|
|
|
| |
|
|
|
Support and
Management Improvements
| |
This
paper is written for information technology
(IT) professionals responsible for the support
and management of desktop systems. It provides
an overview of key support and management
capabilities in the Microsoft� Windows� 2000
Professional operating system.
Contents
Today, businesses invest a
great deal of time and resources keeping
desktop PCs up and running for users to remain
productive. The Microsoft� Windows� 2000
Professional operating system is designed to
significantly reduce support and management
costs providing a stable desktop environment
for users.
Windows 2000 Professional
provides the following improvements:
| Reduces the number of
support calls by making applications and
hardware more reliable.
| | Provides a more
dependable method for installing.
| | Reduces the time it takes
to diagnose and correct problems.
| | Provides enhanced support
for management software. |
Windows 2000 Professional
lightens the support and management burden by
reducing the number of support calls by making
applications and hardware more reliable and
reducing what the Gartner Group calls the end
user �futz� factor. Key capabilities
include a more dependable method for
installing applications; guidelines for
application developers for creating more
reliable and resilient applications; and
increased protection against dynamic-link
library (DLL) conflicts. For hardware
reliability, Windows 2000 Professional
includes support for the next generation of
Plug and Play, power management, and code
signing and verification. Wizards guide users
through features and self-help mechanisms,
such as sophisticated troubleshooters make
users more self-reliant. Deployment methods
are more comprehensive and ensure that all
configurations are completed properly.
Windows Installer-Based
Applications
One of the most common
support calls is for applications that stop
working properly. In many cases, application
errors are due to missing or corrupt files.
The most effective way to resolve this type of
problem is to completely reinstall the
affected application�in the best case
scenario this would happen before a technician
has spent time attempting to diagnose and
correct the problem.
Microsoft is working with
independent software vendors (ISVs) to
introduce a, more reliable
application-installation technology, called
Windows Installer. This service defines and
enforces a standard format for application
setup and tracks components such as groups of
files, registry entries, shortcuts, and other
aspects of the application that must be
managed together. This provides for:
| Self-repairing
applications. If a key file is
missing, the Windows Installer performs an
on-demand installation of the missing
file. The Windows Installer has the
ability to look for backup sources if the
original source is unavailable due to
network outage or other temporary problem.
At the time of deployment, administrators
have the ability to provide the Windows
Installer service with a list of backup
source locations for that particular
product. In addition, if the Windows
Installer service cannot find any
available source from the list provided,
it can prompt the user to browse for a
source, and it will then add any browsed
sources to the existing list for that
product.
| | Reduces DLL conflicts.
A Windows Installer package allows the
administrator to easily determine what
files, and what versions of those files,
are being installed. This is especially
beneficial for corporations that maintain
a list of known good versions of shared
DLLs and allow installation of
applications that require a shared DLL
only on the basis of that list.
| | Rollback failed
installations. If an installation
fails, Windows Installer detects the point
of failure and removes changes made up to
that point.
| | Removing applications.
When applications are removed, Windows
Installer uninstalls the application and
can restore all components, including
registry entries. |
Refined Application
Specification
To help make applications
more reliable, Microsoft developed, in
cooperation with customers and software
developers, the Windows 2000 Application
Specification (available from http://msdn.microsoft.com/winlogo.)
It provides clear, concise guidelines to help
developers create more predictable and
reliable applications. The specification
focuses on several core areas:
| Install/Uninstall
Requirements. Install and uninstall
issues are one of the most common sources
of application co-existence problems.
These requirements help ensure that the
user has successful install and uninstall
experiences, and that the application
inter-operates in the correct manner with
other applications on the machine. The
Windows Installer service helps the
operating system manage application setup
and configuration, including the
following:
| Management of
refcounting and version checking of
shared components helps ensure that
applications better inter-operate with
one another.
| | Reliable and complete
uninstall, including correct handling
of shared components.
| | Ability to perform
installation on secure systems (for
non-administrators and non-power
users).
| | Applications can use
the functionality of the Windows 2000
IntelliMirrorTM management
technologies for policy-based
deployment, update, and uninstallation
over a network. |
| | User and Computer
Settings Management Requirements.
Windows 2000 Professional provides an
underlying infrastructure to install,
configure, and manage applications. These
requirements provide guidelines for
software developers on how to write
applications that use this infrastructure,
and thereby reduce the overall TCO for
customers. Administrators can define
computing environments for groups of users
and computers that are automatically
deployed. Settings that can be controlled
include desktop settings, scripts for log
on/log off, software installation options,
and security settings. Furthermore, with
the IntelliMirror feature enabled,
administrators can restore a user�s
settings if their computer fails, and
ensure that a user�s desktop settings
follow them when roaming to another
computer. For applications to work
properly in such an environment, it is
critical that they take advantage of the
Windows infrastructure by storing their
data correctly, and complying with the
administrator�s pre-configured settings.
| | Requirements for user
interface (UI) fundamentals. Meeting
UI requirements permits the use of
sophisticated automation tools, including
testing tools, task automation tools such
as intelligent agents, and new input
methods such as voice input. Organizations
that use the Windows platforms require
software to be usable by a wide range of
users. Meeting these requires also helps
to ensure that software will be compatible
with future enhancements that are planned
for the Windows platform, including speech
input, speech output, and intelligent task
automation.
| | OnNow Requirements.
