SEND US YOUR TIPS AND QUESTIONS.
You can also visit Bob Chronister's online Tricks & Traps at http://www.winntmag.com/ forums/index.html.
Q: What are the major Year 2000 (Y2K) concerns for Windows NT administrators?
Y2K compliance requires machine BIOS and firmware compliance, OS compliance, and program compliance. A system is machine-compliant if its firmware and BIOS can handle the Y2K problem. Some old BIOSs won't automatically roll over to 2000. On systems with this problem, you will be able to manually change the date to 2000 at the command line, and the system will function as usual. However, this change will make the BIOS essentially compliant but not Y2K-compliant, which means the systems are only temporarily fixed. Ideally, systems with noncompliant BIOSs need a firmware update, or you need to upgrade the entire system. Most new Pentium systems support automatic rollover to 2000. If you have any questions about your computers' compliance, call the vendor or check out the vendor's Web site.
OS compliance is a complex topic. Older software, such as DOS 5.0, isn't Y2K-compliant. Later versions, such as DOS 6.22, will run after 2000 with minimal problems but aren't Y2K-compliant. NT and Windows 95 are essentially compliant. You can make NT Y2K-compliant by applying Service Pack 4 (SP4), which adds the following functionality:
- The Find Files or Folders tool supports only numeric character recognition in the decade field, so you can sort files by date.
- The Date/Time Control Panel applet can update the system clock.
- User Manager and User Manager for Domains recognize 2000 as a leap year.
- The DHCP administration program supports displaying the years 2000 through 2009 with a minimum of two digits.
Most programs will work after 2000 with only a few minor abnormalities. For example, Microsoft Word document properties have trouble with the 2000 date stamp, but SP4 fixes this problem. I have found that most programs, including old stalwarts such as WordPerfect 5.1, will run after 2000. However, I don't know whether these programs will be stable or how many problems they will have. Again, I recommend calling your software vendors or checking out the vendors' Web sites for more information.
Several available programs can scan your system's hardware (i.e., your BIOS) and software for Y2K compliance. If you need to update a system's BIOS, the vendor probably offers the appropriate fixed BIOS chips or software downloads.
Y2K is a major problem for old COBOL programs. Unfortunately, programmers used COBOL to create banking, financial, and government mainframe programs. If Y2K causes chaos, it will be in these mainframe arenas. However, the organizations that use these programs are expending great effort to make the programs Y2K-compliant. In my opinion, the media are overhyping Y2K.
Q: How do I disable the pop-up messages that appear when I boot my notebook?
You can use a simple Registry modification to disable these messages. However, after you make this change, you must routinely check Windows NT Event Viewer for potentially lethal messages (e.g., your C drive is 98 percent full).
Remember that modifying the Registry is dangerous. Use your favorite Registry editor and go to the HKEY_LOCAL_MACHINE\ SOFTWARE\Microsoft\ WindowsNT\CurrentVersion\ Winlogon Registry key. Add the entry NoPopupsOnBoot (type REG_SZ), and give it a value of 1.
Q: How can I set up Microsoft Exchange Server to interact with my ISP?
I assume you have a dedicated line to the Internet and connect through a router or firewall. For Exchange Server to interact with your ISP, you need to configure DNS, rather than modify your Exchange Server system's settings. You need to create a DNS mail exchanger (MX) record that points mail programs to their mail servers. Perform the following steps to create an MX record:
- Right-click your forward lookup zone field (i.e., domain.com), then click New Record.
- Select MX Record from the Record Type window in the New Resource Record dialog box.
- Usually, you fill in the optional Host Name field with the host name of the appropriate mail server. However, if you want users to be able to use the email@example.com format to send mail to your domain, leave the Host Name field blank.
- Your Exchange Server mail system should be on a different computer than the DNS Server system. Enter the Fully Qualified Domain Name (FQDN) of the mail server in the Mail Exchange Server DNS Name text box (e.g., mail.domain.com..). The Mail Exchange Server DNS Name has an extra period at the end, so the Mail Exchange Server FQDN you use must have a corresponding record for that domain. The corresponding record for that domain tells the DNS Server where to redirect the mail traffic.
- Assign a preference number from 0 to 65535. In a multiple mail server environment, a low preference number means a high priority.
