MCSA/MCSE 70-270 Exam Prep 2: Windows XP Professional

2017-07-07 02:10:07

When you manually install a Windows XP Professional system, you may just think it's a matter of getting your hands on a CD and popping it into a computer. However, when you deploy Windows XP Professional throughout an entire organization, even if you decide to do so manually, you can reduce errors and delays by following a carefully planned deployment.

Most projects involve five principal stagesDefine, Design, Develop, Test, and Implement, as shown in Figure 1.1. You should follow them when deploying Windows XP Professional, as well. Although there are many different project methodologies, and some are quite complex, if you boil them down to their essential elements, they fall into these five stages:

Stage 1: DefineDefining the project scope and objectives. As silly as it seems sometimes, you have to set limits to your project so that you don't end up with a task that will never end because it has no stopping point. Besides, who wants to be at the mercy of users who ask, "Can't you just add this one little thing to the project?" You also have to set objectives to ensure that your project actually meets the goals of your organization. It would be senseless to spend hours to test and implement wireless networking within Windows XP Professional if your network has no wireless access points and has a security policy that objects to wireless networking altogether. However, it would be just as senseless to ignore testing and implementing multimedia support if you are conducting a project for a graphics company. With the scope and objectives of your project in hand, you can then begin planning the project by identifying tasks and phases, specifying the people and groups affected by it, and determining the timeframe for those tasks.

Stage 2: DesignDesigning your Windows XP Professional configuration. This stage involves creating the ideal desktop to deploy to your end users. (If you are fully networked with Windows 2000/2003 Active Directory, you can also use Group Policy to make user-specific or group-specific configuration specifications rather than incorporate them into the installation itself.) Your design should incorporate the fundamental framework of the preferred Windows XP Professional configuration for your network. This phase may also involve a lab test of your preferred build to see what the logical design would actually look like. You can also design the implementation methodwhether to implement manually, use RIS, use Sysprep, or refer to third-party implementation tools for unattended installations.
Note

Selecting your implementation method will have significant impact on your project's scope You can learn more about unattended installations in Chapter 2 of this book, plus you can read up on them in Microsoft's white paper titled "Implementing Windows XP Deployment" at http://www.microsoft.com/technet/prodtechnol/winxppro/deploy/depovg/depxpii.mspx.

Stage 3: DevelopDeveloping the final configuration. During the development phase, you will likely make changes to your original design. Mainly this phase is to gather or create all the resources necessary to conduct your deployment. For example, if you were to design a standard desktop configuration that included most of the Windows XP features and planned to deploy it through RIS, then the development phase would include creating the unattended installation files for RIS, assembling the RIS server(s) required, along with providing for any network requirements to enable RIS across wide area networks (WANs), if that was a consideration on your network.

Stage 4: TestTesting is the fourth stage of the project. This stage involves:
- Testing the actual final design of the desktop to ensure that it meets users' needs
- Analyzing hardware compatibility with the devices on your network
- Testing application compatibility with the applications that your users must have to be productive
- Examining the implementation method to ensure that it will function properly when the project is rolled out
- Developing and testing a rollback method so that you can restore the computer to its former state just in case a severe problem takes place
During the testing stage, you should prioritize your tests to ensure that critical applications and uses of the operating system will receive the greatest focus. Giving minor problems a lower priority will help you avoid delays in the project.
In fact, the testing phase is simply the process of trying to break your designed configuration of Windows XP Professional, and then fixing anything that does break during testing before it gets in the hands of end users. This phase should involve a pilot test where you place your final configuration into a production environment with a small control group of users. These users can then conduct business and report back to you any problems that they run into while using your configuration. Users always find something that you may not have thought to test for while in the lab, mainly because they utilize features of applications in different ways than you might try in a lab environment.

Stage 5: ImplementDeploying the operating system throughout your organization as defined in the scope of the project. This final stage should include:
- Notifying the affected users and groups of the deployment with some advance notice
- Installing any distribution servers if needed
- Training the users on the new interface and features of Windows XP Professional
- Backing up data on the users' computers, if applicable
- Upgrading or replacing incompatible hardware
- Conducting any additional preparation tasks such as running system checks or defragmenting the hard drives
- Installing the operating system itself
- Migrating user-specific data back to the newly installed PC
- Conducting a quality analysis of the computers to ensure that they will boot up and run critical applications

Figure 1.1. You can apply the five principal stages of projects to Windows XP installations.

