WINDOWS NT WORKSTATION USER ACCOUNTS SHARES AND SECURITY "USERS GROUP" IS A BUILT-IN GROUP OF ALL USERS. PEER2PEER WORKGROUP SHARING IN WINDOWS 95/98 CAN BE SET FOR 1. READ-ONLY 2. FULL ACCESS 3. PASSWORD PROTECTED HOWEVER IN 95/98 IT IS NOT POSSIBLE TO SHOW WHO IS USING YOUR RESOURCE! PEER2PEER SHARING IN 95/98 BASICALLY SUCKS SINCE IT LACKS CENTRALIZED CONTROL OF 1.PASSWORDS 2.USER ACCOUNTS 3.ACCESS RIGHTS AND PERMISSIONS 4.SCATTERED RESOURCES AND DATA 5.SHARES ARE NOT RELIABLE (IS THE COMPUTER ON??) "COMPUTER NAMES" IN WINDOWS NETWORKS ARE CALLED "NETBIOS NAMES". NETBIOS(COMPUTER) NAMES CAN BE UPTO 15 CHARACTERS LONG. 1 CHARACTER DETERMINES THE OS TYPE. A WINS SERVER TAKES THE NETBIOS NAME AND RESOLVES ITS MAC OR IP. IF THERE IS NO WINS SERVER, NETBIOS(COMPUTER) NAMES ARE RESOLVED BY PUBLIC BROADCASTING. A BROADCAST PACKET GOES OUT TO EVERYONE ASKING "WHO'S NAME IS "TEDDYS PC" ??. A WINS SERVER KEEPS A DATABASE OF ALL THE NETBIOS(COMPUTER) NAMES AND THEIR MAC HW ADDRESSES. THUS A WINS SERVER GREATLY REDUCES THOSE BANDWIDTH-EATING PUBLIC BROADCASTING PACKETS. ASK THE WINS SERVER "WHO'S IS "TEDDYS PC". THE WINS SERVER ALREADY KNOWS "TEDDYS PC" HAS MAC HW ADDRESS 77:44:A4:E4:61:AA. IT GIVES THIS MAC HW ADDRESS BACK TO YOU. AND YOUR IN BUSINESS. A WINS SERVER CAN GREATLY REDUCE BROADCAST STORMS SINCE USING IT RESOLVES NETBIOS NAMES DIRECTLY, MAKING PUBLIC BROADCASTING NEARLY OBSOLETE. BACKUPS ******* FULL BACKUPS ARE JUST THAT. EVERYTHING GETS BACKED UP. DIFFERENTIAL BACKUPS ALL FILES SINCE THE LAST FULL BACKUP. A LAST FULL+LAST DIFFERENTIAL BACKUP IN THEORY RESTORE EVERYTHING. HOWEVER, DIFFERENTIAL BACKUPS CAN GET JUST AS LARGE AS A FULL BACKUP. INCREMENTAL BACKUPS ONLY THE FILES CHANGED SINCE THE LAST INCREMENTAL BACKUP. INCREMENTAL BACKUPS ARE USUALLY SMALL, BUT RESTORING A LOT OF INCREMENTALS REQUIRES A LOT OF PROCESSING FOR THE TAPE DRIVE AND COMPUTER. A GOOD METHOD IS TO AUTOMATE WEEKLY AND DAILY BACKUPS ON A DISK MIRRORED SYSTEM. A DISK MIRRORED SYSTEM KEEPS AN EXTRA COPY ON A MIRROR DRIVE AND TAPES BACKUPS FOR FURTHER REDUNDANCY. DISK MIRRORING USES 2 DRIVES 1 CONTROLLER DISK DUPLEXING USES 2 DRIVES 2 CONTROLLERS THEREFORE DISK DUPLEXING OFFERS MARGINALLY BETTER REDUNDANCY (DUE TO THE EXTRA DISK CONTROLLER CARD) DISK MIRRORING+DISK DUPLEXING BOTH WASTE 50% OF THE DISK SPACE! THAT IS, BOTH DRIVES ARE AN EXACT COPY OF EACH OTHER AT ALL TIMES. BUT THIS IS A SMALL PRICE TO PAY THOUGH, WHEN YOUR COMPANYS FUTURE AND POSSIBLY YOUR JOB IS AT STAKE. DISK STRIPING IS COOL. DISK STRIPING TAKES 2 TO 32 PHYSICAL DRIVES AND VIEWS THEM AS 1 BIG LOGICAL DRIVE. THE MORE DRIVES IN THE STRIPE, THE FAST THE ENTIRE DISK SYSTEM GETS. NT SUPPORTS RAID LEVELS 0,1,5 RAID NAME REDUNDANT REQUIRES 0 DISK STRIPING NO PARITY NO 2 TO 32 PHYSICAL DISKS 1 DISK MIRRORING+DUPLEXING YES 2 PHYSICAL DISKS 5 DISK STRIPING WITH PARITY YES 3 OR MORE PHYSICAL DISKS DONT FORGET THAT IF A SERVER WARRANTS DISK MIRRORING THAN A UPS IS PROBABLY ALSO REQUIRED. SNMP IS A TOOL FOR POLLING NETWORK STATISTICS. SNMP AGENTS RUN ON CLIENTS YOU WANT TO MAINTAIN STATS ON AND AN SNMP MANAGER POLLS THOSE CLIENTS AND GETS DATA FROM THE CLIENTS. ROUTERS NORMALLY FORWARD BROADCASTS BUT CAN BE SET NOT TO. A STORM CAN CROSS A ROUTER, BUT A ROUTER CAN BE CONFIGURED TO STOP A STORM. NETBEUI-NETBIOS PACKETS AND THEREFORE NETBEUI-NETBIOS STORMS CANNOT LEAVE TO THAT NETWORK SEGMENT. NT SUPORTS UPTO 4096MB OF RAM. 2048K FOR KERNEL MODE. 2048K FOR USER MODE. NT ROAMING PROFILES INCLUDE 1.BACKGROUND+PROFILES 2.SCREEN SAVERS 3.PROGRAM MANAGER ICONS 4.NETWORK CONNECTIONS AND DRIVE MAPPINGS NT'S AND 95'S USER PROFILES ARE INCOMPATIBLE. NT PROFILES WILL ONLY WORK ONLY NT COMPUTERS. 95 PROFILES WILL ONLY WORK ON 95 COMPUTERS. WHEN USING NT WORKSTATION AND SERVERS, PRINTING SOFTWARE ONLY NEEDS TO GET INSTALLED ON THE PRINT SERVER FOR THAT PRINT DEVICE. NT CLIENTS GO NOT NEED TO INSTALL THE PRINTING SOFTWARE ON THEIR LOCAL PCS IN ORDER TO USE THAT PRINTER. (NT WILL INSTALL THE PRINTING SOFTWARE FOR US) A 95/98 USER WILL ALWAYS NEED TO INSTALL THE PRINTING SOFTWARE ON THEIR LOCAL PCS IN ORDER TO USE THAT PRINTER, EVEN IF THE PRINTER IS ON A PRINT SERVER. LAN RESOURCES AND BANDWIDTH ARE OFTEN ABUSED. THAT IS SOMEONE IS OFTEN DOWNLOADING MEGABYTES OF DATA, OR TRANSFERRING HUGE AMOUNTS OF FILES OR PRINTING HUGE FILES WHEN THEY SHOULDN'T (HUMAN NATURE) THEREFORE LAN AUDITING WILL BECOME A MAJOR FACTOR IN THE FUTURE SINCE THE USERS ARE GETTING MORE COMPUTER-SAVVY. NT CDROM\CLIENTS\RAS HAS IN THAT DIRECTORY MULTILINK PPP AND PPTP. MULTILINK PPP COMBINES MULTIPLE MODEMS (OR ISDNS ETC) INTO 1 FASTER LINK. 4, 56K MODEMS CAN BE MULTILINKED INTO 1 256K