The OnNow initiative is a set of design
specifications which, when applied to
system hardware and software applications,
enable a PC to deliver the same instant on
capabilities now available in consumer
devices such as TVs and VCRs. Applications
must participate in system-wide power
management decision-making to ensure
error-free handling of power-down and
power-up scenarios. Applications must be
able to put themselves to sleep on system
or user requests to support a low-power
state, and then they must respond to wake
notifications, preserving data
appropriately.
| | Migration Requirements.
The goal of this requirement is to ensure
that when users upgrade their operating
system, previously installed applications
will continue to function as before, with
all preferences and privileges working
after the upgrade. |
Side-By-Side Components
One of the most common
causes of application failure occurs when
several applications need access to slightly
different versions of a DLL with the same
name. For example, a line-of-business
application was designed with particular
versions of key DLLs in mind. Typically, these
DLLs would have been installed in the system
directory where they might be upgraded by
another application. This often causes the
original application to fail or not perform as
expected.
Windows 2000 Professional
includes several kernel-level changes that
allow applications to place their specific
versions of dependent DLLs into their own
directories instead of a globally shared
location. When an application is opened, the
version of the DLL the application was
designed and tested with is run.
These changes serve two
different types of customers. Because software
developers can produce components which are
side-by-side aware, developers who rely on the
components can install them into their
application directory. In addition, corporate
administrators can repackage existing
applications so that dependent components are
installed into the application directory
instead of a shared directory.
Windows File Protection
In addition to enabling
side-by-side components, Windows 2000
Professional provides another mechanism for
reducing conflicts because of mismatching
DLLs.
In Windows 2000
Professional, a feature called Windows File
Protection (WFP) prevents the replacement of
certain monitored system files1. By
preventing the replacement of essential system
files, file version mismatches can be avoided.
WFP works as a background
process that prevents replacement of essential
system files such as the .sys, .dll, .ocx, .fon
and .exe files that ship as part of Windows
2000 Professional. WFP protects system files
by detecting when a protected system file is
replaced. WFP will look up the file signature
in a catalog file to determine if the new file
is the correct Microsoft version. If it is
not, the system either replaces the file from
the dllcache directory or distribution media,
depending on whether or not the file is
located in dllcache. By default, WFP will
present a dialog box informing the
administrative user that a system file has
been restored to the original version. If an
administrative user is not logged onto the
system, WFP will wait until the next
administrative user logs onto the box before
presenting the error dialogs.
Replacing protected system
files will only be supported if installed by
one of the following mechanisms:
| Windows 2000 Service Pack
Installation (Update.exe)
| | Hotfix Distributions (Hotfix.exe)
| | Operating System upgrade
(Winnt32.exe)
| | Windows Update (Windows
Update Icon) |
Hardware Reliability
Windows 2000 Professional
includes enhancements to simplify
device-driver development and device
management. These enhancements include support
for power management, Plug and Play, and
low-level hardware instrumentation.
Plug and Play is a
combination of hardware and software support
that enables a computer system to recognize
and adapt to hardware configuration changes
with little or no user intervention. With Plug
and Play, a user can add or remove devices
dynamically, without awkward and confusing
manual configuration and without any intricate
knowledge of computer hardware.
For example, a user can dock
a portable computer and use the docking
station's Ethernet card to connect to the
network without changing the configuration.
Later, the user can undock that same computer
and use a modem to connect to the network �
again without making any manual configuration
changes.
Plug and Play allows a user
to change a computer's configuration with the
assurance that all devices will work together
and that the machine will boot correctly after
the changes are made.
Advanced Configuration and
Power Interface (ACPI)
Windows 2000 Professional
supports the next generation of power
management and Plug and Play, called Advanced
Configuration and Power Interface (ACPI). ACPI
provides a more robust solution than previous
systems because the operating system, rather
than a separate BIOS, controls both power
management and Plug and Play
functionality. The following features can help
reduce calls to help desk:
| Automatic and dynamic
recognition of installed hardware.
Includes initial system installation,
recognition of Plug-and-Play changes
between system boots, and response to
run-time hardware events such as dock and
undock.
| | Hardware resource
allocation (and reallocation).
Required device resources are identified
when the device is enumerated by the
operating system. The Plug and Play
Manager retrieves the requirements for
each device during resource allocation.
