This chapter includes the following sections, which address various topics covered on the Windows 2000 Professional MCSE exam:
- Windows 2000 Basics
Describes Windows 2000 and compares it with other Microsoft operating systems. Windows 2000’s architecture and boot process are described in detail. This section also covers the basics of using Windows 2000 and the basics of networking.
- Installing Windows 2000 Professional
Discusses the planning necessary before installing Windows 2000 Professional, installation methods, and the installation process. This section also describes methods of automating the installation.
- Configuring Windows 2000 Professional
Introduces essential Windows 2000 management tools, such as Microsoft Management Console and the Control Panel. This section also describes configuration tasks for hardware devices, power management, and mobile systems.
- Managing Disk Storage
Discusses the possible disk configurations, how to implement and manage them, and disk management tools. Disk compression, disk quotas, encryption, and backup methods are also covered.
- Managing Network Components
Discusses the network protocols, services, and other components used with Windows 2000, including methods of remote access and the basics of the Active Directory.
- Administration and Security
Describes how to manage users, groups, policies, and other aspects of Windows 2000 access control and security. This section also discusses file sharing, printer management, and network auditing.
- Optimization and Troubleshooting
Describes several useful utilities for monitoring the performance of Windows 2000 and optimizing performance. Typical troubleshooting procedures are described, along with solutions to common problems.
For years, Windows NT (New Technology) was Microsoft’s premier operating system for businesses and networks. Windows 2000, released in early 2000, is the latest version of this operating system, replacing Windows NT 4.0.
This section compares Windows 2000 with other Microsoft operating systems and provides basic information about Windows 2000 architecture, networking, and operating system features.
The following terms relating to operating systems will be useful in understanding the remainder of this section:
- Cooperative multitasking
A system for allowing multiple applications to execute at the same time in an operating system. Applications must cooperate, periodically giving up control of the processor for use by other applications.
- Memory protection
A feature that prevents applications from accessing memory belonging to other applications or the operating system itself. Windows NT and Windows 2000 provide a greater degree of memory protection than previous versions.
- Multiprocessing
The ability of an operating system to use multiple processors (CPUs) in a computer at the same time. Windows NT and Windows 2000 are the only Windows versions that support multiprocessing.
- Multithreading
The ability of an operating system to allow multiple functions ( threads) within an application to execute at the same time. In a multiprocessor system, these may be executed on different processors.
- Plug and Play
A Microsoft specification for hardware devices and operating systems that support automatic hardware configuration, preventing the need for manual assignment of IRQs, I/O addresses, and other settings. Windows 95, Windows 98, Windows Me, and Windows 2000 support Plug and Play.
- Preemptive multitasking
A system for allowing multiple applications to execute at the same time in an operating system. Unlike cooperative multitasking, preemptive systems are able to divide processor time between all applications, regardless of the application’s behavior.
Microsoft has released a variety of operating systems over the years, ranging from DOS to Windows 2000. These are summarized in Table 3-1, and the latest ones are described in the following sections.
Table 3-1. Operating System Requirements and Key Features
|
Operating System |
RAM |
Disk Storage Required |
Multi-tasking? |
Multi-processing? |
Plug and Play? |
|---|---|---|---|---|---|
|
DOS |
256K |
None |
No |
No |
No |
|
Windows 3.1x |
2 MB |
10 MB |
Cooperative |
No |
No |
|
Windows 95 |
4 MB |
40 MB |
Preemptive |
No |
Yes |
|
Windows 98 |
16 MB |
175 MB |
Preemptive |
No |
Yes |
|
Windows Me |
32 MB |
480 MB |
Preemptive |
No |
Yes |
|
Windows NT Workstation 4.0 |
12 MB |
117 MB |
Preemptive (protected) |
Yes (two processors) |
No |
|
Windows NT Server 4.0 |
16 MB |
124 MB |
Preemptive (protected) |
Yes |
No |
|
Windows 2000 Professional |
32 MB |
650 MB |
Preemptive (protected) |
Yes |
Yes |
|
Windows 2000 Server |
64 MB |
671 MB |
Preemptive (protected) |
Yes |
Yes |
Windows 3.1 was the first version of Windows to gain widespread popularity and was the first with specific support for Intel’s 16-bit 80386 processor. Two additional versions were released: 3.11, a version with minor corrections, and Windows for Workgroups, a version with support for workgroup networking.
