Colocation server 15 july 17

Page 1

COLOCATION SERVER

Description 

Windows Server 2003 was the follow-up to Windows 2000 Server, incorporating compatibility and other features from Windows XP. Unlike Windows 2000 Server, Windows Server 2003's default installation has none of the server components enabled, to reduce the attack surface of new machines. Windows Server 2003 includes compatibility modes to allow older applications to run with greater stability. It was made more compatible with Windows NT 4.0 domain-based networking. Incorporating and upgrading a Windows NT 4.0 domain to Windows 2000 was considered difficult and time-consuming, and generally was considered an all-or-nothing upgrade, particularly when dealing with Active Directory.[by whom?] Windows Server 2003 brought in enhanced Active Directory compatibility, and better deployment support, to ease the transition from Windows NT 4.0 to Windows Server 2003 and Windows XP Professional.

Networked NT machines can be: 

Primary Domain controller 

  

 

Centralizes user database/authenticat ion

Backup Domain controller Domain member Non-domain member

Trusted domains Trusting resources

Security viewpoint

Four main components:  Executive

(kernel mode)  Protected Servers (user mode)  Network Subsystem (both kernel and user modes)  Administrator tools (user mode)

Handle tables 

Each process has a table of “object handles” which enable the process to access those resources 

Maintained by object manager

Each handle describes the type of access the process has to the object (read, write, etc)

The object manager ensures that access is only granted if compatible with the handle

When a process requests a new resource for the first time, the Object Manager asks the Security Reference Monitor to decide if the process may acquire the handle.

Security-related servers   

  

Winlogon Session Manager Local Security Authority Security Accounts Manager (SAM) Service Controller Event Logger

Local Security Authority Subsystem Service (LSASS) Invoked at login time, it verifies the user authentication and grants the system access token (SAT), which is used to start the initial shell and is inherited by all programs spawned during this login session  Performs audit functions  Operates in user mode 

Thank You  

Read more Log on to

: :

colocation server www.spsysnet.com

Turn static files into dynamic content formats.

Create a flipbook
Issuu converts static files into: digital portfolios, online yearbooks, online catalogs, digital photo albums and more. Sign up and create your flipbook.