STUDY GUIDES
SAMPLE TESTS
FORUMS
AUDIO TRAINING
VIDEO TRAINING
EXAMSHEETS
HELP US OUT
LINKS DIRECTORY
NEWSLETTERS
COLLEGE DEGREES
FAQ
ARTICLES
BOOK REVIEWS
ADVERTISE
TIPS/TRICKS
TOPSITES
CONTACT



        

CERTguide 70-222 Study Guide

What is 70-222 all about?

Migrating from Microsoft® Windows® NT 4.0 to Microsoft® Windows® 2000

When you pass this exam, you achieve Microsoft Certified Professional status. You also earn credit toward the following certifications:

n          Elective credit toward Microsoft Certified Systems Engineer on Microsoft Windows 2000 certification

n          Elective credit toward Microsoft Certified Systems Engineer on Microsoft Windows NT 4.0 certification

According to Microsoft, 

“This certification exam measures your ability to migrate domains from Windows NT 4.0 to Windows 2000 and to perform domain restructures. A migration can include an upgrade only, a restructure only, or an upgrade and a restructure. A migration refers to the changes made to the Windows NT Server 4.0 environment during its promotion to Windows 2000 Server. Migration encompasses two processes:

Domain upgrade - Windows NT Server 4.0 software is upgraded to Windows 2000 Server on the PDC and some or all of the BDCs

Domain restructure - Objects in a given domain are relocated to a Windows 2000 domain that either is part of the same forest or belongs to a different forest”

It is recommended that you first start by studying 70-210 and 70-215. When you are familiar with Windows 2000, you should read this case study provided by Microsoft to get a sense of the “Upgrade” we are talking about here.

http://www.microsoft.com/windows2000/techinfo/interop/redir-domainmig.htm

You may also want to learn more about the ADMT Active Directory Migration Tool:

http://support.microsoft.com/default.htmx?scid=kb;EN-US;q260871

Key points to remember: Windows 2000 as an operating platform:

n          Windows 2000 Server is suitable for a small size network (with around 100 users).

n          Windows 2000 Advanced Server is suitable for a mid size network (with couple hundreds users).

n          Both Windows 2000 Advanced Server and Windows 2000 Datacenter Server are suitable for strict 24x7 environment because of the clustering capability.

n          The component in Windows 2000 that addresses the problem of resource location is Active Directory. By integrating Active Directory directory services with Windows 2000, all shared resources in your domain will be available as objects in the directory.

n          Tools that can be used in Windows 2000 (but not in WinNT) to simplify network management include:

u        Microsoft Management Console
u        Group policy
u        DNS dynamic update protocol
u        Active Directory directory services
u        Windows Management Instrumentation
u        Remote Storage
u        Windows Script Host
u        Indexing Service

n          You may activate Windows 2000 Personalized Menus to:

u        keep track of the programs you use
u        update the Programs menu to present only the programs most frequently used

Key points to remember: Windows 2000 installation

n          Before you purchase new computers for Windows 2000, you must first verify that these hardware components meet the minimum requirements for Windows 2000. You do this by checking the Windows 2000 HCL.

n          If a computer component is not listed in the HCL, you may still use it if a Windows 2000 driver is available.

n          HCL location: http://www.microsoft.com/windows2000/server/howtobuy/upgrading/compat/search/devices.htm

According to Microsoft,

 “HCL is a Web-based searchable database which is updated as additional hardware is tested and approved.”

n          Windows 2000 is best to be started from the CD. If your computer does not support booting from the CD-ROM drive, you can start the computer by using the Setup boot disks that come with Windows 2000.

n          When you want to install Windows 2000 Server on a computer that will be a member server in an existing Windows 2000 domain, you may add the computer to the domain during installation if the following information is available:

u        DNS domain name of the domain you wanna join
u        Either an existing computer account for this member server, or the user name and password of the administrator (such that you can create a computer account for this computer)
u        Note that at the time of such installation a domain controller and a DNS server must be available on the domain you plan to join.

n          If you are Windows 2000 Server on a computer that was previously running another operating system, you should use a disk partitioning tool such as Partition Magic to remove any existing partitions and create a new partition suitable for Windows 2000 installation.

n          If you wanna install Windows 2000 over the network to a client computer, you must have the \i386 folder ready in a network share on the distribution server. You will also need to create a FAT partition (with a recommended size of at least 1GB) on the target computer. Finally, you need to have a network client boot disk ready so that the target computer can be booted to connect to the distribution server.

n          Remote installation of Windows 2000 requires:

u        A Windows 2000 Server with RIS
u        A DNS server

u        A DHCP server

u        A Windows 2000 Active Directory domain

u        Client computers that can connect to the RIS server via the network.

n          Windows 2000 Remote Boot Disk Generator (rbfg.exe) can be used to create boot disks for RIS installation. The path to this utility is RIS_Server:\RemoteInst\Admin\i386\rbfg.exe.

n          Boot floppies created by Rbfg.exe can only support PCI-based network adapters that are listed in the Adapters List.

