Efficient management of servers has always been inseparable from effective server management skills, although you have mastered a lot of this skill, but the server has many skills are waiting for your summary, waiting for your excavation; Some of the following server management tips is the author in the recent work summed up, I believe there are many you have rarely encountered!
Deny server restart
In general, after you install the patch on a Windows 2003 Server system, you are always prompted to restart the server. But many impatient friends, they often can not tolerate the Windows 2003 server server "Slow" startup operation, so hope that after the security patch, the server will not restart the idea of the emergence. Is there a good way to do this so that the Windows 2003 Server server does not restart after the patch is installed? In fact, the Windows 2003 Server server will restart, with the current system patch features have a certain relationship; For those security patches that force the system to boot, we generally cannot allow the server to refuse to reboot, but for patches that do not require the system startup feature, we can take the following approach to prevent the server system from restarting:
First, in the Windows 2003 Server System desktop, click the start/Run command, and then in the System Run dialog box that opens, enter the string command "cmd" and click the "OK" button to switch the system operating mode to MS-DOS state;
Second, in the DOS command line, the "CD" command to switch the current directory to the directory where the patch is located, and then perform "AAA/?" String command (where AAA is currently required to install the system patch name), in the subsequent prompt interface, check whether the current patch with the "-Z" parameter, if the parameter, it indicates that the current patch after installation can not force the system to restart;
Then in the DOS command line, and then enter the string command "Aaa-z", click the return, the patch will be automatically installed on the system, and will not require the server system to restart.
To remove restricted access to the server
To improve employee productivity, the unit recently intended to open Windows 2003 Terminal Server access to every employee, but with security in mind, network managers only provided the same account for all employees to log on to Windows 2003 Terminal Server. However, when using this account to log on to the Terminal server, the employees found that the server could only allow one person to log on to the server at the same time, and the former employee was "forced" to log out of the Terminal server after the employee logged in to the server. What is happening to this phenomenon, there is no way to let all employees at the same time, using the same account can be successfully logged on to the server?
In fact, the above phenomenon, mainly because Windows 2003 Terminal Server in the default state, the "Restrict each user can use only one session" feature, to eliminate this phenomenon, you just follow the steps below to cancel the "restrict each user to use only one session" feature:
First click on the Start menu in the Windows 2003 Terminal Server System desktop, execute the Settings/Control Panel command in turn, and then double-click the Administrative Tools icon in it to enter the Terminal Services Configuration window;
Then, in the Configuration window, double -click the "Restrict each user to use only one session" option in the "Server Settings" section, and in the Option Settings dialog box that appears, uncheck the box "limit each user to one session only", and then click the OK button. and restart the server system so that employees can log in to the Windows 2003 Terminal Server System at the same time by using the same account in the future.
Remotely View server log files
If you are a careful person, you can use the server's log files, to achieve the purpose of securing the server, after all, any illegal attacks on the server will leave traces in the server log files, as long as you are careful enough to know whether the server is currently under attack, if there is a trace of the attack, As long as the timely response to the appropriate measures to ensure the security of the server. But then again, the server log files can usually only be seen on the server locally, but in the event of network management personnel out of town, how to ensure that the server log files can be remotely viewed by network administrators at any time?
To do this, you just take advantage of the Windows 2003 Server Remote Maintenance function, and through the IE browsing interface, you can view the server log files remotely, of course, in the default state, the Windows 2003 Server Remote Maintenance function is not open, we need to manually boot. Here are the steps to view the server log files remotely:
First check that the Windows 2003 server has installed the II6.0 components and their related components, if not installed, you must first install these components to the server;
Second, on the server System desktop, in the Start menu, click Settings, then Control Panel, in the window that appears, double-click the Add or Remove Programs icon with your mouse, next to the Add/Remove Windows Components button in the subsequent interface, and in the Component Installation Wizard window that pops up, Select the "Application Server" option and click the "Details" button in the corresponding window.
Then, select the Internet Information Services (IIS) complex option and continue clicking the Details button in the corresponding window.
In the Wizard Setup window that appears, select the World Wide Web Service item and continue clicking the Details button in the corresponding window, then select the Remote administration (HTML) item in the Popup Wizard screen, and then click OK when you have finished setting up the Windows 2003 the installation CD of the server system is placed into the CD-ROM drive , then the system will automatically complete the remaining installation setup tasks;
Later, wherever the network manager goes, as long as they can find a computer that can surf the internet, and enter "http://aaa.aaa.aaa.aaa:8098" address via IE browser interface (where AAA.AAA.AAA.AAA represents windows 2003 Server's valid IP address), in a later open Server account verification interface, correctly enter the system administrator account, you can telnet to the Server Management Maintenance page, where the network management staff can easily view the log files on the server.
Daily management tips for Windows server servers