Mastering Windows 2000 Server / Edition 3 available in Hardcover
- Pub. Date:
- Sybex, Incorporated
About the Author
Read an Excerpt
Chapter 1: Windows 2000 Server Overview
After years of talk about "Cairo" (the Microsoft code name for their "ultimate" server software) and even more years of work, Microsoft has finally shipped Windows 2000. After training us to expect roughly annual releases of new versions of NT-NT 3.1 shipped in 1993, 3.5 in 1994, 3.51 in 1995, and 4 in 1996-NT 5 finally arrived, but it was considerably later than a year after the release of NT 4. Furthermore, NT 5 arrived with a new name: Windows 2000. But the name's not all that's new.
So what took so long? Was it worth the wait? For many, the answer will be "yes." Much of NT's foundation-the internal kernel structure, how drivers are designed, how Windows 2000 multitasks-hasn't changed all that terribly much from NT 4, but network professionals really don't see that part of NT. Instead, we network types will notice that the above-ground structures, the tools built atop the foundation, are so different as to render Windows 2000 Server almost unrecognizable as a descendant of NT 3.x and 4.x. For comparison's sake, and to extend the structural metaphor, think of using Windows NT 3.1 Advanced Server as renting a room in someone's basement, using NT 4 as renting a 2-bedroom apartment, and using Windows 2000 Server as living in Bill Gates's new mansion on Lake Washington: more rooms than anyone can count all filled with new and wonderful electronic gadgets.
In the mansion, many of the things that you know from the basement room are unchanged-the electricity comes out of sockets in the wall, the pipes are copper or PVC, bathrooms have sinks and commodes in them-but there's so much more of it all, as well asso many new things, both useful ("Hey, cool, a garden, and automatic sprinklers for it!") and of debatable value ("What does this bidet thing do, anyway?"). That's not to say that NT's underpinnings will never change, not at all-the next (and still-unnamed) version of NT will go a step further, digging up NT's 32-bit foundation and replacing it with a 64-bit one.
The main point, however, is this: If you're an NT network administrator, be prepared for culture shock. The difference between NT 4 and Windows 2000 is at least 10 times as great as the difference between NT 3.1 and NT 4. And if you've never worked with NT in any flavor, be prepared to find Windows 2000 both delightful and frustrating-as is the case with most Microsoft software.
It would be somewhat shortsighted of me to simply say, "Here are the new features you'll find in Windows 2000," and then to just dump the features-it sort of misses the forest for the trees. So let me start off by briefly discussing the big picture and what Microsoft's trying to accomplish; then I'll move along to those new features and, finally, take a look at a few of Windows 2000's shortcomings.
Microsoft's Overall Goals for Windows 2000The changes in Windows 2000 from NT 4 are quite significant, but they were long in coming. What was the wait all about?
Make NT an Enterprise OS
Microsoft wants your company to shut off its mainframes and do your firm's work on big servers running NT. That's why there is a version of Windows 2000 Server called Datacenter Server. Microsoft is also hoping that "enterprise" customers will exploit new Windows 2000 Server facilities such as Active Directory and Microsoft Application Server (nee MTS) and COM+ to write gobs of new and hardware-hungry distributed applications. Before they can accomplish that, however, they need to clear three hurdles: reliability, availability, and scalability.
NT Must Be More Reliable
Since their appearance in the late '70s, microcomputer-based network operating systems have been seen as fundamentally different from "big-system" OSes like IBM's MVS and OS/400, Compaq's Open VMS, and the myriad flavors of Unix. PC-based network operating systems weren't exactly seen as toys, but neither were they seen as something that one would base one's business on, if one's business was truly critical. For example, it's hard to imagine the New York Stock Exchange announcing that they'd decided to get rid of their current trading system and to replace it with a Net-Ware 4.1 or NT 4-based client-server system. PC-based stuff just wasn't (and largely still isn't) seen as sufficiently reliable yet to take on the big guys.
Nor is that an unfair assessment. Most of us would be a bit uncomfortable about discovering in midflight that the state-of-the-art airliner taking us across the Pacific was run by NT, or that the Social Security Administration had decided to dump their old mainframe-based software in favor of a Lotus Notes-based system running atop NT. Years ago, many firms discovered that NT servers crashed far less often if rebooted weekly; it's hard to imagine running a heart-and-lung machine on something like that. But Microsoft wants to shed that image. They want very much to build an OS that is sufficiently industrial-strength in reliability so that one day it wouldn't be silly to suggest that AT&T's long distance network could run atop some future version of NT, Windows 2000-something. With Windows 2000, Microsoft believes that they've taken some steps in that direction.
