ISBN-10:
0782128726
ISBN-13:
9780782128727
Pub. Date:
03/28/2001
Publisher:
Sybex, Incorporated
Mastering Windows 2000 Server / Edition 3

Mastering Windows 2000 Server / Edition 3

Hardcover

Current price is , Original price is $59.99. You

Temporarily Out of Stock Online

Please check back later for updated availability.

This item is available online through Marketplace sellers.

Overview

Mark Minasi, the world's #1 Windows NT authority, updates his #1 bestselling book for Windows 2000. Every system administrator needs this book! This high-level, irreverent yet readable explanation of Windows 2000 Server provides the best discussion of the architecture, features, and new utilities of the new OS in print. You'll learn from the expert: the differences between NT and 2000, the advantages (and potential pitfalls) of the the new OS; scores of undocumented secrets, tips, tricks, and workarounds, practical, hand's-on advice for installing and using Windows 2000 in an enterprise environment, and hundreds of useful and essential nuggets of information that will save you hundreds or thousands of dollars in calls to Microsoft's help desk.

Product Details

ISBN-13: 9780782128727
Publisher: Sybex, Incorporated
Publication date: 03/28/2001
Series: Mastering Series
Edition description: Older Edition
Pages: 1872
Product dimensions: 7.81(w) x 9.31(h) x 2.99(d)

About the Author

Mark Minasi, MCSE, is recognized as one of the world's best teachers of NT/2000. He teaches NT/2000 classes in 15 countries and is a much sought-after speaker at conferences. His firm, MR&D, has taught tens of thousands of people to design and run NT networks. Among his eight other Sybex books are Mastering TCP/IP for NT Server, Troubleshooting Windows, and The Complete PC Upgrade and Maintenance Guide, which has sold a million copies and been translated into 12 languages.

Read an Excerpt


Chapter 1: Windows 2000 Server Overview

After years of talk about "Cairo" (the Microsoft code name for their "ultimate" server software) and even more years of work, Microsoft has finally shipped Windows 2000. After training us to expect roughly annual releases of new versions of NT-NT 3.1 shipped in 1993, 3.5 in 1994, 3.51 in 1995, and 4 in 1996-NT 5 finally arrived, but it was considerably later than a year after the release of NT 4. Furthermore, NT 5 arrived with a new name: Windows 2000. But the name's not all that's new.

So what took so long? Was it worth the wait? For many, the answer will be "yes." Much of NT's foundation-the internal kernel structure, how drivers are designed, how Windows 2000 multitasks-hasn't changed all that terribly much from NT 4, but network professionals really don't see that part of NT. Instead, we network types will notice that the above-ground structures, the tools built atop the foundation, are so different as to render Windows 2000 Server almost unrecognizable as a descendant of NT 3.x and 4.x. For comparison's sake, and to extend the structural metaphor, think of using Windows NT 3.1 Advanced Server as renting a room in someone's basement, using NT 4 as renting a 2-bedroom apartment, and using Windows 2000 Server as living in Bill Gates's new mansion on Lake Washington: more rooms than anyone can count all filled with new and wonderful electronic gadgets.

In the mansion, many of the things that you know from the basement room are unchanged-the electricity comes out of sockets in the wall, the pipes are copper or PVC, bathrooms have sinks and commodes in them-but there's so much more of it all, as well asso many new things, both useful ("Hey, cool, a garden, and automatic sprinklers for it!") and of debatable value ("What does this bidet thing do, anyway?"). That's not to say that NT's underpinnings will never change, not at all-the next (and still-unnamed) version of NT will go a step further, digging up NT's 32-bit foundation and replacing it with a 64-bit one.

The main point, however, is this: If you're an NT network administrator, be prepared for culture shock. The difference between NT 4 and Windows 2000 is at least 10 times as great as the difference between NT 3.1 and NT 4. And if you've never worked with NT in any flavor, be prepared to find Windows 2000 both delightful and frustrating-as is the case with most Microsoft software.

