System Administration - Windows
Lab 2 / HW 2 - 30 points
Due Feb 28th


Name _____________________________________

System Name ________________________________


TURN THIS IN...WITH YOUR ANSWERS TYPED, BELOW THE GIVEN
QUESTIONS. (Print out and hand in...staple also.  Be Neat).
All answers should be in bold face!!


Follow the below steps, and answer all questions.
When done for the day, just shutdown the system gracefully,
dont change anything else on the system (since I may
sign on to your systems to check your work).


Most of the following is done under the account "Administrator".


-------------------------------------------------------------------


1. Job Scheduling

System Admins often have to run and monitor batch jobs,
which are jobs that are not run interactively, but scheduled
to run at certain times.  There are many type of jobs that
fit this category, payroll jobs that run overnight, system
jobs, and the most common is backups.  You want to run your
backup jobs/scripts overnight, but dont want to have to be logged
in and manually start them up at 2am!  So you want those type
of jobs to run automatically at the scheduled time.  Windows
2000 has a gui and command line approach to schedule jobs.


Command line:
The "at" command is a way for the administrator to schedule
jobs (batch jobs) to run at another date/time.

The at commands works with the Scheduler service (sometimes
called Task Scheduler).  This service controls the scheduling
of batch job to be run.


Log back in as administrator.

Type in "at" at the command prompt,


a. What do you see?



Use the "date /T" command and "time /T"  command to get the current
date/time (dont change it).
(you can also see the current time, by looking at the right
of the task bar.  If the time/date is not accurate on your
system, you can reset it by going into control panel-->day/time) 


Schedule the following job to run in 3 minutes from now:

for example:

  at 6:30pm /interactive taskmgr

(assuming 6:30pm is 3 minutes from now..use the current time
 plus 3 minutes.  Dont use the wall clock, check the current
 time by using the "time" command on the system)
NOTE- TYPE IN THE ABOVE COMMAND EXACTLY (there is a space
after the word 'at', after the "pm" and before the work 'taskmgr'.
Spacing and Capital/lowercase matters!



b. Now, type in "at".  What does it say?



c. Wait three minutes.   What happens?
(hopefully the above job starts up..if not, see me)




d. Type "at" again..what does it say now?
 



e. Whats the option to delete a job in the queue using
the at command?  (see "at /? " to get a list of options.
Try it (put a job in the queue, like above and then
try to delete it).  WHat happens?






GUI Approach:
Control Panel --> Scheduled Tasks

This is a gui tool that can be used to schedule and monitor jobs
on the system.    Click on "Add Scheduled Task".  


It will give you a default list of tasks that you can start up
(or you name/browse for your own).  Choose Calculator.  


f. What other choices are there for tasks that can start up?
(name a few).   Is backup in the list?




Next, pick the schedule to run the job.  Pick Daily.

g. What other choices, besides Daily, are listed?   This is
when the job can be set to run.




Next pick the Start Time and Start Date for the job.
Pick 3 minutes from the current system time.



Next is asks you who should the job run as...let it run as
administrator and enter your admin password.  Click on finish.


Wait 3 minutes.



h. Does the calculator pop up?  Hopefully so.


Starting up the calculator may not be the best of all examples, but
you could in reality startup any job (calculator, backup job
to copy files from disk to tape, or any other job/script that
you have created).



i. After you schedule a job, you will see an icon in the Scheduled
Tasks window, that represents yourjob.  You can double click
on it to review more information.  What information do you see?


j. How would you delete a scheduled job/task via this gui approach?






--------------------------------------------------------------------



2. Disk Administration

A system admin also needs to manage the servers hard drives.
Including watching storage space, partitioning the disk, 
formating, etc..


If you go into the Computer Management tool, under "storage",
you will see 3 different tools listed.  Disk Management,
Disk Defragmenter, and Logical Drives.


2a. Start up the Disk Management Utility.  This is another nice
gui administrative tool, to manipulate the hard drive and
disk partitions on ones server.


a. What disks do you see and what size are they (lower
half of screen)?



b. What partitions do you see on the main internal drive?  
(upper half of screen)

What file system type is the partition(s) (fat or ntfs)?

What capacity?  Free Space?  % free?




c.
Go to the C: partition thats displayed on the screen under Disk 0, and
right click on it and select properties.  

 General Tab:            
    Does it show ntfs or fat?
    What is the used space?
    What is the free space?


 Tools Tab:
   Backup - used to do backups, we will look at this later.
   
   Error Checking - checks for bad sectors or file systems 
     problems.  Click the start button and let it check
     your c: partition.  (dont check any of the boxes)
    What was the result?