NT Must Be More Available
A server being rebooted to change some parameters is just as down as one that is being rebooted after a Blue Screen Of Death, the symptom of a system crash that is all too familiar to NT 4 veterans. Many Windows 2000 parameters can be changed with-out a reboot where a change to the corresponding parameter in Windows NT 4 would require one. Unfortunately, as we will see, some of the most common parameter changes still require a reboot.
NT Must Be Able to "Scale" to Use Big Computers
Reliability's not the only big-network issue that Microsoft faces. The other one is the limit on the raw power that NT can use-to use a word that the PC industry created a few years ago, NT must be more scalable.
Being an "enterprise" operating system requires two different kinds of scalability which are somewhat at odds with each other: performance scalability and administrative scalability. The first asks, "If I need to do more work with NT, can I just run it on a bigger computer?" The second asks, "If I need to support more users/computers/giga-bytes of hard disk/etc., can I do it without hiring more administrators?"
Performance Scalability CPUs are simply not getting all that much faster in terms of the things they can do. To create faster or higher-capacity computers, then, computer manufacturers have been putting more and more CPUs into a box. And while NT has in theory been designed to use up to 32 processors since its first incarnation, in reality, very few people have been able to get any use out of more than 4 processors. With Windows 2000, Microsoft claims to have improved the scalability of NT-although I've not yet heard anyone say with a straight face that Windows 2000 will "run like a top" on a 32-processor system.
Besides the ability to use a larger number of CPUs, there were internal restrictions within Windows NT, such as the number of users that a SAM database would allow, that simply had to go. With Active Directory, many restrictions, including this one, have been removed.
The three versions of Server support different numbers of CPUs. Windows 2000 Server supports four processors. Windows 2000 Advanced Server supports 8 processors, and Windows 2000 Datacenter Server supports 32 processors.
NOTE Oh, and if you're looking in your Webster's for a definition of scalability, don't bother; it's not a real word. Microsoft made it up a few years ago. Basically, scalable roughly means, "As the job's demands grow, you can meet them by throwing in more hardware-processors and memory-and the system will meet the needs." It's become an issue because, while NT has theoretically supported 32 processors since its inception, much of the basic NT operating system itself can't use many processors-for example, adding a ninth processor to an eight-processor domain controller won't produce any faster logins. That's also true of NT programs; depending on whom you ask, SQL Server maxes out at four or eight processors. Beyond that, adding more processors does nothing more than run up the electric bill.
Administrative Scalability/Manageability Large enterprises do not like to add headcount in their core business areas, much less just to administer Windows NT. Windows 2000 Server contains a number of facilities such as Intellimirror, designed to allow customers to support more users running with more complex desktop environments with fewer support personnel. Microsoft typically refers to this area as "Manageability," though I think "Administrative Scalability" better captures the flavor of the topic.
In this area, one of the most important additions to Windows 2000 is its support for both issuing and honoring digital certificates in place of userids and passwords for identification and authentication. The overall system needed to manage the life cycles of digital certificates and verify their authenticity and current validity is called Public Key Infrastructure (PKI). PKI-based security is both more secure and vastly more administratively scalable than userid+password-based security, but it is also much, much more technically complex.
Three years can be an awfully long time in the computer business. The years since 1996 have seen the emergence of Universal Serial Bus, IEEE 1394, Fiber Channel, and 3-D video cards, just to name a few areas of technological growth, as well as the introduction of hundreds of new network cards, video boards, sound cards, SCSI host adapters, and so on. A new crop of network-aware PCs has appeared, PCs that under-stand networking right in their BIOSes and that are designed to be taken straight out of the box without anything on their hard drives, plugged into the network, and started up from the network rather than from any on-disk software. And on a more mundane note, nearly every PC sold in the past five years supports a hardware system called Plug and Play (PnP).
NT supports none of these things right out of the box. Some of these devices can be made to work, but some can't. Hardware support has always been something of an afterthought in NT, and it's amazing that Microsoft shipped NT 4 without any Plug-and- Play support, save an undocumented driver that could sometimes make a PnP ISA board work but that more commonly simply rendered a system unusable. NT 4's off-hand support, of PC Card laptops and its near-complete lack of support for Cardbus slots forced many an NT-centric shop to put NT Server on their servers, NT Workstation on their corporate desktop and Windows 95 on their laptops. One of Windows 2000's goals, then-and an essential one-is to support the new types of hardware and greatly improve the way that it works on laptops.
