WINDOWS 2000 SERVER

SYSTEM ADMINISTRATION HANDBOOK
FREE Monthly
Technology Updates
One-year Vendor
Product Upgrade
Protection Plan
FREE Membership to
Access.Globalknowledge
Paul Shields, MCSE
Ralph Crump, MCSE, CCNA, Master CNE
Martin Weiss, MCSE, MCP+I, CNA
Technical Edit By:
Sean Wallbridge, MCSE, MCSD, MCT, MCDBA, MCP+I
An insightful and detailed overview
of the tools and tasks that the
Windows 2000 administrator faces.
Great as an introduction and as a
resource for any IT library.”
—Lloyd Fray,
Information Technology Manager
Mutual Risk Management
“
With over 1,000,000 copies of our MCSE, MCSD, CompTIA, and Cisco
study guides in print, we have come to know many of you personally. By
listening, we've learned what you like and dislike about typical computer
books. The most requested item has been for a web-based service that
keeps you current on the topic of the book and related technologies. In
response, we have created

74_FM.qx 11/8/99 2:20 PM Page iii
Syngress Media, Inc., the author(s), and any person or firm involved in the writing, editing, or production (col-
lectively “Makers”) of this book (“the Work”) do not guarantee or warrant the results to be obtained from the
Work.
There is no guarantee of any kind, expressed or implied, regarding the Work or its contents. The Work is sold
AS IS and WITHOUT WARRANTY. You may have other legal rights, which vary from state to state.
In no event will Makers be liable to you for damages, including any loss of profits, lost savings, or other inci-
dental or consequential damages arising out from the Work or its contents. Because some states do not allow
the exclusion or limitation of liability for consequential or incidental damages, the above limitation may not
apply to you.
You should always use reasonable case, including backup and other appropriate precautions, when working
with computers, networks, data, and files.
Syngress Media® and Syngress® are registered trademarks of Syngress Media, Inc. “Career Advancement Through
Skill Enhancement™” is a trademark of Syngress Media, Inc. Brands and product names mentioned in this book
are trademarks or service marks of their respective companies.
KEY SERIAL NUMBER
001 F5H9L432M8
002 K93NCM5982
003 8AMC812KGF
004 28NNA9KJ2N
005 7VBAZZLNMA
006 PJMAL4N87G
007 9H11MDGS9H
008 UBAL848N61
009 Y78P98JL21
PUBLISHED BY
Syngress Media, Inc.
800 Hingham Street
Rockland, MA 02370
Windows 2000 Server System Administration Handbook

International for making certain that our vision remains worldwide in
scope.
Special thanks to the professionals at Osborne with whom we are proud to
publish the best-selling Global Knowledge Certification Press series.
And finally, to Thomas Edward O’Brien, for waiting.
v
Acknowledgments
74_FM.qx 11/8/99 2:20 PM Page v
At Global Knowledge we strive to support the multiplicity of learning styles
required by our students to achieve success as technical professionals. As
the world's largest IT training company, Global Knowledge is uniquely
positioned to offer these books. The expertise gained each year from pro-
viding instructor-led training to hundreds of thousands of students world-
wide has been captured in book form to enhance your learning experience.
We hope that the quality of these books demonstrates our commitment to
your lifelong learning success. Whether you choose to learn through the
written word, computer based training, Web delivery, or instructor-led
training, Global Knowledge is committed to providing you with the very
best in each of these categories. For those of you who know Global
Knowledge, or those of you who have just found us for the first time, our
goal is to be your lifelong competency partner.
Thank your for the opportunity to serve you. We look forward to serving
your needs again in the future.
Warmest regards,
Duncan Anderson
President and Chief Executive Officer, Global Knowledge
vi
From Global Knowledge
74_FM.qx 11/8/99 2:20 PM Page vi
vii

neer for Metamor Worldwide. In his most recent role, he served as remote
access project leader for one of North Carolina's largest state government
agencies, utilizing Windows NT Terminal Server, Metaframe and Cisco
Access Servers. He is president of the Research Triangle Park chapter of
the Cisco Professional Association Worldwide.
Holly Simard (MCSE, MCP+I) is a networking specialist in Victoria, BC.
Along with providing turnkey solutions for her clients, Holly also delivers
online instruction in her spare time. Holly lives with her husband Hervey,
who works as a multimedia developer, their springer spaniel Hubert, and
their cat Daisy.
Paul Shields (Certified MCSE) currently works as a network engineer for a
major telecommunications company. He has been working with, support-
ing, and writing about Windows NT for the last five years. His current proj-
ects revolve around the design and implementation of enterprise-class
servers in a mixed platform environment. He is also working on the roll-
out of Windows 2000 to the corporate desktop. Paul can be contacted at
[email protected].
Erik Sojka is a system administrator and trainer currently working for a
major software company. He is an MCSE and has a BS in Information
Science and Technology from Drexel University.
Eriq Oliver Neale is a technology strategist with Nortel Networks, research-
ing new technology solutions for inclusion in the designer workplace. He
has worked in the computer support industry for eleven years and in that
time has contributed to several computing technology publications. When
not writing, he and his wife try to keep up with seven cats, two dogs, and a
plethora of tropical fish.
Jay Tomlin works as a server-based computing software specialist for Citrix
Systems, Inc. in Fort Lauderdale. His primary duty is training the Citrix
Technical Support organization worldwide. Prior to joining Citrix, Jay stud-
ied Mathematics and Music Theory in college and graduate school. He can

Contents
ix
74_TOC.qx 11/8/99 1:25 PM Page ix
x Contents
Timeline 30
Testing 31
Deployment 31
Setting Up Windows 2000 Server 32
Installing Windows 2000 Server 32
Upgrading to Windows 2000 Server 35
Summary 37
FAQs 40
CHAPTER 2 Overview of Windows 2000 Administration 43
Introduction to Network Administration 44
Designing and Setting Up the Network 45
Managing the Network 46
Protecting the Network 46
Documenting the Network 48
Microsoft Management Console 51
Introduction to Active Directory 56
Key Concepts 56
Directory Service 57
Domains 57
Namespace 60
Global Catalog 61
Organizational Units 62
Groups 62
Name 64
Features and Benefits of Active Directory 65
Simplified Management 66

Creating User Accounts 100
Setting Password Requirements 103
Security Templates 103
Loading Security Snap-ins into the MMC 104
Loading the Security Templates 105
Changing Account (Password) Policies 106
Setting Properties for User Accounts 110
Modifying User Accounts 110
General 111
Address 112
Account 113
Profile 115
Telephones/Notes 116
Organization 118
Dial-in 119
Managing User Accounts 121
Deleting User Accounts 122
Changing User Passwords 122
Enabling an Account 123
Disabling an Account 123
74_TOC.qx 11/8/99 1:25 PM Page xi