   Defrag: This will help defragment your hard drive.
     Click on Defrag Now.  Look at the screen.

     Click on "Analyze" button.  Does your partition need
     deframentation?  Why or why not?

     Start up the defragmentation tool and watch for a minute
     or so then Stop.  Observe and learn.



 Quota Tab:
   Check the enable quota management box.
   This turns on the ability to set disk space quotas
   per user, so a given user doesnt use up to much disk
   space on the system.

   Set the user disk space quota limit to 100meg.
   Set the warning level to 50meg.

   Look under Quota Entries. 
    Who is listed?  What is their quota?  Why?




d. Back to Computer Management, Disk Management Screen  

Next..go to the Unallocated partition you have on your main hard
drive (in the above gui window), and right click on this 
unallocated partition.  Choose Create Partition.  Create
a primary partition of 2000mg (2 gig) size.  Let the drive letter
be F: (or whatever letter is free).  Choose to format using
NTFS.  

  What other choices to you have to format, besides NTFS?


Click on Perform a Quick Format.  Let the format begin (click Finish).

When done formatting, Besides the C: drive and unallocated partition,
what other partition is now displayed?  What size?  What file type?



Right click on this new partition, and pick "delete partition".
What happens after its deleted?
What happens to the unallocated space?



Thus you are able to create and delete partitions, 
monitor the size of partitions, defrag, check, and also
format partitions using NTFS.  Very important tasks for
a system admin.




2b. Computer Management --> Storage --> Disk Defragmenter
 The Disk Defrag choice in Computer Management, is the
same deframentation tool as we went over above.  In windows,
there are often multiple ways to access/pull-up the same tool.

Defragmentation is useful for two main reasons:  
  i. take free space thats scattered all over the disk in
  various sizes, and coalesce (combine) all the free space
  into one large block.  Thus o.s. can service requests for
  free space quicker and in a more efficient manner.
  ii. take disk space that makes up a file, that is also
  scattered all over, and combine into one contiguous space
  on disk.  Faster reads/writes.




2c. Computer Management --> Storage --> logical Drives

This shows you all logical drives/partitions on your system,
and allows you to double click on them and gain more information
on each.

What logical drives/partitions do you see listed?





--------------------------------------------------------------------`



3. File Sharing

Another important task of a system administrator, is to setup
file sharing, between a server and a client, on a network.  Here,
we will examine setting up the server side.
(THIS IS SERVER SIDE ONLY..not the client side, we will see
both again later this semester)


Look under My Computer --> C:
(double click C: to see all the folders in the C: drive)


a. Which folders have file sharing turned on by default (you
can see the sharing hand under the folder/directory)?


Now, create a folder called "stan".  (Go into the File pull
down menu, and pick "new" --> folder, and name is "stan").

Next, single click on the folder "stan" and bring
up Properties (under the file pull down menu).  Or right
click and pick properties. 


Click on the Sharing Tab.  

Next click on "Share the folder" button, and give it a sharename of
"stan".

Click on the permissions button:

b. By default, who has share permissions and what type of permission
(access)?  



Note - the list of users and groups, who have access and what
 type of access/permissions, is often called an ACL (access
 control list).


Add some permissions for others to access this share, by 
clicking on the "add button" which opens a new window to
"Add Users and Groups".  Click on the "Backup Operators"
group and click on "Add".  Then give them "Change" permissions.
Also give "megan" "Full control" permissions.

Now click on OK.  


c. What does it say on the list of access permissions on the
screen (what new info is displayed)?


Thus you can give permissions to both Users and Groups.  These
are called "SHARE" permissions.  And affects access to the
folder over the network only.


d. What possible share permissions are available?   (listed
when you gave permissions to megan and also Backup Operators)



e. What appears under the "stan" folder on the screen at this point?
(you might have to refresh the screen..from the View pull down
menu pick "refresh")



Go to the Command Prompt window (dos window) and type in

f. "net share".  Is the above "stan" folder listed?



g. Type in "net share c:\stan /delete" .  Then type in
"net share" again.  What happened to the "stan" share?



h. Does the sharing hand icon, appear under the "stan" folder
(when looking at the contents of the C: drive)?
(you may need to  pick "refresh" under the View pull down menu)   

It should be gone...


i. If you look under Properties for the "stan" folder, is
sharing turned on (under the share tab)?



