System Administrator Quick Start

The computer network is extending to every corner of the world. Maybe tomorrow, the new network will be built, and the lack of manpower may make you a system administrator.
In the face of diverse and complex devices, there are many requirements for users. Are you confused,
How eager to quickly familiarize yourself with the entire system and turn embarrassment into the past.
This article does not provide a tip once and for all. It is just for beginners to introduce some necessary knowledge about system management based on their personal experience, so as to provide a quick start.

Generally, the network system is divided into five parts: host system, switching equipment, routing equipment, wiring system and other auxiliary systems, such as UPS and regulated power supply.
Fortunately, after system integration,
For example, the Cabling System and Auxiliary System have been successfully debugged at one time. Exchange devices and routing devices are also generally ready,
At most, you need to make some minor changes.
As a system administrator, you only need to understand the meaning of the status lights of these devices and determine whether a hardware fault has occurred. Generally, a small fault occurs. After the device is switched OFF and restarted, most of them will be automatically ruled out.
Most real problems need to be solved by the vendor. That is to say, the key to getting started is to master the host system that accounts for 1/5 of the total, so that you can easily deal with them.
Of course, you may make some configuration changes on the switch and routing devices, but that is what you did after becoming a Senior Administrator. This is not mentioned here. The following is the focus of the quick start.

User Management
Whether it is UNIX or NT, user management is the first place. As a newbie, you must first master operations such as adding, deleting, and limiting users.
This includes two aspects: one is a management tool set that learns to use a friendly graphical interface, and the other is the/usr/bin/admintools tool set in the Openwin environment in the SUN Solaris system;
Sysadmsh management Shell is used in sco unix to manage users. In Novell systems,
You only need to use the Syscon menu to add, delete, and restrict users and user groups. For the same batch management of multiple users, use makeusr and userdef utilities;
In NT, use the domain user management tool or user management tool under the management tool (public) group in the program group. With these tools, you can easily and clearly create, delete, lock, and restrict permissions.
In the management and control panel of the user group under NT, the System property program is used to manage the brief file of user environment settings. The System Policy Editor is used to configure a computer or user-based configuration for a domain and write logon scripts.
The second is to learn the user management under the character command line, mainly in UNIX or Linux environments, including using the editing tool Vi, emacs and other operations on/etc/passwd or directly using addusr,
Deleusr and other user management commands, and use the pwconv command to make the/etc/passwd consistent with the shadow file, use the SCO/etc/rmuser command to delete the user, and use the newgrp command to add the user to the new group, in addition, it includes the command mkdir for creating user directories,
The command chown and chgrp are assigned to user attributes and group attributes, and quota is used to limit the size of user regions. This command is used to prevent the user region from occupying too much hard disk space and causing system crash. Note: If you want to strictly restrict user permissions,
You can use/usr/lib/rsh for shell registration. The user's. profile and. login files can use the system standard configuration file, or you can set it in. profile, and use the SU command or SUUsername to enter the user environment for specific detection.
In addition, for the user's message publishing system, the Alert function is used in NT, and for the remote host, the computer | send message function in Server Manager is used.
Use the send command in Novell. In UNIX, you can use the wall or write command or the daily message file/etc/motd or news command to issue the/usr/new file.

Security and log management
As a system administrator, you must be able to identify the cause of a system accident, which involves viewing and analyzing the system logs. In NT, use Event Viewer in the Administrative Tools menu to view the SYSTEM,
SECURITY and APPLICATION log files. For Netware, the error LOG is the SYS $ LOG. ERR file,
View file server errorlog observation records under supervisor options in the syscon menu. In addition, the file volume error LOG file is VOL $ LOG in each file volume. LOG and Transaction Tracking System Error LOG file SYS: TTS $ LOG in the file. ERR file;
Logs in UNIX include the system error registration file message under the/usr/adm directory, the sulog file used for the su command, the registration file lastlog for the last registration time for each user, and the registration in the system. user-related information files (wtmp,
The content item file acct of the Command executed by each user and the log files generated by utmp and other applications for the currently registered user under the/etc directory. For some of the log files, you can use the who or w command to view the logon users of the current system.
(In the XENIX system, you can also use the whodo command to determine the behavior of the current user.) The last command can view the previous logon status. These commands can be combined to use grep for Conditional Control Selection and filtering; use find to view the file and its owner,
Especially monitors processes and files with root access and checks the boot file/etc/inetd. conf,/etc/rc. local,/etc/passwd and corn or at run files, and use the corntab-l and corntab-r commands to list and delete users' corntab files;
Use ls-lR to generate a master checklist, generate a new table on a regular basis, use the diff command for comparison, and make the new table that has passed the check a new master checklist until the next check. I strongly recommend that you comment out all r-hitting command files in inetd. conf,
Remove all items in/etc/hosts. equiv and do not allow users to set up personal. rhosts files, so that trusted hosts are not set up or empty to enhance system security.

System Process Management
In UNIX, System Reporting Commands include df to report the number of free disk blocks; du to summarize disk usage; nice to change the priority set by a command; Pstat to report system information, such as a node table or table;
Sar is used to report the system activity status, such as CPU usage and buffer activity status. time is used to print the past time, system time, and command execution time;
Uptime is used to report system activity status, such as system startup time and running time;
Vmsfat is used to report the number of pages and system statistics, such as the pivot point. Ps-ef in ps-aux in bsd unix or system V and ps aux in LINUX are used to view the process status and its host
And use the kill command to stop abnormal processes in time. In NT, use Task Manager to view cpu and memory usage,
In addition, performance monitor is also used for status monitoring and time adjustment.
It is worth noting that with the expansion of network applications, viruses have become a major threat to network security. Therefore, installing a virus detection and removal tool on the network is required for network management.

Backup management
As a more important system, timely backup is necessary. In the beginning, you must develop the habit of timely and scheduled backup. Master the basic backup methods and procedures, and use the basic backup and restoration commands,
For example, use the NTBackup program in the management tool set in NT. Because there is no scheduling capability in Backup, Backup must be manually completed or scheduled using the AT command line; and a third-party Backup solution is used.
In UNIX, System V uses tar, cpio, backup, restor, and rolcopy, while in BSD, tar, dump, restor, and so on. In SCO, sysadmin is used for file system backup and file recovery.
Backup must also be scheduled to specify the backup time, including full backup and Incremental backup. For example, you can perform weekly full backup and Incremental backup once a day, or if the system does not change frequently,
You can perform full backup once a month and Incremental backup once a week.

Recovery and fault tolerance Management
When a system failure occurs, the system administrator must be able to locate and solve the problem. This relies on analysis of error information and log files on the console,
More importantly, daily backup and preparation of emergency system disks. For NT, the system boot disk and Emergency Repair Disk are created,
And use Disk Adminstrator to create images and other RAID operations. UNIX also relies on the establishment of system installation disks and emergency repair disks.
In particular, after the system makes any changes, it is necessary to re-generate a new system recovery disk, and perform synchronous backup and use the single-user mode to eliminate most of the system's problems,
That is, the key is to use the boot-single command at startup. Of course, the Administrator's password must never be forgotten. Otherwise, it will cause a lot of trouble,
However, it is necessary for administrators to apply password restrictions to themselves and other users, such as the length and date of passwords and other restrictions.
Too many simple passwords may cause insecure risks. In terms of fault tolerance, various maintenance system commands, such as the super block maintenance command SYNC and the file system check Command fsck, are often run.

File System and switch machine Management
In all multi-user systems, because file buffering is widely used, modifications to files are made in the memory before being written to the disk. kernel programs regularly refresh these buffers,
To keep files synchronized with the buffer range. Therefore, shutdown without terminating the system will often cause synchronization damage and file system errors. In NT,
Use the disable System option in the Start menu to disable the system;
UNIX uses shutdown, halt (haltsys), reboot, and other commands. It is generally recommended to use shutdown and parameters to shut down or enter the backup status of a single user,
Power off is not allowed until the Shutdown program is completed, which must be kept in mind in any case.

In addition, during file system maintenance, you should always run the super block consistent command sync, file system check and Error modification command fsck, and use the mkfs command to create a file system,
System V's fsstat will report the status of the file system and the device management commands mount and umount. In NOVELL, the FILER menu is used to manage the file system of the file server.

Network Management
Network management, including debugging for Email, DNS, and WWW. For emails, use sendmail-bt-C filename,
Or mail the user first, then telnet host 110, and debug it through the user username; pass passwd; list; retr *; quit and other pop3 commands. For DNS, use the nslookup command for domain name resolution,
Check whether the IP address can be correctly parsed. For WWW, check through the browser.
In addition, view ~ For NT, use the server manager in the management tool to check whether each service program is running normally. The other detection steps are the same as those in the UNIX system,
Instead of using the sendmail command, use telnet host 25, use helo host, send from: <yourname @ hostname>, rcpt to: <username @ hostname>, data, messagebody, ". ",
Exit and other smtp commands for detection. POP3 commands are the same. WWW management is directly implemented through the online management method in the form of http. The operation is simple and clear, so there should be no problems.

In daily network management, ping is used to check the network connection status, netstat is used to check the Protocol statistics and the connection status of the current network, ifconfig is used to set network interfaces, and tracert is used to monitor the routing status. To N