It would be somewhat shortsighted of me to simply say, "Here are the new features you'll find in Windows 2000," and then to just dump the features-it sort of misses the forest for the trees. So let me start off by briefly discussing the big picture and what Microsoft's trying to accomplish; then I'll move along to those new features and, finally, take a look at a few of Windows 2000's shortcomings.

Microsoft's Overall Goals for Windows 2000

The changes in Windows 2000 from NT 4 are quite significant, but they were long in coming. What was the wait all about?

Make NT an Enterprise OS

Microsoft wants your company to shut off its mainframes and do your firm's work on big servers running NT. That's why there is a version of Windows 2000 Server called Datacenter Server. Microsoft is also hoping that "enterprise" customers will exploit new Windows 2000 Server facilities such as Active Directory and Microsoft Application Server (nee MTS) and COM+ to write gobs of new and hardware-hungry distributed applications. Before they can accomplish that, however, they need to clear three hurdles: reliability, availability, and scalability.

NT Must Be More Reliable
Since their appearance in the late '70s, microcomputer-based network operating systems have been seen as fundamentally different from "big-system" OSes like IBM's MVS and OS/400, Compaq's Open VMS, and the myriad flavors of Unix. PC-based network operating systems weren't exactly seen as toys, but neither were they seen as something that one would base one's business on, if one's business was truly critical. For example, it's hard to imagine the New York Stock Exchange announcing that they'd decided to get rid of their current trading system and to replace it with a Net-Ware 4.1 or NT 4-based client-server system. PC-based stuff just wasn't (and largely still isn't) seen as sufficiently reliable yet to take on the big guys.

Nor is that an unfair assessment. Most of us would be a bit uncomfortable about discovering in midflight that the state-of-the-art airliner taking us across the Pacific was run by NT, or that the Social Security Administration had decided to dump their old mainframe-based software in favor of a Lotus Notes-based system running atop NT. Years ago, many firms discovered that NT servers crashed far less often if rebooted weekly; it's hard to imagine running a heart-and-lung machine on something like that. But Microsoft wants to shed that image. They want very much to build an OS that is sufficiently industrial-strength in reliability so that one day it wouldn't be silly to suggest that AT&T's long distance network could run atop some future version of NT, Windows 2000-something. With Windows 2000, Microsoft believes that they've taken some steps in that direction.

NT Must Be More Available
A server being rebooted to change some parameters is just as down as one that is being rebooted after a Blue Screen Of Death, the symptom of a system crash that is all too familiar to NT 4 veterans. Many Windows 2000 parameters can be changed with-out a reboot where a change to the corresponding parameter in Windows NT 4 would require one. Unfortunately, as we will see, some of the most common parameter changes still require a reboot.

NT Must Be Able to "Scale" to Use Big Computers
Reliability's not the only big-network issue that Microsoft faces. The other one is the limit on the raw power that NT can use-to use a word that the PC industry created a few years ago, NT must be more scalable.

Being an "enterprise" operating system requires two different kinds of scalability which are somewhat at odds with each other: performance scalability and administrative scalability. The first asks, "If I need to do more work with NT, can I just run it on a bigger computer?" The second asks, "If I need to support more users/computers/giga-bytes of hard disk/etc., can I do it without hiring more administrators?"

Performance Scalability CPUs are simply not getting all that much faster in terms of the things they can do. To create faster or higher-capacity computers, then, computer manufacturers have been putting more and more CPUs into a box. And while NT has in theory been designed to use up to 32 processors since its first incarnation, in reality, very few people have been able to get any use out of more than 4 processors. With Windows 2000, Microsoft claims to have improved the scalability of NT-although I've not yet heard anyone say with a straight face that Windows 2000 will "run like a top" on a 32-processor system.

Besides the ability to use a larger number of CPUs, there were internal restrictions within Windows NT, such as the number of users that a SAM database would allow, that simply had to go. With Active Directory, many restrictions, including this one, have been removed.

