Professional Documents
Culture Documents
BI TP THC HNH
QUN TR MNG WINDOWS SERVER 2008
BI 1: LOCAL USER ACCOUNT & GROUP ACCOUNT
Gii thiu: Thng thng mt my tnh khng phi lc no cng ch c mt ngi no
s dng duy nht m trn thc t ngay c my trong gia nh chng ta i khi vn
c t nht t 2-3 ngi s dng. Tuy nhin nu tt c mi ngi u s dng chung
mt ti khon th nhng d liu ring t ca ngi ny ngi kia hon ton c th xem
c.
Nhng nu my tnh l my chung ca cng ty v vn t ra l ta khng
mun ti liu ca ngi dng ny ngi dng kia c th xem ty tin c. Vy cch
tt nht l cp cho mi nhn vin mt my nht nh v yu cu h t password ln
my ca mnh, nhng nh th th rt tn km v khng c a chung. Chnh v th
ngi qun tr mng s s dng cng c Local Users and Groups to cc ti khon
ngi dng trn cng mt my, khi d liu ca ngi ny ngi kia khng th truy
cp c.
Local User - to c User local bn phi c quyn ngang hng vi
Administrator ca h thng.
B3: in cc thng s:
Trang 1
Lu hnh ni b
-
Trang 2
Lu hnh ni b
B4: Hp thoi New group chn add g SV1 chn Check name chn ok
Gii thiu: Trong cng tc qun tr mng vic ng dng Group Policy vo cng vic
l iu khng th thiu i vi bt c nh qu tr mng no. Vi Group Policy ta c
th ty bin Windows theo ch m vi ngi s dng thng thng khng th lm
c
Chun b:
- M hnh bi lab gm 1 my
- To console Group policy Object
- To 3 user: U1, U2, U3 Vi password abc@123
- Add user U1 vo Group administrators
Thc hin:
1. M Group policy Object Editor
B1: M Group policy Object Editor
Start chn Run g lnh MMC
B2: Mn hnh console 1 chn menu file chn add/remove Snap-in
B3: Mn hnh add or Remove Snap-ins chn Group policy Object Editor chn
add
Trang 3
Lu hnh ni b
B4: Chn Finish
B5: Mn hnh add or Remove Snap-ins chn Group policy Object Editor chn
add
Trang 4
Lu hnh ni b
B7: Qua tab users chn U2 chn Finish
B2: M console1 trn desktop chn Local computer policy chn computer
configuration Chn Administrative Templates chn system ct bn phi Double
click vo Display shutdown Enven tracker chn Disable
Thc hnh Windows Server 2008
Trang 5
Lu hnh ni b
B3; ct bn tri m theo ng dn Local computer policy chn computer
configuration Chn Administrative Templates chn windows components chn
AutoPlay policies
Trang 6
Lu hnh ni b
- G lnh GPUPDATE/FORCE
B2: Kim tra Log of Administrator log on ln lt bng U1, U2 vo start chn setting
khng thy control Panel
Chnh policy n dektop ch p dng trn nhng user Khng thuc Group
Administrators
G lnh GPUPDATE/FORCE
Trang 7
Lu hnh ni b
Kim tra:
- log on vo my bng account U2 mi chng trnh trn desktop u b n
G lnh Gpupdate/Force
B2: Kim tra:
- Log on vo bng quyn U1 Nhn Ctrl+Alt+Insert quan st thy khng c
chc nng chang password
- Log on vo bng quyn U2 Nhn Ctrl+Alt+Insert quan st thy c chc
nng chang password
Trang 8
Lu hnh ni b
- G lnh Gpupdate/Force
Kim tra:
- Log on U1,U3 Khng th truy cp control penel
- Log on U2 truy cp control penel thnh cng
BI 3:
1. Password policy
B1: Log on bng administrator
To 1 user U4 v password l : 123
Bo li khng th to c do khng tha yu cu v phc tp ca password
B2: Vo start chn program chn Administrative Templates chn Local Security
policy
B3: M Account polices chn password policy
Quan st ct bn phi
Trang 9
Lu hnh ni b
B4:
Enforce password history: S password h thng lu tr (khuyn dng: 24)
Maximun password age: Thi gian hiu lc ti a ca 1 password (khuyn dng : 42)
Minimun password age: Thi gian hiu lc ti thiu ca 1 password (khuyn dng : 1)
Minimun password length: di ti thiu ca 1 password (khuyn dng 7)
Password must meet complexity requirements: Yu cu password phc tp (khuyn
dng: enable)
Chnh password policy:
- Password must meet complexity requirements chn disable
- Cc password policy cn li chnh gi tr v 0 chn OK
- G lnh Gpupdate/Force
Kim tra: to user U4 vi password 123 thnh cng
Trang 10
Lu hnh ni b
Kim tra:
- ng nhp th sai password 4 ln khng th ng nhp c tip
- Chi sau 30 pht c th ng nhp li
Trang 11
Lu hnh ni b
-
BI 4: SHARE PERMISSION
Vic chia s cc ti nguyn trn mng l iu khng th thiu trong bt k h
thng mng no, tuy nhin vic chia s ny cn ty thuc vo nhu cu ngi s dng
& ca nh qun tr mng, v d trong cng ty chng ta c nhiu phng ban v cc
phng ban trong cng ty c nhu cu chia s ti nguyn cho nhau tuy nhin nh qun tr
mng mun khng phi phng ban no cng c th truy cp v t cc d liu ca
phng ban khc.
