Welcome to the premier installment of Watch Your RAS! Each month, I'll focus on a topic that is dear to the hearts of many Windows NT users: NT's Remote Access Service (RAS). I'll discuss hardware- and software-related RAS topics, and offer tips to help you get the most from your NT RAS servers and clients. Also, I'll keep you up-to-date on the coolest new RAS products.
This month, Watch Your RAS focuses on the long-awaited NT 4.0 Service Pack 4 (SP4). You're probably aware that SP4 includes SP3 and all the post-SP3 hotfixes. However, what you might not know is that SP4 also contains several fixes specific to RAS and RAS-related features, such as Point-to-Point Tunneling Protocol (PPTP) and Routing and Remote Access Service (RRAS). If you've found the many RAS-related woes in previous NT builds troublesome, SP4 is a godsend.
The Woes We've Known
If you've used RAS extensively under NT 4.0, you must have run into a RAS-related bug that has driven you crazy. For example, has your RAS server captured all available Dynamic Host Configuration Protocol (DHCP) addresses from your DHCP server? This problem results from mobile NT clients (e.g., laptops) that configure RAS as both a client and a server. The RAS server in these circumstances fails to remember previous IP address allocations it obtained from the DHCP server on successive reconnections or restarts. This memory lapse creates a leak in the pool of available DHCP addresses. Because mobile users regularly connect to and disconnect from the network, the leak can rapidly dry up the DHCP lease pool. This problem has forced some of my clients to implement ridiculously short lease durations as a workaround. Some clients revert to the undesirable solution of using static IP address pools for RAS clients. Microsoft addresses this problem in SP4; however, to resolve the problem, you must install SP4 on all your mobile NT 4.0 RAS-configured clients and your DHCP servers.
You might have encountered another problem: Your RAS clients run very slowly on the first attempt to connect to remote server shares. This mystery bug results from a problem with RAS clients that use LMHOSTS files to resolve the names of the servers that house the shares in question.
SP4 fixes many other RAS-related problems, such as RAS client-logon domain controller authentication problems and Telephony API (TAPI) dialing problems. SP4 includes solutions for PPTP and RRAS STOP errors and several PPTP and RRAS hotfix revision problems.
Cures for Your RAS Ills
A great new fix that Microsoft introduces in SP4 is the Remote Access Account Lockout Manager (RAALM). This handy addition provides a solution for failed RAS logons that lock out a user account from LAN access (this problem is especially problematic with accounts shared by many users). RAALM offers two account lockout parameters: one parameter for RAS privileges and one parameter for the user account. This configuration lets you revoke RAS dial-in privileges without completely locking out the account.
In addition, SP4 rolls together several fixes related to the coexistence of RRAS, Internet Explorer (IE), NT 4.0 Option Pack, and Proxy Server on one machine. Previously, these fixes existed independently and required separate installation. (To appreciate this SP4 addition, check out the Microsoft article "Coexistence of RRAS, Internet Explorer, Option Pack, and Proxy," http://support.microsoft.com/support/kb/articles/q183/5/37.asp.)
The readme.txt file that accompanies SP4 is another great addition. The information in this file describes the solutions to RAS-related problems and explains why the problems occurred. Many of the Microsoft articles that the readme.txt file references mysteriously appeared simultaneously with SP4. Although I appreciate the fixes and articles, Microsoft might have released some of these goodies sooner.
Until Next Time...
Thanks for tuning in, and be sure to stop by next month as we continue our adventures. Next, Watch Your RAS explores another software update that is a boon for both RAS administrators and users—the RAS Connection Manager.