SEND US YOUR TIPS AND QUESTIONS.
For answers to more of your Win2K questions, visit Windows NT Magazine's online discussion forums at http://www.winntmag.com/forums.

The Hitachi Traveler 600
In the November 1999 Tricks & Traps, I told you about a noteworthy piece of Symantec software called Norton Speed Disk for Windows NT. This time, I want to tell you about a notebook.

Recently, a friend offered to sell me a new Hitachi VisionBook Traveler 600, a subnotebook that comes with Windows 95 preinstalled. After I found several references to NT in the accompanying manual, I called Zach Rosser, a third-line engineer at Hitachi, to ask about NT support. He told me that the Traveler 600 doesn't support NT but that drivers are available for all aspects of the notebook.

Rosser set up NT on my notebook and gave me all the drivers I needed, including drivers for the onboard 56Kbps modem and for the cardbus slots. For example, you can enable power management in NT, as Screen 1, page 160, shows. I placed the system under Suspend (i.e., for power conservation) for 2 days, after which I recovered everything easily. As Screen 2, page 160, shows, the network card reinitialized, and everything returned to usual. The system runs just as well with NT as it does with Win95.

You can easily change video from the LCD to an external monitor. In addition, you can set the LCD to 1280 * 1024 with 256 colors (I'm running 800 * 600 with 16 million colors—True Color). On the LCD, this setting creates a virtual desktop that requires you to scroll to see the full display. A peripheral monitor, however, supports the full image.

The system has a few minor annoyances. The unit ships with FAT32 installed and one Win95 partition. This setup creates problems with the NT 4.0 installation (I haven't yet tried to install Windows 2000—Win2K). You need to install Win95 on a small FAT partition before you copy the NT setup files onto the 3.2GB hard disk. This necessity is a nuisance, and I'd like to be able to perform a more straightforward NT installation. Hitachi supplies the Win95 CD-ROM and a boot disk, which supplies all the files you need to access the CD-ROM and begin the recovery of the Win95 partition. Finally, the slim battery pack that ships with the unit isn't very powerful. However, Hitachi is manufacturing an extended battery pack that will double the standard battery life.

Annoyances aside, this system has much promise. To give you some idea of the system's potential, I'm running 160MB of RAM on the unit, which weighs less than 3 pounds. Also, Hitachi's technical support is superb. Although the notebook doesn't officially offer NT support, Hitachi supplies better customer service than many companies whose products actively support NT.

I want to install Windows 2000 Server (Win2K Server) on my new notebook, which runs Windows NT 4.0 very well. Will I have any problems?

Installing a server OS on a notebook is unusual, so you might encounter problems with your installation. In Win2K, Microsoft has incorporated power management into the hardware abstraction layer (HAL). When Win2K installs, the OS reads the BIOS and determines that you have a notebook. If the BIOS isn't compatible with the Advanced Configuration and Power Interface (ACPI) in the notebook HAL, Win2K won't install (at least in beta 3).

Microsoft offers a legacy Advanced Power Management (APM) solution, but ACPI is preferable if the system supports it. ASUS and Dell produce the only notebooks I know of that have support for the ACPI specification. You can't install Win2K on new HP notebooks that run NT 4.0 perfectly. Nearly all notebook manufacturers require BIOS updates.

We typically run OSs on mirrored hard disks. Will this preference interfere with our upgrade to Windows 2000 (Win2K)?

The Win2K upgrade is straightforward, but you'll need to disable mirroring before you run the installation. After the installation completes, you can reenable mirroring.

Do Microsoft's changes in Windows 2000 (Win2K) security include password changes?

Like Windows NT 4.0, Win2K creates an Administrator account that requires you to simply enter a password with as many as 14 characters. Don't use a blank password, because it provides no security. Win2K enhances computer names. You can now enter as many as 63 characters. Thus, pre-Win2K machines will recognize the system by the first 15 characters. I would use simple computer names.

My organization is almost ready to migrate to Windows 2000 (Win2K). What are Win2K's hardware requirements?

The minimum requirements that Win2K Professional (Win2K Pro) lists are a 133MHz Pentium processor and 32MB of RAM (64MB recommended). Installation requires 650MB of hard disk space. Win2K Pro supports as many as two CPUs. Win2K Server's minimum requirements are a 133MHz Pentium processor and 128MB of RAM (256MB recommended). Installation requires 1GB of hard disk space. Win2K Server supports as many as four CPUs.

Win2K requires a serious machine. Even Microsoft's advertisements recommend that you have a 350MHz Pentium processor or better, with 64MB of RAM, to be ready for Win2K. You'll also face firmware requirements, particularly on those systems with ACPI control of BIOS. Because of these tough requirements, most networks will probably combine Windows NT 4.0 (perhaps even NT 3.51) machines with Win2K machines. Therefore, NetBIOS and NT LAN Manager (NTLM) authentication will still be with us. Add Y2K concerns, and you have a fairly perplexing migration pattern.