LINK. PPTP IS POINT TO POINT TUNNELING PROTOCOL. THIS IS A PROTOCOL THAT RUNS ON TOP ON PPP. PPTP IS THE PROTOCOL THAT IS USED FOR VPNS. VPNS ARE VIRTUAL PRIVATE NETWORKS. PPTP AND VPN LETS YOU CREATE A VIRTUAL CONNECTION TO YOUR OFFICE NETWORK THROUGH THE INTERNET. SO YOU DIAL FROM YOUR HOME PC USING PPTP, AND A SECURE CONNECTION TO YOUR OFFICE NETWORK IS MADE (VPN). THEN YOU ARE CONNECTED TO YOUR OFFICE NETWORK, JUST LIKE YOU WHERE THERE IN PERSON! THE SAME DATABASE ALWAYS RESIDES ON THE PDC. BDC'S CAN CONTINUE IN THE BDC'S PLACE IF THE PDC GOES OFFLINE FOR ANY REASON.A BDC CAN BE PROMOTED TO A PDC MANUALLY IF NEEDED. THERE CAN ONLY BE ONE PDC PER DOMAIN. BUT THERE CAN BE MULTIPLE BDCS PER DOMAIN. NT SERVER CAN SUPPORT MULTIPLE NIC CARDS (EXTRA NIC CARDS FOR REDUNDANCY IS KIND OF DUMB. THERE ARE OTHER COMPONENTS LIKE THE DISK DRIVES OR POWER SUPPLY THAT ARE MUCH MORE LIKLEY TO FAIL THAN THE NIC CARD) DIRECTORY REPLICATION IS HOW THE BDC'S KEEP A COPY OF THE PDC'S DATABASE. NTFS SUPPORTS "HOTSWAPS" RAID 0 = DATA STRIPING NO PARITY CREATES 1 LOGICAL DRIVE FROM 2 TO 32 PHYSICAL DRIVES OVERALL DISK PERFORMANCE, ESPECIALLY READS GET FASTER THE MORE DRIVES ADDED TO THE RAID 0. HOWEVER THERE IS NO FAULT TOLERANCE IN RAID 0, AND THE MORE DRIVES ADDED TO RAID 0, INCREASES THE CHANCES OF A DRIVE FAILURE. RAID 1 = DISK MIRRORING 2-32 DRIVES THAT MIRROR A MASTER DRIVE. THIS WASTES 50% OF THE AVAILABLE DISK SPACE, BUT IS A GREAT WAY TO STAY UP AND RUNNING IF A DRIVE FAILS. THE OTHER DRIVE KEEPS RIGHT ON GOING. YOU SHUT OFF THE SERVER AND REMOVE THE DEFECTIVE DRIVE ADDING A NEW DRIVE. NT COPIES ALL THE DATA FROM THE GOOD DRIVE ONTO THE NEW DRIVE. (IN THE BACKGROUND!) THEN AFTER A FEW MINUTES, BOTH DRIVES ARE MIRRORED AGAIN AND IN SYNC. RAID 5 = DATA STRIPING WITH PARITY CREATES 1 LOGICAL DRIVE OUT OF 3 OR MORE PHYSICAL DRIVES. THERE IS PARITY IN THIS RAID SYSTEM, SO UNLIKE RAID 0, A DRIVE FAILURE DOESN'T KILL THE ENTIRE RAID. IF A DRIVE FAILS, YOU SHUTDOWN THE SYSTEM AND REPLACE THE BAD DRIVE WITH A GOOD DRIVE. AFTER BOOTING IT BACK UP AGAIN NT WILL START RECONSTRUCTING ALL THE DATA FROM THE PARITY DRIVE. IF THE DRIVE STORING THE PARITY FAILURES, THE PARITY CAN BE RECONSTRUCTED VIA ALL THE OTHER REMAINING DRIVES. A DRIVE FAILURE OF 2 OR MORE DRIVES AT THE SAME TIME HOWEVER WILL KILL EVEN A RAID 5. (EXTREMELY UNLIKELY THAT 2 DRIVES WILL FAIL AT EXACTLY THE SAME TIME) BUT THAT IS WHY YOU WILL ALWAYS NEED BACKUPS!! NT SUPPORTS RAIDS 0,1 AND 5 IN SOFTWARE (DISK ADMINISTRATOR) RAIDS 2,3,4 ARE NOT NATIVELY SUPPORTED IN NT. HOWEVER BY USING A HARDWARE RAID OR THIRD-PARTY SOLUTION, YOU CAN CERTAINLY USE RAIDS 0,1,2,3,4 AND 5 ON AN NT SERVER. A HARDWARE RAID IS ALSO A BETTER SOLUTION (AND MUCH MORE EXPENSIVE) THAN USING NT'S SOFTWARE RAID. IF IT IS A SERIOUS SERVER, DON'T SKIMP!! SPENT THE MONEY ON A HARDWARE RAID!! THAT IS TO SAY, NT'S SOFTWARE RAID SOLUTIONS ARE NOT MEANT FOR TRULY MISSION-CRITICAL SERVERS. NT RAID WORKS ON BOTH IDE AND SCSI DRIVES. SCSI DRIVES DO MUCH BETTER THE MORE DRIVES THAT ARE NEEDED. A RAID SYSTEM BASED ON IDE DRIVES IS KIND OF CHINTZY. DON'T BRAG ABOUT IT. A RAID SYSTEM BASED ON NFTS AND SCSI DRIVES IS COOLER. WORTHY OF SHOP TALK. THINK ABOUT IT. SCSI DEVICES ARE MEANT TO "TALK TO EACH OTHER" IDE DEVICES RARELY "TALK" TO EACH OTHER. AND CONSIDER IT "RUDE" THAT THEY HAVE TO SHARE THEIR IDE BUS WITH SAY, 1 OTHER IDE DEVICE. NT SERVER COSTS ABOUT $700 US AND ABOUT $40 US PER CLIENT. MICROSOFT WANTS TO INTEGRATE THE NT DRIVERS AND THE 98/95 DRIVERS INTO 1 UNIVERSAL DRIVER. THIS HASN'T HAPPENED YET. MAY NEVER HAPPEN. NT4 CAME FROM NT 3X. NT3X WAS BASED ON LANMANAGER 2.2. EVEN TODAY LANMANAGER 2.2 SERVERS CAN PARTICIPATE IN NT DOMAINS. NT SERVERS ARE ABLE TO TALK TO NOVELL NETWARE SERVERS. NT INCLUDES A PROTOCOL CALLED NWLINK THAT IS 100% COMPATIBLE TO NOVELLS IPX-SPX PROTOCOL. CSNW = CLIENT SERVICES FOR NETWARE IS SOFTWARE THAT USES NWLINK TO CONNECT YOU TO NOVELL NETWARE SERVERS. YOU DON'T NEED TO INSTALL ANY OF NOVELLS SOFTWARE IN ORDER TO ACCESS NETWARE! CSNW CAN ONLY BE USED ON NT COMPUTERS! (95/98 WFW WILL HAVE TO USE A INSTALL GSNW ONTO THE NT SERVER) NEW FEATURES OF NT4 FROM NT3.5 ******************************* 1. NT 4 USES THE GUI BASED ON WINDOWS 95, NOT THE WFW GUI USED IN NT 3.5 2. IIS WEB SERVER 3. PPP+PPTP 4. SYSTEM POLICY EDITOR 5. DNS+RIP 6. NETWORK MONITOR (NETWORK MONITOR ONLY ANALYZES PACKETS ADDRESSED TO THE NT SERVER! FUTURE RELEASES OF NT ARE SUPPOSED TO DUMP WINS AND USE DNS ONLY. MICROSOFT BROWSING SERVICES *************************** MICROSOFT DECIDED NAMESERVERS FOR WINDOW NETWORKS WOULD BE TO DIFFICULT FOR THE AVERAGE USER TO SET UP. (EVEN EXPERIENCED