Windows Xp Professional - a Complete Summary (contd.)
Sharing Resources:
Windows XP as a network operating system it needs to share its resources on the network. Sharing in Windows XP enables us to share folders and printers. By default out of the box Windows XP totally disables inbound connections. The first time you share a file or folder you will be asked to run the network setup wizard or if you know what you are doing then you can just turn on sharing. The first thing you need is do is to turn off simple file sharing in the folder options. One big trick which Microsoft does not tell you is that when you turn on network sharing all inbound connections are made as guests. So turning on network sharing turns the guest account on its own. Another issue is that all users with blank passwords cannot connect to your system. So if you as an administrator turn off the guest account then the users connecting to your machine must have an account setup on your local machine and also a password. Enabling sharing can be right clicking the file you want to share and go to properties and choose either network setup wizard or just enable file sharing. Microsoft actually changes your local security policies which can be accessed through security options in your local security policy. The first thing is that guest account in turned on. The next change is in network access where the default is guest account. You can change this to classic, as a result of which local users will authenticate as them. Share permissions can be bypassed by local access when the user has physical access of your terminal so they should be used in conjunction with local permissions. A better way is to use one only and not confuse it with the other, in most cases leave your share permissions open and concentrate on NTFS permissions. In a Windows XP setting you need to make sure you manage your shared resources. You can access this management console by right clicking on My Computer and choosing manage. You can then look into the shared folder listing and take a look at all shares even your hidden shares. This also shows you the all the files currently open or being used. You can also access this console by logging on as another user and then choosing administrative options from the control panel and then right clicking on computer management and selecting run as. You then select to log on as administrator only when using this tool. You can even choose to log on and connect to another computer remotely by right clicking computer management (local) listing and then choose connect to another computer. Finally select the machine or enter the name of the machine you want to connect to and then you can manage shared resources on that terminal remotely. You can even take a look at how many computers you are currently connected to remotely by looking into the session's folder inside the management console.
Offline Files and Folders:
Microsoft has tried to solve the end user the trouble of not being able to access files incase he/she cannot connect to their files by introducing CSC or client side caching also know as offline files and folders. This gives us the ability to have the files and folders available to us without having to connect to the office. When you make changes to file and connect back online all changes will be synchronized with that shared file. However, it does not take care of conflicts, i.e. in a case when you have changed the file offline and it was also changed by another user when you connect back up the synchronization engine gives you an option to choose between which file you would like to upload. Configuring offline folder is very easy since all you have to do is to right click and choose them to make the file or folder available offline. Windows XP maintains a virtual path to that offline folder. You can disable offline availability by simply heading towards the sharing tab for that folder and file and clicking on caching and there you can turn off caching. You can even select automatic caching which makes that file available to other users. You can manually synchronize when you reconnect and even access your synchronization settings by accessing the synchronization option from the tools menu and choosing which files you would like to synchronize. You can even schedule synchronization. You can even look into more options inside the offline files tab inside the folder options window through the tools menu dropdown.
Configuring and Managing Printers:
Printing has become pretty powerful in Windows XP. Local printing is by far the easiest of all since it now operates on plug and play. As long as the drivers are signed you as user do not have to do much do except just use it. However, in a case of a non-signed drivers or an old printer you need to log on as an administrative user to manually install it. Once the printer is setup sharing is extremely easy and you can also set up permissions on that printer so that everyone cannot use it. Sharing a printer is extremely easy all you have to do is go up to the printer and right click and set up sharing. You can even add drivers to other operating systems where a user who has an older operating system can install drivers from your machine to make that printer available to him/her. You do have to make these drivers available on a network share for the other user to download. You can even publish your printer in the active directory to enable users for searches for quick printing. Normal users installing printers need administrative rights to install printers which are not detected through plug and play. You can set security settings for these printers by just right clicking on the icon and set up the print security settings through the security tab. You can even setup internet printing by using IIS and printer drivers for that printer and then print out to a URL or a web page which is assigned to a printer. You can start a print job by going to a web page as long as you have authenticated user rights to view that web page. You can install this service by installing IIS through add and remove windows components. If you talk to most network administrators you will find that most of their time is spent organizing and managing printers. Managing your printers inside windows XP is mainly done by print que itself. Only administrative users have the ability to pause and delete and change priority of print jobs. You can delete a print that is stuck and you might have to start up the spooler service on that machine to clear up all the junk. Print que can easily be accessed by just double clicking on the printer. In this window you can right click on the print job and either restart, pause or cancel it. You can go to printer properties through this window and then change the printer name and give a higher priority to it for executives or managers who need their print jobs to print faster and then set up another virtual printer connected to same device and give that printer another name and lower priority and for other people. The trick is to go the higher priority printer and remove the everyone from the security tab and add only the executive and manager groups. You can even create one printer icon to set up on multiple physical devices on different ports; this creates a print pool for high volume print environments. In this scenario the print look for the next available open printer to print to, incase the one before is busy.
