Cover image for Windows 2000 essential reference
Windows 2000 essential reference
Tate, Steven.
First edition.
Publication Information:
Indianapolis, Ind. : New Riders, [2000]

Physical Description:
xxviii, 672 pages : illustrations ; 23 cm
General Note:
"Includes coverage of Server, Workstation, and Professional"--Cover.

Includes index.
Added Author:
Format :


Call Number
Material Type
Home Location
Item Holds
QA76.76.O63 W568 2000 Adult Non-Fiction Central Closed Stacks

On Order



Like other Essential Reference books, this will be a unique, focused, easy-to-use reference for anyone who administers, supports or manages a Windows 2000 network. It will provide a concise, technically accurate distillation of the essential information an administrator would need to know to successfully administer Windows 2000 in a real-life, enterprise production environment.Most administrators will find it hard to get their hands around the Active Directory, Kerberos authentication, IntelliMirror, group policies, and other new technologies in Windows 2000 because of their complexity. These administrators will be searching for a reliable and expert source of advice that will help them successfully implement these new technologies.

Author Notes

Steve Tate , MCT and MCSE, has had seven years of experience with Windows NT and NetWare LAN administration. Most recently, Steve has focused exclusively on training and consulting on networking with Microsoft technologies. He was selected by Microsoft to be a member of the Windows NT 5.0 Rapid Deployment Team and has also developed exam items for Microsoft for use in Microsoft Certified Professional exams. His authoring experience includes two New Riders Publishing books: MCSE Training Guide: Windows NT 4 Workstation and Windows NT Server 4: Security, Troubleshooting, and Optimization.

Prior to teaching MS-certified courses, Steve was a trainer/consultant specializing in end-user applications training. He also dabbled in corporate life (a Systems Analyst programming in COBOL), and had stints as a PC analyst, computer salesman, and graduate student.

Jon Boggs is an MCSE, MCSD, and CNE. As a senior consultant for the eBusiness Networks practice of Xpedior Incorporated in Chicago, he has provided consulting services to a number of nationally known corporations. He is an expert at automating administrative tasks and system deployments, typically employing a mix of Windows NT/2000, SMS, and Visual Basic. Jon co-authored Planning for Windows 2000 and served as a technical reviewer on several BackOffice-related books. He enjoys reading and biking in his spare time.

Scott Burgess is a Managing Consultant and Sr. eBusiness Architect for Xpedior Incorporated, the number one Microsoft solution provider of the year worldwide for both 1997 and 1999. Scott is an MCSE+I and is MCT certified to teach all the current Microsoft products, including the new Windows 2000 curriculum. Scott has 15 years of experience implementing and designing enterprise-wide LAN, WAN, and heterogeneous operating system environments, including OS390, AS400, UNIX, NT, and OS/2. In the past two years, Scott''s focus has been centered on the in-depth beta testing of Windows 2000. Through his involvement with Microsoft''s JDP program (Joint Deployment Program), Scott and his team have architected and implemented several rollouts of Windows 2000 to international customers. Randy Cook is an independent contractor from Salt Lake City, Utah. His qualifications include Certified Novell Instructor, Master CNE, Microsoft Certified Trainer, MCSE, and the Cisco CCNA. He is currently working for Blue Cross/Blue Shield of Florida as a LAN Architect in their NT Enterprise and teaches in his spare time at Productivity Point International, Jacksonville Florida. He has an extensive background in distributive network integration and Directory Services.

Jeremy Deats ( is a Web application developer and e-commerce consultant with Penta, Inc. in Houston, Texas. Jeremy is a Microsoft Certified Professional in Visual Basic and is certified in IBM''s Net.Commerce. When he''s not hard at work, Jeremy is either spending time with his beautiful fianc#65533;e Amanda Clement or playing his guitar.

Art Henning''s 14-year career with Intergraph Corporation includes a wide scope of experience in a support role for hardware, software, and networks with VAX VMS, various flavors of Unix, and WinNT, beginning with beta versions of 3.1. Art was staffed for three years as a Software Analyst and Consultant for Intergraph''s NFS products, which were licensed to Microsoft and released as part of the WindowsNT Services for Unix bundle. This included certification work with Windows 2000. He currently is a Systems Administrator for one of Intergraph''s MIS departments, and is an MCP.