The three versions of Server support different numbers of CPUs. Windows 2000 Server supports four processors. Windows 2000 Advanced Server supports 8 processors, and Windows 2000 Datacenter Server supports 32 processors.

NOTE Oh, and if you're looking in your Webster's for a definition of scalability, don't bother; it's not a real word. Microsoft made it up a few years ago. Basically, scalable roughly means, "As the job's demands grow, you can meet them by throwing in more hardware-processors and memory-and the system will meet the needs." It's become an issue because, while NT has theoretically supported 32 processors since its inception, much of the basic NT operating system itself can't use many processors-for example, adding a ninth processor to an eight-processor domain controller won't produce any faster logins. That's also true of NT programs; depending on whom you ask, SQL Server maxes out at four or eight processors. Beyond that, adding more processors does nothing more than run up the electric bill.

Administrative Scalability/Manageability Large enterprises do not like to add headcount in their core business areas, much less just to administer Windows NT. Windows 2000 Server contains a number of facilities such as Intellimirror, designed to allow customers to support more users running with more complex desktop environments with fewer support personnel. Microsoft typically refers to this area as "Manageability," though I think "Administrative Scalability" better captures the flavor of the topic.

In this area, one of the most important additions to Windows 2000 is its support for both issuing and honoring digital certificates in place of userids and passwords for identification and authentication. The overall system needed to manage the life cycles of digital certificates and verify their authenticity and current validity is called Public Key Infrastructure (PKI). PKI-based security is both more secure and vastly more administratively scalable than userid+password-based security, but it is also much, much more technically complex.

Modernize NT

Three years can be an awfully long time in the computer business. The years since 1996 have seen the emergence of Universal Serial Bus, IEEE 1394, Fiber Channel, and 3-D video cards, just to name a few areas of technological growth, as well as the introduction of hundreds of new network cards, video boards, sound cards, SCSI host adapters, and so on. A new crop of network-aware PCs has appeared, PCs that under-stand networking right in their BIOSes and that are designed to be taken straight out of the box without anything on their hard drives, plugged into the network, and started up from the network rather than from any on-disk software. And on a more mundane note, nearly every PC sold in the past five years supports a hardware system called Plug and Play (PnP).

NT supports none of these things right out of the box. Some of these devices can be made to work, but some can't. Hardware support has always been something of an afterthought in NT, and it's amazing that Microsoft shipped NT 4 without any Plug-and- Play support, save an undocumented driver that could sometimes make a PnP ISA board work but that more commonly simply rendered a system unusable. NT 4's off-hand support, of PC Card laptops and its near-complete lack of support for Cardbus slots forced many an NT-centric shop to put NT Server on their servers, NT Workstation on their corporate desktop and Windows 95 on their laptops. One of Windows 2000's goals, then-and an essential one-is to support the new types of hardware and greatly improve the way that it works on laptops.

Make NT Easier to Support

The past 10 years have seen the rise of the graphical user interface (GUI), which brought a basically uniform "look and feel" to PC applications and made learning a PC application and PCs in general so much easier for users. We've seen programming tools go from some very simple development environments that crashed more often than they worked to today's very stable 32-bit suite of programming tools, making it possible for developers to create large and powerful 32-bit applications. Users and developers are better off-sounds good, doesn't it?

Well, it is, for them. But many of us fall into a third category: support staff. And while some things have gotten better-the graphical nature of many of NT's administrative tools helped get many new admins started on a networking career-the actual job of sup-port hasn't gotten any easier. Consider this: Would you rather rebuild a CONFIG.SYS file to stitch back together a damaged DOS machine from memory, or would you prefer to pick through a broken Registry trying to figure out what's ailing it?

Microsoft's competition knew that support was the Achilles' heel of both Windows and NT, and so in the mid-'90s, Sun and others began extolling the importance of considering the Total Cost of Ownership (TCO) of any desktop system. It wasn't hard to make the argument that the biggest cost of putting Windows on a desktop isn't the hardware or the software-it's the staff hours required to get it up and keep it running. With Windows 2000, Microsoft starts to reduce desktop TCO. A group of Windows 2000 improvements called Change and Configuration Management tools makes life easier for support folks and network administrators in general.