UNIX ADMINS OFTEN HAVE TROUBLE SETTING UP NAMESERVERS FOR DNS, NOT ME THOUGH :) SO MICROSOFT DECIDED THAT NAMESERVERS SHOULD SET THEMSELVES UP MANUALLY. AND FOR THE MOST PART, WINDOWS NAMESERVERS WORK SO WELL THAT 90% OF ALL WINDOW USERS DON'T EVEN KNOW THAT THE BROWSE MASTERS EXIST. NAMESERVERS FOR WINDOWS NETWORKS ARE CALLED MASTER BROWSERS. THE LIST OF SHARED RESOURCES ON A WINDOWS NETWORK IS CALLED A BROWSE LIST. NO ONE COMPUTER IN A WINDOWS NETWORK IS THE MASTER BROWSER. WHEN YOU LOGIN TO THE NETWORK, YOUR COMPUTER ASKS THE REST OF THE WINDOWS NETWORK FOR A MASTER BROWSER. THE FIRST MASTER BROWSER TO RESPOND, IS USED. ONCE YOU ARE KNOWN TO A MASTER BROWSER, YOU ARE ADDED TO ITS BROWSE LIST. THE MASTER BROWSERS TALK TO EACH OTHER AND TRY TO KEEP THE MASTER BROWSE LIST UP TO DATE. (OFTEN THIS PART DOESN'T WORK TOO WELL) WHEN YOU GOTO NETWORK NEIGHBOURHOOD, THAT IS YOUR BROWSE LIST. THE MASTER BROWSERS IN YOUR WINDOWS NETWORK MAINTAIN THAT LIST AND DISPLAY THE RESOURCES. GOING TO COMMAND PROMPT AND TYPING "NET VIEW" WILL GIVE YOU THE SAME BROWSE LIST AS NETWORK NEIGHBOURHOOD. IN FACT YOU CAN DO EVERYTHING FROM NT'S COMMAND LINE PROMPT. (AS IT SHOULD BE! I AM A UNIX MAN!) BROWSING SERVICES ONLY DEALS WITH NAMESERVING (DISPLAYING THE RESOURCES ON THE NETWORK). IF NAMESERVING DIDN'T HAPPEN, WHEN YOU WENT TO THE NETWORK NEIGHBOURHOOD, NOTHING WOULD EVER SHOW UP! WINDOWS NT WORKSTATION NOTES **************************** NT = NEW TECHNOLOGY NT WAS NOT BUILT FROM SOME OTHER MICROSOFT OPERATING SYSTEM. NT WAS NOT "BUILT ON" DOS, AND CERTAINLY NT DOES NOT RELY ON DOS TO WORK. NT DOES HAVE A DOS EMULATOR BUILT-INTO IT, BUT THIS IS ONLY A DOS EMULATOR, NOT THE REAL DOS. CO-OPERATIVE MULTI-TASKING ************************** WIN16 APPLICATIONS USE CO-OPERATIVE MULTITASKING. (MACINTOSH OS ALSO USES CO-OPERATIVE MULTITASKING) THE OS IS TREATED AS A RESOURCE BY THE APPLICATION, AND THUS INHERITANTLY, IS LESS RELIABLE. MEMORY PROTECTION ***************** PREVENTS MEMORY FROM BEING ACCESSED WHEN RESERVED BY ANOTHER APPLICATION. BASICALLY, ALL APPLICATIONS AND THE MEMORY THEY USE ARE KEPT SEPARATED FROM EACH OTHER. 95/98 HAS MEMORY PROTECTION, BUT NT'S MEMORY PROTECTION IS SUPERIOR. MULTIPROCESSING *************** IS AN OS FEATURE THAT CAN UTILIZE MULTIPLE CPUS. NT IS THE ONLY WINDOWS OS THAT OFFERS MULTIPROCESSOR SUPPORT. MULTITHREADING ************** A FEATURE THAT ALLOWS MULTITHREADING APPLICATIONS TO SPAWN CHILD PROCESSES (AKA THREADS OR TASKS). PREEMPTIVE MULTITASKING *********************** THIS IS AN OS THAT IS ALWAYS IN CONTROL OF THE COMPUTER. NEVER GIVES UP FULL CONTROL TO ANY APPLICATION. IN PREEMPTIVE MULTITASKING, THE APPLICATIONS GET ONLY THE CPU CYCLE THAT THE OS PROVIDES IT. WINDOWS 95 RUNS WIN32 WIN16 AND DOS PROGRAMS JUST LIKE NT. HOWEVER NT DOES NOT ALLOW HARDWARE ACCESS. 95/98 ALLOWS HARDWARE ACCESS. 95/98 IS THE ONLY OS THAT OFFERS PNP. NT HAS VERY WEAK PNP SUPPORT. NT SERVER FEATURES ****************** 1)UNLIMITED NETWORK CONNECTIONS WORKSTATION LIMITED TO 10 2)MAX OF 4 MULTIPROCESSORS(WITH NEW HAL) WORKSTATION LIMITED TO 2 3)MAX OF 256 RAS CONNECTIONS WORKSTATION LIMITED TO 1 4)RAID 015 WORKSTATION HAS NO RAID! 5)DOMAIN CONTROLLER (PDC OR BDC) WORKSTATION CANNOT PDC OR BDC 6)SERVICES FOR MACINTOSH (REQUIRES NTFS) WORKSTATION CANNOT 7)GSNW GATEWAY SERVICES FOR NETWARE WORKSTATION CANNOT. USES CSNW 8)DHCP DNS WINS SERVERS WORKSTATION CAN ONLY BE A CLIENT 9)MICROSOFT IIS WEB SERVER WORKSTATION USES PEER WEB SERVER NT OS ARCHITECTURE AND COMPONENTS ********************************* USER MODE = NTVDM WIN32 WOW POSIX OS/2 SUBSYSTEMS KERNEL MODE = IO-MANAGER AND DRIVER WINDOW MANAGER AND DRIVERS OBJECT MANAGER VIRTUAL MEMORY MANAGER PROCESS MANAGER SECURITY MANAGER LOCAL PROCEDURE CALL MANAGER THE IO-MANAGER HANDLES ALL DISK SUBSYSTEMS NIC NETWORK CARD DATA BECAUSE THE IO MANAGER MUST MOVE SO MUCH DATA, THE IO-MANGER BYPASSES AND DOES NOT USE THE HAL. IT BYPASSES THE HAL FOR PERFORMANCE BENEFITS. NT USES A LINEAR MEMORY MODEL FOR MEMORY THAT IS MEMORY IS ADDRESSED AS I BIG LINEAR CHUNK. IN WINDOWS 95/98 MEMORY IS ADDRESSED AS CONVENTIONAL AND EXTENDED. THIS DOES NOT OCCUR IN NT. IT IS ALL ONE LINEAR MEMORY ADDRESS. REAL DOS PROGRAMS (THAT DON'T ADDRESS HARDWARE DIRECTLY) WORK FINE UNDER NT. UNDER NT EACH DOS PROGRAM RUNS IN ITS OWN NTVDM. WIN16 APPS CAN RUN EITHER IN A SHARED MEMORY SPACE OR A SEPERATE MEMORY SPACE. IF A WIN16 IS HAVING PROBLEMS WITH ANOTHER WIN16 APP, RUN IT IN ITS OWN MEMORY SPACE. WIN32 APPS EACH RUN IN THEIR OWN SPACE. THEY DON'T SHARE MEMORY SPACES. ONLY WIN16 APPS IN A SHARED MODEL SHARE MEMORY SPACE. 