Windows 2000: Difference between revisions
indeed it isn't! so say your piece. rv. |
rv: my statement is there, now awaiting yours |
||
Line 3: | Line 3: | ||
| family = Microsoft Windows |
| family = Microsoft Windows |
||
| logo = Windows 2000 logo.png |
| logo = Windows 2000 logo.png |
||
| screenshot = Windows 2000 Professional.png<!-- Do not change unless you have read "Wikipedia:Software_screenshots"! --> |
|||
| screenshot = Win2000.png<!-- 1024x768 has more detail than a 800x600 picture, which creates a clutterness effect; this picture also has an explorer window --> |
|||
| caption = Screenshot of Windows 2000 Professional |
| caption = Screenshot of Windows 2000 Professional |
||
| developer = Microsoft |
| developer = Microsoft |
Revision as of 05:14, 1 September 2007
File:Windows 2000 logo.png | |
File:Windows 2000 Professional.png | |
Developer | Microsoft |
---|---|
OS family | Microsoft Windows |
Source model | Shared source[1] |
Released to manufacturing | February 17 2000 |
Latest release | 5.0 SP4 Rollup 1 v2 (5.0.3700.6690) / September 13 2005[2] |
Kernel type | Hybrid kernel |
License | Microsoft EULA |
Official website | www.microsoft.com/windows2000 |
Support status | |
Extended Support Period until June/July 2010,[3][4] security updates will be provided free of cost and paid support is still available. |
Windows 2000 (also referred to as Win2K) is a preemptive, interruptible, graphical and business-oriented operating system that was designed to work with either uniprocessor or symmetric multi-processor 32-bit Intel x86 computers. It is part of the Microsoft Windows NT line of operating systems and was released on February 17 2000. It was succeeded by Windows XP in October 2001 and Windows Server 2003 in April 2003. Windows 2000 is classified as a hybrid kernel operating system.
Windows 2000 was made available in four editions: Professional, Server, Advanced Server, and Datacenter Server. Additionally, Microsoft offered Windows 2000 Advanced Server Limited Edition and Windows 2000 Datacenter Server Limited Edition, which were released in 2001 and run on 64-bit Intel Itanium microprocessors.[citation needed] Whilst all editions of Windows 2000 are targeted to different markets, they each share a core set of common functionality, including many system utilities such as the Microsoft Management Console and standard system administration applications. Support for people with disabilities was improved over Windows NT 4.0 with a number of new assistive technologies, and Microsoft included increased support for different languages and locale information. All versions of the operating system support the Windows NT filesystem, NTFS 3.0,[5] the Encrypting File System, as well as basic and dynamic disk storage. The Windows 2000 Server family has additional functionality, including the ability to provide Active Directory services (a hierarchical framework of resources), Distributed File System (a file system that supports sharing of files) and fault-redundant storage volumes. Windows 2000 can be installed and deployed to corporate desktops through either an attended or unattended installation. Unattended installations rely on the use of answer files to fill in installation information, and can be performed through a bootable CD using Microsoft Systems Management Server, by the System Preparation Tool. Windows 2000 is the last NT-kernel based version of Microsoft Windows that does not include Windows Product Activation.
At the time of its release, Microsoft marketed Windows 2000 as the most secure Windows version they had ever shipped,[6] however it became the target of a number of high-profile virus attacks such as Code Red and Nimda, and more than seven years after its release, continues to receive patches for security vulnerabilities on a near-monthly basis.