Chris Jones is a Microsoft Certified System Engineer. He holds a B.S.B.A. in Management Information Systems and Finance from the University of Arizona. Chris is currently a Senior Systems Programmer for Intel Corporation. His experience at Intel has included engineering and implementation of enterprise Windows NT infrastructure architectures and extensive involvement in Microsoft''s Joint Development Program for Windows 2000. Chris enjoys mountain biking, golf, and Tae Kwon Do in his spare time.

Thomas Lee is an independent computer consultant who has been working with Windows NT since 1993. After graduating with a BS in Computer Problem Solving from Carnegie Mellon University, he worked on two successful operating system projects (Comshare___s Commander II and ICL___s VME) before joining Andersen Consulting in 1981, where he was a manager in the London office. He has been an independent consultant since 1987. Most recently, he worked in Redmond developing Windows 2000 Microsoft Official Curriculum (MOC) training material and is presently engaged in several consulting projects relating to Windows 2000. Thomas is a Fellow of the British Computer Society and a Member of the Institute of IT Trainers, as well as being a Microsoft Certified Systems Engineer (MCSE), Microsoft Certified Trainer (MCT), and Microsoft Valued Professional (MVP). Thomas lives in a cottage in the English countryside with his wife, Susan, and daughter, Rebecca. You can contact Thomas at Mary McLaughlin, MCSE+I, MCT, ASE, ACT, lives in the Boston area with her beloved daughter, Margaret. She started as a systems administrator 10 years ago, and has worked consistently on small- to medium-sized LANs and WANs for profit and non-profit organizations. In the last five years, her focus has been on training individuals in Windows 2000, Windows NT, and Compaq technologies. Currently, she is involved in security solutions such as firewall, VPN, and PKI technologies.

Jim Mulvey is a Microsoft Certified Systems Engineer (MCSE) and Microsoft Certified Trainer (MCT). He has a BS in Electrical Engineering from the University of Connecticut. His 13 years of experience in the IT industry include project management, architecture, systems engineering, and technical support under a variety of platforms. He is currently a Senior Consultant with Xpedior Incorporated, an eBusiness solutions provider awarded Microsoft''s "Partner of the Year Worldwide" award for 1997. His experience at Xpedior includes engagement in Microsoft''s Joint Deployment Program for Windows 2000, in which he was project manager and chief architect for one of the first production Windows 2000 Domain designs.

James O''Neill was born in 1965 and lives near Oxford, England. After doing a BSc in Computer Science at the University of Exeter, he joined the UK''s biggest supplier of PCs for schools, where he planned and supported customers'' networks before leaving in 1993 to work in the IT training industry. In 1995 he became Managing Director and major shareholder of SHX, a Microsoft Certified Technical Education Centre, before selling it in 1998, but continued to teach Windows NT and Microsoft Exchange. In 1999, he worked as part of Microsoft''s team developing the MCP exams for Windows 2000. He married his wife Jackie in 1989 and their daughter Lisa was born in January 2000. He collects quotations and has the irritating habit of talking about himself in the third person.

David Shackelford holds a master''s degree from California State University at Fullerton. His background includes working as a beekeeper, screening submissions for a popular poetry journal, and teaching NT operating system and networking courses at Hewlett Packard and Intel. He currently works for a firm in southern California as the supervisor of network operations.

Paul Papanek Stork is a Senior Lecturer and Director of the E-Ideas Lab for Weatherhead School of Management at Case Western Reserve University. Paul has an MBA from Weatherhead and is a Microsoft Certified Trainer, a Microsoft Certified Systems Engineer plus Internet, and a Certified Novell Engineer with more than 14 years of experience designing, implementing and supporting Microsoft and Novell Networks. Prior to his appointment as a lecturer at Weatherhead in January of 2000, Paul was an active member of Microsoft''s Windows 2000 Rapid Deployment Program for DeCarlo, Paternite, and Associates, Inc. As a staff instructor at DPAI, he was one of the first MCTs in the Midwest to teach beta classes on Windows 2000 to other trainers and network engineers.

