Chapter 2 ADMINISTERING MICROSOFT WINDOWS SERVER 2003 pps
Bạn đang xem bản rút gọn của tài liệu. Xem và tải ngay bản đầy đủ của tài liệu tại đây (604.68 KB, 23 trang )
1
ADMINISTERING
MICROSOFT
WINDOWS SERVER
2003
Chapter 2
Chapter 2: ADMINISTERING MICROSOFT WINDOWS SERVER 2003 2
CHAPTER OVERVIEW
•
Manage a Windows Server 2003 system using
MMC
•
Access a remote computer using an MMC
console
•
Configure a server to enable Remote Desktop for
Administration
•
Enable a computer to accept requests for Remote
Assistance
Chapter 2: ADMINISTERING MICROSOFT WINDOWS SERVER 2003 3
MICROSOFT MANAGEMENT CONSOLE
(MMC)
•
Console shell with snap-in (mmc.exe)
•
Stand-alone
•
Extension
Chapter 2: ADMINISTERING MICROSOFT WINDOWS SERVER 2003 4
MICROSOF T MANAGEMENT CONSOLE
MODES
Chapter 2: ADMINISTERING MICROSOFT WINDOWS SERVER 2003 5
SET TING CONSOLE MODE OPTIONS
•
Dictate what users can do to the console.
•
Do not dictate what users can do with the console.
Chapter 2: ADMINISTERING MICROSOFT WINDOWS SERVER 2003 6
MICROSOF T MANAGEMENT CONSOLE
(MMC)
Scope Pane &
Console Tree
Details Pane
Chapter 2: ADMINISTERING MICROSOFT WINDOWS SERVER 2003 7
USING THE MMC INTERFACE
Chapter 2: ADMINISTERING MICROSOFT WINDOWS SERVER 2003 8
USING MMC MENUS
Chapter 2: ADMINISTERING MICROSOFT WINDOWS SERVER 2003 9
CREATING CUSTOMIZED MMC
CONSOLES
•
Combines one or more snap-ins or parts of
snap-ins in a single console
•
Eliminates the need to switch between different
programs or individual consoles
Chapter 2: ADMINISTERING MICROSOFT WINDOWS SERVER 2003 10
CREATING A TASKPAD
Chapter 2: ADMINISTERING MICROSOFT WINDOWS SERVER 2003 11
CONNECTING MMC TO REMOTE
COMPUTERS
•
Redirecting an MMC snap-in
•
Creating a remote console
Chapter 2: ADMINISTERING MICROSOFT WINDOWS SERVER 2003 12
MANAGING SERVERS WITH REMOTE
DESKTOP FOR ADMINISTRATION
•
Uses Terminal Services
•
Allows two concurrent connections
•
Enables server to be managed “as if you are
there”
Chapter 2: ADMINISTERING MICROSOFT WINDOWS SERVER 2003 13
•
Access the System Properties page
•
Start | Control Panel | System
•
Start | My Computer
•
Right-mouse button click
•
Properties
ENABLING AND CONFIGURING THE
REMOTE DESKTOP SERVER
Chapter 2: ADMINISTERING MICROSOFT WINDOWS SERVER 2003 14
INSTALLING AND CONFIGURING
REMOTE DESKTOP CONNECTION
•
The Windows Server 2003 distribution CD
•
The Systemroot\System32\Clients\Tsclient\Win32
folder
Remote Desktop Connection client software can be
installed from the following locations:
Chapter 2: ADMINISTERING MICROSOFT WINDOWS SERVER 2003 15
CONFIGURING REMOTE DESKTOP
CLIENT
•
Start
•
All Programs
•
Accessories
•
Communications
•
Remote Desktop Connection
General
Host Profile
Display Resolution
Local Resources Redirection
Audio
Disk Drive
Printers
Serial ports
Programs Execution
Experience
Performance Optimizer
Authentication Security
TLS, PKI (Smartcard)
Chapter 2: ADMINISTERING MICROSOFT WINDOWS SERVER 2003 16
TERMINAL SERVICES
TROUBLESHOOTING
•
Terminal Services uses TCP and UDP port
number 3389.
•
Users must belong to the Administrators or
Remote Desktop Users group.
Chapter 2: ADMINISTERING MICROSOFT WINDOWS SERVER 2003 17
SECURING REMOTE DESKTOP
•
Change the default RDP port 3389
•
HKEY_LOCAL_MACHINE\
•
System\
CurrentControlSet\
Control\TerminalServer\WinStations\RDP-Tcp\PortNumber
Chapter 2: ADMINISTERING MICROSOFT WINDOWS SERVER 2003 18
CONFIGURE TERMINAL SERVICES
General
Session Layer Security
Encryption Level
Authentication
Logon Credential Settings
User Name, Password and Domain
Sessions
Time-out and Reconnection
Environment
Programs Execution
Remote Control
Session Shadowing
Client Settings
Override Client Resource Redirection
Network Adapter
Connection Management
Permissions
User Authorization
Chapter 2: ADMINISTERING MICROSOFT WINDOWS SERVER 2003 19
USING REMOTE ASSISTANCE
•
Allows users to request help from experts.
•
Experts can view or interact with a user’s session.
•
Users must issue an invitation to the expert.
Chapter 2: ADMINISTERING MICROSOFT WINDOWS SERVER 2003 20
ENABLING REMOTE ASSISTANCE
•
Using Control Panel
•
Using Group Policy
Chapter 2: ADMINISTERING MICROSOFT WINDOWS SERVER 2003 21
CREATING AN INVITATION
Microsoft Windows Messenger uses port 1863
Chapter 2: ADMINISTERING MICROSOFT WINDOWS SERVER 2003 22
SECURING REMOTE ASSISTANCE
•
Client can break a Remote Assistance session by
pressing Esc.
•
The user must be present to accept a Remote
Assistance session.
•
Passwords for invitations should be
communicated by a different means than the
invitation itself.
•
Invitations should be issued for as short a period
of time as possible.
Chapter 2: ADMINISTERING MICROSOFT WINDOWS SERVER 2003 23
SUMMARY
•
MMC is the primary system administration tool for
Windows Server 2003.
•
MMC can be used to manage remote systems by the
redirection of a snap-in.
•
Remote Desktop for Administration allows for the same
administration of a server from a remote location as if the
administrator were logged on to the local console
interactively.
•
Remote Assistance is a tool that enables users to
request assistance from an expert, who can then connect
to the user’s computer and either view the user’s actions
or take over operation of the system.
