\[Editor's Note: Share your NT discoveries, comments, experiences with products, problems, and solutions and reach out to other Windows NT Magazine readers (including Microsoft). Email your contributions (400 words or less) to Lavon Peters at lavon@winntmag.com. Please include your phone number. We will edit submissions for style, grammar, and length. If we print your letter, you'll get $100.\]
The Windows GUI is full of columns (e.g., the Details column in Explorer or the columns in an Excel spreadsheet) that, at times, display only part of their information. Although you can manually resize the columns to fit in all the data, you can quickly resize columns to accommodate the widest cell or list item.
To make the column width fit the contents of the columns, double-click the boundary to the right of the column heading (i.e., where you manually resize the column). This spot is where your cursor turns into a vertical line with an arrow pointing outward on each side.
This resizing technique seems to work in all Windows programs, although not always in the same way. The technique usually resizes the column according to the widest data item, but sometimes it resizes according to the column header. I have tested this technique in Windows NT 4.0 and Windows 95 only.
—Gilford Grijt
i.grijt@cc.ruu.nl
Watch Out for Unwanted Connections
I have a home office with Windows NT Server 4.0 and NT Workstation 4.0, Service Pack 3 (SP3). I'm connected to my company's main LAN and the Internet via an Ascend Pipeline 25-Px ISDN router with a dial-on-demand connection. On my phone bill recently, I noticed that I was being charged for more phone connections than I thought I made. But the phone company wasn't at fault; my system was. When I checked the dial-in logs of the remote router, I discovered up to 100 connections a day, although I typically went online only about 10 times a day. I discovered several reasons for the extra online connections.
Extra connections occurred when I logged on to the workstation (no reboot, just a simple logon). Before having the router, I used a modem and Remote Access Service (RAS) for Internet access. I never removed the service, so at every logon, the Remote Access Autodial Manager used the default gateway to try to connect to several sites listed in the Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RasAuto. To stop these extra connections, I simply disabled the Remote Access Autodial Manager service.
Extra connections occurred when I used Microsoft Word 97. It stores document templates as Uniform Naming Convention (UNC) filenames, so whenever I opened a document that someone else created at a different location, Word accessed the template on the original server. Office 97 SR1 offers a Registry key to disable the use of UNC names. Although disabling this key works for most paths in Word, it doesn't work for the template path. Instead, I now clear the template path whenever I transfer a document from a remote location.
Extra connections occurred because some pages on one of my public Web sites had links to my test server at home. This problem was easy to fix. I simply removed those links.
Extra connections occurred every time I rebooted the server. NT's Network Monitor revealed that no more packets were going to the router anymore, but the router still went online when I rebooted. This problem remained even after I disconnected the network cable between the server and the router. I discovered the problem had to do with Pipeline 25. To configure Pipeline 25, you use a serial cable and a terminal program. Whenever the server starts, it sends a signal to all ports. For some reason, Pipeline 25 opens a connection on my machine. To stop these extra connections, I now keep the serial cable disconnected. I connect the cable only when I have to configure the router, which rarely happens.
Despite my efforts, I still have a few extra connections. The remaining connections are broadcast packets looking for MYGROUP. They originate from a customer in the same Class-C network. The customer is running a single Primary Domain Controller (PDC) connected to the Internet via an ISDN card. If the customer manually opens an online connection when a browser broadcast occurs (usually every 12 minutes), packets are sent to my server. Although the customer changed several settings on the remote server and set the MasterPeriodicity value to 19 days in HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Browser\Parameters, the broadcasts continue. I found out that the frequency of this problem increases if both sites are in the same domain and both sites have Windows Internet Naming Service (WINS), Domain Name System (DNS), and Backup Domain Controller (BDC) servers.
If you're using a router with dial-on-demand and you have to pay for the phone bill, you need to make sure you have no unwanted connections. If you do, at least you now know where to start looking to track down their source.
—Peter Hahndorf
pete@optinet.de
Follow Safe Internet Practices
My last trip around the Internet because of a supposed Active Server Pages (ASP) bug shows the importance of reading and following safe Internet practices. The excitement started with an email from a friend warning me of the ASP security leak, ::$DATA. Supposedly, you could use ASP to read confidential credit card information. My previous experience with Windows NT has been that its security is frustratingly solid if you follow recommended guidelines. Thus, I wanted proof of this bug.
My friend provided me with an example site, and I visited it. I was able to reveal the ASP code. I asked my friend whether he had turned off Read permissions on the directory. He assured me that he had disabled it. So I had someone visit one of my company's internal sites. That person encountered the Access denied message. I advised my friend to check his directory permissions again. Sure enough, he discovered that Read permissions were enabled.
You cannot read ASP code if you disable Read permissions on the folder. In a development environment, you probably want to enable Read and Execute permissions. In a production environment, you definitely want to disable Read and Execute permissions.
Securing an NT server isn't complicated. Microsoft documentation tells customers how to follow safe Internet practices. Although going over directory permissions is tedious, it's absolutely essential.
—Deborah Hughes
hughed2@tdbank.ca
How to Optimize WINS Network Traffic
For every NetBIOS name that you register with a Windows Internet Naming Service (WINS) server, the registration at client startup will take two frames. Although two frames might not sound too bad, the frames add up quickly. You'll use two frames for renewal (every 3 days by default), two frames for name resolution every time you attempt to access the server with another computer, and two frames to release the name when the service or client stops. If you want to reduce this network traffic, here are some techniques you can try.
The first traffic reduction method is to disable unnecessary network services. Services that support NetBIOS automatically register with WINS. So if you never use a particular service but leave it enabled, you're creating unnecessary network traffic.
