Presentation on theme: "The Windows 2000 Report Card: what is it, why do I care, and what will it do for – or to – me? Presented by Mark Minasi teacher, speaker, author, alpha."— Presentation transcript:
The Windows 2000 Report Card: what is it, why do I care, and what will it do for – or to – me? Presented by Mark Minasi teacher, speaker, author, alpha geek, columnist firstname.lastname@example.org free newsletter at www.minasi.comwww.minasi.com Contents copyright 2000 Mark Minasi
Overview whats in this talk for me, fat man? In just one and a quarter hour, friends – thats right, just 75 short minutes – you too will be able to hold your own in a discussion on Windows 2000 You will be the envy of your friends as you effortlessly explain Active Directory, Change and Configuration Management, and Offline Files … before the geeks understand it! But wait, theres more…
Overview Windows 2000 Server goals Make NT an enterprise OS Make NT more reliable Make support peoples lives easier Let us administer our servers from far away Stop using server names like \\myserver (NetBIOS) and instead use names like myserver.acme.com (DNS)
Overview Windows 2000 Professional Goals Eliminate most of the reasons to use Wintendo rather than NT on the desktop n Make Win2K laptop-friendly n Add Plug and Play and good hardware support n World Domination
Overview Windows 2000 Definitions & Flavors Windows 2000 NT 5.0 It is not Windows, its NT Windows 2000 Professional: desktop OS, what we used to call NT Workstation W2K Server: like NT Server W2K Advanced Server: Like NT Server Enterprise Edition, clustering etc W2k Data Center: for the big jobs
Overview Windows 2000s dirty little secret n W2K is a cool product and can solve many of your existing network problems… n So long as you dont mind replacing most of your hardware and software
Windows 2000: Enterprise Issues Riddle: What would you call something that replaced SAM?
Enterprise Issues Enterprises are big: problems & solutions n W2K domains can contain tens of millions n Single domains can now easily span large geographical areas, as Windows 2000 domains understand WANs and compress data 10:1 before transmitting n NT 4 names were limited; Windows 2000 uses DNS names
Enterprise Issues enterprises are big: problems n Really need native mode to do the cool stuff (all NT 4 DCs must be dead) n Groups can only handle 5000 members n Fax, but no fax server n Multimaster replication still needs some work – Two admins can both modify a group membership and one admins work will be lost – There are still single-point-of-failure servers, in particular the PDC FSMO
Enterprise Issues Enterprises need more types of admins n NT only supported two kinds of people: – Users – Gods (oops, I mean administrators) n But some jobs need a sub-admin n OUs and delegation give us that
Enterprise Issues enterprise issues: problems n Things AD Wont Let You Do: – Rename a domain – Move an OU from one domain to another – Move a domain from place in the forest to another – Merge two existing domains, trees or forests – Rename a domain controller n But thats okay; enterprises dont do that
Enterprise Issues Enterprises need scalability n Network Load Balancing Module, clusters in Advanced Server and Datacenter help scale n Kerberos logon and the Global Catalog speed logons and let domains grow n Again, DNS naming allows more growth n Bad news: powerful chips like Alpha helped networks grow; no Alpha support in W2K
Reliability the good news n Clusters help both scaling and reliability n Recovery Console lets you boot to a DOS-like prompt with lots otools (works on NTFS too) n Driver verifier is amazing n Fault Tolerant Distributed File System very nice and easy to set up n Windows File Protection protects System32 files and requires an undocumented value (ffffff9d) to disable
Reliability the bad news n Windows 2000 (Pro in particular) seems prone to unexplained slowdowns and an inability to shut down sometimes n DirectX games seem more able to crash W2K than they could NT 4.0 n Adding reliability to DHCP requires a clu$ter n Looks like four-node clusters are out
Support Headaches problems we want to stop worrying about Rolling out new machines quickly System lockdown control without having to travel to desktops Deploying applications from a central location Convincing users to keep data on a central server rather than on their local PCs Controlling user server disk usage
Rolling Out New Machines RIS, scripts, SysPrep and more n Remote Install Services – Ghost-like tool stores images on server and allows simple one-floppy pull-down – But only stores W2K images and needs PCI NICs (laptops need not apply) – Some fantastic undocumented stuff lets you do Server rollouts, $OEM$ features, and customize setup screens – If done right, RIS is a wonderfully flexible tool n Scripted installs for W2K Pro are far easier n Sysprep 1.1 lets you create generic images, burn on CDs and roll them to any hardware
System Lockdown network admins need to control user desktops n Solution: Group Policies n Benefits: – Far more comprehensive than system policies – Can control what apps run on a machine, what users can modify, lots of other stuff – Can be assigned to groups of users, groups of machines, sites, organizational units, domains – Much harder to circumvent
System Lockdown curses, those users have foiled me again! n Problems: – Only works on W2K workstations – Requires quite some planning, or it can significantly slow down logons – Complexity leads to a need for a modeling tool to compute the Resultant Set of Policies (RSOP) – Head of RDP program called policies the most complex W2K issue -- tougher than AD
Central Application Deployment where did I put that CD, anyway? n Solution: packages deployed to the Windows Installer Service via group policies n Benefits: – Apps save files in My Documents after spouse mode install – Apps self-heal – No need to give Admin accounts to users
Central Application Deployment dont tell me -- I need W2K desktops, right? n Problems: – Only works on W2K workstations – Installer-ready apps are rare so far – Admin packaging tools havent been as useful as promised – Many benefits arent required, just suggested for the Logo program; heres a case where MS should be pushing a bit harder
Fostering Central Data Storage imagine if Briefcase worked... n Solution: Offline Files (but W2K PCs only) n Benefits: – Caches oft-used network files locally – Apparently speeds network response time – Works when the net is down – Allows traveling users to bring a part of the net with them – Synchronizes cache/network versions – My Documents an obvious candidate
Controlling Server Space Usage disk quotas come to W2K n Problem: limited server disk space n Solution: disk space quotas come to W2K n Benefits: very, ummm, simple to work with n Problems: – Very lame – Cannot apply quotas using groups, or to groups – Must apply amounts user-by-user
Remote Control whats missing n Very little, actually! n The worst of it is that the network admin types will probably have to learn scripting skills! n Itd be nice if Terminal Services worked better on low-speed links without Citrix n Bottom line: START TO LEARN SCRIPTING, NOW
Killing NetBIOS dimensions of the problem n Names: since 1985, Microsoft networks have used names like \\myserver instead of myserver.acme.com n Requires two name services: DNS for the Internet stuff and WINS for NT and Windows n DNS seems perfectly fine, so lets use it n But both servers and clients must use it n And applications must use DNS as well!
