phn cng s dng cc thit lp khc. Trong trng hp ny, bn phi cu hnh bng tay cc thit lp ti nguyn cho thit b phn cng.
493
TO CHIN LC DUY TR TRNH IU KHIN

Ngoi vic lc u ci t cc trnh iu khin chnh xc, ngi qun tr h thng cng c trch nhim duy tr cc trnh iu khin thit b v cu hnh ca chng. Vic cp nht trnh iu khin l cng vic thng xuyn do nhng thay i hot ng trn h iu hnh v cc thit b phn cng s phn nh nhng thay i mt cch tng ng trong cc trnh iu khin. Trong mt s trng hp, nhng cp nht ny khng tng ng vi cc phin bn service pack nh k ca h iu hnh trong khi nhng ci khc lun sn sng nh cc hotfix (bn v) t trang Web Windows Update. Tuy nhin, trong nhiu trng hp, phn cn li thuc v ngi qun tr h thng nhm kim tra cc phin bn trnh iu khin mi ca cc nh sn xut phn cng khc nhau v quyt nh khi no v c nn ci t chng cng nh ai l ngi chu trch nhim ci t.
C cp nht hay khng?

Mt trong nhng cu hi u tin m mt ngi qun tr h thng cn phi cn nhc khi ng trc mt phin bn cp nht trnh iu khin mi l c nn ci t n hay khng. Khng may cho bn, li ny khng th gii quyt bng chnh sch cng v nhanh hoc mt chnh sch no ca cng ty. Thng thng cc nh sn xut phn cng xut bn cc bn cp nht trnh iu khin do ba l do sau: Nng cao hiu nng cc c tnh ca phn cng hin ti Trin khai cc tnh nng mi Loi tr cc li trong cc phin bn trc Trong hai trng hp u, vic ci t bn cp nht l mt cng vic tt nhin do n khng gy ra cc li mi. Trong trng hp sau, c th bn phi xem xt k xem cu hnh hin ti ca bn c mc phi nhng li nh nhng g m bn cp nht a ra. Nu khng bn c th loi b vic ci t cp nht. Trn tt c, cu hi xem c nn ci t cc cp nht trnh iu khin hay khng ph thuc vo cc thit b phn cng, cc chnh sch v danh ting ca nh sn xut. Mt s nh sn xut a ra cc cp nht cho trnh iu khin mt cch thng xuyn v lung tung, thng xuyn gy ra cc li mi trong cc khi sa cha cc li c. iu ny ng trong trng hp mt sn phm phn cng l mi trn th trng vi m trnh iu khin cha c
494
QUN L CC TRNH IU KHIN THIT B kim tra mt cch cn thn. Trong nhng trng hp nh vy, trnh iu khin cui cng c th khng phi l tt nht. T ng ci t tt c phin bn trnh iu khin mi c th dn n nhng li hiu nng nghim trng c bit nu bn c cc thit b ging nhau c ci t trn hng trm my tnh. Phng php tt nht dnh cho ngi qun tr h thng l phn loi cc phin bn cp nht trnh iu khin, thc hin vic kim tra chng trn cc h thng tng t, cng ging nh khi bn s dng bt k bn cp nht phn mm no, trc khi trin khai chng trn cc my tnh ca bn.
Ngi s dng, nh qun tr v qu trnh ci t trnh iu khin thit b

Trong hu ht cc mi trng, phng n thch hp nht cho ngi s dng u cui l h khng phi ci t hoc cp nht cc trnh iu khin thit b. iu ny cn l c bit ng trong mi trng mng khi m cc nh qun tr mun duy tr mt cu hnh h thng ng nht trn ton mng. N s lm n gin ha tin trnh duy tr v x l s c cho cc my tnh trn mng do cc nhn vin h tr k thut khng cn phi kim tra mi h thng xc nh xem cc cp nht c ci t cha. Tuy nhin, vic cp nht cc trnh iu khin thit b thng l kh khn hn khi trin khai trn mt lng ln my tnh so vi vic cp nht cc phn mm. i khi bn cn ci t trnh iu khin trn mi my tnh ring l v cc nh qun tr khng c thi gi hoc s kin nhn di chuyn ti tt c cc my tnh nhm cu hnh cc thit b v trnh iu khin ca chng. Windows Server 2003 bao gm cc ty chn trnh iu khin c xc nhn (driver signing), kh nng gn cc quyn ci t trnh iu khin cho cc ngi s dng thch hp, to ra mt mi trng mm do trong vic cu hnh thit b v ci t trnh iu khin. Kim sot truy cp trnh iu khin thit b i vi hu ht cc cng vic ci t, cc thnh vin nhm Administrators u c quyn hn khng hn ch trong vic ci t bt k thit b phn cng no cng nh cc trnh iu khin ca chng. S d nh vy l v nhm Administrators nhn c quyn hn ngi s dng Load And Unload Device Drivers (ci t v g b cc trnh iu khin thit b) thng qua cc chnh sch cc b hoc thng qua GPO Default Domain Controllers. Tuy nhin, cc thnh vin ca nhm Users v Domain Users khng c gn quyn hn ny nn h s b hn ch quyn thc hin cc cng vic trn. Mc
495
QUN L CC TRNH IU KHIN THIT B nh, ngi s dng ch c th ci t cc thit b PnP vi iu kin cc yu cu sau phi c p ng: Trnh iu khin phi c mt ch k s ha (y l c tnh chng t rng trnh iu khin ny c hng Microsoft tin hnh th nghim v kim tra) Khng c nhng i hi yu cu Windows hin th giao din cho php ci t thit b. Trnh iu khin thit b c sn trn my tnh. Vi nhng yu cu ny c ngha ngi s dng c th ci t cc my in v cc thit b USB v IEEE 1394 (FireWire). Nu c bt k mt iu kin no ni trn khng p ng, ngi s dng khng th ci t thit b nu h khng c gn thm quyn. Cc la chn trnh iu khin c xc nhn Tt c cc trnh iu khin thit b v cc file h iu hnh trn Windows Server 2003 u c mt ch k s ha ca Microsoft. iu ny xc nhn rng chng c kim tra v cha b thay i k t khi nh sn xut to ra. c tnh ny c a ra nhm ngn chn khng cho can thip v thay i cc trnh iu khin thit b v cc phn mm khc khi ngi s dng ci t cc on m cha c xc thc nh virus, Trojan horses chng hn. Chng cng xc nhn rng thit b ny l hon ton tng thch vi h iu hnh. Cc trnh iu khin thit b do cc hng sn xut th ba cung cp c th hoc khng c xc nhn. Trong Windows Server 2003, bn c th iu khin my tnh s phn ng ra sao khi bn ci t cc file cha trnh iu khin cha c xc nhn. thc hin iu ny, truy cp vo my tnh bng ti khon Administrator, kch p vo System trong Control Panel sau la chn th Hardware trn hp thoi System Properties. Nhp Driver Signing hin th hp thoi Driver Signing Options (nh hnh v 11-2).
496
Hnh 11-2: Hp thoi Driver Signing Options Cc la chn trn hp thoi ny gm c: Ignore (b qua) Cho php ci t tt c cc trnh iu khin thit b ln my tnh bt k chng c c xc nhn hay khng. La chn ny ch cho php khi bn truy cp vo h iu hnh vi ti khon l thnh vin ca nhm Administartors. Warn (cnh bo) Hin th cnh bo khi chng trnh ci t hoc Windows ci t mt trnh iu khin thit b khng c ch k s ha. Tip theo ngi s dng c th la chn hoc tip tc hoc ngng ci t. y l la chn mc nh. Block (kha) ngn khng cho php ci t cc trnh iu khin thit b khng c ch k s ha. CH Mc tiu ca k thi Cc mc tiu cho k thi 70-290 yu cu cc hc vin c kh nng cu hnh cc la chn v trnh iu khin c xc nhn Khi bn truy cp h iu hnh bng ti khon l thnh vin ca nhm Administartors, th ny cn c hp kim tra Make This Action The System Default (s dng la chn ny nh thit lp mc nh ca h thng). Khi la chn hp kim tra ny c ngha l la chn bn chn trn tr thnh thit lp mc nh cho tt c ngi s dng truy cp vo h thng. Ngoi ra cu hnh bng tay cc la chn v trnh iu khin c xc nhn cho cc my tnh n l, bn c th s dng cc chnh sch nhm bt buc tt c hoc mt phn cc my tnh trn mng. Trong bng iu khin Group Policy Object Editor, tr ti th mc User Configuration/Administrative Templates/System. y bn s thy mt chnh sch c tn l Code Signing For Device Drivers. Khi bn m hp
497
QUN L CC TRNH IU KHIN THIT B thoi Code Signing For Device Drivers Properties, nh hnh v 11-3, bn c th thy cc la chn ging trong hp thoi Driver Signing Options.
Hnh 11-3: Hp thoi Code Signing For Device Drivers Properties
S DNG TRNH HNG DN ADD HARDWARE

Trnh hng dn Add Hardware c thit k gip bn tng bc trong qu trnh ci t v cu hnh thit b phn cng mi v cc trnh iu khin thit b. Tuy nhin trnh hng dn (Wizzard) bt u nh th no v vic tng tc c yu cu t pha ngi s dng ra sao li ph thuc vo bn cht ca thit b phn cng c ci t. Trong hu ht cc trng hp, trnh hng dn c khi to khi h thng pht hin mt thit b phn cng mi hoc thng qua PnP hoc thng qua tin trnh pht hin phn cng mc nh ca h iu hnh. CH Mc tiu ca k thi Cc mc tiu cho k thi 70-290 yu cu cc hc vin c kh nng ci t v cu hnh cc thit b phn cng my ch Vi cc thit b PnP, trnh hng dn thng khng tng tc vi ngi s dng. H thng s hin th mt s ch th tin trnh khi n xc nh v nhn din phn cng mi. K n s ci t v cu hnh trnh iu khin thit b. Nu Windows Server 2003 khng cha trnh iu khin thit b, trnh hng dn s nhc nh bn cung cp hoc tm kim n. Nu h thng khng th xc nh thit b, trnh hng dn s gip bn xc nh chng loi thit b, nh sn xut v kiu.
498
QUN L CC TRNH IU KHIN THIT B Nu h thng khng pht hin s hin din ca thit b phn cng mi, bn c th khi to trnh hng dn bng tay theo cc cch sau: La chn Add Hardware trong Control Panel. M hp thoi System Properties, la chn th Hardware v nhp vo Add Hardware Wizard. Khi bn nhp Next b qua trang Welcome ca trnh hng dn, h thng s thc hin mt tin trnh pht hin phn cng PnP. Nu h thng khng pht hin ra c bt k phn cng mi no, trang Is The Hardware Connected? xut hin nh hnh v 11-4 nhc nh bn xc nh xem bn c ci t phn cng mi khng. y l mt cu hi th thut: nu bn la chn No, I Have Not Added The Hardware Yet (khng, ti khng thm phn cng no c) v nhp Next th trnh hng dn s dng li, hng dn bn ci t phn cng v chy li trnh hng dn. Trong thc t, bn c th ci t mt s loi phn cng m khng cn s hin din thc s ca chng. V d, bn c th ci t mt my in cc b v trnh iu khin trc khi kt ni my in vt l n my tnh.
Hnh 11-4: Trang Is The Hardware Connected? ca Add Hardware Wizard Nu bn la chn Yes, I Have Already Connected The Hardware (vng, ti kt ni thit b phn cng vo my tnh) v nhp Next, trnh hng dn s hin th mt trang lit k tt c cc thit b phn cng c ci t trn my tnh nh hnh v 11-5. ci t thit b mi, di chuyn xung pha di trong danh sch v la chn Add A New Hardware Device v nhp Next.
499
Hnh 11-5: Hp danh sch Installed Hardware trn Add Hardware Wizard CH X l s c thit b phn cng Danh sch cc thit b c ci t cung cp chc nng c bn khc ca trnh hng dn l kh nng x l s c vi cc thit b phn cng sn c trn h thng. bit thm thng tin v qu trnh x l s c trn phn cng v trnh iu khin thit b, xem phn X l s c cc thit b v trnh iu khin phn sau ca chng ny. Trong trang k tip, xem hnh v 11-6, bn cn xc nh xem bn mun trnh hng dn tm kim phn cng mi hoc la chn phn cng t mt danh sch. iu ny dng nh hi k cc do trnh hng dn thc s chy thng qua mt tin trnh pht hin phn cng ngay sau khi khi to. Tuy nhin l i vi cc thit b PnP. Vi cc thit b khng phi PnP, bn cn la chn Search For And Install The Hardware Automatically khi to qu trnh tm kim.
500
QUN L CC TRNH IU KHIN THIT B Hnh 11-6: La chn pht hin phn cng Add Hardware Wizard Nu trnh hng dn khng th xc nh c phn cng mi ca bn hoc nu bn la chn Install The Hardware That I Manually Select From A List v nhp Next, mt trang xut hin cho php bn la chn chng loi thit b t danh sch bao gm cc phn cng thng dng nh hnh v 11-7. La chn loi thit b m bn mun ci t v nhp Next.
Hnh 11-7: Hp Common Hardware Types trong Add Hardware Wizard Ty thuc vo loi phn cng bn la chn, bn c th nhn thy thm mt trang pht hin phn cng nhng cui cng trnh hng dn s hin th mt trang ging nh hnh v 11-8. y bn c th la chn nh sn xut thit b phn cng v dng sn phm c th. Tt c cc thit b phn cng c lit k u c cc trnh iu khin i km vi h iu hnh. Nu thit b phn cng ca bn khng c trong danh sch lit k, bn phi nhp vo Have Disk v xc nh v tr cc file cha trnh iu khin thit b.
501
QUN L CC TRNH IU KHIN THIT B Hnh 11-8: Mt trong nhng danh sch la chn phn cng ca Add Hardware Wizard Mt khi bn xc nh chnh xc thit b phn cng cn ci t, trnh hng dn s hin th cc iu khin theo loi thit b bn s xc nh xem h thng truy cp ti phn cng nh th no. V d, nu bn ci t mt modem, trnh hng dn s nhc nh bn cng COM m modem s dng. Trong mt s trng hp nu trnh hng dn khng th xc nh phn cng bn la chn, n s ci t trnh iu khin thit b bng cch s dng cc thit lp mc nh. Tip theo bn c th phi cu hnh li trnh iu khin bng tay trc khi h thng c th lin kt vi thit b. Khi trnh hng dn hon thnh, thit b mi c a vo cu hnh phn cng ca my tnh. Bn c th truy cp c ti n hoc khng. Bn c th lm vic vi bt k thit b phn cng no c ci t trn my tnh cng nh trnh iu khin ca chng thng qua mn hnh qun tr Device Manager c m t trong phn tip theo.
S DNG DEVICE MANAGER

Device Manager l mt cng c qun tr phn cng v trnh iu khin thit b ch yu trn h iu hnh Windows Server 2003. Mc d n khng xut hin trong mn hnh mc nh (xem hnh v 11-9) nhng Device Manager l mt MMC snap-in m bn c th truy cp theo cc cch khc nhau: Nhp Start, tr ti Control Panel v la chn System. Trong hp thoi System Properties, la chn th Hardware v tip theo nhp Device Manager. Nhp Start, tr ti Administrative Tools ri la chn Computer Management. Trong mn hnh qun tr Computer Management la chn biu tng Device Manager. M hp thoi Run, g mmc trong hp vn bn Open v nhp Enter m mt ca s trng MMC. K t thc n File chn Add/Remove Snap-in v thm snap-in Device Manager vo mn hnh qun tr.
502
Hnh 11-9: Mn hnh qun tr Device Manager Mc nh, mn hnh hin th Device Manager c b tr theo dng phn cp vi my tnh mc gc v cc loi phn cng khc nhau bn di mc gc. M rng mt trong cc thit b trong mn hnh ny bn s thu c mt danh sch tt c cc thnh phn c ci t trn my tnh. Cc thnh phn c cu hnh v hot ng tt s xut hin mt biu tng biu din chng loi ca thnh phn ny. Khi c li vi mt thit b, biu tng s c thay i theo cc cch di y (xem hnh v 11-10) Mt du cm thn mu vng ch th rng thit b cha c ci t, cha c cu hnh chnh xc hoc cha ci t trnh iu khin. Du hi mu vng Ch th rng khng th xc nh c thit b. Du X mu ch th rng thit b b v hiu ha
Hnh 11-10: Cc biu tng trong Device Manager Device Manager c kh nng hin th thng tin theo bn ch : Sp xp cc thit b theo chng loi Hin th mt danh sch cc loi thit b, cho php bn m rng hin th mt danh sch cc thit
503
QUN L CC TRNH IU KHIN THIT B b theo tng loi. y l mn hnh hin th mc nh ca Device Manager.
Sp xp cc thit b theo kt ni Hin th mt danh sch cc kt ni m cc thit b phn cng s dng lin kt vi my tnh. M rng mt kt ni s hin th mt danh sch cc thit b s dng kt ni . V d, kt ni PCI Bus cha cc biu tng cho tt c cc card m rng v cc thit b khc kt ni ti PCI Bus ca h thng.
Sp xp cc ti nguyn theo chng loi Hin th mt danh sch cc loi ti nguyn gm c Direct Memory Access (truy cp b nh trc tip), Input/Output (cng vo/ra), Interrupt Request (yu cu ngt) v Memory (b nh). y bn c th m rng hin th mt danh sch cc ti nguyn ring l ca mi loi v cc thit b ang s dng chng.
504
Sp xp cc ti nguyn theo kt ni Hin th mt danh sch cc loi ti nguyn gm c Direct Memory Access (truy cp b nh trc tip), Input/Output (cng vo/ra), Interrupt Request (yu cu ngt) v Memory (b nh). y bn c th m rng hin th kt ni c kt hp vi mi ti nguyn ring l v thit b s dng mi kt ni .
Bt k bn s dng ch hin th no ca Device Manager, bn cng c th la chn bt k mt trong cc thit b ca my tnh v lm vic vi phn cng cng nh trnh iu khin thit b ca n nh m t trong cc phn di y. CH Qun tr thit b t xa Cng ging nh cc snap-in MMC khc, Device Manager c th lm vic vi h thng cc b hoc vi h thng khc trn mng.Tuy nhin khi Device Maneger c kt ni ti mt my tnh khc trn mng, n ch hot ng ch read-only. Bn c th xem thng tin v thit b phn cng trn my tnh xa v trnh iu khin ca n nhng bn khng th thay i chng. c th thay i, bn phi chy Device Manager t mn
505
QUN L CC TRNH IU KHIN THIT B hnh qun tr ca my tnh xa hoc s dng dch v Remote Desktop hoc Terminal Services. CH Mc tiu ca k thi Cc mc tiu cho k thi 70-290 yu cu cc hc vin phi c kh nng gim st phn cng my ch. Cc cng c gm c Device Manager, Hardware Troubleshooting Wizard v cc mc tng ng trong Control Panel .
Cho php v v hiu ha cc thit b

