Exam 70-210 - Installing, Configuring, and Administering Microsoft Windows 2000 Professional

Installing Windows 2000 Professional:

Requirements:

Attended installations:

Command line switches for winnt.exe:

Modifying Setup using winnt32.exe:

Unattended installations:

• Unattended installations rely on an answer file to provide information to provide information during setup process that is usually provided through manual user input. (KB# Q183245)
• Answer files can be created manually using a text editor or by using the Setup Manager Wizard (SMW) (found in the Windows 2000 Resource Kit Deployment Tools).
• SMW allows for creation of a shared Distribution Folder and OEM Branding
• If you had a CD in drive D: and an unattended installation answer file named salesans.txt in C:\, you could start your install with this command: D:\i386\winnt32 /s:d:\i386 /unattend:c:\salesans.txt (KB# Q216258)
• There are five levels of user interaction during unattended installs:
  1. Provide Defaults - Administrator supplies default answers and user only has to accept defaults or make changes where necessary.
  2. Fully Automated - Mainly used for Win2000 Professional desktop installs. User just has to sit on their hands and watch.
  3. Hide Pages - Users can only interact with setup where Administrator did not provide default information. Display of all other dialogs is supressed.
  4. Read Only - Similar to above, but will display information to user without allowing interaction to pages where Administrator has provided default information.
  5. GUI Attended - Only used for automating the second stage of setup. All other stages require manual input.

Remote installations:

• Only supports installation of Windows 2000 Professional at this time.
• Requires the presence of a Windows 2000 Remote Installation Services (RIS) server. Following services are also needed on the network; DNS (for locating directory service and client computer accounts), DHCP (to get an IP address), and Active Directory (to locate RIS servers). (KB# Q239004)
• RIS must be mounted on a shared hard drive volume, but not the same volume that is running Windows 2000 Server and must be formatted with NTFS.
• Shared volume must be large enough to hold RIS as well as numerous Windows 2000 Professional drive (RIPRep) images.
• RIPRep images can have applications pre-installed. Unique identifiers are like SIDs are stripped from RIPRep images as they are generated.
• Uses .SIF files - variation of unattend.txt files.
• Once RIS is installed on the server and the service is running, use the Remote Boot Disk Generator (RBFG.EXE) to create remote installation boot disks. These floppies only support the PCI-based network adapters that can be selected by using the "Adapter List" button. Alternately, if the client system has a PXE based NIC or is a NetPC, you don't need a boot floppy.
• Client computers can have differing hardware configurations so long as they use the same Hardware Abstraction Layer (HAL)  (KB# Q228908)
• Run riprep.exe to start the RIS Wizard.

Working with SYSDIFF:

• Used for installing applications, usually in conjuction with an unattended installation. SYSDIFF allows you to take a snapshot of your machine's original state, install applications, and then package all of these changes into a single file which can be applied to other machines.
• Install your baseline system first. Then take a snapshot of it before installing any applications. Syntax is: sysdiff /snap snap_file
• Next install desired applications on target system. Use the SYSDIFF tool to create a difference file. Syntax is: sysdiff /diff snap_file diff_file
• You can now apply your difference file to the target system(s). Syntax is: sysdif /apply \\setupserver\w2k\diff_file

System preparation tool (SYSPREP.EXE): (KB# Q240126)

• Removes the unique elements of a fully installed computer system so that it can be duplicated using imaging software such as Ghost or Drive Image Pro. Avoids the NT4 problem of duplicated SIDS , computer names etc. Installers can use sysprep to provide and answer file for "imaged" installations.
• Must be extracted from DEPLOY.CAB in the \support\tools folder on the Windows 2000 Professional CD-ROM.
• Adds a mini-setup wizard to the image file which is run the first time the computer it is applied to is started. Guides user through re-entering user specific data. This process can be automated by providing a script file. (KB# Q196667)
• Use Setup Manager Wizard (SMW) to create a SYSPREP.INF file. SMW creates a SYSPREP folder in the root of the drive image and places sysprep.inf in this folder. The mini-setup wizard checks for this file when it runs.
• Specifying a CMDLINES.TXT file in your SYSPREP.INF file allows an administrator to run commands or programs during the mini-Setup portion of SYSPREP. (KB# Q238955)
• Available switches for sysprep.exe are: /quiet (runs without user interaction), /pnp (forces Setup to detect PnP devices), /reboot (restarts computer), and /nosidgen (will not regenerate SID on target computer).