Windows 3.1x is a 16-bit operating system with support for cooperative multitasking. It runs as a shell on top of DOS and requires DOS to run.
Windows 98, released in August 1998, is the successor to Windows 95, Microsoft’s original 32-bit consumer operating system. Windows 98, like Windows 95, is a 32-bit operating system that supports DOS, 16-bit Windows, and 32-bit Windows applications. Windows 95 and 98 are popular for standalone desktop machines and as network clients for Windows NT or other networks. A built-in peer-to-peer network system allows simple networks to be constructed using only Windows 95 or 98.
Windows 95 improved upon Windows 3.11 with greater stability, better multitasking, support for 32-bit applications, support for long filenames, more customization options, a versatile desktop and file management system, and built-in dial-up networking support.
Windows 98 updated Windows 95 with support for new hardware, including USB and FireWire (IEEE 1394); an improved installation program; support for a number of new network protocols; and improved utilities for configuration and troubleshooting.
A later release, Windows 98 Second Edition (SE), added a number of features to Windows 98. Among the improvements were Internet Connection Sharing (ICS), improved support for hardware, and improved VPN support.
Windows Me (Millenium Edition) was released in August 2000. Windows Me is a minor update to Windows 98 that includes support for the latest hardware, improved recovery from crashes, and Internet Explorer 5.5.
Up to Version 4.0, Windows NT was Microsoft’s business-oriented operating system. Windows NT is a 32-bit operating system that supports preemptive multitasking with memory protection, multiprocessing, and multithreading. Windows NT was designed for networking and is generally more reliable than previous Windows versions.
Windows NT 3.51 and earlier versions used the same user interface as Windows 3.1x, but Version 4.0 used the newer Windows 95/98 interface. Unlike Windows 98, NT 4.0 does not support the Plug and Play specification.
Windows 2000 Professional is the base version of Windows 2000 and is thus equivalent in purpose to the previous Windows NT Workstation. Windows 2000 Professional uses an updated version of the Windows 98-style user interface; most of these updates were integrated into Windows Me.
Windows 2000 improves on Windows NT 4.0 with some features similar to Windows 98, including Plug and Play and support for the Advanced Power Management (APM) and Advanced Configuration and Power Interface (ACPI) power-management standards. Windows 2000 supports multiprocessing with up to two processors.
Windows 2000 also adds support for the Active Directory, Microsoft’s new directory services architecture. Windows 2000 Professional can act as an Active Directory client, but does not maintain a directory services database; Windows 2000 Server is required for this purpose.
Other new features include user interface improvements; additional hardware support, including support for USB and FireWire; support for virtual private networks (VPNs); the Internet Printing Protocol (IPP); and support for Encrypted Filesystem (EFS). Windows 2000 also supports the FAT32 filesystem that originated in Windows 98.
As with Windows NT Server, Windows 2000 Server improves on Windows 2000 Professional with support for unlimited Internet connections and support for multiprocessing with four processors (Windows 2000 Professional supports only two processors).
Additionally, Windows 2000 Server supports the Active Directory service and includes server software for DNS (Domain Name Service), DHCP (Dynamic Host Configuration Protocol), and other services.
Windows 2000 Server is further extended by two premium versions: Windows 2000 Advanced Server, which supports up to 8 processors and 2-way clustering; and Windows 2000 Datacenter Server, which supports up to 16 processors and 8-way clustering.
There are two basic types of networks: server-based networks, which use dedicated servers; and peer-to-peer networks, which share files between workstations. These are explained in the following sections.
Server-based networks, also called client/server networks, use a dedicated computer called a server . Files, printers, and other resources and services on this computer are made available to network workstations, called clients. Client machines are simply used by network users and usually do not share files or printers.
Windows 2000 Server is typically used as a server operating system for this type of network. Windows 2000’s security model for server-based networks is called the domain model . Servers are organized into domains, with one or more computers (the domain controllers) providing centralized authentication.
A peer-to-peer network (sometimes simply called a peer network) consists solely of workstations called peers . Each workstation can be operated by a user and can also make shared files or printers available to users at other workstations. This system is best suited to smaller networks. Microsoft’s term for peer-to-peer networks is workgroups .
A workgroup configuration can be used for networks consisting solely of Windows 2000 Professional computers. For a server-based network, one or more computers running Windows 2000 Server are required.
The main disadvantage of a workgroup network is the lack of central control. Each user controls access to their own workstation’s shared files and printers. In a large network, this is difficult to manage without compromising security. A workstation that is being accessed by peers can also be slowed down, inconveniencing the user at the workstation.
The advantages of workgroups include their ease of installation and ease of use. They are also less expensive than server-based networks, because a dedicated server is not required. If users are able to manage resource sharing, an administrator may not be required.
In a workgroup network, all of the computers are the same type: peers, also called clients. In a domain-based Windows 2000 network, several different types of computers are typically included:
- Domain controllers
These computers run Windows 2000 Server. Each domain controller maintains a copy of the user account database (Active Directory). Multiple controllers synchronize periodically to maintain the same Directory.
- Member servers
These computers run Windows 2000 Server, but are not configured as domain controllers. Member servers do not maintain a copy of the Directory database, but can share files, printers, and other resources.
- Clients
Clients typically run Windows 2000 Professional or another operating system, such as Windows 95/98/Me or NT Workstation. These computers can log in to the domain and are allowed access to its resources.
As with other PC-based operating systems, the Windows 2000 OS is stored on disk and loaded each time the computer is booted. Windows 2000’s boot process is similar to that of Windows NT and more complex than that of earlier versions of Windows. The following are the processes involved when Windows 2000 boots on an Intel-based computer:
The computer performs a pre-boot sequence. This includes the Power-On Self Test (or POST) in which the computer determines if the minimum hardware required to boot (video adapter, RAM, and a keyboard) is present. The computer also detects the floppy disk drives, hard disk drives, and (in newer computers) CD-ROM drives from which it can boot. It then selects a boot device (usually the hard disk) according to its stored preferences.
The computer’s BIOS (in ROM) reads the master boot record (MBR) from the hard disk. The MBR, in turn, loads the boot sector on the default partition. This contains the OS loader, NTLDR. If a SCSI controller without its own BIOS is in use, a driver is loaded from the NTBOOTDD.SYS file at this point.
NTLDR switches the processor to 32-bit (enhanced) mode, then loads a minifilesystem driver to access NTFS or FAT partitions.
NTLDR reads the BOOT.INI file and displays a menu of available operating systems. Configuring this file is described in the installation section of this chapter.
If DOS or a previous version of Windows was chosen, a DOS boot sector is read from the BOOTSECT.DOS file and executed. Otherwise, Windows 2000 begins to load.
NTLDR calls NTDETECT.COM. This program tests and detects some of the computer’s hardware, and displays an error message if any hardware problems are found.
If more than one hardware profile has been configured, NTLDR displays a menu of available profiles. Otherwise, the default profile is used.
NTLDR then transfers control to NTOSKRNL.EXE, the Windows NT kernel. Once the kernel starts, the screen changes from black to blue. A module that handles the hardware abstraction layer, HAL.DLL, is loaded by the kernel.
The kernel initializes by creating the HKEY_LOCAL_MACHINEHARDWARE registry subkey, based on the NTDETECT results. It then copies the current control set (described later in this chapter) to the HKEY_LOCAL_MACHINESYSTEMSelect subkey.
The kernel then loads low-level device drivers and filesystems. Once the kernel has started all the drivers, the user-mode subsystem and GUI are started. The screen changes to a graphical display with a slate-blue screen.
The kernel then begins the services start phase, where the system services are loaded. After the Winlogon service starts, the logon screen is displayed.
The boot process uses two special disk partitions, referred to as the boot partition and the system partition . These may be (and typically are) the same volume. These names are misleading: the boot files used in steps 1-4 above are stored in the root directory of the system partition, and NTOSKRNL.EXE and other operating system files are stored on the boot partition. Table 3-2 summarizes the files found on each of these partitions.
Table 3-2. Files Contained in the Boot and System Partitions
|
System Partition |
Boot Partition |
|---|---|
|
NTBOOTDD.SYS |
NTOSKRNL.EXE |
|
NTLDR |
HAL.DLL |
|
BOOT.INI |
WINNT files |
|
BOOTSECT.DOS | |
|
NTDETECT.COM |
The entries in the boot menu displayed at startup are based on the BOOT.INI file, located in the root directory of the system partition. A typical Windows 2000 Professional BOOT.INI file, including a dual-boot entry for MS-DOS, looks like this:
[boot loader] timeout=30 default=multi(0)disk(0)rdisk(0)partition(1)WINNT [operating systems] multi(0)disk(0)rdisk(0)partition(1)WINNT="Windows 2000" /fastdetect C:="MS-DOS"
The file consists of the [boot
loader] section with information about defaults,
followed by the [operating
systems] section with individual entries for each
operating system.
The [boot
loader] section can
include two entries:
The entries in the [operating
systems] section can include bootable
FAT
partitions (such as C: in the example) for DOS or earlier versions
of Windows and
Advanced RISC Computing
(ARC) entries for Windows NT or Windows 2000. ARC is a standard also
used for booting other operating systems on RISC machines. ARC
entries use the following format:
adapter(x)disk(x)rdisk(x)partition(x)directory=description
- adapter
Specifies the disk controller the boot volume is attached to. This value is always either
multi(x)orscsi(x). Themultikeyword is used for most disks, including IDE and most SCSI drives; thescsikeyword is used strictly for SCSI controllers without a built-in BIOS. The value in parentheses is an index assigned to the controller. Controllers are typically numbered from highest to lowest IRQ assignment.- disk
For
scsientries, indicates the boot drive’s SCSI ID number. Formultientries, this value is unused and should be set to 0.- rdisk
For
multientries, specifies the SCSI ID or IDE unit number of the boot drive. This entry is unused withscsientries and should be set to 0.- partition
Specifies the partition within the hard disk. Partitions are numbered sequentially from 1.
- directory
Specifies the path within the boot partition for the system files. This is typically WINNT for Windows NT or Windows 2000.
- description
Describes the operating system corresponding with the boot entry. These descriptions are displayed in the boot loader menu.
ARC entries for Windows 2000 can be followed by one or more of these options:
- /basevideo
This and the following options can be used after an OS entry. This option forces Windows NT to use VGA mode instead of the defined video driver. The VGA mode entry in the default BOOT.INI file uses this option.
- /fastdetect=ports
Disables scanning for a serial mouse on the COM ports specified. This scan can delay booting and can cause some UPS systems to shut down. This option replaces the
/noserialmiceoption in Windows NT 4.0 and is enabled by default in Windows 2000.- /maxmem:number
Limits the amount of memory visible to Windows 2000 to the specified number of bytes.
- /noguiboot
Disables the graphical boot status screen.
- /sos
Windows 2000’s basic user interface is similar to that of Windows 95/98/Me, but various utilities for managing the system are similar to those of earlier versions of Windows NT. Some basics of using Windows 2000 Professional are described in the following sections.
The Logon dialog is displayed at the completion of the boot process. This dialog includes fields for username and password and an option to use a dial-up connection. If the computer is configured as a domain client, you can choose the domain to log on to.
As with Windows NT 4.0, the initial Windows 2000 display includes a desktop with various icons. The My Computer icon provides access to the computer’s disk drives through the Windows NT Explorer, and the Start menu allows access to installed applications.
You can configure options for Windows 2000’s Start menu by right-clicking the taskbar and selecting Properties . In this dialog you can enable or disable the personalized menus. In addition, you can choose to have the Control Panel and Documents options in the Start menu expand into submenus.
The My Network Places icon, similar to the Network Neighborhood icon in NT 4.0, displays a list of commonly accessed network locations. You can browse the entire network with the Entire Network icon or browse the local workgroup or domain with the Computers Near Me icon.
Windows 2000 includes a variety of utilities for managing operating system features. The following are some of the most commonly used utilities, all of which are explained in detail later in this chapter:
- Microsoft Management Console (MMC)
A utility that consolidates the functions of many previous Windows NT management utilities. You can access disks, log files, services, applications, and performance monitoring from MMC consoles.
- Control Panel
As in Windows NT 4.0, the Control Panel contains a number of applets that you can use to manage various components of the computer.
- Task Scheduler
A new Windows 2000 utility that lets you schedule regular maintenance tasks.
- Registry Editor
Allows you to display and modify the registry, a database used by Windows 2000 to store settings relating to hardware, the operating system, and applications.