Win2003 users must see _windows2003

Windows Server 2003 3790 version identification

Rtm=release to manufacture (mass production) is a version to the hardware manufacturer! is to send to the plate, not to sell.
Oem=original equipment manufacturer can only be installed completely, and RTM is similar, just call different.
Rtl=retail (Retail) official Retail edition, can be upgraded or new installation.
Vlk=volume License a large number of authorized editions, also known as Enterprise Edition. No activation required. (The so-called Simplified Chinese VLK version of the Internet is actually the ordinary Simplified Chinese version of the VLK version of the 8 documents)

Two, different versions of Windows Server 2003

Windows Server 2003 Web Edition: Provides a web hosting and service platform for rapid development, deployment of Web services, and applications. Support 2-way SMP (symmetric multi-processing) system, 2GB memory.

Windows Server 2003 Standard Edition: for small and medium business and departmental applications. Supports 4-way SMP, 4GB RAM.

Windows Server 2003 Enterprise Edition: For centers and large organizations, with 32-bit and 64-bit two versions. Support for 8 node clusters, NUMA, 8-way SMP, where 32-bit version supports 32GB memory, and 64-Bit Edition supports 64GB memory.

Windows Server 2003 Datacenter Edition: for enterprises that require strong scalability and high availability, there are 32-bit and 64-bit two versions. 32-bit version supports 32-channel SMP, 64GB memory, 64-bit version supports 64-way SMP, 512GB memory, two versions support 8 node cluster, NUMA

Third, Windows Server 2003 version 3790 activation

Before the official version of the number is out, there are several popular ways to activate it:
(1) Reset5.02, operating in Safe mode can be activated, the time to adjust to 2008 years are no problem, all the use of normal. can be upgraded.
Disadvantage: The activation program is completely shielded, performance for running msoobe/a without any display, and in the service has a reset5, boot will automatically run this service, C:\WINDOWS\system32\srvany.exe, this program should be RESET5 added into the system.

(2) Russia cracked, remember in the XP era, as long as the Setupreg.hiv in the installation before the replacement, and then the phone can be activated to achieve the perfect activation of the realm, can be in 2003, this way after the current display has been activated, but if you adjust the time to boot again will show to activate, or even can not use. The key to the estimated secondary problem is the Setupreg.hiv file.

(3) In the forum, someone posted a Winxpactivation.exe file, known to be activated, in fact this is still false activation, temporarily shielding the activation program, is not able to modify the time.

(4) Use the substitution method to make out the pseudo VLK, installs uses all has no problem, just cannot upgrade. VLK is a replacement for the English version of 8 files. But SN has been blocked by Microsoft. So it cannot be upgraded, but this method is the most stable, without any problems.

Conclusion: We recommend activating and reset5.02 activation with 8 replacement methods!

Four, Win 2003 server some of the optimization settings

1. Disable the Configure Server Wizard:

Prohibit the presence of the Configure Your Server Wizard (Manage Your server):-> Administrator tool (Administrative Tools)-> manage Your server in Control Panel (Manage Your Server), and then in the lower-left corner of the window, check "Do not show this page when you log on" (Don t display this page at logon).

2. Enabling hardware and DirectX acceleration

★ Hardware Acceleration: Desktop Right-click-Property (properties)-> settings (Settings)-Advanced (Advanced)-Troubleshooting (Troubleshoot). Pull the hardware acceleration scroll bar of the page to full, preferably click OK to save the exit. This may be a moment of black screen is completely normal.

★directx acceleration: Open start-> Run, type "DxDiag" and enter the "DirectX Diagnostics Tool" (DirectX tools), on the display page, Click DirectDraw, Direct3D and AGP texture accelerate three buttons to enable acceleration. Pull the "Hardware acceleration level of sound" (Hardware Sound acceleration levels) scroll bar to "fully
Acceleration "(full acceleration).

3. Enable sound card:

After the system is installed, the sound card is prohibited, so you want to enable it in the Control Panel-> sound->, reboot and then set it in the taskbar display.
If you are using the Windows Server 2003 Standard version, make it from step two, because the standard version has allowed sound services.
★ Open "Start" (start)-> "Run", type "services.msc", and find in the window that appears
Windows Audio and double-click it, and then select Automatic ˋutomatic in the Drop-down menu in startup mode (the Startup type).
and click "Apply"-> "Start" (start)-> "OK" (OK)

★ Open "Start" (start)-> "Run", type "DxDiag" and return to open "DirectX diagnostics Tool"
(DirectX Tools), on the "Sound" (Display) page, put "Hardware acceleration level of sound"
The scroll bar (Hardware Sound acceleration level) is pulled to full speed acceleration.

4. How to enable ASP support:

Windows Server 2003 is installed by default and is not installed with IIS 6 and requires additional installation. After installing IIS 6,
Support for ASPs also needs to be turned on separately. The method is: Control Panel-> management tool->
Web Service Extensions-> Active Server Pages-> allowed.

5. How to enable XP Desktop themes:

★ Open "Start" (start)-> "Run", type "services.msc" and select Themes "Subject" (Default is prohibited)
, and then change to "Auto", press "Apply" and select "Open".
★ Click on the "desktop" attribute, select "Windows XP" in "Subject"
★ My Computer----Properties----Advanced----performance-----use shading for icon labels on the desktop

6. Shutdown reasons for the shutdown is prohibited to choose:

Shutdown Event Tracking (Shutdown event Tracker) is also a setup that differs from other workstation systems in Windows Server 2003, which is a necessary choice for the server, but it is not useful for workstation systems and we can also ban it.
Open "Start" Start-> "Run" runs run-> enter "Gpedit.msc", in the left portion of the window that appears, select Computer Configuration (Computer Configuration)-> "Administrative Templates" (Administrative Templates)
-> "System", click "Shutdown Event Tracker" in the right window to select "Prohibit" (Disabled) in the dialog box that appears, clicking and then "OK" to save and exit, so that you will see similar to Windows 2000 Shutdown window
7. How to use USB hard drive, u disk, add already partition hard disk

My Computer (right-click)----Manage----Disk Management-----Perform import and assignment letter operations on the appropriate hard disk

8. Display all components in Control Panel:
Replace the "Hide" in the Sysoc.inf file in the Windows\Inf directory.

9. Disable Internet Explorer enhanced security and the appearance of the Stop-safe query box
Customize the security level for IE in the IE tools option. Pull the scroll bar on the Security tab to set Internet zone security to Medium (Medium) or medium low. Modify the selection "prompt" in the Customization settings to select "Prohibit" or "enable".

10. Disable boot Ctrl+alt+del and implement automatic login

★ Method 1: Open the registry (run-> "Regedit"), and then open:
hkey_local_machin| software| Microsoft| Windows nt| CurrentVersion | Winlogon segment, right-click in this paragraph, create a new two string segment, autoadminlogon= "1", defaultpassword= "password set for Superuser administrator".
Note that you must set a password for the administrator, or you will not be able to implement self booting. You can then restart Windows to enable automatic logon.

★ Method 2: Administrative Tools-> The Local security Settings (local safety policy)-> native policy-> security options->
Interactive Logon:do not require Ctrl+alt+del, enabled.

★ Method 3 (Automatic login): Use the Windows XP tweak UI to automate Server 2003 login.
Download: Tweak UI Http://www.ssite.org/uppic/sun_pic/...003/tweakui.exe
Execute TweakUI.exe directly on the left panel select logon-> autologon-> on the right tick log on Automaticallyat system startup enter your username and domain (if not write) Click the set Password below to enter the username password
, and then click OK.

11. Hide Files

Windows Server 2003 displays all folders by default, and if you don't want to, you can hide it by doing it: Open any folder, select Tools-> Folder Options-> View, adjust the contents of the Display system folder, hide protected operating system files, hidden files and folders three items

12. Allow built-in IMAPI cd-burning services and support for Windows Imaging Device services

. Allow built-in IMAPI cd-burning services and support for Windows Imaging Device services
★ If you want to enable Windows built-in IMAPI cd-burning service. Do the following XX:
Open start-> Run, type "services.msc", locate "IMAPI cd-burning COM Service" in the window that appears, and double-click it, and then in startup mode (Startup type "Automatic" and click "Apply"-> "Start" (start)-> "OK" (OK).

★ If you are like digital cameras and scanners, you should open the Windows Image Acquisition service.
Open start-> Run, type "services.msc", locate "Windows Image Acquisition (WIA)" In the window that appears, and double-click it, and then in startup mode (Startup type "Automatic" and click "Apply"-> "Start" (start)-> "OK" (OK).

13. Advanced Settings

★ We can modify some of the advanced settings of Windows Server 2003 to fit the workstation's application environment.
Right-click "My Computer" (my Computer)--Attributes (properties)--Advanced (Advanced)--Performance (performance)
---Advanced (Advanced), which assigns the processor plan (Processor scheduling) and memory use (Memory usage) to the program (PROGRAMS) for use by Setting. Then click "OK" (OK.)

★ Disable Error Reporting
Right-click on "My Computer" (my Computer)--Attributes (properties)--Advanced (Advanced)--click on the "Error Report" (Reporting) button, in the window that appears to "Disable error Reporting" (Disable error Reporting) Select and check "but notify me when serious errors occur" (But, notify me when critical errors occur.)

★ Adjust Virtual memory
Some friends often feel overwhelmed with shutting down and logging off, and the solution is to disable virtual memory so that your logoff and shutdown times may be much faster. Right-click "My Computer" (my Computer)--Attributes (properties)--Advanced (Advanced)--Performance (performance)--Settings (Setting)--Advanced (Advanced), click "Virtual Memory" (Virtual memory) section of change, and then select No paging file in the window that appears. Reboot the system.

14. Speed up start-up and operation

★ Modify the registry, reduce the pre read, reduce the progress bar wait time:
Start → Run →regedit start Registry Editor, HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\ Prefetchparameters, there is a key value named Enableprefetcher, its value is 3, change it to "1" or "5". Locate the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control and set the WaitToKillServiceTimeout to: 1000 or less. (Original Set Value: 20000) to find HKEY_CURRENT_USER\Control Panel\Desktop key, the right window waittokillapptimeout to 1000, (original set Value: 20000) that is, close the program only wait 1 seconds.
Change the Hungapptimeout value to: 200 (original Set Value: 5000), which indicates that the program waits 0.5 seconds for errors.

★ Allow the system to automatically shut down programs that stop responding.
Open the registry HKEY_CURRENT_USER\Control Panel\Desktop key,
Set the Autoendtasks value to 1. (Original Set Value: 0)

★ Disable System Service QoS
Start menu → run → type gpedit.msc, and the Group Policy window appears. Expand Administrative Templates → network, expand QoS Packet Scheduler, right-click restrict reserved bandwidth in Settings in properties, select Disabled, and make sure that you have restricted retention of bandwidth in the setting in the property, and that Can When the above modifications are completed and applied, the user can see the QoS Packet Scheduler (QoS Packet Scheduler) in the General Properties tab bar of the Properties dialog box for the network connection. Description The modification was successful or the modification failed.

★ Change the speed of window popup:
Locate the HKEY_CURRENT_USER\Control Panel\desktop\windowmetrics branch, locate the MinAnimate key value in the window on the right, the type is REG_SZ, and by default the value of this health value is 1, Represents an animation that opens a window display, changes it to 0, suppresses animation, and then selects the logout command from the Start menu to activate the modification you just made.

★ Disable compression for Windows XP:
Click "Run" under "Start", enter "regsvr32/u Zipfldr.dll" in the "Run" input box, and then press ENTER.

★ Set the starting information or warning message of personality:
Personalized Windows XP Startup: Open Registry Editor, find HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon Branch, Double-click the LegalNoticeCaption health value to open the Edit String dialog box and enter the information you want in the text box under Value data, such as "Buddy, Hello!" , and then click OK to reboot.
If you want to change the warning message, double-click the LegalNoticeText health Value name, enter the warning message you want to display in the Edit String window that appears, and then click OK to reboot.

15. Install Java VM
Windows Server 2003 does not have an integrated MS Java VM or a Sun Java VM, and you can download and install it yourself.

16. Install DirectX 9a

Installing DirectX 9a on Windows Server 2003 and installing DirectX 9a on other versions of Windows is the same. You must first enable DirectX and Graphics acceleration before you install.

17. Available antivirus software and firewalls:
Symantec Norton Antivirus Corporate 8.01
Zone Alarm 3.7.159
Norton Personal Firewall 2003

V. How to prevent the invasion of ipc$

1, prohibit the null connection enumeration (This operation does not prevent the establishment of an empty connection)

First run regedit, find the following build [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
RestrictAnonymous = DWORD key value is changed to: 00000001.
RestrictAnonymous REG_DWORD
0x0 Default
0x1 Anonymous users cannot enumerate the list of native users
0x2 Anonymous users cannot connect to the native ipc$ share
Description: It is not recommended to use 2, or it may cause some of your services to fail to start, such as SQL Server

2. Prohibit default sharing

1 View local shared resources
Run-cmd-input net share
2 Delete Share (one at a time)
NET share ipc$/delete
NET share admin$/delete
NET share C $/delete
NET share d$/delete (if there is a e,f,...... can continue to delete)
3) Modify registry Delete share
Run-regedit
Locate the following primary key [Hkey_local_machine\system\currentcontrolset\services\lanmanserver\parameters]
Change the key value of AutoShareServer (DWORD) to 0000000.
If the primary key mentioned above does not exist, create a new (right-click-New-Double-byte value) and change the key value.

3. Stop Server service

1) Temporarily Stop Server service
net stop server/y (Server service will reopen after reboot)
2 permanently turn off ipc$ and default shared-dependent services: LanManServer, Server services
Control Panel-Administrative Tools-services-Locate the Server service (right-click)-Properties-general-Startup type-disabled

4, install the firewall (check the relevant settings), or port filtering (filter out 139,445, etc.)

1. Unlocking file and Printer sharing bindings

Right-click on the desktop [Network Neighborhood]→[Properties]→[local connection]→[properties], remove the "File and Printer sharing from Microsoft Network" check box, and unlock file and printer sharing bindings. This will prohibit all requests from 139 and 445 ports, and others will not be able to see the shared computer.

2). Using TCP/IP filtering

Right-click on the desktop [Network Neighborhood]→[Properties]→[local connection]→[properties] to open the Local Area Connection Properties dialog box. Select the Internet Protocol (TCP/IP)]→[Properties]→[advanced]→[Options], click to select the TCP/IP filter option in the list. Click the Properties button, select Allow only, and then click the Add button (Figure 2) to fill in the port that you want to use except for 139 and 445. This will not respond if someone scans the 139 and 4,452 ports using the scanner.

3. Use IPSec security policy to block access to ports 139 and 445

Select [My Computer]→[Control Panel]→[Management tool]→[Local Security policy]→[IP security policy, in the local machine], where you define an IPSec security policy rule that prevents any IP addresses from accessing IP addresses from the TCP139 and TCP445 ports, so that when someone uses a scanner scan, The 139 and 4,452 ports on this machine do not give any response.

4). Use firewall to protect against attack

You can also set the firewall to prevent other machines from using native sharing. As in "Skynet Personal Firewall," Select an empty rule, set packet direction to "receive", the other IP address selected "Any address", the protocol is set to "TCP", the local port is set to "139 to 139", the other port set to "0 to 0", set the flag bit is "SYN", the action is set to "intercept" , and then click the OK button and select this rule in the custom IP Rules list to start intercepting the 139 port attack (Figure 3).

5, to all accounts to set up a complex password to prevent through ipc$ poor lift password