Saturday, December 8, 2007

DNS and Active Directory Integration

Understanding DNS Name Resolution

The DNS service provides name resolution for clients running Windows 2000. With name resolution, users can access servers by name rather than having to use IP addresses that are difficult to remember. This lesson introduces you to the name resolution process.

After this lesson, you will be able to

  • Explain the name resolution process

Name Resolution

Name resolution is the process of resolving DNS names to IP addresses. Name resolution is similar to looking up a name in a telephone book, where the name is associated with a telephone number. For example, when you connect to the Microsoft Web site, you use the name www.microsoft.com. DNS resolves www.microsoft.com to its associated IP address, 207.46.130.149. The mapping of names to IP addresses is stored in the DNS distributed database.

IP Addressing

An IP address identifies each host that communicates by using TCP/IP. Each 32-bit IP address is separated internally into two parts—a network ID and a host ID.

  • The network ID, also known as a network address, identifies a single network segment within a larger TCP/IP internetwork (a network of networks). All the systems that attach and share access to the same network have a common network ID within their full IP address. This ID is also used to uniquely identify each network within the larger internetwork.
  • The host ID, also known as a host address, identifies a TCP/IP node (a workstation, server, router, or other TCP/IP device) within each network. The host ID for each device identifies a single system uniquely within its own network.

Reverse Lookup Query

A reverse lookup query maps an IP address to a name. Troubleshooting tools, such as the NSLOOKUP command-line utility, use reverse lookup queries to report back host names. Additionally, certain applications implement security based on the ability to connect to names, not IP addresses.

Because the DNS distributed database is indexed by name and not by IP address, a reverse lookup query would require an exhaustive search of every domain name. To solve this problem, a special second-level domain called in-addr.arpa was created.

The in-addr.arpa domain follows the same hierarchical naming scheme as the rest of the domain namespace; however, it is based on IP addresses, not domain names:

  • Subdomains are named after the numbers in the dotted-decimal representation of IP addresses.
  • The order of the IP address octets is reversed.
  • Companies administer subdomains of the in-addr.arpa domain based on their assigned IP addresses and subnet mask.

Understanding and Configuring Zones

The DNS service allows a DNS namespace to be divided up into zones that store name information about one or more DNS domains. The zone becomes the authoritative source for information about each DNS domain name included in a zone. This lesson introduces you to DNS zones and how they are configured.

After this lesson, you will be able to

  • Identify zone types
  • List the benefits of Active Directory integrated zones
  • Explain zone delegation
  • Configure zones
  • Configure Dynamic Domain Name Service (DDNS) for a zone

Zones

The DNS service provides the option of dividing up the namespace into one or more zones, which can then be stored, distributed, and replicated to other DNS servers. The DNS namespace represents the logical structure of your network resources, and DNS zones provide physical storage for these resources.

Zone Planning

When deciding whether or not to divide your DNS namespace to make additional zones, consider the following reasons to use additional zones:

  • Is there a need to delegate management of part of your DNS namespace to another location or department within your organization?
  • Is there a need to divide one large zone into smaller zones for distributing traffic loads among multiple servers, improve DNS name resolution performance, or create a more fault-tolerant DNS environment?
  • Is there a need to extend the namespace by adding numerous subdomains at once, such as to accommodate the opening of a new branch or site?

If you can answer "yes" to one of these questions, it may be useful to add or restructure your namespace into additional zones. When choosing how to structure zones, you should use a plan that meets the needs of your organization.


Zone Type

There are three types of zones that you can configure:

  • Active Directory-integrated. An Active Directory-integrated zone is the master copy of a new zone. The zone uses Active Directory to store and replicate zone files.
  • Standard primary. A standard primary zone is the master copy of a new zone stored in a standard text file. You administer and maintain a primary zone on the computer on which you create the zone.
  • Standard secondary. A standard secondary zone is a replica of an existing zone. Secondary zones are read-only and are stored in standard text files. A primary zone must be configured to create a secondary zone. When creating a secondary zone, you must specify the DNS server, called the master server, that will transfer zone information to the name server containing the standard secondary zone. You create a secondary zone to provide redundancy and to reduce the load on the name server containing the primary zone database file.

  • Master DNS Servers

    For the standard secondary forward lookup zone type you must specify the DNS server(s) from which you want to copy the zone. You must enter the IP address of one or more DNS servers.