Bng cch la chn mt thit b trong Device Manager v chn Disable t thc n Action bn c th lm cho thit b khng hot ng cho n khi bn kch hot n bng tay. Cc thit b v hiu ha xut hin trong Device Manager vi ch X mu trn biu tng ca chng. V hiu ha mt thit b khng lm nh hng n thit b , ch c trnh iu khin b v hiu ha ngn khng h thng truy cp vo n. Mt s thit b nh b vi x l chng hn khng th v hiu ha v trong mt s trng hp bn c h thng hng dn khi ng li my tnh c th v hiu ha hon ton thit b. Mt khi bn khi ng li my tnh sau khi v hiu ha thit b, cc ti nguyn h thng m n ang s dng s c gii phng ra khi h thng v c th c gn li cho cc thit b khc nu h thng thy cn thit. Khi bn kch hot thit b tr li (bng cch la chn Enable t thc n Action), n c th s dng cc ti nguyn phn cng khng ging vi nhng ti nguyn m trc n s dng.
G b cc trnh iu khin thit b

Bng cch la chn mt thit b v chn Uninstall t thc n Action, bn c th g b trnh iu khin thit b ra khi h thng. nh hng ca vic g b ny ph thuc vo thit b c ci t nh th no trong ln u tin: Nu thit b c ci t bng tin trnh PnP G b thit b kiu ny s loi b trnh iu khin thit b v xa hon ton thit b phn cng ra khi Device Manager. Tuy nhin, nu phn cng vn hin din v mt vt l trn my tnh th PnP s ci t li n ti ln khi ng k tip, hay khi bn chn Scan For Hardware Changes (qut nhng thay i phn cng) t thc n Action hoc chy Add Hardware Wizard. Nu bn ci t thit b bng tay thng qua Add Hardware Wizard G b thit b s loi b trnh iu khin nhng bn thn thit b
506
QUN L CC TRNH IU KHIN THIT B vn hin din trong Device Manager. Biu tng ca thit b s xut hin vi du cm thn. CH Phng php khc g b cc trnh iu khin Bn cng c th g b mt trnh iu khin thit b bng cch nhp Uninstall trn trang Driver hp thoi Properties ca thit b.
Qun l cc c tnh thit b

Khi bn la chn mt thit b trong Device Manager t thc n Action v la chn Properties, hp thoi Properties xut hin. Hp thoi ny cha cc th vi cc nt iu khin c b tr cho php bn qun l v cu hnh thit b cng nh trnh iu khin ca n. Ni dung ca hp thoi Properties c th thay i ty thuc vo loi thit b v trnh iu khin nhng hu ht cc thit b c t nht bn th c m t trong danh sch di y. CH Mc tiu ca k thi Cc mc tiu cho k thi 70-290 yu cu hc vin c kh nng cu hnh cc c tnh v cc thit lp thit b General (cc c tnh thng thng) hin th thng tin v thit b gm c chng loi, hng sn xut, v tr v trng thi hot ng hin ti. N cng bao gm cc iu khin cho php, v hiu ha v x l s c i vi thit b.
Advanced (nng cao) Cha cc iu khin theo thit b do trnh iu khin thc hin. Khng phi lc ny cng tn ti th ny d i khi gi n l cc thit lp nng cao.
507
Driver (trnh iu khin) Hin th thng tin v trnh iu khin thit b gm c tn nh cung cp, ngy sn xut, phin bn, tn file v cng cha cc iu khin cho qu trnh cp nht, phc hi phin bn trc v g b trnh iu khin.
Resources (cc ti nguyn) Hin th cc ti nguyn phn cng hin ang c cc thit b s dng v trong cc iu kin c th n cung cp cc iu khin thay i cu hnh ti nguyn. Th ny khng phi lc no cng tn ti.
508
Cp nht trnh iu khin

cp nht trnh iu khin thit b, bn m hp thoi Properties ca thit b trong Device Manager, la chn th Driver v nhp vo Update Driver. ng tc ny s khi to Hardware Update Wizard cho php bn xc nh v tr cc trnh iu khin cp nht m bn mun ci t hoc tm kim n. cp nht mt trnh iu khin thit b, bn phi c quyn ging nh khi ci t n ln u tin nh thnh vin ca nhm Administrators hoc c quyn hn ngi s dng Load And Unload Device Drivers (ci t v g b cc trnh iu khin thit b) chng hn. CH Cc cp nht trnh iu khin khng cn quyn thch hp Mt trng hp ngoi l i vi nhng yu cu v quyn khi cp nht cc trnh iu khin thit b l khi bn nhn chng qua Windows Update Web site. Vi trng hp ny, bt k ngi s dng no cng c th ci t mt trnh iu khin thit b. Khi bn la chn Install From A List Or Specific Location (ci t t mt danh sch hoc mt v tr xc nh) trn trang Welcome ca trnh hng dn, n s cung cp cho bn mt trang nh trong hnh v 11-11 bn c th xc nh v tr m trnh hng dn s tm kim cc trnh iu khin hoc cho php bn la chn mt trnh iu khin t mt danh sch.
509
Hnh 11-11: Cc la chn cp nht trnh iu khin Thay v tm kim trnh iu khin, bn cng c th la chn Dont Search (khng tm kim) v bn s nhn c mt trang nh hnh v 11-12. Trang ny lit k tt c cc trnh iu khin sn c trn h iu hnh v tng thch vi phn cng la chn. Bn cng c th nhp vo nt Have Disk xc nh mt v tr khc cha trnh iu khin.
Hnh 11-12: La chn mt trnh iu khin cp nht Khi trnh hng dn hon thnh tin trnh ci t trnh iu khin cp nht, bn c th nhn c yu cu khi ng li my tnh ty thuc vo loi thit b lin quan.
Phc hi trnh iu khin thit b c

Trong mt s trng hp, bn nhn thy rng trnh iu khin bn cp nht gn y khng hot ng nh mong mun v vy bn mun quay tr li phin bn m bn s dng trc y. Rt may mn, khi bn s dng
510
QUN L CC TRNH IU KHIN THIT B Device Manager cp nht mt trnh iu khin thit b, Windows Server 2003 t ng gi li mt phin bn ca cc file c thay th. quay tr li vi phin bn ci t trc ca trnh iu khin, bn m hp thoi Properties ca thit b v trn th Driver la chn Roll Back Driver.
Qun l cc ti nguyn phn cng

Mc d iu ny khng xy ra thng xuyn nhng bn c th cn cu hnh bng tay cc ti nguyn phn cng m mt thit b Windows Server 2003 s dng. iu ny ch thc s cn thit khi bn buc phi ci t mt phn cng c khng h tr chun PnP nh card m rng ISA chng hn. lm vic vi cc ti nguyn phn cng trn Device Manager, bn m hp thoi Properties ca mt thit b v la chn th Resources nh hnh v 11-13.
Hnh 11-13: Th Resources trn hp thoi Properties ca mt thit b CH Mc tiu ca k thi Cc mc tiu cho k thi 70-290 yu cu cc hc vin c kh nng cu hnh cc thit lp ti nguyn cho thit b. Trn th ny, hp Resource Settings xc nh cc ti nguyn m thit b hin nay ang s dng theo loi v theo thit lp. Vi cc thit b ci t s dng PnP, th Resources ch mang tnh cht cung cp thng tin. Bn khng th thay i cu hnh ti nguyn trn . Vi cc thit b cu hnh bng tay, bn c th thay i cc thit lp ti nguyn m trnh iu khin s dng. thay i cc thit lp ti nguyn ca mt thit b, bn phi xa hp kim tra Use Automatic Settings cho php cc iu khin khc trn th. K bn c th s dng danh sch th xung Settings Based On la chn mt
511
QUN L CC TRNH IU KHIN THIT B cu hnh phn cng c thit lp trc nu c bt k ci no c th. Bn cng c th thay i thit lp cho bt k ti nguyn no c lit k trong hp Resource Settings bng cch la chn n, nhp vo Change Settings v chn mt gi tr khc. Nu bn xc nh mt thit lp ti nguyn trng vi ci m mt thit b khc hin ang s dng th thit b s xut hin trong hp danh sch Conflicting Device. Bn phi la chn cc ti nguyn cha c s dng nhm ngn khng cho xy ra tnh trng cc thit b xung t hot ng khng ng chc nng. CNH BO Xc nh ti nguyn bng tay Mt khi bn cu hnh th cng cc ti nguyn cho mt trnh iu khin thit b, cc ti nguyn ny c cp pht mt cch c nh. PnP khng th s dng cc thit lp ny khi cu hnh cho cc thit b khc thm ch gii phng cc ti nguyn xc nh do cc thit b khc s dng.
S DNG CONTROL PANEL

Device Manager cung cp mt cng c truy cp ton din ti phn cng cng nh trnh iu khin thit b ca mt my tnh nhng khng phi l phng tin duy nht. Windows Server 2003 lu tr thc s thng tin v phn cng v trnh iu khin trong Windows Registry v cc cng c nh Device Manager chng hn ch l giao din mt trc cung cp truy cp n d liu registry. Mt cng c khc trong Windows Server 2003 cng cho php truy cp n thng tin registry thn thin hn l Control Panel. Mt s ng dng trong Control Panel cho php truy cp n phn cng v d liu cu hnh trnh iu khin i vi cc thnh phn h thng khc nhau. Giao din ny khng nht qun v y nh Device Manager nhng ngi s dng c th truy cp ti mt s cc trnh iu khin thit b quan trng hn trn h thng theo cch ny. Cc ng dng trong Control Panel cung cp kh nng truy cp ti cc trnh iu khin thit b nh sau: Add Hardware (thm thit b phn cng) Cho php ngi s dng truy cp ti Add Hardware Wizard (nh m t phn trn trong chng ny) ci t trnh iu khin thit b mi v x l s c i vi nhng ci sn c. Display (hin th) Cho php ngi s dng truy cp ti cc trnh iu khin thit b ca video card v mn hnh ca my tnh thay i cc c tnh nh phn gii mn hnh v su mu sc.
512
QUN L CC TRNH IU KHIN THIT B Game Controllers (b iu khin tr chi) Cho php truy cp ti cc trnh iu khin thit b dnh cho bt k b iu khin tr chi no c ci t trn my tnh. Keyboard (bn phm) Cho php truy cp ti cc trnh iu khin thit b dnh cho bn phm c ci t trn my tnh. Mouse (chut) Cho php truy cp ti cc trnh iu khin thit b dnh cho chut hoc thit b con tr khc c ci t trn my tnh. Network Connections (cc kt ni mng) Cho php truy cp ti cc trnh iu khin thit b dnh cho cc card mng c ci t trn my tnh. Phone And Modem Options (cc la chn v in thoi v modem) Cho php truy cp ti cc trnh iu khin thit b dnh cho bt k modem no c ci t trn my tnh. Printers and Faxes (my in v my fax) Cho php truy cp ti cc trnh iu khin thit b dnh cho cc my in c ci t trn my tnh. Scanners and Cameras (my qut v my nh) Cho php truy cp ti cc trnh iu khin thit b dnh cho cc my qut v my nh c ci t trn my tnh. Soundss and Audio Devices (m thanh v cc thit b audio) Cho php truy cp ti cc trnh iu khin thit b dnh cho cc card m thanh v cc thnh phn lin quan ti m thanh khc c ci t trn my tnh. System Cho php truy cp ti hp thoi Properties gm c Device Manager, Add Hardware Wizard v cc iu khin v xc nhn trnh iu khin. Trong hu ht cc trng hp, Control Panel cng nh Device Manager u cung cp kh nng truy cp ti cng hp thoi Properties. Cc iu khin ny cng b hn ch v mt truy cp nh Device Manager.
513
X L S C CC THIT B V TRNH IU KHIN

i khi, bn c th gp nhng rc ri vi cc thnh phn phn cng v trnh iu khin thit b c bit nu bn lm vic vi cc thit b khng tun theo chun PnP. Windows Server 2003 cung cp cho ngi s dng mt s cng c bn c th x l nhng li ny. Mt s cng c ni trn c m t trong cc phn di y.
Cc m trng thi ca Device Manager

Khi mt thit b hoc trnh iu khin ca n hot ng khng ng, Device Manager thng thng s pht hin ra li v thay i biu tng thit b nhm thng bo vi ngi s dng v tnh trng li ca thit b. Tuy nhin bn c th nhn c nhiu thng tin hn v tnh trng li ca thit b nu bn m hp thoi Properties ca thit b. Trn th General, hp Device Status thng m t v li xy ra i vi thit b v km theo c th l mt m li. Bng 11-1 sau m t cc m li thng xy ra v phng php x l s c tng ng. Bng 11-1: Cc m li trong Device Manager M li 1 Ch gii Thit b ny khng c cu hnh chnh xc Phng php x l s c S dng Update Driver cp nht trnh iu khin thit b. Nu khng c sntrnh iu khin no c gng g b thit b ra khi Device Manager, sau khi ng li h thng v ci t li thit b. Trnh iu khin c th b hng. Nu bn c gng ti mt file b hng, h thng c th ngh rng n cn nhiu b nh hn. S dng cng c Task Manager xc nhn rng h thng ca bn khng trong tnh trng b nh thp. Nu b nh vn , s dng Update Driver ci t mt bn sao khc ca trnh iu
Trnh iu khin thit b ny c th b hng hoc h thng ca bn ang trong tnh trng b nh hoc cc ti nguyn khc thp
514
QUN L CC TRNH IU KHIN THIT B khin y. 10 Thit b khng th khi ng Kim tra xc nhn rng phn cng c ci t chnh xc trn my tnh. Nu ng, chy Hardware Update Wizard v s dng nt Update Driver nhng khng cho php Windows Server 2003 t ng pht hin thit b. Thay vo la chn Install From A List Or Specific Location (ci t t mt danh sch hoc mt th mc xc nh) v tr trnh hng dn ti trnh iu khin tng ng. Thit b ny khng th tm c ti nguyn trng s dng. Nu bn mun s dng thit b ny, bn cn v hiu mt trong cc thit b khc trn h thng ny. La chn th Resources trn hp thoi Properties cha cc li. Windows Server 2003 s pht hin c cc thnh phn ang xung t vi thit b. Bn cn v hiu ha hoc g b thnh phn xung t ny. Sau bn c th ci t li thit b m bn va g b v xem h thng c gn ti nguyn khc cho n khng. Nu khng, bn phi gn ti nguyn cho n mt cch th cng. Hu ht cc li khc u lin quan ti trnh iu khin khng tng thch hoc cu hnh trnh iu khin khng chnh xc. C gng s dng mt trnh iu khin khc hoc g b thit b ra khi Device Manager v ci t li n.
12
Cc li khc
Ty thuc vo tng trng hp
515
S dng cc cng c x l s c phn cng

Trong cc phn trc ca chng ny, bn thy rng Add Hardware Wizard cho php bn la chn thnh phn c ci t trn my tnh bng cch s dng mt giao din nh hnh v 11-14. Hp danh sch Installed Hardware hin th trong trnh hng dn lun lun bt u vi cc thit b c vn . V vy bn c th trnh hng dn ny x l mt thit b hot ng khng chnh xc. Khi bn la chn mt mc trong hp danh sch Installed Hardware, trnh hng dn s hin th trng thi hin ti ca n v cho php bn bt u tin trnh x l. i khi trnh hng dn gip bn tm thy nguyn nhn ca li.
Hnh 11-14: Danh sch phn cng ci t trong Add Hardware Wizard Cc cng c x l s c trn Windows Server 2003 c thc hin trong Help And Support Center nh hnh v 11-15. Mn hnh xut hin ty thuc vo li trn thit b v trng thi hin ti ca phn cng. V d, mt cng c x l s c thng thng s hi bn xc nhn rng thit b c nm trong HCL (danh sch phn cng tng thch) trn Windows Server 2003 v tip theo hi bn gn y c ci t trnh iu khin thit b mi khng. Tip theo cng c x l c th cung cp cc hng dn gip bn x l nhng rc ri trn thit b nh s dng li trnh iu khin c hoc ci t li thit b chng hn.
516
Hnh 11-15: Mn hnh x l s c phn cng trn Windows Server 2003
Phc hi trng thi t Device Disaster (thm ha thit b)

i khi, vic ci t hoc nng cp mt trnh iu khin thit b c th gy ra nhng li nghim trng trn h thng ca bn. Ty thuc vo s quan trng ca thit b m nh hng ca n c th l t mc khng ng k n mc cc k nguy him. iu ny c bit ng i vi cc thnh phn h thng li nh cc trnh iu khin mn hnh chng hn bi v cu hnh li c th lm cho my tnh ca bn khng th s dng c. Quay tr li trnh iu khin c rt kh khn do bn khng th nhn thy mn hnh. Windows Server 2003 cung cp nhiu phng php cho php bn phc hi h thng do nhng li lin quan n trnh iu khin. Cc cng c c thit k cho cc mc ch khc nhau. Bn c th s dng cc cng c sau phc hi li do qu trnh ci t trnh iu khin: Driver Rollback (s dng li trnh iu khin c) Nh cp trn, s dng li phin bn trnh iu khin c l phng php d dng gii quyt li do trnh iu khin sai. Tt nhin bn phi c quyn h thng s dng Device Manager v thc hin chc nng ny. Last Known Good Configuration (cu hnh tt nht m bn s dng trong ln gn y nht) c s dng khi mt thit b cp nht trnh iu khin yu cu khi ng li v my tnh khng th khi ng n im cho php bn ng nhp vo h iu hnh. Khi bn thay i cc trnh iu khin, h thng yu cu khi ng li nhng li nm trong tin trnh khi ng, bn c th nhn phm F8 khi h thng khi ng li v la chn Last Know Good
517
QUN L CC TRNH IU KHIN THIT B Configuration phc hi kha registry: HKLM\System\CurrentControlSet tr v gi tr bn u cha thng tin v trnh iu khin c. Nu li trnh iu khin khng t xy ra cho n khi bn ng nhp thnh cng vo h thng (iu ny thng xy ra i vi nhng cp nht trnh iu khin mn hnh) th la chn ny t khi c s dng. Bi v, mt khi bn ng nhp thnh cng vo h thng th cu hnh ln cui cng tt s b ghi ln ngay. Safe Mode (ch an ton) Nu mt tin trnh ci t trnh iu khin thit b lm cho my tnh hot ng khng chnh xc, nhp F8 khi h thng khi ng li v chn ch Safe Made. Ch ny lm cho Windows Server 2003 khi ng vi mt cu hnh ti thiu v ch c cc trnh iu khin thit b cn cho tin trnh khi ng v ng nhp. Mt khi h thng ang chy trong ch Safe Mode bn c th s dng Device Manager v hiu ha thit b gy ra li. Recovery Console (mn hnh phc hi h thng) Khi c Last Know Good Configuration ln Safe Mode u khng th gip bn ng nhp vo h thng th Recovery Console s gip bn ng nhp v truy cp ti mt phn hn ch cc file h thng t ch dng lnh. T Recovery Console, bn c th v hiu ha li nhng lm c iu bn phi bit chnh xc tn cu thit b hoc trnh iu khin (hoc c hai).
518
TNG KT
Cc trnh iu khin thit b l cc phn mm cho php cc ng dng v h iu hnh lin kt vi cc thit b phn cng xc nh. Mi thit b phn cng m bn ci t trn my tnh u phi c mt trnh iu khin tng ng c thit k cho h iu hnh m my tnh ca bn ang s dng. Plug and Play (PnP) l mt chun cho php cc my tnh pht hin v nhn din cc thit b phn cng v tip theo ci t, cu hnh trnh iu khin cho chng. PnP t ng gn cc ti nguyn phn cng cho mi thit b v bn c th cu hnh li cc thit b khc ph hp vi nhng nhu cu c bit ca mi thnh phn. Windows Server 2003 cha mt th vin ln cc trnh iu khin dnh cho nhiu thit b phn cng khc nhau. Nu Windows khng cha trnh iu khin cho thit b trn my tnh ca bn th bn phi ly chng t nh sn xut thit b (thng thng chng i km theo thit b v c cha trong a CD ci t hoc a mm) Cc trnh iu khin sn c trn Windows Server 2003 tt c u c kim chng v m bo rng chng tng thch hon ton vi h iu hnh. Bn c th cu hnh cch thc x l ca h iu hnh khi bn thc hin ci t mt trnh iu khin cha qua kim chng bng cch s dng hp thoi Driver Signing Options. lin lc vi my tnh, cc thit b phn cng s dng cc ti nguyn phn cng nh cc yu cu ngt (IRQ), cc a ch vo/ra (I/O), cc knh DMA (truy cp trc tip b nh) v cc a ch b nh chng hn. Device Manager l mt mn hnh qun tr lit k tt c cc thit b phn cng trn my tnh ca bn v ch r nhng li lin quan n thit b hoc trnh iu khin. S dng Device Manager, bn c th cho php hoc v hiu ha cc thit b, cp nht hoc s dng li cc trnh iu khin, qun l thit b v cc c tnh trnh iu khin ca chng v gii quyt nhng li xung t ti nguyn phn cng. Ngi s dng phi c quyn qun tr mi c th ci t v qun l cc thit b phn cng cng nh cc trnh iu khin ca chng. Mt ngoi l i vi trng hp ny l ngi s dng khng c quyn qun tr vn c th ci t cc thit b PnP khi thit b
519
QUN L CC TRNH IU KHIN THIT B khng yu cu bn cp trnh iu khin hoc yu cu s can thip ca ngi s dng. Nhiu nh sn xut thit b phn cng a ra cc cp nht cho trnh iu khin mt cch nh k. iu ny buc ngi qun tr h thng phi quyt nh c nn ci t chng khng v ai l ngi ci t chng, khi no th ci t. La chn Last Known Good Configuration rt hu dng cho bn quay tr li trnh iu khin c s dng trc nhng ch khi no bn cha ng nhp thnh cng vo h thng. Khi ng my tnh trong ch Safe Mode s ch ti mt phn ti thiu cc trnh iu khin, cho php bn truy cp vo Device Manager v c th v hiu ha, g b hoc quay tr li trnh iu khin c nhm ngn khng cho h thng ri vo tnh trng hot ng thiu n nh.
520
BI TP THC HNH
===============================================
Bi tp thc hnh thc hnh 11-1: Hin th cc ti nguyn phn cng

