1. Windows Server 2003 3790 version identification
RTM=release to manufacturing (publicly issued mass production) is the version for hardware manufacturers! It was sent to the plate, not sold.
OEM=Original Equipment Manufacturer can only be installed completely, which is similar to RTM, but it is just a different name.
RTL=retail (retail) official retail version, can be upgraded or installed completely.
VLK=Volume License is a large number of licensed versions, also known as the enterprise version. No activation required. (The so-called Simplified Chinese VLK version on the Internet is actually just 8 files in the ordinary Simplified Chinese version plus English VLK version)
2. Different versions of Windows Server 2003
Windows Server 2003 Web version: Provides a Web hosting and service platform for rapid development and deployment of Web services and applications. Supports 2-channel SMP (symmetric multi-processing) system and 2GB of memory.
Windows Server 2003 Standard Edition: For small and medium-sized enterprises and department-level applications. Supports 4-channel SMP and 4GB of memory.
Windows Server 2003 Enterprise Edition: Suitable for use in centers and large organizations, with 32-bit and 64-bit versions. Supports 8-node clusters and NUMA; supports 8-channel SMP, of which the 32-bit version supports 32GB memory and the 64-bit version supports 64GB memory.
Windows Server 2003 Data Center Edition: For enterprises that require strong scalability and high availability, there are 32-bit and 64-bit versions. The 32-bit version supports 32-channel SMP and 64GB memory; the 64-bit version supports 64-channel SMP and 512GB memory; both versions support 8-node clusters and NUMA
3. Activation of Windows Server 2003 3790 version
Before the official version of the arithmetic device came out, there are the following popular activation methods:
(1) Reset5.02 can be activated when running in safe mode. It is no problem to adjust the time to 2008, and everything is used normally. Can be upgraded.
Disadvantages: The activation program is completely blocked, manifested as running msoobe/a without any display, and there is a reset5 in the service, which automatically runs this service when opening the opportunity. C:\WINDOWS\system32\. This program should be added to the system by reset5.
(2) Russian cracking, remember that in the XP era, just replace it before installation and then activate the phone to reach the perfect activation state. It can be done in 2003. After doing this, the current display has been activated, but if you adjust the time and turn on the computer, it will be displayed to activate, and it will even not be used. It is estimated that the key to the problem every time is still in that file.
(3) Someone posted a file on the forum, claiming to be activated, but in fact, this is still a fake activation. If the activation program is temporarily blocked, the time cannot be modified.
(4) There is no problem with the installation and use of pseudo VLK made by the replacement method, but it cannot be upgraded. VLK is a 8 file that replaces the English version. However, SN has been blocked by Microsoft. Therefore, it cannot be upgraded, but this method is the most stable and has no problems.
Conclusion: We recommend that you use 8 replacement methods to activate and reset5.02!
4. Some optimization settings for win 2003 server
1. Disable the Configuration Server Wizard:
Disable the appearance of the "Configure Your Server" wizard: run it in the Control Panel -> Administrative Tools -> Manage Your Server, and then check "Don't display this page at logon" in the lower left corner of the window.
2. Enable hardware and DirectX acceleration
★Hardware acceleration: Right-click on the desktop - Properties -> Settings - Advanced - Troubleshoot. Pull the hardware acceleration scroll bar of the page to "Full", and it is best to click "OK" to save and exit. It is completely normal that a black screen may occur for a moment during this period.
★DirectX acceleration: Open "Start" -> "Run", type "dxdiag" and press Enter to open "DirectX Diagnostic Tools", on the "Display" page, click DirectDraw, Direct3D and AGP Texture Acceleration buttons to enable acceleration. Pull the "Hardware Sound Acceleration Level" scroll bar to "Full
Acceleration” ( Full Acceleration).
3. Enable the sound card:
After the system is installed, the sound card is in a prohibited state, so you must enable it in the control panel -> Sound ->, and then set it to display in the taskbar after restarting.