Killing NetBIOS what is to be done n Servers: make them W2K n Clients: make them W2K (a Wintendo client exists but it supports AD rather than DNS) n Network-aware applications: if they use NetBIOS now, they may or may not work if you start plugging in DNS names n Bottom line: NetBIOS will be around until you kill the last old desktop OS and server app
Last question about Server before moving to Professional: Will Server succeed in the market?
In Case Youre Not Confused Yet n Windows 95 = DOS plus some 16 bit and some 32 bit application platform n Win NT 4.0 = completely different OS with a similar-looking user interface n Win 98 = Win 95 version 1.1, more DOS-plus n Windows 2000 = NT 4.0 with plug and play, Active Directory, CCM n So what to call the NEXT DOS-plus type Windows? n My guess: 2001 = really Windows, 2002 = NT, etc.
What W2K Has That W98 Doesnt n Offline files n Rollout and deployment tools (RIS, Group Policies, Microsoft Installer) n Remote Manage Computer interface n Home directories work finally n Enforced driver signatures n Encrypting FS n Has always had NTFS, Task Manager, more solid
What W2K has that NT 4 didnt n Plug and Play n Encrypting File System n Offline Folders n Deployment tools n APM support and ACPI support n Home directories n Great accessibility tools n Folder settings seems to remember now n Remote Manage Computer
What W2K Has That Youll Hate n Windows 2000 Professional is pretty resource-heavy – 96-128 MB RAM minimum – Expensive ($319, $219 W9x upgrade, $149 NT upgrade) – Uses almost 500 MB of disk space n As always, not 100 percent legacy app compatible – Wintendo may win here
n NT 4 lacked power management, hot plug and play, plug and play, USB, suspend/hibernate, encryption n W2K gets all of those things n Problem: as its a bit heavy, may not be appropriate for many laptops n Problem: doesnt always detect changes in networking after suspend/hibernate
Plug and Play n Benefits: – All rewritten, not the Windows 9x code – Seems to run fairly solidly n Problems: – Despite misleading claims, W2K drivers are not Windows 98 drivers, so drivers are scarce
Plug and Play Oddities and problems n Stuff that seems not to work usually: – IEEE 1394 boards – Most hardware MPEG decoders – Most USB modems – As always, check the HCL and dont assume that things will work, unfortunately n Support does exist for a surprising array of old stuff -- CD burners, TV tuner boards
Summary Advice Hey, Minasi, how about the short version?
Final Grades: n Enterprise: B- n Reliability: B- n Support tools:B+ n Remotability: A n Kill NetBIOS: I n Beat Wintendo: A- n Laptop friendly: A- n Plug and Play:B
What do I DO???? the problems n Theres no smooth path between an NT 4 domain and a W2K domain n Many of W2Ks benefits simply dont work until youve migrated to Active Directory (watch that first step, its a lulu…) n But some benefits will work fine without AD, and theres a learning curve to working with a W2K desktop, whether server or pro
One Approach Not Microsofts but a bit more gradual n Move your workstations to Professional – Learn the UI changes, get a feel for the level of driver support youll find overall, check apps n Then move the member servers to W2K – IIS 5, web folders, offline files, better WINS n Then migrate some DCs to AD – But first sync and shut down an NT 4 BDC – When you trust it, start using the AD features
Do AD later? Isnt 2000 Without AD A Dumb Idea? n DNS, WINS, DHCP is improved n Routing: Internet Connection Sharing, NAT n IIS: 2x faster, better restarts, multiple sites are easier, has ASP 3.0 n Plug and Play, power management n Telnet, scripting, Terminal Services n Some Dfs n Encrypting file system, other NTFS 5.0 features n Nope, its not a dumb idea at all; in fact, I strongly recommend that you get DNS nailed before starting your AD implementation
One Final Thought… 19981999 NT Server Market Share38%, #1 Linux Market Share (Server market) 12%, #425%, #2 What will we be talking about here next year?
Thank You! n I hope this was useful, thanks for joining me n Email:email@example.com n I invite you to sign up for my free newsletter at www.minasi.com Dont miss the reception (free eats!) in the Vendor Hall downstairs -- its right now! And Im doing a book signing in the Vendor Hall at 5:50 PM -- make your book a collectors item (yeah, right)