Trong bi thc hnh ny, bn s s dng Device Manager hin th cc ti nguyn phn cng trn my tnh ca bn v cc thit b ang s dng chng. 1. Truy cp vo h iu hnh Windows Server 2003 bng ti khon Administrator. 2. Nhp Start, tr ti Control Panel v chn System. Hp thoi System Properties xut hin. 3. La chn th Hardware v tip theo nhp vo Device Manager. Ca s Device Manager xut hin. 4. Trn thc n View chn Resources By Type. 5. M rng tiu Interrupt Request (IRQ) v ch cc thit b s dng cc chui IRQ ca h thng. ===============================================
Bi tp thc hnh thc hnh 11-2: Cu hnh cc la chn ch k trnh iu khin

Trong bi thc hnh ny, bn s cu hnh cc la chn v trnh iu khin c xc thc trn my tnh. 1. Truy cp vo h iu hnh Windows Server 2003 bng ti khon Administrator. 2. Nhp Start, tr ti Control Panel v chn System. Hp thoi System Properties xut hin. 3. La chn th Hardware ri nhp vo Driver Signing. Hp thoi Driver Signing Options xut hin. 4. La chn Block v nhp OK. Bn s khng c php ci t cc trnh iu khin cha c hng Microsoft k xc nhn.
521
QUN L CC TRNH IU KHIN THIT B ===============================================
Bi tp thc hnh thc hnh 11-3: Ci t trnh iu khin thit b

Trong bi thc hnh ny, bn s ci t trnh iu khin thit b cho mt card mng khng c thc trn my tnh ca bn. 1. Truy cp vo h iu hnh Windows Server 2003 bng ti khon Administrator. 2. Nhp Start, tr ti Control Panel v chn System. Hp thoi System Properties xut hin. 3. La chn th Hardware ri nhp vo Add Hardware Wizard. 4. Nhp Next v i trnh hng dn qut my tnh ca bn tm ra thit b mi. Nu bn khng thm bt k thit b no, trnh hng dn s hi bn xem thit b mi c kt ni cha. 5. La chn Yes, I Have Already Connected The Hardware v nhp Next. 6. Cun ti phn cui trong danh sch thit b phn cng ci t Installed Hardware, la chn Add A New Hardware Device v k nhp Next. 7. La chn Install The Hardware That I Manually Select From A List (Advanced) v nhp Next. 8. Trong danh sch Common Hardware Types, la chn Network Adapters ri nhp Next. 9. La chn Microsoft l nh sn xut v Microsoft Loopback Adapter l card mng ri nhp Next. 10. Nhp Next ci t card v tip theo nhp Finish ng trnh hng dn li.
522
QUN L CC TRNH IU KHIN THIT B 11. Windows Server 2003 s ti trnh iu khin v ci t thit b. Mt card mng mi c tn Microsoft Loopback Adapter s xut hin trong Device Manager bn di nhm Network Adapters.
523
CC CU HI N TP
1. Mt ngi s dng l thnh vin ca nhm Users mun ci t mt my in USB c kt ni ti my in ca bn. Trnh iu khin my in c sn trong Windows Server 2003. Ngi s dng c th ci t my in m khng cn ti s tr gip ca ngi qun tr khng? Ti sao c v ti sao khng? 2. Mt ngi s dng l thnh vin ca nhm Users mun ci t mt my in USB c kt ni ti my in ca bn. Trnh iu khin my in c sn trong Windows Server 2003 nhng nh sn xut cung cp mt trnh iu khin c xc thc trn a CD-ROM. Ngi s dng c th ci t my in m khng cn ti s tr gip ca ngi qun tr khng? Ti sao c v ti sao khng? 3. Trong tnh hung no bn phi thay i cc thit lp ti nguyn phn cng cho mt thit b? 4. Bn cn g b tm thi v mt logic ch khng phi v mt l mt thit b PnP ra khi cu hnh phn cng ca mt my tnh. Bn mun ti u ha thi gian khi phc li thit b sau ny. Cc la chn di y, u l la chn ti u nht bn hon thnh mc tiu ni trn? a. S dng Device Manager g b thit b b. G b vt l thit b phn cng ra khi my tnh c. S dng Device Manager v hiu ha thit b d. Di chuyn file cha trnh iu khin thit b ti mt th mc khc trn a cc b. 5. Nh sn xut card mng khng dy c ci t trn my tnh ca bn va a ra trnh iu khin mi. Bn mun th trnh iu
524
QUN L CC TRNH IU KHIN THIT B khin nhm kim tra qu trnh hot ng ca n. Bn s s dng la chn no trong Device Manager th trnh iu khin mi? 6. Bn mun hin th danh sch cc thit b c kt ni ti h thng Windows Server 2003 ca bn theo IRQ. Bn s s dng cc phng php no di y thc hin cng vic ny? (La chn tt c cc cu tr li ng) a. S dng Device Manager, t thc n View la chn Resources By Connection. b. S dng Device Manager, t thc n View la chn Resources By Type. c. S dng Device Manager, t thc n View la chn Device By Connection. d. S dng Device Manager, t thc n View la chn Devices By Type. 7. Gn y bn c ci t ba card mng c trn mt my ch thnh vin Windows Server 2003. Hai card lm vic tt nhng ci th ba b xung t vi cc thit b khc trn h thng ca bn. Bn phi lm g c th xc nh thit b no trn h thng ang xung t vi card mng th ba ny? a. S dng Device Manager v tm kim thit b khc c k hiu mu vng v du cm thn mu en bn cnh n. b. Xem nht k s kin ng dng v tm kim bn ghi m t thit b ang xung t vi card mng ny. c. S dng Device Manager v tm kim thit b khc c k hiu mu vng v du cm thn mu en bn cnh n. Trn thc n Action, la chn Properties. Trn th Resources, mt danh sch cc thit b xung t s hin th cc ti nguyn xung t.
525
QUN L CC TRNH IU KHIN THIT B d. Chy Hardware Troubleshooting Trnh hng dn v la chn Resolve All Device Conflicts.
CC KCH BN TNH HUNG

===============================================
Kch bn 11-1: X l cc s c lin quan n trnh iu khin video

Bn va hon thnh cu hnh mt trnh iu khin mi cho card mn hnh v nhn c thng bo nhc nh bn khi ng li my tnh nhm lm cho nhng thay i c tc dng. Ngay sau khi bn khi ng li my tnh, mn hnh xut hin mt mu en. K thut x l s c hoc cng c no cho php bn phc hi li v trnh iu khin mn hnh ny mt cch d dng nht? a. Last Known Good Configuration b. Driver Rollback c. Safe Made d. Recovery Console ===============================================
Kch bn 11-2: Thay i cc thit lp ti nguyn phn cng

Bn l nh qun tr h thng bn thi gian cho mt doanh nghip nh. Doanh nghip ny hin ang c mt my ch c lp chy Windows Server 2003. Gn y bn nhn c mt bo mch fax c y l mt thit b cho php nhn v gi nhiu bn fax ti cng mt thi im. Bn ci t bo mch ny trn my ch Windows Server 2003 nhng n khng lm vic. Bn m Device Manager v thy rng biu tng ca bo mch fax c mt cnh bo mu vng vi du cm thn mu en. Bn pht hin ra rng c mt s xung t v IRQ vi mt thit b khc trn h thng, l mt b iu khin RAID c. Trong cc phng php di y, u l phng php ng cho php thay i cu hnh bo mch khng xy ra xung t gia n vi b iu khin RAID? a. Trn mn hnh Device Manger, la chn b iu khin RAID. Trn thc n Action, la chn Properties. La chn th
526
QUN L CC TRNH IU KHIN THIT B Resources v k xa hp kim tra Use Automatic Settings. La chn IRQ v nhp vo Change Settings. Cun mn hnh cha IRQ cho n khi bn nhn thy mt ci khng xung t vi bt k mt thit b khc. Nhp OK v khi ng li my ch. b. La chn bn mch fax trong Device Manager. Trn thc n Action, la chn Properties. La chn th Resources v k xa hp kim tra Use Automatic Settings. La chn IRQ v nhp vo Change Settings. Cun mn hnh cha IRQ cho n khi bn nhn thy mt ci khng xung t vi bt k mt thit b khc. Nhp OK v khi ng li my ch. c. Trn mn hnh Device Manger, la chn b iu khin RAID. Trn thc n Action, la chn Properties. La chn th Resources v k xa hp kim tra Use Automatic Settings. La chn I/O Range v nhp vo Change Settings. Cun mn hnh I/O Range cho n khi bn nhn thy mt ci khng xung t vi bt k mt thit b khc. Nhp OK v khi ng li my ch. d. Trn mn hnh Device Manger, la chn b iu khin RAID. Trn thc n Action, la chn Properties. Trong danh sch th xung Device Usage trn th General la chn Do Not Use This Device (Disable).
527
QUN L LU TR D LIU TRN A
CHNG 12: QUN L LU TR D LIU TRN A

Nu c mt chn l v k thut thng tin th chnh l: cho d ngy hm nay bn c bao nhiu khng gian lu tr d liu th ngy mai khng gian s tr nn cht hp. Ch cch y mt thp k, cc a cng hu ht cn c tnh theo n v megabyte. Mt a cng vi dung lng 1GB c kch thc mt hp ng i giy v c gi tr hng ngn la. Nhiu t chc gi y o dung lng lu tr ca h theo n v terabyte v vic qun l tt c d liu c th to mt sc p khng khip ln h thng lu tr trn cc my ch ca bn. Mt s t chc ln ang chuyn hng sang cc mng lu tr (SANStorage Area Network) vi kt ni quang, cc dy a c kh nng chng li nhng nhn chung bn vn thy cc my ch vi lng lu tr ln v mt vn rt quan trng trong cu hnh kh nng lu tr my ch l cung cp s cn bng ti u gia dung lng lu tr, hiu nng v kh nng chng li. Microsoft Windows Server 2003 cung cp cc cng c cho php bn m rng dung lng lu tr ca h thng, cung cp kh nng chng li v nng cao hiu nng ca h thng lu tr. Cc nh qun tr h thng s cn phi hiu mt cch tng tn v cc cng c ny nhm m bo cho cc a cng hot ng trn tru v trnh c tnh trng cn kit khng gian lu tr. Hon thnh chng ny bn c kh nng: Hiu c cc khi nim v thut ng v lu tr trn a. Phn bit lu tr c bn vi lu tr ng. Xc nh cc loi volume lu tr c Windows Server 2003 h tr. Xc nh m hnh RAID trin khai nhm tha mn mt yu cu lu tr c th v mt mc s dng, kh nng chng li v hiu nng. Thm khng gian lu tr cho mt my tnh s dng Windows Server 2003. Qun l cc a bng cch s dng Check Disk, Disk Defragmenter v hn ngch a.
528
TNG QUAN V LU TR D LIU TRN A TRONG WINDOWS SERVER 2003

Trc khi bn c th hiu mt cch y v kh nng lu tr d liu trn a cng ca h iu hnh Windows Server 2003, bn cn nm c mt vi khi nim c bn. Cc phn di y s im qua mt vi phng php t tn m Windows Server 2003 s dng khi cp n vn lu tr d liu trn a v cc cu trc c bn bn c th s dng to ra mt chnh sch lu tr d liu. Mc d ban u s khc bit c v nh l r rng nhng khi lm vic vi h thng lu tr trong Windows Server 2003 th vic duy tr kh nng nhn bit s khc bit gia cc thit b lu tr vt l vi nhng phn vng logic m bn c th to ra trn chng (thit b vt l) l mt iu ht sc quan trng. Mt a vt l, ng nh tn gi ca n l mt n v a n, c lp v thng l mt a cng. V mt k thut, khi nim disk cp ti cc a c hnh dng trn c trng t trng bn trong mt a. Mt a c th c mt a n hoc c th l mt chng cc a, tt c chng c xem nh a cng bn trong a. lu tr d liu trn mt a vt l, trc ht bn phi phn vng cho n. Cu hnh n gin nht c th c l mt a vt l c mt phn vng n c hin th trong h iu hnh bi mt k t a. Tuy nhin bn cng c th to c nhiu phn vng trn mt mt a vt l n. Mt phn vng l mt khng gian a c chc nng nh mt thnh phn lu tr d liu vt l ring bit. Khi mt a vt l c nhiu hn mt phn vng, mi phn vng c th c hin th bi cc k t a khc nhau trn h iu hnh. CH Cc k t a v cc a vt l Trong thc t c th bn nhn thy nhiu k t a trn h iu hnh th iu khng c ngha l c nhiu a trn my tnh. Mt vi ng dng khuyn co rng cu trc d liu xc nh nn lu tr trn cc a tch ri nhm mang li hiu qu cao nht cho cc hot ng lu tr ca ng dng. V d, Active Directory Installation Wizard khuyn co rng c s d liu ca Active Directory v cc file nht k nn c lu tr trn cc a tch ri. Tuy nhin vic xc nh cc k t a khc nhau cho cc cu trc d liu ny l khng ng ngha vi vic chng c lu tr trn cc a vt l khc nhau. Bn phi nm r v cu trc thc t ca a vt l bit xem thc t cc k t a no tr n cc a vt l khc nhau.
529
QUN L LU TR D LIU TRN A Khng ging nh cc a (Disk) v cc phn vng (Partition), lun c t ti gc trong cu hnh vt l ca phn h thng lu tr, volume (i khi cn gi l mt a logic) l mt n v lu tr logic m bn c th to ra v qun l chng nh cc cng c lu tr trong Windows Server 2003. Mt volume c th cha tt c hoc mt phn ca mt hoc ca nhiu cc phn vng a vt l. y mt ln na, cu hnh n gin nht c th l mt cu hnh m mt volume n cha ton b mt phn vng, phn vng ny li bao gm ton b mt a vt l. Tuy nhin, bn cng c th to ra nhiu volume t mt phn vng n hoc mt volume t nhiu phn vng. C nhiu l do s dng c hai phng thc ni trn qun l a. Vic to ra nhiu volume t mt phn vng n cho php bn tch ring mt cch logic cc loi d liu khc nhau. V d, bn c th s dng mt volume ci t cc ng dng v ci khc lu tr cc file d liu. N lm n gin ho qu trnh iu khin truy cp cho ngi qun tr v ngn khng cho cc loi d liu b trn ln vi nhau. Vic phi hp cc phn vng t nhiu a vt l vo trong mt volume cho php bn hp nht tt c cc khng gian a vo trong mt t hp a c hin th bi mt k t a. K thut ny cng cho php bn thc hin cc k thut lu tr cao cp nhm nng cao hiu nng v cung cp thm kh nng chng li nh disk mirroring (nh x a), disk striping (ghi a theo tng dc) v redundant array of independent disks (RAID_ dy cc a c lp c kh nng chng li) chng hn. CH Cc volume v cc k t a Trong hu ht cc trng hp, mt volume c hin th bi mt k t a, thm ch khi volume bao gm nhiu phn vng trn cc a vt l khc nhau. Tuy nhin, mt volume khng nht thit phi c mt k t a. Bn c th gn mt volume nh mt th mc trn mt volume khc kt hp mt cch hiu qu hai volume vo trong mt k t a logic. S lng v tnh cht ca cc phn vng v cc volume bn c th to ra t khng gian trn a vt l ph thuc vo kiu lu tr ang s dng trn Windows Server 2003: lu tr c bn hay lu tr ng. Cc loi hnh lu tr ny s c nu chi tit trong cc phn di y. LU S nhm ln thut ng Nu bn c kh khn trong vic phn bit gia cc a vt l, cc phn vng v cc volume th bn cng ng qu lo lng. Nhiu ti liu tham kho v thm ch l mt s ti liu ca Microsoft cng s dng sai cc khi nim ny. Tuy nhin khi bn tm hiu v cc kh nng ca cc h thng lu tr
530
QUN L LU TR D LIU TRN A ng v c bn trn Windows Server 2003 th s khc bit gia cc khi nim lu tr ny s tr nn r rng hn.
S dng c ch lu tr c bn
Lu tr c bn l chun cng nghip cho cng vic qun l a cng v l ch lu tr mc nh trong Windows Server 2003. Tt c cc phin bn ca Windows cng nh MS-DOS, u h tr lu tr c bn v c th truy nhp ti cc a c bn (Basic Disk). Trong Windows Server 2003, tt c cc a l a c bn cho ti khi bn chuyn i chng thnh a ng (Dynamic Disk). Trong ch lu tr c bn, mt a vt l c chia thnh cc phn vng v mi phn vng hot ng nh mt n v lu tr vt l ring bit. Thng tin v v tr v kch thc ca mi phn vng c lu li trong bng phn vng ca Master Boot Record (MBR) trn a. to nhiu volume trn mt a vt l duy nht, bn phi to ra nhiu phn vng. Windows Server 2003 h tr ti a 4 phn vng trn mt a c bn v c hai kiu phn vng: Phn vng chnh (Primary Partition) Mt a c bn c th c ti a 04 phn vng chnh vi mi phn vng hot ng nh mt volume ring bit. Mt trong cc phn vng ny c th c ch nh lm phn vng khi ng (Boot Partition). My tnh s tm kim trn phn vng khi ng cc file khi ng cn thit np h iu hnh. Sau khi to ra mt phn vng chnh, bn phi nh dng n vi mt kiu h thng tp tin trc khi lu tr d liu ln . Phn vng m rng Mt a c bn c th c mt phn vng m rng s dng khng gian cn li sau tin trnh to cc phn vng chnh. Do mt a c bn ch c ti a 04 phn vng nn khi c mt phn vng m rng th s phn vng chnh ti a l 3. s dng khng gian trn mt phn vng m rng, bn phi to ra mt hoc nhiu a logic trn phn vng trc, k nh dng chng mt cch ring r. Bn c th to ra mt s lng cc a logic ty trn khng gian phn vng m rng. CH S dng cc phn vng m rng Trong cc phin bn trc ca h iu hnh Microsoft gm c Windows 95, Windows 98 v MS-DOS , mt a vt l ch c th c mt phn vng chnh. Nu bn mun to nhiu volume trn mt a vt l duy nht th bn phi to mt phn vng m rng v chia n thnh mt
531
QUN L LU TR D LIU TRN A hoc nhiu a logic. Bi v Windows NT, Windows 2000, Windows XP v Windows Server 2003 u h tr vic s dng nhiu phn vng chnh nn l do duy nht gii thch vic to mt phn vng m rng l nu bn mun c nhiu hn 4 volume logic trn mt a c bn. CH Cc a c bn v thit b lu tr gn ngoi Cc thit b lu tr gn ngoi ch c th cha cc phn vng chnh. Bn khng th to ra cc phn vng m rng hoc cc a logic trn chng. Bn cng khng th c mt phn vng c kch hot (Active Partition) trn . Tuy nhin, cn lu rng, cc cng gn ngoi s dng kt ni USB2.0 hoc IEEE 1394 s khng c xem nh l cc a gn ngoi.
S dng c ch lu tr ng (Dynamic Storage)