Table of Contents

Part I The Windows 2000 Environmentp. 1
1.1 Overview of Windows 2000 Architecturep. 3
Versions of Windows 2000p. 4
Windows 2000 System Architecturep. 7
Windows 2000 Securityp. 16
1.2 Introduction to Active Directoryp. 21
Active Directory and Windows 2000p. 22
Organization of Active Directoryp. 27
Going Deeper: Domain Controllers and Active Directoryp. 34
Part II Installing and Configuring Windows 2000 Serverp. 61
2.1 Overview of Installing and Configuring Windows 2000 Serverp. 63
Installing Windows 2000 Serverp. 64
Configuring Devices and System Settingsp. 67
Configuring Network Componentsp. 69
The Boot Processp. 69
The Registryp. 70
2.2 Installing Windows 2000 Serverp. 71
Using Windows 2000 Setupp. 72
Upgrading to Windows 2000 Serverp. 86
Automating Setupp. 87
Creating and Using Installation Scriptsp. 88
Remote Installation Services (RIS)p. 91
Using System Imagesp. 93
2.3 Configuring Devices and System Settingsp. 95
Overviewp. 96
Installing and Configuring Device Driversp. 97
Configuring System Settingsp. 107
Going Deeper: Windows 2000 Demand Pagingp. 113
Best Practicesp. 115
2.4 Configuring Network Componentsp. 117
Network Components Overviewp. 118
Configuring Network Interfacesp. 119
Configuring Network Protocolsp. 120
Configuring Network Servicesp. 127
Configuring Network Bindingsp. 130
Troubleshooting Network Connectivityp. 132
2.5 The Boot Processp. 135
The Normal Boot Processp. 136
Understanding boot.inip. 139
Using Advanced Boot Optionsp. 144
Creating a Windows 2000 Boot Diskp. 149
Troubleshooting the Boot Processp. 149
2.6 The Registryp. 151
Introduction to the Registryp. 152
Registry Securityp. 155
Registry Physical Storagep. 155
Using the Registry Editorp. 156
Troubleshooting Registry-Related Tasksp. 160
Part III Tools for Administrationp. 163
3.1 Getting Started as a Windows 2000 Administratorp. 165
A Day in the Life of a Windows 2000 Administratorp. 166
Knowing Your Toolsp. 167
Planning Ahead: Creating the Environment for Successp. 168
Tips and Tricks to Automate Administrative Tasksp. 168
Avoiding Crisis: Monitoring Your Networkp. 169
Windows 2000 Administration Best Practicesp. 170
3.2 Using MMC Consolesp. 171
Overview of the Microsoft Management Consolep. 172
Using and Creating Consolesp. 174
Distributing Custom Consoles to Usersp. 182
3.3 Using Administrative Toolsp. 183
Overview of Administrative Toolsp. 184
Active Directory Administration Toolsp. 193
Other Administrative Toolsp. 193
Troubleshooting and Diagnostic Toolsp. 195
3.4 Managing Services and Tasksp. 205
Managing Servicesp. 206
Managing Tasksp. 216
Scheduling Tasksp. 221
Part IV Managing the Directoryp. 223
4.1 Overview of Managing the Directoryp. 225
DNS and Active Directoryp. 226
Configuring a Domain Controllerp. 227
Creating and Managing User Accountsp. 228
Creating and Managing Groupsp. 228
Logging On and Authenticationp. 229
4.2 DNS and Active Directoryp. 231
The DNS Namespacep. 232
The DNS Resource Recordsp. 236
Storing DNS Information in the Active Directoryp. 240
Maintaining Zones in Windows 2000 DNSp. 242
Using Third-Party DNS Servers with the Active Directoryp. 243
4.3 Configuring a Domain Controllerp. 247
Installing Active Directoryp. 248
Configuring Active Directory Replicationp. 250
Modifying the Active Directory Schemap. 256
Going Deeper: Restructing Domainsp. 259
4.4 Creating and Managing User Accountsp. 263
Overview of User Accountsp. 264
Local (SAM) Accountsp. 264