If you are using Windows Server 2003 standard version, please do it from the second step xx, because the standard version already allows sound services.
★Open "Start" -> "Run", type " ", and find it in the window that appears
"Windows Audio" and double-click it, and then select "Automatic" utomatic in the drop-down menu in startup mode (startup type)
And click "Apply" -> "Start" -> "OK"
★Open "Start" -> "Run", type "dxdiag" and press Enter to open "DirectX Diagnostic Tool"
(DirectX Tools), on the "Sound" (Display) page, put "Hardware acceleration level of sound"
(Hardware Sound Acceleration Level) The scroll bar is pulled to “Full Acceleration”.
4. How to enable ASP support:
Windows Server 2003 is installed by default, and does not install IIS 6, and needs to be installed separately. IIS 6 is installed,
Support for ASP also needs to be enabled separately. The method is: Control Panel -> Administrative Tools ->
Web Service Extension -> Active Server Pages -> Allow.
5. How to enable XP’s desktop theme:
★Open "Start" -> "Run", type " ", and select themes "Theme" (default is prohibited)
, then change to "Auto", press "Apply" and select "Open".
★So click on the properties of "Desktop" and select "windows xp" in "Theme"
★My computer---properties-----performance------------------------------------------------------------------------------------------------------------
6. Options for shutdown reasons that occur when shutdown are prohibited:
Shutdown Event Tracker is also a setting that distinguishes Windows server 2003 from other workstation systems. This is a necessary choice for the server, but it is useless for the workstation system. We can also ban it.
Open "Start"->"Run"->Input" , in the left part of the window that appears, select "Computer Configuration" (Computer Configuration)-> "Administrative Templates" (Administrative Templates)
-> "System" (System), double-click "Shutdown Event Tracker" in the right window. Select "Disabled" in the dialog box that appears, click and "OK" to save and exit. In this way, you will see a shutdown window similar to Windows 2000
7. How to use USB hard drives and USB drives to add hard drives that already have partitions
My computer (right click) ----Management ---Disk Management ------Import and allocate disk letters on the corresponding hard disk
8. Display all components in the control panel:
Replace "hide" in the file in the Windows\inf directory.
9. Disable Internet Explorer Enhanced Security and prohibit the appearance of security inquiry boxes
Customize the security level of IE in the IE tool options. Pull the scroll bar on the Security tab to set Internet Area Security to Medium or Medium Low. Change the relevant selection "Prompt" to select "Disable" or "Enable" in the custom settings.
10. Disable startup CTRL+ALT+DEL and realize automatic login
★Method 1: Open the registry (run->"Regedit"), and then open:
HKEY_LOCAL_MACHIN|SOFTWARE|MicroSoft|Windows NT|CurrentVersion |Winlogon segment, right-click in this segment to create two new string segments, AutoAdminLogon="1", DefaultPassword="Password set for the super user Administrator".
Note that you must set a password for Administrator, otherwise you will not be able to start it up. Then, restart Windows to achieve automatic login.
★Method 2: Management Tools -> Local Security Settings -> Local Policy -> Security Options ->
interactive logon: Do not require CTRL+ALT+DEL, enable it.
★Method 3 (automatic login): Use Windows XP's Tweak UI to realize Server 2003 automatic login.
Download: Tweak UI /uppic/sun_pic/...003/
After downloading, execute directly. Select Logon in the left panel -> Autologon -> Check Log on the right to automaticallyat system startup Enter your username and domain name (if there is no, don't write it), click Set Password below, enter the username password
, and then click OK.
11.Hide files
Windows Server 2003 displays all folders by default. If you don’t want this, you can hide them by opening any folder, selecting Tools -> Folder Options -> View, adjusting the content of the system folder, hiding protected operating system files, hiding files and folders.