Based on the resource requests, each
device makes the Plug and Play Manager
assign the appropriate hardware resources
such as I/O ports, IRQs, and memory
locations. The Plug and Play Manager
reconfigures resource assignments when
needed.
| | Loading appropriate
drivers. The Plug and Play Manager
determines which drivers are required to
support a particular device and loads
those drivers.
| | Driver interaction
with the Plug and Play system. The
interface consists of primarily I/O
routines, Plug and Play I/O request
packets, required driver entry points, and
information in the registry to awaken a
device or put it to sleep.
| | Registration for
device notification events. Plug and
Play enables user-mode code to be notified
of certain Plug and Play events. |
Code Signing
To ensure that users are
using the highest quality drivers, Microsoft
will digitally sign drivers that pass the
Windows Hardware Quality Lab (WHQL) tests.
This digital signature will be associated with
individual driver packages and will be
recognized natively by Windows 2000
Professional. Devices covered include:
| Keyboard
| | Hard Disk Controller
| | Multimedia
| | Monitor
| | Modem
| | Mouse
| | Network cards
| | Printer
| | SCSI Adapter
| | Smart Card Reader |
Windows 2000 Professional
supports the ability to either warn or
entirely block users from installing unsigned
code. If a file has not been digitally signed
and resides in the above-referenced classes, a
pop-up message will alert users that a file
has not been digitally signed, and ask them if
they would like to continue.
Driver signing uses the
existing digital-signature cryptographic
technology. A hash of the driver binary and
relevant information are stored in a catalog
file (.cat file), and the .cat file is signed
with the Microsoft signature. The driver
binary itself is not touched; only a .cat file
is created for each driver package. The
relationship between the driver package and
its .cat file is referenced in the driver's .inf
file and maintained by the system after the
driver is installed.
Eliminating User Errors
Windows 2000 Professional
provides users with tools to help eliminate
errors such as wizards to simplify routine
tasks and improved Help resources so they can
find answers to questions before errors occur.
Additionally, error messages have been
improved, reducing their complexity and
number.
Task Wizards
Windows 2000 Professional
includes many Wizards that provide users with
step-by-step guidance on how to use various
features. For example:
| Network Connection
Wizard. Single location for creating
different types of networking connections.
Guides users through creating dial-up,
virtual private network,
computer-to-computer and other types of
connections.
| | Add/Remove Hardware.
Guides users through adding or
troubleshooting devices, as well as
installing and uninstalling. Automatically
scans the system for any configuration
changes.
| | Offline Folders.
Gives users the ability to take network
resources offline. The first time Offline
Folders are used, the Wizard guides users
through the process of understanding the
features and how to use them.
| | Mapping network drives.
Guides users through the process of
setting connections to file shares on the
network.
| | Users and passwords.
Guides users through setting up new users
and access rights on the computer. |
Self-Help
Windows 2000 Professional
provides more intelligent tools so users can
attempt to correct problems themselves without
causing more damage to a system. For example:
| Troubleshooters.
Using advanced logic tools (Bayesian
inference-based), users can describe an
issue in non-technical language, and
Windows 2000 Professional will provide a
list of possible topics. Windows 2000
Professional Troubleshooters include:
| Blue Screen
| | Client Services for
Netware
| | DHCP
| | Dial-up Network
Connections
| | Directory Services
| | DirectX
| | Display
| | Domain Name Service
| | General Hardware
| | Group Policy
| | Infrared
| | Internet Connections
| | Joystick
| | Keyboard
| | Modem
| | Mouse
| | MS-DOS� Operating
System Programs
| | Multimedia (including
games)
| | Network
Administration
| | Networking (TCP/IP)
| | PC Cards
| | Printer
| | Remote Access Server
(RAS)
| | Resource Conflicts
| | Sound
| | Startup/Shutdown
| | System Setup
| | Windows 3.x Programs
| | Windows Internet
Naming Service (WINS) |
| | Enhanced Help. The
Help system in Windows 2000 Professional
has been enhanced and expanded in many
ways. Based on feedback from Microsoft
customers and support groups worldwide,
Help coverage is now more thorough and
includes:
| Improved consistency
in terminology, style, and
organization.
| | More integrated
troubleshooters.
| | Streamlined Contents
tab.
| | Fewer levels.
| | Increased emphasis on
commonly used tasks.
| | Common Task Lists for
areas with more than 12-15 procedures.
| | More shortcuts for
starting components from Help.
| | Extensive use of
Related Topics links (hyperlinks).
| | Larger, more thorough
index.
| | A Web version of
online Help and the "Getting
Started" book. |
| | Balloon Help.