Chng hn cc nhn vin trong phng kinh doanh th c th truy cp d liu ca
phng mnh v phng k thut thoi mi, nhng vi cc nhn vin trong phng k
thut ch c php truy cp ti nguyn trong phng mnh m thi v khng c php
truy cp cc ti liu t phng kinh doanh. Tnh nng Sharing and Sercurity.. s gip
ta gii quyt cc yu cu trn.
Chun b:
- M hnh bi Lab gm 2 my
+ PC01 Windows Server 2008
+ PC02 Windows Server 2008
- PC01 To 2 account U1 v U2 vi password l :123
- To Folder THUCHANH trong a C, trong th mc THUCHANH to 2
Folder l DULIEU v BIMAT
- Trong cc th mc to file thuchanh.txt ni dung ty
- M windows explore chn Tool chn folder options chn View b du
chn trc dng User Sharing Wizard
- Trn 2 my tt Firewall, UAC v chng trnh Virus. Kim tra ng
truyn bng lnh Ping
Thc hin:
1. Share mt Folder
B1: Vo th mc gc a C chn Foder DULIEU Click chut phi ln folder
DULIEU chn Share
Trang 12
Lu hnh ni b
Pha trn chn Everyone pha di check vo Allow full control chn OK
2. Share n mt folder
Thc hin trn PC01:
B1: Click chut phi ln folder BIMAT chn Share
Thc hnh Windows Server 2008
Trang 13
Lu hnh ni b
Pha trn chn Everyone pha di check vo Allow full control chn OK
Trang 14
Lu hnh ni b
B3: Ti my PC02 chn menu Start chn Run nhp vo \\PC01 truy cp vo
khng thy folder BIMAT
- Tt ca s explorer truy cp li PC01 Start chn Run nhp vo \\PC01\BIMAT$
G user name: U1 v Password 123 Truy cp vo Folder BIMAT thnh cng
Trang 15
Lu hnh ni b
B3: Kim tra trong hp thoi Advanced Sharing, phn Share name c 2 tn
DULIEU V DULIEU_KETOAN
Trang 16
Lu hnh ni b
5. Qun l cc Share Resources
Click chut phi ln biu tng Conputer ngoi Desktop Chn Manage chn vo
Role chn vo file services chn vo share and storage management Quan st bn
tay phi cc d liu hin ang c chia s trn my tnh
BI 5: NTFS PERMISSION
Nh chng ta bit khi chia s ti nguyn qua mng (Share) User s chu tc
ng ca Permission c quyn hay b gii hn quyn do Administrator phn quyn.
Nhng n ch c tc dng nu User t my Client truy cp vo cn nu User
ngi trn Server th mi tc ng ca Share Permission hon ton v ngha, v th
gii hn quyn ca User ti local ngi ta s dng NTFS Permission Khi khi User
truy cp vo mt ti nguyn no mng s chu tc ng ca 2 Permission l
Share Permission & NTFS Permission Trong khi nu truy cp ti local s ch chu
tc ng ca NTFS Permission .
iu kin s dng NTFS Permission l Partition ca bn phi c format
nh dng file system l NTFS.
Chun b: To cy th mc nh hnh di
Trang 17
Lu hnh ni b
Trang 18
Lu hnh ni b
B3: B du check trc dng Include inheritable permissions from this objects
parent
Trang 19
Lu hnh ni b
B6: Mn hnh Permissions for DATA chn Add
B7: Trong khung Enter the object names to select g KETOAN ; NHANSU Chn
check names
Trang 20
Lu hnh ni b
Quan st thy KETOAN v NHANSU c 3 quyn Allow: Read & excute, List folder
contents, read chn Ok-Ok
Kim tra:
- Ln lt log on va my bng quyn KT1,NS1 m th mc c:\DATA truy
cp thnh cng
- To Folder bt k xut hin thngbo li khng c quyn
Trang 21
Lu hnh ni b
Trang 22
Lu hnh ni b
B3: B du check trc dng Include inheritable permissions from this objects
parent
B4: Mn hnh Windows security chn copy chn OK-OK
Trang 23
Lu hnh ni b
B6: Chn Group NHANSU chn Remove
B7: Chn Group KETOAN chn allow full control chn ok-ok
Trang 24
Lu hnh ni b
Kim tra:
-Ln lt log on vo bng KT1, NS1 truy cp vo th mc KETOAN ch c KT1 truy
cp thnh cng, cn NS1 khng truy cp c.
-User KT1 To, xa file, folder bt k trong th mc KETOAN thnh cng
Trang 25
Lu hnh ni b
B3: B du check trc dng Include inheritable permissions from this objects
parent
Trang 26
Lu hnh ni b
B6: Chn Group KETOAN chn Remove
Kim tra:
-Ln lt log on vo bng KT1, NS1 truy cp vo th mc NHANSU ch c NS1 truy
cp thnh cng, cn KT1 khng truy cp c.
-User NS1 To, xa file, folder bt k trong th mc NHANSU thnh cng
Trang 27
Lu hnh ni b
Trang 28
Lu hnh ni b
B3: Ti mn hnh advanced security Setting for KETOAN, Chn group KETOAN
chn edit
Trang 29
Lu hnh ni b
B5: Kim tra:
-Ln lt log on vo bng KT1, KT2 truy cp vo th mc KETOAN
- KT1 to file KT1.txt
- KT2 to file KT2.txt
- Log on KT1 xa file KT2.txt bo li khng c quyn xa. Xa file KT1.txt thnh
cng.
- Log on KT2 xa file KT1.txt bo li khng c quyn xa. Xa file KT2.txt thnh
cng.
