This chapter begins with a quick overview of the features of the Windows 2000 operating system in each of its four flavors: Professional, Server, Advanced Server, and Datacenter Server. It finishes with my personal offerings of kudos and gripes over how Windows 2000 has been implemented.
Quarks come in six flavors (Up, Down, Strange, Charmed, Top, and Bottom), but so far, Windows 2000 only comes in four. Let’s look at the features of these different flavors, starting with the lightweight Professional (which corresponds to the Up and has a mass of only .005 GeV/c2) and moving upwards to the heavyweight Datacenter Server (not yet detected, but estimated to have a mass comparable to the Top quark, or about 180 GeV/c2).
Designed to replace the earlier Windows NT Workstation 4.0 and Windows 95/98 platforms on corporate desktop computers, Windows 2000 Professional is pretty much a blend of the best features of these two earlier operating systems. Professional takes the security and stability of Windows NT and combines it with the Advanced Configuration and Power Interface (ACPI) power management and Plug and Play hardware support of Windows 95/98 to provide administrators with real reasons for tossing out their last remaining souped-up 486s and buying all new Pentium IIIs. You can use the following features to justify the purchase to your boss:
- Enhanced installation methods
In addition to standard manual installations using local media or downloads from a network distribution server, Windows 2000 includes the Setup Manager Wizard (on the Windows 2000 Server compact disc in the
\Support\Tools\Deploy.cab
folder) to simplify creating and configuring answer files for unattended installation. Windows 2000 also includes the System Preparation Tool (also in the\Support\Tools\Deploy.cab
folder), which can prepare a configured Windows 2000 Professional system for cloning using third-party disk-duplication software. A third option—if your desktop systems support the NetPC specification or a network adapter with a Pre-Boot Execution Environment (PXE) boot ROM and supporting BIOS—is to perform automated remote installations of Professional clients using the Remote Installation Services (RIS) running on Windows 2000 Server.- Improved hardware support
The Plug and Play capability of Windows 2000 makes it easier to install devices and update drivers than in NT. In addition, Windows 2000 supports the ACPI standard. If you are planning a new deployment, you should ensure that your systems support ACPI in order to get the full benefit of Plug and Play and power management in Windows 2000.
- Better mobile access support
For laptop users there are many benefits to upgrading to Professional, if your laptop hardware supports it. These include:
Support for offline folders to allow users to transparently access resources when disconnected from the network
Support for IPSec and virtual private network (VPN) dial-up connections, using PPTP or L2TP as a tunneling protocol, which lets remote users dial in and securely access the corporate network as if they are directly connected
Better power management with ACPI to get more out of your laptop’s batteries
- Improved filesystem support
The new version of NT File System (NTFS) on Windows 2000 supports advanced features, such as disk quotas, data encryption, and getting past the old 24-drive limit for mapped network drives by creating volume mount points.
- Enhanced printing support
Like NT, Windows 2000 can print to local or networked printers and can print to NetWare, Unix, and Macintosh print servers using optional components you can install. It also supports Internet printing using the Internet Printing Protocol (IPP), which lets you print to a URL over the Internet or a corporate intranet. For color laser printers and scanners, Windows 2000 includes Image Color Management 2.0 to create and manage color profiles.
- Integrated administration tools
Windows 2000 administrative tools are implemented using a standard framework called the Microsoft Management Console (MMC). An existing suite of consoles is included in the Administrative Tools program group, but you can also create and customize your own consoles by adding various snap-ins. By installing the Windows 2000 Administration Tools (found on the Windows 2000 Server CD as
\I386\Adminpak.msi
), you can fully manage all aspects of Windows 2000 servers (including both domain controllers and member servers) from a single remote Windows 2000 Professional workstation.- Easier troubleshooting
Windows 2000 includes advanced startup options for starting a computer in Safe mode or other modes to troubleshoot hardware problems that could prevent the computer from booting successfully. As with NT, you can create an Emergency Repair Disk (ERD) or boot using Last Known Good Configuration as additional ways to troubleshoot boot problems. An optional Recovery Console can be installed; it provides a minimal, command-line version of Windows 2000 that can be used to manually copy new versions of system files to an NTFS volume, thus replacing missing or corrupted files that are preventing a successful boot. Improved Troubleshooters in online Help provide a question-and-answer approach to helping users troubleshoot problems when tech support can’t make it to Help.