Windows 2000 Professional includes Balloon
Help, a new feature similar to tool tips
(the descriptions that appear by hovering
the cursor over an icon). Balloon Help
goes further by giving users additional
helpful information. For example, the
first time Personalized Menus appear, a
Balloon Help dialog tells users what to
expect. Balloon Help has been placed
throughout the system to help users more
easily discover many of the usability
enhancements in Windows 2000 Professional. |
Refined System Messages
Windows 2000 Professional
system messages, such as error messages, have
been modified to be more helpful to the
average user. Where possible, error messages
give users specific actions to take, rather
than just informing them that something went
wrong. Messages also list related tools and
Help topics that may prevent the error from
happening again. Many true error messages that
require user interaction and impact system
stability are distinguished from informational
messages. Many informational messages, if they
don�t impact the stability of the system,
will automatically timeout; in some cases they
have been eliminated.
Enhanced Deployment
Windows 2000 Professional
supports enhanced deployment in the enterprise
by giving administrators a variety of tools to
automate installation. The process of
upgrading from an earlier version of the
Windows operating system or applying a service
pack has also been streamlined.
Automated Installation
Enhancements
By creating automated
installation scripts, administrators can
eliminate the need to visit the desktop and
prevent users from having to answer questions.
Traditionally, scripts have been difficult to
create and required extensive research and
troubleshooting to work properly. Even the
most skilled script writers often could not
fully automate every aspect of setup because
not all setup functionality could be easily
scripted. For example, installing sound cards
could not be scripted.
Windows 2000 Professional
includes support for automated installation
scripts, including:
| Nearly every aspect of
installation can be scripted. Windows
2000 Professional supports keys that
permit it to easily script a complete
installation, including modems, sound
cards, time zones, and other areas
traditionally difficult to script. Windows
2000 Professional supports several new
tools that make it easier for
administrators to create unique systems,
such as setting static IP addresses or
using a list of machine names.2
| | Installation can be
completed with no user interaction.
Previously it was difficult to completely
hide installation options from users such
as the product ID page. Every aspect of
Windows 2000 Professional can be installed
without user interaction.
| | Easier to create
scripts. Using a new graphical tool,
called Setup Manager, administrators can
more easily create installation scripts.
Setup Manager takes care of many
traditionally challenging tasks, such as
using correct syntax and eliminates
typographical errors�mistakes that often
cause scripts to malfunction. Setup
Manager also includes the ability to
create or import UDF files, which are
files used to apply unique settings to
desktops, such as machine names and static
IP addresses.
| | Scripts are more
reliable. The setup process has been
improved so that it continues even if a
non-critical device (such as a modem) does
not install properly. Windows 2000
Professional also supports better
reporting mechanisms so administrators can
troubleshoot any installations that fail. |
Support for Disk Imaging
Disk imaging, often referred
to as "cloning," is the process of
creating a master image, preparing that image
for duplication using the Microsoft System
Preparation Tool, then duplicating that image
across multiple systems using a copying
utility such as Norton Ghost from Symantec or
PowerQuest DriveImage. Because the master
image includes the operating system,
applications and customizations, any system
that uses that image will be fully functioning
at first logon.3
Disk imaging is a very fast
method for deploying new systems and has
consequently become a favored method for
deployment. However, until now disk imaging
has suffered from several limitations. First,
a master image works only on identical (or
very nearly identical systems). This means
that an administrator cannot generally use the
same image even if the computers come from the
same manufacturer. Second, disk imaging
processes today do not do a good job of
integrating even typical post-installation
tasks, such as adding a computer to a domain.
Finally, because disk imaging overwrites all
of the existing files on a PC, disk imaging is
appropriate for new systems only (unless
administrators take efforts to save user
data).
Disk imaging support in
Windows 2000 Professional and specifically the
System Preparation Utility have been designed
to address these limitations. For example:
| Images can be used on
a wider variety of hardware. Because
Windows 2000 Professional supports
hardware detection and Plug and Play,
images can be used on systems with
different modems, display adapters and
other non-boot-critical hardware.4
| | Post-installation
tasks are now integrated. Automated
installation scripts are now an integrated
part of preparing a system. Administrators
can now perform the vast majority of
functions available with Setup Manager,
such as adding machine names from a
predetermined list, joining the computer
to an existing domain and adding
additional settings and components as part
of deployment. |
Remote Installation
Services
Remote Operating System
(Remote OS) Installation and IntelliMirror are
important change and configuration management
features included with Windows 2000
Professional and Windows 2000 Server. Remote
OS Installation allows systems administrators
to use the Pre-Boot eXecution Environment (PXE)-based
remote-boot technology and server-based
distribution software to install local copies
of Windows 2000 Professional on personal
computers throughout the enterprise. As soon
as Windows 2000 Professional is operational on
a PC, IntelliMirror can be used by network
administrators to provide policy-based
management of users' Windows 2000
Professional�based desktops, including data,
settings, and application software.
New desktop computers
connect to a Windows 2000-based server during
initial boot up, and then the server drives a
local installation of Windows 2000
Professional. This significantly simplifies
the task of installing the client operating
system throughout an organization.