BI 6: DOMAIN
Trong cc bi trc chng ta hc v cc vn nh to user Account trn
server. Hy tng tng trong cng ty bn c khong 5 my tnh vi mi my chng ta
s to cc User Account cho nhn vin truy cp. Tuy nhin nu ngi dng ng nhp
vo my 1 lm vic sau anh ta sang my th 2 lm vic th mi ti nguyn do anh
ta to trn my 1 hon ton c lp vi my 2 v thm ch vi tng my Admin phi
to cc User Account ging nhau anh ta mi truy cp c, mi chuyn s khng tr
nn qu rc ri nu cng ty chng ta c chng y my . Nhng nu cng ty bn c
khong 100 my th mi chuyn li khc, vn t ra l ch l mi my Admin phi
ngi to 100 Account nhn vin truy cp? v v mi my c lp vi nhau vic tm
li d liu trn my m ta tng ngi lm vic trc l cc k kh khn.
Do Windows c tnh nng l Domain Controller (DC) gip ta gii quyt
rc ri trn. iu kin c mt DC l bn phi trang b mt my Server ring c
gi l my DC cc my cn li c gi l my Client, c h thng c gi l
Domain Khi Administrator ch vic to User Account ngay trn my DC m thi
nhn vin cng ty d ngi vo bt c my no trn Domain u c th truy cp vo
Account ca mnh m cc ti nguyn anh ta to trc u c th d dng tm thy.
Trang 30
Lu hnh ni b
B2: iu chnh Preferred DNS server v IP ca chnh s my mnh ngi chn OK
Trang 31
Lu hnh ni b
B5: Mn hnh Choose a Deployment configuration chn Create a new domainin a
new forest
B6: Mn hnh Name the forest root Domain g tn domain cse.edu chn next
Trang 32
Lu hnh ni b
B8: Mn hnh Set Forest Functional Level Chn windows server 2008 chn next
B10: Mn hnh Location for database, log files, and SYSVOL chn next
Trang 33
Lu hnh ni b
B11: Mn hnh Diretory Services Restore mode Administrator password g
abc@123 Chn next
Trang 34
Lu hnh ni b
B14: Mn hnh Completing Active Directory Domain Services Installation Wizard
Finish chn Restart
Trang 35
Lu hnh ni b
B2: Click chut phi vo Computer chn Properties Trong phn Computer name,
domain, and workgroup setting chn Change setting
Trang 36
Lu hnh ni b
-
Trang 37
Lu hnh ni b
B4: Mn hnh Group policy management Editor Double click vo Maximum
password age chn Properties
B5: G 0 vo dng
Trang 38
Lu hnh ni b
B3: Hp thoi Allow log on locally chn Properties chn Add user or Group
B4: G vo Users chn Ok- Ok
Trang 39
Lu hnh ni b
Trang 40
Lu hnh ni b
4. To Domain Group
B1: M Active Directory Users and Computer
Trang 41
Lu hnh ni b
5. To Domain User
B1: M Active Directory Users and Computer Nhp chut phi vo cse.edu chn
New chn User
B2:
Trang 42
Lu hnh ni b
B3:
- Password : 123
- Confirm password : 123
B du check User must chang password at next logon chn next
Trang 43
Lu hnh ni b
Chun b: Bi Lab s dng 2 my
- PC1: Windows server 2008 DC
- PC2: Windows XP hoc Windows server 2008 - Join Domain
- Chnh password n gin
- Cp quyn log on locally domain controller
- To user U1 password 123
Thc hin:
1. To Home Folder cho user
Thc hin to PC1:
B1: M Windows explorer M a C:\ click phi vo khong trng chn New chn
Folder t tn folder l Homes
B2: Share folder C:\ Homes
- Click phi vo folder Homes chn Properties ti tab Sharing chn
Advanced sharing
- Chn Share this folder chn Permissions
Trang 44
Lu hnh ni b
B4: M Server manager vo menu start chn Program chn Administratives tools
chn server manager
B5: M Active directory user and computer chn server manager vo Role chn
Active directory services chn Active directory user and computer
B6: Click chut phi vo User U1 chn properties qua Tab Profile chn Connect
in a ch th mc Homes Share trn server
\\Server\Homes\%username% chn Apply
Trang 45
Lu hnh ni b
B8: Kim tra:
-Ti PC2: log on U1, To Folder HoSoU1 trong a Z
-Ti PC1: log on U1 M My computer thy c a z truy cp vo a z thy file
HoSoU1
-Ti PC1: Log on administrator m c:\homes thy c 1 th mc tn U1 m th mc
thy c folder HoSoU1
Trang 46
Lu hnh ni b
B3: M Active directory user and computer chn server manager vo Role chn
Active directory services chn Active directory user and computer chn users
B4: Click chut phi vo User U1 chn properties qua Tab Profile in a ch th
mc Profile share trn PC1 g vo \\PC1\%username% chn Apply
B5: Kim tra:
-Ti PC2: log on U1, Trn Desktop to Folder Dulieu
-Ti PC1: log on U1, Quan st trn Desktop c Folder Dulieu
BI 8:
DOMAIN USER
Chun b:
- PC1: Windows server 2008 DC
- Chnh password n gin
- Chnh policy Allow log on locally : Add group Users vo policy
- Trong a C to 2 Folder Homes v Profiles Share 2 th mc ny vi quynEveryone Full control
- To OU CSE, trong OU CSE to Group NHANSU
1. To s dng User Template
B1: M Active Directory user and computer to user NS1 vi password 123
- To Roaming Profile v homes folder cho NS1 (Xem li bi homes folder
v Roaming Profile)
- Add user NS1 vo Group Nhansu
Thc hnh Windows Server 2008
Trang 47
Lu hnh ni b
Trang 48
Lu hnh ni b
B3: click chut pah ln User account NS1 chn Copy
B4: Full name NS2 user log on name G NS2 chn Next
Trang 49
Lu hnh ni b
B7: Tng t thc hin t B3-B6 copy NS1 thnh account NS3/password 123
B8: Kim tra:
- Thuc tnh ca 2 user NS2 v NS3 ging NS1
- C 2 user NS2 v NS3 u c a vo Group Nhansu
Trang 50
Lu hnh ni b
B2: Qua tab Account nh du chn trc dng Logon hours chn Logon hours
Trang 51
Lu hnh ni b
B4: Kim tra: Ln lt Properties ca c 3 user:NS1, NS2,NS3 qua tab Account chn
Logon Hours..