The second traffic reduction method is to change the length of time the NetBIOS name stays in the name cache. By default, after WINS resolves a NetBIOS name, the name stays in the cache for 10 minutes (600,000 milliseconds). If you increase this value, WINS makes fewer resolution attempts for frequently used names. To increase the value, go to the Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\CacheTimeout. The default value is 600,000. What you increase the value to is your preference.
The third traffic reduction method is to use the LMHOSTS file. LMHOSTS uses a static ASCII text file to resolve NetBIOS names into IP addresses. For a server that users frequently access, you can preload the server's entry from the LMHOSTS file into the NetBIOS name cache. Preloading eliminates network traffic during name resolution, because the name is permanently in the NetBIOS name cache. One word of caution about using the LMHOSTS file: The LMHOSTS file is not dynamic like WINS. As a result, if you bring a new server online, you need to manually add its entry to the LMHOSTS file.
One traffic reduction method that I don't recommend is to adjust the renewal rate, or Time to Live (TTL), of registered names. WINS renewal doesn't generate much traffic, so the default of 6 days is adequate. However, if you have a good reason for changing the TTL, you can adjust the renewal interval in WINS Manager. The Microsoft implementation of WINS configures the client computers to automatically renew their registered names every one-half of the TTL, or every 72 hours. Thus, if a WINS client registered six names for various network services at startup, it renews these same six names every 72 hours.
—Tommy Gustafsson
t.gustafsson@norrkoping.mail.telia.com
Create VB Multilingual Applications
Microsoft's Visual Basic (VB) Resource Editor add-on for VB 5.0 lets you create multiple string tables, which are convenient for control over multilanguage support in software. The only catch is that VB automatically selects the string table, and you cannot change it during runtime. If you want to make the application switch languages during runtime, you must use old-style indexing.
An alternative, however, is to use the API function, SetThreadLanguage. With this function, you can switch languages in four easy steps:
If you follow these four steps, VB will still automatically select the language but according to your setting. Thus, you'll get the language you want.
This API function works with the compiled version of your program only. If you use this code in development environments, no changes will take effect. In addition, the code will work with only single-threaded applications in VB.
—Daniel Balos
balos@iname.com
More Proof That Microsoft Is Shooting Itself in the Foot
Brian Chaney's observations in "Is Microsoft Shooting Itself in the Foot?" (Reader to Reader, August 1998) are right on target. Based on my experience, Microsoft is quickly forgetting the folks in the trenches. I received my MCSE in October 1997. As of January, I had not received my beta software. I began calling twice a week, but to no avail. Finally, in May, I received it. When I called asking for an extension on my subscription so that it would expire in May 1999, a Microsoft representative flatly rejected the idea and told me there was no one I could complain to.
Microsoft seems to be doing everything in its power to alienate its users and support base. People will continue to buy Microsoft products because they are plentiful and highly visible, but Microsoft is adding a layer of doubt in their minds about its commitment to customers and its commitment to quality.
—Vincent LaPaglia
skibum@csd.net
Remove Your NT Workstation from the Browser Election, Too
In "Remove Your NT Server from the Browser Election" (Reader to Reader, May 1998), Tommy Gustafsson wrote about how to remove your test Windows NT server from browser elections to make your network run smoother. Expanding on this concept, you can also stop your NT workstations from participating in browser elections without loss of functionality. If your NT network has a Primary Domain Controller (PDC) and Backup Domain Controller (BDC), those machines always win the browser elections. Consequently, stopping NT workstations from participating will have no affect, except to significantly reduce network traffic.
To stop a PC running NT Workstation 4.0 from participating in browser elections, log on as an administrator. Go to Control Panel, Services. Highlight Computer Browser, and click Stop to disable the current browser service. To disable future browser service, click Startup, select Disable, and click OK.
To stop a PC running Windows 95 from participating in browser elections, you need to edit the Registry. Launch regedit. Change (or add) the key HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Browser\Parameters. Set the value as MaintainServerList=No. As always, be careful when modifying the Registry.
—Steve Hong
steveho@juno.com
Microsoft Certification Study Tips
Because of changes at work, I've signed up to take the MCSE(+Internet) exam, with Windows NT Workstation 4.0 and NT Server 4.0 as the operating system (OS). As an experienced systems administrator and a former computer science university instructor, I know that some topics are hard to learn and take exams on. Here's some advice to help you.
Tip 1. There's a lot to learn, so find the time to study. With working full time, the biggest problem for many people is finding the time to study. Fortunately, my company lets its employees dedicate 5 hours a week for studying. But that isn't enough, so I also study on my free time. Whether or not your company will let you study on company time, you need to set a study schedule. You also need to choose a suitable location for studying—preferably a place free from phones, people, and other interruptions.
Tip 2. You can't learn everything from a book or interactive program. You need hands-on experience. If possible, get a machine that you can practice on. However, don't mess with your NT servers and workstations at work unless they are set up for experimentation. I suggest that you set up a machine at home. Two machines work best if you are using an interactive program to study. You can use one to run the study program and the other to experiment on. In addition, two machines provide a way to shift between environments, simulating an OS. If you don't have a machine at home, consider buying one. Basic removable hard disks are inexpensive. Remember that for studying, blazing speed, sound, and graphics aren't important; the functionality of the system is. If you can't afford to buy a machine, borrow one. As for software, you can get a lot of free trial software.
I hope this advice helps. And best of luck in studying for and taking your exam.
—Bent Mathiesen
bm-itafd@aalbkom.dk