Remote OS Installation uses
the PXE Dynamic Host Configuration Protocol (DHCP)�based
remote boot technology to initiate the
installation of an operating system from a
remote source to a client computer�s local
hard disk. The remote source�a server that
supports the Remote Installation Services (RIS)�provides
the network equivalent of a CD-based
installation of Windows 2000 Professional or a
pre-configured Remote Installation Preparation
(RIPrep) desktop image.5
Upgrade Paths
Windows 2000 Professional
has been designed to be the operating system
for users in businesses of any size. Companies
can upgrade to Windows 2000 Professional from
any of the following operating systems:
| Windows NT� Workstation
4.0 or Windows NT Workstation 3.51
| | Windows 98 or Windows 95 |
The upgrade process for each
of the operating systems can be automated and
in most cases will run smoothly. In addition,
administrators can use automated installation
scripts to augment the upgrade, such as to add
drivers that are not part of the standard
Windows 2000 Professional installation.
Services Pack Slipstreaming
In the past, administrators
were required to apply service packs after a
clean installation of the operating system and
after adding any applications to a machine.
Because Windows 2000 provides features to
integrate service packs with the operating
system, network administrators do not need to
reapply a service pack after making changes in
the system state. This saves companies
significant time, making it easier to upgrade
systems and add new applications. Windows 2000
Professional also offers significant
enhancements for deploying services packs in a
corporate environment.
Windows 2000 Professional
detects when a service pack has been applied
and detects which files and DLLs were
affected. As a result, the operating system
knows that some files may need to be applied
from the service pack or from the original
media. This eliminates the need to constantly
reapply service packs when the system state
changes. Service packs can also be applied to
shares of Windows 2000 for clean installs in a
process called slipstreaming.
Windows 2000 Professional
makes it significantly easier for
administrators to add service packs.
Previously service packs had to be installed
separately from the operating system
installation, Windows 2000 Professional
supports service pack slipstreaming, the
ability to add the service pack directly to
the Windows 2000 Professional distribution
share. With slipstreaming, users experience a
single install.
Windows 2000 Professional
also eliminates the need to reinstall
components that were applied before a service
pack was installed, making it easier to
install service packs on existing systems.
Before, when service packs were applied, many
previously installed components needed to be
reinstalled. In addition, services or
components installed after installing the
service pack will not require reinstalling the
service pack. Today, in some cases
administrators are required to reinstall
service packs after installing new components
because the installation can only install
files from the original distribution media.
With Windows 2000 Professional, new components
are able to draw files from both the original
distribution media and the service pack files.
Windows 2000 Professional
was designed to reduce the time it takes to
diagnose and correct problems. The Microsoft
System Information Utility provides a one-stop
location for support professionals to
troubleshoot problems. The Windows 2000
Professional Resource Kit utilities provide
administrators with powerful diagnostic tools.
Further information regarding the Resource Kit
is available from http://www.microsoft.com/windows2000/library/resources/reskit/default.asp.
Diagnostic Booting options make it possible to
boot in Safe Mode, including booting to a
command console. The Windows Update Web
resource provides administrators with a
frequently updated database of drivers. The
Microsoft Management Console (MMC) provides an
extensive framework for management
applications. New scripting capabilities and
the Windows Scripting Host make it easier for
administrators to correct problems. Support
for industry standards, such as Web-Based
Enterprise Management (WBEM), makes Windows
2000 Professional easier to support in almost
any environment.
Easier Problem
Identification and Resolution
Windows 2000 Professional
supports the tools that can help the
administrator identify problems with the
user�s system. Some of these tools ship as
part of the product and some are available in
the Windows 2000 Professional Resource Kit.
System Information Snap-in
Windows 2000 Professional
provides an enhanced tool to help support
personnel diagnose and correct problems.6
Called the Microsoft System Information
Utility, this utility collects and displays
configuration information. The System
Information tool is used to quickly find the
required data to resolve problems, including
information about hardware, system components,
and the software environment. More
specifically, the utility can be used to
gather information about the following.
| Hardware Resources.
Displays hardware resource settings such
as DMA, IRQs, I/O addresses and memory
addresses. A Conflicts Sharing section
identifies devices that are sharing
resources or are in conflict. This can
help identify problems with a device.
| | Components.
Displays information about the Windows
configuration and is used to determine the
status of device drivers, networking and
multimedia software.
| | Software Environment.
Displays a snapshot of the software loaded
into computer memory. This information can
be used to see if a process is still
running or to check version information. |
The System Information
utility also provides access to several key
support tools:
| Disk Cleanup
| | Dr. Watson
| | Network Connections
| | Add/Remove Hardware
Wizard
| | Backup Utility
| | Scan Disk
| | File Signature
Verification Utility. Verifies that
critical files have Microsoft digital
signature.
| | Windows Report Tool |
Resource Kit Tools
The Windows 2000
Professional Resource Kit includes critical
support tools that can help isolate, diagnose,
and, in some cases, repair problems. The
content is targeted at common support issues.