Trang 52
Lu hnh ni b
B2: click chut phi ln user NS1 chn Properties
BI 9: DOMAIN GROUP
Chun b:
- PC1: Windows server 2008 DC
- Chnh password policy n gin
- To OU CSE, trong OU CSE to 3 user: U1, U2, U3 Vi password 123
- Chnh policy cho php Group users c quyn log on trn my DC
Thc hnh Windows Server 2008
Trang 53
Lu hnh ni b
1. To Global group
B1: M Active Directory user and computer click chut phi ln OU CSE chn New
chn Group
Trang 54
Lu hnh ni b
B2: in user U1chn check name chn ok
Trang 55
Lu hnh ni b
Trc tin Administrator s to cc Organizational Unit v gn quyn cho mt User
no bng cch m Active Directory Users & Computers ra nhp phi vo domain
chn New -> Organizational Unit
Chun b: M hnh bi Lab gm 2 my
PC1: Windows server 2008 chnh password policy n gin
PC2: Windows server 2008, Join domain
Thc hin: Trn my PC1
1. To OU:
B1: Start chn Program chn administrative tool chn Active Directory user and
computer click phi chut vo CSE.EDU chn New chn Organizational Unit
2. Xa OU
B1: Vo View chn advanced Features
Thc hnh Windows Server 2008
Trang 56
Lu hnh ni b
B3: Qua tab Objects tt du check Protect object from accidental deletion sau
chn Ok
Trang 57
Lu hnh ni b
B3: Mn hnh Welcome chn Next trong mn hnh Selected users and group chn
add
Thc hnh Windows Server 2008
Trang 58
Lu hnh ni b
B4: Nhp vo user quan1 chn check names sau chn ok chn next
Trang 59
Lu hnh ni b
B8: Trong ca st new Object chn user to user quan2 chn next trong Password
v Confirm password in abc@123 b du check ti dng user must chang
password at next logon chn next chn Finsh thnh cng.
Trang 60
Lu hnh ni b
B9: To thm user quan3 sau click chut phi user quan3 chn delete xa thnh
cng quan3
B10: Click chut phi vo Container users th to 1 user mi khng xut hin menu
to user
Trang 61
Lu hnh ni b
B2: Trong mn hnh HOCHIMINH chn Properties, qua tab Security chn vo user
quan1 chn Remove chn OK
Trang 62
Lu hnh ni b
1. To v Link Policy vo OU
My PC1:
B1: Start chn Program chn administrative tool chn Group policy
Management Bung forest chn Domain chn cse.edu click chut phi vo Group
Policy Object chn New
Trang 63
Lu hnh ni b
B6: Quay tr li mn hnh Group policy Management chut phi vo OU HUI chn
Link an Existing GPO
Trang 64
Lu hnh ni b
Trang 65
Lu hnh ni b
3. Enforce Policy:
B1: M Group policy management click chut phi vo GPO An control panel
chn Enforce
Trang 66
Lu hnh ni b
B3: Kim tra: trn PC2
Ln lt logon user SV1, SV2 s thy b mt control penel
4. Chnh order cho policy
My PC1
B1: M Group policy management tt Enforce Policy v Block inheritance. To
thm GPO Hien control panel Link GPO ny vo Ou HUI. Nh vy lc ny OU
Hui c 2 GPO An control panel v Hien control panel
B2: Nhn vo OU HUI dng 2 biu tng mi tn Move up v Move Down di chuyn
Hien control panel ln u
Trang 67
Lu hnh ni b
B4: Kim tra: trn my PC2, log on user SV1, SV2 s thy control panel
Nhn xt:
Trong cng mt OU nu p dng chung 2 pilicy (Khng Enforce) th policy no c gi
tr link Other nh th s c u tin cao hn.
- Trong cng mt OU nu p dng chung 2 pilicy (1 policy Enforce v 1 policy khng
Enforce) th policy Enforce s c u tin
-Trong cng mt OU nu p dng chung 2 pilicy (c 2 policy u Enforce) th policy
no c gi tr link Other nh th s c u tin cao hn.
Trang 68
Lu hnh ni b
B1: M Group policy management click chut phi vo Group policy Object chn
New
B4: Bung mc User configuration chn Policies chn Sofware settings click phi
chut vo Software Installation chn New chn Package
Trang 69
Lu hnh ni b
B5: khung File name nhp vo
\\Server\Softs\cosmo1\ cosmo1.msi chn vo Open
Trang 70
Lu hnh ni b
B8: Qua tab Deployment mc Deployment options nh du chn vo 2 dng
- Uninstall this application when.