Make NT Easier to Support
The past 10 years have seen the rise of the graphical user interface (GUI), which brought a basically uniform "look and feel" to PC applications and made learning a PC application and PCs in general so much easier for users. We've seen programming tools go from some very simple development environments that crashed more often than they worked to today's very stable 32-bit suite of programming tools, making it possible for developers to create large and powerful 32-bit applications. Users and developers are better off-sounds good, doesn't it?
Well, it is, for them. But many of us fall into a third category: support staff. And while some things have gotten better-the graphical nature of many of NT's administrative tools helped get many new admins started on a networking career-the actual job of sup-port hasn't gotten any easier. Consider this: Would you rather rebuild a CONFIG.SYS file to stitch back together a damaged DOS machine from memory, or would you prefer to pick through a broken Registry trying to figure out what's ailing it?
Microsoft's competition knew that support was the Achilles' heel of both Windows and NT, and so in the mid-'90s, Sun and others began extolling the importance of considering the Total Cost of Ownership (TCO) of any desktop system. It wasn't hard to make the argument that the biggest cost of putting Windows on a desktop isn't the hardware or the software-it's the staff hours required to get it up and keep it running. With Windows 2000, Microsoft starts to reduce desktop TCO. A group of Windows 2000 improvements called Change and Configuration Management tools makes life easier for support folks and network administrators in general.
Specific New Capabilities and FeaturesSo much for the good intentions. What about the new goodies?
Microsoft lists pages and pages of enhancements to Windows 2000-the PR people have, after all, had over three years to cook up those lists. I'm sure they're all of value to someone, but here are the things that I find most valuable in Windows 2000, arranged according to my three earlier categories-making NT more enterprise ready, modernizing NT, and improving its administrative tools/lowering TCO.
Making Windows 2000/NT More "Enterprising"Several functions help push NT's latest incarnation to a place in the big leagues. In particular, the most significant "big network" changes to NT include:
- Active Directory
- Improved TCP/IP-based networking infrastructure
- More scalable security infrastructure options
- More powerful file sharing with the Distributed File System and the File Replication Service
- Freedom from drive letters with junction points and mountable drives
- More flexible online storage via the Removable Storage Manager
The crown jewel of Windows 2000, Active Directory is also the single most pervasive piece of the OS. Many of the things you'll read about in this book, many of the compelling features of Windows 2000, simply cannot function without Active Directory. Group policies, domain trees and forests, centralized deployment of applications, and the best features of the Distributed File System (to name a few) will not operate until you've got a system acting as an Active Directory server.
NOTE The whys and wherefores of Active Directory are complex enough that they'll get a chapter all their own. In Chapter 2, you'll read about what Active Directory is trying to accomplish, how it does so, and how you can best design the Active Directory for your enterprise.
Network Infrastructure Improvements
Anyone building an NT-based network around the TCP/IP protocol needed three important infrastructure tools:
- The Windows Internet Name Service (WINS), which helped Windows 2000-and NT-based servers and workstations locate domain controllers (which handled logins and authentication in general) as well as file and print servers.
- The Dynamic Host Configuration Protocol (DHCP), which simplified and centralized the once-onerous task of configuring TCP/IP on workstations.
- The Domain Name System (DNS), which did the same kind of job as WINS-it keeps track of names and addresses-but instead of helping workstations locate domain controllers and file/print servers, DNS helps programs like Web browsers and e-mail clients to find Web and mail servers. Some firms have avoided moving their networks to TCP/IP, staying instead with IPX (a protocol that owes its popularity to Novell's networking products) or NetBEUI (the main protocol for Microsoft networking prior to 1995). But with Windows 2000, pretty much everyone should be using TCP/IP, making DHCP, WINS, and DNS essential parts of any Windows 2000-based network.
Why did NT have two services-WINS and DNS-that kept track of names? This was the case because of a questionable choice that Microsoft made back in 1994. Of the two, WINS was the most troublesome and, for some networks, unfortunately the most vital. Thus, it was to many people quite excellent news when Microsoft announced that Windows 2000 would be the end of WINS.