Hardware Requirements

The base hardware requirements for Windows XP Professional are listed in Table 1.1. Although these are the minimum hardware requirements for supporting the operating system, they are not necessarily adequate to support additional applications or for reasonable performance. The Recommended column in Table 1.1 should be your minimum starting point. When designing the hardware requirements for installation, you should allow for extra RAM and hard disk space and probably a faster processor for applications.

Table 1.1. Minimum Hardware Requirements for Windows XP Professional
Device	Minimum	Recommended
Processor	Intel Pentium/Celeron running at 233MHz or higher	Intel Pentium II/Celeron running at 300MHz or higher
RAM	64MB	128MB
Hard disk	650MB available on a minimum 2GB size disk	2GB available on any size disk
Monitor	VGA (800x600)	Super VGA (800x600 or higher resolution)
Disk drives (for CD installations)	CD-ROM or DVD drive	CD-ROM or DVD drive at 12x or faster speeds
Other	Standard keyboard and mouse or other pointing device	Standard keyboard and mouse or other pointing device

If you want to access a network, you should have a network adapter installed that is compatible with the network infrastructure. For Internet access, at a minimum you need a 14.4-Kbps modem or higher to dial up to an Internet service provider (ISP). Video conferencing, voice, fax, and other multimedia applications generally require 56-Kbps modems, microphone, sound card, and speakers or headset. Video conferencing itself requires a video conferencing camera.

Hardware Compatibility

Microsoft makes it easy to check your hardware's compatibility by providing a list of supported hardware. Links to the Windows Catalog and Hardware Compatibility List (HCL) for several Windows operating systems are located at http://www.microsoft.com/whdc/hcl/default.mspx. The Windows Catalog and HCL are not comprehensive. You can check hardware compatibility by contacting the manufacturer of the device if you cannot find it on the Microsoft website.

An issue that can interrupt the installation process is the use of incompatible critical device drivers. If a compatible driver is not available, Setup stops until updated drivers are found. Operating system upgrades will not migrate Windows 98 or Windows Me drivers. The only way to ensure a smooth installation is to make certain you have all the drivers available at the start of the installation process. Do not be concerned about unattended installations because there is a folder in which you can place any additional or updated drivers for hardware that is not included in the base Windows XP files.

Before you deploy Windows XP Professional on any system, you should ensure that the hardware and BIOS are compatible with the operating system. Older hardware may not have a compatible BIOS even though the devices within the PC itself are all listed in the Windows Catalog or HCL. The original equipment manufacturer (OEM) should have an updated BIOS available that can be downloaded from the OEM's website.

If you have an Internet connection, you can use the Dynamic Update feature to connect to the Windows Update website during setup. Windows XP automatically downloads and installs updated drivers during the setup process from the Windows Update website.

Software Compatibility

One of the more difficult parts of the development and testing phase of an operating system deployment project is to handle software compatibility, or rather, software incompatibility. The operating system that you deploy is important because it provides the basic functionality for the computer, but productivity usually depends upon business applications that are installed, which makes applications more important to the organization. If an application is not compatible with the operating system, you have the following options:

Upgrade the application to a compatible version.

Replace the application with a similar type of application that is compatible with Windows XP Professional.

Retire the application.

Use the AppsHelp/AppCompat Database technology to trick the application into believing it is compatible with the operating system, thereby preventing problems during an upgrade.

Before you are faced with these decisions, your first task in determining software compatibility is to identify all the applications that are used and that will be installed in your deployment project. You should develop a matrix of applications that is organized according to priority of business productivity and by number of users that use the application. For example, if you determine that 100% of all your users use APP A, but that it does not directly contribute to business productivity (such as an antivirus application), you would place it in the high use, low productivity quadrant. If you determine that 10% of your users use APP B, and it contributes highly to business productivity, you would place it in the low use, high productivity quadrant. If 5% of users use APP C and it has no impact on business productivity, you would place that in the low use, low productivity quadrant. The applications in that low use, low productivity quadrant are the ones that you should analyze for potentially retiring. If you find that 90% of all users use APP D and it is considered business-critical, you would put APP D in the high use, high productivity quadrant. All applications in this quadrant should receive priority during the project.

You may decide to include additional criteria to your matrix to better pinpoint the applications that will require more of your time during the project. For example, you could identify which applications are developed for Windows XP, and which are developed specifically for older Windows operating systems, and furthermore, which have been developed in-house. Applications that have been developed for Windows 95 or Windows 98 may not run properly on Windows XP. Those applications that were developed for Windows NT, either v3.5 or v4.0, may also be incompatible with Windows XP. Antivirus applications are typically incompatible if they were developed for older Windows versions.

