Chapter Six-

System Administration
Introducing Windows Server and
Controlling Processes
Objectives

 Describe the editions of Windows Server 2008

 Discuss core technologies
 Explain the primary roles a Windows Server 2008 computer can
fulfill
 Describe the new and enhanced features of Windows Server 2008

02/25/2025
Introduction to Operating Systems
 An operating system (OS) is a set of basic programming instructions to
computer hardware, forming a layer of programming code on which most
other functions of the computer are built.
 The kernel is the programming code that is the core of the operating system.
 Code is a general term that refers to instructions written in a computer
programming language.
 Computer hardware consists of physical devices such as the central
processing unit (CPU), circuit boards, the monitor and keyboard, and disk
drives.
Cont’d
 Two types of operating systems will be covered in this book:
 Desktop operating system – installed on a personal computer (PC)
type of computer that is used by one person at a time, and that may or
may not be connected to a network.
 Examples of installations are desktop computers, laptops, and iMac
computers
 Server operating system – installed on a more powerful computer
that is connected to a network and enables multiple users to access
information such as e-mail, files, and software.
 Examples of hardware with a server OS include traditional
server hardware, rack-mounted server hardware, and blade
servers.
Cont’d

 Traditional server – often used by small or medium businesses

 Usually consists of a monitor, CPU box, keyboard, and mouse
 Rack-mounted server – CPU boxes mounted in racks(rack) that can hold
multiple servers
 All servers often share one monitor and pointing device
 Blade servers – looks like a card that fits into a blade enclosure
 A blade enclosure is a large box with slots for blade servers
 Medium and large organizations use blade servers to help conserve
space and to consolidate server management

02/25/2025
Tasks of Operating Systems

 A basic task of an OS is to take care of input/output (I/O) functions, which

let other programs communicate with the computer hardware
 Some examples of I/O tasks:
 Handle input from the keyboard, mouse, and other input devices
 Handle output to the monitor and printer
 Handle remote communications using a modem
 Manage network communications, such as for a local network and the
Internet
 Control input/output for devices such as network interface card
 Control information storage and retrieval using various types of disk
 Enable multimedia use for voice and video composition or
reproduction, such as recording video from a camera or playing music

02/25/2025
Introduction to Operating Systems

General tasks for all operating systems

02/25/2025
Role of a Server Operating System

 Hardware or Software? Server software is ambiguous; can run on multiple

different platforms (i.e. laptop)
 Windows Server 2008 roles short summary:
 File and Printer sharing
 Web server
 Routing and Remote Access Services (RRAS)
 Domain Name System (DNS)
 Dynamic Host Configuration Protocol (DHCP)
 File Transfer Protocol (FTP) Server
 Active Directory
 Distributed File System (DFS)
 Fax Server

02/25/2025
Windows Server 2008 Editions

 Windows Server 2008 Standard Edition

 Smaller organizations consisting of a few hundred users or less
 Windows Server 2008 Enterprise Edition
 Larger companies with more needs
 Windows Server 2008 Datacenter Edition
 Companies that run high powered servers with considerable resources
 Windows Web Server 2008
 Similar to Standard.
 User base varies from small businesses to corporations with large
departments

02/25/2025
Windows 2008 Standard Edition
 Up to 4 physical processors allowed
 Available in 32-bit or 64-bit versions
 32-bit version supports up to 4 GB of RAM, 64-bit version up to 32 GB
 Lacks more advanced features, such as clustering
 64-bit version can install one virtual instance of Server 2008 Standard
Edition with Hyper-V

02/25/2025
Windows Server 2008 Enterprise Edition

 All the features of Standard Edition

 Up to 8 physical processors
 32-bit version supports 64 GB RAM; 64-bit version supports 2 TB
 Can be clustered; up to 16 cluster nodes permitted
 Hot-add memory
 Four virtual instances per license with Hyper-V

02/25/2025
Windows Server 2008 Datacenter Edition
 All the features of Enterprise Edition
 Up to 32 physical processors in 32-bit version, 64 processors in 64-bit
 Extra fault tolerance features: hot-add and hot-replace memory or CPU
 Can’t be purchased as individual license, only through volume license or
through OEMs original equipment manufacturer(pre-installed)
 Unlimited number of virtual instances