History
Windows 2000 is a continuation of the Microsoft Windows NT line of operating systems, replacing its predecessor, Windows NT 4.0. Originally called Windows NT 5.0, then Windows NT 2000, Microsoft changed the name to Windows 2000 on October 27 1998.[7] It was also the first Windows version that was released without a code name, though Windows 2000 Service Pack 1 was codenamed "Asteroid" and Windows 2000 64-bit was codenamed "Janus" (not to be confused with Windows 3.1, which had the same codename). The first beta for Windows 2000 was released on September 27 1997 and several further betas were released until Beta 3 which was released on April 29 1999. DEC Alpha support was removed from the final build. From here, Microsoft issued three release candidates between July and November 1999, and finally released the operating system to partners on December 12 1999.[8] The public received the full version of Windows 2000 on February 17 2000. Three days before the launch of Windows 2000, which Microsoft advertised as "a standard in reliability", a leaked memo from Microsoft reported on by Mary Jo Foley revealed that Windows 2000 had "over 63,000 potential known defects".[9] After Foley's article was published, Microsoft blacklisted her for a considerable time:[10] InformationWeek summarized the release "our tests show the successor to NT 4.0 is everything we hoped it would be. Of course, it isn't perfect either."[11] Wired News later described the results of the February launch as "lackluster".[12] Novell criticized Microsoft's Active Directory, the new directory service architecture to be less scalable or reliable than their own Novell Directory Services (NDS) technology.[13]
Originally, Windows 2000 was planned to replace both Windows 98 and Windows NT 4.0. However, that was later changed. Instead, an updated version of Windows 98 called Windows 98 Second Edition was released in 1999 as a successor to Windows 98. Microsoft released Windows 2000 Datacenter Server, targeted at large-scale computing systems with support for 32 processors, on September 29, 2000.
On or shortly before February 12, 2004, "portions of the Microsoft Windows 2000 and Windows NT 4.0 source code were illegally made available on the Internet".[14] The source of the leak remains unannounced. Microsoft issued the following statement:
Microsoft source code is both copyrighted and protected as a trade secret. As such, it is illegal to post it, make it available to others, download it or use it.
Despite the warnings, the archive containing the leaked code spread widely on the file-sharing networks. Consequentially, on February 16, 2004, an exploit "allegedly discovered by an individual studying the leaked source code"[14] for certain versions of Microsoft Internet Explorer was reported.
Architecture
Windows 2000 is a highly modular system that consists of two main layers: a user mode and a kernel mode. The user mode refers to the mode in which user programs are run. Such programs are limited in terms of what system resources they have access to, while the kernel mode has unrestricted access to the system memory and external devices. All user mode applications access system resources through the executive which runs in kernel mode.
User mode
User mode in Windows 2000 is made of subsystems capable of passing I/O requests to the appropriate kernel mode drivers by using the I/O manager. Two subsystems make up the user mode layer of Windows 2000: the environment subsystem and the integral subsystem.
The environment subsystem was designed to run applications written for many different types of operating systems. These applications, however, run at a lower priority than kernel mode processes. There are three main environment subsystems:[15]
- Win32 subsystem runs 32-bit Windows applications and also supports Virtual DOS Machines (VDMs), which allows MS-DOS and 16-bit Windows 3.x (Win16) applications to run on Windows.
- OS/2 environment subsystem supports 16-bit character-based OS/2 applications and emulates OS/2 1.3 and 1.x, but not 32-bit or graphical OS/2 applications as used on OS/2 2.x or later.
- POSIX environment subsystem supports applications that are strictly written to either the POSIX.1 standard or the related ISO/IEC standards.
The integral subsystem looks after operating system specific functions on behalf of the environment subsystem. It consists of a security subsystem (grants/denies access and handles logons), workstation service (helps the computer gain network access) and a server service (lets the computer provide network services).
Kernel mode
Kernel mode in Windows 2000 has full access to the hardware and system resources of the computer. The kernel mode stops user mode services and applications from accessing critical areas of the operating system that they should not have access to.
The executive interfaces with all the user mode subsystems. It deals with I/O, object management, security and process management. It contains various components, including:
- Object manager: a special executive subsystem that all other executive subsystems must pass through to gain access to Windows 2000 resources. This is essentially a resource management infrastructure service that allows Windows 2000 to be an object oriented operating system.
- I/O Manager: allows devices to communicate with user-mode subsystems by translating user-mode read and write commands and passing them to device drivers.
- Security Reference Monitor (SRM): the primary authority for enforcing the security rules of the security integral subsystem.[16]
- IPC Manager: short for Interprocess Communication Manager, manages the communication between clients (the environment subsystem) and servers (components of the executive).
- Virtual Memory Manager: manages virtual memory, allowing Windows 2000 to use the hard disk as a primary storage device (although strictly speaking it is secondary storage).
- Process Manager: handles process and thread creation and termination
- PnP Manager: handles Plug and Play and supports device detection and installation at boot time.
- Power Manager: the power manager coordinates power events and generates power IRPs.
- The display system is handled by a device driver contained in Win32k.sys. The Window Manager component of this driver is responsible for drawing windows and menus while the GDI (Graphics Device Interface) component is responsible for tasks such as drawing lines and curves, rendering fonts and handling palettes.
The Windows 2000 Hardware Abstraction Layer, or HAL, is a layer between the physical hardware of the computer and the rest of the operating system. It was designed to hide differences in hardware and therefore provide a consistent platform to run applications on. The HAL includes hardware specific code that controls I/O interfaces, interrupt controllers and multiple processors.
The hybrid kernel sits between the HAL and the executive and provides multiprocessor synchronization, thread and interrupt scheduling and dispatching, trap handling and exception dispatching. The hybrid kernel often interfaces with the process manager[17] and is responsible for initialising device drivers at bootup that are necessary to get the operating system up and running.
Common functionality
Windows 2000 introduced many of the Windows 98 new features into the NT line, such as, the Windows Desktop Update, Windows Driver Model, Internet Connection Sharing, Windows Media Player, WebDAV support etc. Certain features are common across all editions of Windows 2000, among them being NTFS 3.0,[5] the Microsoft Management Console (MMC), the Encrypting File System (EFS), dynamic and basic disk storage, usability enhancements and multi-language and locale support. Windows 2000 also has several system utilities included as standard. As well as these features, Microsoft introduced a new feature to protect critical system files, called Windows File Protection. This prevents programs (with the exception of Microsoft's update programs) from replacing critical Windows system files and thus making the system inoperable.[18]
Microsoft recognized that the infamous Blue Screen of Death (or stop error) could cause serious problems for servers that needed to be constantly running and so provided a system setting that would allow the server to automatically reboot when a stop error occurred. Also included is an option to dump any of the first 64 KB of memory to disk (the smallest amount of memory that is useful for debugging purposes, also known as a minidump), a dump of only the kernel's memory, or a dump of the entire contents of memory to disk, as well as write that this event happened to the Windows 2000 event log. In order to improve performance on computers running Windows 2000 as a server operating system, Microsoft gave administrators the choice of optimizing the operating system's memory and processor usage patterns for background services or for applications. Windows 2000 also introduced such technologies as the Windows Installer, Windows Management Instrumentation, OpenType PostScript fonts (.OTF) and the Data protection API (DPAPI) into the operating system.
Improvements to Windows Explorer
The Windows Explorer received a number of enhancements in Windows 2000. It was the first Windows NT release to include Active Desktop, a component first introduced as a part of Internet Explorer 4.0, and only pre-installed in Windows 98 by that time. Renamed in Windows 2000 as "Windows Desktop Update" [19], it allowed the users to customize the way folders look and behave by using HTML templates, having the file extension HTT. This feature had been abused by computer viruses that employed malicious scripts, Java applets, or ActiveX controls in folder template files as their infection vector. Two such viruses are VBS/Roor-C[20] and VBS.Redlof.a.[21]
The "Web-style" folders view, with the left Explorer pane displaying details for the object currently selected, is turned on by default in Windows 2000. For certain file types, such as pictures and media files, the preview is also displayed in the left pane. Until the dedicated interactive preview pane appeared in Windows Vista, Windows 2000 had been the only Windows release to feature an interactive media player as the previewer for sound and video files. However, such a previewer can be enabled in Windows Me and Windows XP through the use of third-party shell extensions, as the extensibility of the updated Windows Explorer allows for custom thumbnail previewers and tooltip handlers. The default file tooltip displays file title, author, subject and comments;[22] these metadata may be read from a special NTFS stream, in case the file is located on an NTFS volume, or from an OLE structured storage stream, in case the file is a structured storage document. All Microsoft Office documents since Office 95 [23] are stored in structured storages, so that their metadata are displayable in Windows 2000 Explorer default toolip.
The right pane of Windows 2000 Explorer, usually just listing files and folders, can also be customized; for example, the contents of the system folders aren't displayed by default, instead showing in the right pane a cautionary message telling the user that modifying the contents of the system folders could harm their computer. It's possible to define additional Explorer panes by using DIV elements in folder template files [19] Other Explorer UI elements that can be customized include columns in "Details" view, icon overlays, and search providers: the new DHTML-based search pane is integrated into Windows 2000 Explorer, unlike the separate search dialog found in all previous Explorer versions. This degree of customizability is new to Windows 2000; neither Windows 98 nor the Desktop Update could provide it.[24]
NTFS 3.0
Microsoft released the version 3.0 of the NTFS file system[5] (sometimes incorrectly referred to as NTFS 5 in relation to the kernel version number) — as part of Windows 2000; this introduced disk quotas, file-system-level encryption, sparse files and reparse points. Sparse files allow for the efficient storage of data sets that are very large yet contain many areas that only have zeroes. Reparse points allow the object manager to reset a file namespace lookup and let file system drivers implement changed functionality in a transparent manner. Reparse points are used to implement volume mount points, junctions, Hierarchical Storage Management, Native Structured Storage and Single Instance Storage. Volume mount points and directory junctions allow for a file to be transparently referred from one file or directory location to another.
Encrypting File System
The Encrypting File System (EFS) introduced strong file system-level encryption to Windows. It allows any folder or drive on an NTFS volume to be encrypted transparently by the end user. EFS works in conjunction with the EFS service, Microsoft's CryptoAPI and the EFS File System Runtime Library (FSRTL). As of May 2007, its encryption has not been compromised.
EFS works by encrypting a file with a bulk symmetric key (also known as the File Encryption Key, or FEK), which is used because it takes a relatively smaller amount of time to encrypt and decrypt large amounts of data than if an asymmetric key cipher is used. The symmetric key that is used to encrypt the file is then encrypted with a public key that is associated with the user who encrypted the file, and this encrypted data is stored in the header of the encrypted file. To decrypt the file, the file system uses the private key of the user to decrypt the symmetric key that is stored in the file header. It then uses the symmetric key to decrypt the file. Because this is done at the file system level, it is transparent to the user.[25]
In case of a user losing access to their key, support for recovery agents that can decrypt files is built in to EFS.
Basic and dynamic disk storage
Windows 2000 introduced the Logical Disk Manager for dynamic storage. All versions of Windows 2000 support three types of dynamic disk volumes (along with basic storage): simple volumes, spanned volumes and striped volumes:
- Simple volume, a volume with disk space from one disk.
- Spanned volumes, where multiple disks (up to 32) show up as one, increasing it in size but not enhancing performance. When one disk fails, the array is destroyed. Some data may be recoverable. This corresponds to JBOD and not to RAID-1.
- Striped volumes, also known as RAID-0, store all their data across several disks in stripes. This allows better performance because disk read and writes are balanced across multiple disks.
Windows 2000 also added support for the iSCSI protocol.
Accessibility support
Microsoft made an effort to increase the usability of Windows 2000 over Windows NT 4.0 for people with visual and auditory impairments and other disabilities. They included several utilities designed to make the system more accessible, although many of these accessibility features were already available with previous versions of Windows:
- FilterKeys: These are a group of keyboard related features for people with typing issues, and include:
- SlowKeys: Ignore keystrokes that are not held down for a certain time period.
- BounceKeys: Multiple keystrokes to one key to be ignored within a certain timeframe.
- RepeatKeys: allows users to slow down the rate at which keys are repeated via the keyboard's keyrepeat feature.
- ToggleKeys: when turned on, Windows will play a sound when either the CAPS LOCK, NUM LOCK or SCROLL LOCK keys are pressed.
- MouseKeys: allows the cursor to be moved around the screen via the numeric keypad instead of the mouse.
- On-screen keyboard: allows users to use a mouse to use the keyboard and enter on-screen keyboard characters.
- SerialKeys: gives Windows 2000 the ability to support speech augmentation devices.
- StickyKeys: makes modifier keys (ALT, CTRL and SHIFT) become "sticky" — in other words a user can press the modifier key, release that key and then press the combination key. Normally the modifier key must remain pressed down to activate the sequence (Activated by pressing Shift 5 times quickly).
- On screen magnifier: A screen magnifier that assists users with visual impairments by magnifying the part of the screen they place their mouse over.
- Narrator: Microsoft Narrator, introduced in Windows 2000, assists users with visual impairments with system messages, as when these appear the narrator will read this out via the sound system.
- High contrast theme: to assist users with visual impairments.
- SoundSentry: designed to help users with auditory impairments, Windows 2000 will show a visual effect when a sound is played through the sound system.
Language and locale support
Windows 2000 has support for many languages other than English. It supports Arabic, Armenian, Baltic, Central European, Cyrillic, Georgian, Greek, Hebrew, Indic, Japanese, Korean, Simplified Chinese, Thai, Traditional Chinese, Turkic, Vietnamese and Western European languages.[26] It also has support for many different locales, a list of which can be found on Microsoft's website.
Games support
Windows 2000 included version 7.0 of the DirectX API, commonly used by game developers on Windows 98.[27] The last supported version of DirectX that Windows 2000 supports is DirectX 9.0c (Shader Model 3.0), the same version as the one shipped with Windows XP Service Pack 2.[28] The majority of games written for recent versions of DirectX could therefore run on Windows 2000, in contrast to Windows NT 4.0, which only provided support for DirectX 3.0.
System utilities
Windows 2000 introduced the Microsoft Management Console (MMC), which is used to create, save, and open administrative tools. Each of the tools is called a console, and most consoles allow an administrator to administer other Windows 2000 computers from one centralised computer. Each console can contain one or many specific administrative tools, called snap-ins. Snap-ins can be either standalone (performs one function), or extensions (adds functionality to an existing snap-in). In order to provide the ability to control what snap-ins can be seen in a console, the MMC allows consoles to be created in author mode or created in user mode. Author mode allows snap-ins to be added, new windows to be created, all portions of the console tree can be displayed and for consoles to be saved. User mode allows consoles to be distributed with restrictions applied. User mode consoles can have full access granted user so they can make whatever changes they desire, can have limited access so that users cannot add to the console but they can view multiple windows in a console, or they can have limited access so that users cannot add to the console and also cannot view multiple windows in a console.[29]
The main tools that come with Windows 2000 can be found in the Computer Management console (found in Administrative Tools in the Control Panel). This contains the Event Viewer — a means of seeing events and the Windows equivalent of a log file, a system information utility, a backup utility, a task scheduler and management consoles to view open shared folders and shared folder sessions, configure and manage COM+ applications, configure Group policy, manage all the local users and user groups, and a device manager. It also contains a disk management snap-in, a Removable Storage snap-in, a disk defragmenter as well a performance diagnostic console, which displays graphs of system performance and configures data logs and alerts. Lastly, it also contains a service configuration console, which allows users to view all installed services and to stop and start them on demand, as well as configure what those services should do when the computer starts.
Windows 2000 comes bundled with two utilities to edit the Windows registry, REGEDIT.EXE and REGEDT32.EXE. REGEDIT.EXE was directly ported from Windows 98, and therefore does not support editing registry permissions. REGEDT32.EXE has the older multiple document interface (MDI) and can edit registry permissions in the same manner that Windows NT's REGEDT32.EXE program could. REGEDIT.EXE has a left-side tree view of the Windows registry, lists all loaded hives and represents the three components of a value (its name, type, and data) as separate columns of a table. REGEDT32.EXE has a left-side tree view, but each hive has its own window, so the tree displays only keys and it represents values as a list of strings. REGEDIT.EXE supports right-clicking of entries in a tree view to adjust properties and other settings. REGEDT32.EXE requires all actions to be performed from the top menu bar. Windows XP was the first system to integrate these two programs into a single utility, adopting the REGEDIT.EXE behavior with the additional NT functionality.