Ngoi c ch lu tr c bn, Windows 2000, Windows XP v Windows Server 2003 cn h tr c ch lu tr ng. Trong lu tr ng, cc phn vng v a logic c gp li thnh cc volume v chng c s dng mt cc linh ng hn. Tt c cc a ng u ch cha mt phn vng cha khng gian lu tr c th s dng ca n. Cc n v lu tr ring trn phn vng c gi l cc volume. Vi cc a c bn, phn vng n trn mt a ng c xc nh bi thng tin lu tr trn MBR ca a. Tuy nhin, thng tin v volume khng c lu trn bng phn vng ca a m c lu trong mt c s d liu c iu kin bi dch v Logical Disk Manager ca h iu hnh. Do c s d liu ca volume khng b hn ch bi kch thc v cu trc MBR ca a nn bn c th to ra mt s cc volume khng hn ch trn mt a ng. Cc volume c kh nng linh hot hn so vi cc phn vng. Cc a ng h tr cc kiu volume sau: Simple volume ( a logic n gin) Hot ng nh mt phn vng chnh trn a c bn. Simple volume s dng khng gian trn mt a vt l v tng ng vi mt volume logic. Khi mt my tnh ch c mt a ng, tt c cc volume phi l cc simple volume. Sau khi to ra mt simple volume vi kch thc xc nh, bn c th m rng n bng vic gn thm cc khng gian cha s dng t cc vng khc trn cng mt a m khng cn phi xo ni dung trn volume ny. Do simple volume ch tn ti trn mt a vt l nn chng khng cung cp kh nng chng li.
532
QUN L LU TR D LIU TRN A Span volume ( a logic m rng) Mt span volume bao gm cc khng gian lu tr trn nhiu a cng vt l. Bn c th to mt span volume s dng khng gian lu tr ln ti 32 a vt l v cc kch thc s dng trn mi a c th khc nhau. Khi h thng thc hin ghi d liu ln mt span volume, n s bt u bng cch ghi y mt a vt l ri khi tip ln ln lt cc a tip theo. Do m span volume khng em li kh nng chng li . Bn c th m rng mt span volume m khng lm mt d liu bng vic b sung khng gian t bt c a vt l no ca h thng. Nhc im ln nht ca cc span volume l kh nng mt mt tim n ca chng c nhn ln cng vi s cc a cng c s dng cung cp khng gian lu tr cho volume. Nu mt a b hng th c volume cng s mt. Striped Volume ( a logic ghi theo vch) Mt striped volume (cn gi l RAID 0) l s kt hp ca cc vng khng gian trn cc a cng vt l khc nhau (ti a 32 a cng). Tuy nhin, khng ging nh span volume, Windows Server 2003 ghi d liu ln tt c cc a vt l trong volume (gi l stripe set Tp cc vch) vi cng mt tc . H thng s thc hin tin trnh ghi ln lt cc khi (block) d liu ln mi a vt l v do c nhiu u c c s dng cng mt lc nn hiu sut c/ghi t l thun vi s lng a cng trn volume. Nhng cng ging nh span volume, nu mt a b hng th tt c d liu trn volume cng b mt . CH Stripping v hiu nng Bn s khng ci thin c hiu sut trn mt striped volume khi s dng cc a IDE tr phi bn s dng cc knh giao tip IDE ring bit cho mi a cng vt l. iu ny xy ra v hai a s dng chung mt knh s khng nhn v thc thi cc mnh lnh mt cch ng thi . Cc knh giao tip ring bit s ci thin hiu sut bng cch phn phi cc yu cu I/O gia cc b iu khin cng nh gia cc a. t hiu sut cao nht, bn nn s dng cc a SCSI. Cc giao tip SCSI c th gi cc cu lnh ti mi a trn cng knh (bus) v cc a c th thc thi chng mt cch ng thi. Mirrored volume ( logic nh x) Mt mirrored volume (cn gi l RAID 1) bao gm hai bn sao y ht ca cng mt simple volume v mi bn sao nm trn mt a vt l ring bit . Tt c d liu lu tr trn volume c ghi ln c hai a mt cch ng thi. Cc mirrored volume cung cp kh nng chng li cho bn:
533
QUN L LU TR D LIU TRN A nu mt a vt l b hng th a cn li vn hot ng nh thng. Nhc im ca phng php ny l dung lng ca volume ch bng mt na khng gian lu tr ca a vt l . RAID-5 volume RAID-5 l k thut lu tr d liu cung cp kh nng chng li d liu c ghi ln cc a cng vt l khc nhau v c xem nh mt volume duy nht. Cng tng t nh striped volume, trn RAID-5 volume h thng s thc hin ghi d liu ln tt c cc a cng vt l vi cng mt tc nhng km theo c d liu kim tra gi l chn l (Parity). Mc d d liu chn l c phn phi cho tt cc a trong dy a nhng tng dung lng s dng cho d liu ny khng ln hn dung lng ca mt a. Nu mt a trong volume b hng, cc a cn li s ti to d liu b mt bng vic s dng d liu chn l. Qu trnh tnh ton s dng bit chn l trong tin trnh ghi d liu s to nn mt ti thm vo ln b vi x l ca h thng. Tuy nhin, RAID-5 li gia tng hiu sut c v d liu c c ng thi t nhiu u c . CH Cc hn ch ca volume h thng Do tnh cht quan trng ca volume h thng i vi s hot ng ca h thng nn Windows Server 2003 a ra nhng gii hn c bit i vi volume ny. Bn khng th ci t h iu hnh trn mt span, stripe hay RAID-5 volume v cng khng th m rng volume h thng sau khi ci t. Tuy nhin bn vn c th trin khai mirror volume trn volume h thng.
So snh cc a c bn vi cc a ng
Cu hi t ra l bn nn s dng c ch lu tr c bn hay ng trn my tnh Windows Server 2003 i hi s cn nhc cn thn. Nh nhc n trn, mc nh ban u tt c cc a Windows Server 2003 u l a c bn cho ti khi bn cn chuyn i chng thnh cc a ng. Qu trnh chuyn i gia a c bn v a ng rt n gin, nhanh chng v c th thc hin c ti bt k thi im no m khng lo s mt d liu. Tuy nhin, vic chuyn i mt a ng thnh mt a c bn li kh hn rt nhiu v tt c d liu trn a ca bn s b mt v phi phc hi chng t mt bn sao lu. Do bn cn phi m bo rng bn thc s cn c ch lu tr ng trc khi thc hin s chuyn i. Cc a ng cho php bn thc hin vic chuyn i chng gia cc my ch mt cch d dng (ngoi tr cc a h thng). Tnh nng ny cho php
534
QUN L LU TR D LIU TRN A bn di chuyn mt a t my ch li sang mt my ch hot ng vi thi gian gin on l nh nht. Mi mt my tnh Window 20000, Windows XP, Windows Server 2003 c th h tr mt nhm a m bn thn n c th bao gm nhiu a ng. C s d liu LDM c nhn bn gia cc a trong cng mt nhm lm tng kh nng phc hi thng tin cu hnh cho tt c cc a trong nhm. Tuy nhin, nu my tnh ca bn ch c mt cng duy nht th lu tr ng s khng em li bt c u im no r rt ngoi tr bn cn hn 4 phn vng trn a cng . Ch khi no bn c t 2 a cng ng tr ln th bn mi c th tn dng nhng li ch ca cc kiu volume nh span hay stripe. Mc d a ng vi nhiu u im ca n nhng bn vn c l do s dng a c bn chng hn nh: Do cch thc hot ng ca c s d liu LDM nn bn s rt kh khn khi chuyn mt a ng c s dng khi ng h iu hnh sang mt my tnh khc khi h thng gc b li. a ng khng h tr cho cc thit b ngoi vi v cng khng h tr trn my tnh xch tay. Lu tr c bn l chun cng nghip v vy cc a loi ny c th truy cp c bi cc h iu hnh khc nhau bao gm MSDOS, tt c cc phin bn Windows v hu ht cc h iu hnh khc. Do bn s khng th truy nhp c ti cc a ng nu bn khi ng h thng t mt h iu hnh khng phi l Windows Server 2003, Windows XP hay Windows 2000. CH Mc tiu ca k thi Cc mc tiu cho k thi 70-290 yu cu cc hc vin c kh nng qun tr cc a c bn v a ng.
S DNG CNG C QUN TR A (DISK MANAGEMENT)

Disk Management l cng c chnh trn Windows Server 2003 dng to, qun tr cc a c bn v a ng. Disk Management l mt phn trong mn hnh qun tr Computer Management y l mn hnh m bn c th truy cp t Administrative Tools trn thanh cng c Start hoc bn c th thm snap-in ny t mt mn hnh MMC ty bin. LI KHUYN S dng mn hnh qun tr Disk Management Windows Server 2003 cng cung cp mt mn hnh qun tr Disk Management c lp nhng khng c shortcut cho n t thanh
535
QUN L LU TR D LIU TRN A cng c Start. m mn hnh qun tr ny nhp Start, la chn Run v g diskmgmt.msc trn hp thoi Open v nhp OK. Giao din Disk Management khc vi hu ht cc MMC snap-in khc. N khng c mt ca s qun tr tp trung, tt c cc iu khin u c t trong ca s chi tit. Bn thn ca s chi tit ny c chia thnh hai ca s: ca s pha trn v ca s bn di nh hnh v 12-1. Mc nh, ca s pha trn cha mt danh sch cc volume hin th cc volume trn tt c cc a cng vt l. Danh sch ny ch hin th cc volume i vi cc a ng cn vi a c bn ca s ny cha mt danh sch cc phn vng chnh v cc a logic.
Hnh 12-1: Mn hnh qun tr Disk Management Mi bn ghi trong danh sch volume cha thng tin sau: Volume Xc nh k t a v/hoc tn volume Layout Xc nh kiu volume nh simple, spanned hoc striped i vi cc volume trn a ng hoc phn vng i vi cc a logic trn a c bn. Type Xc nh loi a cng m volume c to ra trn : c bn hoc ng. File System Xc nh kiu h thng file m volume s dng
536
QUN L LU TR D LIU TRN A Status Xc nh trng thi hin ti ca volume bng vic s dng mt trong cc gi tr sau: Failed (hng) xc nhn rng volume khng th khi ng c Failed Redundancy (d phng hng) xc nhn rng mt mirrored volume hoc RAID-5 volume khng c kh nng chng li do c mt a b li. Formatting (ang inh dng) xc nhn rng volume ny ang trong tin trnh nh dng. Healthy (Khe mnh) xc nhn rng volume hot ng bnh thng. Regenerating (Ti to li) xc nhn rng mt RAID-5 volume ang trong tin trnh to li d liu trn mt a phc hi mi. Resynching (ang ng b li) xc nhn rng mt mirrored volume ang trong tin trnh to li d liu trn mt a phc hi mi. Unknown (khng bit) xc nhn rng sector khi ng (Boot sector) ca volume b hng. Capacity Xc nh dung lng tng cng ca volume theo n v MB hoc GB. Free Space Xc nh dung lng ca khng gian trng trn volume theo n v MB hoc GB. %Free Xc nh phn trm dung lng ca volume cn trng. Fault Tolerance Xc nh xem kiu volume c cung cp kh nng chng li khng. Overhead Xc nh phn trm dung lng volume dnh cho vic lu tr d liu d phng. Ca s bn di ca mn hnh qun tr Disk Management cha mt mn hnh hin th dng ha cc a vt l trn my tnh. Vi mi a, mn hnh hin th xc nh thng tin sau: Disk Identifier (m nhn din a) xc nh s hiu m h thng gn cho a. M nhn din a cng c bt u vi Disk0 v cc a CD-ROM vi CD-ROM 0. Disk Type (chng loi a) xc nh xem a l mt a c bn hay a ng, l CD-ROM hay DVD-ROM.
537
QUN L LU TR D LIU TRN A Disk Size (dung lng a cng) xc nh dung lng tng cng ca a. Disk Status (trng thi ca a) Xc nh trng thi hin ti ca a bng cch s dng mt trong cc gi tr sau: Audio CD xc nhn rng mt a CD-ROM hoc DVD-ROM c cha mt a audio CD. Foreign xc nhn rng c mt a ng c di chuyn t mt my tnh khc nhng cha c a vo cu hnh ca h thng hin ti. Chy lnh Import Foreign Disks truy cp n a. Initializing xc nhn rng a ang trong tin trnh chuyn i t mt a c bn thnh mt a ng. Missing xc nhn rng mt a ng b loi b ra khi my tnh hoc b t kt ni hoc b hng hc. S dng cu lnh Reactive Disk truy cp vo a b ngt kt ni trc kia. No Media xc nhn rng mt a CD-ROM, DVD-ROM hoc mt a di ng hin ti ang trng. Not Initialized xc nhn rng a khng c mt ch k s hp l. S dng Initialize Disk kch hot a. Online xc nhn a c kh nng truy cp v hot ng bnh thng. Online (Errors) xc nhn rng pht hin thy cc li I/O trn khu vc ca a ng. Offline xc nhn rng khng th truy cp c n a ng. Unreadable xc nhn rng a khng th truy cp, nguyn nhn c th do li phn cng, li I/O hoc c s d liu LDM b hng. Cc thanh (bar) c hin th theo chiu ngang biu din mi a c chia thnh cc phn on m t cc volume hoc cc phn vng khc nhau trn a cng . Mi phn on c c trng bi cc mu khc nhau bn c th d dng xc nh chng l mt volume c bn hay l mt volume ng hoc c th l khng gian cha c s dng. Cc phn on cng cha cc thng tin m bn nhn thy trong danh sch volume nh tn volume, dung lng, h thng file v trng thi hin ti. Disk Management cho php bn ty bin nhng g s xut hin trong cc ca s trn v di bng vic s dng cc cu lnh trong thc n View. Bn c th o ngc danh sch volume v mn hnh hin th ha hoc
538
QUN L LU TR D LIU TRN A bn c th thay th bng mt danh sch a nh hnh v 12-2. Danh sch a cng c cc thng tin nh trn mn hnh ha ngoi ra cn c Device Type (chng loi thit b) nh IDE hay SCSI chng hn v Partition Style (kiu phn vng) nh MBR hoc GPT (GUID Partition Table y l mt bng phn vng c giao din ha, c s dng cho cc my tnh chy trn nn b vi x l Itanium ca hng Intel).
Hnh 12-2: Mn hnh Disk Management hin th danh sch a Disk Management cho php bn qun l cc b hoc t xa kh nng lu tr ca mt h thng. N khng tng tc trc tip vi cu hnh a m lm vic vi dch v qun tr Logical Disk Manager, mt dch v c khi ng trn my tnh bn qun l khi khi to mn hnh qun tr Disk Management. Khi bn la chn mt trong cc thnh phn trn giao din Disk Management, bn c th truy cp n mt lot cc chc nng t thc n Action v t thc n ng cnh ca cc thnh phn . Cc chc nng c th gip bn xc nh xem bn ang la chn mt a hay mt phn vng trn mt a c bn hay mt volume trn mt a ng. Vi mi thnh phn, bn cng c th m hp thoi Properties truy cp n cc chc nng ngoi vi. Cc chc nng m bn c th thc hin s c m t trong cc phn di. CH S dng Diskpart.exe Tt c cc cng vic bn thc hin trn mn hnh qun tr Disk Management u c th thc hin c vi cng c Diskpart.exe ch dng lnh. y l mt chng trnh m bn c th s dng trc tip hoc trong cc kch bn nhm t ng ha cc cng vic qun tr a. bit thm
539
QUN L LU TR D LIU TRN A thng tin v vic s dng cng c ny, bn c th tham kho trong phn help trc tuyn trong Windows Server 2003. Tng kh nng lu tr Tin trnh tng thm kh nng lu tr cho mt my tnh Windows Server 2003 bao gm cc bc sau: Ci t v mt vt l cc a Khi to a Trn a c bn, to cc phn vng v (nu l mt phn vng m rng) cc a logic hoc to cc volume trn mt a ng. nh dng cc volume. Gn cc k t a cho cc volume hoc gn cc volume n cc th mc rng trn cc volume NTFS sn c. Bn phi l thnh vin nhm Administrators hoc Backup Operators hoc bn c y nhim quyn qun tr, bn mi c th thc hin hu ht cc nhim v ny. Ch duy nht c cc thnh vin nhm Administrators mi nh dng c mt volume. Cc bc ny c m t chi tit trong cc phn k tip. Hu ht cc bc m bn thc hin trn cc volume hoc a sn c cng nh cc trn cc cu trc mi.
Ci t a cng
thm a cng mi vo my tnh, trc ht bn phi ci t n. K , m mn hnh qun tr Disk Management v nu h thng khng t ng pht hin a cng, chn Rescan Disks t thc n Action. Nu h thng yu cu bn khi ng my tnh hon thnh tin trnh ci t a mi, bn hy thc hin v m Disk Management li mt ln na.
Khi to a cng
Khi bn thm a cng vo my tnh Windows Server 2003, bn phi khi to a trc khi bt tay vo vic nh v khng gian cho cc phn vng, cc a logic v cc volume. Khi to a cho php h iu hnh ghi ch k a, du kt thc sector (cn c gi l t k) v mt MBR hoc GPT ln a cng .
540
QUN L LU TR D LIU TRN A Nu bn khi to Disk Management sau khi ci t a mi, Trnh hng dn Initialize And Convert Disk s t ng xut hin. Trnh hng dn cho php bn to ch k trn a mi v chuyn i a t c ch lu tr c bn mc nh sang c ch lu tr ng. khi to a mt cch th cng t Disk Management, nhp chut phi vo hp trng thi ca a trn mn hnh ha v t thc n Action, tr ti All Tasks ri la chn Initialize Disk. CH Chuyn i cc a cng mi Mc nh, Trnh hng dn Initialize And Convert Disk s khng chuyn i cc a cng mi, bn phi thc hin iu ny mt cch th cng.
To cc phn vng trn a c bn