- Click OK.
Q: I've heard horror stories about Service Pack 4 (SP4). Can you list compelling reasons to upgrade?
The list of fixes in SP4 is impressive. Table 1 shows Microsoft articles about DNS and WINS problems that SP4 fixes. Go to the Microsoft Web site (http://www.microsoft.com) to find a complete list of problems that SP4 fixes. If your system has these problems, you should upgrade. However, if you're installing SP4 on a critical system, carefully consider whether you need SP4. (For more information about whether you should install SP4, see Tricks and Traps, April 1999.)
Q: How do I set up a Dynamic RAS (DRAS) connector in Microsoft Exchange Server that uses a PPTP (i.e., VPN) connection?
The only difference between a regular RAS Point-to-Point Protocol (PPP) session and a PPTP session is that PPTP requires you to already have TCP/IP connectivity to the PPTP-based RAS host you're dialing into. Assuming you have an over-the-Internet connection, you just need to define a DUN phone book entry for the PPTP connection and reference that entry and the credentials in the DRAS configuration in Exchange Server.
Q: The HKEY_LOCAL_MACHINE\ SAM and HKEY_LOCAL_MACHINE\ SECURITY Registry hives on my Windows NT system are unavailable. How can I look at the content of these hives without resetting their ACLs?
You can use the At command or the Microsoft Windows NT Server 4.0 Resource Kit Winat utility to force NT to expose these usually protected Registry hives. Use At and Winat to schedule an instance of a Registry editor at a specified time. By default, your system runs the scheduled session in the security context of the System account. The System account has access to the HKEY_LOCAL_MACHINE\SAM and HKEY_LOCAL_MACHINE\ SECURITY Registry keys; thus, you can view the contents of these hives when your scheduled session pops up. Be sure to use the /interactive switch, or if you're using Winat, select the interactive option so that the scheduled Registry editor session is visible on the desktop.
For example, to schedule a regedt32 session to pop up on the local machine at 11:00 a.m., type the following command at an NT command prompt:
Q: I installed Microsoft Windows NT Server 4.0, Terminal Server Edition on a computer that is not attached to my network. The drivers for my Xircom network card are on the hard disk. Later, when I added network support from Control Panel, I pointed to the drivers' location. However, I received the error message Can't copy ce3.dll in library. If I skip the file, I get another error message for the next .dll and I can't install the driver. Pointing the installation program to the drive containing the Xircom drivers doesn't help, and the system won't copy a generic Xircom driver from the CD-ROM or the local /i386 directory. Do you have any suggestions?
When you add network support to a Terminal Server system after the main installation and your Terminal Server system is using Xircom network drivers, you must first point the installation program to the \i386 directory. When the system prompts you again, point it to the drivers' .inf file. You shouldn't receive any cryptic error messages.
Q: What are the arguments in the mainframe environment vs. the client/ server model debate?
In my opinion, whether the mainframe or client/server model is better depends on how a business uses computers. For example, a mainframe environment is optimal for a hospital running numerous transactions on one database. In this case, the systems administrator develops applications that take full advantage of the mainframe's power, and most input devices are terminals. Mainframe users' business is completely automated, and the users have no need for applications such as Microsoft PowerPoint or Word. Yearly support of a mainframe environment is minimal.
My mainframe friends tell me that when you add PCs to this environment without mandatory control (e.g., mandatory profiles), you need to add one support person for every 35 to 50 PCs that you add. The mainframe folks also argue that the constant need to upgrade offsets the low cost of PCs.
The argument for the client/server model is that pools of inexpensive servers can do everything that a mainframe can do but at a much lower cost. In the client/server model, you place multiple servers in an environment and let the clients participate in the workload.
The users in a client/server environment are an integrated part of the computing system. For example, if users are developing PowerPoint presentations, you can set up PowerPoint on their machines. The users can then save their presentations on the server, using it as a file server. This setup works fine and is easy to maintain.
So, the real question is which model is better for your business? Client/server-model advocates who argue that the mainframe is disappearing are out of touch with reality—IBM is selling more mainframes than ever. A mainframe is better in the hospital setting that I previously described; however, the client/ server model is ideal for a more dynamic business.