4096MB (4GB) OF RAM IS AVAILABLE IN NT. 2GB IS AVAILABLE FOR USER MODE (YOUR USER PROGRAMS) 2GB IS AVAILABLE FOR KERNEL MODE. (THE NT OS) NT BOOT PROCESS *************** 1. ROM BIOS INITS AND LOADS THE MBR FROM THE HARD DISK IF IDE, IT LOADS "NTLDR" IF SCSI,IT LOADS "NTBOOTDD.SYS" 2. BOOT.INI IS DISPLAYED 3. IF NT CHOSEN, NTDETECT.COM LOADS 4. NTLDER RUNS AND TRANSFERS CONTROL TO \WINNT\NTOSKRNL.EXE 5. NTOSKRNL.EXE STARTS USERMODE AND THE GUI USER INTERFACE. SYSTEM PARTITION FILES BOOT PARTITION FILES ********************** ******************** NTLDR NTOSKRNL.EXE NTBOOTDD.SYS HAL.DLL BOOT.INI \WINNT (ENTIRE REST OF NT OPERATING SYSTEM) BOOTSEC.DOS NTDETECT.COM NEEDED TO BOOTSTRAP! NEEDED TO BOOT THE OS AFTER BOOTSTRAPPING!! NT HAVE 32 LEVELS OF PRIORITY FOR ITS APPLICATIONS AND PROCESSES START "PRIORITY" APPLICATION.EXE START 20 WINWORD.EXE # STARTS WORD97 WITH PRIORITY OF 20 !!! COOL !!! START /REALTIME /HIGH /NORMAL /LOW /SHARED /SEPERATE /NUMERICAL NUMBER 1-32 DON'T PUT SOME APPLICATIONS REALTIME (32), SINCE IT WILL CRASH THOSE APPLICATIONS. A NUMERICAL NUMBER OF 20 OR 25 IS STILL CRUISING! AFTER AN APPLICATION IS RUNNING YOU CAN INCREASE OR DECREASE ITS PRIORITY DRAMATICALLY WITH TASK MANAGER>PROCESS>RIGHT-CLICK AND SELECTING A NEW PRIORITY. NTVDMS=NT VIRTUAL DOS MACHINE. ACTUALLY IT IS VERY IMPORTANT TO REMEMBER THAT THE WIN16 AND NTVDM ARE RUN BY THE WIN32 SUBSYSTEM. WIN32 THEREFORE RUS WIN32 WIN16 DOS. ALL THE PROGRAMS !! NT AS SAID BEFORE DOES NOT ALLOW ANY HARDWARE ACCESS. (THE SOFTWARE MUST ASK THE NT KERNEL TO DO ITS HARDWARE ACCESS WORK. IT ADDITION TO NO HARDWARE ACCESS, NT DOES NOT ALLOW A PROGRAM TO SETUP UP ITS OWN CACHE OR MEMORY MANAGER (EMM OR EMS) HOWEVER SETTING UP A BUFFER IS OKAY. WOW=WIN16 PROGRAMS RUN IN THE WOW OF THE WIN32 SUBSYSTEM. NT WORKSTATION MINIMUM AND RECOMMENDED REQUIREMENTS ************************************************** MINIMUM RECOMMENDED CPU 486/33 PENTIUM RAM 12MB 16MB+ VIDEO VGA SUPERVGA HDD 117MB IDE/SCSI 117MB IDE/SCSI CDROM ** IDE/SCSI IDE/SCSI NIC ** OPTIONAL OPTIONAL ** A CDROM IS REQUIRED WHEN 1) NO OS IS INSTALLED THAT CAN ACCESS THE I386 FILES ** A NIC IS REQUIRE WHEN 1) NO CDROM IS PRESENT 2) NO ACCESS TO I386 FILES IS POSSIBLE 3) A NETWORK INSTALLATION BOOT DISK MAYBE REQUIRED IF NO EXISTING OS CAN ACCESS THE I386 FILES NT HAS A UTILITY CALLED NT HARDWARE QUALIFIER UTILITY NTCDROM\SUPPORT\HQTOOL\MAKEDISK.BAT CREATES THE NTHQ.EXE DISK BOOT UP THE COMPUTER YOU WISH TO INSTALL NT ONTO WITH THIS NEW FLOPPY. NTHQ CAN SPEND A FAIR TIME DOING THE COMPREHENSIVE TESTS AND DISPLAYS A SUMMARY OF WHAT IT FOUND. IT WRITES THIS FILE TO NTHQ.TXT ON THE FLOPPY MAX PARTITION FILENAMES CAN "SEE" FAT16 2GB 8.3 FAT16 VFAT CDFS FAT32 8GB?? LFNS 256 CHARS FAT32 VFAT FAT16 CDFS VFAT 4GB LFNS 256 CHARS VFAT FAT16 CDFS NTFS 16 EB! LFNS 256 CHARS NTFS VFAT FAT16 CDFS HPFS WHO CARES ?? WHO CARES? WHO CARES? LETS SAY YOU BOUGHT A NEW 20GB IDE DRIVE. WILL IT WORK WITH FAT16?? SURE. BUT THE MAX PARTITION FAT16 USES ARE 2GB. THIS JUST MEANS YOU WILL HAVE TO CREATE LOTS OF 2GB PARTITIONS ( ABOUT 10) ACTUALLY IF YOUR USING 95-OSR2 OR 98, BETTER USE FAT32 ON THIS DRIVE. OR IF USING NT, BEST FILESYSTEM IS NTFS. FAT16 =MAX OF 2GB PER PARTITION 8.3, 8 FOR FILENAMES, 3 FOR EXTENSION VFAT =INTRODUCED WITH WINDOWS 95 VFAT HAS A MAX OF 4GB PER PARTITION LFN, LONGFILE NAME SUPPORT (256 CHARS) BACKWARDS-COMPATIBLE WITH FAT16 NT CAN ACCESS VFAT PARTITIONS FAT32 =INTRODUCED WITH WINDOWS 95OSR2 AND WINDOWS 98 FAT32 IS USED FOR LARGE DRIVES LFN LONG FILENAMES BACKWARDS-COMPATIBLE WITH FAT16 AND VFAT NT CANNOT-REPEAT CANNOT ACCESS FAT32 PARTITIONS !!! NTFS =INTRODUCED WITH NT OS, AND ONLY USED ON NT SYSTEMS !! MAX OF 16 EXABYTES PER PARTITION (16000 TB) LONG FILENAMES SUPPORT RAID SUPPORT AND REDUNDANCY BACKWARDS COMPATIBLE WITH FAT16 AND VFAT (NOT FAT32) HPFS =HIGH PERFORMANCE FILESYSTEM FOR OS/2 DESIGNED BY IBM SECURE 32-BIT FILESYSTEM NT 3.5 USES HPFS FILESYSTEMS BY DEFAULT !!! NT 4 DROPPED SUPPORT FOR HPFS CDFS =FILESYSTEM USED ONLY BY CDROMS LONG FILENAMES SUPPORT DOS COMPATIBLE FILENAMES SUPPORTS BOOTABLE CDS (EL TORITO FORMAT) NTFS'S MANY MANY BENEFITS ************************* 1. MUCH MORE EFFICIENT (WASTES MUCH LESS SPACE) THAN FAT16 2. NTFS HAS LOCAL SECURITY (BOOTING UP A FLOPPY MEANS NO ACCESS!) 