Sau qu trnh khi to a cng mi, gi y bn c th bt u thc hin mt cu trc lu tr ca cc phn vng, cc a logic hoc cc volume. Nh cp trn, mc nh cc a mi khi to trong Windows Server 2003 u l a c bn. Nu bn mun gi nguyn c ch lu tr ny, bn c th to cc phn vng bng cch la chn khng gian cha c s dng trn mn hnh ha v trn thc n Action, tr ti All Tasks v chn New Partition. Trnh hng dn New Partition s xut hin, bn s xc nh xem bn mun to mt phn vng chnh hay phn vng m rng (xem hnh v 12-3) v kch thc ca n.
Hnh 12-3: Trnh hng dn New Partition Nu bn to mt phn vng chnh, Trnh hng dn s hng dn bn t vic gn k t a cho phn vng n nh dng chng hoc bn c th la chn thc hin cc cng vic ny sau. Nu to mt phn vng m rng,
541
QUN L LU TR D LIU TRN A bn phi la chn khng gian a cng trng m bn va to v chy Trnh hng dn New Partition li mt ln na, ln ny Trnh hng dn s cho php bn to a logic. Bn c th to s lng a logic ty theo nhu cu ca bn cho n khi bn s dng ht khng gian a cng trn phn vng m rng. V mt ln na, Trnh hng dn d cho php bn nh dng cc a logic khi bn to chng hoc bn c th nh dng chng sau . THNG TIN THM bit thm thng tin v vic gn cc k t a cho cc phn vng v nh dng chng, xem Gn cc k t a v nh dng cc volume phn sau trong chng ny.
Chuyn i mt a c bn thnh mt a ng
Nu bn mun s dng lu tr ng, bn phi chuyn i a c bn thnh a ng trc khi bn to cc volume mi. thc hin iu ny, la chn hp trng thi ca a trong mn hnh ha, trn thc n Action tr ti All Tasks v la chn Convert To Dynamic Disk. Sau khi tin trnh chuyn i hon thnh, hp trng thi ca a s hin th thng bo a hin l mt a ng v v bn c th tin trnh to cc volume. CH Chuyn i a h thng Trong hu ht cc trng hp, bn c th bt u s dng a ng ngay lp tc sau khi bn hon thnh qu trnh chuyn i t a c bn. Tuy nhin, khi bn chuyn i a h thng thnh a ng, bn phi khi ng li h thng trc khi bn c th thc hin bt k cng vic no trn a. Bn c th chuyn i mt a c bn thnh a ng ti bt k thi im no thm ch khi bn lu tr d liu trn . Cu trc d liu trn a s khng b thay i v vy d liu s khng b mt mt. Tuy nhin, phng php tt nht trc khi thc hin bt k mt s thay i quan trng no trn a l sao lu d liu. Khi bn chuyn i mt a c bn c cc phn vng v cc a logic thnh mt a ng, nhng thnh phn ny s c chuyn i thnh cc thnh phn tng ng trn a ng. Trong hu ht cc trng hp, cc phn vng v cc a logic trn a c bn c chuyn i thnh cc simple volume. Cc tp volume v stripe trn Windows NT s c chuyn i tng ng thnh cc spanned volume v striped volume. CH Chuyn i mt a ng thnh a c bn Vic chuyn i mt a ng thnh mt a c bn s lm mt tt c d liu trn a. V vy, trc tin bn phi sao lu tt c d liu trn
542
QUN L LU TR D LIU TRN A a. K bn phi xa tt c cc volume trn a ng. Tip theo bn la chn a v chn Convert To Basic Disk t thc n Action/All Tasks. Sau khi to cc phn vng c bn v cc a logic, bn c th phc hi d liu ngc tr li a.
To cc volume trn a ng
Mt khi bn chuyn i a cng sang c ch lu tr ng, bn c th tin hnh to cc volume trn . La chn mt vng khng gian cha s dng trn a trong mn hnh ha ri chn New Volume t thc n Action/All Tasks. Trnh hng dn New Volume s xut hin. Trong Trnh hng dn ny, bn phi xc nh kiu volume bn mun to trong trang Select Volume Type nh hnh v 12-4.
Hnh 12-4: Trang Select Volume Type ca New Volume Wizard Cc kiu volume bn c th to ty thuc vo s lng a ng vi khng gian cha s dng trn my tnh. To cc simple volume Nu bn ch c mt a cng trn my tnh, bn ch c th to c duy nht cc simple volume. Tt c cc cng vic bn cn lm l to mt simple volume vi kch thc xc nh. Tip theo, Trnh hng dn New Volume s gip bn gn k t a cho volume v nh dng n. Chi tit qu trnh ny s c m t trong phn sau ca chng ny. To cc loi volume khc to cc volume spanned, striped hoc mirrored, bn phi c t nht hai a ng vi cc khng gian a cha s dng. to mt RAID-5 volume
543
QUN L LU TR D LIU TRN A bn phi c t nht ba a ng. Khi bn la chn bt k loi volume no trong s cc kiu trn, Trnh hng dn New Volume s hin th trang Select Disks (xem hnh v 12-5), bn s la chn cc a m bn mun s dng to volume.
Hnh 12-5: Trang Select Disks ca New Volume Wizard Mc nh, a bn la chn khi to volume s xut hin trong danh sch Selected. Tt c cc a ng khc trn my tnh s xut hin trong danh sch Available. thm mt a vo volume, bn chn mt a trong danh sch Available v nhp Add. Bn c th thm ti 32 a cho cc spanned, striped hoc RAID-5 volume. Cc mirrored volume ch s dng duy nht hai a. Mt khi bn la chn cc a s dng cho vic to volume, bn phi xc nh kch thc ca volume. Tin trnh ny cng thay i cht t ty thuc vo kiu volume bn to: Cc spanned volume c th s dng bt k khong khng gian no trn mi a cng. Vi mi a trong danh sch Selected, bn xc nh dung lng khng gian (tnh theo MB) m bn mun a vo spanned volume. Trng Total Volume Size In Megabytes (MB) (kch thc tng ca volume tnh theo n v MB) s hin th khng gian kt hp t tt c cc a c la chn. Cc stripped, mirrored v RAID-5 volume phi s dng cng mt khong khng gian a trn mi a cng c la chn. Sau khi la chn cc a m bn mun s dng to volume, hp kim sot Select The Amount Of Space in MB s xc nh dung lng ln nht m mi a c th ng gp. Gi tr ny c xc nh theo khong khng gian cn trng trn a cn trng t nht. Khi
544
QUN L LU TR D LIU TRN A bn thay i khong khng gian trn mt a, Trnh hng dn cng thay i dung lng m cc a khc c th ng gp. Kch thc tng cng ca volume cng c tnh ton khc nhau ty thuc vo kiu volume khc nhau: Vi mt spanned volume, kch thc tng ca volume l tng cng s MB bn xc nh vi mi a la chn. Vi mt stripped volume, kch thc tng cng ca volume l s MB bn xc nh nhn vi s lng a bn la chn. Vi mt mirrored volume, kch thc tng cng ca volume l s MB m bn xc nh. l do mi a cha mt phin bn d liu ca a cn li. Vi mt RAID-5 volume, kch thc tng cng ca volume l s MB m bn xc nh, nhn vi s lng a bn la chn tr i 1. l do RAID-5 volume s dng khng gian trn mt a lu tr d liu chn l. Sau khi bn cu hnh cc tham s ny, Trnh hng dn cho php bn gn k t a cho volume v nh dng n. Chi tit qu trnh ny s c m t trong phn sau ca chng ny. Lm vic vi cc mirrored volume Mt mirrorred volume cung cp hiu nng cao vi kh nng chng li tt. Hai a tham gia trong mt mirrorred volume v tt c d liu s c ghi vo c hai volume ng thi. Nhm t c kh nng chng li tt nht c th, bn s s dng cc a c kt ni ti cc card giao tip ring bit. iu ny s to ra mt cu hnh c gi l cu hnh kp nhm cung cp hiu nng tt hn v cho php cc volume vn tn ti trong trng hp card giao tip li cng nh mt a li. Chuyn i mt simple volume thnh mt mirrorred volume Ngoi vic to mt mirrorred volume mi, bn cng c th chuyn i mt simple volume thnh mt mirrorred volume bng cch la chn simple volume , chn Add Mirror t thc n Action/All Tasks. Bn phi c mt a ng khc trn my tnh vi khng gian cha s dng gi mt phin bn ca simple volume bn la chn. Mt khi bn to mirrorred volume, h thng bt u chp d liu theo tng cung (sector) mt ti a mi c thm vo. Trong sut thi gian ny, trng thi ca volume s c thng bo l Resynching.
545
QUN L LU TR D LIU TRN A Phc hi t a nh x b li Tin trnh phc hi mt a li trn mt mirrorred volume ty thuc vo kiu li. Nu mt a c li tm thi v cc cng vo/ra I/O, volume trn c hai a s hin th trng thi Failed Redundancy. a c li s thng bo trng thi Offline hoc Missing nh hnh v 12-6.
Hnh 12-6: Mt mirrorred volume hin th trng thi Failed Redundancy (hng thng tin d phng) Sau khi bn sa li do I/O gy ra c th l do cp kt ni b hng hoc ngun in cung cp la chn volume trn a li v trn thc n Action tr ti All Tasks v la chn Reactive Volume. Hoc bn c th la chn a v la chn Reactive Disk. Tin trnh kch hot li (reactive) s lm cho a hoc volume quay tr li trng thi online. K tip, h thng s ti ng b li cc a. Nu bn mun dng nh x, bn c ba s la chn ty thuc vo bn mun kt qu l g: Xa volume (Delete the volume) Nu bn xa volume, volume v tt c thng tin cha trn u b xa. Kt qu l mt khng gian cha s dng s c s dng cho cc volume mi. G b nh x (remove the mirror) Nu bn g b nh x, mirrorred volume s b xa v khng gian trn mt trong hai a s tr thnh cha c s dng. a cn li vn duy tr mt phin bn d liu nhng d nhin d liu ny khng cn tnh nng chng li. Dng nh x (Break the mirror) Nu bn dng nh x, mirrorred volume s b dng hot ng nhng c hai a vn duy tr hai phin bn d liu c lp. Phn nh x m bn la chn Break Mirror s duy tr k t a ca volume nh x gc, cc th mc chia s, file
546
QUN L LU TR D LIU TRN A phn trang (paging) v cc im phn tch li. a th hai s c gn k t a k tip cn trng. Nu bn c mt mirrorred volume m mt a vt l b li hon ton v cn c thay th, bn khng th n gin nh x li mirrorred volume thm ch nu mt trong cc a trong tp nh x khng cn tn ti na. Trc ht, bn phi g b a li ra khi tp nh x dng nh x. La chn volume v trn thc n Action tr ti All Tasks v la chn Remove Mirror. Trong hp thoi Remove Mirror, mt iu rt quan trng l la chn a b li. a bn la chn s b xa khi bn nhp vo Remove Mirror v a cn li tr thnh mt simple volume. Mt khi tin trnh ny hon thnh, bn c th la chn simple volume v s dng cu lnh Add Mirror s dng a thay th nhm to mt mirror volume mi. LI KHUYN CHO K THI Kh nng chng li cho cc volume h thng v volume khi ng Do bn c th to mt mirror volume t mt simple volume sn c, nn nh x l k thut t nhin duy nht trn Windows Server 2003 m bn c th s dng nhm cung cp kh nng chng li cho cc volume h thng v khi ng trn my tnh. Bn khng th s dng kh nng RAID-5 trn Windows Server 2003 dnh cho cc volume ny bi v bn phi chuyn i cc a thnh lu tr ng v to volume trc khi c bt k d liu no c ghi ln chng. R rng bn khng th thc hin iu ny khi m h iu hnh c ci t. Tuy nhin, vic s dng RAID cng cho php bn ci t h iu hnh trn mt volume RAID-5. Lm vic vi RAID Nh cp trong chng trc, RAID l mt lot cc k thut chng li cho php my tnh hoc h iu hnh x l cc li nh mt li phn cng chng hn v vy d liu s khng b mt i v tin trnh hot ng s khng b ngng. Bn c th thc thi kh nng chng li RAID nh gii php phn cng hoc phn mm. Trong gii php phn cng, mt card RAID s iu khin qu trnh to v phc hi thng tin d phng. Mt s nh sn xut thc hin qu trnh bo v d liu RAID trc tip trn phn cng bng card giao tip vi dy a. Do cc phng php ny c thc hin theo nh sn xut v b qua kh nng chng li ca h iu hnh, chng ci thin hiu nng so vi trin khai RAID mm.
547
QUN L LU TR D LIU TRN A Cn nhc cc vn sau khi bn quyt nh xem s dng RAID cng hay RAID mm: Trin khai RAID cng s t tin hn so vi RAID mm v c th gp phi hn ch trong vic la chn thit b ch t mt nh sn xut. Trin khai RAID cng thng thng cung cp cc tc v vo/ra (I/O) trn a nhanh hn so vi RAID mm. Trin khai RAID cng c th bao gm cc c tnh nh thay nng cc a cng, cho php thay th mt a cng li m khng cn phi tt h thng v d phng nng cho php mt a b li c thay th t ng bi mt a d phng thng trc (online). Windows Server 2003 h tr ba loi RAID di y: RAID-0 l cc stripped volume nhng khng cung cp tnh nng chng li. Chng c xem xt nh mt tin trnh thc thi RAID. RAID-1 Cc mirrorred volume l kiu RAID chng li c bn nht nhng n khng mang li hiu qu lm. 50% khng gian a c dnh cho vic lu tr cc d liu d phng. RAID-5 l cc stripped volume vi bit chn l nhm cung cp tnh nng chng li vi hiu nng gia tng v mc s dng hiu qu hn so vi RAID-1. Cc i, ch c 33% khng gian ca dy a c s dng lu tr thng tin chn l d phng. Vi vic trin khai RAID-1 v RAID-5 trn Windows Server 2003, kh nng chng li ch p dng cho mt a n b li. Nu mt li th hai xy ra trc khi d liu b mt t li u tin c ti to li th d liu s b mt v ch c th phc hi chng t c ch sao lu. CH RAID v qu trnh sao lu K thut RAID khng c thit k vi mc ch nhm thay th cc tin trnh sao lu h thng thng nht. Khng cn bit gii php lu tr ca bn c kh nng chng li ra sao, bn vn phi sao lu d liu mt cch nh k. Do cc RAID-5 volume c to ra nh cc volume ng thun cht t khng gian cha nh v nn bn khng th chuyn i mt loi volume no khc thnh RAID-5 volume m khng cn sao lu d liu trn v phc hi chng trn RAID-5 volume mi c to ra.
548
QUN L LU TR D LIU TRN A Nu c mt a b li trong RAID-5 volume, cc d liu lu tr trn vn c th truy cp c. Trong sut tin trnh c d liu, bt k d liu no b li u c th c ti to li nh d liu cn li v d liu chn l. Hiu nng s b gim trong sut thi gian ny v nu mt a th hai b li th d liu s b mt hon ton. Mt khi a li hot ng tr li, bn cn s dng cu lnh Rescan Disks trong mn hnh qun tr Disk Management ri kch hot volume trn a phc hi mi. Tip theo h thng s xy dng li d liu li t bit chn l, thc hin phc hi a v a volume quay tr li trng thi ban u. La chn k thut RAID Cc mirrorred volume (RAID-1) v cc RAID-5 volume cung cp cc kh nng chng li v hiu nng khc nhau. La chn ca bn s ph thuc vo mc bo v m bn yu cu v ti chnh dnh cho vic mua thit b phn cng ca bn. S khc bit chnh gia cc mirrorred volume v cc RAID-5 volume c tng kt trong bng 12-1 di y. Bng 12-1 So snh RAID-1 v RAID-5 Cc Mirrorred Volume (RAID-1) C th bo v phn vng h thng hoc phn vng khi ng Yu cu hai a cng C mt gi tr cao hn trn mi MB 50% d phng Hiu nng c v ghi tt S dng t b nh h thng Cc Striped Volume vi bit chn l (RAID-5) Khng th bo v phn vng h thng hoc phn vng khi ng Yu cu c ti thiu ba a cng v cho php ti a 32 a cng C mt gi tr thp hn trn mi MB Cc i 33% d phng Hiu nng c tuyt vi v hiu nng ghi va phi Yu cu nhiu b nh h thng
CH Mc tiu ca k thi Cc mc tiu cho k thi 70-290 yu cu cc hc vin c kh nng thc thi gii php RAID
549
Gn cc k t a
Khi bn to mt phn vng trn mt a c bn hoc mt volume trn mt a ng, New Partition Wizard v New Volume Wizard s cho php bn gn k t a cho phn vng hoc volume bng cch s dng giao din trn trang Assign Drive Letter Or Path (gn k t a hoc ng dn) nh hnh v 12-7. Mc nh, trnh hng dn s gn k t a k tip cn trng (ngoi tr A v B) cho phn vng hoc volume mi. Bn cng c th la chn bt k mt k t a no cn cha s dng.
Hnh 12-7 Trang Assign Drive Letter Or Path ca New Volume Wizard Thay cho vic gn k t a cho mt volume, bn cng c th gn volume cho mt th mc rng trn mt a NTFS sn c. Bng cch ny, s lm cho ni dung thc s ca volume s xut hin nh mt th mc nm trn a khc. Kh nng cho php m rng mt h thng con lu tr trn Windows Server 2003 do nhng hn ch ca 24 k t a sn c v cho php m rng khng gian a trn mt volume sn c. Khi bn la chn Mount In The Following Empty NTFS Folder (gn vo mt th mc NTFS rng) bn phi tr ti th mc rng nm trn bt k a NTFS cn li trn h thng bng cch g trc tip ng dn hoc s dng nt Browse. a NTFS c th l a c bn hoc a ng v khng c hn ch v kiu volume m bn c th gn. V d, bn c th gn mt striped volume vi mt th mc rng nm trn mt mirrorred volume hoc bn c th gn mt phn vng trn a c bn vi mt th mc nm trn RAID-5 volume. Mi volume s duy tr hiu nng v cc tnh nng chng li ca ring n. Cng khng c hn ch v h thng file ca volume bn gn. Volume c gn c th s dng FAT hoc NTFS, ch c a cha th mc rng m bn gn volume ti th phi s dng h thng file NTFS. Hnh v 12-8 biu din mt my tnh c mt th mc trn mt a c gn vi mt volume khc. Ch rng th mc s xut hin trong kin trc phn cp ca Explorer mt cch chnh xc theo ng v tr ca n trn a nhng vi mt biu tng ca mt a. Khi ngi s dng truy cp n th mc, chng s c nh hng mt cch trong sut n volume c gn.
550
Hnh 12-8 Mt volume c gn vi th mc Bn cng c th thay i k t a v cc volume c gn sau khi to ra chng. thc hin iu ny, la chn mt a trong mn hnh qun tr Disk Management v t thc n Action tr ti All Tasks v chn Change Drive Letter And Paths. Hp thoi Change Drive Letter And Paths xut hin hin th k t a hin ti v qu trnh gn ng dn cho a nh hnh v 12-9.
Hnh 12-9 Hp thoi Change Drive Letter And Paths Bng cch nhp vo nt Change, bn c th thay i vic gn k t a sn c hoc ng dn gn v bng cch nhp Add bn c th to ra mt ci mi. Thm ch bn c th lm c hai, gn mt k t a cho mt volume hoc phn vng v gn n ti mt th mc NTFS ti cng thi im. CH Thay i cc k t a Bn khng th thay i k t a ca volume l mt phn vng h thng hoc phn vng khi ng. Nu volume m bn mun thay i hin ang s dng nh mt ng dng c cc file nm trn volume ang m, h thng c th to ra mt tin trnh gn k t a mi cho volume nhng n vn gi nguyn k t a c cho n khi bn khi ng li h thng.
nh dng cc volume
Bc cui cng trong New Partition Wizard v New Volume Wizard s gip bn nh dng phn vng hoc volume mi m bn va to bng giao din nh hnh v 12-10.
551
Hnh 12-10 Trang Format Volume ca New Volume Wizard Cc iu khin trn trang ny gm c: File System (h thng file) Windows Server 2003 h tr ba h thng file: FAT, FAT32 v NTFS. FAT v FAT32 sn c trn h iu hnh vi mc ch duy nht l tng thch vi cc h iu hnh c. FAT nguyn gc l h thng file MS-DOS v FAT32 l mt phin bn nng cp ca FAT v c gii thiu ln u tin trn h iu hnh Windows 95. C hai h thng file ny khng a ra c nhng u im no khc ngoi vic tng thch vi cc h iu hnh c. V d, nu bn bt u vi mt my tnh Windows Server 2003 vi mt a MS-DOS th ch cc a c nh dng theo chun FAT v FAT32 mi c th truy cp c. Ni cch khc, NTFS bao gm nhiu tnh nn tin tin hn nh iu khin truy cp, nn d liu v hn ngch a. Nh vy, c th thy rng tr phi bn c mt l do xc ng cho vic s dng FAT hoc FAT32 bn nn nh dng cc phn vng v volume ca bn bng cch s dng h thng file NTFS. CH nh dng cc volume trn a ng Khi bn nh dng mt volume trn mt a ng th ch c duy nht la chn NTFS sn sng. V vy nh dng cc a ng vi h thng file FAT v FAT32 bn phi s dng cng c format.exe trong ch dng lnh. Allocation Unit Size (kch thc mt n v lu tr) Xc nh kch thc ca cc lin cung m h thng file s dng xc nh khng gian a. Kch thc ca lin cung cng ln cho php a truy cp cc file vi kh nng c v ghi thp hn nhng cng tn nhiu khng gian a hn khi m cc khi ch lm y theo tng phn. Kch thc ca lin cung cng nh s tn khng gian a t hn nhng li gia tng thi gian c/ghi trn a. Trong hu ht cc trng hp, la chn gi tr mc nh (4KB i vi cc a cng c dung lng t 2GB tr ln) l . Nu bn c nh s dng volume ch lu tr cc file c kch thc ln, bn c th s dng
552
QUN L LU TR D LIU TRN A mt gi tr cao hn. Cn i vi cc file nh, mt gi tr nh hn l ph hp. Volume Lable (nhn ca volume) xc nh tn cho volume vi chiu di ti 32 k t. Perform a Quick Format (thc hin nh dng nhanh) La chn ny cho php trnh hng dn nh dng volume m khng cn qut a cng d tm cc cung (sector) hng. Nu trc a c nh dng v bn chc chn rng n khng c li th la chn ny s lm gim ng k thi gian yu cu cho vic nh dng. Enable File and Folder Compression (cho php nn file v th mc) La chn ny lm cho tt c cc d liu c lu trn volume ny u c nn. s dng tnh nng ny, volume phi c nh dng theo chun NTFS vi kch thc n v lu tr l 4 KB hoc nh hn. Bn cng c th nh dng mt a ti bt k thi im no bng cch la chn n, trn thc n Action tr ti All Tasks v la chn Format.
M rng cc volume ng
Khng ging nh cc phn vng trn cc a c bn, chng b kha vi kch thc xc nh khi bn to chng, bn hon ton c th m rng mt volume trn a ng vi cc khng gian cha s dng trn a. iu ny cho php bn m rng mt volume khi khng gian lu tr ca n ti ngng m khng cn phi ngt kt ni volume cng nh ngt qung vic truy cp ca ngi s dng. Bn c th m rng cc simple volume v spanned volume trn mt a ng khi chng c nh dng theo chun NTFS v khng phi l cc volume h thng hoc khi ng. m rng volume, la chn n trong Disk Management, trn thc n Action tr ti All Tasks v chn Extend Volume. Extend Volume Wizard xut hin, bn c th xc nh kch thc mi ca volume cng nh thm khng gian t cc a khc to ra mt spanned volume.
QUN TR LU TR D LIU TRN A