Domain User Accountsp. 266
Administering User Accountsp. 267
Best Practices When Administering Accountsp. 277
4.5 Creating and Managing Groupsp. 279
Overview of Groupsp. 280
Local (SAM) Groupsp. 280
Domain Groupsp. 281
Nesting Groupsp. 282
Default Domain Groupsp. 284
Creating, Deleting, and Modifying Group Accountsp. 284
Best Practices for Managing Group Membershipp. 291
4.6 Logging On and Authenticationp. 293
Logging Onp. 294
Configuring Systems to Log On to a Domainp. 300
Going Deeper: How a Windows 2000 System Authenticates a Userp. 304
Troubleshootingp. 311
Part V Managing Files and Printersp. 315
5.1 Overview of Managing Files and Printersp. 317
File Systems and Disksp. 318
Sharing Foldersp. 319
Distributed File Systemp. 320
Sharing Printersp. 320
Protecting Datap. 321
Auditing Resource Accessp. 322
Internet Information Serverp. 322
5.2 File Systems and Disksp. 323
File Systemsp. 324
File System Formatp. 329
NTFS Permissionsp. 331
File and Disk Utilitiesp. 337
Disk Quotasp. 342
Disk Configurationp. 343
Best Practicesp. 346
5.3 Sharing Foldersp. 349
Overview of Shared Foldersp. 350
Creating a Shared Folderp. 351
Setting Permissions On Shared Foldersp. 352
Monitoring and Testing Shared Foldersp. 356
Connecting to Shared Foldersp. 356
Publishing Folders in the Directoryp. 359
5.4 Distributed File System (DFS)p. 361
DFS Overviewp. 362
Setting Up a DFS Rootp. 364
DFS Clientsp. 367
5.5 Sharing Printersp. 369
Sharing Print Resourcesp. 370
Publishing Printers in the Directoryp. 377
5.6 Auditing Resource Accessp. 381
Overview of Auditingp. 382
Auditing Access to Filesp. 383
Auditing Access to Printersp. 384
5.7 Protecting Datap. 385
Overview of Data Protectionp. 386
Virus Protectionp. 386
Fault-Tolerancep. 388
EFS and EFS Recoveryp. 392
Backup and Restorep. 392
Disaster Recoveryp. 396
5.8 Internet Information Serverp. 399
Introduction to Internet Information Serverp. 400
Installing and Configuring Internet Information Serverp. 401
Administering WWWServicesp. 402
Administering FTP Servicesp. 404
Creating and Managing Virtual Directories and Serversp. 406
Using Indexing Servicesp. 407
Administering IIS Securityp. 408
Part VI Managing User Desktopsp. 411
6.1 Overview of Managing User Desktopsp. 413
Overview of User Desktop Managementp. 414
Customizing the Environmentp. 414
6.2 Profilesp. 419
Profilesp. 420
Local Profilesp. 420
Roaming User Profilesp. 423
Mandatory User Profilesp. 424
My Documents Foldersp. 427
Offline Foldersp. 427
Best Practicesp. 427
6.3 Group Policiesp. 429
Introduction to Group Policiesp. 430
Delegating Administration of Group Policiesp. 438
Using Group Policies to Manage User Documents and Offline Foldersp. 438
Best Practices for Group Policy Architecture and Applicationp. 440
Part VII Managing Applicationsp. 441
7.1 Overview of Managing Applicationsp. 443
Windows 2000 Software Distribution and Managementp. 444
Publishing and Advertising Applicationsp. 445
Windows Installerp. 446
Upgrading, Patching, and Removing Applicationsp. 446
7.2 Publishing and Assigning Applicationsp. 449
Publishing Applicationsp. 450
Assigning Applicationsp. 451
Applying Transformsp. 452
Upgrading Applicationsp. 453
Setting Software Installation Defaultsp. 454
Removing Applicationsp. 455
Creating Software Policy Templatesp. 456
Controlling Software Deployment through Group Policy Object Settingsp. 457
Going Deeper: Practical Applicationsp. 458
Best Practicesp. 459