    Reverse Lookup Zones

    A reverse lookup zone enables reverse lookup queries. Reverse lookup zones are not required. However, a reverse lookup zone is required to run troubleshooting tools, such as NSLOOKUP, and to record a name instead of an IP address in Internet Information Services (IIS) log files.

  • To create a new reverse lookup zone

    1. Click Start, point to Programs, point to Administrative Tools, and then click DNS.

    2. Expand the DNS server.

    3. Right-click the Reverse Lookup Zone folder and click New Zone. The New Zone Wizard guides you through the process of setting up a reverse lookup zone. The wizard presents the following configuration options: Zone Type, Reverse Lookup Zone, Zone File, and Master DNS Servers.


    • Posted by at No comments:

    Securing Network Resources

    Understanding NTFS Permissions

    NTFS permissions are rules associated with objects that regulate which users can gain access to an object and in what manner. This lesson introduces standard NTFS folder and file permissions. It also explores the effects of combining user account and group permissions with file and folder permissions.

    After this lesson, you will be able to

    • Define standard NTFS folder and file permissions
    • Describe the result when multiple NTFS permissions are applied to a resource
    • Describe the result when you combine user account and group permissions for a resource

    NTFS Permissions

    Use NTFS permissions to specify which users and groups can gain access to files and folders, and what they can do with the contents of the file or folder. NTFS permissions are only available on NTFS volumes. NTFS permissions are not available on volumes that are formatted with the file allocation table (FAT) or FAT32 file systems. NTFS security is effective whether a user gains access to the file or folder at the computer or over the network. The permissions you assign for folders are different from the permissions you assign for files.

    NTFS Folder Permissions

    You assign folder permissions to control the access that users have to folders and to the files and subfolders that are contained within the folder.

    Multiple NTFS Permissions

    You can assign multiple permissions to a user account by assigning permissions for a resource to an individual user account and to each group of which the user is a member. You need to understand the rules and priorities that are associated with how NTFS assigns and combines multiple permissions. You also need to understand NTFS permission inheritance.

    Assigning NTFS Permissions

    There are certain guidelines you should follow for assigning NTFS permissions. Assign permissions according to group and user needs; this includes allowing or preventing permissions inheritance from parent folders to subfolders and files that are contained in the parent folder. This lesson presents guidelines for planning NTFS permissions and then walks you through the steps of assigning NTFS permissions.

    After this lesson, you will be able to

    • Plan what permissions to assign to users or groups for applications and data folders
    • Assign NTFS folder and file permissions to user accounts and groups

    Planning NTFS Permissions

    If you take the time to plan your NTFS permissions and follow a few guidelines, you will find that NTFS permissions are easy to manage. Use the following guidelines when you assign NTFS permissions:

    1. To simplify administration, group files into application, data, and home folders. Centralize home and public folders on a volume that is separate from applications and the operating system. Doing so provides the following benefits:

      • You assign permissions only to folders, not to individual files.
      • Backup is less complex because there is no need to back up application files, and all home and public folders are in one location.
    2. Allow users only the level of access that they require. If a user only needs to read a file, assign the Read permission to his or her user account for the file. This reduces the possibility of users accidentally modifying or deleting important documents and application files.
    3. Create groups according to the access that the group members require for resources, and then assign the appropriate permissions to the group. Assign permissions to individual user accounts only when necessary.
    4. When you assign permissions for working with data or application folders, assign the Read & Execute permission to the Users group and the Administrators group. This prevents application files from being accidentally deleted or damaged by users or viruses.
    5. Turn off the permissions inheritance option at the home directory level. This allows the user to consider permissions for each file or folder in the home directory.
    6. When you assign permissions for public data folders, assign the Read & Execute permission and the Write permission to the Users group, and the Full Control permission to CREATOR OWNER identity group. The user who creates a file is by default the creator and owner of the file. After you create a file, you may grant another user permission to take ownership of the file. The person who takes ownership would then become the owner of the file. If you assign the Read & Execute permission and the Write permission to the Users group, and the Full Control permission to CREATOR OWNER, users have the ability to read and modify documents that other users create and the ability to read, modify, and delete the files and folders that they create.
    7. Deny permissions only when it is essential to deny specific access to a specific user account or group.
    8. Encourage users to assign permissions to the files and folders that they create and educate them about how to do so.

    Setting NTFS Permissions

    By default, when you format a volume with NTFS, the Full Control permission is assigned to the Everyone group. You should change this default permission and assign other appropriate NTFS permissions to control the access that users have to resources. Be careful if you assign permissions to the Everyone group and enable the Guest account. Windows 2000 will authenticate a user who does not have a valid user account as Guest. The user automatically gets all rights and permissions that you have assigned to the Everyone group.

    Troubleshooting Permissions Problems

    When you assign or modify NTFS permissions to files and folders, problems might arise. Troubleshooting these problems is important to keep resources available to users. This lesson describes common permission-related problems and their solutions.

    After this lesson, you will be able to

    • Recognize common reasons why users cannot gain access to resources
    • Solve common permission-related problems

    Avoiding Permissions Problems

    The following list provides best practices for implementing NTFS permissions. These guidelines will help you avoid permission problems.

    • Assign the most restrictive NTFS permissions that still enable users and groups to accomplish necessary tasks.
    • Assign all permissions at the folder level, not at the file level. Group files in a separate folder for which you want to restrict user access, and then assign that folder restricted access.
    • For all application executable files, assign Read & Execute and Change Permissions to the Administrators group, and assign Read & Execute to the Users group. Damage to application files is usually a result of accidents and viruses. By assigning Read & Execute to Users and Read & Execute and Change Permissions to Administrators, you can prevent users or viruses from modifying or deleting executable files. To update files, members of the Administrators group can assign Full Control to their user account to make changes and then reassign Read & Execute and Change Permissions to their user account.
    • Assign Full Control to CREATOR OWNER for public data folders so that users can delete and modify files and folders that they create. Doing so gives the user who creates the file or folder (CREATOR OWNER) full access to only the files or folders that he or she creates in the public data folder.
    • For public folders, assign Full Control to CREATOR OWNER and Read and Write to the Everyone group. This gives users full access to the files that they create, but members of the Everyone group can only read files in the folder and add files to the folder.
    • Use long, descriptive names if the resource will be accessed only at the computer. If a folder will eventually be shared, use folder and file names that are accessible by all client computers.
    • Allow permissions rather than deny permissions. If you do not want a user or group to gain access to a particular folder or file, do not assign permissions. Denying permissions should be an exception, not a common practice.
    Posted by at No comments:

    Administering Shared Folders

    Understanding Shared Folders

    Microsoft Windows 2000 allows you to designate folders to share with others. For example, when a folder is shared, authorized users can make connections to the folder (and access its files) from their own computers. This lesson introduces shared folders and shared folder permissions.

    After this lesson, you will be able to

    • Use shared folders to provide access to network resources
    • Describe how permissions affect access to shared folders

    Estimated lesson time: 15 minutes

    Shared Folders

    Shared folders provide network users centralized access to network files. When a folder is shared, all users by default can connect to the shared folder and gain access to the folder's content. A shared folder can contain applications, data, or a user's personal data in a home directory. Each type of data requires different shared folder permissions.

    Shared Folder Permissions

    You can assign shared folder permissions to user and group accounts to control what users can do with the content of a shared folder. The following are characteristics of shared folder permissions:

    • Shared folder permissions apply to folders, not individual files. Because you can only apply shared folder permissions to the entire shared folder, and not to individual files or subfolders in the shared folder, shared folder permissions provide less detailed security than NTFS permissions.
    • Shared folder permissions do not restrict access to users who gain access to the folder at the computer where the folder is stored. They only apply to users who connect to the folder over the network.
    • Shared folder permissions are the only way to secure network resources on a FAT volume. NTFS permissions are not available on FAT volumes.
    • The default shared folder permission is Full Control, and it is assigned to the Everyone group when you share the folder.

    Guidelines for Shared Folder Permissions

    The following list provides some general guidelines for managing your shared folders and assigning shared folder permissions:

    • Determine which groups need access to each resource and the level of access that they require. Document the groups and their permissions for each resource.
    • Assign permissions to groups instead of user accounts to simplify access administration.
    • Assign to a resource the most restrictive permissions that still allow users to perform required tasks. For example, if users need only to read information in a folder and they will never delete or create files, assign the Read permission.
    • Organize resources so that folders with the same security requirements are located within a folder. For example, if users require Read permission for several application folders, store the application folders within the same folder. Then share this folder instead of sharing each individual application folder.
    • Use intuitive share names so that users can easily recognize and locate resources. For example, for the Applications folder, use Apps for the share name. You should also use share names that all client operating systems can use.

    Planning Shared Folders

    When you plan shared folders, you can reduce administrative overhead and ease user access. To plan shared folders, you must determine which resources you want shared, and then organize resources according to function, use, and administration needs.

    Shared folders can contain applications and data. Use shared application folders to centralize administration. Use shared data folders to provide a central location for users to store and gain access to common files. This lesson outlines the points you must consider when sharing application and data folders.

    Application Folders

    Shared application folders are used for applications that are installed on a network server and they can be used from client computers. The main advantage of shared applications is that you do not need to install and maintain most components of the applications on each computer. Whereas program files for applications can be stored on a server, configuration information for most network applications is often stored on each workstation. The exact way in which you share application folders will vary depending on the application, your particular network environment, and your organization.

    Public Data

    When you share a common public data folder, do the following:

    • Use centralized data folders so that data can be easily backed up.
    • Assign the Change permission to the Users group for the common data folder (see Figure 10.4). This will provide users with a central, publicly accessible location for storing data files that they want to share with other users. Users will be able to gain access to the folder and read, create, or change files in it.

    Sharing Folders

    You can share resources with others by sharing folders containing those resources. To share a folder, you must be a member of one of several groups, depending on the role of the computer where the shared folder resides. When you share a folder, you can control access to the folder by limiting the number of users who can simultaneously gain access to it, and you can also control access to the folder and its contents by assigning permissions to selected users and groups. After a shared folder is created, you may need to modify folder sharing properties. You can stop sharing a folder, change its share name, and change user and group permissions to gain access to it. To access a shared folder, users must first have appropriate permissions and then make a connection to it. This lesson explains how to create and modify shared folders and how to connect to a shared folder.

    Requirements for Sharing Folders

    In Windows 2000, members of the built-in Administrators, Server Operators, and Power Users groups are able to share folders. The groups that can share folders and the machines on which they can share folders depend on the following requirements:

    • In a Windows 2000 domain, the Administrators and Server Operators groups can share folders residing on any machines in the domain. The Power Users group is a local group and can only share folders residing on the stand-alone server or computer running Windows 2000 Professional where the group is located.
    • In a Windows 2000 workgroup, the Administrators and Power Users groups can share folders on the stand-alone server or the computer running Windows 2000 Professional on which the group exists.

    Administrative Shared Folders

    Windows 2000 automatically shares certain folders for administrative purposes. These shares are appended with a dollar sign ($). The $ hides the shared folder from users who browse the computer. The root of each volume, the system root folder, and the location of the printer drivers are all hidden shared folders that you can access from across the network.




    Posted by at No comments:

    Administering Active Directory

    Locating Active Directory Objects

    Active Directory stores information about objects on the network. Each object is a distinct, named set of attributes that represents a specific network entity. Active Directory is designed to provide information to queries about directory objects from both users and programs. In this lesson you will learn how to use Find (located in the Active Directory Users and Computers console) to locate Active Directory objects.

    After this lesson, you will be able to

    • Identify the types of Active Directory objects
    • Use Find to locate any type of Active Directory object

    Delegating Administrative Control of Active Directory Objects

    In this lesson you will learn that you can delegate administrative control of objects to individuals so that they can perform administrative tasks on the objects. You will learn how to use the Delegation Of Control Wizard to delegate control of objects and the guidelines for delegating control.

    After this lesson, you will be able to

    • Delegate administrative control of OUs and objects

    Estimated lesson time: 20 minutes

    Guidelines for Delegating Control

    You delegate administrative control of objects by assigning permissions to the object to allow users or groups of users to administer the objects. An administrator can delegate the following types of control:

    • Assign a user the permissions to change properties on a particular container
    • Assign a user the permissions to create, modify, or delete objects of a specific type in a specific OU or container
    • Assign a user the permissions to modify specific properties on objects of a specific type in a specific OU or container

    Because tracking permissions at the OU or container level is easier than tracking permissions on objects or object attributes, the most common method of delegating administrative control is to assign permissions at the OU or container level. Assigning permissions at the OU or container level allows you to delegate administrative control for the objects that are contained in the OU or container. Use the Delegation Of Control Wizard to assign permissions at the OU or container level.

    For example, you can delegate administrative control by assigning Full Control for an OU to the appropriate manager, only within his or her area of responsibility. By delegating control of the OU to the manager, you can decentralize administrative operations and issues. This reduces your administration time and costs by distributing administrative control closer to its point of service.

  • Performing an Authoritative Restore

    An authoritative restore occurs after a nonauthoritative restore and designates the entire directory, a subtree, or individual objects to be recognized as authoritative with respect to replica domain controllers in the forest. The NTDSUTIL utility allows you to mark objects as authoritative so that they are propagated through replication, thereby updating existing copies of those objects throughout the forest.

  • To authoritatively restore Active Directory

    1. Perform a nonauthoritative restore as described previously.

    2. Restart the computer.

    3. During the phase of startup where the operating system is normally selected, press F8.

    4. On the Windows 2000 Advanced Startup Options Menu, select Directory Services Restore Mode and press Enter. This ensures that the domain controller is offline and is not connected to the network.

    5. Select Windows 2000 Server.

    6. Log on as Administrator.



    • Estimated lesson time: 15 minutes

    Understanding Common Active Directory Objects

    Adding new resources to your network creates new Active Directory objects that represent these resources. You should be familiar with some of the common Active Directory objects. Table 11.1 describes the most common object types that you can add to Active Directory.

    Controlling Access to Active Directory Objects

    Windows 2000 uses an object-based security model to implement access control for all Active Directory objects. This security model is similar to the one that Windows 2000 uses to implement Microsoft Windows NT file system (NTFS) security. Every Active Directory object has a security descriptor that defines who has the permissions to gain access to the object and what type of access is allowed. Windows 2000 uses these security descriptors to control access to objects. This lesson explains how to set permissions for Active Directory objects.

    After this lesson, you will be able to

    • Set permissions on Active Directory objects to control user access

    Estimated lesson time: 20 minutes

    Understanding Active Directory Permissions

    Active Directory permissions provide security for resources by allowing you to control who can gain access to individual objects or object attributes and the type of access that you will allow.

    Active Directory Security

    Use Active Directory permissions to determine who has the permissions to gain access to the object and what type of access is allowed. An administrator or the object owner must assign permissions to the object before users can gain access to the object. Windows 2000 stores a list of user access permissions, called the access control list (ACL), for every Active Directory object. The ACL for an object lists who can access the object and the specific actions that each user can perform on the object.

    You can use permissions to assign administrative privileges to a specific user or group for an OU, a hierarchy of OUs, or a single object, without assigning administrative permissions for controlling other Active Directory objects.

    Publishing Resources in Active Directory

    As an administrator, you need to be able to provide secure and selective publication of network resources to network users and make it easy for users to find information. The directory stores this information for rapid retrieval and integrates Windows 2000 security mechanisms to control access. This lesson explains how to publish resources in Active Directory.

    After this lesson, you will be able to

    • Publish shared folders
    • Publish printers
    • Publish network services

    Estimated lesson time: 10 minutes

    Publishing Resources in Active Directory

    Resources that can be published in the directory include objects such as users, computers, printers, folders, files, and network services.

    Publishing Users and Computers

    User and computer accounts are added to the directory using the Active Directory Users and Computers console. Information about the accounts that is useful for other network users is published automatically. Other information, such as account security information, is made available only to certain administrator groups.

    Publishing Shared Resources

    Publishing information about shared resources such as printers, folders, and files makes it easy for users to find these resources on the network. Windows 2000 network printers are automatically published in the directory when installed. Information about Windows NT printers and shared folders can be published in the directory using the Active Directory Users and Computers console.

    Moving Active Directory Objects

    You move objects from one location to another when organizational or administrative functions change—for example, when an employee moves from one department to another. This lesson shows you how to move Active Directory objects within and between domains.

    After this lesson, you will be able to

    • Move objects within a domain
    • Move objects between domains
    • Move workstations or member servers between domains
    • Move domain controllers between sites

    Estimated lesson time: 20 minutes

    Moving Objects

    In the logical environment, you can move objects within and between domains in Active Directory. In the physical environment, you can move domain controllers between sites.

    Moving Objects Within a Domain

    To reduce administrative overhead, you can move objects with identical security requirements into an OU or container within a domain. You can then assign access permissions to the OU or container and all objects in it.

  • To move objects within a domain

    1. In Active Directory Users and Computers, select the object to move, then from the Action menu, click Move.

    2. In the Move dialog box (see Figure 11.6), select the OU or container to which you want the object to move, then click OK.
    • Posted by at No comments:

    Managing Active Directory Performance

    Active Directory Performance Monitoring Tools

    Monitoring Active Directory performance is an important part of maintaining and administering your Microsoft Windows 2000 installation. You use Active Directory performance data to

    • Understand Active Directory performance and the corresponding effect on your system's resources
    • Observe changes and trends in performance and resource usage so you can plan for future upgrades
    • Test configuration changes or other tuning efforts by monitoring the results
    • Diagnose problems and target components or processes for optimization

    This lesson introduces you to the Active Directory performance monitoring tools and guides you through the steps required to set up Active Directory performance monitoring.

    After this lesson, you will be able to

    • Describe the purpose of the Event Viewer console
    • Use the Event Viewer console to view event logs
    • Describe the components of the Performance console
    • Describe the purpose of the System Monitor
    • Use the System Monitor to monitor performance counters
    • Describe the purpose of counter logs, trace logs, and alerts
    • Use Performance Logs and Alerts to create counter logs, trace logs, and alerts
    Estimated lesson time: 50 minutes

    Performance Monitoring Tools

    Windows 2000 provides several tools for monitoring Active Directory performance. On the Administrative Tools menu, the Event Viewer console allows you to view log files and error messages sent by applications. The Performance console provides a graphical way to view performance of Active Directory according to measurements, or counters, that you select. The Performance console also provides a means to log activity or send alerts according to those measurements and view the logs either printed or online.

    Monitoring Access to Shared Folders

    Microsoft Windows 2000 includes the Shared Folders snap-in so that you can easily monitor access to network resources and send administrative messages to users. You monitor access to network resources to assess and manage current usage on network servers.

    After this lesson, you will be able to

    • Identify the tool included with Windows 2000 to monitor access to network resources and to send administrative messages
    • Identify who can monitor access to network resources
    • Determine the shared folders on a computer
    • Monitor shared folders
    • Monitor open files
    • Disconnect users from one or all open files
    Estimated lesson time: 20 minutes

    Why Monitor Network Resources?

    Some of the reasons it is important to assess and manage network resources are the following:

    • Maintenance. You should determine which users are currently using a resource so that you can notify them before making the resource temporarily or permanently unavailable.
    • Security. You should monitor user access to resources that are confidential or need to be secure to verify that only authorized users are accessing them.
    • Planning. You should determine which resources are being used and how much they are being used so that you can plan for future system growth.

    Determining How Many Users Can Access a Shared Folder Concurrently

    You can use the Shared Folders snap-in to determine the maximum number of users that are permitted to gain access to a folder. In the Shared Folders details pane, click the shared folder for which you want to determine the maximum number of concurrent users that can access the folder. On the Action menu, click Properties, and the Properties dialog box for the shared folder appears. The General tab shows you the user limit.

    You can also use the Shared Folders snap-in to determine if the maximum number of users that are permitted to gain access to a folder has been reached. This is an easy way to troubleshoot connectivity problems. If a user cannot connect to a share, determine the number of connections to the share and the maximum connections allowed. If the maximum number of connections has already been made, the user cannot connect to the shared resource.

    Modifying Shared Folder Properties

    You can modify existing shared folders, including shared folder permissions, from the Shares folder. To change a shared folder's properties, click the shared folder, and then on the Action menu, click Properties. The General tab of the Properties dialog box shows you the share name, the path to the shared folder, and any comment that has been entered. The General tab also allows you to view and set a user limit for accessing the shared folder. The Security tab allows you to view and change the shared folders permissions.

    Monitoring Open Files

    Use the Open Files folder in the Shared Folders snap-in to view a list of open files that are located in shared folders and the users who have a current connection to each file (see Figure 14.8). You can use this information when you need to contact users to notify them that you are shutting down the system. Additionally, you can determine which users have a current connection and should be contacted when another user is trying to gain access to a file that is in use.

    Sending Console Messages

    To avoid data loss, you can send a message to some or all users who have an active session with the shared folders that you are managing.

  • To send a console message to a connected user

    1. Click the Shared Folders snap-in, click the Action menu, select All Tasks, then click Send Console Message.

    2. In the Send Console Message dialog box, type the message you want to send to users in the Message box.

    3. Select the computer name that will receive the message in the Recipients box, then click Send.

    • Posted by at No comments:
    Subscribe to: Posts (Atom)