Cc volume trn Windows Server 2003 s hiu qu v n nh hn nu bn nh dng chng theo chun NTFS nhng i khi bn vn cn nh dng chng theo chun FAT v FAT32. H thng file NTFS ghi li tt c cc
553
QUN L LU TR D LIU TRN A phin lm vic ca file, thay th t ng cc lin cung hng v lu tr cc kha b mt ca tt c cc file trn volume NTFS. Vi c ch ny, NTFS bo v tnh ton vn ca cu trc volume v siu d liu h thng (y l d liu lin quan n chnh bn thn h thng file). Tuy nhin d liu ngi s dng vn c th b h hng v phn mnh. Ngi s dng cng c mt thi quen l lu tr mt lng ln d liu trn cc volume m h truy cp. Cc phn di y s gii thch lm sao duy tr tnh ton vn ca cc volume, ti u ha volume qua tin trnh chng phn mnh v t cc gii hn lu tr bng cch s dng tnh nng hn ngch a. CH Mc tiu ca k thi Cc mc tiu cho k thi 70-290 yu cu cc hc vin c kh nng ti u ha hiu nng a trn my ch
S dng Check Disk

Check Disk (hay Chkdsk.exe) l mt cng c trn h iu hnh Windows Server 2003 cho php bn qut mt volume trn a nhm pht hin cc li trn h thng file v bn cnh c th kim tra v phc hi cc cung (sector) hng trn a cng. C mt vi phng php s dng cng c ny: M Windows Explorer, la chn mt a cc b trong My Computer v chn Properties t thc n File. Trn hp thoi Properties, la chn th Tools v nhp vo Check Now. M mn hnh qun tr Disk Management, la chn mt volume, trn thc n Action tr ti All Tasks v chn Properties. Trn hp thoi Properties chn th Tools v nhp vo Check Now. M ca s mn hnh ch dng lnh, g chkdsk x: /f /r trong x: l k t a. K nhn Enter. Khi mt phn vng c gn trn a khc v khng c mt k t a no, m hp thoi Properties ca im gn kt trong Windows Explorer, chn th General v nhp vo Properties m hp thoi Properties ca phn vng thc s. Tip theo la chn th Tools v nhp vo Check Now. Khi bn chy Check Disk t hp thoi Properties ca a, bn s thy hp thoi Check Disk nh hnh v 12-11. bn c th la chn cc cng vic m bn mun thc hin.
554
Hnh 12-11 Hp thoi Check Disk Khi bn la chn Automatically Fix File System Errors (t ng sa cc li h thng file) hoc thm la chn /f trong cu lnh chkdsk.exe. Check Disk s c gng sa nhng phn khng tng thch trong danh mc h thng file nh cc file xut hin trong danh mc nhng khng xut hin trong th mc trn volume. Check Disk to ra ba bc kim tra trn a nhm kim tra siu d liu y l d liu m t xem cc file c t chc nh th no trn a. Ba bc ny c gng m bo rng tt c cc file trn volume ph hp vi bng qun l file MFT, rng cu trc th mc l chnh xc v cc m t bo mt l ph hp. Nu bn la chn Scan For And Attempt Recovery Of Bad Sectors (qut v c gng phc hi cc sector hng) hoc thm la chn /r vo dng lnh chkdsk.exe, Check Disk s to ra bn bc kim tra nhm kim tra xem nhng cung no trn volume c dnh cho d liu ngi s dng (n i lp vi siu d liu h thng, y l d liu lun lun c kim tra). Nu chng trnh tm thy mt cung hng, n s phc hi d liu v di chuyn n n mt cung hot ng tt nu volume c kh nng chng li. Nu volume khng c tnh nng chng li, d liu khng th phc hi t Check Disk m bn phi phc hi t sao lu. K cung hng s b g ra khi vng hot ng. Tt c cc file ang m phi c ng li trc khi Check Disk c th chy. Nu tt c iu khin file khng c gii phng (y l trng hp bn chy Check Disk trn volume h thng), bn s c nhc nh lp lch Check Disk chy ti ln k tip khi h thng khi ng li. Khi Check Disk ang chy, cc tin trnh khc khng th truy cp n volume. Ty thuc vo kch thc ca volume, cc la chn bn chn v cc tin trnh khc ang chy trn my tnh m Check Disk mt mt khong thi gian ng k c th hon thnh cc tc v ca n. N cng i hi nhiu ti nguyn trn b vi x l v a trong qu trnh hot ng.
S dng Disk Defragmenter

Cc file c lu tr trn mt volume theo cc n v gi l cc cluster (lin cung). Nh cp trn, bn cn cu hnh kch thc ca lin cung khi nh dng mt a. Nhiu volume NTFS s dng kch thc lin cung mc
555
QUN L LU TR D LIU TRN A nh l 4KB. Mi lin cung ch c th cha mt file thm ch nu kch thc ca file nh hn kch thc ca lin cung. Nu mt file c kch thc ln hn kch thc lin cung, file s c lu trn nhiu lin cung khc nhau v mi lin cung cha mt con tr ch n phn on k tip ca file. Khi c mt a mi, tt c cc lin cung l trng v khi cc file c ghi vo a n s c xu hng chim dng cc lin cung k tip nhau v mt vt l. Nhng khi cc file b xa hoc m rng v thu nh li kch thc, cc lin cung trng gi y khng cn gn nhau v mt vt l na. Hin tng phn mnh cc file s lm gim hiu nng c v ghi do u c a cng phi di chuyn ti nhiu v tr khc nhau trn a cng. Windows Server 2003 cung cp mt cng c chng phn mnh a gip bn phn tch cc volume v sp xp li cc lin cung sao cho cc file c t trn cc khng gian lin k nhau. Cng c chng phn mnh c ci thin mt cch ng k trong phin bn Windows 2000. Gi y n c th chng phn mnh cc volume c kch thc lin cung ln hn 4KB v c th chng phn mnh bng iu khin file MFT (Master File Table). Bn c th s dng cng c ny chng phn mnh bt k volume no trn a cng cc b. s dng cng c Disk Defragmenter nh hnh v 12-12 m hp thoi Properties ca mt volume bng cch s dng Windows Explorer hoc Disk Management, trong th Tools nhp vo Defragment Now. Bn cng c th m Disk Defragmenter trong mn hnh Computer Management hoc trong mt mn hnh MMC ty bin, la chn volume v nhp vo Analyze. Cng c s hin th mt khuyn ngh da trn lng phn mnh m n pht hin ra. Cng c ny cng khuyn bn chy Check Disk trn volume trc khi thc hin chng phn mnh (y lun l mt tng tt).
Hnh 12-12 Mn hnh Disk Defragmenter Nu c khuyn ngh chng phn mnh nhp vo Defragment. Bn c th chng phn mnh bt k kiu volume no: FAT32 hoc NTFS, c bn hoc ng. Volume c th c cc file ang m trong tin trnh chng phn mnh nhng cc file m c th khng c chng phn mnh mt cch hiu qu v lm chm c tin trnh. V vy bn nn ng tt c cc file ang m trc khi thc hin tin trnh chng phn mnh. Disk Defragmenter s di chuyn
556
QUN L LU TR D LIU TRN A cc file xung quanh a vi mc tiu thu thp tt c cc lin cung ca tng file vo mt khu vc k nhau trn khng gian a cng. hon thnh chng phn mnh cho mt volume, volume phi c t nht 15% khng gian trng. Cng c ny s dng khng gian ny sp xp cc file trong khi n chng phn mnh chng. Nu volume cha nhiu file ln cn phn mnh th khng gian trng ny cn phi ln hn th tin trnh chng phn mnh mi t hiu qu. Nu volume c t hn 15% khng gian trng th volume s ch c th chng phn mnh tng phn. CH Mc tiu ca k thi Cc mc tiu cho k thi 70-290 yu cu cc hc vin c kh nng chng phn mnh cc volume v cc phn vng
Trin khai cc hn ngch a

Mt trong nhng thch thc ln nht trong qu trnh qun tr lu tr l theo di bit c mi ngi s dng chim dng bao nhiu khng gian a cng trn my ch. Cho n phin bn h iu hnh Windows 2000, c mt phng php cho php bit c mc s dng khng gian a i vi tng ngi s dng. Windows 2000 gii thiu tnh nng qun tr hn ngch da trn NTFS nh mt c tnh nh km, cho php cc nh qun tr thit lp cc gii hn v khng gian lu tr i vi mi ngi s dng v Windows Server 2003 cng cung cp chc nng tng t. Khi tnh nng hn ngch a c kch hot, trnh qun l hn ngch s theo di cc file trn volume do mt ngi s dng c th no lm ch. K n s so snh mc s dng a tng cng ca tng ngi s dng vi gii hn do qun tr vin thit lp. Khi ngi s dng t ti ngng ca h, trnh qun l hn ngch s thng bo cho h hoc ngn khng cho h ghi d liu ln a hoc c hai. Trnh qun tr hn ngch Windows Server 2003 thng bo dung lng a trng trn mt volume da trn hn ngch ca mi ngi s dng. V vy nu mt ngi s dng c hn ngch 50MB trn mt RAID volume c dung lng 500 GB th lc u ngi s dng s nhn thy dung lng a trng l 50MB. Khi anh ta t ti gii hn ngch, mt thng bo xut hin tng t nh nhng ch th rng volume y; h thng cnh bo khng gian a cng cn t v ngh xa nhng file khng cn thit. Mc d trong thc t khng gian a vn cn trng rt nhiu nhng ngi s dng khng th bit iu . Tin trnh cu hnh cc hn ngch bao gm cc bc sau: 1. Kch hot tnh nng hn ngch trn volume
557
QUN L LU TR D LIU TRN A 2. Cu hnh cc thit lp hn ngch mc nh 3. To cc mc vo hn ngch cho cc ngi s dng c th Kch hot hn ngch Mc nh, trn Windows Server 2003 cc hn ngch a cha c kch hot. Bn phi kch hot chng trn tng volume mt. cho php hn ngch, m hp thoi Properties ca mt volume bng cch s dng Windows Explorer hoc Disk Management v la chn th Quota nh hnh v 12-13. K la chn hp kim tra Enable Quota Management. LI KHUYN M hp thoi Properties ca mt volume Hu ht cc ti liu u khuyn m cc c tnh ca volume t Windows Explorer bng cch kch chut phi vo mt a v la chn Properties. Tht khng may, tin trnh ny hn ch ch cho php bn cu hnh cc hn ngch vi cc c k t a cn Windows Explorer s khng hin th th Quota vi volume gn vi mt th mc. V vy, bn nn cu hnh cc hn ngch bng cch s dng Disk Management. Mn hnh qun tr ny cho php bn m hp thoi Properties ca bt k volume no v truy cp th Quota ca n.
Hnh 12-13 Th Quota trn hp thoi Properties ca mt volume Nu bn la chn hp kim tra Deny Disk Space To Users Exceeding Quota Limit (ngn cm khng cho ngi s dng chim dng khng gian a cng vt qu ngng hn ngch), ngi s dng no chm ti ngng lu tr s b cm a thm d liu ln volume. Bt k mt c gng no nhm ghi d liu ln volume u tht bi. Nu bn khng la chn hp kim tra ny th ngi s dng ch nhn c thng bo khi h chm ngng nhng h thng s khng ngn cn vic h ghi tip d liu ln volume. Cu hnh hn ngch mc nh Bn c th qun tr hn ngch a theo hai cch : t mt hn ch lu tr mc nh p dng cho tt c mi ngi v to cc mc vo hn ngch nhm nh ngha cc gii hn cho tng ngi s dng c th. cu hnh hn ch
558
QUN L LU TR D LIU TRN A lu tr mc nh, bn la chn Limit Disk Space To trn th Quota v xc nh dung lng lu tr ln nht dnh cho mi ngi s dng. Bn cng c th xc nh xem ngi s dng s nhn c cnh bo hay khng khi h gn chm ngng gii hn. Cui cng, bn c th xc nh cc la chn v file nht k cho php trnh qun l hn ngch ng k cc s kin vo nht k h thng trong trnh xem cc s kin (Event Viewer). Cc s kin s c ghi li nhm xc nh ngi s dng theo tn v xc nh h vt qu mc cnh bo hay mc gii hn. Cc nh qun tr c th xem cc mc vo ny trong mn hnh Event Viewer. To cc mc vo hn ngch V mt c bn, cc mc vo hn ngch l nhng ngoi l vi lut m bn nh ngha trong hn ngch mc nh. Khi bn to mt mc vo hn ngch cho mt ngi s dng c th, cc thit lp hn ngch mc nh s khng p dng cho ngi s dng . Cc thit lp trn cc mc vo s c p dng thay th cho php ngi s dng nhn mt ngng cao hn hoc thp hn. to cc mc vo hn ngch, nhp vo nt Quota Entries m ca s Quota Entries nh hnh v 12-14.
Hnh 12-14 Ca s Quota Entries CH Mc vo hn ngch Mc nh, mt mc vo hn ngch xut hin trong ca s s gn cho nhm Administrators quyn khng hn ch v mt lu tr trn volume. iu ny cho php cc nh qun tr ci t h iu hnh, cc dch v, cc ng dng v d liu m khng cn quan tm n vic c vt qu hn ngch hay khng. Ch rng y l nhm duy nht c php gn cc mc vo hn ngch. Khi to cc mc vo hn ngch ring, bn ch c th la chn ngi s dng; bn c th to cc mc vo hn ngch mi cho cc nhm. Nhp vo nt New Quota Entry trn thanh tc v hoc la chn New Quota Entry t thc n Quota v bn c th la chn mt hoc nhiu ngi s dng to mt mc vo hn ngch. Mt khi bn la chn ngi s dng, hp thoi Add New Quota Entry xut hin nh hnh v 12-15
559
QUN L LU TR D LIU TRN A bn xc nh cc ngng lu tr v ngng cnh bo i vi ngi s dng la chn. Khi bn to mt bn ghi cho nhiu ngi s dng, mi ngi s dng nhn ngng xc nh ring r.
Hnh 12-15 Hp thoi Add New Quota Entry Lu tr cc mc vo hn ngch Nu bn mun p dng cc mc vo hn ngch t mt volume NTFS ny cho mt volume NTFS khc, bn c th xut cc mc vo ra mt file no v nhp chng vo volume kia. La chn mt hoc nhiu cc mc vo hn ngch, trn thc n Quota nhp Export v xc nh tn file. Trn volume kia, la chn Import ri chn file c cha cc mc vo m bn mun nhp. Gim st cc hn ngch v kh nng lu tr Hp thoi Quota Entries hin th mc s dng dung lng a vi mi ngi s dng v xc nh xem dung lng lu tr ny bng hoc trn mc cnh bo hoc mc ngng. Khng c c ch to ra cc cnh bo cho ngi qun tr v vic ngi s dng t ti cc ngng hn ngch ca h. V vy bn phi gim st hp thoi Quota Entries hoc cc nht k nm trong phn System ca Event Viewer. CH Mc tiu ca k thi Cc mc tiu cho k thi 70-290 yu cu cc hc vin c kh nng gim st cc hn ngch a
560
TNG KT
Windows Server 2003 h tr hai loi lu tr: c bn v ng cng vi ba h thng file: FAT, FAT32 v NTFS. Hu ht cc c tnh qun tr lu tr tin tin ch sn sng trn cc volume trn a ng v c nh dng theo chun NTFS. Cc a c bn v h thng file FAT cung cp tinh tng thch vi cc h iu hnh Windows c nhng b hn ch bi dung lng ca chng. Mt a c bn c th cu hnh ln ti bn phn vng ca c hai loi: chnh v m rng. Ch c mt phn vng m rng duy nht trn a nhng bn c th to nhiu a logic khc nhau ty theo nhu cu ca bn. Cc a ng cung cp cc la chn linh hot v mnh m trong cc cu hnh vi yu cu nhiu hn mt a. Mt a ng ch c duy nht mt phn vng nhng bn c th c ty thch bao nhiu volume trn phn vng . Cc a c bn c th chuyn i thnh cc a ng m khng mt mt d liu nhng bn s mt tt c d liu v cc volume s b xa khi thc hin chuyn i mt a ng thnh mt a c bn. Cc a ng h tr cc loi volume sau: simple, spanned, striped, mirrored v RAID-5 cung cp kh nng lu tr ty thuc vo dung lng, hiu nng v kh nng chng li. Mirrored volume (RAID-1) cung cp kh nng chng li, n duy tr mt phin bn sao lu trn c hai a. Cc striped volume vi bit chn l (RAID-5) s a d liu ln trn nhiu a v s dng d liu chn l. Cc d liu ny c duy tr vi mc ch tnh ton d liu b li khi c mt a b h hng. Cc simple volume, spanned volume, striped volume (RAID-0) v tt c cc a logic trn cc a c bn u khng c tnh nng chng li. Tt c d liu s b mt i nu c bt k a no b li. Cc volume ny cng ln hoc nhiu a vt l h tr cho chng th kh nng b li cng cao. to v qun tr cc a c bm v a ng, bn s dng Disk Management. Cc cng vic qun l a thng dng gm c to v xa cc phn vng, cc volume v gn cc k t a, cc im gn kt.
561
QUN L LU TR D LIU TRN A Cc volume c th b hng hoc phn mnh v thng xuyn b y. Cc cng c nh Check Disk, Disk Defragmenter v Quota Manager s gip bn qun tr cc volume sn c. Cc hn ngch a cho php bn thit lp v gim st cc ngng lu tr v ngn cn ngi s dng ghi d liu ln a mt khi anh ta vt qu mc ngng. Cc hn ngch c th c cu hnh cho tng ngi s dng, trn tng volume.
BI TP THC HNH
===============================================
Bi tp thc hnh thc hnh 12-1: S dng Check Disk