Upgrading from a previous version: (KB# Q232039)

• Run winnt32.exe to upgrade from a previous version of Windows. (KB# Q199349)
• Windows 2000 will upgrade and preserve settings from the following operating systems: Windows 95 and 98 (all versions), Windows NT Workstation 3.51 and 4.0, and Windows NT 3.1 or 3.5 (must be upgraded to NT 3.51 or 4.0 first, then Professional).
• Upgrade installations from a network file share are not supported in Windows 2000 (this *can* be done, but only by using SMS). You must either do a CD-based upgrade or perform a clean installation of Windows 2000 and re-install needed applications.
• Because of registry and program differences between Win95/98 and 2000, upgrade packs (or migration DLLs) might be needed. Setup checks for these in the \i386\Win9xmig folder on the Windows 2000 CD-ROM or in a user specified location. (KB# Q231418)
• Run winnt32 /checkupgradeonly to check for compatible hardware and software. Generates a report indicating which system components are Windows 2000 compatible. Same as running the chkupgrd.exe utility from Microsoft's site.
• All operating system files associated with Windows 95/95 will be deleted after an upgrade. (KB# Q228986)

Troubleshooting failed installations:

Implementing and Conducting Administration of Resources:

Choosing a file system:

• NTFS provides optimum security and reliability through it's ability to lock down individual files and folders on a user by user basis. Advanced features such as disk compression, disk quotas and encryption make it the file system recommended by 9 out of 10 MCSEs. (KB# Q244600)
• FAT and FAT32 are only used for dual-booting between Windows 2000 and another operating system (like DOS 6.22, Win 3.1 or Win 95/98). (KB# Q184006)
• Existing NT 4.0 NTFS system parition will be upgraded to Windows 2000 NTFS automatically. If you wish to dual-boot between NT4.0 and 2000 you must first install Service Pack 4 on the NT4.0 machine. This will allow it to read the upgraded NTFS partition, but advanced features such as EFS and Disk Quotas will be disabled. (KB# Q197056 & Q184299)
• Use convert.exe to convert a FAT or FAT32 file system to NTFS. NTFS partitions cannot be converted to FAT or FAT32 - the partition must be deleted and recreated as FAT or FAT32 (KB# Q156560 & Q214579)
• You cannot convert a FAT partition to FAT32 using convert.exe. (KB# Q197627)

NTFS file and folder permissions: (KB#S Q183090, Q244600)

Windows File Protection Feature (WFP): (KB# Q222193)

• New to Windows 2000 - prevents the replacement of certain monitored system files (important DLLs and EXEs in the %systemroot%\system32 directory).
• Uses file signatures and code signing to verify if protected system files are the Microsoft versions.
• WFP does not generate signatures of any type.
• Critical DLLs are restored from the %systemroot%\system32\dllcache directory. Default maximum size for Professional is 50MB. This can be increased by editing the Registry. (KB# Q229656)

Local and network print devices:

• Windows 2000 Professional supports the following printer ports: Line Printer (LPT), COM, USB, IEEE 1394, and network attached devices.
• Print services can only be provided for Windows and UNIX clients on Windows 2000 Professional (KB# Q124734)- Windows 2000 Server is required to support Apple and Novell clients.
• Windows 2000 Professional automatically downloads the printer drivers for clients running Win2000, WinNT 4, WinNT 3.51 and Windows 95/98. (KB# Q142667)
• Internet Printing is a new feature in Windows 2000. You have the option of entering the URL where your printer is located. The print server must be a Windows 2000 Server running Internet Information Server or a Windows 2000 Professional system running Personal Web Server - all shared printers can be viewed at: http://servername/printers
• Print Pooling allows two or more identical printers to be installed as one logical printer.
• Print Priority is set by creating multiple logical printers for one physical printer and assigning different priorities to each. Priority ranges from 1, the lowest (default) to 99, the highest.
• Enabling "Availability" option allows Administrator to specify the hours the printer is available.
• Use Separater Pages to separate print jobs at a shared printer. A template for the separater page can be created and saved in the %systemroot%\system32 directory with a .SEP file extension. (KB# Q102712)
• You can select Restart in the printer's menu to reprint a document. This is useful when a document is printing and the printer jams. Resume can be selected to start printing where you left off.
• You can change the directory containing the print spooler in the advanced server properties for the printer. (KB# Q123747)
• To remedy a stalled spooler, you will need to stop and restart the spooler services in the Services applet in Administrative Tools in the Control Panel. (KB# Q240683 &
• Use the fixprnsv.exe command-line utility to resolve printer incompatibility issues. (KB# Q247196)

Managing file systems: (KB# Q222189)

Implementing, Managing, and Troubleshooting Hardware Devices and Drivers:

Miscellaneous:

• Windows 2000 now fully supports Plug and Play. (KB# Q133159)
• Use the "System Information" snap-in to view configuration information about your computer (or create a custom console focused on another computer - powerful tool!!).
• "Hardware Resources" under System Information allows you to view Conflicts/Sharing, DMAs, IRQs, Forced Hardware, I/O and Memory.
• Hardware is added and removed using the "Add/Remove Hardware" applet in the Control Panel (can also be accessed from Control Panel > System > Hardware > Hardware Wizard).
• All currently installed hardware is managed through the "Device Manager" snap-in.
• To troubleshoot a device using Device Manager, click the "Troubleshoot" button on the General tab.

Disk devices:

• Managed through "Computer Management" under Control Panel > Administrative tools or by creating a custom console and adding the "Disk Management" snap-in. Choosing the "Computer Management" snap-in for your custom console gives you the following tools: Disk Management, Disk Defragmenter, Logical Drives and Removable Storage. There is a separate snap-in for each of these tools except for Logical Drives.
• Using Disk Management, you can create, delete, and format partitions as FAT, FAT32 and NTFS. Can also be used to change volume labels, reassign drive letters, check drives for errors and backup drives.
• Defragment drives by using "Disk Defragmenter" under "Computer Management" or add the "Disk Defragmenter" snap-in to your own custom console. (KB# Q227463)
• Removable media are managed through the "Removable Media" snap-in.

Display devices:

• Desktop display properties (software settings) are managed through the Display applet in Control Panel.
• Display adapters are installed, removed and have their drivers updated through "Display Adapters" under the Device Manager.
• Monitors are installed, removed, and have their drivers updated through "Monitors" under the Device Manager.
• Windows 2000 Professional supports multiple monitors running concurrently.

Mobile computer hardware:

• PCMCIA (PC Card) adapters, USB ports, IEEE 1394 (FireWire), and Infrared devices now supported. These are managed through Device Manager.
• Hot (computer is fully powered) and warm (computer is in suspend mode) docking and undocking are now fully supported for computers with a PnP BIOS.
• Support is provided for Advanced Power Management (APM) and Advanced Configuration and Power Interface (ACPI). (KB# Q242495)
• Hibernation (complete power down while maintaining state of open programs and connected hardware) and Suspend (deep sleep with some power) modes are now supported, extending battery life.
• When a PC Card, USB or Infrared device is installed, Windows 2000 will automatically recognize and configure it (if it meets PnP specifications). If Windows does not have an entry in its driver base for the new hardware, you will be prompted to supply one.
• Equipping mobile computers with SmartCards and Encrypting File System decreases the likelihood of confidential corporate data being compromised if the computer is stolen or lost.
• Use hardware profiles for mobile computers. Accessed through Control Panel > System applet > Hardware tab > Hardware Profiles. Multiple profiles can be created and designated as a docked or undocked portable computer.

Input and output (I/O) devices:

• Keyboards are installed under "Keyboards" in Device Manager.
• Mice, graphics tablets and other pointing devices are installed under "Mice and other pointing devices" in Device Manager.
• Troubleshoot I/O resource conflicts using the "System Information" snap-in. Look under Hardware Resources > I/O for a list of memory ranges in use.