My organization is a frequent target of virus attacks. Does Windows 2000 (Win2K) handle these viruses—including viruses that intruders direct toward NTFS—better than Windows NT 4.0 does?

Win2K's Repair Console, which requires you to log on as an administrator, is a powerful tool for fixing an infected system. You access the Repair Console from the 3.5" boot disks (Win2K uses four 3.5" disks instead of the three that NT 4.0 uses) or the Win2K CD-ROM. Simply select Repair from the Welcome screen. The Recovery Console lets you change an errant SCSI driver, fix the boot sector, and fix network drivers. Win2K is easier to fix than earlier versions of NT. (When you press F8 at boot, you'll see options similar to those you see in Windows 95.)

However, the Recovery Console isn't a substitute for virus-detection software. You still need to run quality antivirus software, particularly on systems that access the Internet.

What is Kerberos, and what does it mean to Windows 2000 (Win2K)?

In the early 1980s, MIT—in conjunction with IBM and Digital Equipment—began its 8-year Athena project to place computers into the university environment. The project used VAX 11/750 servers connected to dumb terminals. As Athena evolved, numerous workstations started to appear on the network. These systems were fast, had reasonably sized hard disks, and had Ethernet interfaces. The workstations soon led to serious security breaches. Users began to eavesdrop on the network and thereby gain access to passwords and presumably secure information (e.g., grades). MIT developed Kerberos to solve this security problem.

Since then, Kerberos has evolved into a serious authentication scheme. Microsoft is using the Kerberos model to add quality network security to Win2K. Kerberos V5 is the primary security protocol for authentication within a domain. To learn more about Kerberos, see Jan De Clercq, "Kerberos in Win2K," October 1999.

My organization would like to dual boot Windows 2000 (Win2K) and Windows NT 4.0, but Microsoft has changed NTFS in Win2K. Does this alteration create any problems with dual-boot systems?

If you intend to create a dual-boot system with Win2K and NT 4.0 as the only installed OSs, you must install NT 4.0 Service Pack 4 (SP4). Win2K will automatically upgrade any NTFS partitions it finds on your system to NTFS 5.0 (Win2K's recommended file format). However, NT 4.0 requires SP4 to be able to read and write files on an NTFS 5.0 volume.

Furthermore, you need to install the two OSs on different drives (my preference) or partitions. Thus, you'll need to reinstall applications for Win2K.

Has TCP/IP changed much from Windows NT 4.0 to Windows 2000 (Win2K)?

Win2K enhances many aspects of TCP/IP. Microsoft has added performance enhancements such as Protocol Stack tuning, larger default window sizes, TCP Scalable Window sizes (Internet Engineering Task Force—IETF— Request for Comments—RFC—1323 support), Selective Acknowledgment (SACK), and TCP Fast Retransmit. Also, the TCP/IP stack is now standards-compliant and easy to administer.

To provide a secure and Internet-ready TCP/IP environment, Microsoft added such standards as IP Security (IPSec), logical and physical multihoming, Quality of Service (QoS), and VPNs. As you did with NT 4.0's TCP/IP, you can enable NetBIOS and run standard command-line applications such as Finger, Telnet, and Ipconfig.

I installed Windows 2000 Advanced Server (Win2K AS) beta 3 on a 200MHz dual-Pentium Pro computer with 128MB of RAM. The system is painfully slow. I also installed Windows NT 4.0 Service Pack 1 (SP1). When I try to run NT 4.0, I get an INACCESSIBLE_BOOT_DEVICE message. I can boot Win2K AS, so viruses aren't the problem. What do you suggest?

Microsoft is targeting Win2K AS toward robust departmental servers that deliver high levels of scalability and availability. Therefore, Microsoft's target platform is typically bigger than a Pentium Pro with 128MB of RAM.

Your problem might also be because the Win2K installation upgraded NTFS 4.0 to NTFS 5.0. You need NT 4.0 SP4 or later to read NTFS 5.0. Remember to install the two OSs on different drives or partitions.

Windows 2000 (Win2K) lets you have multiple domain controllers. Does this capability have any specific installation requirements?

Planning your network is more important in Win2K than in any earlier version of Windows NT. Most significantly, you need to disconnect any BDCs before you upgrade the PDC. You can install servers as domain controllers or as member servers.

Unlike NT 4.0, Win2K lets you promote member servers to domain controllers and demote domain controllers to member servers. This capability gives you great flexibility in your Win2K environment.