Trong bi thc hnh ny, bn s s dng cng c Check Disk kim tra iu kin trn C: my tnh ca bn. 1. Truy cp vo h iu hnh Windows Server 2003 bng ti khon Administrator. 2. Nhp Start, sau nhp vo Windows Explorer. 3. La chn a C trong Windows Explorer v t thc n File la chn Properties. Hp thoi Local Disk (C:) Properties xut hin. 4. La chn th Tools v nhp vo Check Now. Hp thoi Check Disk Local Disk (C:) xut hin. 5. La chn cc hp kim tra Automatically Fix File System Errors v Scan For And Attempt Recovery Of Bad Sector v nhp Start. Mt hp thng bo Checking Disk Local Disk (C:) xut hin ng rng Check Disk yu cu truy cp hon ton n a. 6. Nhp Yes lp lch cho tin trnh kim tra a ti ln k tip khi bn khi ng li my tnh. 7. Khi ng li my tnh v theo di tin trnh kim tra a xy ra. ===============================================
562
Bi tp thc hnh thc hnh 12-2: Chng phn mnh mt a cng

Trong bi thc hnh ny, bn s s dng cng c Disk Defragmenter chng phn mnh cho a C my tnh ca bn. 1. Truy cp vo h iu hnh Windows Server 2003 bng ti khon Administrator. 2. Nhp Start v nhp Windows Explorer. 3. La chn a C trong Windows Explorer v t thc n File la chn Properties. Hp thoi Local Disk (C:) Properties xut hin. 4. La chn th Tools v nhp vo Defragment Now. Mn hnh Disk Defragmenter xut hin. 5. Nhp Analyze. Sau qu trnh phn tch, mt hp thng bo Disk Defragmenter xut hin xc nh xem bn c nn chng phn mnh a ny khng. 6. Bt k nhng khuyn ngh ca chng trnh, nhp Defragment bt u tin trnh chng phn mnh a. Khi tin trnh ny kt thc, mt thng bo khc xut hin cho php bn xem li bo co v qu trnh hot ng ca qu trnh. ===============================================
Bi thc hnh 12-3: Cu hnh cc hn ngch a mc nh

Trong bi thc hnh ny, bn s cu hnh cc hn ngch a mc nh cho a C my tnh ca bn. 1. Truy cp vo h iu hnh Windows Server 2003 bng ti khon Administrator. 2. Nhp Start v nhp Windows Explorer.
563
QUN L LU TR D LIU TRN A 3. La chn a C trong Windows Explorer v t thc n File la chn Properties. Hp thoi Local Disk (C:) Properties xut hin. 4. La chn th Quota ri la chn hp kim tra Enable Quota Management. 5. La chn Limit Disk Space To v xc nh mt dung lng ti a l 5000MB. 6. Trong iu khin Set Warning Level To xc nh mt mc cnh bo l 450MB. 7. La chn c hai hp kim tra v tin trnh ghi li nht k i vi hn ngch v nhp OK. Mt hp thng bo Disk Quota xut hin. 8. Nhp OK ng hp thng bo v kch hot h thng hn ngch.
564
CU HI N TP
1. Nhng p n no di y cung cp kh nng phc hi nu c li xy ra i vi mt a cng n? a. a logic b. Simple volume c. Mirrored volume d. Striped volume e. Phn vng m rng f. Spanned volume g. RAID-5 volume h. Phn vng chnh 2. Bn c mt my tnh c ci t hai h iu hnh trong phng lab. My tnh ci t Windows NT4 trn phn vng chnh u tin v Windows Server 2003 c ci t trn phn vng th hai. My tnh ang trong tnh trng thiu khng gian a cng v vy bn cn thm mt a cng mi. Bn khi ng my tnh vi h iu hnh Windows Server 2003 v cu hnh a ny l mt a ng. Sau bn khi ng vi Windows NT4 v bn khng th nhn thy a ny. Ti sao? 3. Nhm cung cp tnh nng chng li, hiu nng cao nht v kh nng thay th nng mt a li bn mua mt RAID cng vi 7 a. Sau khi ci t nhm a ny, bn ch nhn thy duy nht mt a mi trn Windows Server 2003. Ti sao? 4. Nhng p n no di y cho php bn to cc a logic? a. Cc phn vng chnh b. Cc simple volume c. Cc spanned volume
565
QUN L LU TR D LIU TRN A d. Cc phn vng m rng e. Khng gian a cha s dng 5. Gn y bn c thm mt a cng cho my tnh ca bn. Trc kia a ny c s dng trn mt my tnh ci t Windows 2000 Server. a xut hin trong Device Manager nhng li khng hin th chnh xc trong Disk Management. Mc thc n no bn phi la chn? a. Import Foreign Disk (nhp mt a bn ngoi) b. Format (nh dng) c. Rescan Disks (qut li cc a) d. Change Drive Letter And Paths (thay i k t a v ng dn) e. Convert To Dynamic Disk (chuyn i thnh a ng) 6. Bn c gng chuyn i mt a FireWire ngoi vi t c ch lu tr c bn thnh lu tr ng nhng la chn Convert (chuyn i) khng sn sng. L do v sao? 7. Bn l nh qun tr ca mt my tnh Windows Server 2003. Bn mun sa bt k mt li no xy ra vi h thng file v phc hi cc cung hng trn a cng ca my tnh. Cng c no cho php bn thc hin cng vic ny? a. Check Disk b. Disk Defragmenter c. Diskpart.exe d. Disk quotas 8. Dung lng khng gian a trng yu cu trn mt volume c th hon thnh mt tin trnh chng phn mnh l bao nhiu?
566
QUN L LU TR D LIU TRN A a. 5% b. 10% c. 15% d. 25% e. 50% 9. Bn ang trin khai gii php RAID mm trn my tnh Windows Server 2003 ca bn. Bn mun cung cp tnh nng chng li cho cc phn vng h thng v khi ng. Bn s s dng phin bn no ca RAID? a. RAID-0 b. RAID-1 c. RAID-5 d. Khng th s dng RAID mm bo v phn vng khi ng 10. Bn ang ci t mt my tnh Windows Server 2003 v bn mun bo v d liu trn a cng. Bn mun trin khai mt gii php nhm cung cp a vo/ra nhanh nht c th v h tr thay th nng cc a cng. Gii php ca bn l g? a. RAID-0 b. RAID-1 c. RAID-5 d. RAID cng 11. Bn ang ci t RAID-5 trn my tnh Windows Server 2003. Bn lp k hoch s dng 5 a cng mi ci c dung lng 20GB. Phn trm dung lng d phng bn c th d on trong cu hnh? a. 20
567
QUN L LU TR D LIU TRN A b. 25 c. 33 d. 50 12. Bn ang ci t RAID mm trn my tnh Windows Server 2003 nhm cung cp tnh nng chng li cho d liu lu tr trn . My tnh ny c vai tr l my ch c s d liu trn mng. My ch ny thng thc hin nhiu chc nng c nhng li kh t chc nng ghi. Bn mun c mt gii php chng li nhm cung cp hiu nng cao nht. Bn s s dng gii php RAID no? a. RAID-0 b. RAID-1 c. RAID-5 13. Trn mt my tnh bn mun trin khai RAID-5 c ba a cng mi a c 2GB khng gian cha s dng. S dng mn hnh Disk Management, bn khi to New Volume Wizard bng cch nhp vo mt trong cc vng khng gian a cng cha s dng. Khi bn ti mn hnh Select Volume Type, la chn RAID-5 khng c kch hot. L do v sao? a. trin khai RAID-5 cng b. Mt hoc hai a cng c cu hnh c ch lu tr c bn c. C ba a cng c cu hnh c ch lu tr ng d. C ba a cng c cu hnh c ch lu tr c bn e. trin khai RAID-5 mm
568
CC KCH BN TNH HUNG

===============================================
Kch bn 12-1: S dng RAID

Minh c hai a cng 100-GB SCSI trn mt my ch Windows Server 2003 do anh ta qun tr. My ch ny cng c mt b iu khin RAID cng h tr RAID-0,1,5. Hin ti trn a cng th nht s dng 70 GB v a th hai ang trng. Minh s rng a th nht c th b hng gy ra mt mt d liu trn . Minh ang cn nhc gii php sao lu nh k nhng khng c thit b no cho php sao lu dung lng d liu nh vy. Anh ta mun trin khai mt gii php cung cp tnh nng chng li cho a th nht. Trong cc gii php di y, u l gii php cho php anh ta thc hin vi cu hnh hin ti ca my ch Windows Server 2003? 1. Cu hnh dch v shadow copy trn volume nm trn a cng th nht. 2. Cu hnh cc a trong cu hnh RAID-5 s dng cng c cu hnh ca b iu khin RAID cng. 3. Cu hnh cc a trong cu hnh RAID-0 s dng cng c cu hnh ca b iu khin RAID cng. 4. Cu hnh cc a trong cu hnh RAID-1 s dng cng c cu hnh ca b iu khin RAID cng. ===============================================
Kch bn 12-2: Tng kh nng lu tr