Remote Connectivity:
Microsoft's new operating system has enabled us to a whole new variety of remote connections and telecommuting. As internet connections become faster and faster telecommuting is becoming a much stronger and feasible option for many executives constantly on travel or working from home. With Windows XP you can maintain multiple connections for your home office and other environments. Dial up networking is extremely easy to configure on Windows XP. All you have to do is go to control panel and head to network setup and internet and then choose to create a new network connection on your machine. Virtual private networks in networking use the same strategy in network. The concepts are almost the same except that instead of dialing a phone number you are dialing an IP address. VPN's use a little different technology that usual. You use PPTP (Point to point tunneling protocol) or L2TP (Layer two tunneling protocol). L2TP uses certification authority where both ends should have matching certificates. By default data encryption is turned on when using a virtual private network. Check the properties of a new VPN connection to change its settings and add or remove more options and protocols. You can even add smart card authentication for a VPN connection as authentication.
Internet Connection and Utilities:
As more and more homes today have more than computer we find the needs to have one single internet connections for each one of them, since we are trying to avoid the clutter at home or office. Internet connection sharing gives us the ability to have one internet connection and share it over the network. Internet connection sharing provides NAT (network address translation), DHCP and DNS for the client computers connecting to main gateway computer. You can access this from the advanced tab of tour internet connection. A new feature in Microsoft's Windows XP is ICS (Internet discovery and control). This new feature allows the client to initiate a connection even when the main admin is not connected or dialed in to the connection. The user then can see all the stats on his computer through yours like the time and speed of the connection. You can turn on port forwarding for running web servers. You as an admin can make sure that users cannot share their own internet connection using ICS for other users. You can use group policies to make sure that ICS cannot be turned on for members of your group or domain. ICS uses a new feature known as UPnP (Universal Plug and Play).This is has no relation to hardware plug and play. ICS goes out and looks for internet connections available for sharing on the network. However, UPnP is not installed by default and has to be installed separately through the add remove windows components inside networking services. This scans available internet connections in the network automatically. In order to set up ICS you need to go to the connection which connects you to the internet and head towards the properties of that connection and go to the advanced tab to turn on ICS. Internet connection firewall is slimmed down version of firewall. Only requests made inside the network are entertained by the gateway computer and all other requests made from outside are dropped if the matching sending request from inside cannot be found. It is highly recommended that you use internet connection firewall on your network. However, it is not at strong as other third-part firewalls which stop applications from connecting to the internet. Make sure you turn on this firewall link on the connection connecting outside to the internet and not inside since you might block all users connecting through that computer. You can take a look at advanced settings for port forwarding and other services like FTP.
Web Services:
Windows XP professional has IIS 5.1 included in it. You can install IIS through add remove components. The IIS included in Windows XP pro is almost as powerful as the professional series version of IIS. You can take a look at IIS by running Internet explorer and then typing localhost which will pop by default the documentation of IIS as well. Internet explorer lets you setup security zones for various websites which you can add security zones like trusted websites. In this case the security and permissions will be set to a minimum for these sites. You can choose security settings to prompt for ActiveX controls for a more control over the internet applications. You can manage IIS through the computer management console in administrative tools inside the control panel.
