Final Exam Study Guide CSED 430		December 8 2006

=====================================================

Next Wednesday's exam will be open-book. The exam will start officially at 6:00.

======================================================

Some topics. There will be some overlap with Exam 1; however, the 
Common Scenarios material will NOT be on the final exam.

Overview of steps in setting up a network:
    set up network
    	* cabling/wireless
    	* router connecting to the Internet
    set up domain controller
    	* dhcp service: must hand out IP addr, DNS, router info
    	* dns service
    	* enable Active Directory
    	* establish OUs for users & machines
    	* create GPOs to implement group policy
    	* add machines to domain; place in proper OU
    	* create user accounts; place in proper OU
    	* create shared folders, and advertise them in AD
    	
Troubleshooting tips
	* search for error message explanations on the Internet
	* reread the documentation
	* enable additional logging
	* Try to pinpoint the problem: if, for example, you're not sure
	  if the problem is due to network failure or something wrong with
	  the permissions, try to verify the network status independently, 
	  with the goal of either determining that, yes, the network is
	  the problem, or, no, the permissions (or something else) 
	  are the problem.

backups

How does Group Policy work? Where do the settings get made?

Why do Group Policy settings sometimes take *two* logons to take effect?

Roaming profiles
My Documents redirection
mounting home directory as drive H:
	net use H: \\winserver\homes\pdordal
	net use H: \\winserver\homes\%USERNAME%
	
Creating a preconfigured default profile, that first-time users will
inherit automatically (whether they can then change the settings on 
their own will depend on whether they are allowed to do so). 
Steps for STANDALONE MACHINES:
	1. Create a new account, say bob
	2. Log in to bob, and make all the desired settings
	3. log out of bob; reboot if necessary
	4. Go to Documents and Settings
	5. Move the existing folder "Default User" to, say, Default.old
	6. Copy folder "bob" to "Default User"
	7. Make sure the NTFS permissions on Default User are the same
	   as on Default.old; in particular, Everyone needs Read permission.
	8. Copy this Default User folder to other machines as necessary.
	
Steps for DOMAIN machines:
	Create the new profile as above, but copy it to the NETLOGON
	share of the server (again in folder Default User). Consult
		net share
	to find the location of the NETLOGON share.
	   

What is the goal of DeepFreeze/Disk_Protection/CenturionGuard?
What problems does it solve? What problems does it NOT solve?

What conflict might you foresee between DeepFreeze and GPOs?

Why can't you just use your ISP's DNS server for your own DNS server?



Remote Software Installation:
	Need for *.msi files
	What are the differences:
	"published to user", "assigned to user", "assigned to machine"
	
===========================================================

There may be one question on OUs and GPOs, like that on exam 1


NTFS and file permissions
	chapter 13 of RK, ch 17 p 704ff
(Local) User Rights
	RK appendix B
		
How to prohibit new executables using Software Restriction Policy