Reports of its death, however, turned out to be greatly exaggerated. The actual story is that, if you have a network that is 100-percent Windows 2000, both on the workstation and server, then yes, you can stop using WINS. But most of us won't have that for years, so Windows 2000 still has a WINS service. Thankfully, it's greatly improved; one expert commented to me that it's ironic that Microsoft finally "fixed" WINS, just as they were about to kill it. Chapter 18 shows you how to set it up and make it work.
DNS was something of a sidelight under NT 4 as NT didn't really need DNS-DNS's main value was to assist Internet-oriented programs like Web, FTP, and POP3/SMTP mail clients in finding their corresponding servers. Under Windows 2000, however, DNS takes center stage. Without it, Active Directory won't work.
NT 4's DNS server was a pleasure to work with, although that's just my opinion: I've spoken with people who tell me that it couldn't handle high volume loads. I didn't have any bad experiences with it, so I can't comment. NT 4's DNS wrapped a well-designed GUI around a standard DNS implementation, making basic DNS tasks simpler than they would be for a Unix DNS implementation at the time. Windows 2000 takes that a step further with improved wizards. First-time DNS administrators will find that Windows 2000's DNS server almost does all the hand-holding you could need.
Additionally, Windows 2000's DNS supports dynamic updates, a process wherein adding information about new machines to a DNS database can be automated. Based on the Internet standard document RFC 2136 (the Internet's standards are described in documents called Request for Comments, or RFCs), it combines the best of NT 4's WINS and DNS servers. The DNS server also supports another Internet standard, RFC 2052, which greatly expands the kind of information that DNS servers can hold onto. For example, a pre-2052 DNS server could tell you what machines acted as mail servers for a given Internet domain, but not which machines were Web or FTP servers. 2052-compliant DNS servers can do that, and more: Active Directory now uses RFC 2052 to allow DNS to help workstations find domain controllers and other Active Directory-specific server types.
NOTE Chapter 18 covers how Active Directory uses RFC 2052 in more detail. DHCPB
DHCP frees network administrators from having to walk around and visit every single desktop in order to configure the TCP/IP protocol. The basic idea is that a workstation broadcasts over the network, seeking an IP address (every computer on an intranet must have a unique IP address); a DHCP server hears the plea and assigns that computer its own unique IP address.
The End of Rogue DHCP Servers This is in general great, but now and then some dodo would decide to "practice" with DHCP by setting up a DHCP server on some PC. The budding new administrator's new DHCP server would then start handing out completely bogus addresses to unsuspecting workstations. Those workstations would then have IP addresses, but they'd be worthless ones, and as a result those workstations would be unable to function on the company's network.
With Windows 2000, however, not just anyone can create a DHCP server. Now, DHCP servers must be authorized in the Active Directory before they're allowed to start handing out addresses. This is a great advance, the end of what we used to call "rogue" DHCP servers.
DHCP Works with DNS to Register Clients You read before that the new DNS supports dynamic updates, a process standardized in RFC 2136 whereby the DNS server will automatically collect address information about machines on the network. This is an improvement over NT 4's DNS server because that DNS server couldn't automatically collect DNS information about machines-you, the administrator, had to type the names and IP addresses of new machines into the DNS Manager administration tool.
Windows 2000's DNS server collects its information about machines on the net-work with the help of those machines. When a machine starts up, one of the things it's doing while booting up-one of the reasons that booting modern PCs takes so long-is contacting the DNS server to tell the DNS server that the machine exists. In effect, each workstation and server on the network must know to register itself with the DNS server.
Unfortunately, as RFC 2136 is a fairly recent development in the DNS world, most existing operating systems-DOS, Windows for Workgroups, Windows 9x, NT 3.x, and 4.x-do not know to register themselves with a DNS server. That's where Windows 2000's DHCP server helps out. You can optionally tell the DHCP server to handle the DNS registrations for non-2136-aware workstations. This is a very useful new feature because, without it, dynamic updates wouldn't be worth much except for the rare firm that runs solely Windows 2000 on its desktops, laptops, and servers. NOTE You can read more about DHCP in Chapter 18.
Quality of Service
The Internet's underlying protocols, TCP/IP, have something of an egalitarian nature; when the Net's busy, it's first come, first served. But the protocols have always had a built-in capability that would theoretically allow an Internet operator to give greater priority to one user over another, to dial in a better response time for some than for others. That's called Quality of Service, or QoS. It was always there but not really implemented as it sort of ran against the way the Net was run.
