Microsoft Windows NT Workstation 4

Microsoft Windows NT Workstation 4.0 Study Outline

Unattended Installation
1. Unattend.txt

in conjunction with Uniqueness Database File (UDF)

Usage : winnt /U: unattend filename / UDF: ID#,UDFfilename /S sourcepath /B

2. Setup Manager

Automated creation of unattened.txt. Found on NT CD-ROM. Consists of three tabs:

General : User Info, Hardware Settings, Computer Role, Install Path, Display Settings, Time Zone, License Mode

Networking : General (when to install networking), Adapters, Protocols, Services, Internet, Modem

Advanced : File system is the only important one here

Sysdiff

Switches include /Snap, /Diff, /Apply, /Dump, and /Inf (creates an inf file and installation data from the difference file, which can be placed in a server share to automatically apply the differences captured in the /diff file)

Shares

BY DEFAULT - ONLY ADMINISTRATORS AND POWER USERS CAN SHARE FOLDERS/RESOURCES - Can this be changed?

Share names can be up to 255 characters

Administrators can ALWAYS take ownership

To create from Command Prompt, syntax is:

NET USE sharename=path

NT creates 2 Default HIDDEN Shares:

1.C$

2. ADMIN$

File Systems
NTFS

A log-based file system which tracks changes made and how to undo those changes

Supports files and partitions up to 16E

EASIEST WAY TO DELETE:

Boot from 3 floppies
Choose NTFS Partition
Press D (Delete) and exit setup

FAT

Supports files and partitions up to 4G

LOWEST OVERHEAD OF ANY FILE SYSTEM

VFAT

Supported by MS-DOS 7, Win95, Win NT 3.51 and 4.0

Main difference is naming convention (VFAT supports long filenames)

IS NOT FAT32

Installation Functions
During Install, WINNT performs:

Creates the 3 setup boot diskettes (/o for creation without a CD, /ox WITH a CD)

Creates Temp Folder $win_nt$.~ls and copies WS files to this folder

Prompts for reboot

WINNT Switches

/b - skips creation of boot floppies

/c - skips free space check

/f - copies files from boot floppies WITHOUT verification

/II - specifies filename (but not path) of setup information file (INF FILE). Default is DOSNET.INF

/t - specifies drive to contain temp setup files ($win_nt$.~ls)

System and Boot Partitions
System partition contains:

Boot Files including

NTLODR
BOOT.INI
BOOTSECT.DOS
NTDETECT.COM
NTBOOTDD.SYS (for SCSI-based systems)

Boot Partition contains:

System Files including:

NTOSKRNL.EXE
HAL.DLL

Removing NT from a FAT Partition

Boot from Win95 or DOS

Sys c: to reset the MBR and bypass NTLDR

Restart and Delete the following;

PAGEFILE.SYS

BOOT.INI

NT*.*

BOOTSECT.DOS

%systemroot% directory (C:\WINNT)

C:\PROGRAM FILES\WINDOWS NT

Server-Based Installations:

SMS

.BAT files, usually sent as an embedded email link

Administrator initiates from the workstation

SERVER BASED INSTALLATIONS COMBINE NETWORK INSTALL WITH AN AUTOMATED INSTALL

Network Installation Disk is a bootable DOS disk used to start (even with NO OS) and connect to the network

User Account Properties

User Name - 20 characters, not case sensitive

Password - 14 characters, case sensitive

ONLY USERNAME IS REQUIRED TO CREATE AN ACCOUNT

Account Templates

FOR SECURITY, BE SURE TEMPLATE ACCOUNTS ARE DISABLED

When applied, only copies the following:

Description
Group Memberships
Profile Settings
User Cannot Change Password
Password Never Expires

User Profiles

Stored in %systemroot%\profiles and composed of:

NTUSER.DAT - contains registry info
NTUSER.DAT.LOG - a fault tolerant, log-based file for NTUSER.DAT
Miscellaneous files - a series of folders containing other items such as shortcuts and app specific profile data

Roaming Profiles

STORED ON SERVER

Created by specifying path (to server stored profile) in User Manager for Domains

MANDATORY Profiles are created by creating a roaming profile stored on the server and specified in the path of User Manager for Domains, then renaming NTUSER.DAT to NTUSER.MAN. IF Domain Controller is unavailable, User CANNOT LOGON TO DOMAIN

NTFS Permissions - R, X, W, D, P, O
For Directories:

No Access

List (RX, but cannot access contents)