Tools available in the Resource Kit include:
| AdsiEdit. A
Microsoft Management Console (MMC) snap-in
that acts as a low-level editor for the
Active Directory� service. Through the
Active Directory Services Interfaces (ADSI),
it provides a means to add, delete, and
move objects within the Directory
Services. The attributes of each object
can be viewed, changed, and deleted.
| | Browstat. A
general purpose, character-based browser
diagnostic tool. Use Browstat to find out
whether a browser is running and to find
active Microsoft Windows for Workgroups
browsers in Windows NT�based domains.
This utility also provides information
about the state of the browser in a
workgroup, including the name of the
master browser.
| | Ldp. A graphical
tool that allows users to perform
Lightweight Directory Access Protocol (LDAP)
operations, such as connect, bind, search,
modify, add, and delete, against any LDAP-compatible
directory, such as Active Directory. LDAP
is an Internet-standard wire protocol used
by Active Directory.
| | Netdiag. A
command-line diagnostic tool that helps
isolate networking and connectivity
problems by performing a series of tests
to determine the state of your network
client and whether it is functional. These
tests and the key network status
information they expose give network
administrators and support personnel a
more direct means of identifying and
isolating network problems. Moreover,
because this tool does not require that
parameters or switches be specified,
support personnel and network
administrators can focus on analyzing the
output, rather than training users on tool
usage.
| | Dxdiag. A tool
that presents information about the
components and drivers of the Microsoft�
DirectX� API installed on your system.
Administrators or users can use it to test
sound and graphics output and disable some
hardware acceleration features. Users can
use DirectX Diagnostic Tool to gather
information for a technician during a
support call or to send information
gathered by the tool by pasting it into an
e-mail message.
| | Nltest. A
command-line tool that helps perform
administrative tasks such as forcing a
user-account database into sync, getting a
list of primary domain controllers,
forcing a shutdown, and querying and
checking on the status of trust.
| | DiskProbe. A
sector editor for Windows 2000
Professional. It allows a user with local
Administrator rights to directly edit,
save and copy data on the physical hard
drive that is not accessible in any other
way. DiskProbe is used to replace the
Master Boot Record, repair damaged
partition table information and to repair
or replace damaged Partition Boot Sectors
or other file system data. The program can
also save Master Boot Records and
Partition Boot Sectors as files. They can
then be replaced if the sectors become
damaged at a later time. These on-disk
data structures are not accessible through
the file system, and so are not saved by
any backup programs currently available.
| | Pptpclnt and
Pptpsrv.exe. Utilities that work in
unison to verify that the required
protocol and port for Point-to-Point
Tunneling Protocol (PPTP) is being routed
from a PPTP client to a PPTP server or
vice-versa. Note: This utility is not
meant to test the functionality of a PPTP
server or a PPTP client.
| | Memsnap. A memory
profiling tool that takes a snapshot of
the memory resources being consumed by all
running processes and writes this
information to a log file. |
Diagnostic booting options
For systems that will not
start properly, Windows 2000 Professional
supports a safe-mode options screen that will
be accessible from the initial boot loader by
pressing the F8 key. The safe-mode options
are:
| Safe Mode. This
option will load the basic devices and
drivers to start the system: mouse,
keyboard, Mass Storage, base video, and
the standard default set of system
services.
| | Safe Mode with
Networking. This option would load all
of the above, plus the essential services
and drivers needed to start networking.
| | Safe Mode with Command
Prompt. This is exactly the same as
safe mode, with the exception that a
command prompt is launched rather than
Windows Explorer.
| | Last-known Good
Configuration. This option would let
the user use the last-known good
configuration to boot their system.
| | Console boot.
Provides minimal boot with command line
access only. |
Windows Update
Users can download system
enhancements such as drivers, service packs
and new functionality that has been
specifically selected to work with their PCs
from Windows Update. Customers access Windows
Update through the Windows Update icon on the
Windows 2000 Professional Start menu. With
Windows Update, users can choose to scan their
PCs to receive a list of downloads that are
specific to their computer�s hardware and
software configuration.
Windows Update for Windows
2000 Professional extends this functionality
to the enterprise space. For IT managers who
want to closely control the types of updates
users download to their machines, Windows
Update offers a number of tools for managing
this process, including:
| Corporate IT Catalog.
Windows Update will provide a searchable
catalog of updates, drivers and more for
corporate IT managers. The IT manager will
be able to select which downloads are
available to users, download them to a
server behind a firewall, and make them
available over the intranet.
| | Disabling Windows
Update. It is possible to remove the
Windows Update icons that appear in the
Start menu. Disabling the icons prevents
users from accessing the Windows Update
site (http://windowsupdate.microsoft.com)
from anywhere within the Windows 2000
Professional product. |
Management Console
Microsoft Management Console
(MMC) is an extensible, common, remotable
console framework for management applications.
