Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Operating Systems

ch14

advertisement

Know your boots - Very A+

Ya gotta know yer boots! Whether it be DOS , Win9x or NT/2000/XP , ya gotta know them!

Here are the players (files) in the NT boot process:

Name Role

BOOT.INI

Contains data for system boot menu – list of installed OSs.

Location

NTLDR Switch to 32-bit mode. Load temporary file system. Read and display boot menu. Run

NTDETECT. Load registry settings. Load and run

NT Kernel. This guy is " MR NT Boot " himself!

Root of system partition

(usually C:\)

Equivalent of IO.SYS

Root of system partition

(usually C:\)

Here is an example BOOT.INI file

[boot loader] timeout=30 default= multi(0)disk(0) rdisk(0) partition(4) \WINNT

[operating systems] multi(0)disk(0)rdisk(0)partition(4)\WINNT="Microsoft Windows 2000

Professional" /fastdetect multi(0)disk(0)rdisk(0)partition(5)\WINNT="Microsoft Windows 2000

Advanced Server" /fastdetect

C:\="Microsoft Windows"

In the above example:

Partition ( 0 ) = not used by Microsoft

Partition ( 1 ) = C: (active partition)

Partition ( 2 ) = Extended partition

Partition ( 3 ) = D:

Partition ( 4 ) = E:

Partition ( 5 ) = F:

Etc…

1

BOOTSECT.DOS

NTDETECT.COM

NTOSKRNL.EXE

HAL.DLL

System Hive

Device Drivers

Contains load parameter for a

DOS load. Note that this file contains data that is unique for this machine.

Part of the Registry used to load device drivers

Root of system partition

(usually C:\)

Hardware detection. Will be used to construct a "Last Known Good" profile.

Root of system partition

(usually C:\)

The OS kernel \WINNT\SYSTEM32 of the boot partition

Hardware Abstraction Layer \WINNT\SYSTEM32 of the boot partition

\WINNT\SYSTEM32\CONFIG of the boot partition of the boot partition

\WINNT\SYSTEM32\DRIVERS

Note : Windows NT must have these 3 files in the root directory of the system partition: NTLDR, BOOT.INI, NTDETECT.COM

. These files must be present to make a NT disk bootable. - Very A+

Let’s do it (or at least learn how it’s done)! -

Very A+

The loading of Windows NT is controlled by the file NTDLR which is a hidden system file that resides in the root directory of the system partition . NTDLR will load NT in four stages:

1.

Initial Boot Loader Phase

2.

Operating System selection

3.

Hardware Detection

4.

Configuration Selection

1

Step Action Description

Visit the MBR to get the Partition

Table and Active (or System

Partition ) and then visit the

Active Partition

When NT is installed the System Partition is modified to load NT’s initial startup program

NTLDR

– instead of

IO.SYS

2 Load NTLDR from the System This program is the major program that controls

2

3

4

5

5b

Partition

Change to 32-bit mode

Read BOOT.INI

Load NTDETECT *

* Run BOOTSECT.DOS

the sequence of the NT boot

Switch CPU over to 32-bit mode for 32-bit program access.

Text file that contains data from boot up menu

Checks available hardware installed

If the user chooses to run another OS from the

Boot Menu, NT then loads BOOTSECT.DOS

instead of NTDETECT and passes control to it.

6

7

Load NTOSKRNL , HAL and

System Hive

Pass control to NTOSKRNL Run WinNT

If you get the message:

BOOT: Couldn’t find NTLDR

Please insert another disk

You may be trying to boot to a floppy disk that has been formatted by NT but does not contain the NTLDR program. There are 3-6 System floppy disks for NTbased systems - they come with the package and/or can be created during installation.

There is not single "Boot" floppy that will work to get you booted, you need all disks or the CDROM.

NT will also allow you to make an ERD (Emergency Repair Disk). This disk contains information about your system and can be used to recover from serious system crashes. The contents of this disk varies between versions of NT. - Very

A+

Last Known Good

Choosing Last Known Good Configuration provides a way to recover from problems such as a newly added driver that may be incorrect for your hardware.

It does not solve problems caused by corrupted or missing drivers or files.

Press the F8 key when booting. - Very A+

When you choose Last Known Good Configuration , Windows 2000 will restore information in the registry key HKLM\System\CurrentControlSet only. Any changes you have made in other registry keys remain.

3

Recovery Console

The recovery console is somewhat like the Win9x Safe Mode Command

Prompt . This is a non-GUI environment that allows you to deeply manipulate your system folders . It uses some DOS commands and some commands that are unique to it.

Adding the RC to the Boot Menu - Very A+

If you would like access to the Recovery Console you may install it by using the following technique:

 Go to Start/Run and type CMD . This drops you to a DOS prompt.

 Switch over to your CDROM drive (E: <enter> etc.)

 Type: \i386\winnt32 /cmdcons

The top pre-install box is full of great information

So is the post-install box

Now each time you boot, you will have the Recovery Console option. If your system is so sick that the hard drive is unattainable, then the CDROM as well as

4

the boot up disks contain the console. Note that you will need to login as an

Administrator to use the RC.

You and your ERD (emergency repair disk) - Very A+

Another tool that help get you back and running after catastrophe is the ERD . Note that the

Win2K ERD may put you waaaayyyyyyy back. Back to the registry that was installed when you first installed the system it may "rewind" your system to a point before you installed any software besides Win2K!

You and your little ERD

First, have a blank, formatted 3.5" disk handy. To create an ERD click on

Start/Programs/Accessories/System Tools and choose Backup .