3. PERMISSIONS CAN BE DONE AT A FILE BY FILE LEVEL (NOT JUST FOLDER) 3. NTFS IS MUCH MORE RELIABLE THAN FAT 4. NTFS SUPPORTS RAID, RAID IS A REDUNDANCY AND PERFORMANCE SYSTEMS 5. BACKWARDS COMPATIBLE TO FAT AND VFAT 6. CAN CONVERT HPFS AND FAT VOLUMES TO NTFS (ONE-WAY CONVERSION ONLY) 7. THE ONLY FILESYSTEM THAT SHOULD BE USED FOR TODAYS LARGE DRIVES. WAYS TO INSTALL NT ****************** 1. INSTALL FROM 3 SETUP DISKS AND THE CDROM 2. INSTALL FROM AN EXISTING OS THAT HAS ACCESS TO I386 3. BOOT DIRECTLY FROM THE CDROM (REQUIRES BIOS CHANGES) THE FASTEST WAY IS FROM THE NETWORK (USUALLY) THE NEXT FASTEST IS DIRECTLY FROM THE CDROM SLOWEST IS USUALLY FROM THE 3 SETUP DISKS WINNT.EXE AND WINNT32.EXE CAN ONLY BE USED WITH INSTALL METHOD 2. THE WINNT AND WINNT32 EXIST ONLY IN THE I386 DIRECTORY. WINNT.EXE IS TO BE USED WHEN YOUR ENVIRONMENT IS ANYTHING BUT NT (DOS WFW WINDOWS 95/98. WINNT IS THE 16-BIT VERSION) WINNT32.EXE IS ONLY TO BE USED WHEN INSTALLING FROM INSIDE NT. YOUR NOT "REINSTALLING NT" OVER ITSELF. (YOU CAN'T) YOU CAN ONLY INSTALL ANOTHER COPY OF NT. IT MUST BE INSTALLED INTO A DIFFERENT DIRECTORY THAN \WINNT( YOU CAN ALSO INSTALL NT ONTO A DIFFERENT DRIVE) SO THAT WHEN YOU RESTART, BOOT.INI WILL START SHOW DIFFERENT VERSIONS OF NT THAT YOU HAVE INSTALLED, AND YOU CHOOSE WHICH ONE YOU WANT TO BOOT INTO. WINNT (OR WINNT32) /B =MAKE NO BOOT DISK (IT'LL ASK LATER OTHERWISE) /OX =MAKE THOSE 3 SETUP DISKS (VERY COOL IF YOU LOSE THEM) ************************************************************** NT 3X ARE THE ONLY OS'S THAN BE TRULY UPGRADED TO NT 4. IT IS A CLEAN UPGRADE. EVERYTHING ELSE IS REALLY A MIGRATION OR SUCH A POOR "UPGRADE" IT IS REALLY AN INSTALL OF NT. ************************************************************** ************************************************************** WINDOWS 95 WINDOWS 98 DOS WFW WINDOWS 3.1 WINDOWS 3.11 EVERYTHING CAN BE "MIGRATED" BUT YOU WILL LOSE VIRTUALLY EVERYTHING. YOUR DATA WILL STILL BE THERE OF COURSE. BUT YOUR BASICALLY JUST INSTALLING NT OVER YOUR EXISTING OS! YOU CANNOT INSTALL NT OVER 95 !! YOU CANNOT INSTALL NT OVER 95 !! YOU CAN INSTALL NT TO ANOTHER DIRECTORY WHEN USING 95 TO INSTALL OVER THE NETWORK. *************************************************************** NT NETWORK CONTROL ICON TABS **************************** IDENTIFICATION =SPECIFIES A UNIQUE NETBIOS COMPUTER NAME AND THE WORKGROUP OR DOMAIN THIS COMPUTER BELONGS TO. SERVICES =ADDS/REMOVES NETWORK SERVICES LIKE NETWARE CSNW PROTOCOLS =ADDS/REMOVES/CONFIGS NETWORK PROTOCOLS NT'S NETWARE SERVICES ********************* CSNW =CLIENT SERVICES FOR NETWARE ALLOWS ONLY THAT NT COMPUTER THAT INSTALLED THE CSNW TO ACCESS NETWARE SERVERS AS A CLIENT. MAKES THE NT CLIENT COMPUTER LOOK LIKE A NETWARE CLIENT TO THE NOVELL SERVER. CSNW PROVIDES USER BY USER SECURITY (GSNW DOES NOT) CSNW ONLY WORKS ONLY ON THE NT COMPUTER IT IS INSTALLED ON NOVELLS VERSION OF CSNW DOES DOES THE SAME JOB IS CALLED "CLIENT32 FOR WINDOWS NT"+PROBABLY A BETTER PRODUCT THAN CSNW. NWLINK =TRANSPORT PROTOCOL DESIGNED BY MICROSOFT TO BE 100% COMPATIBLE WITH NOVELLS IPX-SPX PROTOCOLS. CSNW/GSNW INSTALL THIS IF NOT ALREADY INSTALLED AND CSNW/GSNW NEED NWLINK FOR THEM TO WORK. GSNW =GATEWAY SERVICES FOR NETWARE GSNW CAN ONLY BE INSTALLED ON AN NT SERVER. GSNW IS A GATEWAY TO THE NOVELL NETWARE SERVER. CLIENTS GET AUTOMATIC ACCESS TO NOVELL SERVERS AND RESOURCES WITHOUT ADDING ANY CLIENT SOFTWARE! KIND OF RESTRICTED SINCE, ALL THE USERS USING GSNW ARE THE SAME USER ACCORDING TO NETWARE SERVER! (NOT SEPERATE USER PERMISSIONS) FOR A LARGE CLASS OF "SIMILAR USERS" GSNW IS GREAT. FPNW =IS A SEPERATE PRODUCT FROM MICROSOFT (NOT BUNDLED WITH NT) FPNW MAKES AN NT SERVER ACT LIKE A NOVELL NETWARE SERVER! REGULAR NETWARE CLIENTS CAN ACCESS A FPNW LIKE IT WAS THEIR OWN NETWARE SERVER (COOL!) REMEMBER: GSNW IS FOR NT SERVERS ONLY CSNW IS TCPIP CLASSES ************* CLASS ADDRESSES NETWORK IDS HOST IDS *********************************************************************** A 1-126 126 16,777,214 (16 MILLION) 10.0.0.0 INTERNAL NETWORK FOR CLASS A 127 1 LOCALHOST LOOPBACK B 128-191 16382 65,535 (64K) 172.0.0.0 INTERNAL NETWORK FOR CLASS B C 192-223 2,097,150 (2 M) 254 192.168.0.0 INTERNAL NETWORK FOR CLASS C ** INTERNAL NETWORK NUMBERS DO NOT WORK ON THE INTERNET. THIS PROVIDES GREAT PROTECTION FOR A NETWORK USING ONE OF THESE SPECIAL NETWORK ADDRESSES. YOU SETUP A PROXY SERVER THAT DOES HAVE INTERNET ACCESS AND HAVE ALL YOUR INTERNET USERS ON ONE OF THESE INTERNAL NETWORKS. ALL THE COMPUTERS CAN ACCESS THE INTERNET, BUT NO ONE CAN ACCESS THEM FROM OUTSIDE ! MAKES A SYSADMINS JOB EASIER, SINCE HACKING IN IS VERY DIFFICULT. IF YOUR INTERNAL COMPUTERS ARE CONNECTED TO THE INTERNET WITH SAY NETWORK 209.224.0.0, THEN ANYONE CAN TRY HACKING INTO ALL YOUR COMPUTERS! (SINCE 209.224.0.0 ARE NOT INTERNAL NETWORK NUMBERS) DHCP =DYNAMIC HOST CONTROL PROTOCOL WAS ORIGINALLY CALLED BOOTP, BUT UPGRADED TO DHCP THIS TCPIP PROTOCOL ALLOWS ANY CLIENT USING DHCP TO BE DYNAMICALLY ASSIGNED AN IP, DNS,GATEWAY FROM A POOL OF IPS! DHCP IS SO