After you have an inventory of your current software, you should then build a test lab and test the applications with Windows XP. With each application that has compatibility problems, you should decide whether it is important enough to fix the application. If it is important, you should then determine the fixes you need to undertake to make it compatible. You can then package the fixes using the Compatibility Administrator tool (CompatAdmin), which is part of the Windows Application Compatibility Toolkit. Finally, you should test the deployment and perform a quality assurance check on the test PCs to see whether the applications install and run properly.

Note

CompatAdmin and Windows Application Compatibility Toolkit locations You can obtain additional information about CompatAdmin at http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/compadmn.mspx. For Windows Application Compatibility Toolkit information, visit http://support.microsoft.com/default.aspx?scid=kb;en-us;294416.

Tip

If you decide to upgrade computers on your network, you can use the Check Upgrade mode of Windows XP Professional Setup. This process produces a report that flags hardware or application compatibility problems that you may encounter during an actual installation. To use Check Upgrade mode, execute the d:\i386\winnt32.exe /checkupgradeonly command from a command prompt (where d: represents the CD or DVD drive that contains the Windows XP CD).

Network Requirements

In a Windows XP Professional deployment, you must be able to identify which network protocols and network hardware are used on your network. Network protocols affect how you configure the computer, especially if there is some problem with addressing. When you install Windows XP, it will not connect to the network properly if it does not use a compatible protocol or does not have a correct address.

The network hardware you use on the network affects the options you have available for deployment. For example, if you have no servers on your network and/or no peers with enough hard disk space to hold the installation files, you will be unable to install Windows XP over the networkattended or unattended. If you have servers but they do not run Windows 2000 or Windows 2003, you will not be able to use RIS. If you do not have sufficient bandwidth, you will not be able to run the installation across the network either.

To assess your network, you should collect the following information:

Network protocols

Addressing format and address resolution

Naming conventions and name resolution

Network serversserver operating system, names, IP addresses, domain membership, file and print services, directory services, and authentication

Network sites and available bandwidth between the sites

Routers, hubs, switches, printers, bridges, other peripherals, firewalls, and proxy servers

A thorough network assessment includes physical and logical diagrams of all sites, documenting each physical link, its speed, IP address and available bandwidth, and the location of each piece of equipment. The logical portion should show server roles, Domain Name System (DNS) servers, Windows Internet Name Service (WINS) servers, Dynamic Host Configuration Protocol (DHCP) servers, trust relationships, and your domain architecture.

When the Windows XP Professional computer is a network client, you need to determine how to connect that client to the network. Keep in mind that large internetworks tend to be hybrids, having a mixture of network media. If one client is intended to connect to a token ring network, whereas another is intended to connect to a wireless network, you need to plan for the appropriate network adapter, drivers, and installation method.

The standard network protocol for Windows XP Professional is Transmission Control Protocol/Internet Protocol (TCP/IP). If you intend to connect to a network that has NetWare servers that do not use TCP/IP, you also need to configure the NWLink protocol, which is Microsoft's equivalent to the Internetwork Packet eXchange/Sequenced Packet eXchange (IPX/SPX) protocol. On the other hand, you should not install any additional protocols if they are unnecessary because they will generate additional network traffic.

DHCP servers automatically provide IP addresses to each DHCP client on the network from a pool of addresses. When a network device releases its IP address, the address can be reused for another DHCP client. This averts IP address conflicts, as well as helps distribute IP addresses efficiently, along with extended information such as DNS server data. Even if your network uses DHCP services, you should be aware of IP addresses used on each network link. This helps if you have to troubleshoot a problem with connectivity. If your network uses static IP addresses, you need to have an IP address for each network client you install.

Domain Membership

Windows XP Professional computers can participate in both Active Directory and Windows NT 4.0 domains by becoming members of the domain. Keep in mind that Windows XP Home Edition cannot participate in a domain as a member, but can access data on a domain server. Domain membership in an Active Directory domain requires the TCP/IP protocol and proper DNS server identification.

Challenge

You are a network administrator who is preparing to install Windows XP Professional on a large number of computers that will be part of a domain. To test whether you can join a domain, you should first be able to communicate with a domain controller. You should be able to perform this process on your own based on what you have learned so far.