Remote Desktop:
One of the big technologies Microsoft is trying to push is telecommuting. However, the biggest drawback to this is internet bandwidth. Microsoft's answer to this is remote desktop. This uses Microsoft terminal services but you can only connect one user at one time on one machine. If a user is logged on locally it will log him off if another user is trying to connect to that machine. IIS 5.1 enables the user to connect to another computer using a browser and without any client. The administrator can create a group for users to connect to their desktop remotely. He can also remove this ability from group using his security policies. One setback can be blank passwords for remote logons, blank passwords are only entertained for physical console logon's and may create problems when connecting remotely. You can remove this restrain through the local security policy setting but it may cause to be security loop hole. Setting up remote desktops is as easy as going to the remote tab of properties through My Computers and checking it on. You can then add users or groups you would like to give the ability to connect using remote desktop. You can then access your computer remotely by going to communications tab under accessories and then choosing remote desktop connection. You can then connect to your computer and even play around optimizing your settings to suit you best. You can also do this through the web using internet explorer. You can use the IP address or your computer name if DNS is setup. You want to make sure that you have the required ports opened up and the ability to setup VPN connections. You can even transfer files from one computer to another. Remote assistance request has been added to standard help menu in Windows XP which enables a user to connect to another user running Windows XP.
System Performance:
Windows XP lets the user tweak performance to his/her own standards. Applications performance in Windows XP can be controlled through the system control panel. You can also tune processor and memory operations to your liking. You can access these through system properties under My Computer and right click to properties or just hitting Windows key + pause. You can then go to advanced tab to go a long list and tabs of performance enhancements and settings. You can create shortcuts to applications for compatibility among different operating systems. If an application was written for earlier version you windows you can create a shortcut to that application and put in the name for the application. You can then right click to go to properties and then choose the compatibility tab to choose to run this program under other Windows operating system. Finally you need to monitor this entire performance enhancement and a way to log settings where you can compare this some standards. Some of the usual standards are like processor time should stay below 85% consistently. Periodic or un-periodic spikes are acceptable during loading of heavy software. Also interrupts should remain steady; if this number keeps going skyward this indicates a bad piece of hardware. Other things you might want to look at are hard drives through disk performance monitors. It can also show how your network is performing. If you are on a switch then this is pretty much useless though.
Windows Backup:
Backup is something no administrator can avoid to go without. Windows backup utility is standard backup program so incase of disaster you can restore all your information. Windows XP has introduced a volume shadow copy in where all applications and documents open at that time will stored as is using a snapshot of the system. The first thing you need to do is backup the local system state along with volume shadow copy and the drives you want to create the backup for. Only administrators and backup operators group can backup the system completely. Backup operators along with the administrators are the only one who can backup all the files on the system even the files they do not own. However, normal user can backup only his/her files. You can access the Windows XP back program through accessories and then system tools. This enables a lot of option including scheduling backups. Windows backup needs to logon using a user account to run a scheduled backup program so you want to make sure that this program runs with user account with full administrative access or a member of the backup operators group. If you haven't prepared tapes since Windows XP backup utility does requires prepared tapes you can go into the settings of the backup command inside that schedule backup and add a /um command at the end for unmanaged media.
Disaster Recovery:
If all else fails and your system in a state you cannot do a normal start up there are tools provided by Microsoft's Windows XP to recover as much as possible. Windows XP offers you several boot options like the safe mode to get you inside the base clean operating system with most functions in operation. You also have safe mode with networking or command prompt. You can then try to identify the problem or some installation that caused you to stop booting. You can then use last known good option to go back to previous operable state. You can also turn on the boot log which writes all the information into the log file saved as Ntbtlog.txt. Microsoft also has provided us with GUI based utility known as MSCONFIG enabled from the run menu. You can run through the options in this GUI based window. There is also the recovery console which you can access from the Windows CD, but if you want recovery console has bootup option you can just drop in the Windows XP CD and run this command through the prompt. "cd:i386winnt32 /cmdcons". This will install it on the hard drive and you can access it the next time you boot. When you bootup you do need to logon as a local administrator for you access the files inside and finally you reach a completely DOS based console. Some of the commands you can run are fixboot and fixmbr for trying to fix the boot sector. The recovery console has restricted disk access, since it can be a wide open security loop hole. You can access disk media such as floppies but you can only copy from the floppy not into a floppy.