Read this Microsoft Technet article to learn the technical details of upgrade installation:

You may create Windows 2000 setup disk using the makeboot command:

Winnt32.exe command syntax:

Planning an upgrade:

Windows 2000 Upgrade methods:

Automating Server Installation and Upgrade:

Automating Client Installation and Upgrade:

Deploying Windows 2000 using SMS:

Key points to remember: Windows 2000 DNS, DHCP and WINS

n          A domain name space provides the hierarchical structure for DNS.

n          DNS is a database of a distributed nature.

u        In Windows 2000, the Dynamic DNS feature allows automatic updates to the primary server's zone file.
u        For Windows 2000 to work, you need a DNS that supports the SRV record. 
u        In WinNT, the DNS is static and must be manually updated. Since it does not support SRV, you better upgrade it to Windows 2000 DNS. 

n          DNS Zones are used to divide a domain name space into different administrative units.

n          DNS Name servers are used to store DNS zone information as well as to perform name resolution.

n          You rely on a forward lookup query to resolve a name to an IP address. On the other hand, you rely on a reverse lookup query resolves an IP address to a name.

n          A DNS name server must have at least one forward lookup zone in order to enable name resolution.

n          A reverse lookup zone is not strictly required, as it is mainly for used by troubleshooting utilities like Nslookup or IIS logging.

n          You may use multiple DNS name servers to provide redundancy and name resolution load sharing.

n          You should configure a DNS name server as a root server only if you do not need Internet connectivity or that you can access the internet via a proxy server.

DNS Requirement for Active Directory Deployment:

Technical Details of DNS:

n          DHCP:

u        The Windows 2000 DHCP Service must first be authorized in Active Directory in order to operate.
u        In the past when you need to add new addresses into a subnet scope you will have to delete and re-create. In Windows 2000, you can simply create a new scope with the new additional addresses and then combine it with the existing scope to form a superscope.
u        On subnet with no DHCP server, you need to configure DHCP Relay Agent.
u        Relay Agent can be configured through RRAS when a Windows 2000 is acting as a router.
u        You may use DHCP option classes to manage configuration details for your DHCP clients. The types of option classes are:
n          vendor-defined
n          user-defined

n          APIPA:

u        If a DHCP client fails to obtain a lease from a DHCP server, it will use Automatic Private IP Addressing to generate a unique IP address.
u        The APIPA address is in the range 169.254.x.y.

n          WINS:

u        Each WINS client can use at the max 12 WINS servers.
u        Additional WINS servers provide added level of fault tolerance.
u        WINS support is essential for pre-Windows 2000 clients.
u        When everything is Windows 2000, you may not need to use WINS anymore.

Address Management in Windows 2000:

DHCP:

DHCP for Windows 2000:

WINS for Windows 2000:

Key points to remember: Windows 2000 Active Directory

n          In order to install Active Directory, you must meet the requirements below:

u        A partition formatted with NTFS.
u        Enough disk space to store Active Directory.
u        System time settings are correct and accurate.

n          You may install the Active Directory directory services using dcpromo to call up the Active Directory Installation wizard

n          A network with both NT and Windows 2000 running is in the Mixed mode. You must manually switch the network to Native mode. To do so, you call up the Active Directory Domains and Trusts snap-in from the Administrative Tools menu.

n          Native mode is required if you want to create security-type universal groups.

n          If you have weak link to your remote office, it is best that you have a domain controller and a global catalog server available in that office so that users over there can still logon and access resources at the time the link is not working.

n          The global catalog contains the access permissions for an Active Directory object. You must have Read permission for an object in order to locate it.

n          Logon over the WAN link is not desirable as it is slow and is not too reliable. To facilitate the logon, you better configure a domain controller together with a global catalog server remotely.

n          Site configuration can help as well. You can create a site for the main office and another site for the remote office. To do so, you must:

u        Create a subnet object for each network
u        Associate the subnet with the corresponding site.
u        Ensure that both sites are using the default site link.
u        Note that you can assign costs to the multiple links you have. There is no strict rule to such assignment. However, if you want a link to be the preferred one, you should assign a lower cost to it.

n          The recommend strategy of using domain local and global groups is:

u        Place user accounts into global groups
u        Place global groups into domain local groups
u        Assign permissions to the domain local group.

n          User accounts in your network must have unique names within their OU.

n          Computer accounts in your network must have unique names within the entire Active Directory forest.

n          Managing OUs:

u        When you move an Active Directory object from one OU to another OU, permissions assigned directly to the object are retained. However, it will also inherit the permissions from the new OU. Any previously inherited permission will become ineffective.
u        You may delegate administrative control of the accounts in an OU to your peer via the Delegation Of Control wizard.
u        You must have the List Contents permission in order to view the objects in an OU.
u        You must have the Create Organizational Unit Objects permission in order to create objects in an OU.