Read (RX, cannot save changes)

Add (WX, cannot read existing files)

Add & Read (RXW, cannot modify existing files)

Change (RXWD, can modify, change attributes, and delete)

Full Control

For Files:

No Access

Read (RX)

Change (RXWD)

Full Control

NTFS File Permissions Transfer

When Copying, File ALWAYS receives permissions of target folder

When Moving, file maintains permissions unless BETWEEN PARTITIONS

NT Print Process

User sends print job, if necessary, new driver is downloaded

Driver sends the data to the CLIENT spooler, which spools the data to a file, then makes an RPC to the SERVER spooler

Server spooler sends the data to the local print provider

Local Print Provider passes the data to a print processor for rendering into a format that matches the printer device, adds separator page if requested, then passes the data to the Print Monitor.

Print Monitor points the rendered data to the printer port, which points to the print device

Print Driver

Composed of:

Print Graphics Driver DDL
Print Interface Driver DDL
Characterization Data File (Minidriver)

PRIORITIES ARE ASSIGNED ON THE SCHEDULING TAB OF PRINT MOITOR

APIs (Application Programming Interface)

Communicate between the file system and the network drivers

NetBIOS - the DEFAULT OS INTERFACE in NT
Windows Sockets - A standard for application communication with transport protocols such as TCP or SPX
RPCs - Remote Procedure Calls - Handle any IPCs (InterProcess Communication)
NetDDE - Network Dynamic Data Exchange

Default Components in NT

NetBIOS

TCP/IP and NetBEUI

Workstation Service

Server Service

Computer Browser

RPC Service

NIC Driver

Redirectors

Intercept requests for resources and direct those requests to a server or share on the network. Four exist on NT:

Server Service
Workstation Service
UNC
MPR (MultiProtocol Router)

Novell Issues

802.3 Frame Type in 3.11 and lower

802.2 Frame Type in 3.12 and higher

YOU DO NOT NEED CSNW FOR CLIENT/SERVER APPS ON A NW SERVER. ONLY NWLINK

GSNW - allows users to connect to the NT Server, the server then makes the connection to the NW server

CSNW - allows NT computers (Server or Workstation) to connect to NW servers as an ordinary Novell client. To connect to 3.x NW Servers, enter PREFERRED SERVER. To connect to 4.x NW Servers, enter DEFAULT TREE AND CONTEXT

RAS

Server supports up to 256 simultaneous connections. Can communicate between Server and Client with:

PSTN
ISDN
X.25

Protocols
SLIP

Only supports TCP/IP

Static

No Password Encryption

Uses Scripts

PPP

Supports TCP/IP, IPX, and NetBEUI

Dynamic

Supports Encryption

No Scripts Needed

Header Compression

Troubleshooting RAS

RAS: Dial-Up Networking Monitor

Information on Connection Speed

Connection Duration

Names of RAS Connected Users

Connection Protocols

Connection Devices

DEVICE.LOG (Enabled through Registry, stored in %systemroot%\system 32\RAS

Performance Monitor

To see Network Interface Objects, SNMP Service must be installed

Processor

%PROCESSOR TIME - BELOW 80%

INTERRUPTS PER SECOND - BELOW 3500, Ideally 200-2000

SYSTEM OBJECT, PROCESSOR QUEUE LENGTH - UNDER 2
Memory

AVAILABLE BYTES - 10% of physical RAM, or 4M, whichever is higher

PAGES/SEC - 20 or LOWER
Disk Access

LOGICAL DISK OBJECT, AVERAGE DISK QUEUE LENGTH - 0-2

LOGICAL DISK OBJECT, %DISK TIME - UNDER 50%

NT Boot Process

POST

MBR located and LOADED

NTLDR Loaded and Initialized, designates 32-bit memory model

NTLDR starts the mini file system (either FAT or NTFS)

BOOT.INI Loaded

When booting to NT - NTLDR calls NTDETECT.COM which passes HW info to Registry

NTOSKRNL.EXE Loaded by NTLDR (HAL is Loaded here) (Blue "Dot" Screen)

Kernel and Drivers Initialized

Services Load and Session Manager, AUTOCHK.EXE Checks each partition, Pagefile set up and subsystems are loaded

WINLOGON Starts (Ctrl+Alt+Del displayed)

Ant remaining Services are started

ERD

Contains:

An information file used to verify and re-create the NT boot files
The SAM
Portions of The Registry that relate to configuration
CONFIG.NT and AUTOEXEC.NT