MCSE  Certification Boot Camp 

New Features in the Windows Server 2003 Family

In the Windows Server 2003 family of operating systems, Microsoft has improved the function of the Account Lockout feature on both servers and client computers.

Computers Running Windows Server 2003 That Act As Network Servers

To improve the experience for users and to decrease the overall total cost of ownership, Microsoft made the following changes to the behavior of domain controllers in the Windows Server 2003 family:
Password history check (N-2): Before a Windows Server 2003 operating system increments badPwdCount, it checks the invalid password against the password history. If the password is the same as one of the last two entries that are in the password history, badPwdCount is not incremented for both NTLM and the Kerberos protocol. This change to domain controllers should reduce the number of lockouts that occur because of user error.
Single user object on demand replication: See the "Urgent Replication" section in this document for more information.
Optimized replication frequency: The default frequency for replication between sites is to replicate every 15 minutes with a 3-second offset to stagger the replication interval. This optimization improves the replication of a password change in a site because it decreases the chances that the domain controller would have to contact the PDC operations master.

Computers Running Windows Server 2003 Family Acting As Network Clients

Microsoft has added the following features in the Windows Server 2003 family to gather the process ID that is using the credentials that fail authentication:
Auditing logon changes: There are entries for all logon and logoff events (528 and 540, as well as 529 through 539).
Auditing of processes encountering authentication failures: New information is added to the Security event log when authentication failures occur:
Caller User Name
Caller Domain
Caller Logon ID
Caller Process ID
 
Note:
  To use the process ID, turn on success auditing for Audit process tracking events so that you can obtain the process identifier (PID) for the associated Event 592. If you do not do this, the PID is not useful after the process stops. To view audit process tracking, in the Group Policy Microsoft Management Console (MMC), in the console tree, double-click Computer Configuration, double-click Windows Settings, double-click Security Settings, double-click Local Policies, and then double-click Audit Policy.

Microsoft has added the following administrative enhancements to provide more account lockout information than the information that is available in the default configuration of the Windows Server 2003 family:

AcctInfo.dll: The AcctInfo.dll file is a property page extension for user objects in the Active Directory Users and Computers MMC that provides detailed information about user password attributes. An administrator can use the AcctInfo.dll file to reset user account passwords on a domain controller that is in the user's Active Directory site.
LockoutStatus.exe: The LockoutStatus.exe tool displays bad password count and time information from all of the domain controllers that are in a domain. You can run this tool as either a stand-alone tool or as an extension to the AcctInfo.dll file when you place it in the Systemroot\System32 folder on your computer.

 

Payless MCSE Boot camp offers Payless MCSE boot camp, MCSE training boot camp, MCSE certification boot camp, MCSE Cisco Boot camp, MCSE Certification training boot camp. MCSE Training certification boot camp, MCSE Boot Training Camp, MCSE boot certification camp, MCSE UK Boot camp, MCSE san Mateo Boot camp, MCSE Japan boot camp, MCSE USA Boot camp, MCSE Europe Boot camp, MCSE guaranteed boot camp.

  • Do you want to become  Real MCSE, CCNA or CCNP certified?
     
  • Do you want to Payless for certification?
     
  • Do you want to finish in 2/3 weeks?

 

 

 

 
 

MCSA : MCSE : MCSE + Security : CCNA : CCNP : Bootcamp : MCSE training : Vibrant MCSE : Vibrant CCNA : Vibrant CCNP : camp :
  Home : links : Resources : Ref1 : Ref2

 

 

MCSE Bootcamp Training - Cheapest, Fast, Guaranteed MCSE certification

 

MCSE Boot Camp, CCNA Bootcamps, CCNP Boot camp Certification Training

MCSE Guide

Free MCSE
Free MCSE Training
MCSE
MCSE 2003
MCSE Books
MCSE Boot Camp
MCSE Brain dumps
MCSE Certification
MCSE Exam
MCSE Free
MCSE Jobs
MCSE Logo
MCSE Online
MCSE Online Training
MCSE Practice
MCSE Practice Exams
MCSE Practice Tests
MCSE Requirements
MCSE Resume
MCSE Salary
MCSE Self Paced Training Kit
MCSE Study
MCSE Study Guide
MCSE Study Guides
MCSE Test
MCSE Testing
MCSE Training
MCSE Training Kit
MCSE Training Video
MCSE Windows 2003
Microsoft MCSE Training
Training MCSE
Windows 2003 MCSE

 

 

MCSE : Security Specialist

Startup Process Windows NT/2000

Steps prior to boot sequence

  • POST Power On Self Test routines are run.
  • The boot device is located, and the MBR (Master Boot Record) is loaded into memory, and locates the active partition boot sector, and loads it into memory.
  • From the boot sector NTLDR is loaded into memory.

Boot Sequence

  • NTLDR switches the processor from real mode into 32 bit flat memory mode.
  • NTLDR starts the minifile system drivers, either FAT, FAT 32 (2000 only) or NTFS.
  • NTLDR reads the BOOT.INI file, and displays the Boot Loader Menu. If you have a dual boot system and choose an OS other than Windows NT NTLDR will load BOOTSECT.DOS and pass control to it for booting.
  • If Windows NT/2000 is selected, NTLDR will run NTDETECT.COM which scans the computers hardware and passes this information back to NTLDR.
  • NTLDR then loads NTOSKRNL.EXE, HALL.DLL, and the SYSTEM hive.

Kernel Load Phase

  • NTLDR starts NTOSKRNL.EXE
  • The HAL (hardware abstraction layer) is loaded, which hides the physical hardware from applications.
  • The SYSTEM hive, is loaded and scanned for device drivers, and services that should be loaded. These are organized into groups They are loaded into memory but not initialized yet, in the order in which they appear in the ServiceGroupOrder subkey of the registry.

Kernel Initialization Phase

In this phase the screen is blue, and initializes the kernel and the drivers that were loaded during the kernel load phase.

  • The kernel is initialized.
  • SYSTEM hive is scanned again to determine which drivers should be loaded, then they are initialized.

Services Load Phase

The services load phase starts the Session Manager SMSS.EXE. It will run the programs listed in its BootExecute Registry entry, as well as starting the required subsystems.

Win 32 Subsystem Start Phase

When the 32 Subsystem Starts it automatically starts WINLOGON.EXE which starts the Local Security Authority LSASS.EXE and displays Ctrl+Alt+Delete logon dialog.

Next the The Service Controller (Screg.exe) will check the Registry for services that are marked to load automatically and will load them.

User Logon

The Boot is not considered good until a user logs on successfully

 

 


© Vibrant Worldwide Inc.