Updating drivers:

• Drivers are updated using Device Manager. Highlight the device, right-click and choose Properties. A properties dialog appears. Choose the Drivers tab and then the Update Driver... button.
• Microsoft recommends using Microsoft digitally signed drivers whenever possible. (KB# Q244617)
• The Driver.cab cabinet file on the Windows 2000 CD contains all of the drivers the OS ships with. Whenever a driver is updated, W2K looks here first. The location of this file is stored in a registry key and can be changed: HKLM\Software\Windows\CurrentVersion\Setup\DriverCachePath  (KB# Q230644)
• The Driver Verifier is used to troubleshoot and isolate driver problems. It must be enabled through changing a Registry setting. The Driver Verifier Manager, verifier.exe, provides a command-line interface for working with Driver Verifier. (KB# Q244617)

Managing/configuring multiple CPUs:

• Adding a processor to your system to improve performance is called scaling. Typically done for CPU intensive applications such as CAD and graphics rendering.
• Windows 2000 Professional supports a maximum of two CPUs. If you need more consider using Windows 2000 Server (up to 4 CPUs), Advanced Server (up to 8 CPUs) and Datacentre Server (maximum of 32 CPUs).
• Windows 2000 supports Symetric Multiprocessing (SMP). Processor affinity is also supported. Asymetric Multiprocessing (ASMP) is not supported.
• Upgrading to multiple CPUs might increase the load on other system resources.
• Update your Windows driver to convert your system from a single to multiple CPUs. This is done through Device Manager > Computer > Update Driver. (KB# Q234558)

Install and manage network adapters:

• Adapters are installed using the Add/Remove Hardware applet in Control Panel
• Change the binding order of protocols and the Provider order using Advanced Settings under the Advanced menu of the Network and Dial-up Connections window (accessed by right-clicking on My Network Places icon)
• Each network adapter has an icon in Network and Dial-up connection. Right click on the icon to set it's properties, install protocols, change addresses, etc.

Troubleshooting the boot process:

Monitoring and Optmizing System Performance and Reliability:

Driver signing: (KB# Q224404)

Task scheduler: (KB# Q235536 & Q226262)

• used to automate events such as batch files, scripts and system backups
• tasks are stored in the Scheduled Tasks folder in Control Panel
• running task with a user name and password allows an account with the required rights to perform the task instead of an administrative account
• set security for a task by group or user

Using offline files:

Performance Console: (KB# Q146005)

• Important objects are cache (file system cache used to buffer physical device data), memory (physical and virtual/paged memory on system), physicaldisk (monitors hard disk as a whole), logicaldisk (logical drives, stripe sets and spanned volumes), and processor (monitors CPU load)
• Processor - % Processor Time counter measure's time CPU spends executing a non-idle thread. If it is continually at or above 80%, CPU upgrade is recommended
• Processor -  Processor Queue Length - more than 2 threads in queue indicates CPU is a bottleneck for system performance
• Processor - % CPU DPC Time (deferred procedure call) measures software interrupts.
• Processor - % CPU Interrupts/Sec measures hardware interrupts. If processor time exceeds 90% and interrupts/time exceeds 15%, check for a poorly written driver (bad drivers can generate excessive interrupts) or upgrade CPU.
• Logical disk - Disk Queue Length - If averaging more than 2, drive access is a bottleneck. Upgrade disk, hard drive controller, or implement stripe set
• Physical disk - Disk Queue Length - same as above
• Physical disk - % Disk Time- If above 90%, move data/pagefile to another drive or upgrade drive
• Memory - Pages/sec - more than 20 pages per second is a lot of paging - add more RAM
• Memory - Commited bytes - should be less than amount of RAM in computer
• diskperf command for activating disk counters is not supported in Windows 2000

Performance Alerts and Logs: (KB# Q244640)

