Chapter 6 - PowerPoint PPT Presentation

Chapter 6 l.jpg
Download
1 / 51

Chapter 6. Managing Printers, Publishing, Auditing, and Desk Resources. Objectives. Create and modify shared printer resources Set up and manage published resources in Active Directory Audit access to shared resources Manage data storage. Creating and Modifying Shared Printer Resources.

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.

Download Presentation

Chapter 6

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Chapter 6 l.jpg

Chapter 6

Managing Printers, Publishing, Auditing, and Desk Resources


Objectives l.jpg

Objectives

  • Create and modify shared printer resources

  • Set up and manage published resources in Active Directory

  • Audit access to shared resources

  • Manage data storage


Creating and modifying shared printer resources l.jpg

Creating and Modifying Shared Printer Resources

  • Print device

    • Actual hardware device that produces a printed document

    • Main types of print devices

      • Local

        • Connected directly to a port on the print server or workstation

      • Network

        • Connects to a print server through its own network adapter and connection to the network


Creating and modifying shared printer resources4 l.jpg

Creating and Modifying Shared Printer Resources

  • Printer

    • Configuration object in Windows Server 2003 that controls connection to the print device

  • Print driver

    • Files containing information that Windows Server 2003 uses to convert raw print commands to a language that the printer understands

  • Print server

    • Computer in which the printers and print drivers are located


Creating and modifying shared printer resources5 l.jpg

Creating and Modifying Shared Printer Resources

  • Hardware requirements for setting up an efficient printing environment

    • One or more computers to act as print servers

    • Sufficient space on the hard drive for the print server

    • Sufficient RAM beyond that of the minimum Windows Server 2003 requirements


Adding a printer as a local print device l.jpg

Adding a Printer as a Local Print Device

  • To add and share a local print device

    • Must have administrator privileges on the computer that will act as the print server

  • Add Printer Wizard

    • Used to install and configure printers on systems running Windows Server 2003

    • Accessed from the Printers and Faxes program on the Start menu


Adding a local printer l.jpg

Adding a local printer


Adding a printer as a network print device l.jpg

Adding a Printer as a Network Print Device

  • Add Printer Wizard

    • Can be used to add network print devices to a network

    • To add a network print device

      • A new TCP/IP port must be created to facilitate communication directly over the network


Configuring a network printer l.jpg

Configuring a network printer


Configuring an existing printer l.jpg

Configuring an Existing Printer

  • Some configuration options that may need to be modified after installing a printer

    • Sharing

    • Permissions

    • Other advanced settings

  • To modify configurational options

    • Right-click the printer icon, and

    • Click Properties


Modifying printer properties l.jpg

Modifying printer properties


Configuring an existing printer continued l.jpg

Configuring an Existing Printer (Continued)

  • Some of the most important configuration options are found under

    • Sharing tab

      • Allows you to

        • Enable or disable printer sharing and Active Directory publishing

        • Install additional drivers for other operating systems

    • Security tab

      • Allows you to

        • Control printer permissions


Printer permissions l.jpg

Printer permissions


Printer pools and priorities l.jpg

Printer Pools and Priorities

  • Printer pool

    • Consists of a single printer that is connected to a number of print devices

    • Advantages

      • Provides better document distribution in high-volume environments

      • Reduces the time that users must wait for documents to print

    • Configured using the Ports tab of a printer’s properties window


Printer pools and priorities continued l.jpg

Printer Pools and Priorities (Continued)

  • Print priorities

    • Useful in cases where different groups of users need to have different levels of priority to a limited number of print devices

    • To configure printer priorities

      • Install two printers on the print server and connect them both to the same print device

      • Configure the priority of each printer by using the Advanced tab

        • Higher priority printers print first

      • Only allow specific users to print to a specific printer


Setting up and updating client computers l.jpg

Setting Up and Updating Client Computers

  • Clients which automatically download the print driver when they initially connect to the printer

    • Windows 2000

    • Windows Server 2003

    • Windows XP


Setting up and updating client computers continued l.jpg

Setting Up and Updating Client Computers (Continued)

  • Clients which automatically download the print driver, but only if there is a copy of the appropriate driver on the print server

    • Windows 95

    • Windows 98

    • Windows ME

    • Windows NT 4.0


Setting up and updating client computers continued18 l.jpg

Setting Up and Updating Client Computers (Continued)

  • To install additional print drivers

    • Use the Additional Drivers dialog box from the Sharing tab

  • The necessary print driver must be manually installed on

    • Windows 3.x clients

    • Non-Microsoft clients, such as

      • Macintosh clients

      • UNIX clients


Troubleshooting printers l.jpg

Troubleshooting Printers

  • The two most common printing problems:

    • Print jobs become stuck in the print queue

      • Documents may appear in the print queue, but they do not print, and they cannot be deleted

    • Failure of a print device

      • A print device may fail because of

        • A paper jam

        • Hardware failure

        • A stuck print job


Publishing resources in active directory l.jpg

Publishing Resources in Active Directory

  • When a shared resource is published into Active Directory

    • Active Directory contains an object that represents a link or direct information on how to use or connect to the shared resource

  • Benefit of publishing a shared resource

    • Network users can query Active Directory to find the resource


Publishing shared folders into active directory l.jpg

Publishing Shared Folders into Active Directory

  • Published folder

    • An Active Directory object that points to an associated folder share on a file server

  • Clients can search the directory for a published folder by

    • The folder’s share name

    • Using preconfigured keywords

  • Active Directory Users and Computers tool

    • Can be used to publish shared folders


Publishing printers into active directory l.jpg

Publishing Printers into Active Directory

  • Publishing shared printers can help users find network printer resources

  • A Windows Server 2003- or Windows 2000-compatible printer installed on a domain print server

    • Automatically published into Active Directory during installation

  • Printer shares created on pre-Windows 2000 print servers

    • Not published into Active Directory by default

    • Can be added manually to the directory


Managing published printers l.jpg

Managing Published Printers

  • When a print server is removed from the network, its Active Directory object is automatically removed from the database

    • Benefit

      • Prevents users from trying to connect to print servers that are not actually running

  • Publishing settings of a printer

    • Determine whether the printer is published into Active Directory

    • Controlled via a check box on the Sharing tab of a printer’s properties window


Searching for objects in active directory l.jpg

Searching for Objects in Active Directory

  • Tools used by users to find published objects

    • Search tool from the Start menu

    • Find tool from the Start menu

  • Tools used by administrators to find published objects

    • Active Directory Users and Computers Find command

    • Active Directory Users and Computers Saved Queries feature


Auditing access to shared resources l.jpg

Auditing Access to Shared Resources

  • Monitoring network events

    • An important part of any network security strategy

      • Helps detect potential threats

      • Increases user accountability

      • Provides evidence of security breaches if or when they occur

    • Can be used for resource planning


Auditing access to shared resources continued l.jpg

Auditing Access to Shared Resources (Continued)

  • Auditing

    • Used to monitor and track activities on a network

  • When an audited event occurs, a record of it is written to the security log

  • Event Viewer

    • Used to view the audit entries stored in the security log


Auditing access to shared resources continued27 l.jpg

Auditing Access to Shared Resources (Continued)

  • Audit policy

    • Defines the events that Windows Server 2003 records in the security log as they occur

  • When implementing an audit policy, you need to determine

    • The events you want to track

    • Whether you want to track the successes and/or failures


Events that can be monitored l.jpg

Events that can be monitored


Configuring auditing requirements l.jpg

Configuring Auditing: Requirements

  • Requirements for configuring an audit policy

    • You must be

      • A member of the Administrators group, or

      • Assigned the Manage auditing and security log user right

    • Files or folders being audited must reside on an NTFS volume


Setting up an audit policy l.jpg

Setting Up an Audit Policy

  • To set up an audit policy, you must

    • Choose the events you wish to monitor

    • Decide whether to monitor the successes and/or failures of these events

  • To audit access to files, folders, printers, and Active Directory objects

    • The auditing settings must be configured on the specific resources


Configuring an audit policy l.jpg

Configuring an audit policy


Auditing object access l.jpg

Auditing Object Access

  • To configure auditing settings for specific files or folders

    • Access the Advanced Security Settings on the particular resource

  • Auditing can also be configured for objects that are stored within Active Directory, such as

    • Computers

    • Users

    • Groups

    • OUs


Best practices l.jpg

Best Practices

  • General guidelines for planning an audit policy

    • Only enable auditing for those events that can provide you with useful information

    • Review the audit entries in the security log on a regular basis

    • Enable auditing for sensitive and confidential information

    • Audit the Everyone group instead of the Users group

    • Audit the use of user rights assignment

    • Always audit the Administrators group


Analyzing security logs l.jpg

Analyzing Security Logs

  • An entry is written to the security log each time an event defined within the audit policy occurs