The growth of corporate intranets, however, changes that story. Network operators in corporate networks aren't serving a mass public; rather, they're serving a diverse and hierarchical organization whose leaders may well want to be able to say, "We direct that this individual get more bandwidth and faster access to network resources than this other individual." That's possible if you're using expensive Cisco routers- but now you can do it if you use Windows 2000 machines as your IP routers as well.
New Security Infrastructure
As one security expert once said to me, "We knew that NT had `made it' when hackers started targeting it." Hardly a month goes by without word of a new security hole in NT 4 and the hot fixes that are intended to plug that hole. Patch a plaster wall with Spackle enough and eventually you have to wonder if you've got a plaster wall or a Spackle wall-so Microsoft must have decided early on that one of the things that Windows 2000 couldn't live without was a new security system.
So they built two.
Originally, Windows 2000 was supposed to replace NT 4's authentication system, known as NTLM (for NT LAN Manager), with a system popular in the Unix world called Kerberos. Kerberos is well understood and works well in large-scale systems, assisting Microsoft in their "scalability" (there's that nonword again) goal. Partway through the Windows 2000 development process, Microsoft decided to supplement Kerberos with a third security system, a public key system based on the X.509 standard. They did that mainly because a public key system is considered far more scalable than either an NTLM or Kerberos system. Several companies offer hard-ware readers that allow users to log in by inserting credit card-sized devices called smart cards into the readers.
Kerberos and public key provide as a side effect a feature that NT administrators have asked after for a long time-transitive trust relationships.
Distributed File System
NT's first and probably still most prevalent job is as a file server. And as time has gone on and versions have appeared, it's gotten better at it. Some benchmarks have rated it as fast or faster than NetWare, the guys to beat. And where NT 4's file server software was largely unable to deliver throughput faster than 90Mbps, Windows 2000 can transfer data almost 10 times faster.
Disconnecting Physical Locations from Names
But NT's file server system is hampered by the way it addresses shares on servers. A share named DATA on a server named WALLY would be accessed as \\WALLY \DATA .
Although that makes sense, it's limiting. Suppose the WALLY server goes up in a puff of smoke? We install a new server, perhaps named SALLY rather than WALLY, restore the data from WALLY, and re-create the DATA share. But now it's \\SALLY \DATA rather than \\WALLY \DATA , and configurations that are hardwired to look for and expect \\WALLY \DATA will fail. In other words, if a share's physical location changes, so must its "logical" location-its name. It'd be nice to be able to give a share a name that it could keep no matter what server it happened to be on.
Windows 2000 takes NT beyond that with the Distributed File System. In combination with Active Directory, Dfs-note the lowercase in the acronym; apparently some-one already owned DFS when Microsoft started working on the Distributed File System-allows you to give all of your shares names like \\domainname \sharename rather than \\servername \sharename . You needn't know the name of the file server that the share is on.
You probably know that Windows 2000 offers you many ways to add reliability to your network through RAID storage and two-system computer clusters. RAID boxes aren't cheap, and clusters require a lot of hardware (two identical machines, external SCSI storage, extra network cards, and either the Advanced or Datacenter edition of Windows 2000 Server). But there are some very inexpensive fault tolerance options for Windows 2000 networks as well; Dfs provides one.
If you have a file share that you want to be available despite network misfortune and failure, then one way to accomplish that is with a fault tolerant Dfs share. To create one, just create two or more file shares that contain the same information, then tell Dfs to treat them like one share. So, for example, in a domain named ROCKS, you might have a share named STUFF on a server named S1 and a share named STUFF on a server named S2. To the outside world, however, only one share would be visible as \\ROCKS \STUFF . Then, when someone tries to access \\ROCKS \STUFF , Dfs will basically flip a coin and either send her to \\S1 \STUFF or \\S2 \STUFF . It's not full-blown fault tolerance-if S1 goes down, nothing automatically transfers people from \\S1 \STUFF to \\S2 \STUFF -but it's a low-cost way to increase the chance that a given share will be available, even under network "fire...."