Professional’s big brother is Windows 2000 Server, which supports all the features described above and a whole lot more. Windows 2000 Server is intended to replace the earlier Windows NT 4.0 Server operating system and builds upon the strengths of this system by providing additional functionality, such as:
- Integrated directory services
Active Directory is an LDAP-compatible directory service that replaces the earlier and not very scalable Windows NT Directory Service (NTDS), which despite its name was not really a directory service at all. With Active Directory, Microsoft steps into the heavyweight ring to slug it out with Novell’s NDS and other directory products, but who will win is anyone’s guess. Active Directory lets you replace your old system of Windows NT master domains, resource domains, and one-way trusts with a much more scalable (and understandable) system of forests, trees, domains, and two-way transitive trusts for building enterprise networks. This allows users in any location to easily find and access resources anywhere else in the enterprise. Active Directory is not something you just jump into, however: it takes skill and planning to implement it successfully, and implementing it requires a thorough understanding of the Domain Name System (DNS)—the naming and locator service used by Active Directory. See O’Reilly’s Windows 2000 Active Directory by Alistair Lowe-Norris for a good introduction to the subject.
- Mixed-mode support
Of course, not everyone will migrate their NT servers to Windows 2000 Server right away (now that’s an understatement!) because of the cost and complexity involved. So Microsoft included support for mixed-mode networking environments where newer Windows 2000 domain controllers and legacy Windows NT domain controllers can interoperate transparently with one another until the next budget windfall comes through.
- Group Policy
Windows NT included an administrative tool called System Policy Editor, which could be used rather awkwardly to lock down user desktops so users could not change the configuration of their systems (since users usually end up breaking things when they try to fix them and then calling technical support to come to the rescue). Windows 2000 goes much further than this with Group Policy, a powerful tool for controlling the behavior of servers, workstations, applications, and data across an enterprise. Group Policy is complex, but it is well worth the effort to learn if you administer a network of more than a few dozen computers.
- Enhanced TCP/IP services
Windows 2000 Server supports enhanced TCP/IP networking services, including:
Dynamic DNS (DDNS) for allowing clients to update their resource records directly (or other clients to update records indirectly using DHCP) on a Windows 2000 DNS server
Dynamic Host Configuration Protocol (DHCP) for central management and configuration of IP addresses, including support for Internet Connection Sharing (ICS) and Automatic Private IP Addressing (APIPA) to simplify TCP/IP configuration and Internet access on small SOHO-style networks
Windows Internet Name Service (WINS) for backward support of legacy Windows clients in mixed-mode environments
- Other networking services
Windows 2000 Server also includes:
Internet Information Services (IIS) for publishing information using web and FTP sites.
Distributed File System (Dfs) to make it simpler for users to access shared resources across an enterprise.
Removable Storage for tracking and managing removable media, such as tapes and optical disks.
Routing and Remote Access for policy-based control of remote-access servers and the use of multihomed machines as software routers.
Terminal Services for remotely accessing the Windows 2000 desktop on a central terminal server, something that can extend the life of older hardware that can’t run Windows 2000 Professional natively. Terminal Services can also be used for remote administration of Windows 2000 servers.
Gateway (and Client) Services for NetWare, Services for Macintosh, and Services for Unix to provide interoperability in a heterogeneous network-ing environment.
There are additional specialized services, such as Telephony, Fax, Certificate, Component, Internet Authentication, Windows Management Instrumentation, QoS Admission, Connection Manager, and IPSec, that you might implement in specialized situations in the enterprise.
Get Windows 2000 Administration in a Nutshell now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.