02/25/2025
Windows Web Server 2008

 Designed to run Internet Information Services (IIS) 7.0

 Hardware support similar to Standard Edition
 Lacks many of the features present in other editions
 Typically used when roles such as Active Directory or Terminal Services
are not required

02/25/2025
System Requirements (All editions)

 xx

02/25/2025
Windows Server 2008 Core Technologies

 New Technology File System

 Active Directory
 Microsoft Management Console
 Disk Management
 File and printer sharing
 Windows networking
 Internet Information Services

02/25/2025
NTFS

 New Technology File System

 Successor to FAT/FAT32
 Native support for long filenames, file and folder permissions, support for
large files and volumes, reliability, compression, and encryption
 Most significant is the added ability for more granular file access control

02/25/2025
Active Directory

 Provides a single point of administration of resources (Users, groups,

shared printers, etc.)
 Provides centralized authentication and authorization of users to network
resources
 Along with DNS, provides domain-naming services and management for a
Windows domain.
 Enables administrators to assign system policies, deploy software to client
computers, and assign permissions and rights to users of network resources

02/25/2025
Microsoft Management Console (MMC)

 Creates a centralized management interface for administrators

 Uses snap-ins, which are designed to perform specific administrative tasks
(such as disk management or active directory configuration)
 Multiple snap-ins can be combined into a single MMC, providing quicker
access to commonly used tools

02/25/2025
Disk Management

 Monitors disk and volume status

 Initializes new disks
 Creates and formats new volumes
 Troubleshoots disk problems
 Configures redundant disk configurations (RAID)

02/25/2025
File and Printer Sharing

 Shadow copies
 Disk quotas
 Distributed File System (DFS)
 Also possible to configure options that allow redundancy, version control,
and user storage restrictions.

02/25/2025
Windows Networking Concepts

 The Workgroup Model

 A small group of computers that share common roles, such as sharing
files or printers.
 Also called a peer-to-peer network
 Decentralized logons, security, and resource sharing
 Easy to configure and works well for small groups of users (fewer than
10)
 A Windows Server 2008 server that participates in a workgroup is
referred to as a stand-alone server

02/25/2025
Cont’d

 The Domain Model

 Preferred for a network of more than 10 computers or a network that
requires centralized security and resource management
 Requires at least one computer to be a domain controller
 A domain controller is a Windows server that has Active Directory
installed and is responsible for allowing client computers access to
domain resources
 A member server is a Windows Server that’s in the management scope
of a domain but doesn’t have Active Directory installed

02/25/2025
Windows Networking Components

 Network Interface
 Composed of two parts; the network interface card (NIC) and the device
driver software
 Network Protocol
 Specifies the rules and format of communication between network
devices
 Network Client and Server Software
 Network client sends requests to a server to access network resources
 Network server software receives requests for shared network resources
and makes those resources available to a network client

02/25/2025
Internet Information Services

 Windows Server 2008 provides IIS 7.0

 Modular design
 Unused features aren’t available for attackers to exploit
 Extensibility
 Functionality is easily added via modular design
 Manageability
 Delegated administration; can assign control over some aspects of the
website to developers and content owners
 Appcmd.exe provides the ability to manage IIS via scripts and batch files

02/25/2025
Windows Server 2008 Roles

 Server role is a major function or service that a server performs

 Role services add functions to main roles
 Server features provide functions that enhance or support an installed role
or add a stand-alone function
 A server can be configured for a single role or multiple roles

02/25/2025
Active Directory Certificate Services

 A digital certificate is an electronic document containing information about

the certificate holder and the entity that issued the certificate
 The Active Directory Certificate Services role provides services for
creating, issuing, and managing digital certificates
 AD CS can include other server roles for managing certificates

02/25/2025
Active Directory Domain Services

 Active Directory Domain Services (AD DS) installs Active Directory and
turns Windows Server 2008 into a domain controller
 Read Only Domain Controller (RODC)
 Provides the same authentication and authorization services as a
standard domain controller
 Changes cannot be made on an RODC directly
 Updated periodically by replication from standard domain controllers