- Install this application at logon
Chn
Trang 71
Lu hnh ni b
B2: Bung mc User configuration chn Policies chn Sofware settings click phi
chut vo Software Installation chn New chn Package
Trang 72
Lu hnh ni b
Trang 73
Lu hnh ni b
B6: Qua tab Deployment mc Deployment options nh du chn vo 2 dng
- Uninstall this application when.
- Install this application at logon
Chn OK
Trang 74
Lu hnh ni b
B9: tr li hp thoi COSMO 2 chn Properties nh du chn vo mc Required
upgrade for existing packages chn apply chn
Trang 75
Lu hnh ni b
B3: Click chut phi vo GPO Deploy cosmo on computer va to chn Edit
B4: Bung mc Computer configuration chn Policies chn Sofware settings click
phi chut vo Software Installation chn New chn Package
Trang 76
Lu hnh ni b
B6: Mn hnh Select Deployment method chn Assigned chn ok
B2: M theo ng dn: Chn User Configuration chn Preferences chn Windows
settings click chut phi ln Driver Map chn New chn Mapped Driver
Trang 77
Lu hnh ni b
B3:
- Action: Chn Create
- Location: \\Server\TaiLieu
- Chn dng : Reconnect
- Driver Letter: Chn user chn Z chn OK
Kim tra:
PC2: Ln lt log on bng cc user M My Computer u c a mng Z:\TaiLieu
Trang 78
Lu hnh ni b
B2: Mn hnh New Hash Rule chn Browse ch ng dn n:
C:\ProgramFiles\Internet Explorer\iexplore.exe chn Open
BI 12: AUDIT
tu chnh Policy thng thng chng ta vo gpedit.msc hoc Active Directory
Users & Computer nu my ln DC. Bn hy tng tng xem nu mt cng ty
chng ta c hng trm my Client v mt s my th ta chnh Policy ny mt s my ta
chnh Policy kia, ri OU ny chu tc ng ca Policy ny OU kia chu tc ng ca
Policy n. V sau mt thi gian tu chnh Policy lung tung ln nh th bn hy t hi
xem mnh tng chnh ci g cho ci g? qu tht khng nh ni u.
Thc hnh Windows Server 2008
Trang 79
Lu hnh ni b
Chun b: PC1: Windows server 2008
To user U1 vi Password 123
Trong C to C:\Data\File1.txt, Phn quyn NTFS vi th mc DATA: ch c
Administrator c ton quyn
Thc hin:
1. Audit log on:
- Thc hin vic ghi nhn vic log on tri php vo my tnh (sai password)
B1: Log on Administrator m Start chn Program chn Administrator Tools chn
Local security policy
B2: M Local Policies chn Audit policy Double click vo Policy Audit account
logon eventes
B4: M Start chn Program chn Administrator Tools chn Event Viewer
B5: M Windows Logs click chut phi ln Security chn Clear log
Trang 80
Lu hnh ni b
B6: Chn Clear
Kim tra:
B1: Log off administrator Log on account u1 vi Password 456 Log on tht bi
B2: Log on vo administrator M Even Viewer chn windows logs chn security
M Audit Failuer Quan sat bn di thy account dng ng nhp l U1 ng
nhp vo my tnh tn PC1 vi Ip l 192.168.1.1 sai Password
Trang 81
Lu hnh ni b
2. Audit Object
Thc hin ghi nhn vic truy cp v thay i d liu ti C:\DTA\File1.txt
B1:Log on administrator M Local Security policies Audit Double click vo
Policy Audit object access
B3: Click chut phi ln th mc DATA trong a C Chn properties qua tab
Security chn Advanced
Trang 82
Lu hnh ni b
Trang 83
Lu hnh ni b
B6: Mn hnh Auditing Entry for DATA chn List folder / read data (Failure)
Create files / Wrire data (Successful) chn Ok 4 ln
Trang 84
Lu hnh ni b
B4: Quan st chnh sa file ca Admin: M Event Viewer chn Windows logs chn
Security.
M Audit Success quan st thy account dng truy cp ti nguyn l
Administrator truy cp vo C:\DATA\file1.txt
Trang 85
Lu hnh ni b
Vo a C: To th mc DATA. Share th mc DATA cho Group Everyone quyn
Full Control
-Click chut phi vo C, chn Properties Qua tab Shadow copy chn Setting
Trang 86
Lu hnh ni b
- mc Schedule Task chn Daily mc Start time: chn 01:00 PM chn ok
2. Kim tra:
My PC2: Vo Start chn run g \\Server M th mc DATA m file thongbao.txt
sa li ni dung bn di, sau lu li
Trang 87
Lu hnh ni b
My PC1: Click chut phi vo file thongbao.txt chn Restore Previous Version.
Chn Restore chn Restore chn ok
Ni dung tr li nh lc ban u
BI 14:
FILE SERVER RESOURCE MANAGER
1. Gii thiu:
FILE SERVER RESOURCE MANAGER gip cho ngi qun tr mngc th d dng
qun l d liu trn server mt cch hiu qu, bng cng c ny, Administrator c th
p quota ln ngay trn Folder hoc a, ngn cm sao chp nhng nh dng file m
admin ch nh.