COOL, SINCE TCPIP IS DYNAMICALLY ASSIGNED. DHCP IS VERY COOL, SAY YOU HAVE 1000 COMPUTERS, BUT YOU CAN ONLY SUPPORT 200 INTERNET USERS AT A TIME. DHCP THEM ALL, AND ONLY THE FIRST 200 COMPUTERS GET THE INTERNET. DHCP CANNOT BE USED ON A NETWORK WHERE TCPIP IS THE MAIN PROTOCOL. THAT WOULD BE LIKE MUSICAL CHAIRS! EVERY TIME SOMEONE REBOOTS, THEY WOULD GET A DIFFERENT IP! THE NETWORK WOULD NEVER BE ABLE TO TRACK ANYONE! BUT IF ALL YOU NEED IS TO PROVIDE INTERNET OR SOME NON-CRITICAL TCPIP SERVICE, THEN DHCP IS THE WAY TO GO! STATIC IPS, IS THE OPPOSITE OF DHCP. STATIC IPS, IS WHEN YOU MANUALLY ENTER IPS INTO EACH AND EVERY COMPUTER IN YOUR NETWORK. IN A NETWORK WHERE TCPIP IS THE MAIN PROTOCOL, STATIC IPS MUST BE USED. THAT IS TO SAY, THE IP IS ALWAYS THE SAME FOR EVERY COMPUTER. DNS =DNS IS DOMAIN NAME SYSTEM DNS TRANSLATES TCPIP TO HOSTNAMES. (IE. 209.223.45.2 TO WWW.APPLE.COM) THE INTERNET ONLY UNDERSTANDS THE TCPIP NUMBERS. WE HUMANS CAN USE ONLY TCPIP NUMBERS, BUT USING DNS HOSTNAMES IS FAR EASIER. DO YOU ALWAYS WANT TO REMEMBER WWW.YAHOO.COM IP IS 209.1.24.1 ? THE PROCESS OF TRANSLATING TCPIP'S TO DNS HOSTNAMES IS CALLED "NAME RESOLUTION". IT "RESOLVES" 204.67.34.1 TO WWW.HOTSTUFF.COM WINS =WINDOWS INTERNET NAMING SERVICE WINS TRANSLATES COMPUTER (NETBIOS) NAMES TO IP'S. WITHOUT WINS, A BROADCAST PACKET TO ALL COMPUTERS IS SENT ASKING "WHO IS TEDDY?, AND GIVE ME YOUR IP NUMBER" ONLY THE COMPUTER CALLED TEDDY WILL RESPOND AND SEND BACK IT'S IP. ONCE THE IP OF THE TARGET COMPUTER IS KNOW, ARP CAN TAKE OVER AND TRANSMISSION OF DATA CAN START. FOR NETWORKS WITH LOTS OF WINDOWS PC, HUGE AMOUNTS OF NETBIOS BROADCAST PACKETS ARE CONTINUALLY FLOODING THE NETWORK. IF THERE IS TOO MANY NETBIOS BROADCAST PACKETS, THE NETWORK IS SLOW PERHAPS EVEN UNUSEABLE! A WINS SERVER STOPS ALL THE THOSE NETBIOS BROADCAST PACKETS, SINCE ALL THE COMPUTER ON THE NETWORK ARE TOLD TO USE THE WINS SERVER FOR NETBIOS NAME RESOLUTION. NO NETBIOS BROADCAST PACKETS ARE SEND. ONLY REQUESTS TO THE WINS SERVER ARE SENT. COMPUTERS NOW ASK THE WINS SERVER, "WHO IS "TEDDY" AND GIVE ME TEDDYS IP". THE WINS SERVER DOES SO. A WINS SERVER CAN ONLY RUN ON WINDOWS NT (NOT WORKSTATION AND CERTAINLY NOT ON ANY WIN95/98) WINS IS LIKE DNS, BUT ONLY FOR NETBIOS COMPUTER NAMES. ****************************************************** NETWORK NEIGHBOURHOOD AND "NET VIEW" SHOW THE SAME BROWSELIST. NET VIEW =DISPLAYS THE BROWSELIST NET VIEW \\ABC =DISPLAYS THE SHARES ON COMPUTER CALLED ABC MAINTAINING THE BROWSELISTS IS A VERY NETWORK INTENSIVE ISSUE AND WILL BOG DOWN LARGE WINDOWS NETWORKS. THERE ARE 2 WAYS TO REDUCE NETWORK TRAFFIC CAUSED BY BROWSELISTS. 1. DISABLE ALL PEER2PEER SHARING. IF IT IS IMPORTANT ENOUGH TO SHARE THEN IT SHOULD BE ON ONE OF THE NT SERVERS. THEN THE ONLY COMPUTER SHOWING UP IN THE BROWSELISTS ARE SERVERS. IF PEER2PEER COMPUTERS ARE STILL SHOWING UP IN THE BROWSELISTS, THEN THEY ARE STILL SHARING SOMETHING (AND WASTING NETWORK BANDWIDTH!) 2. METHOD 2 IS TO START CREATING WORKGROUPS AND ASSIGNING COMPUTERS TO WORKGROUPS. THIS METHOD ONLY WORKS FOR WORKGROUPS. COMPUTERS IN A DOMAIN CAN'T LEAVE THAT DOMAIN. YOU WILL HAVE TO CREATE MORE DOMAINS. THIS IS NOT A GOOD SOLUTION (CREATING MULTIPLE DOMAINS JUST TO FIX A NETWORK TRAFFIC ISSUE) LOOK FOR OTHER METHODS LIKE INSTALLING A WINS SERVER, LMHOSTS FILE, BRIDGES OR ROUTERS OR A SWITCH! BEFORE TRYING THESE METHODS YOU MUST ANALYZE YOUR NETWORK TRAFFIC AND FIND OUT WHERE ALL THE TRAFFIC IS COMING FROM. IF YOUR NOT SURE WHERE THE TRAFFIC IS BEING GENERATE FROM, AND SOLUTIONS YOU IMPLEMENT ARE A "DART BOARD SOLUTION" IT MAY FIX THE PROBLEM MAY NOT. IT MAY MAKE THINGS VERY BAD!! DON'T GUESS !!! PAY A FEW HUNDRED BUCKS FOR A LANANALYZER TO COME IN OR LEARN TO DO IT YOURSELF. THAT IS WHY YOU SHOULD NEVER MAKE CHANGES BEFORE UNDERSTANDING EXACTLY WHERE THE PROBLEM IS COMING FROM. ALL THE COMPUTERS WITH THE SAME WORKGROUP JOIN THAT WORKGROUP. YOU CREATE A NEW WORKGROUP (OR IF YOU MISSPELL AN EXISTING WORKGROUP) MAKES A NEW WORKGROUP. BROWSELISTS ARE ENTERPRISE-WIDE. BROWSELISTS CAN GET LARGE, SO DISABLE PEER2PEER FILESHARING. THEN START MOVING COMPUTERS INTO WORKGROUPS. IF YOU BELONG TO A WORKGROUP (OR DOMAIN) YOU GET THAT LOCAL LIST. YOU DON'T GET THE ENTERPRISE-WIDE LIST. YOU CAN GET THE ENTERPRISE-WIDE LIST BY CLICKING ON ENTIRE-NETWORK. ONLY THOSE COMPUTERS SETUP FOR FILESHARING ARE IN THE BROWSELISTS. LOTS OF OTHER COMPUTERS CAN BE IN THE NETWORK, BUT ONLY THOSE COMPUTERS THAT SHARE SOMETHING SHOW UP IN THE BROWSELIST. IN ADDITION, ANY SHARES ENDING IN A $, ALSO DO NOT SHOW UP IN A BROWSELIST. THE SHARE IS AVAILABLE, BUT NOT VISIBLE IN THE BROWSELIST. ANOTHER OPTION IS TO SHARE THE SHARE PUBLICALLY, BUT ASSIGN A PASSWORD TO THE SHARE. WHEN YOU INSTALL NT IT ASK IF YOU WANT A DOMAIN OR A WORKGROUP. IF YOUR A NT CLIENT, YOU CAN SWITCH WORKGROUPS+DOMAINS. A NEAT FEATURE THAT NT HAS, THAT 95/98 DOES NOT IS THAT NT SHARES CAN SUPPORT MULTIPLE USERS+PASSWORDS. 