  • Event Viewer

    • Can be used to examine the contents of the security log

    • Successful events

      • Represented by a key icon

    • Unsuccessful events

      • Represented by a lock icon

    • Available tools

      • Find option

      • Filter option


The event viewer security log l.jpg

The Event Viewer Security log


Configuring the event viewer l.jpg

Configuring the Event Viewer

  • If the security log become full, events may be overwritten depending on configured settings

  • Options for avoiding this problem

    • Audit only those events that are essential

    • Change the default settings or properties of the security log

    • Review and archive the security log files on a regular basis

  • Security Properties dialog box

    • Used to configure the properties of the security log


Configuring log properties l.jpg

Configuring log properties


Security log configuration options l.jpg

Security log configuration options


Managing data storage l.jpg

Managing Data Storage

  • Features provided in Windows Server 2003 for managing data storage

    • Dynamic disk

      • Overcomes many of the limitations and restrictions imposed by the traditional basic disk

    • Disk quotas

      • Provide administrators with a way to track and limit the amount of disk space available to users


Basic versus dynamic disks basic disks l.jpg

Basic versus Dynamic Disks: Basic Disks

  • Basic disk

    • The traditional storage type

    • Divides physical disk space into primary partitions, extended partitions, and logical drives

    • All disks are automatically initialized as basic when Windows Server 2003 is installed


Dynamic disks l.jpg

Dynamic Disks

  • Divides physical disk space into volumes

  • Some reasons for implementing dynamic disks

    • Volumes can be extended

    • RAID volumes can be configured

    • Missing or offline disks can be reactivated

    • Changes to disks can be made without having to restart the computer

    • Mirrored and RAID-5 volumes can be applied

  • The Disk Management snap-in can be used to

    • Centrally configure and manage volumes

    • Convert a basic disk to a dynamic disk


Graphical view within disk management l.jpg

Graphical view within Disk Management


Configuring volumes l.jpg

Configuring Volumes

  • Upgrading from a basic disk to a dynamic disk

    • Administrative privileges are needed

    • Disk must contain at least 1 MB of free space

    • Possible data loss

      • When upgrading from basic to dynamic

        • No data is lost

      • When reverting back to a basic disk

        • All volumes must be deleted, then

        • Data can be restored from backup


Configuring volumes continued l.jpg

Configuring Volumes (Continued)

  • Once upgraded, the disk can only be locally accessed by operating systems that support dynamic disks

  • Converting to a dynamic disk does not affect network access to shared resources on the disk

  • Once upgraded, primary and extended partitions become simple volumes


Configuring volumes continued45 l.jpg

Configuring Volumes (Continued)

  • Windows Server 2003 volumes:

    • Simple volume

    • Spanned volume

    • Striped volume

    • RAID 5 volume

    • Mirrored volume


Disk quotas l.jpg

Disk Quotas

  • Using disk quotas:

    • Prevents users from consuming all available disk space

    • Encourages users to delete old files as they reach their disk quota

    • Allows an administrator to track disk usage for future planning

    • Allows administrators to track when users are reaching their available limits

  • To configure disk quotas

    • Access the properties of a volume, and

    • Click the Quota tab


Disk quota configuration parameters l.jpg

Disk quota configuration parameters


Managing file and folder compression l.jpg

Managing File and Folder Compression

  • Data compression

    • Can reduce the amount of disk space that folders and files take up

    • Can only be used on volumes that are formatted with NTFS

  • To configure compression

    • Enable or disable the compression attribute of a file or folder within Windows Explorer

  • If a file is copied to another folder within the same NTFS volume

    • The file automatically inherits the compression attribute of the destination folder


Managing file and folder compression continued l.jpg

Managing File and Folder Compression (Continued)

  • If a file or folder is moved within the same NTFS volume

    • The file retains its compression attribute

  • If a file or folder is copied between NTFS volumes

    • The file or folder inherits the compression attribute of the destination folder

  • If a file or folder is moved between NTFS volumes

    • The file or folder inherits the compression attribute of the destination folder


Summary l.jpg

Summary

  • Two kinds of printer devices can be shared:

    • A local print device

    • A network print device

  • Both printer and folder shares can be published into Active Directory to make it easy for clients to find the shared resources

  • Auditing can be used in Windows Server 2003 to monitor and track activities on a network

    • When an event occurs, a record of it is written to the security log


Summary continued l.jpg

Summary (Continued)

  • Windows Server 2003 supports both basic and dynamic disks

  • Basic and dynamic disks

    • You can convert basic disks to dynamic disks without losing any data

    • To revert back to a basic disk, you must delete all volumes and restore data from backup

  • Windows Server 2003 uses disk quotas as a way of managing data storage

  • Compression can be used to save disk space on server volumes and partitions


  • Login