Chun b:
PC1: Windows server 2008
PC2: Windows Vista, WinXP, Hoc Win 2003
To user U1 password 123
To Th mc BAOCAO , Share Full Control
Thc hin:
Trang 88
Lu hnh ni b
Trang 89
Lu hnh ni b
B5: Rong mn hnh Set Report Options chn Next
B2: Bung mc Quota Management click chut phi vo Quota chn Create Quota
Thc hnh Windows Server 2008
Trang 90
Lu hnh ni b
Trang 91
Lu hnh ni b
B5: Quay tr li hp thoi Create quota nhn Create
Trang 92
Lu hnh ni b
Trang 93
Lu hnh ni b
Trang 94
Lu hnh ni b
B8: Hp thoi yu cu Save Template chn Save the custom file screen without
creating a template chn Ok
4. Kim tra:
B1: log on Administrator my PC2
B2: Vo Start chn Run g \\Server
Trang 95
Lu hnh ni b
B3: Hp thoi yu cu xc thc quyn nhp vo U1 v password 123
B4: Click chut vo th mc BAOCAO nhn Map Network Driver.
Chn a Y chn Finish
Trang 96
Lu hnh ni b
B3: Trong ca s Quota Entries for C chn Quota chn New Quota Entry
Trang 97
Lu hnh ni b
B4: Trong Enter the object Nhp U1;U2 chn Check name chn Ok
B5: Ca s Add new Quota Entry gi nguyn option Do not limit chn Ok
B6: Trong c s Quata Entries click chut phi vo U1 chn Properties Trong ca s
Quota settings for u1 chn Limit disk space to nhp 100 MB mc Set warning
level to nhp 90 MB chn Ok
B7: Trong ca s Quota Entries click chut phi U2 chn properties trong ca s
Quota Setting for U2 chn Limit disk space to nhp 200 MB mc Set warning
level to nhp 190 MB chn
Trang 98
Lu hnh ni b
Kim tra:
- log on U1
- Click chut phi ln a C quan st thy dung lng a ch c 100 MB
- Copy th cc file c dung lng khong 90 MB vo C hin thng bo a sp y.
- Copy th cc file c dung lng ln hn 100 MB khng th copy do khng a.
Log on U2: Click chut phi ln C quan st thy dung lng a l 200 MB
B2: Mn hnh Welcom chn next chn Windows server backup Features chn next
chn Install
Thc hnh Windows Server 2008
Trang 99
Lu hnh ni b
B4: M Windows server backup trong Administrtive tools khung Action chn
Backup one
Trang 100
Lu hnh ni b
B6: Hp thoi Select Backup configuration chn Custom chn Next
B7: Hp thoi Select backup items Chn Server(C) B du check trc dng Enable
system recovery chn next
B8: Hp thoi Specify destination type chn Remote shared folder chn
B9: Trong phn Type the path to the Remote shared folder g \\PC2\BACKUP
Chn Do not inherit chn next
Trang 101
Lu hnh ni b
B11: Hp thoi Specify advanced option chn vss copy backup ( recommended)
chn next chn next
Trang 102
Lu hnh ni b
B13: Trn PC2 m thu mc BACKUP chn WindowsImageBackup chn PC1 Quan
st ni cha cc file backup t PC1
2. RECOVER
Trc khi Restore gi lp mt d liu bng cch PC1 xa th mc DATA
Tin hnh khi phc d liu
B1: Trong chng trnh Windows server Backup trong khung Action chn Recover
Trang 103
Lu hnh ni b
B6: Select recovery type chn Files and folders chn next
Trang 104
Lu hnh ni b
Kim tra trn PC1: Sau khi Recover hon tt , m C quan st thy Folder DATA v
cc File trong DATA c khi phc.
Thc hnh Windows Server 2008
Trang 105
Lu hnh ni b
BI 17: DISK MANAGEMENT
Chun b: 1 my o Windows 2008 c 3 a cng
Thc hin:
A. Basic Disk
Gn Disk0 v Disk1 vo my o
1. Primery Partition
B1: Start chn Run g diskmgmt.msc chn Ok
B2: Mn hnh Initialize Disk chn OK
B3: Click chut phi ln vng Unalocated ca Dk1 chn New simple volume
B4: Mn hnh Welcome chn Next
B5: Mn hnh Specify Volume Wizard chn dung lng partition trong volume size in
MB: 100 chn next
B6: Mn hnh Assign Drive Letter or Path chn k t i din cho partition chn next
B7: Mn hnh Format partition chn tn nhn trong phn Volume label: P1 chn
Perform a quick format chn next
B8: Chn Finish.
B9: Quan st to partition thnh cng. Loi partition c chn t ng l Primery
B10: M computer quan st thy co thm a P1(E:)
B11: Thc hin cc bc to thm 2 partition dung lng 100 MB vi tn ln lt P2,
P3
Lu : i vi Windows server 2008 : mi a vt l ch c th to ti a 3 partition
Primary khc vi Windows serevr 2003 ( C th to 4 Primary)
2. Extended-Logical partition
B1: Thc hin li cc bc ging phn 1 to ra partition dung lng 100 MB, tn l
P4
- Quan st thy partition P4 c chn t ng l Logical
- Logical partition c bao bc bi Extended partition
B. Dynamic Disk
1. Chuyn Disk sang Dynamic
B1: M Disk Management click chut phi ln Disk 1 chn Convert to dynamic disk
B2: Chn Disk 0 v Disk 1 chn OK
B3: chn Convert
B4: Mn hnh cnh bo chn Yes
3. Mirror
Mc ch: Bin mt Disk thnh bn sao ca disk cha d liu nhm gia tng kh nng
chu li, H mt a vn c th truy cp d liu
B1: Click chut phi ln Partition cha h iu hnh Chn Add Mirror
B2: Chn Disk 1 chn Add Mirror. Qu trnh ng b d liu thnh cng
Kim tra:
Thc hnh Windows Server 2008
Trang 106
Lu hnh ni b
G Disk ra khi my o khi ng my o
Chn Microsoft Windows server 2008 Secondary plex khi ng vo Windows thnh
cng.
