Windows2003 server management three skills

Efficient management server has been inseparable from effective server management skills, although you have mastered a lot of skills in this area, but the server has a lot of skills waiting for your summary, Waiting for your mining; this is not the following server management tips that I have summarized in my recent work, I believe that many of you have rarely encountered!

Deny server restart
>

In general, after installing the patch on the Windows 2003 Server system, the system will always prompt you to restart the server. However, many of the friends of the acute family, they often can not tolerate the "slow" startup operation of the Windows 2003 Server server, so the idea that the server does not restart after the security patch is completed has emerged. Is there a suitable method that does allow Windows 2003 Server to not restart after the patch is installed? In fact, whether the Windows 2003 Server will be restarted has a certain relationship with the current system patch features; For security patches that force system startup, we generally can't let the server refuse to restart; but for those patches that don't force the system startup feature, we can take the following steps to prevent the server system from restarting:

First, in the Windows 2003 Server server system desktop, click the "Start" /"Run" command, in the subsequent system operation dialog box, enter the string command "cmd", click the "OK" button After that, switch the system working mode to MS-DOS state;

Secondly, in the DOS command line, use the "cd" command to switch the current directory to the directory where the patch is located, and then execute "aaa /?" String command (where aaa is the name of the system patch that needs to be installed currently), and the prompt interface that appears after it Check whether the current patch has the "-z" parameter. If it is included with this parameter, it indicates that the current patch cannot be forced to restart after the installation is completed;

Then in the DOS command line , then enter the string command "aaa -z", click the Enter key, the patch will be automatically installed into the system, and will not require the server system to restart.

Unblocking access to the server

In order to improve employee productivity, the organization recently planned to open access to Windows 2003 terminal servers to every employee, but considering security, the network The administrator only provides the same account for all employees to log in to the Windows 2003 terminal server. However, when employees log in to the terminal server with this account, they find that the server can only allow one person to log in to the server at the same time. After the employee logs in to the server, the former employee will be forced to log out of the terminal server. . What is going on with this phenomenon? Is there any way for all employees to log in to the server smoothly using the same account at the same time?

In fact, this phenomenon is mainly due to Windows. By default, the 2003 terminal server is enabled with the "Limit every user can only use one session" function; to eliminate this phenomenon, you just need to follow the steps below to cancel "restricting each user to only one session." "The function is all right:

First click on the "Start" menu in the Windows 2003 Terminal Server system desktop, and then execute the "Settings" /"Control Panel" command, and then double-click on the "Administrative Tools" " icon, enter the terminal service configuration window;

Then in the configuration window, double-click the "Restrict every user can only use one session" option at the "Server Settings", after which it appears In the option settings dialog box, uncheck the box for "Limit each user can only use one session", and finally click " Set "button and restart the server system, so that employees who later use the same account, you can simultaneously log into Windows 2003 Terminal Server in the system.

Remote View Server Log File

If you are a careful person, you can use the server's log files to protect the server. After all, any illegal attack on the server will be Leave clues in the server log file. As long as you are careful enough, you can know whether the server is currently attacked. Once you find any traces of attacks, you can ensure the security of the server by taking appropriate countermeasures in time. But then again, the server's log files can only be viewed locally on the server, but in case the network administrator goes out, how to ensure that the server log files can be remotely viewed by the network administrators at any time?

To do this, you can use the remote maintenance function of the Windows 2003 server and remotely view the server's log files through the IE browsing interface. Of course, by default, the remote maintenance function of the Windows 2003 server is No opening, we need to start manually. The following are the specific steps for remotely viewing the server log file:

First check if the Windows 2003 server has installed the II6.0 component and its related components. If it is not installed, you must first install these components. Go to the server;

Next, in the "Start" menu of the server system desktop, click the "Settings", "Control Panel" command, in the window that appears, double-click "Add or Delete the program icon, then click the "Add/Remove Windows Components" button in the subsequent interface, and in the pop-up component installation wizard window, select the "Application Server" option, and click on the corresponding window. "Details" button;

Then you will see a settings interface, select the "Internet Information Services (IIS)" option, and then continue to click the "Details" button in the corresponding window;

In the wizard settings window that appears, select the "World Wide Web Service" item and continue to click the "Details" button in the corresponding window. In the wizard interface shown in Figure 2, select the "remote management (html)" item; after completing the above settings, click the "OK" button and put the installation CD of the Windows 2003 server system into the CD-ROM drive. In the middle, the system will automatically complete the remaining installation setup tasks;

After that, network administrators can find a computer that can access the Internet no matter where they go, and enter "http:/through the IE browser interface. /aaa.aaa.aaa.aaa:8098" address (where aaa.aaa.aaa.aaa indicates the valid IP address of the Windows 2003 server). In the server account verification interface opened later, enter the system administrator account correctly. You can log in to the server's management and maintenance page remotely. On this page, the network administrator can easily view the log files in the server.