Table of Contents
|1||Windows 2000 Server Overview||1|
|Microsoft's Overall Goals for Windows 2000||3|
|Specific New Capabilities and Features||6|
|Making Windows 2000/NT More "Enterprising"||7|
|Lowering TCO and Warming Administrators' Hearts||16|
|Creating Microsoft Management Consoles||221|
|5||Understanding the Registry Database||245|
|What Is the Registry?||246|
|Working with the Registry: An Example||254|
|How Do You Find Registry Keys?||256|
|Even More Cautions about Editing the Registry||257|
|Where the Registry Lives: Hives||259|
|Remote Registry Modification||261|
|Backing Up and Restoring a Registry||262|
|Regedit versus Regedt32||263|
|6||Installing Hardware in Windows 2000||265|
|Hardware Resources: The Basics||266|
|Practical Hardware Tutorial||275|
|Windows 2000 Hardware Management||280|
|7||Managing Windows 2000 Storage||297|
|Using the Disk Management Tool||298|
|Performing Disk Maintenance||335|
|Using Encrypted NTFS||350|
|Enough of That! Managing Disk Quotas||356|
|Archiving Data with Remote Storage||361|
|8||Managing and Creating User Accounts||367|
|Use Computer Management for Local Accounts||368|
|Use Active Directory Users and Computers for Domain Accounts||371|
|Working with Group Policies||421|
|Working with NT 4 User Profiles||464|
|System Policies for Legacy Clients||503|
|9||Creating and Managing Shared Folders||541|
|Basics of File Sharing||542|
|Creating Shared Folders||544|
|Connecting to Shares via the Command Line||574|
|The Distributed File System||576|
|Using Offline Files/Client-Side Caching||593|
|Publishing a Package to Users||611|
|Filtering Group Policy||616|
|Using Organizational Units||618|
|Assigning a Package to Users or Computers||618|
|Removing a Package||624|
|Redeploying a Package||625|
|Creating Your Own MSI||625|
|Distributing the Easy Way: Using ZAP Files||634|
|Checking Out Those Off-the-Shelf Applications||636|
|11||Configuring and Troubleshooting Network Print Services||655|
|Print Services Terminology||656|
|The Win2K Printing Model||657|
|Setting Up a Printer Connection||663|
|Configuring Printer Settings||678|
|Adjusting Print Server Settings||688|
|Managing Printer Availability||695|
|Managing Print Jobs||719|
|Troubleshooting Printer Problems||720|
|12||Connecting Clients to Windows 2000 Server||723|
|Connecting Windows 95 and Windows 98 Workstations||724|
|Connecting Windows NT Workstations||731|
|Connecting Windows for Workgroups Workstations||737|
|Connecting DOS Workstations||742|
|13||Connecting Macintoshes to Windows 2000||745|
|Installing the Servers for Macintosh||754|
|Accessing Server Resources||769|
|Setting Advanced Options||776|
|Supporting Applications across Platforms||778|
|14||Supporting Clients with Windows Terminal Services||783|
|Why Care About Terminal Services?||784|
|The Terminal Server Processing Model||790|
|Server and Client Requirements||797|
|Installing (or Removing) Support for Terminal Services||800|
|Creating a New Terminal Server Client||803|
|Adjusting Client Connection Settings||815|
|Terminal Services Licensing||830|
|Configuring Applications for a Multiuser Environment||839|
|Managing Terminal Sessions||852|
|15||How Running a Big Windows 2000 Network Is Different||867|
|Active Directory Design Issues||868|
|Deploying Infrastructure Services||877|
|Domain Migration Strategies and Downlevel Coexistence||882|
|16||Integrating NetWare with Windows 2000 Server||885|
|Integration versus Migration||886|
|Integrating NetWare and Windows 2000 Server||893|
|Migrating from NetWare and NDS to Windows 2000 and Active Directory||899|
|17||Understanding and Using TCP/IP in Windows 2000 Server||917|
|A Brief History of TCP/IP||918|
|The Internet Protocol (IP)||924|
|A, B, and C Networks, CIDR Blocks, and Subnetting||930|
|TCP (Transmission Control Protocol)||941|
|Sockets and the Winsock Interface||943|
|Internet Host Names||945|
|Getting onto an Intranet||949|
|The Basics of Setting Up TCP/IP on Windows 2000 with Static IP Addresses||954|
|Setting Up Routing on Windows 2000, NT, and Windows Machines||972|
|Using a Windows 2000 Server as an Internet Gateway/Router||989|
|Lower-Cost LAN-to-WAN Routing with Internet Connection Sharing||1001|
|18||Building a Windows 2000 TCP/IP Infrastructure: DHCP, WINS, DNS, Sites, and More||1009|