Try:

net share stan=c:\stan

then

net share


j. Is the stan folder shared again?

k. Check via the Properties of the "stan" folder under the
"sharing" tab.  Is it listed as shared?  (refresh may be needed)


l. Does the sharing hand icon, appear under the "stan" folder
(when looking at the contents of the C: drive)?
(if not, pick "refresh" under the View pull down menu)   



Note - thus you can share a directory, by using a command
line command (net share) or via a gui interface.  In either
case, you can always tell if a folder is shared by:
  a. the sharing hand icon is displayed under the folder
  b. using the "net share" command at the command prompt, will
     show you all current shares
  c. clicking on the folder and opening up its properties, and 
     looking under the sharing tab.


Note also that the share name doesnt have to be the same name
as the folder itself that is shared..but often it is (common
convention).




-----------------------------------------------------------------



4. File and Directory Permissions

Understanding permissions on folders/files is an important
part of security, that every system admin needs to understand.

Files/Directories have TWO sets of permissions.  A "share"
set of permissions (ACLS) if the folder or file is shared.
ANd a local NTFS set of permissions (ACL) for the file or directory.
The overall access a user has, depends on both of the above.


Go back to the "stan" folder/directory.  Single click on it
and pick Properties again from the pull down menu.
(or right click and pick properties)


Under the "general" tab:

a. What are the possible attributes for this folder, and which
are clicked on by default?
(attributes really come from the dos world)


Under the "sharing" tab:

b. Click on permissions, what is the current ACL (access control
list), ie. list the group/users who are shared and what type
of access they have?
  
[these are the "sharing" permissions, applicable to only
to files/directories that are shared]



c. What are all the possible different Types of Access (permissions) 
one can have under the sharing tab?



Under the "Security" tab:

   These are the local NTFS permissions on this folder (would
be similar for a file).  

d.   What are the different permissions (ACLS) that are
listed (group/users and permission types)?




  Click on "Advanced" button.
  Click on "add" to add a user to the permissions acl.
By default, groups and users are listed.  
Scroll down and then click on the
user "erin".  Click on "Add".  Give erin
"Read and Execute" type of access.  Click on "OK".  

What type of permissions are possible?




e. Does erin now appear on the permissions list with the correct
name/permissions?




f. Next, lets remove a permission for this folder.  Click on
"erin" and then click on the "remove" button.  Did that
user get removed from the list?



g. Look under the Owner Tab.  Who is the owner of the stan folder?



Thus permissions, can be set on files and folders, based 
on both groups and users.  There are different sets of
permissions available, depending on if this is a 
  a. local NTFS permission 
  b. share permission

Local NTFS permissions are permissions on the local machine
(server) itself.  WHile share permissions are what one would
have over a network connection.  For a file/folder that is 
shared, overall permissions is a combination of both the local
NTFS permissions AND share permissions.

Note there are many different types of permissions available,
read, write, delete, modify, create, ownership, etc..

And every file/folder, does not only have the concept of
user and group permissions, but also the concept of owner of the
file/folder.
  


-------------------------------------------------------



5. Memory Management

System admins have to perform memory management also.  That
includes not only monitoring/adding RAM, but also keeping
track of virtual memory (VM).

NT/2000/2003 uses paging and virtual memory concepts, as most modern
operating systems.  The virtual memory space (page space on
disk) is in a file called pagefile.sys in the top level of
the c: partition (by default).


a. Log back in and check the size of pagefile.sys file (open
up a command window and do a "dir /a").  What is the size?



Pick   Start ---> Settings --> Control Panel    

Once the control panel opens up, click on "System"

Look thru all these tabs:


Advanced tab --> Performance Options:

b.   What is the size of the total paging (virtual memory, the pagefile.sys
file)?   

  Click on Change.

Pick the "C" drive for paging, if you have several choices.
Roughly double the maximum size number and also double the
initial size and click on "Set" .  Then click on "OK"
and then "close".


c. Log back in and check the size of pagefile.sys file (open
up a command window and do a "dir /a").  What is the new size?


Did this change on the fly or did you have to reboot the system?
(under NT 4.0, one had to reboot after making a change to the
Virtual memory size..but under windows 2000, a reboot is not
needed.  Windows 2000 needs far fewer reboots than previous
versions of windows).


Thus you are able to change the size, of the virtual memory
(aka paging file system/swap space)....
This is important when the system is running very sluggish
and the cpu load is high..often this is a sign of lack of
RAM (add more memory) or lack of virual memory/swap space.





----------------------------------------------------------


6. More Control Panel 

The control panel is the source of many useful system admin
tools and information.  We have seen quite a bit about the
control panel items already.  But here is a few more.


a. The system icon has lots of useful info.  Review and learn.


b. Also in the control panel, is the add/remove hardware icon.
Take a look at it.  What does it allow you to do?


c. Take a look at the add/remove programs (software) icon.  What
can you do?  What programs does it list?