02/25/2025
Other Active Directory Related Roles

 Active Directory Federation Services (AD FS)

 Active Directory Lightweight Directory Services (AD LDS)
 Active Directory Rights Management Services (AD RMS)

02/25/2025
Application Server

 Provides high-performance integrated environment for managing,

deploying, and running client/server business applications.
 Applications for this role usually built with one or more of the following
technologies: IIS, ASP.NET, Microsoft .NET Framework, COM+, and
Message Queuing

02/25/2025
DHCP Server

 Dynamic Host Configuration Protocol Server role provides automatic IP

address assignment and configuration for client computers
 Can provide default gateway address, DNS server addresses, WINS server
addresses, and other options
 Windows Server 2008’s DHCP server role provides support for IPv6

02/25/2025
DNS Server

 DNS Server resolves the names of Internet computers and computers that
are members of a Windows Domain to their assigned IP addresses.
 When installing Active Directory, you can specify an existing DNS
server or install DNS on the same server as Active Directory

02/25/2025
Fax Server

 Provides tools to managed shared fax resources and allow users to send
and receive faxes
 After the role is installed, you can
 Manage users who have access to fax resources
 Configure fax devices
 Create rules for routing incoming and outgoing faxes
 Monitor and log use of fax resources

02/25/2025
File Services

 Provide high availability, reliable, shared storage to Windows and other

client OSs
 Installing File Services role installs the File Server service automatically

02/25/2025
Hyper-V

 Provides services to create and manage virtual machines on a Windows

Server 2008 computer
 A virtual machine is a software environment that simulates the computer
hardware an OS requires for installation
 Installing an OS on a virtual machine is done using the same methods used
on a physical machine

02/25/2025
Network Policy and Access Services

 Provides Routing and Remote Access Services (RRAS)

 Other services that can be installed
 Network Policy Server (NPS)
 Health Registration Authority (HRA)
 Host Credential Authorization Protocol (HCAP)

02/25/2025
Print Services

 Enables administrators to manage access to network printers

 Installs Print Server by default
 Internet Printing role service enables Web-based management of network
printers
 Line Printer Daemon (LPD) role service provides compatibility with
Linux/UNIX clients

02/25/2025
Terminal Services

 Enables users and administrators to control a Windows desktop remotely /

run applications hosted on a server remotely
 Terminal server role permits up to two simultaneous remote desktop
sessions
 Additional sessions require TS Licensing role service and license
purchases
 Other roles
 TS Sessions Broker
 TS Gateway
 TS Web Access

02/25/2025
UDDI Services

 Universal Description, Discovery, and Integration (UDDI) Services

enables administrators to manage, catalog, and share web services
 Allows users to search for web services available to them
 Gives developers a catalog of existing applications and development work

02/25/2025
Web Server (IIS)

 Consists of role services Web Server, management tools, and FTP

publishing
 Secondary role services can be installed for additional features

02/25/2025
Windows Deployment Services

 Simplifies the installation of Windows over a network

 Can install and remotely configure Windows Vista and Server 2008
systems
 WDS is an improved version of Remote Installation Services (RIS) found
in Windows Server 2000 and 2003

02/25/2025
New Features in Windows Server 2008

 Server Manager
 Server Core
 Hyper-V virtualization
 Storage management enhancements
 Networking enhancements
 Network Access Protection
 Windows Deployment Services
 New Active Directory roles
 Terminal Services enhancements

02/25/2025
Server Manager

I. Provides a single interface for installing, configuring, and removing a

variety of server roles and features on a server.
II. Summarizes server status and configuration
III. Includes tools to diagnose problems, manage storage, and perform
general configuration tasks
IV. Consolidates tools from Windows Server 2003

02/25/2025
Server Core

 Has a minimum environment and lacks a full GUI

 Can install the following server roles:
 Active Directory Domain Services (AD DS)
 Active Directory Lightweight Directory Services (AD LDS)
 Dynamic Host Configuration Protocol (DHCP) Server
 DNS Server
 File Services
 Print Server
 Streaming Media Services
 Web Server
 Hyper-V

02/25/2025
Cont’d

 Core supports additional features to enhance server roles:

 Microsoft Failover Clustering
 Network Load Balancing
 Subsystem for UNIX-based Applications
 Windows Backup
 Multipath I/O
 Removable Storage Management
 Windows Bitlocker Drive Encryption
 Simple Network Management Protocol (SNMP)
 Windows Internet Naming Service (WINS)
 Telnet client
 Quality of Service (QOS)

02/25/2025
Cont’d

 Server Core lacks the ability to install the following server roles (and their
optional features):
 Application Server
 Active Directory Rights Management Services
 Fax Server
 UDDI Services
 Windows Deployment Services
 Active Directory Certificate Services
 Network Policy and Access Services
 Terminal Services
 Active Directory Federation Services

02/25/2025
Cont’d

 xx

02/25/2025
Hyper-V

 Virtualization isolates critical applications

 Virtualization helps to consolidate multiple physical servers into a singular
server
 Using a virtual machine increases the ease of backing up essential servers
 Updates or changes to an OS can be made on a virtual machine to test
stability before being applied to a production machine
 Reduces the need for physical devices in educational environments

02/25/2025
Cont’d

 Hyper-V Requirements:
 64-bit version of Windows Server 2008 Standard, Enterprise, or
Datacenter Edition
 A server running a 64-bit processor with virtualization support and
hardware data execution protection.
 Enough free memory and disk space to run virtual machines and store
virtual hard drives. Virtual machines use the same amount of memory
and disk space resources as a physical machine.

02/25/2025
Cont’d

 c

02/25/2025
Storage Management Enhancements

 Share and Storage Management MMC Snap-in

 File Server Resource Manager
 Windows Server Backup
 Other improvements include:
 Storage Explorer
 SMB 2.0
 Remote boot support

02/25/2025
Networking Enhancements

 Improved support for IPv6

 DHCPv6
 Load balancing
 Redesigned TCP/IP stack
 Improved performance, error-detection, and recovery
 Virtual Private Networking
 Secure Socket Tunneling Protocol (SSTP)

02/25/2025
Network Access Protection

 Ensures computers are equipped with required security features

 Enables monitoring of anti-virus software and firewall settings
 If a computer does not meet all requirements defined by an administrator, it
can be restricted automatically from accessing certain network resources
 Can force computers to update themselves

02/25/2025
Windows Deployment Services

 Updates Remote Installation Services

 Allows unattended installation of Windows OSs
 WDS can multicast deployment of disk images, reducing network
bandwidth required
 Includes tools to customize the Windows OS for deployment

02/25/2025
New Active Directory Roles

 Active Directory Lightweight Directory Services (AD LDS)

 Provides tighter integration for applications that require large amounts
of data retrieval. Does not require a domain controller or domain
 Active Directory Federation Services (AD FS)
 Provides Single Sign-On for users of an organization to access internal
resources as well as external resources inside of a partner organization
 Active Directory Rights Management Services (AD RMS)
 Helps the author of a document decide how a document can be used or
modified, and deny unauthorized users access

02/25/2025
Terminal Services Enhancements

 RemoteApp
 Rather than accessing a program on a server through remote desktop,
the application appears as if it is actually running locally
 Terminal Services Web Access (TS Web Access)
 Allows users to access applications through a web browser, requiring
no additional software for the client if running Vista
 Can list available RemoteApp programs
 Allows secure, encrypted connections using Secure HTTP (HTTPS)
without the need for a VPN

02/25/2025
Summary

 A server is defined more by the software installed on hardware as opposed

to the hardware in use. In many cases, a client OS can behave as a server.
 Windows Server 2008 is available in four editions: Standard, Enterprise,
Datacenter, and Windows Web Server 2008
 Core technologies in Windows Server 2008 include NTFS, Active
Directory, MMC, disk management, file and printer sharing, networking
components, and IIS
 Windows Server 2008 updates previously available services with
additional functionality, while adding several new services.

02/25/2025
 System Administration
Controlling Processes

02/25/2025
Control process

 Will give you a list of the processes running on your system.

 With no options, ps will list processes that belong to the current user and
have a controlling terminal.

02/25/2025
PID, PPID, UID, GID

 In Linux, an executable stored on disk is called a program, and a program

loaded into memory and running is called a process.
 When a process is started, it is given a unique number called process ID
(PID) that identifies that process to the system.
 If you ever need to kill a process, for example, you can refer to it by its
PID.

02/25/2025
Cont’d

 Each process is assigned a parent process ID (PPID) that tells which

process started it.
 The PPID is the PID of the process’s parent.
 For example, if process1 with a PID of 101 starts a process named
process2, then process2 will be given a unique PID, such as 3240, but it
will be given the PPID of 101.
 It’s a parent-child relationship.
 A single parent process may spawn several child processes, each with a
unique PID but all sharing the same PPID.

02/25/2025
Cont’d
 Unix-like operating systems identify users within the kernel by a value
called a user identifier, often abbreviated to UID or User ID.
 The UID, along with the GID and other access control criteria, is used to
determine which system resources a user can access.
 The password file maps textual usernames to UIDs, but in the kernel, only
UID's are used.

02/25/2025
Cont’d
 The effective UID (euid) of a process is used for most access checks. It is
also used as the owner for files created by that process.
GID:
 A group identifier, often abbreviated to GID, is a numeric value used to
represent a specific group.
 The range of values for a GID varies amongst different systems;
 at the very least, a GID can be between 0 and 32,767, with one restriction:
the login group for the superuser must have GID 0.

02/25/2025
Priority and nice value

 Nice Sets the priority for a process.

 nice -20 is the maximum priority (only administrative users can
assign negative priorities), nice 20 is the minimum priority.
 You must be root to give a process a higher priority, but you can always
lower the priority of your own processes...
 Example:
 nice -20 make Would execute make and it would run at maximum
priority.

02/25/2025
Priority vs. nice

 The difference is that PR is a real priority of a process at the moment inside

of the kernel and NI is just a hint for the kernel what the priority the
process should have.
 In most cases PR value can be computed by the following formula:
 PR = 20 + NI.
 Thus the process with niceness 3 has the priority 23 (20 + 3) and the
process with niceness -7 has the priority 13 (20 - 7).

02/25/2025
Cont’d
 You can check the first by running command nice -n 3 top.
 It will show that top process has NI 3 and PR 23.
 But for running nice -n -7 top in most Linux systems you need to have root
privileges because actually the lower PR value is the higher actual priority
is.

02/25/2025
Signals, process states, etc.

 A signal is a software interrupt,

 a way to communicate information to a process about the state of other
processes, the operating system, and hardware.
 A signal is an interrupt in the sense that it can change the flow of the
program
 when a signal is delivered to a process, the process will stop what its
doing, either handle or ignore the signal, or in some cases terminate,
depending on the signal.

02/25/2025
Cont’d
 Signals may also be delivered in an unpredictable way, out of sequence
with the program due to the fact that signals may originate outside of the
currently executing process.
 Another way to view signals is that it is a mechanism for
handling asynchronous events.
 As opposed to synchronous events, which is when a standard program
executes iterative, that is, one line of code following another.

02/25/2025
Cont’d

 Asynchronous events occur when portions of the program execute out of

order.
 Asynchronous events typically occur due to external events originating at
the hardware or operating system; the signal, itself, is the way for the
operating system to communicate these events to the processes so that the
process can take appropriate action.
 How we use signals
 Signals are used for a wide variety of purposes in Unix programming, and
we've already used them in smaller contexts.
 For example, when we are working in the shell and wish to "kill all cat
programs" we type the command:

02/25/2025
Cont’d

 #> killall cat The killall command will send a signal to all processes
named cat that says "terminate."
 The actually signal being sent is SIGTERM,
 whose purposes is to communicate a termination request to a given
process,
 but the process does not actually have to terminate … more on that later.

02/25/2025
1. Periodic process

1. What is cron?
 Cron is a standard Unix utility that is used to schedule commands for
automatic execution at specific intervals.
 For instance, you might have a script that produces web statistics that you
want to run once a day automatically at 5:00 AM.
 Commands involving cron are referred to as "cron jobs.
 Cron in the Account Control Center
 The ACC has a built-in interface for cron. We recommend that all
customers use the ACC cron interface, although advanced users may use
cron manually.

02/25/2025
 SystemThank
Administration
You…..!!!

02/25/2025