95/98 SHARES ONLY SUPPORT ONE PASSWORD FOR EACH SHARE. USING NT, MEANS YOU CAN ASSIGN DIFFERENT PERMISSIONS FOR EACH SHARE. 95/98 FILESHARING DOES NOT KNOW WHO IS USING ITS SHARES. NT HAS SECURITY, SO IT ALWAYS NEEDS TO KNOW WHO IS USING SHARES. LENGTHS OF IMPORTANT SETTINGS ***************************** 1. COMPUTER (NETBIOS) NAMES CAN BE UP TO 14 CHARS 2. WORKGROUP+DOMAIN NAMES CAN BE UPTO 15 CHARS LONG 3. SHARE NAMES CAN BE UPTO 12 CHARS LONG 4. NT USERNAMES CAN BE UPTO 20 CHARS LONG 5. NT PASSWORDS CAN BE UPTO 14 CHARS LONG ********************************************************************** 95/98 USING SHARE-LEVEL SHARING ALWAYS DISPLAYS THE SHARESLIST. 95/98 USING USER-LEVEL SHARING DISPLAYS THE SHARESLIST IF THE USER IS KNOWN. NT ALWAYS DISPLAYS THE SHARESLIST, IF THE GUEST ACCOUNT IS ENABLED !!!! NT ALWAYS DISPLAYS THE SHARESLIST, IF THE USER IS KNOWN. *********************************************************************** SCENARIO ******** IF YOU ADD ANOTHER NT SERVER TO THE DOMAIN... - YOUR LICENSE HAD NOW BETTER BE PER SERVER, SINCE NOW YOU HAVE MORE THAN 1 NT SERVER IN YOUR NETWORK. (MICROSOFT JUST CARE HOW MANY NT SERVERS YOU HAVE IN YOUR ENTERPRISE MICROSOFT DOESN'T CARE HOW MANY NT SERVERS PER DOMAIN!!! YOU CAN CHANGE ONE TIME FROM PER-SEAT TO PER-SERVER. SCENARIO ******** PDC BDC AND MEMBER SERVERS WILL ALL JOIN THE NETWORK AND THEREFORE BE UNDER THE DOMAIN. CENTRALIZED ADMINISTRATION. A STANDALONE SERVER WILL NOT BE IN THE DOMAIN! STANDALONE IS PART OF A WORKGROUP. THEREFORE YOU WILL SEE STANDALONES IN SMALL NETWORKS. HOWEVER, THEY SHOULD HAVE INSTALLED IT AS A PDC, NOT AS A MEMBER SERVER! A STANDALONE IS GOOD FOR A WINDOWS NETWORK, WHERE THEY WANT TO STAY IN A WORKGROUP, AND THE NEW NT SERVER WILL BE A "SERVICES" SERVER ONLY. ANOTHER GOOD REASON TO HAVE A STANDALONE IS A "SERVICES" SERVER IN A WORKGROUP. AN NT SERVER CAN BE ******************* 1. PDC = (DOMAIN NT SERVER THAT IS KING OF THE DOMAIN) THERE CAN ONLY BE ONE PDC PER DOMAIN! THATS RIGHT YOU CAN HAVE LOTS OF PDCS IN YOUR NETWORK, BUT ONLY ONE PDC PER DOMAIN. SO THAT MEANS MULTIPLE DOMAINS. 2. BDC = (DOMAIN NT SERVER THAT AUTHENTICATES USERS) AUTHENTICATES USERS LIKE THE PDC DOES, SHARING THE HEAVY LOAD. HAS A READ-ONLY COPY OF THE MASTER SAM. ACTUAL CHANGES TO USER AND GROUPS/RIGHTS MUST ALWAYS BE DONE ON THE PDC! 3. MEMBER SERVER = (DOMAIN NT SERVER NO USER AUTHENTICATIONS) MEMBER SERVER IS A STANADLONE SERVER THAT IS PART OF A DOMAIN. MEMBER SERVER DOES NOT AUTHENTICATE USERS (IE. IS NOT A PDC OR BDC) THIS IS THE CHOICE YOU SHOULD MAKE FOR ANY NT SERVERS THAT PROVIDE "SERVICES" TO YOUR NETWORK.EMAIL FAX GATEWAYS-FILESERVERS-FTP-WEB SERVERS -PRITN SERVERS ETC ETC. SHOULD BE SETUP A MEMBER SERVERS. DON'T BOG DOWN YOUR PDC OR BDC WITH THESE EXTRA SERVCES. IT IS NOT POSSIBLE TO CHANGE A MEMEBER SERVER TO A BDC OR PDC. 4. STANDALONE SERVER=(WORKGROUP NT SERVER) A STANDALONE SERVER IS AN NT SERVER THAT DOESN'T JOIN ANY DOMAIN. A STANDALONE SERVER THEREFORE IS AN NT SERVER THAT IS IN A WORKGROUP!! *********************************************************************** STANDALONE NT SERVER IS EXACTLY LIKE NT WORKSTATION!!!!! (OTHER THAN THE FACT ONE IS NT SERVER, ONE IS A WORKSTATION) *********************************************************************** THERFORE, YOU WILL HAVE USER AUTHENTICATION ERRORS, PASSWORD ERRORS. YOU WILL HAVE TO RECREATE THE SAM ON EVERY NT WORKSTATION AND STANDALONE NT SERVER IN YOUR WORKGROUP! (CAN BE A REAL PAIN, DEPENDING ON NUMBER OF USERS ACCOUNTS AND SHARES) ******************************************************************** DOMAINS NEED ONLY THE SAM ON THE PDC. WORKGROUPS NEED LOCAL SAMS ON EVERY STANDALONE AND WORKSTATION TO BE CREATED AND UPDATED MANUALLY ********************************************************************* THE ONLY THING THAT DOMAINS DO THAT WORKGROUPS DON'T IS ************* CENTRALIZED CONTROL ******************** RAID VOLUME SETS **************** FOR THE MOST PART, DRIVES ON SERVERS SHOULD BE LARGER FASTER AND MORE RELIABLE THAT THOSE ON CLIENT PC. THE EXCEPTIONS TO THIS RULE ARE CLIENT PCS FOR DIGITAL/AUDIO CAPTURES AND VERY HIGH-PERFORMANCE USERS. PARTITIONING IS THE METHOD OF DIVIDING UP A PHYSICAL DRIVE INTO PARTITIONS. (PARTITIONS IS DIVIDING THE WHOLE DISK INTO SMALLER PARTS) THE PHYSICAL DISK MUST HAVE A LEAST ONE PARTITION. (TO BE FORMAT-ABLE) A PHYSICAL DISK CAN ALSO HAVE MANY PARTITIONS. YOU CAN ONLY HAVE 4 PRIMARY PARTITIONS PER DISK, OR 3 PRIMARY PARTITIONS AND 1 EXTENDED PARTITION. (YOU CANNOT HAVE MORE THAN 1 EXTENDED PARTITION PER DRIVE) THE BEAUTY OF EXTENDED PARTITIONS IS NOW YOU CAN CREATE LOGICAL PARTITIONS INSIDE THE EXTENDED PARTITION! YOU CAN CREATE UPTO 23 LOGICAL PARTITIONS!!! THERE ARE 3 KINDS OF PARTITIONS. 