----------------------------------------------------------

  

7. More Admin Tools

   (under start-->programs-->admin tools)

This is another location with many useful sysadmin tools.


We went thru most of the Admin tools already, but lets look/relook
at a few more:


a. event viewer
 
 What type of logs can you view?

 Any errors in any of your logs?  Double click on the error messages
to get more info.  Give an example...

The event viewer is a handy tool to review system logs.



b. local security policy

This allows you to set system wide policies, that apply to
all users/accounts.


 Look under Account Policies--> Password Policy

   What is the max password age?

   What is the min password length?

   What do they mean by password aging?



 Look under Account Policies --> Account Lockout Policy

   Double click on Account lockout Threshold. 
   Set the lockout threshold to 5.

   What then is the default account logout duration?

   What is the default reset account time?

   Both of the above can be changed, but just take the
defaults.   


   What does the above mean (whatis account lockout??)?




c. Services

Services allows you to manage system services (start, stop, pause,
etc..).  Services are system programs that run and deliver various
services on your server.


   Look up the Task Scheduler service.  
  (this service controls the task scheduler..the one that controls
   the running of batch jobs, like backups)

    Double click on this service.

   What is its description?
   What is its status?
   What is its startup type?

 Stop this service.  Then go into the command window and type
in "AT".  What happens?  Why?


 Start this service back up.  And in the command window type 
"AT" again.  What happens now?  Why?


 Besides starting and stopping a service, what else can
you do?


Note there are many services available on your system.

What do the following services do?  And whats the status of them
on your server?

  Windows Time
  Telnet
  SMTP
  Print Spooler

 




d. Network Monitor
e. Performance

  Both of the above admin tools, allows you to monitor the
network and system performance.  Much more in depth information
than you can get via the task manager.  These tools will be
shown in class to you (as a group).  Feel free to look into them
and look around.  But we will look at them later (if we get
a chance).




----------------------------------------------------------


8. Backups

It is crucial for a system admin to backup their systems.
This normally means copying all disk files/folders to a backup
media, like tape.


My Computer --> C: --> Properties

 Look under Tools Tab --> Backup


a. Welcome Tab - What are 3 tasks you can perform under
 the Backup tool?


b. Backup Tab - What can you backup?
    
   What can you normally backup your files/folders to?



c. Restore Tab - Where are files restored to by default?


Look at the schedule also, where you can schedule your backups
to be performed on a regular basis.

   



9. regedit

BE CAREFUL !!!!  The registry is a live database that controls
many configuration information about your system (instead of
using .ini files, config.sys or autoexec.bat files in the past
versions of windows).

We are going to edit the registry, using a registry editing tool
called "regedit".  Be careful.  Not following instructions can
clobber your machine!

The registry is made of up keys, values and
their locations.  An important key is:

key: dontdisplaylastusername

Location: HKEY_LOCAL_MACHINE --> Software--> Microsoft
 --> Windows --> Current Version --> policies --> system

Value: 0 (false) by default

This key is normally set to a Value of 0 (false).  So that the last user
who logged into a system, is automatically displayed on the login
screen.  This is ok for local desktop systems (less typing a person
has to do, since the same person uses the same system most of the time).
But for systems in public areas, you dont want to show the login name
of the last person who logged in (security issues).  Thus when you
set the above value to 1 (true), the key is turned on and the
last username is NOT displayed on the login screen.  Try it.

Start up "regedit" in the command window.  When the tool pops up,
follow the location in the left window...till you get to the
corret folder.  Then in the right window you will see the
correct key (dontdiplaylastusername).  Double click on that key.
You will see the value set to 0.  Change it to 1.  Then Exit
out of regedit.

No need to save or reboot, since any change in
the registry takes affect immediately.

Log of the system as administrator.

Do a control-alt-delete to bring up the login screen.  Is
the last username displayed?



-----------------------------------------------



10. winmsd

A tool that you can run at the command prompt, to do diagnostics.
(winmsd - Windows MicroSoft Diagnostics).  Can be useful for
a system admin, if things seem to be going wrong on your
system.

So go to the command prompt window and type "winmsd".

a. When you bring up this tool, look under the Tools pull down
menu and under Windows.  What tools are available?




b. Look under System Summary:

  What is the name of the O.S.?
  What is the O.S. manufacturer?
  What is the system name?
  What is the system manufacturer?
  What is the system model?
  Where is the windows directory?



------------------------------------------------------------------