Planning for Active Directory:

Deploying Active Directory:

Active Directory Schema:

Global Catalog Server:

Configure site link:

Configure site link cost:

Configure replication:

Key points to remember: Windows 2000 Group Policy

n          GPOs store Group Policy information in:

u        Group Policy Container
u        Group Policy Template

n          GPOs implementation order:

1.          site

2.          domain

3.          organizational unit

n          To implement restrictions on what a particular group of users can do on their desktops, you should add these users in an OU and link a GPO to this OU.

n          You may “Block Policy Inheritance” at the OU level. However, the upper level can configure to disallow inheritance blockage.

n          You may prevent a user group from being affected by certain policies. You do this by denying the Apply Group Policy permission on the discretionary access control list of the GPO for the corresponding security group.

n          You may use Windows 2000 to manage software through Windows Installer and Windows 2000 Software Installation And Maintenance.

n          You may deploy applications by linking the corresponding GPOs at the domain to the OU levels.

n          You should assign an application to the computers if that application is required by all of your users.

n          You should assign an application to the users if only certain users are allowed to use it.

Windows 2000 Group Policy White Paper:

Intro to Desktop Management:

Linking Group Policy:

Key points to remember: Remote Access in a Windows 2000 Network

n          L2TP supports header compression and can work closely with IPSec. It is more secure than PPTP.

n          PPTP is good for backward compatibility. Non-Windows 2000 computers do not work with L2TP.

n          You may share your internet connections. This feature is known as ICS Internet Connection Sharing.

n          Remote access policies are stored on the remote access server locally. This is because different Remote Access servers have different capabilities, that not all RAS servers are equal.

n          In a mixed-mode domain, the access permission setting on the Remote Access policy is overridden.

n          The server side authentication setting must match that of the client side.

n          Client side authentication settings are configured at the User’s remote access profile.

PPTP:

Connecting users using L2TP:

Planning for IPSec:

Managing Remote Access:

User dial-in properties:

Key points to remember: Upgrading to Windows 2000

n          To upgrade a server running Windows NT 3.5 to Windows 2000, you must first upgrade it to Windows NT Server 3.51 or 4.0.

n          To allow Win95/98 computer to access Active Directory directory services, you should install the Directory Service Client for Windows 95 or 98.

n          To facilitate system recovery in case the upgrade fails, you should synchronize a BDC with the PDC and keep this BDC offline before proceeding with the upgrade.

n          To upgrade a Windows NT 4.0 single master domain model network to Windows 2000 Active Directory, you should upgrade the master domain to Windows 2000 so that a root domain can be created.

n          To migrate a multiple master domain model network to Windows 2000 Active Directory where a new empty root domain is already in place, you should:

1.          Upgrade the PDCs in the resource domains

2.          Instruct the Active Directory Installation wizard to make a new child domain in an existing domain tree.

3.          Make the resource domains the child domains of the existing master domains.

4.          Upgrade the BDCs.

n          When upgrading to Windows 2000, the existing local groups remain intact and group membership remains unchanged.

Migration Strategy:

Guide to Windows Interoperability in a Mixed-Platform Environment

ADMT Overview:

Domain Migration Strategies

n          You may restructure your domains:

u        immediately after upgrade
u        in place of an upgrade
u        as a general domain redesign in the future

n          Post Upgrade Migration:

u        this involves reworking the existing domain structure

n          Instead of Upgrade Migration:

u        design and build a pristine forest first. After you have built the pilot project, begin domain restructuring by migrating in small phrases.

n          Post Migration:

u        domain restructure takes place as part of a general domain redesign in a pure Windows 2000 environment sometime in the future.

Reference Books:

MCSE: Windows 2000 Migration Study Guide Exam 70-222 (With CD-ROM) -- Todd Phillips, et al; Hardcover

MCSE Migrating from Microsoft Windows NT 4.0 to Microsoft Windows 2000 Study Guide (Exam 70-222) (Book/CD) -- Syngress Media Inc (Editor); Hardcover

MCSE Migrating from NT 4 to Windows 2000 Exam Cram (Exam: 70-222) -- Kurt Hudson (Editor), et al; Paperback

This study guide is developed by Michael Yu Chak Tin. He can be reached at Michael@examreview.net.






Join our mailing list
Name:
Email Address:
Choose a Newsletter(s):
Monthly Newsletter
70-210 exam
70-215 exam
70-216 exam
70-217 exam
Network+ exam
CCNA exam
A+ Core exam
A+ OS exam
Linux+ exam
70-221 exam
Delivery Format:
Manage Subscriptions

Hot!!! - CERTguide's FREE Online Practice exams are now located at
www.123cert.com - 70-210, 70-215, 70-216, 70-217, CCNA, Network+, Linux+, A Plus Core, A+ Hardware - Hot!!!