Specific New Capabilities and Features

So much for the good intentions. What about the new goodies?

Microsoft lists pages and pages of enhancements to Windows 2000-the PR people have, after all, had over three years to cook up those lists. I'm sure they're all of value to someone, but here are the things that I find most valuable in Windows 2000, arranged according to my three earlier categories-making NT more enterprise ready, modernizing NT, and improving its administrative tools/lowering TCO.

Making Windows 2000/NT More "Enterprising"

Several functions help push NT's latest incarnation to a place in the big leagues. In particular, the most significant "big network" changes to NT include:

  • Active Directory
  • Improved TCP/IP-based networking infrastructure
  • More scalable security infrastructure options
  • More powerful file sharing with the Distributed File System and the File Replication Service
  • Freedom from drive letters with junction points and mountable drives
  • More flexible online storage via the Removable Storage Manager

Active Directory

The crown jewel of Windows 2000, Active Directory is also the single most pervasive piece of the OS. Many of the things you'll read about in this book, many of the compelling features of Windows 2000, simply cannot function without Active Directory. Group policies, domain trees and forests, centralized deployment of applications, and the best features of the Distributed File System (to name a few) will not operate until you've got a system acting as an Active Directory server.

NOTE The whys and wherefores of Active Directory are complex enough that they'll get a chapter all their own. In Chapter 2, you'll read about what Active Directory is trying to accomplish, how it does so, and how you can best design the Active Directory for your enterprise.

Network Infrastructure Improvements

Anyone building an NT-based network around the TCP/IP protocol needed three important infrastructure tools:

  • The Windows Internet Name Service (WINS), which helped Windows 2000-and NT-based servers and workstations locate domain controllers (which handled logins and authentication in general) as well as file and print servers.

  • The Dynamic Host Configuration Protocol (DHCP), which simplified and centralized the once-onerous task of configuring TCP/IP on workstations.

  • The Domain Name System (DNS), which did the same kind of job as WINS-it keeps track of names and addresses-but instead of helping workstations locate domain controllers and file/print servers, DNS helps programs like Web browsers and e-mail clients to find Web and mail servers. Some firms have avoided moving their networks to TCP/IP, staying instead with IPX (a protocol that owes its popularity to Novell's networking products) or NetBEUI (the main protocol for Microsoft networking prior to 1995). But with Windows 2000, pretty much everyone should be using TCP/IP, making DHCP, WINS, and DNS essential parts of any Windows 2000-based network.

WINS

Why did NT have two services-WINS and DNS-that kept track of names? This was the case because of a questionable choice that Microsoft made back in 1994. Of the two, WINS was the most troublesome and, for some networks, unfortunately the most vital. Thus, it was to many people quite excellent news when Microsoft announced that Windows 2000 would be the end of WINS.

Reports of its death, however, turned out to be greatly exaggerated. The actual story is that, if you have a network that is 100-percent Windows 2000, both on the workstation and server, then yes, you can stop using WINS. But most of us won't have that for years, so Windows 2000 still has a WINS service. Thankfully, it's greatly improved; one expert commented to me that it's ironic that Microsoft finally "fixed" WINS, just as they were about to kill it. Chapter 18 shows you how to set it up and make it work.

DNS

DNS was something of a sidelight under NT 4 as NT didn't really need DNS-DNS's main value was to assist Internet-oriented programs like Web, FTP, and POP3/SMTP mail clients in finding their corresponding servers. Under Windows 2000, however, DNS takes center stage. Without it, Active Directory won't work.

NT 4's DNS server was a pleasure to work with, although that's just my opinion: I've spoken with people who tell me that it couldn't handle high volume loads. I didn't have any bad experiences with it, so I can't comment. NT 4's DNS wrapped a well-designed GUI around a standard DNS implementation, making basic DNS tasks simpler than they would be for a Unix DNS implementation at the time. Windows 2000 takes that a step further with improved wizards. First-time DNS administrators will find that Windows 2000's DNS server almost does all the hand-holding you could need.

Additionally, Windows 2000's DNS supports dynamic updates, a process wherein adding information about new machines to a DNS database can be automated. Based on the Internet standard document RFC 2136 (the Internet's standards are described in documents called Request for Comments, or RFCs), it combines the best of NT 4's WINS and DNS servers. The DNS server also supports another Internet standard, RFC 2052, which greatly expands the kind of information that DNS servers can hold onto. For example, a pre-2052 DNS server could tell you what machines acted as mail servers for a given Internet domain, but not which machines were Web or FTP servers. 2052-compliant DNS servers can do that, and more: Active Directory now uses RFC 2052 to allow DNS to help workstations find domain controllers and other Active Directory-specific server types.

NOTE Chapter 18 covers how Active Directory uses RFC 2052 in more detail. DHCPB

DHCP frees network administrators from having to walk around and visit every single desktop in order to configure the TCP/IP protocol. The basic idea is that a workstation broadcasts over the network, seeking an IP address (every computer on an intranet must have a unique IP address); a DHCP server hears the plea and assigns that computer its own unique IP address.

The End of Rogue DHCP Servers This is in general great, but now and then some dodo would decide to "practice" with DHCP by setting up a DHCP server on some PC. The budding new administrator's new DHCP server would then start handing out completely bogus addresses to unsuspecting workstations. Those workstations would then have IP addresses, but they'd be worthless ones, and as a result those workstations would be unable to function on the company's network.

With Windows 2000, however, not just anyone can create a DHCP server. Now, DHCP servers must be authorized in the Active Directory before they're allowed to start handing out addresses. This is a great advance, the end of what we used to call "rogue" DHCP servers.

DHCP Works with DNS to Register Clients You read before that the new DNS supports dynamic updates, a process standardized in RFC 2136 whereby the DNS server will automatically collect address information about machines on the network. This is an improvement over NT 4's DNS server because that DNS server couldn't automatically collect DNS information about machines-you, the administrator, had to type the names and IP addresses of new machines into the DNS Manager administration tool.

Windows 2000's DNS server collects its information about machines on the net-work with the help of those machines. When a machine starts up, one of the things it's doing while booting up-one of the reasons that booting modern PCs takes so long-is contacting the DNS server to tell the DNS server that the machine exists. In effect, each workstation and server on the network must know to register itself with the DNS server.

Unfortunately, as RFC 2136 is a fairly recent development in the DNS world, most existing operating systems-DOS, Windows for Workgroups, Windows 9x, NT 3.x, and 4.x-do not know to register themselves with a DNS server. That's where Windows 2000's DHCP server helps out. You can optionally tell the DHCP server to handle the DNS registrations for non-2136-aware workstations. This is a very useful new feature because, without it, dynamic updates wouldn't be worth much except for the rare firm that runs solely Windows 2000 on its desktops, laptops, and servers. NOTE You can read more about DHCP in Chapter 18.

Quality of Service
The Internet's underlying protocols, TCP/IP, have something of an egalitarian nature; when the Net's busy, it's first come, first served. But the protocols have always had a built-in capability that would theoretically allow an Internet operator to give greater priority to one user over another, to dial in a better response time for some than for others. That's called Quality of Service, or QoS. It was always there but not really implemented as it sort of ran against the way the Net was run.

The growth of corporate intranets, however, changes that story. Network operators in corporate networks aren't serving a mass public; rather, they're serving a diverse and hierarchical organization whose leaders may well want to be able to say, "We direct that this individual get more bandwidth and faster access to network resources than this other individual." That's possible if you're using expensive Cisco routers- but now you can do it if you use Windows 2000 machines as your IP routers as well.

New Security Infrastructure

As one security expert once said to me, "We knew that NT had `made it' when hackers started targeting it." Hardly a month goes by without word of a new security hole in NT 4 and the hot fixes that are intended to plug that hole. Patch a plaster wall with Spackle enough and eventually you have to wonder if you've got a plaster wall or a Spackle wall-so Microsoft must have decided early on that one of the things that Windows 2000 couldn't live without was a new security system.

So they built two.

Originally, Windows 2000 was supposed to replace NT 4's authentication system, known as NTLM (for NT LAN Manager), with a system popular in the Unix world called Kerberos. Kerberos is well understood and works well in large-scale systems, assisting Microsoft in their "scalability" (there's that nonword again) goal. Partway through the Windows 2000 development process, Microsoft decided to supplement Kerberos with a third security system, a public key system based on the X.509 standard. They did that mainly because a public key system is considered far more scalable than either an NTLM or Kerberos system. Several companies offer hard-ware readers that allow users to log in by inserting credit card-sized devices called smart cards into the readers.

Kerberos and public key provide as a side effect a feature that NT administrators have asked after for a long time-transitive trust relationships.

Distributed File System

NT's first and probably still most prevalent job is as a file server. And as time has gone on and versions have appeared, it's gotten better at it. Some benchmarks have rated it as fast or faster than NetWare, the guys to beat. And where NT 4's file server software was largely unable to deliver throughput faster than 90Mbps, Windows 2000 can transfer data almost 10 times faster.

Disconnecting Physical Locations from Names
But NT's file server system is hampered by the way it addresses shares on servers. A share named DATA on a server named WALLY would be accessed as \\WALLY \DATA .

Although that makes sense, it's limiting. Suppose the WALLY server goes up in a puff of smoke? We install a new server, perhaps named SALLY rather than WALLY, restore the data from WALLY, and re-create the DATA share. But now it's \\SALLY \DATA rather than \\WALLY \DATA , and configurations that are hardwired to look for and expect \\WALLY \DATA will fail. In other words, if a share's physical location changes, so must its "logical" location-its name. It'd be nice to be able to give a share a name that it could keep no matter what server it happened to be on.

Windows 2000 takes NT beyond that with the Distributed File System. In combination with Active Directory, Dfs-note the lowercase in the acronym; apparently some-one already owned DFS when Microsoft started working on the Distributed File System-allows you to give all of your shares names like \\domainname \sharename rather than \\servername \sharename . You needn't know the name of the file server that the share is on.

Fault Tolerance
You probably know that Windows 2000 offers you many ways to add reliability to your network through RAID storage and two-system computer clusters. RAID boxes aren't cheap, and clusters require a lot of hardware (two identical machines, external SCSI storage, extra network cards, and either the Advanced or Datacenter edition of Windows 2000 Server). But there are some very inexpensive fault tolerance options for Windows 2000 networks as well; Dfs provides one.

If you have a file share that you want to be available despite network misfortune and failure, then one way to accomplish that is with a fault tolerant Dfs share. To create one, just create two or more file shares that contain the same information, then tell Dfs to treat them like one share. So, for example, in a domain named ROCKS, you might have a share named STUFF on a server named S1 and a share named STUFF on a server named S2. To the outside world, however, only one share would be visible as \\ROCKS \STUFF . Then, when someone tries to access \\ROCKS \STUFF , Dfs will basically flip a coin and either send her to \\S1 \STUFF or \\S2 \STUFF . It's not full-blown fault tolerance-if S1 goes down, nothing automatically transfers people from \\S1 \STUFF to \\S2 \STUFF -but it's a low-cost way to increase the chance that a given share will be available, even under network "fire...."

Table of Contents

Introductionxxix
1Windows 2000 Server Overview1
Microsoft's Overall Goals for Windows 20003
Specific New Capabilities and Features6
Making Windows 2000/NT More "Enterprising"7
Modernizing NT15
Lowering TCO and Warming Administrators' Hearts16
Bad News25
Creating Microsoft Management Consoles221
5Understanding the Registry Database245
What Is the Registry?246
Registry Terminology248
Working with the Registry: An Example254
How Do You Find Registry Keys?256
Even More Cautions about Editing the Registry257
Where the Registry Lives: Hives259
Remote Registry Modification261
Backing Up and Restoring a Registry262
Regedit versus Regedt32263
6Installing Hardware in Windows 2000265
Hardware Resources: The Basics266
Practical Hardware Tutorial275
Windows 2000 Hardware Management280
7Managing Windows 2000 Storage297
Using the Disk Management Tool298
Performing Disk Maintenance335
Using Encrypted NTFS350
Enough of That! Managing Disk Quotas356
Archiving Data with Remote Storage361
8Managing and Creating User Accounts367
Use Computer Management for Local Accounts368
Use Active Directory Users and Computers for Domain Accounts371
Understanding Groups391
Working with Group Policies421
Working with NT 4 User Profiles464
System Policies for Legacy Clients503
9Creating and Managing Shared Folders541
Basics of File Sharing542
Creating Shared Folders544
Managing Permissions549
Hidden Shares570
Common Shares572
Connecting to Shares via the Command Line574
The Distributed File System576
Web Sharing590
Using Offline Files/Client-Side Caching593
10Software Installation609
Publishing a Package to Users611
Filtering Group Policy616
Using Organizational Units618
Assigning a Package to Users or Computers618
Removing a Package624
Redeploying a Package625
Creating Your Own MSI625
Distributing the Easy Way: Using ZAP Files634
Checking Out Those Off-the-Shelf Applications636
Customizing Packages637
Upgrading Applications650
11Configuring and Troubleshooting Network Print Services655
Print Services Terminology656
The Win2K Printing Model657
Setting Up a Printer Connection663
Configuring Printer Settings678
Adjusting Print Server Settings688
Managing Printer Availability695
Managing Print Jobs719
Troubleshooting Printer Problems720
12Connecting Clients to Windows 2000 Server723
Connecting Windows 95 and Windows 98 Workstations724
Connecting Windows NT Workstations731
Connecting Windows for Workgroups Workstations737
Connecting DOS Workstations742
13Connecting Macintoshes to Windows 2000745
Getting Started746
Installing the Servers for Macintosh754
Accessing Server Resources769
Implementing Security774
Setting Advanced Options776
Supporting Applications across Platforms778
Network Alternatives779
14Supporting Clients with Windows Terminal Services783
Why Care About Terminal Services?784
The Terminal Server Processing Model790
Server and Client Requirements797
Installing (or Removing) Support for Terminal Services800
Creating a New Terminal Server Client803
Adjusting Client Connection Settings815
Terminal Services Licensing830
Configuring Applications for a Multiuser Environment839
Managing Terminal Sessions852
15How Running a Big Windows 2000 Network Is Different867
Active Directory Design Issues868
Replication Issues874
Deploying Infrastructure Services877
Domain Migration Strategies and Downlevel Coexistence882
16Integrating NetWare with Windows 2000 Server885
Integration versus Migration886
Getting Started887
Integrating NetWare and Windows 2000 Server893
Migrating from NetWare and NDS to Windows 2000 and Active Directory899
17Understanding and Using TCP/IP in Windows 2000 Server917
A Brief History of TCP/IP918
The Internet Protocol (IP)924
A, B, and C Networks, CIDR Blocks, and Subnetting930
TCP (Transmission Control Protocol)941
Sockets and the Winsock Interface943
Internet Host Names945
Getting onto an Intranet949
The Basics of Setting Up TCP/IP on Windows 2000 with Static IP Addresses954
Setting Up Routing on Windows 2000, NT, and Windows Machines972
Using a Windows 2000 Server as an Internet Gateway/Router989
Lower-Cost LAN-to-WAN Routing with Internet Connection Sharing1001
18Building a Windows 2000 TCP/IP Infrastructure: DHCP, WINS, DNS, Sites, and More1009
DHCP: Automatic TCP/IP Configuration1010
Name Resolution in Perspective: Introduction to WINS (Even for Windows 2000) and DNS1041
Handling Legacy and NetBIOS Names: The Windows Internet Name Service1045
DNS: Name Central in Windows 20001069
Setting Up a Small Domain with DNS Manager: An Example1084
Creating Subdomains in DNS1103
Private Roots versus Internet Connectivity1109
How to Bypass the GUI and Fix DNS Problems Directly: Understanding the DNS Boot, Cache, and Zone Files1111
Name Resolution in More Detail1124
Name Resolution Sequence under NetBIOS1129
What if DNS and WINS Conflict?1131
Identifying Subnets with Site Manager1131
Using Telnet for Remote Login1136
Using FTP for File Transfer1138
A Free E-Mail Server for Windows 20001144
Windows 2000 Internet Security: Some Thoughts1154
19Internet Information Services in Windows 2000 Server1163
A Closer Look: What IIS Can (and Can't) Do1164
Installing Internet Information Services1167
Global IIS Configuration1169
Setting Up a Web Site and Configuring Web Services1172
Setting Up an FTP Site and Configuring FTP Services1204
Setting Up an NNTP News Server and Configuring NNTP Services1219
Setting Up an SMTP Server and Configuring SMTP Services1237
Communicating Securely with SSL1254
20Tuning and Monitoring Your Win2K Network1261
Roundup of Tuning Support Tools and What to Do with Them1262
Observing Performance Patterns with the System Monitor1264
Logging Performance Data1281
Whattheheckhappened? Troubleshooting with the Event Viewer1291
Basic Tuning Stuff1301
Configuring Network Browsing1312
21Preparing for and Recovering from Server Failures1323
Preventing Stupid Accidents1324
Backup Programs and Approaches1330
Troubleshooting Hardware with the System Information Tool1365
Understanding the Boot Process1376
Fixing Minor Problems with the Advanced Options Menu1380
Preparing for Recovery1387
Repairing--or Recovering--a Damaged Installation1390
Troubleshooting Login Failures: "No Domain Controller Found..."1400
Troubleshooting Start-Up Mysteries: How Do I Get Rid of That Program?1404
Planning for Disaster Recovery1404
22Installing and Managing Remote Access Service in Windows 2000 Server1411
Common Applications for Remote Access Service1413
Bandwidth Planning and Considerations1415
RAS Hardware Requirements1421
RAS Installation and Setup1427
Connecting to the Internet1430
Accepting Incoming Calls from Remote Users1439
Connecting to a Private Network1460
Acting as an Internet Gateway1464
Accepting Virtual Private Networking Connections from Remote Clients1472
Dialing Up a Remote Network and Routing Traffic1485
AppendixPerformance Objects in Windows 20001497
Index1508

Customer Reviews

Most Helpful Customer Reviews

See All Customer Reviews

Mastering Windows 2000 Server 5 out of 5 based on 0 ratings. 4 reviews.
Guest More than 1 year ago
Mastering Windows 2000 Server has been a life saver to me. I have searched everywhere on how to do several things on a server and this was the only book that I found had the instructions on exactly how to do what I need to do.
Guest More than 1 year ago
As a self taught W2k systems administrator for a small company this book is a God send. A down to earth approach to W2k. After getting this book, many of the issues I had been struggling with or trying to implement were resolved. This book gives a complete overall view of the issue and then walks you through the implementation of that issue. I would recommend this to anyone who is battling with W2k or wants to educate themselves on how to do more with it.
Guest More than 1 year ago
Mark Minasi has a way of writing as though he talking to you, which makes what could be dull factual information and transforms it into something that is easy to comprehend and understand. If you need to learn Windows 2000, buy this book: period.
Guest More than 1 year ago
I had purchased several books before finding the Mastering Windows 2000 Server. All of them fell short of answering my questions. Mastering Windows 2000 is a must have for all IT Professionals that have NT installations and are either thinking about or have moved to Windows 2000! This book answers all the questions without having to spend money on support calls. Thanks Mike and company for producing a book worth more than it's weight in gold!