1. PRIMARY = A PRIMARY PARTITION 2. EXTENDED = AN EXTENDED PARTITION IS A SPECIAL PARTITION THAT HOLDS ALL THE LOGICAL PARTITIONS. 2. LOGICAL = ALL LOGICAL PARTITIONS EXIST IN THE EXTENDED PARTITION. LOGICAL PARTITIONS ARE ALMOST LIKE PRIMARY PARTITIONS. NT SUPPORTS UPTO 24 DRIVE LETTERS ONLY (JUST LIKE 95/98) FAT16'S MAX IS 2GB PER PARTITION VFATS MAX IS 4GB PER PARTITION NT WON'T EVEN RECOGNIZE A FAT32 PARTITION! SO BEFORE YOU INSTALL NT, MAKE SURE THE FAT32 PARTITION IS DELETED OR FAT16'D. NTFS'S MINIUM SIZE IS 2MB (NTFS WILL NOT BE ON A FLOPPY) (CAN A ZIP OR JAZ DRIVE BE FORMATTED TO NTFS ?) LOGICAL DRIVES HAVE THE ROYAL BLUE STRIPE ON THEM. A LOGICAL DRIVE OBVIOUSLY CANNOT SPAN PHYSICAL DRIVES. A VOLUME SET CAN SPAN PHYSICAL DRIVES!! YOU CAN COMBINE A BUNCH OF FREE SPACE ON DIFFERENT DRIVES AND MAKE ONE LARGE VOLUME SET. A VLUME SET CAN BE INCREASED IN SIZE WITHOUT LOSING DATA IN THE VOLUME SET. THIS IS BECAUSE THE NEW SPACE IS "ADDED" ONTO THE VOLUME SET. THE DATA IN THE VOLUME SET WON'T GET DELETED BY JUST ADDING MORE SPACE TO THE VOLUME SET, SINCE ALL THE SPACE IS CONTIGOUS. ALL THE SPACE ON ONE VOLUME NEEDS TO GET USED UP BEFORE IT'LL GO TO THE NEXT DRIVE. SORT OF LIKE THE BLOB MONSTER FROM THE 50'S A VOLUME SET THAT INCLUDES ANY FAT PARTITIONS CANNOT BE EXTENDED. ONLY VOLUME SETS THAT INCLUDES ONLY NTFS PARTITIONS CAN BE EXTENDED. VOLUME SETS HAVE THE ROYAL YELLOW STRIPE ON THEM. DISK MIRROR SETS HAVE THE ROYAL PURPLE STRIPE ON THEM. RAID 5 = STRIPE SET WITH PARITY (REQUIRES 3-32 PHYSICAL DISKS) RAID 0 = STRIPE SET NO PARITY (REQUIRES 2-32 PHYSICAL DISKS) BOTH (RAIDS 0 STRIPE SET NO PARITY) AND (RAIDS 5 STRIPE SET WITH PARITY) HAVE THE ROYAL GREEN STRIPE. YOU CAN MAKE ALL KINDS OF CHANGES IN DISK ADMINISTRATOR. ADDING/DELETING/RESIZING PARTITIONS. NO CHANGES OCCUR THEORETICALLY UNTIL YOU SAVE THEM. ONCE SAVED YOU SHOULD RESTART TO REALIZE THOSE CHANGES FULLY. (LIKE FDISK ALWAYS SAYS, REBOOT) A COMMON METHOD A LOT OF SYSADMINS USE IS THE SLED WITH TAPE DRIVES. SINGLE LARGE EXPENSIVE DISK WITH TAPE BACKUPS. IT STATES THE OBVIOUS, BUT YOU MUST FIRST PARTITION BEFORE YOU CAN FORMAT. IT MAKES NO SENSE, AND IS NOT POSSIBLE TO FORMAT FREESPACE DIRECTLY. HOWTO CREATE A LOGICAL DRIVE (ASSUMING NO EXTENDED PARTITION EXISTS) ******************************************************************** 1. OPEN DA AND SELECT YOUR FREESPACE 2. RIGHT-CLICK+SELECT PARTITION+CREATE EXTENDED 3. ENTER THE SIZE OF THE EXTENDED PARTITION 4. SELECT CREATE FROM THE MENU AND SELECT SIZE OF THE NEW LOGICAL DRIVE (LOGICAL DRIVES ARE IN ROYAL BLUE) 5. SELECT COMMIT CHANGES NOW (NOW DA CHANGES THE PARTITION TABLE) 6. FORMAT THE NEW DRIVE TO NTFS OR FAT 7. REBOOT (TO BE SAFE) VOLUME SETS VOLUME SETS ARE COOL IN THE FACT THAT YOU CAN COLLECT ALL THE FREESPACE ON ALL DISKS, AND MAKE ONE LARGE LOGICAL DISK FROM THEM. SYSTEM PROCESS-LOST DELAYED-WRITE DATA OR SIMILAR MESSAGES ARE VERY BAD. THE DRIVE AND ITS DATA ARE LIKELY TOAST. CHECK THAT ALL DRIVES ARE ON CONNECTED AND TRY REBOOTING. HOW TO CREATE A VOLUME SET ************************** 1. BACKUP THE ENTIRE SERVER (TO BE SAFE) 2. OPEN DA AND SELECT FREESPACE ON DIFFERENT PHYSICAL DRIVES-CTRL 3. PARTITION MENU>CREATE VOLUME SET 4. SELECT THE SIZE OF THE VOLUME SET 5. VOLUME SET AREAS WILL NOW BE IN ROYAL YELLOW. 6. TOOLS MENU>FORMAT, THE VOLUME SET EXTENDING A VOLUME SET ********************** 1. SELECT THE VOLUME SET TO EXTEND 2. PARTITION MEUN>EXTEND VOLUME SET 3. RESIZE THE VOLUME SET INCREASING A VOLUME SET WILL STILL PRESERVE THE DATA IN THE VOLUME SET. DECREASING A VOLUME SET WILL KILL ALL THE DATA IN THE VOLUME SET. IF \WINNT IS INSIDE A VOLUME SET, YOU CANNOT INCREASE THAT VOLUME SET. VOLUME SETS CANNOT BE JOINED TOGETHER A PHYSICAL OR LOGICAL DRIVE CANNOT BE JOINED TO A VOLUME SET. A VOLUME SET THAT HAS A FAT PARITITION IN IT CANNOT BE EXTENDED. ONLY VOLUME SETS OF ALL NTFS PARTITIONS CAN BE EXTENDED. RAID 0-CREATING A STRIPE SET WITHOUT PARITY ****************************************** 1. SELECT FREESPACE ON 2 TO 32 SEPERATE DRIVES (CONTROL-CLICKING) 2. PARTITION MENU>CREATE STRIPE SET 3. ENTER THE SIZE OF THE VOLUME SET REQUIRED 4. FORMAT AND REBOOT THE VOLUME SET. RAID 1-DISK MIRRORING/DUPLEXING ******************************************* CONTROL-ESC GIVES THE START MENU