• Alert logs are like trace logs, but they only log an event, send a message or run a program when a user-defined threshold has been exceeded
• Counter logs record data from local/remote systems on hardware usage and system service activity
• Trace logs are event driven and record monitored data such as disk I/O or page faults
• By default, log files are stored in the \Perflogs folder in the system's boot partition
• Save logs in CSV (comma separated value) or TSV (tab separated value) format for import into programs like Excel
• CSV and TSV must be written all at once, they do not support logs that stop and start. Use Binary (.BLG) for logging that is written intermittantly
• Logging is used to create a baseline for future reference

Virtual memory/Paging file:

• Recommended minimum paging file size is 1.5 times the amount of RAM installed. A system with 64 MB should have a 96 MB page file. Maximum page file size should not exceed 2.5 times the amount of RAM installed
• Set through Control Panel > System applet > Advanced tab > Performance Options > Change
• The most efficient paging file is spread across several drives, but is not on the system or boot partitions. (KB# Q123747)
• Maximum registry size can also be changed through the Virtual Memory dialog box

Hardware profiles:

• Created to store different sets of configuration settings to meet a users different needs (usually used with portables) such as whether a computer is docked or undocked.
• User selects the desired profile at Windows 2000 startup
• Profiles are created through Control Panel > System applet > Hardware tab > Hardware Profiles
• Devices are enabled and disabled in particular profiles through their properties in the Device Manager snap-in

Data recovery:

• Windows 2000 Backup is launched through Control Panel > System applet > Backup or by running ntbackup from the Start menu (KB# Q241007)
• Users can back up their own files and files they have read, execute, modify, or full control permission for
• Users can restore files they have write, modify or full control permission for
• Administrators and Backup Operators can backup and restore all files regardless of permissions

The Windows 2000 Registry:

Secondary Logon Service (Run As): (KB# Q225035)

• Similar to the SU (Super User) command in UNIX
• Used to test setting using a particular user account while logged in with a different account
• Select the application icon using a single left-click, hold down the Shift key and right-click the icon. When the pop-up menu appears, click Run As. This brings up a dialog box titled "Run program as other user" - enter your credentials and click OK

Configuring and Troubleshooting the Desktop Environment:

User profiles:

• Is a collection of data and folders that store the user's desktop environment and application settings along with personal data.
• When a user logs onto a client computer running W2K Pro, he/she always receives his/her individualized desktop settings and all of their network connections regardless of how many users share the same computer.
• A user can change their user profile by changing their desktop settings - when they log off, Windows 2000 incorporates the changes into their user profile.
• Setting a profile as mandatory forces Windows to discard any changes made during the session so the next time the user logs on, the session remains unchanged from their last login.
• User profiles are stored in the %systemroot%\Documents and Settings\%username% folder.
• Roaming profiles are used in Windows 2000 domains for users who move from one computer to another but require a consistent desktop environment.

Multiple languages and locations:

Changed through the Regional Options applet in Control Panel. Open Region Options and click Input Locale tab to add more locales. Check each locale or language you want your system to support. (KB# Q177561)

On the Regional Options applet General tab, scroll through the items in the box labelled "Your System is Configured to Read and Write Documents in Multiple Languages" to see the available languages as well as the current default.

Using Microsoft Installer Packages: (KB# Q242479)

• Recognized by their .MSI extension.
• Integrates software installation into Windows 2000 so that it is now centrally controlled, distributed, and managed from a central-point.
• Completely integrated with Active Directory's Group Policies.
• You can assign or publish software packages. Software that is published has a shortcut appear on a user's Start > Programs menu, but is not installed until the first time they use it. Assigned software is installed the next time the user logs on regardless of whether or not they run it.
• Software package is installed on a Windows 2000 Server in a shared directory. A Group Policy Object (GPO) is created. Behavior filters are set in the GPO to determine who gets the software. Then add the package to the GPO under User Configuration > Software Settings > Software Installation (this is done on the server). You are prompted for a publishing method - choose it and say OK.
• Non-MSI programs are published as .ZAP files. They cannot take advantage of MSI features such as elevated installation priveleges, rolling back an unsuccessful installation, install on first use of software or feature, etc. (KB# Q231747)

Configure and troubleshoot desktop settings:

Fax support:

• If a fax device (modem) is installed, the Fax applet appears in Control Panel. Does not appear when no fax device installed
• If the Advanced Options tab is not available in the Fax applet log off then log back on as Administrator
• Use the Fax applet to setup rules for how device receives faxes, number or retries when sending, where to store retrieved and sent faxes, user security permissions, etc.
• The Fax printer in your printer folder cannot be shared

Accessibility services: (KB# Q210894)

• StickyKeys allows you to press multiple key combinations (CTRL-ALT-DEL) one key at a time
• FilterKeys tells the keyboard to ignore brief or repeated keystrokes
• SoundSentry displays visual warnings when your computer makes a sound (for aurally impaired)
• ShowSounds forces programs to display captions for the speech and sounds they make
• MouseKeys lets you control the mouse pointer with the numeric keypad
• Magnifier magnifies a portion of the desktop (for visually impaired) - available during GUI phases of OS installation (KB# Q231843)
• Narrator reads menu options aloud using speech synthesis (for visually impaired) - available during GUI phases of OS installation.

Implementing, Managing, and Troubleshooting Network Protocols and Services:

TCP/IP protocol:

NWLink (IPX/SPX) and NetWare Interoperability: (KB# Q220872)

• NWLink (MS's version of the IPX/SPX protocol) is the protocol used by NT to allow Netware systems to access its resources. (KB# Q203051)
• NWLink is all that you need to run in order to allow an NT system to run client/server applications from a NetWare server.
• To allow file and print sharing between NT and a NetWare server, CSNW (Client Services for NetWare) must be installed on the NT system. In a Netware 5 environment, the Microsoft client does not support connection to a Netware Server over TCP/IP. You will have to use IPX/SPX or install the Novell NetWare client. (KB# Q235225)
• W2K Setup upgrades all Intel x86 based computers running version 4.7 or earlier of a Novell client to version 4.51. (KB# Q218158)
• Gateway Services for NetWare can be implemented on your NT Server to provide a MS client system to access your NetWare server by using the NT Server as a gateway. (KB# Q121394 & Q220872)
• Frame types for the NWLink protocol must match the computer that the NT system is trying to connect with. Unmatching frame types will cause connectivity problems between the two systems.
• When NWLink is set to autodetect the frame type, it will only detect one type and will go in this order: 802.2, 802.3, ETHERNET_II and 802.5 (Token Ring).
• Netware 3 servers uses Bindery Emulation (Preferred Server in CSNW). Netware 4.x and higher servers use NDS (Default Tree and Context.)
• There are two ways to change a password on a netware server - SETPASS.EXE and the Change Password option (from the CTRL-ALT-DEL dialog box). The Change Password option is only available to Netware 4.x  and higher servers using NDS.

Other protocols:

• DLC is a special-purpose, non-routable protocol used by Windows 2000 to talk with IBM mainframes, AS400s and Hewlett Packard printers.
• Appletalk must be installed to allow Windows 2000 Professional to communicate with Apple printers. Do not confuse this with File and Print Services for Macintosh which allow Apple Clients to use resources on a Microsoft Network (only available on Server).
• NetBEUI is used soley by Microsoft operating systems and is non-routable (it is broadcast-based)

Remote Access Services (RAS):

Dial-up networking:

• Microsoft technical documentation generally refers to dial-up networking when describing outbound connections. Inbound connections are usually associated with Remote Access Services (RAS).
• All new connections are added using the "Make New Connection" wizard.
• To create a VPN connection, choose Dial-Up To A Private Network Through The Internet, specify whether you need to establish a connection with an ISP first, enter the host name or IP address of the computer/network you are connecting to, and select whether connection is for yourself or all users.
• Dial-up networking entries can be created for modem connections, LAN connections, direct cable connections and Infrared connections.
• PPP is generally prefered because it supports multiple protocols, encryption, and dynamic assignment of IP addresses (KB# Q124036). SLIP is an older protocol that only supports TCP/IP and is used for dialing into legacy UNIX systems.
• All network connections, inbound and outbound, are represented by separate icons under Dial-up networking and properties, protocols, addresses and services can be individually configured for each.

Using shared resources on a Microsoft Network: