|
|
|
|
|
|
|
Use Dynamic DNS Windows 2000 adds a great new feature called Dynamic
DNS (DDNS) that enables host records to be updated automatically in a Windows
2000 DNS server when the client address changes. This enables host records to
remain accurate even when clients receive their address assignments through
DHCP, for example. Open the Properties sheet
for the network connection through the Network And Dial-Up Connections
folder. Double-click TCP/IP. Go to Advanced | DNS. Select the Register This
Connection's Addresses In DNS option to enable DDNS for the client. Note: The Use This Connection's DNS Suffix In DNS Registration option, if selected, registers the client using the first part of the computer name specified in the System properties along with the DNS suffix specified by the DNS Suffix For This Connection option. |
|
Drive letters need to be changed You can change drive
letters of drives in Windows 2000 easily through the Disk Management node of
the Computer Management console. You might need to do this in situations
where an application is hard-coded to expect a particular drive letter but
you're using a different one. |
|
Customize MMC consoles Most of the administrative
functions you perform in Windows 2000 happen through various Microsoft
Management Console (MMC) snap-ins. A useful advantage to this modular design is
the fact that you can customize the consoles to suit your needs. For example,
you can add a selection of consoles to your own custom console for the
administrative functions you perform most often. You can also customize
existing consoles to make it easier to access specific functions by adding
Taskpads, which we'll cover in a future tip. Go to Start | Run, and
enter MMC.EXE in the Run dialog box. In the console window, choose
Console | Add/Remove Snap-in. Click Add, select the
desired snap-in, then click Add again. Insert any other consoles
you want to include, and then click Close. Save the console so you can
use it any time you need it. To do so, go to Console | Save As. Specify a location and
filename, and the MMC will save the console with an .msc file extension. Note: For quick access to the console, create a shortcut to it in your Start menu or on your desktop. |
|
Unhiding protected system files Like Windows 9x and Windows
NT, you can configure Windows 2000 to either show or not show folders and
files that have hidden attributes set. Windows 2000 adds a new feature that
helps prevent unintended deletion or other modification of critical system files
such as BOOT.INI, NTLDR, and NTDETECT.COM, among others. In any folder window,
choose Tools | Folder Options. Click the Vi After you've performed the
necessary modifications to the files, you should reselect the option to
protect the files again.ew tab and deselect the Hide Protected Operating
System Files option. Windows 2000 will present a Warning dialog box. Click Yes to display system files or No to cancel. |
|
Changing icons for desktop items and documents You can change the icon
used for a shortcut by right-clicking the shortcut, choosing Properties, then
clicking Change Icon. You can browse for the file or specify the path to the
file containing the icon (.ico, .dll, or .exe files). Desktop objects like My
Computer behave differently, however. You can change the icons for these
objects through the Display Properties sheet. To do so, follow these steps: Right-click the desktop and choose Properties. Click the Effects tab. In the Desktop Icons group,
select the object whose icon you want to change. Click either Change Icon to
assign a different icon or Default Icon to return to its default. You can also change the
icons used to display a specific type of file, although the change takes a
little more effort than changing desktop object icons. Here's how: Open any folder and choose
Tools | Folder Options. Click the File Types tab,
and locate and select the file extension for the file type whose icon you
want to change. Click Change Icon and
select the file and icon you want to use. Whether you're changing icons for desktop objects or documents, you'll find several to choose from in the files Shell32.dll and Moricons.dll, both located in the %systemroot%\System32 folder. |
|
Removing "hidden"
components If you've tried to remove
objects from your systems through the Add/Remove Programs object in Control
Panel, you've probably noticed that some of the installed components, such as
games and other accessories, don't show up in the Windows 2000 components list.
Microsoft supposedly hid these files to provide a common base of applications
on each Windows 2000 system for support reasons. Having Solitaire on your
system, however, doesn't seem to add much in terms of simplifying support.
Here's how to unhide these applications. Configure Windows 2000 to
show hidden folders by opening the hidden folder %systemroot%\Inf. Locate and
make a backup copy of the file Sysoc.inf. Double-click Sysoc.inf to open it in
Notepad. Check each line for ",HIDE," and delete the word HIDE,
leaving the commas on either side, and save the file. Go to Control Panel
|Add/Remove Programs. Click Add/Remove Windows Components. Note that the previously hidden applications now appear. You still can't remove some of the applications (such as Fax), but at least you can remove games and other accessories you might not need. |
|
Configuring print spooling Like other operating systems, Windows 2000 supports print spooling. Rather than print directly to the printer, applications can print to a print spool managed by Windows 2000. The operating system then takes care of sending the print job to the printer. The advantage is that you don't have to wait for the document to finish printing before resuming use of the application. As far as the application is concerned, once the document is in the spool, it's printed, allowing the app to go on about its business. For most people the default settings for print spooling work just fine. In some cases, though, you might need to tweak the settings or turn off spooling. Spool settings are configured on a per-printer basis. Open the Printers folder, right-click the printer in question, choose Properties, and click the Advanced page. Select the option Print Directly To The Printer To Bypass Spooling. If you choose to use spooling, you can specify that Windows 2000 start printing as soon as the data starts flowing to the queue, or you can configure it so the entire document moves to the spool before printing starts. The latter option can resolve printing problems, particularly with long documents. |
|
Open a command console in a specific folder If you work with the
command console frequently, you'd probably love to be able to click on a folder
and open a command console rooted in the folder, saving lots of CD commands
once the console is open. Although you can modify the registry directly to
add this capability, Microsoft provides a couple of add-ons you can use to
automate the registry change for you. |
|
Displaying special logon messages Believe it or not, you could have a problem prosecuting
someone who hacks into your system or uses it without authorization unless
you warn the intruder explicitly that access to the computer is restricted. Open the Local Security
Policy console from the Administrative Tools folder. Open the \Local
Policies\Security Options branch. Compose the "Message
text for users attempting to log on" that you want displayed in the
dialog box. Set the "Message title
for users attempting to log on" to whatever you want to appear in the
dialog's title bar. Close the console, log off, then log on to test the message. |
|
Multiple Web sites under Professional You can use Internet
Information Services (IIS) on a Windows 2000 Professional computer to host a
single Web site and a single FTP site. When you install IIS, Setup
automatically creates the default Web site, which you can use to publish
documents to other users on the LAN/intranet, or even on the Internet
(although Pro is limited to a maximum of 10 concurrent connections). |
|
Opening network folders quickly Getting quick access to
network folders is handy whether you use those folders seldom or all the
time. Browsing through My Network Places each time you need to use a folder
certainly works but it's the "scenic route." If you're looking for
an easier way, you have a couple of ready options. |
|
Disable File And Printer Sharing for TCP/IP The Internet used to be a
lonely but relatively safe place, like a small town where you could leave
your doors unlocked. Today the 'net is a lot like the bad area of downtown in
a big city. Leave your door unlocked, and someone will probably clean you
out. |
|
Using Callback to reduce dial-up costs If you frequently use dial-up
connections to a remote network, whether working from home or on the road,
you can save yourself some money in phone charges by having the server call
you back. This effectively "reverses the charges" so the toll
happens on the server end, rather than on yours. Ask Me During Dialing When
The Server Offers: Select this option if you want the server to prompt you to
specify the Callback number when you first connect. Always Call Me Back At The Number(s) Below: Select this option if you always connect from the same number. Specify the number for each modem. |
|
Disable remote registry modification Windows 2000 enables you to
view and modify a registry remotely, which is a useful feature when you need
to fix or tweak a system across the network. In some cases, the ability to
remotely edit the registry is a lifesaver; however, it's also a potential
security risk. If you don't need to manage your registry remotely, you can
and should secure it. Here's how: Go to Start | Run. Type regedt32.exe
and click OK. Navigate to HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SecurePipeServers\winreg. Go to Security |
Permissions. In the Permissions dialog, allow
and deny access to groups and users as needed and close the Registry Editor. Note: Please remember that editing your registry can be risky, so always have a verified backup before you begin. |
|
Personalized menus A lot of users have been
complaining in the newsgroups about "missing menus" in Windows 2000
and applications running under Win2K such as Office 2000. When you open a
menu, it doesn't necessarily show you all of the available commands, causing
some users to think that some commands are missing. This isn't a bug but
rather a feature called User Personalized Menus. Some refer to it as
"adaptive menus." Whatever the name, it can be an irritation if
you're not used to it. |
|
CHKDSK and CHKNTFS If you're an old hand at
DOS or Windows 9x, you're probably familiar with the CHKDSK utility that checks
a disk for errors and (optionally) fixes those errors. Windows 2000 also
includes a copy of CHKDSK that not only checks and fixes problems with FAT
and FAT32 volumes, but also checks and repairs NTFS volumes. CHKDSK must lock
the volume for exclusive use to check for errors, and if it can't (because
it's the system volume, for example), CHKDSK schedules the check for the next
time the system reboots. You can view the options for CHKDSK by opening a
command console and typing CHKDSK /?. |
|
Limit connections to a share Windows 2000 Professional
by default is limited to no more than ten concurrent connections. Anyone
trying to connect after the maximum number of connections is reached receives
an error message and the connection is refused. In some situations you might
want to further restrict the number of concurrent connections, whether for
performance or security reasons. For example, assume that when more than a
few users connect to a database or application on your computer, performance
drops noticeably. Restricting access can help reduce the impact of those
connections on your system's performance. |
|
Configuring service behavior Windows 2000 is relatively
well behaved, and it's usually not often that services fail. Service problems
are still possible, however, particularly as you begin to add applications
that use additional services. To help you cope with and troubleshoot service
problems, Windows 2000 lets you specify recovery actions that Windows 2000
will attempt when a service fails. |
|
Changing environment variables If you're a die-hard DOS or Windows 9x user converting
to Windows 2000, you're probably familiar with environment variables and how
you set them through the AUTOEXEC.BAT file. The PATH variable is a good
example of an environment variable. %username%—User's current
logon account name %userdomain%—User's current
logon domain name %windir%—Location of the
Windows 2000 folder %os%—OS version %processor_architecture%—System
processor type %processor_level%—System
processor level %homepath%—Path to the
user's home directory %homedrive%—The drive where
the user's home directory is located %homeshare%—The share name of the user's home directory |
|
Configuring a dial-up server Even if you're not using your computer as a server, there could well
be times when you need to connect to your computer remotely through a dial-up
connection. For example, you might be working at home and need to download
some files from your office computer or print to the office printer. You can
set up Windows 2000 Professional to act as a dial-up server, allowing you to
connect, authenticate, and access resources as if you were connected locally
to the network. Open the Network And
Dial-Up Connections folder from Settings on the Start menu. Run the Make New Connection
wizard and click Next. Select the option Accept
Incoming Connections and click Next. Select the device (such as
a modem) you're using for the connection. If you need to configure its
properties such as port speed, compression, etc., click Properties. If you want to allow Virtual
Private Network (VPN) connections, select Allow. Otherwise, select Do Not
Allow and click Next. Select the user accounts
that are authorized to connect through the dial-up connection and click Next.
Bonus tip: You can also modify a user's settings through
Properties to enable Callback so that your computer will call back the
incoming remote user. Select the network
components for the connection (specifically, the protocols to use) and click
Next. Click Finish. Now, find yourself another computer and dial in to test the connection. Once connected you can map network shares and use network resources such as printers just as you would from the LAN. |
|
Changing provider order You can configure a
connection to use multiple network providers. Typically included are
providers such as Microsoft Windows Network and print providers such as
LanMan Print Services and HTTP Print Services (used by Windows 2000 to
support printing from the Internet). |
|
Bootable NTFS disk, part 1 If you experience a boot
problem with a FAT volume, you can often at least recover your data by
booting from a bootable DOS diskette. When your boot partition is NTFS,
however, a DOS diskette won't do you much good, since DOS can't read NTFS. Make a copy of the Windows
NT Setup Disk 1 using the DISKCOPY command from a DOS session under Windows
9x (or DOS). Delete all the files from the disk after you create it. Copy the files Ntdetect.com
and NTLDR files from the i386 folder on the Windows 2000 CD to the disk you
created in step 1. Rename the file NTLDR to
Setupldr.bin. Create a Boot.ini file on
the new disk. The following example assumes a single partition SCSI drive
with Windows 2000 installed under \WINNT: If the Boot.ini file uses
scsi(n) instead of multi(n), copy the device driver for the computer's SCSI
controller from the Windows 2000 CD to the floppy. Rename the driver on the
floppy to Ntbootdd.sys. This step isn't required if the Boot.ini file uses
multi(0). Restart the system using the floppy. |
|
Bootable NTFS disk, part 2 In previous tip, we
explained how to create a bootable disk to enable you to access NTFS partitions
if your drive has a boot problem. That process, using the Windows NT Setup
disk, is specific to Win9x or DOS systems. Here's how to create the boot
diskette using Windows 2000: Format a floppy disk in
Windows 2000. Copy NTLDR from the Windows
2000 CD, Windows 2000 Setup disk, or another computer running Windows 2000
Professional. You can use the command EXPAND NTLDR._ NTLDR to expand the file
from the CD if necessary. Copy Ntdetect.com to the
diskette. Create a
Boot.ini file or copy one from another Windows 2000 computer, and then change
it to match your system. The following example assumes a single partition
SCSI drive with Windows 2000 installed under \WINNT: If the Boot.ini file uses
scsi(n) instead of multi(n), copy the device driver for the computer's SCSI
controller from the Windows 2000 CD to the floppy. Rename the driver on the
floppy to Ntbootdd.sys. This step isn't required if the Boot.ini file uses
multi(0). Restart the system using the floppy. |
|
Applying local restrictions, part 1 Keeping users focused, on
track, and out of trouble is sometimes a dicey proposition. Since nothing is
foolproof to a sufficiently talented fool, it's tough to keep users out of
places and applications where they shouldn't be. Even though you have to be an
administrator to make most system configuration changes, unwary users can
still do some damage. There's the lure of the Internet Explorer icon right on
their desktops, tempting them away from work. And even the network sometimes
proves to be a dangerous place for some users. Applying restrictions to what
users can do is the solution. |
|
Applying local restrictions, part 2 You use the Group Policy
console to apply restrictions. Before you go rushing off to lock down your
users, however, keep this in mind: The changes you're going to make will
initially affect the local administrator account on each computer. Don't
apply any restrictions that will prevent you from later removing the
restrictions from the administrator account. You might want to temporarily
create an account with membership in the Administrators group to use in case
you have problems and need to undo the restrictions. Log on as Administrator. Go to Start | Run and enter
GPEDIT.MSC in the Open dialog box to start the Group Policy console. Open the User
Configuration/Administrative Templates branch and change settings as desired
to enable restrictions as needed. The settings for each restriction vary. Close the Group Policy
console and log off, then log back on again as Administrator to apply the
change. Log off and log on as
another user to verify that the restrictions are applied. Log off and then
log on as each of the other users, in turn, to whom you want to apply the
restrictions. Log on as Administrator and
copy the file %systemroot%\System32\GroupPolicy\User\registry.pol to a Open the Group Policy console and remove the restrictions applied in step 4. In some cases, you might need to use the opposite setting from the one applied in step 3. For example, if you selected Enable to apply a given restriction, choose Disable to remove the restriction rather than Not Configured (which applies no change to the registry). Close the Group Policy
console, and then copy the backup UserReg.pol file created in step 6 back to %systemroot%\System32\GroupPolicy\User\registry.pol, making sure to rename the
file registry.pol. Copy the backup MachineReg.pol created in step 6 back to %systemroot%\System32\GroupPolicy\Machine\registry.pol, making sure to rename the
file registry.pol. Log off as administrator and log on as one of the restricted users to verify that the restrictions are in place. Log off and then log back on as administrator to verify that the restrictions are not applied to the administrator account. As long as you didn't use your own non-administrator account to log on in step 5, that account will not have the restrictions applied. |
|
Installing and using the Recovery Console Windows 2000 adds a great
new feature called the Recovery Console (RC) for troubleshooting and
repairing system problems. Picture the equivalent of Windows 9x MS-DOS Mode
with administrator privileges, and you have a pretty good picture of the RC. |
|
Cloning your current configuration How do you keep your
existing Windows NT Workstation configuration and still upgrade it to Windows
2000 Professional? Easy! You clone the NT installation then upgrade the cloned
copy. The result is a dual-boot system with your old installation intact and
your new upgrade in place without reinstalling applications. You'll need a
registry editor that can perform global search and replace in the registry.
Check out the Registry Toolkit from http://www.funduc.com, then put on the
latex gloves and mad scientist outfit for the following steps: Boot your current
installation of NT and execute RDISK /S to update the repair data and update
the Emergency Repair Disk (ERD), just in case you have problems. Perform a full backup of
your system so that you're prepared if trouble arises during this process. Create a directory called
WIN2K (we'll call it WIN2K for this example—you can use a different folder
name if you like) to contain Windows 2000. Boot the system and open a
console prompt. At the command prompt type the following command: Configure folder options to
show all files, including protected operating system files. Open My Computer
and locate the file Boot.ini in the root folder of the boot drive. Change the
file's properties to remove the read-only attribute. Open Boot.ini in Notepad
and in the [operating systems] section, select and copy the line that defines
your Windows NT installation (such as,
"multi(0)disk(0)rdisk(0)partition(1)\WINNT="Microsoft Windows NT
Workstation Version 4.0"). Insert a new line in the
[operating systems] section and paste the copied line into the file at that
point. Modify the inserted line to
reference the \WIN2K folder rather than the \WINNT folder, and name it
"Windows 2000." This will give you a menu option to boot the copy
of NT in the \WIN2K folder. Save the file and restore
the read-only attribute. Hold down [Shift] to
prevent an autorun and insert the Windows 2000 CD. Open a console prompt and
change to the \i386 folder on the CD. Execute the following
command to install the Windows 2000 Recovery Console: After the Recovery Console
is installed, restart the system and boot the option, "Microsoft Windows
2000 Recovery Console." When prompted to select the
installation for logon, select the backup copy stored in \WIN2K. Since XCOPY
did not copy the SAM, you won't be prompted to provide an administrator
password. Change to the
\WINNT\System32\Config folder, then use the COPY command to copy all of the
files in the folder to \WIN2K\System32\Config. You'll have to copy the files
one at a time. (This step copies the registry from your \WINNT installation
to the \WIN2K installation.) Restart the system and
select the option "Windows 2000." This will boot the cloned copy of
Windows NT in the \WIN2K folder. Log on as administrator,
then perform a global search and replace in the registry, changing all
instances of C:\WINNT to C:\WIN2K. Review all shortcuts on the
Start menu and desktop, changing references to C:\WINNT to C:\WIN2K. Restart the system and
select the option "Windows 2000" to boot the cloned copy. Insert
the Windows 2000 CD and perform an upgrade. Upon successful completion of the upgrade, test both operating systems to verify that you can boot both and that both work properly. |
|
Using the Last Known Good Configuration When Windows 2000 boots,
you can choose between two configurations: the default registry configuration
or the Last Known Good Configuration (LKGC). The default configuration represents
the system's configuration from the previous session just prior to shutdown.
Any changes to the system's configuration in the previous session are applied
in that configuration. The LKGC represents the system's configuration from
the past boot prior to any changes. Both configurations are stored as control
sets in HKEY_LOCAL_MACHINE\SYSTEM. |
|
Manual registry backup and restore You can use the Backup
utility in Windows 2000 to back up and restore the registry, although Backup
requires that you back up all system state data along with the registry. As
this can come to 200 MB or more, you might be interested in a way to back up
just the registry. |
|
Modifying a remote registry There are a couple of situations in which you might need
to modify another computer's registry from your own computer. The other
system might not allow logon for some reason but still boots. In this
situation you can connect to the remote computer's registry, potentially fix
the problem, and once again enable logon. If the remote computer won't boot,
you might be able to copy the offending registry hive file to your computer,
make the necessary changes, then copy it back to the other computer. This
requires that you do the following: Boot the system through a
diskette or dual-boot configuration and gain access to the file system. Copy the registry file to a
removable media with sufficient space to accommodate it (like a ZIP drive,
for example), or be able to copy the file across the network. Here's how to modify a remote registry locally on
your computer if you can't connect to it across the network: Boot the other computer
with a boot diskette or dual-boot OS, then copy the problem hive file to a
removable media or directly across the network to your system. Log in as administrator on
your system and run REGEDT32.EXE. In the Registry Editor,
select either the HKEY_LOCAL_MACHINE or HKEY_USERS window then choose
Registry | Load Hive. Locate the file copied to
the system in step 1, select the file, and click Open. This loads the hive
into the local registry as a subkey of the selected key. Make the necessary changes
to the damaged hive then choose Registry | Unload Hive. Copy the hive file back to its
original location on the problem computer and restart to test the system. Note: Please remember that editing your registry can be risky, so always have a verified backup before you begin. |
|
If you want
to contact me or to send more tip’s |
|
|
|
|
|
|
|
|