12. Allow built-in IMAPI CD-Burning service and support for Windows imaging device services
.Allows built-in IMAPI CD-Burning service and supports Windows imaging device services
★If you want to enable the built-in IMAPI CD-Burning service in Windows. Do the following xx:
Open "Start" -> "Run", type " ", find "IMAPI CD-Burning COM Service " in the window that appears and double-click it, then select "Automatic" in the drop-down menu of Startup type , and click "Apply" -> "Start" -> "OK)
★If you have imaging devices such as digital cameras and scanners, you should turn on the Windows Image Acquisition service.
Open "Start" -> "Run", type " ", find "Windows Image Acquisition (WIA)" in the window that appears and double-click it, then select "Automatic" in the drop-down menu of Startup type, and click "Apply" -> "Start" -> "OK"
13. Advanced settings
★We can modify some advanced settings of Windows Server 2003 to suit the application environment of the workstation.
Right-click on "My Computer" - Properties - Advanced - Performance
-Setting-Advanced, allocate "processor schedule" and memory usage to "Programs" for use. Then click "OK".
★Disable error reporting
Right-click "My Computer" - Properties - Advanced - Click the "Error Reporting" button, select "Disable Error Reporting" in the window that appears and select "But, notify me when critical errors occur" (But, notify me when critical errors occur.)
★Adjust virtual memory
Some friends often feel helpless about the slow shutdown and logout. The solution is to disable virtual memory, so that your logout and shutdown time may be much faster. Right-click "My Computer" - Properties - Advanced - Performance - Setting - Advanced, click "Change" in the "Virtual memory" section, and then select "No paging file" in the window that appears. Just restart the system.
14. Speed up the startup and operation speed
★Modify the registry, reduce pre-reading, and reduce the waiting time of the progress bar:
Start → Run → regedit starts the registry editor, HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\PrefetchParameters, there is a key value called EnablePrefetcher, its value is 3, change it to "1" or "5". Find HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control, and set WaitToKillServiceTimeout to: 1000 or less. (Original setting value: 20000) Find the HKEY_CURRENT_USER\Control Panel\Desktop key, change the WaitToKillAppTimeout in the right window to 1000, (Original setting value: 20000) that is, wait only 1 second when closing the program.
Change the HungAppTimeout value to: 200 (original setting value: 5000), which means that you wait 0.5 seconds when a program error occurs.
★Let the system automatically close the program to stop responding.
Open the registry HKEY_CURRENT_USER\Control Panel\Desktop key,
Set the AutoEndTasks value to 1. (Original setting value: 0)
★Disable system service Qos
Start menu → Run → Type , the “Group Policy” window appears, expand “Administrative Templates” → “Network”, expand “QoS Packet Scheduler”, right-click “Limit Bandwidth Retention” in the right window, there is “Limit Bandwidth Retention” in the "Settings" in the properties, select “Disabled” and confirm. When the above modification is completed and applied, if the user can see "QoS Packet Scheduler" in the general properties tab bar in the properties dialog box of the network connection. It means that the modification is successful, otherwise it means that the modification has failed.
★Change the speed of the window popup:
Find the HKEY_CURRENT_USER\Control Panel\Desktop\WindowMetrics subkey branch, find the MinAniMate key value in the window on the right, its type is REG_SZ. By default, the value of this skill value is 1, indicating that the animation displayed in the window is opened. If it is changed to 0, the animation display will be prohibited. Next, select the "Login" command from the Start menu to activate the modifications just made.
★Prohibits the compression function of Windows XP:
Click "Run" under "Start", enter "regsvr32/u " in the "Run" input box, and then press Enter.
★Set personalized startup information or warning information:
Personalized Windows XP startup: Open the registry editor, find the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon subkey branch, double-click the LegalNoticeCaption key value, open the "Edit string" dialog box, enter the information title you want in the text box under "Value Data", such as "Hello, buddy!", and then click "OK" to restart.