Minh l nh qun tr h thng ca my ch file Windows Server 2003. My ch ny hin ti c hai a cng. a th nht c dung lng 30 GB nm gi cc file ca h iu hnh. a th hai c dung lng 80 GB nm gi d liu ngi s dng trn 05 th mc chia s ring bit. Mi th mc chia s tng ng vi mt phng trong cng ty v chng li c chia thnh 03 th mc ring bit. Th mc th nht l cha cc ti liu phng, th mc th hai cha cc ti liu lm vic nhm v th mc th ba cha d liu ca tng c nhn.
569
QUN L LU TR D LIU TRN A Tt c ngi s dng u c quyn Read i vi th mc ca phng v c quyn Read/Write i vi th mc cha ti liu lm vic nhm. Ngoi ra, mi ngi s dng c ton quyn i vi th mc d liu c nhn ca mnh. Duy nht ch c mnh anh ta mi c quyn trn th mc ca mnh, nhng ngi s dng khc khng c bt k quyn no trn . H thng 05 th mc chia s ny lm vic tt v tt c cc nhn vin trong cng ty u hiu cu trc lu tr v tm kim ti liu. C mt vn trong tin trnh pht trin l d liu ngi s dng trn 05 th mc chia s ca cc phng pht trin qu nhanh lm cho a lu tr d liu ny hu nh y. Vn ny buc Minh phi trin khai mt gii php nhm gii quyt li ny. Mc tiu chnh ca anh ta l thm khng gian cho mi chia s m bo rng a lu tr cc th mc chia s ny khng b y. Anh ta cng nhn c yu cu t pha gim c, nh l mt mc tiu th yu, cn phi m bo cc vn sau: Ch gi 05 th mc chia s v m bo th mc d liu ngi s dng l ngoi mi chia s mc phng. Cung cp tnh nng chng li cho cc file c chia s Gi nguyn c ch bo mt hin ti ang s dng v vy nhng ngi s dng ring l c ton quyn iu khin vi th mc ca h v nhng ngi s dng khc khng th truy cp c. t c mc tiu ny, Minh tin hnh cc cng vic sau. Trong qung thi gian lp lch sau na m, khi khng c ngi s dng no kt ni ti my ch anh ta tin hnh tt my ch v ci t nm a cng mi c dung lng 100 GB trn . K anh ta nh dng mi a nh mt volume vi h thng file NTFS v to ra mt th mc mi c tn Temp trn mi th mc lu tr cc chia s ca tng phng. Ln lt tng ci mt, anh ta gn kt nm a cng vi mi th mc Temp sao cho mi th mc ny tr ti mt a cng ca ring chng. Sau anh ta chp d liu ca th mc d liu ngi s dng vo th mc Temp trn mi chia s v k anh ta xa th mc d liu gc. Cui cng, Minh i tn th mc Temp thnh tn ca th mc d liu ngi s dng. Vi gii php ni trn, theo bn Minh c th t c nhng mc tiu no? a. Anh ta khng t c bt k mc tiu chnh no nhng li t c tt c cc mc tiu do gim c a ra. b. Anh ta t c mc tiu chnh v mt mc tiu th yu.
570
QUN L LU TR D LIU TRN A c. Anh ta t c mc tiu chnh v hai mc tiu th yu. d. Anh ta t c tt c cc mc tiu chnh v mc tiu th yu. e. Anh ta khng t c mc tiu no c.
571
THUT NG
THUT NG
access control entry (ACE) Mc vo Kim sot Truy nhp: mt mc vo (dng) trong Danh sch Kim sot Truy nhp (access control list ACL) xc nh cc cp php c trao cho mt Ch th Bo mt c th no .. access control list (ACL) Danh sch Kim sot Truy nhp Mt tp hp cc Mc vo Kim sot Truy nhp lin quan ti file, folder, i tng Active Directory hay cc ti nguyn khc xc nh cc cp php m cc Ch th Bo mt (nh ngi dng, my tnh) c khi truy nhp cc ti nguyn. ACE Xem access control entry (ACE). ACL Xem access control list (ACL). active partition Phn vng c tch cc Phn vng c cha cc file khi ng ca h thng. archive bit Bit l tr C 1 bit c cha trong tt c cc file gip cho cc chng trnh sao lu xc nh c file no cn lu tr. Cc file mi to c bit lu tr c kch hot v vic thc hin sao lu ton phn s xa bt ny. Bit lu tr ny li c kch hot li khi ta tin 572
hnh sa i file, gip cho cc ch sao lu tng ln hay sai khc c th sao lu cc file c sa i.. attribute thuc tnh Mt thnh phn nguyn t ca i tng Active Directory cung cp cc thng tin v i tng, v d i tng ngi dng c cc thuc tnh tn goi, tn h, a ch E-mail ca ngi dng. Autochanger B np t ng Mt loi thit b phn cng bao gm mt hay nhiu bng t, mt dy cc bng t v c cu t ng a cc bng t nht nh vo bng. B np t ng gip cc Qun tr h thng thc hin cc chin lc sao lu t ng. Baseline ng c s Mt tp hp cc mc hiu nng thu c trong iu kin hot ng bnh thng. c dng so snh vi cc mc hiu nng thu c sau ny, khi h thng gp vn khi hot ng. Bottleneck Nt c chai Mt thnh phn no trong h thng khng cung cp cng mc hiu nng nh cc thnh phn khc, gy nn vic hot ng chm ch ca ton h thng. CAL Xem Client Access License (CAL). Client Access License (CAL) Giy php Truy nhp t My
THUT NG khch Mt loi giy php cho php ngi dng hay thit b kt ni ti sn phm my ch thc hin cc chc nng s dng cc thnh phn my ch, bao gm cc dch v file, in n, xc thc. Cc truy nhp khng xc thc thng qua Internet khng yu cu c giy php ny. commit memory B nh cam kt Lng b nh c t sn cho cc chng trnh ngi dng v h thng. computer object i tng My tnh Mt kiu i tng Active Directory i din cho mt my tnh c th trong Min. i tng ny bao gm Ti khon My tnh, gip h thng c th thit lp knh bo mt gia My tnh v My ch iu khin Min, v cc thng tin v my tnh. container object i tng cha Mt loi i tng Active Directory c th cha trong n cc i tng khc. details pane Khung chi tit Khung pha bn phi trong Bng iu khin Qun tr Microsoft (MMC), hin th cc thng tin chi tit v cc thnh phn c la chn trn khung Phm vi bn tri ca s MMC. device driver Trnh iu khin Thit b Mt tp cc 573 thng trnh thc hin cc chc nng chuyn bit ca thit b tr gip cho cc hot ng vo/ra ca n. differential backup Sao lu Sai khc (vi sai) Mt kiu sao lu c s dng b lc sao cho ch cc file thay i sau ln sao lu ton phn gn nht c sao lu. Kiu sao lu ny ch sao lu cc file c bit lu tr c kch hot v khng thay i gi tr bit sao lu ca file. Sao lu Sai khc yu cu nhiu khng gian lu tr hn so vi kiu Sao lu Tng ln do cc file c thay i s c sao lu trong tt c cc ln thc hin kiu sao lu ny cho n ln thc hin Sao lu Ton phn k tip. Tuy nhin, kiu sao lu ny gip thc hin vic phc hi d dng v nhanh chng hn do ch cn mt bn sao lu ton phn v mt bn sao lu sai khc gn nht l . Xem thm incremental backup. direct memory access (DMA) channel Knh Truy nhp B nh Trc tip Mt knh dn c cc thit b phn cng s dng truyn trc tip d liu vo/ra b nh h thng (khng thng qua CPU). directory service Dch v th mc Mt c s d liu bao gm cc thng tin v cc thc th v ti nguyn mng, dc cc
THUT NG ngi dng s dng nh l mt hng dn truy nhp cc ti nguyn mng v nh l mt ngun xc thc. Cc h iu hnh mng trc y s dng Dch v th mc dng cc file bng c bn, nh Windows NT v Novell NetWare. Ngy nay, cc Dch v th mc, nh Active Directory ca Microsoft v eDirectory ca Novell, c xy dng c tnh cu trc trt t v h tr cho cc mng doanh nghip ln. distribution group Nhm Phn phi Mt kiu nhm Active Directory khng th thc hin cc chc nng nh cc Ch th Bo mt, dc s dng chnh to ra cc dan sch E-mail. DMA channel Knh DMA Xem direct memory access (DMA) channel. Domain Min Mt tp hp ca cc ngi dng, my tnh, ti nguyn c cc thng tin ca chng c lu tr trong Dch v Th mc trn my ch (gi l My ch Qun tr Min hay DC). domain controller My ch Qun tr Min Mt my tnh chy h iu hnh Windows Server 2003, Windows 2000, hay Windows NT c ch nh lu tr v x l cc thng tin Dch v Th mc. Min Windows NT v dch v 574 Active Directory lu CSDL dch v th mc trn my tnh ny, ng thi chng cng lm nhim v xc thc cc ngi dng mun truy nhp cc ti nguyn mng.. domain functional level Cp Chc nng Min Mt thit lp ch nh cc chc nng no ca Active Directory l c th thc hin trong Min. Vic thc thi Active Directory trong cc phin bn khc nhau ca Windows c khc nhau i cht trong cc tnh nng ca n v Cp Chc nng Min kim sot cc t hp nhm hay cc s chuyn i nhm no l c th thc hin c. domain local group Nhm Cc b Min Mt loi phm vi nhm Active Directory c s dng chnh cung cp truy nhp ti cc ngun ti nguyn trong mt Min n. Duplexing Nhn bn Vic ci t theo kiu nh x a, trong mi a vt l s c kt ni ti mt knh/card iu khin khc nhau. K thut ny cho hiu nng tt v kh nng chng li c i vi cc hng hc ca a cng nh ca knh/card iu khin. effective permissions Cc Cp php Hiu dng l s kt hp ca cc cp php Cho php, T chi, Tha k, v Trc tip i vi Ch th Bo mt. N cho
THUT NG php xem trc tip cc cp php c hiu lc i vi Ch th Bo mt khi thc hin chc nng truy cp n ti nguyn. Forest Rng mt nhm cc cy Active Directory s dng cc khong khng gian tn khc nhau. forest functional level Cp Chc nng Rng Mt thit lp xc nh cc chc nng Active Directory no l c th thc hin trong rng. nng cp chc nng rng khng nh hng n cc hot ng ca nhm Active Director. Fragmentation Phn mnh Mt trng thi ca a c cha cc file c lu tr trn nhiu lin cung cch xa nhau. Do u c phi di chuyn trn ton b a c cc thng tin ca mt file nn hiu nng chung s gim. global group Nhm Ton cc Mt loi phm vi nhm Active Directory c s dng thng dng nht cho vic cp php cho cc i tng th mc c yu cu thng xuyn bo tr, nh ti khon ngi dng, my tnh. GPO Xem group policy object (GPO). group policy object (GPO) i tng Chnh sch Nhm Mt tp hp ca cc thit lp chnh sch nhm p dng trn 575 Min, Site, hay i tng OU (organizational unit). host header Tiu My ch Mt phng php dng phn bit cc Web Site chy trn mt my ch khi n ch s dng mt a ch IP v mt s hiu cng. Bng vic xc nh tn ca my ch Web (Tiu My ch) trong yu cu HTTP, my ch Web c th chuyn tip mi yu cu trn ti mt Web Ste tng ng. hotfix Bn sa li nng Mt ming v hay bn cp nht cho cc sn phm ca Microsoft khc phc mt vn nu trong mt bi lin quan ti Microsoft Knowledge Base (mt dng tp san cc kin thc t Microsoft). Bn sa li nng uc p dng cho cc my tnh c thc hin mt s tc v nht nh hay gp phi cc vn tng t nh bi bo ch ra.. incremental backup Sao lu Tng ln Mt kiu sao lu c s dng b lc sao cho ch thc hin sao lu vi cc file b thay i t ln sao lu trc. B lc s nh gi bt lu tr ca mi file v ch sao lu cc file no c bt lu tr c kch hot. Sao lu Tng ln s sa li gi tr bit lu tr sau mi ln sao lu (khng ging nh Sao lu Sai khc, chng khng sa bit lu tr). Kiu sao lu ny
THUT NG chng s dng t bng/a sao lu hn do chng khng tin hnh sao lu li cc file c sao lu t ln sao lu trc m khng c thay i g. Nhng vic phc hi cc d liu sao lu ny l kh khn hn do phi phc hi ln lt theo ng th t tt c cc bn sao lu c k t ln sao lu ton phn gn nht. interrupt request (IRQ) Yu cu ngt mt tn hiu c gi t thnh phn ny n thnh phn khc ca h thng (thng thng c gi t thit b ngoi vi n b vi x l) bo hiu rng thit b gi i hi s ch ca thit b nhn. I/O address a ch Vo/Ra v tr trong b nh nh cho mt thit b phn cng no s dng, dng trao i thng tin vi h thng. IRQ Xem interrupt request (IRQ) leaf object i tng L Mt loi i tng Active Directory khng th cha bt c mt i tng khc no trong n. license group Nhm Giy php Do Dch v Nht k Giy php (License Logging Service) phn phi cc giy php theo tn ngi dng ch khng phi tn thit b nn cc giy php truy nhp t my trm cp cho thit b (Device Client Access 576 Licenses) c trao cho Nhm Giy php. Mt Nhm Giy php c th c mt hay nhiu ngi dng c trao cho mt s giy php ng bng s cc thit b m h dng truy nhp cc sn phm my ch. local group Nhm Cc b L nhm ca cc ti khon trn cc my ch c lp hay cc my ch thnh vin chy Windows Server 2003. Nhm Cc b c th c cc ngi dng cc b v cc nhm ton cc min l thnh vin ca n nhng ch cung cp vic truy nhp n cc ti nguyn c trn h thng cc b c cha nhm ny. locally attached printer My in Kt ni Cc b Mt my in vt l c kt ni trc tip ti my tnh, thng thng s dng cc cng song song hay USB. local user profile Khi lc Ngi dng Cc b L tp hp ca cc file v folder xy dng nn mi trng mn hnh nn dnh cho mt ngi dng xc nh, c lu tr trn a cc b. logical printer My in Logic L i din ca my in vt l trn my tnh, n gi cc tc v in n my in vt l thng qua cng xc nh. My in logic bao gm hng i in, trnh iu khin my in, cc thit lp, cp php v cc thit lp mc nh
THUT NG in qun l vic to ra cc tc v in cho my in vt l. mandatory user profile Khi lc Ngi dng Bt buc Mt loi khi lc ngi dng dng ch c, n khng duy tr c cc thay i khi lc gia cc phin lm vic. Ngi dng c th thay i khi lc ca h, nhng cc thay i ny s khng c lu li khi h ng xut. memory leak R r b nh L kt qu ca vic cc chng trnh dnh b nh cho mnh hot ng nhng sau khng gii phng chng khi khng dng na.. mirrored volume a logic nh x Hai a cng duy tr bn sao ging ht nhau ca d liu. y l dng RAID mm duy nht c th p dng trn cc h thng. N cung cp hiu nng tt trong vic c v ghi, kh nng chng li rt tt nhng gi thnh cao do phi dnh 50% tng dung lng a lu cc thng tin d phng. network-attached printer My in cm trc tip vo mng Mt loai my in c cm trc tip vo mng thay cho cm vo my tnh. Cc my tnh thng giao tip vi my in ny bng cch s dng a ch IP. network printer My in mng trong khi nim ca Windows, My in logic trn my trm l khch ca my in logic nm trn my tnh khc c chia s trn mng. My in logic c chia s trn mng ny c gi l My in mng. object i tng Mt khi c bn ca dc v th mc Active Directory. Cc i tng l cc thnh phn ddaij din cho cc ti nguyn nh ngi dng, my tnh Min hay nhm. Mi i tng c mttp hp cc thuc tnh cha cc thng tin v bn thn i tng. V d, cc thuc tnh ca i tng ngi dng bao gm tn goi, tn h, v a ch E-mail ca ngi dng. organizational unit (OU) n v T chc Mt loi i tng cha Active Directory c s dng trong ni b min. OU l i tng cha logic trong ta c th b tr ngi dng, my tnh v cc OU khc. OU ch c th cha trong n cc i tng cng min. OU l phm vi nh nht bn c th p dng chnh sch nhm hay y quyn qun tr. OU Xem organizational unit (OU). Per Device or Per User licensing mode Ch giy php theo ngi dng hay theo thit b Mt yu cu giy 577
THUT NG php cho php trao quyn cho mt ngi dng (c th s dng nhiu thit b) hoc cho mt thit b (c th c nhiu ngi dng) c truy cp n bt c sn phm my ch no. performance counter Bin m Hiu nng mt loi bo co d liu lin quan n i tng hiu nng. performance instance Trng hp ring hiu nng Mt s kin ring ca bin m hiu nng. Nu my ch c bn b vi x l, chng ta s c bn trng hp ring cho mi bin m hiu nng ca i tng b vi x l, c nh s t 0 n 3. performance object i tng Hiu nng Mt tp hp logic ca cc mc d liu bo co hoc cc bin m lin kt vi ti nguyn, dch v hay ng dng c theo di. Per Server licensing mode Ch giy php theo my ch Yu cu giy php s c cp khi ngi dng hay thit b kt ni ti my ch hay cc sn phm my ch. Khi ngi dng ngt kt ni, giy php li c tr li vo nhm giy php c th cp, sn sng cp cho cc ngi dng hay thit b khc. Ch ny yu cu mt s lng giy php h tr cho s lng ngi dng ln nht cng kt ni ti mi my ch ti mt thi im.. Plug and Play (PnP) Cm v Chy Mt tiu chun xc nh cc c tnh ca cc thnh phn my tnh cho php vic t ng pht hin v cu hnh cc thnh phn phn cng ny. PnP Xem Plug and Play (PnP). print queue Hng i in Mt danh sch cc tc v in ang i c chuyn sang my in vt l. print server My ch in n My tnh c cu hnh chia s my in vi cc my trm trn mng. My ch in n sp xp cc tc v in n nhn c t my khch v ln lt chuyn cc tc v ny ti my in vt l. RAID-5 volume logic RAID-5 a logic trn d liu c ghi cng lc trn nhiu cng vt l (t 3 n 32 ) vi cng tc km theo thng tin chn l nhm cung cp kh nng chng li khi logic b hng mt n. Cu hnh ni trn cung cp hiu nng c tt v s dng tit kim dung lng a, nhng tc ghi khng tt v tiu tn ti nguyn b vi x l nhiu hn do vic phi tnh ton thng tin chn l trong qu trnh ghi. roaming user profile Khi lc Ngi dng Di tr Mt 578
THUT NG loi khi lc ngi dng da trn my ch, c lu trn a chia s trn mng m ngi dng c th truy nhp t bt c my tnh no. scope pane Khung phm vi khung bn tri trong ca s MMC, hin th cc snap-in c ci t trong bng iu khin. security group Nhm Bo mt Mt kiu nhm Active Directory c s dng nh cc ch th bo mt trong cc Danh sch Kim sat Truy nhp (ACL). security identifier (SID) m nhn dng bo mt Mt gi tr duy nht c gn cho mi i tong Active Directory khi chng c to ra. security principal Ch th Bo mt Ngi/i tng s hu tai khon c gn m nhn dng bo mt mt cch t ng c th truy cp n cc ti nguyn. Ch th bo mt c th l ngi dng, nhm, my tnh hay dch v service pack Gi dch v mt tp hp cc ming v v cc bn cp nht cho mt sn phm ca Microsoft c th nghim cng nhau v c khuyn co ci t ln tt c cc my tnh chy sn phm ni trn. SID Xem security identifier (SID). simple volume logic n gin Tng dng vi khi nim phn vng trong a c bn. ny ch nm trn mt cng vt l do vy khng c kh nng chu li. slipstreaming Qu trnh tch hp cc service pack v/hoc cc bn sa li nng vo b ci t h iu hnh Windows. snap-in Mt module ng dng c mc dch c bit dng chy trong cc MMC. C hai loi snap-in, c lp (standalone) c th thm trc tip vo MMC v m rng (extension) nht thit phi gn vi mt Snap-in c lp. spanned volume logic m rng Mt a logic bao gm cc khong khng gian trn nhiu a cng. do dung lng ln cng nh gm nhiu a cng nn loi ny rt d hng v l khng chu li. special permission Cp php c bit thnh phn cung cp cho cc ch th bo mt cc mc truy cp chi tit hn n cc ti nguyn. standard permission Cp php tiu chun Mt tp hp cc cp php xc nh c s dng cung cp cho cc ch th bo mt vi mc s
579
THUT NG dng thng xuyn truy nhp vo ti nguyn. striped volume logic c chia vch Mt loi Logic trong d liu c ghi trn nhiu vt l vi cng tc theo tng khi (vch). N cung cp mt hiu nng dung lng tt nht so vi cc loi khc nhng khng c kh nng chu li. tree Cy Mt nhm cc min Active Directory cng chia s mt khong khng gian tn lin tc. V d, sales.microsoft.com v developers.microsoft.com l cc min Active Directory trong cng mt cy. UNC Xem Universal Naming Convention (UNC). Uniform Resource Locator (URL) Mt kiu k hiu/ng dn chun inh v ti nguyn trn Internet, v d http://www.adatum.com. universal group Nhm tng hp Mt loi phm vi nhm thng c s dng truy nhp ti cc ti nguyn trn nhiu min. Universal Naming Convention (UNC) Mt kiu k hiu/ng dn chun c s dng truy cp cc ti nguyn trn mng, UNC s dng nh dng: \\TnMyCh\TnChiaS. URL Xem Uniform Resource Locator (URL). virtual directory Th mc o mt i tng IIS cho php mt th mc bt k trn my cc b hay cc a chia s trn my khc xut hin nh l mt th mc con trong Web Site. volume shadow copy Sao chp bng ca mt tnh nng ca Windows Server 2003 v Windows XP duy tr mt th vin bao gm nhiu phin bn khc nhau ca cc file c la chn. Ngi dng c th la chn mt phin bn nht nh phc hi khi cn v cc chng trnh sao lu s s dng cc phin bn ny sao lu cc file ang m.
580

Giao Trinh MCSA 70-290 VN

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Giao Trinh MCSA 70-290 VN

Uploaded by

Copyright:

Available Formats

QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003

QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003

QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003

QUN L V DUY TR H IU HNH ............... 240

PHN 3 QUN L V DUY TR CC NGUN TI NGUYN CHIA S 385

QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003

QUN L V DUY TR PHN CNG ................... 484

THUT NG .................................................................................. 572

QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003

QUN L V DUY TR H IU HNH

QUN L V DUY TR H IU HNH MICROSOFT WINDOWS SERVER 2003

GII THIU H IU HNH WINDOWS SERVER 2003

CHNG 1: GII THIU H IU

QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 7

GII THIU H IU HNH WINDOWS SERVER 2003

H H IU HNH WINDOWS SERVER 2003

Cc phin bn ca h Windows Server 2003

QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 8

QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 10

QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 14

GII THIU H IU HNH WINDOWS SERVER 2003

CI T WINDOWS SERVER 2003

QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 16

GII THIU H IU HNH WINDOWS SERVER 2003

QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 18

GII THIU H IU HNH WINDOWS SERVER 2003

QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 20

GII THIU H IU HNH WINDOWS SERVER 2003

QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 22

GII THIU H IU HNH WINDOWS SERVER 2003

QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 23

GII THIU H IU HNH WINDOWS SERVER 2003

QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 24

GII THIU H IU HNH WINDOWS SERVER 2003

QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 25

GII THIU H IU HNH WINDOWS SERVER 2003

QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 26

GII THIU H IU HNH WINDOWS SERVER 2003

QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 27

GII THIU H IU HNH WINDOWS SERVER 2003

GII THIU H IU HNH WINDOWS SERVER 2003

QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 30

Kch hat (Activate) Windows Server:

CU HNH WINDOWS SERVER 2003

QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 34

GII THIU H IU HNH WINDOWS SERVER 2003

QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 35

GII THIU H IU HNH WINDOWS SERVER 2003

QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 36

GII THIU H IU HNH WINDOWS SERVER 2003

QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 37

QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 38

QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 39

GII THIU H IU HNH WINDOWS SERVER 2003

QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 40

QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 41

QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 42

GII THIU H IU HNH WINDOWS SERVER 2003

QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 43

QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 44

GII THIU H IU HNH WINDOWS SERVER 2003

22. Nhn Finish

QUN L V DUY TR H IU HNH WINDOWS SERVER 2003 45

GII THIU H IU HNH WINDOWS SERVER 2003