MMC does not supply any management behavior,
but instead provides a common environment for
Snap-Ins, written by Microsoft and ISVs.
Because snap-ins are ActiveX� controls,
administrators can create and combine
virtually any type of tool, either for other
administrators or for users. Many Windows 2000
Professional administrative tools are written
as MMC snap-ins.
Scripting Host
The Microsoft Windows
Scripting Host (WSH) is a language-independent
scripting host for 32-bit Microsoft Windows
operating system platforms. Microsoft provides
the Visual Basic� Scripting Edition
(VBScript) development system and Java Script
scripting engines with the Windows Scripting
Host. Microsoft anticipates that other
software companies will provide Microsoft
ActiveX scripting engines for other languages
such as Perl, TCL, REXX, and Python.
Scripts can be run directly
from the desktop simply by clicking on a
script file, or from the command console.
Because WSH is language-independent, it is
possible to use existing scripts, or to create
scripts with functionality available in other
languages, in the Windows 2000 Professional
environment.
New Scripting Commands
To help administrators
remotely manage systems, Windows 2000
Professional supports the ability to script
more features from the command line or run
command. Additional areas of scripting support
include:
| Computer Management
| | Printer Management
| | Page File
| | Service Management
| | Network Configuration
| | Device Management
| | Process Management
| | Thread Management
| | Event log management
| | User Management
| | Security
| | File system
| | Application Management |
System Instrumentation
Windows 2000 Professional
supports system instrumentation based on the
WBEM standard developed by the Desktop
Management Task Force. The Windows 2000
Professional implementation, known as Windows
Management Instrumentation (WMI), is a
kernel-level instrumentation technology that
provides a common way to report events.
Because WMI is extensible, hardware,
applications, and OS components can be
instrumented.7
WMI publishes information,
configures device settings, and supplies event
notification from device drivers. WMI is part
of the Win32� API Driver Model (WDM)
architecture; however, it has broad utility
and can be used with other types of drivers as
well (such as SCSI and NDIS). WMI distributes
the following data:
| Published data. A
standard set of WMI data will be built
into port or class drivers supplied in
Windows 2000 Professional.
| | Custom data.
Provided through OEM/IHV driver
extensions.
| | Secure data.
Provided through Windows 2000 security
descriptors for a designated usage.
| | Expensive data
(optional). Some data collection
activity can significantly affect the
performance of the driver; this data
should only be collected when the
management application specifically
requests it. By default, a driver will not
collect expensive data.
| | Event Notifications.
Event notification is a key feature of WMI,
allowing drivers to detect hardware events
or errors. An event can then be passed to
WBEM for corrective action based on the
specific event that occurred. For example,
a disk driver that has an abnormally high
amount of disk read/write errors sends an
event notification to a disk-management
utility. |
WMI also allows a management
application to configure a device. A
management application may need to reconfigure
a device based on a driver-raised event or the
data collected by the management application.
Windows 2000 Professional
provides enhanced support for management
software, including management capabilities
available in Windows 2000 Server through
Active Directory. Support for standards such
as WMI and WBEM ensure that a broader range of
tools can be used to manage Windows 2000
Professional. In addition, Windows 2000 Server
provides change and configuration management
through the IntelliMirror management
technologies.
IntelliMirror Management
Technologies
IntelliMirror describes the
set of capabilities that are possible when
Windows 2000 Professional and Windows 2000
Server are used together. The following is an
overview of IntelliMirror capabilities.
User Data Management
A Windows 2000 Professional
environment can significantly increase the
availability and protection for a predefined
set of folders, documents, and data (set
through Policy). For example:
| Increased protection.
A user's important documents are protected
because a mirrored copy is always kept on
the client and on the server (and
server-based copies are easier to back
up). To maximize performance and minimize
network traffic, both local and server
copies are opened but edits are made to
the local copy. As edits are made, Windows
2000 Professional uses a write-through
cache to keep the server copy current.
| | Increased availability.
Users can access their data�even if the
network goes down�by using the local
mirrored copy. Changes can be
automatically synchronized when the
network comes back.
| | Data follows the user
(roaming). Users can access their
important documents from any Windows 2000
Professional-based PC on the corporate
network by accessing the server mirrored
copy. To maximize performance, users can
have expanded choices on what information
to download, if any. Any changes are
automatically synchronized the next time
the person signs on to their primary
desktop computer. Windows 2000
Professional security prevents others from
viewing that information. |
Administrators have
significantly easier, more flexible ways to
manage user data. For example:
| Easier server-based
storage. Any folder can be redirected
to any server or combination of servers
using Distributed File System (Dfs)
technology. (By default, the My Documents
folder is automatically set to be
mirrored.) This makes it easy to group
together critical data for easy backup.