If you want to change the warning information, you can double-click the LegalNoticeText key name, enter the warning information you want to display in the "Edit String" window that appears, click "OK" and restart.
15. Install Java VM
Windows server 2003 does not have an integrated MS Java VM or Sun Java VM, you can download and install it yourself.
16. Install DirectX 9a
The method of installing DirectX 9a on Windows Server 2003 is the same as installing DirectX 9a on other versions of Windows. DirectX and Graphics Acceleration must be enabled before installation.
17. Available antivirus software and firewalls:
Symantec Norton Antivirus Corporate 8.01
Zone Alarm 3.7.159
Norton Personal Firewall 2003
5. How to prevent ipc$ intrusion
1. Disable empty connections for enumeration (this operation cannot prevent the establishment of empty connections)
First run regedit and find the following component [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA] to
RestrictAnonymous = The key value of DWORD is changed to: 00000001.
restrictanonymous REG_DWORD
0x0 Default
0x1 Anonymous users cannot list the local user list
0x2 Anonymous user cannot connect to native IPC$ share
Note: It is not recommended to use 2, otherwise some of your services may not be started, such as SQL Server
2. Disable default sharing
1) View local shared resources
Run -cmd-enter net share
2) Delete the share (enter one at a time)
net share ipc$ /delete
net share admin$ /delete
net share c$ /delete
net share d$ /delete (if there is e, f,... you can continue to delete)
3) Modify the registry and delete the share
Run-regedit
Find the following primary key [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters]
Change the key value of AutoShareServer (DWORD) to 0000000.
If the primary key mentioned above does not exist, create a new (right-click - New - Double-byte value) and change the key value.
3. Stop server service
1) Temporarily stop server service
net stop server /y (the server service will be restarted after restarting)
2) Permanently close the services of ipc$ and default shared dependencies: lanmanserver is server service
Control Panel - Administrative Tools - Services - Find Server Services (right click) - Properties - General - Startup Type - Disabled
4. Install a firewall (select the relevant settings), or port filtering (filter out 139, 445, etc.)
1). Unlock file and printer sharing binding
Right-click [Network Neighbor]→[Properties]→[Local Connection]→[Properties] on the desktop, remove the checkmark in front of "File and Printer Sharing for Microsoft Networks" and untie the file and printer sharing binding. This will prohibit all requests from ports 139 and 445, and others will not see the sharing of the local machine.
2). Use TCP/IP filtering
Right-click [Network Neighbor]→[Properties]→[Local Connection]→[Properties] on the desktop to open the "Local Connection Properties" dialog box. Select [Internet Protocol (TCP/IP)]→[Properties]→[Advanced]→[Options], and click to select the "TCP/IP Filter" option in the list. Click the [Properties] button, select "Allow only", and then click the [Add] button (as shown in Figure 2), and fill in the ports to be used except 139 and 445. In this way, when others use the scanner to scan the two ports 139 and 445, there will be no response.
3). Use IPSec security policy to block access to ports 139 and 445.
Select [My Computer]→[Control Panel]→[Administrative Tools]→[Local Security Policy]→[IP Security Policy, on Local Machine], and define an IPSec Security Policy rule that prevents any IP address from accessing IP addresses from TCP139 and TCP445 ports. In this way, when others use the scanner to scan, the 139 and 445 ports of the machine will not give any response.
4). Use firewall to prevent attacks
You can also set up in the firewall to prevent other machines from using native sharing. For example, in the "Skynet Personal Firewall", select an empty rule, set the packet direction to "Receive", select "Any Address" for the other party's IP address, set the protocol to "TCP", set the local port to "139 to 139", set the other party's port to "0 to 0", set the flag to "SYN", set the action to "Intercept", and finally click the [OK] button, and check this rule in the "Custom IP Rules" list to start the attack on the intercepting port 139 (as shown in Figure 3).
5. Set complex passwords for all accounts to prevent exhaustive passwords through ipc$