7.3 Windows Installerp. 461
Windows Installerp. 462
Components, Features, and Productsp. 462
Windows Installer File Typesp. 463
"Native" Windows Installer Packagesp. 464
Repackaging an Applicationp. 465
Create .zap Installation Filesp. 466
Customizing Packagesp. 467
Modifying Windows Installer Behaviorp. 468
Part VIII Managing Network Servicesp. 471
8.1 Overview of Managing Network Servicesp. 473
Physical Network Planningp. 474
IP Addressingp. 474
Name Resolution and Service Registrationp. 476
Managing Client Network Configurationp. 479
Managing Server Network Configurationp. 481
Managing Server Network Performancep. 481
8.2 Dynamic Host Configuration Protocolp. 483
Overview of DHCPp. 484
IP Address Lease Processp. 485
Installing and Configuring DHCP Serverp. 488
DHCP Scopesp. 490
Dynamic DNS Integrationp. 497
Working with RRASp. 498
Enabling Server-side Conflict-Detectionp. 499
Enabling Loggingp. 499
Maintaining the DHCP Databasep. 500
DHCP Clientsp. 502
Frequently Asked Troubleshooting Questionsp. 503
8.3 Domain Name System (DNS)p. 507
Overview of DNSp. 508
DNS and Name Resolutionp. 510
DNS Zonesp. 511
Installing DNSp. 514
Creating Zonesp. 517
Resource Recordsp. 519
Dynamic DNSp. 523
Configuring DNS Serversp. 525
Testing Toolsp. 527
Best Practicesp. 529
8.4 Windows Internet Name Service (WINS)p. 531
Overview of WINSp. 532
Installing WINSp. 535
Configuring WINS Serversp. 536
Maintaining the WINS Databasep. 537
Backing Up and Restoring the WINS Databasep. 538
Configuring WINS Replicationp. 539
WINS Clientsp. 541
Monitoring WINSp. 542
NetBIOS Names Referencep. 543
8.5 Remote Access Service (RAS)p. 545
Overview of Windows 2000 Remote Access Serverp. 546
Installing RAS Serverp. 547
Configuring RAS Serversp. 547
Configuring RAS Users and Clientsp. 550
Internet Authentication Servicep. 555
Troubleshooting Dial-up Connectionsp. 556
Testing and Monitoring RASp. 557
Overview of VPNsp. 557
8.6 IP Routingp. 561
IP Routing Overviewp. 562
Demand-Dial Routingp. 562
Routing Protocolsp. 563
Multicastingp. 565
Testing and Monitoring IP Routingp. 567
Scripting Router Configurationp. 568
Going Deeper: Practical Applicationsp. 569
8.7 Connection Sharingp. 571
Overview of Connection Sharingp. 572
How Network Address Traslation (NAT) worksp. 573
Configuring Connection Sharingp. 574
Choosing IP Addresses for the Internal and External Networksp. 576
Configuring Inbound Connectionsp. 577
Configuring Applications and Servicesp. 578
Testing and Monitoring Connection Sharingp. 578
Best Practicesp. 579
8.8 Terminal Servicesp. 581
Overview of Terminal Servicesp. 582
Installing and Configuring Terminal Servicesp. 582
Terminal Server Licensingp. 586
Configuring Applications for Shared Accessp. 586
Installing Terminal Services Clientsp. 587
Connecting and Disconnecting Sessionsp. 588
Best Practicesp. 588
Part IX Appendices
A Migrating NT 4 Domains to Active Directoryp. 593
Designing Your Active Directoryp. 593
Restructuring NT Domainsp. 596
Windows 2000 Migrationp. 598
B Command Prompt Quick Referencep. 599
Networking Utilitiesp. 599
IP Networking Utilitiesp. 600
Utilitiesp. 603
Batch Commandsp. 610
Environment Commandsp. 612
C Sample Batch Filesp. 615
Rand.batp. 615
Virupdate.batp. 617
D Resource Kit Utilitiesp. 621
Disk and File Utilitiesp. 623
Migration Utilitiesp. 624
Network Utilitiesp. 625
PC Management Utilitiesp. 627
Performance Utilitiesp. 629
Troubleshooting Utilitiesp. 629
Indexp. 631