|DHCP: Automatic TCP/IP Configuration||1010|
|Name Resolution in Perspective: Introduction to WINS (Even for Windows 2000) and DNS||1041|
|Handling Legacy and NetBIOS Names: The Windows Internet Name Service||1045|
|DNS: Name Central in Windows 2000||1069|
|Setting Up a Small Domain with DNS Manager: An Example||1084|
|Creating Subdomains in DNS||1103|
|Private Roots versus Internet Connectivity||1109|
|How to Bypass the GUI and Fix DNS Problems Directly: Understanding the DNS Boot, Cache, and Zone Files||1111|
|Name Resolution in More Detail||1124|
|Name Resolution Sequence under NetBIOS||1129|
|What if DNS and WINS Conflict?||1131|
|Identifying Subnets with Site Manager||1131|
|Using Telnet for Remote Login||1136|
|Using FTP for File Transfer||1138|
|A Free E-Mail Server for Windows 2000||1144|
|Windows 2000 Internet Security: Some Thoughts||1154|
|19||Internet Information Services in Windows 2000 Server||1163|
|A Closer Look: What IIS Can (and Can't) Do||1164|
|Installing Internet Information Services||1167|
|Global IIS Configuration||1169|
|Setting Up a Web Site and Configuring Web Services||1172|
|Setting Up an FTP Site and Configuring FTP Services||1204|
|Setting Up an NNTP News Server and Configuring NNTP Services||1219|
|Setting Up an SMTP Server and Configuring SMTP Services||1237|
|Communicating Securely with SSL||1254|
|20||Tuning and Monitoring Your Win2K Network||1261|
|Roundup of Tuning Support Tools and What to Do with Them||1262|
|Observing Performance Patterns with the System Monitor||1264|
|Logging Performance Data||1281|
|Whattheheckhappened? Troubleshooting with the Event Viewer||1291|
|Basic Tuning Stuff||1301|
|Configuring Network Browsing||1312|
|21||Preparing for and Recovering from Server Failures||1323|
|Preventing Stupid Accidents||1324|
|Backup Programs and Approaches||1330|
|Troubleshooting Hardware with the System Information Tool||1365|
|Understanding the Boot Process||1376|
|Fixing Minor Problems with the Advanced Options Menu||1380|
|Preparing for Recovery||1387|
|Repairing--or Recovering--a Damaged Installation||1390|
|Troubleshooting Login Failures: "No Domain Controller Found..."||1400|
|Troubleshooting Start-Up Mysteries: How Do I Get Rid of That Program?||1404|
|Planning for Disaster Recovery||1404|
|22||Installing and Managing Remote Access Service in Windows 2000 Server||1411|
|Common Applications for Remote Access Service||1413|
|Bandwidth Planning and Considerations||1415|
|RAS Hardware Requirements||1421|
|RAS Installation and Setup||1427|
|Connecting to the Internet||1430|
|Accepting Incoming Calls from Remote Users||1439|
|Connecting to a Private Network||1460|
|Acting as an Internet Gateway||1464|
|Accepting Virtual Private Networking Connections from Remote Clients||1472|
|Dialing Up a Remote Network and Routing Traffic||1485|
|Appendix||Performance Objects in Windows 2000||1497|
Most Helpful Customer Reviews
Mastering Windows 2000 Server has been a life saver to me. I have searched everywhere on how to do several things on a server and this was the only book that I found had the instructions on exactly how to do what I need to do.
As a self taught W2k systems administrator for a small company this book is a God send. A down to earth approach to W2k. After getting this book, many of the issues I had been struggling with or trying to implement were resolved. This book gives a complete overall view of the issue and then walks you through the implementation of that issue. I would recommend this to anyone who is battling with W2k or wants to educate themselves on how to do more with it.
Mark Minasi has a way of writing as though he talking to you, which makes what could be dull factual information and transforms it into something that is easy to comprehend and understand. If you need to learn Windows 2000, buy this book: period.
I had purchased several books before finding the Mastering Windows 2000 Server. All of them fell short of answering my questions. Mastering Windows 2000 is a must have for all IT Professionals that have NT installations and are either thinking about or have moved to Windows 2000! This book answers all the questions without having to spend money on support calls. Thanks Mike and company for producing a book worth more than it's weight in gold!