If you have trouble with the process, you can determine whether the computer is able to join a domain by performing the following steps:

1.	Right-click the My Computer icon on the desktop.
2.	Select Properties.
3.	Click the Computer Name tab.
4.	Ensure that the name of the workgroup is the same as the name of the domain that you intend to join.
5.	Apply the changes.
6.	Double-click the My Network Places icon on the desktop.
7.	Locate the domain controller and double-click it.
8.	Make certain that you can browse network resources.
9.	Log off the computer and log on again to disconnect completely from the domain controller.
10.	Now you can join the domain. Right-click My Computer and select Properties.
11.	Click the Computer Name tab.
12.	Click Change.
13.	Click the Network ID button.
14.	Click Next in the Network Identification Wizard welcome screen.
15.	Select the This Computer Is Part of a Business Network, and I Use It to Connect to Other Computers at Work option and click Next.
16.	Select the option for My Company Uses a Network with a Domain and click Next.
17.	Click Next at the reminder to have the correct information to join the domain.
18.	Type the user name, password, and domain name. This must be the name of a user that has the authority to join the domain. Click Next.
19.	When you receive the message `Welcome to the` `domainname` `domain`, you have successfully joined the domain.
20.	Exit the My Computer properties and you are prompted to restart the computer.
21.	A new logon screen appears, where you need to press Ctrl+Alt+Delete to log on to the domain.

Workgroup Membership

When you install a peer-to-peer network of Windows XP Professional and other Windows computers, you need to ensure that each computer is connected and that they are all running the same protocol with correct addressing. The only other thing you need to do is to ensure that each computer within the peer-to-peer network is a member of the same workgroup.

Because the Windows XP Professional computer is a peer on the network, it not only needs to access other files and printers, but it needs to share its own files and printers. To do this, you should install File and Printer Sharing if it is not installed already on the computer. To install File and Printer Sharing:

1.	Double-click My Network Places.
2.	Select View Network Connections in the left pane.
3.	Right-click the network connection representing your network adapter.
4.	Click Properties.
5.	Click the Install button, as shown in Figure 1.2. Figure 1.2. Click the Install button in the Properties dialog box to install File and Printer Sharing.
6.	Click Service.
7.	Click Add.
8.	Select File and Printer Sharing for Microsoft Networks.
9.	Click OK.

With File and Printer Sharing installed, you still cannot share files and printers until you specify which should be shared. To share a file or printer, follow these steps:

1.	Locate the resource to be shared and right-click it.
2.	Select Sharing and Security from the shortcut menu.
3.	Select the Share This Folder on the Network check box.
4.	If you want users to be able to add, change, or delete files, select the Allow Network Users to Change My Files check box, as shown in Figure 1.3. Figure 1.3. Select the appropriate option to give other users permission to change your files.
5.	Click OK.

The file-sharing capabilities in Windows XP are simplified such that all users have identical rights to files based on how you originally share the resource. This means that either all users can read the files, or all users can change the files. This is through the ForceGuest behavior inherent in Windows XP Professional, which simply means that when the Windows XP Professional computer is a member of a workgroup, all connections to the computer are forced to use the Guest account, even when a user name and password are provided. This simplifies the peer-to-peer network quite a bit because you do not need to configure user names and passwords that are identical on all the peers.

You can disable ForceGuest and change the folder options to not use Simple File Sharing. If you do so, the computer behaves as though it were a Windows 2000 Professional peer.

Note

Checking the Access Control List If you are using NTFS for the file system, you can check the access control list of a folder with the cacls command. Click Start, Run, and type cmd in the Open text box. Press Enter to open the Command Prompt window. At the prompt type the following: CACLS C:\FOLDER

File System Considerations

Windows XP Professional supports three file systems:

File Allocation Table 16 (FAT16)

File Allocation Table 32 (FAT32)

NT File System (NTFS)

FAT16 is a 16-bit file system, whereas FAT32 is a 32-bit file system, both of which have grown out of the Windows 95/98/Me family. NTFS is the 32-bit file system that has come from Windows NT.

In a corporate environment, or in any peer-to-peer network, you should consider NTFS to be the optimum file system to use. It has the basic functionality that FAT16 and FAT32 provide, plus it supports improved security, file encryption, file compression, and larger partitions and files. For scalability, NTFS can ensure your file system will support the larger hard disks and will not degrade in performance.

Fault tolerant features are incorporated in NTFS. The file system automatically repairs disk errors without displaying error messages. When Windows XP writes files to the NTFS partition, it saves a copy of the file in memory. It then compares the file on the disk to see whether it is the same as the copy in memory. If the two copies aren't equivalent, Windows XP marks that section of the disk as bad and rewrites the file to another disk location.

The security within NTFS allows you to set permissions on folders and individual files. FAT16 and FAT32 do not. Furthermore, to use the Encrypting File System (EFS), you must have NTFS as your file system. EFS allows you to protect your files and folders from unauthorized access on the local hard drive through the use of public key security. In public key security, users are issued digital certificates with a pair of keysone public and one private. EFS uses the keys to automatically expose or hide the files, depending on whether the computer's current user has the matching private key. Even though a user has encrypted a file on the local computer, the user can still access and use the file normally because Windows XP automatically decrypts the file with the user's private key. Other users cannot use the file and see only an Access denied message if they attempt to do any file operations on that file, including copying, moving, renaming, deleting, or opening it. EFS is important for both mobile users and shared computers. Figure 1.4 shows the Advanced Attributes dialog. Remember that you cannot select both encryption and compression; you can select only one or the other.

Figure 1.4. Select the Encrypt Contents to Secure Data option in the Advanced Attributes dialog box to encrypt a file or folder.

NTFS enables you to set disk quotas. When a computer is used by multiple people, you can control the amount of disk space each person can use on that computer. In Figure 1.5, you can see the Quota tab of the Local Disk Properties dialog box with quotas enabled and configured. Disk quotas are allotted to individual users on a per-volume basis. Users will not see a disk quota message. Instead, when a user looks at the available disk space, it displays only the amount of space available for that user's disk quota. If users attempt to exceed their allotment, they are given the message that the disk is full.

Figure 1.5. You can limit the amount of disk space used by all users by setting disk quotas.

Native NTFS file compression enables users to select individual files or folders to compress. Because the file system takes care of the compression algorithm, any Windows application can read or write a compressed file without having to manually decompress the file beforehand. File compression is supported only when NTFS has a cluster size of 4KB or smaller. Figure 1.4, earlier in this section, shows the file compression dialog box, which is also includes a file encryption option.

Aside from features, your existing file system used on the computer will give you some guidance as to which file system to choose for Windows XP. If you are performing a clean installation of Windows XP, you may select any of the three.

Exam Alert

Upgrading considerations If you are upgrading an existing Windows system that already uses NTFS, you should keep NTFS. If you are upgrading Windows systems that use FAT16 or FAT32, you can convert the partition to NTFS during the setup process. However, you cannot uninstall Windows XP Professional and revert to the former operating system with this option. If you have a Windows 98 FAT32 volume that has been compressed, you cannot upgrade the computer until that volume is uncompressed, regardless of which file system you select.

Dual-boot systems also require you to think through the file system choice. Although you may use both an NTFS and a FAT partition on the same computer, the operating system using the FAT partition cannot access files in the NTFS partition. However, Windows XP can access both partitions.

Product Activation

The highly controversial Windows Product Activation (WPA) was put in place by Microsoft to deter piracy. The premise is that each computer installed should have a unique identifier associated with the software with which it was installed. The WPA addition, however, does cause some planning issues for a large deployment. In a simple installation of a single Windows XP system, WPA is just a matter of contacting Microsoft via the Internet (the easiest method) or phone and obtaining the unique identifier. In a large deployment, WPA is complicated by the fact that generally a network installation uses the same file source for each computer installed. This is why Microsoft does not require WPA for customers who use Microsoft's volume licensing programs and use the volume licensing media for the installation. Luckily, the minimum number of licenses needed to participate in the volume licensing program is five, so almost any organization can use this method and avoid the WPA issue.

How WPA works is straightforward: It generates a unique identifier for your computer by combining your hardware ID with the product key. This ID is sent to Microsoft, which then checks to see whether that product key has been used for more than the number of systems that the End User License Agreement (EULA) allows, which is simply one system. If this check passes, your computer receives a confirmation code that activates Windows XP and the issue of WPA goes away. If the check fails, your system is not activated and you cannot log on interactively after the 30-day activation period is over.

If you do use media that requires WPA, you can use unattended activation to automate WPA in the unattended answer files. WPA also works with Sysprep to roll back activation for drive imaging.

If you have a computer that is not connected to the Internet and does not have a modem available for connection purposes, you are required to manually activate it. To do so, you run through the WPA process when prompted to activate the computer, and you will obtain an installation ID number. Then you call the Microsoft Activation Call Center to obtain a confirmation ID. Finally, you input the confirmation ID number in WPA.

When you use WPA, regardless of the method, the information in the ID submitted to Microsoft indicates the following:

System volume serial number

Network adapter Media Access Control (MAC) address

CD-ROM or DVD-ROM ID

Display adapter ID

CPU ID and the CPU serial number

Hard drive ID

IDE controller ID