Eric Bursley | 
|
Windows 2000:
|
My first two articles discussed Windows 2000 Professional. In this article I'm going to discuss some of the changes in Server. 2000 Server comes in 3 flavors, each with their own capabilities. Windows 2000 Server is the most basic of the three. It supports up to 2 processors (4 if upgraded from NT Server 4), and 4GB of RAM. Advanced Server supports up to 4 processors (8 if upgraded from NT Server 4 Enterprise), and 64GB of RAM. Lastly there is Data Center Server, which supports up to 16 Processors, and 64GB of RAM. I'm mostly going to touch only on 2000 Server since I don't have access to the other betas. All of the features that Server has are included with the other versions.
Microsoft claims this version of Server will be more robust than the last with improved reliability, availability and scalability. Windows 2000 Server has to be able to have up times of 24/7, have fewer reboots, and be able to fix itself if problems occur. It must also have the ability to scale from a single processor PC to multiprocessor servers to host web sites.
I installed Windows 2000 Sever this past weekend in a dual boot with NT Server 4. This operation went very smoothly. Very few questions were brought up, and the ones that were will be familiar for NT Administrators. After installation was complete, I logged in to the server and was presented with the "Configure Your Server" program. This program allows you to configure your server as a domain controller, file/print server, configure web services. It also includes the ability to configure the active directory.
The active directory is a new service in Windows 2000 server. This is installed when you promote a server to a domain controller. The purpose of this service is to store information about objects on your network for easy access by administrators and users. The active directory is a structured data source that has a logical order, and a hierarchical organization.
The security of the active directory is made through the login. A single network login will allow administrators to manage resources and objects on a network with ease.
One of the biggest changes that you will see with Win2k Server is with the domain controllers. You will no longer have a primary domain controller and several backup domain controllers. Microsoft has simplified this by making all domain controllers equal. They have also consolidated the domain structure. Before, if you needed to have more resources available in a domain, you would need to set up a resource domain with a trust relationship to the Master Domain. Microsoft has increased the limit of objects in a domain from 40,000 to about 1 million. You can then convert your resource domains into organizational units underneath one domain. This will provide persons that need to control objects in their work area with the ability to control them, but still allow the Domain Administrators total access. Naming conventions have also changed; NT4 used NetBIOS, Win2k will use DNS (Domain Name Service).
Microsoft also included some features that really should have been included in NT Server a long time ago. The first thing that comes to mind is a directory quota. Under normal WinNT 4 domains, if you share a network drive for access to everyone on a network, then someone could fill up that hard drive with no concern for the space available on the server. With the new directory quota system, you can assign the precise amount of space a user is permitted to use on a hard drive, then either log in the event viewer if a user exceeds that amount, or deny that user access to additional space.
Another new feature is IntelliMirror. The purpose of this feature is to provide the advantages of centralized computing with the flexibility and performance of distributed computing. This will allow users' data, applications, and settings to follow them, and also permit the remote installation of the Win2k operating system.
I'd also like to touch on the remote installation feature of IntelliMirror. From what I understand of this feature, when network administrators are ready to use the IntelliMirror feature, they can control the upgrade of, or install a new client, from Windows 9x or NT Workstation to Windows 2000 Professional. They can also recover a failed computer to a known good operating system. They can also then push software applications to client systems that will automatically install on the first use. (This last feature is enabled in Office 2000).
Lastly I'm going to touch on a new way to administer the operating system. Under NT4 if you needed to install, remove, or reconfigure a system, you needed to be an administrator. This allowed for network security to be compromised in some cases. In other words, if your network administrator left their workstation unlocked for a few minutes, anyone that wanted to could gain access locally and change something. Win2k offers a feature called RUNAS. This will allow administrators to use a profile as a normal user, and then when needed, they can run programs as the administrator using the RUNAS command. This is similar to the SU command under Unix. Not only can you improve security with this command, but also reduce administrative mistakes.
Win2k Server is turning out to be the premier network operating system. Microsoft has added features that will improve performance, increase usability, and make administrating a network much easier. I would recommend that every network administrator get a copy of beta 3 and install it on a test computer, just to get used to the features. Because the first time your company's management takes a look at the new and improved features of Win2k, they will want it on their networks quickly.
Intellimirror & The Active Directory Overview
Eric Bursley, MCSE
Network Engineer / Analyst
Personal Home Page