Changes to file storage locations are
transparent to users. Disk quotas can be
set on a per user/per volume setting to
manage how much disk space is available
for users.
| | Easier policy
management. Policy can be set for how
and where users can access documents, such
as a policy that users must always save
documents to a specific folder (for
example, My Documents). This policy will
follow users to any system. |
Software Installation and
Maintenance
In a Windows 2000-based
environment, users experience improved
application availability and reliability. For
example:
| Easier application
installation and upgrading. Using the
Add/Remove Programs Wizard, users can view
all of the available applications on the
corporate network. Administrators make
applications available as part of a
user�s profile.
| | Eliminate Unknown File
Type messages. When users open a file
created in an application that is not
installed on the machine, such as an
e-mail attachment, the system can
automatically go to the network
distribution point to install the
application. The system also checks to see
whether the user has permissions to access
the application before making it
available. Depending on the application
size, this procedure can be almost
transparent to the user.
| | Applications follow
the user. Because applications are
stored as part of a user�s profile,
users have easy access to their
applications when signing on to another
Windows 2000 Professional-based PC on the
corporate network. To maximize performance
and reduce network traffic, the
application installs only when it is
invoked�although it may appear as part of
the Start menu.
| | Fewer application
errors. If critical components of an
application change or become corrupted,
launching that application will
automatically begin a network search for
replacement files. |
A Windows 2000-based
environment makes it significantly easier to
manage applications from a centralized, remote
location. For example:
| Distributing
applications using Policies. Using the
new Application Deployment Editor�an MMC
snap-in that ships with Windows 2000
Server�administrators can set many
different policies, including installing,
upgrading, or removing applications, based
on users, machines, groups of users, and
groups of machines. Administrators can
choose between assigning (mandatory) and
publishing (available) applications to
users. New policies take effect the next
time a user logs on. |
User Settings Management
The combination of Windows
2000 Professional and Windows 2000 Server can
provide users with a familiar environment
wherever they want to access information.
Settings, such as Start menu items, key
shortcuts, Web favorites, desktop settings
(for example, wallpaper, fonts), and printer
paths can follow a user whether they are
offline or using another Windows 2000
Professional-based PC on the corporate
network. Users can also set different
preferences based on where they are accessing
information.
For administrators, the
combination of Windows 2000 Professional and
Windows 2000 Server makes it easier to define
specific computing environments for users and
computers without touching those desktops. In
addition to managing software and user
documents, administrators can use Group
Policies to define a wide range of settings
for individuals or groups of users and
machines, including:
| Desktop preferences.
Virtually anything related to the shell
(graphical user interface), such as access
to commands, network folders,
intranet/Internet HTTP/FTP sites, Web
shortcuts, desktop settings (including
favorites, colors, wallpaper, fonts, and
Start menu), Outlook� messaging client
mail store, and printers can be defined
using Group Policies. Group Policies can
also be used to set what follows the user,
what the user can change, preferences that
are specific to an application (for
example, a company-wide spell checker),
and scripts that run during log on, log
off, start up, and shutdown.
| | Security settings.
Administrators can determine what users or
computers can and cannot access by setting
Access Control Lists on files and
directories.
| | Delegated
administrative privileges. Group
Policies enable administrators to control
who can set permissions on files and
folders, publish items to Active
Directory, and create new groups. |
Remote Windows Installation
(for Machine Replacement)
When combined with
IntelliMirror capabilities, Remote Windows
Installation (see the section on Remote
Installation Services above for a more
detailed description) brings administrators
closer to the ideal of a fully replaceable PC.
This means that a user�s desktop
environment�including its operating system,
applications, documents, and desktop
settings�can be replicated with nothing more
than a valid user password and hardware that
supports this capability.
The combination of Remote
Windows Installation and IntelliMirror will
automatically restore elements defined through
policies. For example, if an administrator
sets a policy that users can install any
application, only applications that have been
set through that policy will be restored. In
other words, disaster recovery works within
the predefined, policy-set areas.
For the latest information
on Windows 2000 Server, check out our Web site
at http://www.microsoft.com/windows/2000
and the Windows NT Server Forum at http://computingcentral.msn.com/topics/windowsnt.
1Administrators
have the option of not enforcing Windows File
Protection.
2The full list of scriptable
parameters can be found on http://www.microsoft.com/windows.
3For more information on how disk
imaging works, please visit http://www.microsoft.com/ntworkstation.
4For using images on systems with
different boot-critical hardware, see the
Remote Installation Services section of this
document.
5Currently, the Windows 2000 Server
RIS feature supports installation of the
Windows 2000 Professional operating system on
client computers only.
6This tool is not exposed to end
users. To access the tool, type MSINFO32 from
the Run command.
7Data for the System Information
Snap-in comes from WMI.
|
|
|
|
|
�
2000 Microsoft Corporation. All rights reserved. Terms of
use.
|
|
|
|