Click on the Emergency Repair Disk icon. Insert your floppy.

You need to make a decision here. If you click on " Also….

" the system will back up your

Registry files to a special folder on your Win2K " boot " partition. This folder is located in

\WINTNT\REPAIR . Very A+

Since the registry is too big to be backed up on a floppy, it is saved to the REPAIR folder;

5

the disk just contains additional data to help with the restore.

Some techs do this before they install any software or hardware. Beware - if you never check " Also… " and then use the ERD for repair, you will get rewound to your original

Registry settings. Do what you need to do!

To restore your ERD settings , boot to your 4 emergency disks, or to your CDROM. Then choose the option " To repair a Windows installation, press (R)"

Here is a link that may help you create a bootable disk for NTFS: http://support.microsoft.com/support/kb/articles/Q119/4/67.ASP

NT4 ERD Notes:

A repair disk is created during Windows NT installation, but you can also create it after the installation using the RDISK utility. Very A+

DISK MANAGEMENT

Basic disks

– normal primary / extended partition stuff. Default.

Dynamic disks – Only Win2K and up can directly access dynamic disks.

Keeps a 1-4MB database at the end of the physical disk. Once you go dynamic, you can’t go back without losing your data. Not supported on portable computers.

Dynamic volumes – over single or multiple disks. Advanced disk features like RAID 0 , 1 and 5 .

Software RAID

R edundant A rray of I nexpensive ( i ndependent) D isks. -

Very A+ o o o

Speed

Fault tolerance

Not quite as cool as hardware RAID

6

5 types: simple, spanned (RAID 0) , striped (RAID 0) , mirrored (RAID

1) and RAID 5

 Simple

Spanned (RAID 0

– two drives appear as one big drive)

Striped (RAID 0 – same thing but access is interleaved)

7

Simple and spanned dynamic disks (it’s even color coded)

 Mirrored (RAID 1

– concurrent backup of drive onto another)

Mirrored dynamic disks (two disks acting as your C: drive)

 RAID 5 (striped with parity – for both speed and fault tolerance . Requires

3 or more drives)

8

It is very A+ to know the types of RAID and their capabilities.

Disk Quotas

– limit the amount of disk space a user can use. Go to drive’s properties and click on Quota tab.

Networking Improvements

Network Neighborhood is replaced with My Network Places.

9

Management Very A+

Microsoft Management Console ( MMC ) – This new feature is used to create

"consoles" of system utility snap-ins . To load a MMC go to Start/Run and type

MMC.

10

A console can be blank:

Or populated:

To add snap-ins, click on "Console" and then choose "Add snap in". This essentially allows the tech to create individualized toolboxes for system maintenance.

11

Exercise 2 – THE MMC

The Microsoft Management Console is like a toolbox that we can add our favorite tools to. Let’s create a new MMC.

Click Start / Run and type, MMC

From here just follow along while we populate our toolbox.

Deliverable: Your own personalized toolbox.

A new control panel applet called Administrative Tools opens up a set of cool tech tools, among them, Computer Management .

12

Computer Management in turn opens up the Computer Management MMC. You can also get here by right-clicking on "My Computer" and choosing "Manage" from the list

Very A+

13

There are 3 basic groups here: System tools , Storage and Services and applications . - Very A+

Here is where you can basically maintain your entire system. In the above figure we could go from viewing the Device Manager stuff, and then turn around and edit or add Users to our system – pretty slick!

Performance Logs and Alerts

The Event Viewer - Very A+

With this "Tool" you can gather information about hardware, software, and system problems. In addition you can monitor Windows 2000 security events.

The EventLog service starts automatically when you start Windows 2000. All users can view application and system logs however only administrators can gain access to security logs.

14

By default, security logging is turned off . You can use Group Policy to enable security logging. The administrator can also set auditing policies in the registry that cause the system to halt when the security log is full.

You may monitor 3 categories of events:

Application

 The program developer of a software package decides which events to record here

System

 Events here are logged by the Windows 2000 system components

Security

 The security log can record security events such as valid and invalid logon attempts as well as events related to resource use such as creating, opening, or deleting files

There are 5 types of events recorded

Error

 A significant problem, such as loss of data or loss of functionality. For example, if a service fails to load during startup, an error will be logged.

Warning

 An event that is not necessarily significant, but may indicate a possible future problem. For example, when disk space is low, a warning will be logged.

Information

 An event that describes the successful operation of an application, driver, or service. For example, when a network driver loads successfully, an

Information event will be logged.

15

Success Audit

 An audited security access attempt that succeeds. For example, a user's successful attempt to log on the system will be logged as a Success Audit event.

Failure Audit

 An audited security access attempt that fails. For example, if a user tries to access a network drive and fails, the attempt will be logged as a Failure

Audit event.

A technician could use the Software and System Events to track down problems in the system.

16

Related documents
PC Fundamentals Test Name: Date: Directions: Answer all
PC Fundamentals Test Name: Date: Directions: Answer all
partition This term is often used as a synonym for distribution and
partition This term is often used as a synonym for distribution and
Outline
Outline
Restoring the boot.ini file
Restoring the boot.ini file
For kernel - RoboSavvy
For kernel - RoboSavvy
to view the PDF file
to view the PDF file
Scenario 1: VFR flight Shoreham to Cambridge
Scenario 1: VFR flight Shoreham to Cambridge
BAB 2 BASIC OPERATING SYSTEM CONCEPT
BAB 2 BASIC OPERATING SYSTEM CONCEPT
2.1 Input Output Control System
2.1 Input Output Control System
Download
advertisement