4. Spanned:
Mc ch: Tn dng dung lng cn trng trn cc a vt l to thnh mt Partition
Gn Disk0 vo my o: vo disk Management click chut phi ln Disk 1 chn
Remove Mirror
B1: Click chut phi ln vng Unallocated tn Disk0 chn New Spanned volum
B2: Mn hnh Welcome chn next
B3: Mn hnh Select Disks khung bn tri chn Disk1 chn Add
B4: Chn Disk1 Select the amount of space in MB: 100
B5: Chn Disk1 Select the amount of space in MB: 200 chn next
B6: Chn Next
B7: t tn Partition l Spanned Partition chn Perform a quick Format chonj next
B8: Chn Finish
B9 : Kim tra: M computer thy xut hin Partition Spanned Partition c dung dng
l 300 MB
5. Stripped
Mc ch: To 1 Partition c kh nng c ghi d liu ln 2 a vt l cng lc tng
tc truy xut d liu.
B1: Click chut phi ln vng Unallocated ca Disk0 chn New stripped volume
Mn hnh Welcome chn next
B3: Mn hnh Select Disk khung bn tri chn Disk 1 chn Add
B4: Chn dung lng s ly to Partition trn 2 a vt l : Select the amount of
space in MB: 500 chn next
B5: Chn Next
B6: Chn Quick format chn next
B7: Chn Finish
Quan st to Partition thnh cng (Phn vng mu xanh)
Kim tra: M computer quan st thy c thm 1 Partition mi
Dung lng Partition l 1000 MB
5. Rail 5:
Mc ch: To 1 Partition trn c 3 a vt l tng kh nng chu li ( Mt a b
h vn c th truy xut c). Tng tc truy xut d liu
- Xa ht cc Partition to ( Tr Partition cha h iu hnh)
B1: Gn a th 3 vo my o
B2: Khi ng my o vo Disk Management click chut phi ln vng Unallocated
trn disk0 chn New RAID-5 volume
B4: Mn hnh select Disks khung bn tri chn Disk1 v Disk2 Add
Thc hnh Windows Server 2008
Trang 107
Lu hnh ni b
B5: chn dung lng Partition trn c 3 disk : 500 chn next
B6: Chn Next
B7: Chn Quick format chn next
B8: Mn hnh Complete chn Finish
B9: Quan st to Partition thnh cng
Kim tra: M computer M Partition va to: To file Thisinh.txt vi ni dung ty
Tt my o: G Disk1 ra khi my o
Khi ng my o: Vn truy xut c File
Lu : Sau khi gn tr Disk 1 v my o : M Disk management Click chut phi ln
Partition ca RAID-5 chn Reactive ng b d liu li.
BI 18: PRINTER
PC1: Windows server 2008-DC
PC2: Windows server 2008- Join domain
My PC1:
To 3 User: GV1,SV1, U1 To 2 Group: Giaovien v Sinhvien
Add user KT1 vo Group Giaovien, Add user SV1 vo Group Sinhvien
Thc hin: Local Device: Thc hin trn PC1
B1: Logon Administrator: M Start chn Setting chn Printers Double click vo Add
Printer
B2: Chn Add a local Printer
B3: mc nh chn Next
B4: Chn Have Disk
B5: Chn Browse ch n th mc Driver ca my in --------------chn Ok
B6: Chn Next
B7: mc nh chn Next
B8: mc nh Share this Printer chn Next
B9: Chn Finish Quan st thy trong Printer c my in
B10: khng b bo li v khng c Printer vt l- Click chut phi ln Printer va
to chn Printer Offine
3. Network Device
Thc hin ti PC1
B1: M Printer chn Add Printer chn add a local Printer
B2: Chn Create a new port chn Standart TCP/IP Port chn Next
B3: Device type: TCP/IP Derice
Hostname or Ip address: 192.168.10.100+X (X l s my SV)
Port name: NetworkPT
Thc hnh Windows Server 2008
Trang 108
Lu hnh ni b
B du trc dng: Query the Printer and automaticcaly select the Driver to use chn
next
B4: Chn Custom chn Next
B5: Chn Have Disk
B6: Ch ng dn n th mc cha Driver ca my in -------------ok
B7: Thy xut hin ng my in -----------chn next
B8: Chn User the driver that the currently installed (Recommened) chn next
B9: Trong mc Printer name in vo NetworkPT chn Next
B10: Chn Do not share the printer chn next Finish
Kim tra: Thy trong th mc Printer c thm my in tn NetworkPT
4. Map Printer
Thc hin trn PC1: Xa my in NetworkPT
Thc hin trn PC2:
B1: Log on administrator truy cp vo PC1
B2: Click chut phi ln my in ---- chn Connect
B3: Chn Install driver
B4; Quan st thy c my in : ------- on PC1
4. Phn quyn Thc hin trn PC1
U1 khng c quyn in
Group Giaovien c quyn in v qun l document
Group Sinhvien c quyn in v ch xa c document do mnh to ra
B1: Click chut phi vo Printer ---- Chn Properties
B2: To Tab Security Remove cc Group ngoi tr Group Creator Owner, add thm
2 Group Giaovien, Sinhvien vo.
- Phn quyn Group Sinhvien: Print (Allow)
- Phn quyn Group Giaovien: Print (Allow), Manage document (Allow)
Kim tra:
B1: Logon GV1: M notepad son ni dung bt k v gi lnh in 3 ln
B2: M Start chn settng chn Printers Double click vo my in --- Chut phi ln cc
document ang c chn cancal hy lnh in Hp thoi cnh bo chn Yes
Cancel thnh cng
Cancel ht ch cha li 1 document
B3: Logon SV1: M notepad son ni son ni dung bt k gi lnh in 3 ln
B4: M Start chn setting chn Printers Double click vo my in-----click chut phi
ln cc document ang c ca user SV1 chn Cancal hy lnh in hp thoi cnh bo
chn Yes Cancel thnh cng
Chn cancel document ca GV1 khng thc hin
B5: Log on U1 m Notepad in th khng thy my in ---- do khng c quyn in
Thc hnh Windows Server 2008
Trang 109
Lu hnh ni b
5. Printer Pooling
Thc hin trn PC1
Mc ch to ra 1 Printer s dng chung 2 my in vt l
B1: Thc hin cc thao tc ging phn 1 add thm Printer HP----- trn Port LPT2
B2: Trong phn Printers click chut phi ln printer ----- chn Properties
B3: Trong Tab Ports nh du chn vo mc Enabled printer pooling
nh du chn vo 2 mc: LPT1 v LPT2 chn OK
6. Available Time
Thc hin trn PC1:
B1: M phn Printers click chut phi ln ----chn Properties
Trong Tab Advanced chn Available from
Chn t 8:00 AM to 12:00 AM
Log on GV1: M notepad in th khng th in c
7. Spool Folder
Thc hin ti Pc1: Thay i ni lu cc print Job
B1: Trong phn Printers chn Server Properties
B2: Tab Advanced thay i ng dn Spool Folder C:\Printers chn OK
Kim tra: Trong a C c th mc Printers quan st ni cha Print Job
8. Priority
Thc hin ti PC1:
B1: Thc hin ging phn 1 Printer mi t tn l VIP
B2: Ti mc Printers click chut phi ln VIP chn Properties
B3: Trong Tab security phn quyn ch cho group GiaoVien c quyn in
B4: Qua tab advanced trong phn Priority in s 2 chn OK
Kim tra:
PC2
Log on adminitrator MAP my in VIP v
Log on SV1 : To file vn bn v in 3 ln bng my in --------Log on GV1 : To file vn bn v in bng my in---Kim tra trong print job: document ca GV1 tuy in sau nhng li c nm trn
document ca SV1 trong danh sch ch in.
9. Deploy Printer
Thc hin trn PC1
B1: M server manager click chut phi ln Roles chn add roles
B2: Chn Roles Print services
B3: Chn next
B4: Chn server chn next
B5: Chn Install
B6: Chn Close
Thc hnh Windows Server 2008
Trang 110
Lu hnh ni b
B7: chn Administrator Tools chn Print Management M Print servers chn Printers
khung bn phi click chut vo my in ---- chn Deploy ith Group Policy
B8: Trong phn GPO name chn Browse
B9: Chn Default Domain Policy chn Ok
B10: nh du vo trc dng The computers that the GPO applies to (Per machine)
Chn add chn Ok
B11: Mn hnh cnh bo chn Ok
Kim tra:
PC2 log on Administrator xa cc my in ci t- Restart li my
Vo li phn Printers quan st thy c my in ------------- c ci t
Trang 111
Lu hnh ni b
My PC2
B1: Trn mn hnh Remote Desktop vn gi nguyn chng trnh Notepad vo Start
chn shutdown chn Disconnect chn Ok
My PC1:
Kim tra trong Terminal ServicesManager tab Users thy U1 b Disconnected
Qua tab Processes thy chng trnh Notepad ca user U1 vn cn
My PC1
Remote Desktop li vo PC1 vo Start chn Log off chn Log off now
My PC1:
Kim tra trong Terminal ServicesManager tab Users thy U1 b mt
Qua tab Processes thy chng trnh Notepad ca user U1 khng cn
Nhn xt:
S khc bit gia Log Off v Disconnectet khi Remote Desktop
Khi ta log off th cc chng trnh user ang s dng s b g b khi b nh ca
server
Khi ta Disconnectet th cc chng trnh user ang s dng vn cn nm trong b nh
ca server
My PC2
Remote Desktop n PC1 bng U1 ln 1
Remote Desktop n PC1 bng U1 ln 2
Khi remote thnh cng th Session ln 1 s b Disconnected
My PC1:
B1: Vo Start chn Run g gpedit.msc
B2: Bung mc Computer Configuration chn Administrative Templates chn Terminal
Services chn Terminal Server chn connections bn phi chn policy Restrict
Terminal Services users chn Properties
Chn Disabled chn apply chn OK
B3: Vo Start chn Run g gpupdate/force Sau Log off Administrator
My PC2:
Remote Desktop n PC1 bng U1: 2 ln thnh cng
Remote Desktop n PC1 bng U1: thm ln na (3 ln) tht bi
2. Terminal Services
My PC1:
B1: M chng trnh Programs chn administrative tools chn server manager click
chut phi vo Roles chn Add Roles
Thc hnh Windows Server 2008
Trang 112
Lu hnh ni b
B2: Hp thoi Before You Begin chn Next
B3: nh du chn Terminal Services chn next
B4: Hp thoi Introduction to Terminal Services chn next
B5: Chn Terminal Server v TS Web Access chn Next
B6: Applications Compatibility mc nh
Trang 113