The System File Checker (SFC) also comes bundled with Windows 2000. It is a command line utility that scans system files and verifies whether they were signed by Microsoft and works in conjunction with the Windows File Protection mechanism. It can also repopulate and repair all the files in the Dllcache folder.[30]
Recovery Console
The Recovery Console is an application that is run from outside the installed copy of Windows and that enables a user to perform maintenance tasks that cannot be run from inside of the installed copy, or cannot be feasibly run from another computer or copy of Windows 2000. It is usually used to recover the system from errors causing booting to fail, which would render other tools useless.
It presents itself as a simple command line interface. The commands are limited to ones for checking and repairing the hard drive(s), repairing boot information (including NTLDR), replacing corrupted system files with fresh copies from the CD, or enabling/disabling services and drivers for the next boot.
The console can be accessed in one of two ways:
- Starting from the Windows 2000 CD, and choosing to enter the Recovery Console instead of continuing with setup, or
- Installing the Recovery Console via Winnt32.exe, with the /cmdcons switch. However, the console can then only be used if the system boots to the point where NTLDR can start it.
Server family functionality
The Windows 2000 server family consists of Windows 2000 Server, Windows 2000 Advanced Server and Windows 2000 Datacenter Server.
All editions of Windows 2000 Server have the following services and functionality built-in:
- Routing and Remote Access Service (RRAS) support, facilitating dial-up and VPN connections, support for RADIUS authentication, network connection sharing, Network Address Translation, unicast and multicast routing schemes.
- DNS server, including support for Dynamic DNS. Active Directory relies heavily on DNS.
- IPsec support and TCP/IP filtering
- Smart card support
- Microsoft Connection Manager Administration Kit (CMAK) and Connection Point Services
- Support for distributed file systems (DFS)
- Hierarchical Storage Management support, a service that runs in conjunction with NTFS that automatically transfers files that are not used for some period of time to less expensive storage media
- Fault tolerant volumes, namely it supports Mirrored and RAID-5
- Group policy (part of Active Directory)
- IntelliMirror, a collection of technologies for fine-grained management of Windows 2000 Professional desktops (Roaming profiles, MSMQ 2.0, Offline files (also known as Client Side Caching or CSC), TAPI 3.0, COM+ and MTS application host, software installation, settings management).
- Kerberos authentication
- MS-CHAP v2 protocol
- Public Key Infrastructure (PKI) support
- Terminal Services and support for the Remote Desktop Protocol (RDP)
- Internet Information Services (IIS) 5.0
The Server editions include more features and components, including the Microsoft Distributed File System (DFS), Active Directory support and fault tolerant storage.
Distributed File System
The Distributed File System, or DFS, allows shares in multiple different locations to be logically grouped under one folder, or DFS root. When users try to access a share that exists off the DFS root, the user is really looking at a DFS link and the DFS server transparently redirects them to the correct file server and share. A DFS root can only exist on a Windows 2000 version that is part of the server family, and only one DFS root can exist on that server.
There can be two ways of implementing DFS on Windows 2000: through standalone DFS, or through domain-based DFS. Standalone DFS allows for only DFS roots that exist on the local computer, and thus does not use Active Directory. Domain-based DFS roots exist within Active Directory and can have their information distributed to other domain controllers within the domain — this provides fault tolerance to DFS. DFS roots that exist on a domain must be hosted on a domain controller or on a domain member server. The file and root information is replicated via the Microsoft File Replication Service (FRS).[31]
Active Directory
A new way of organizing Windows network domains, or groups of resources, called Active Directory, was introduced with Windows 2000 and obsoleted Windows NT's traditional domain model. Active Directory's hierarchical nature allowed administrators a built-in way to manage user and computer policies, user accounts, and to automatically deploy programs and updates with a greater degree of scalability and centralization than provided in previous Windows versions. It is one of the main reasons many corporations migrated to Windows 2000. User information stored in Active Directory also provided a convenient phone book-like function to end users. Active Directory domains can vary from small installations with a few hundred objects, to large installations with millions of objects. Active Directory contains the ability to organise and link groups of domains into a contiguous domain name space to form trees. Groups of trees existing outside of the same namespace can be linked together to form forests.
Active Directory services could only be installed on a Windows 2000 Server, Advanced Server, or Datacenter Server computer, and cannot be installed on a Windows 2000 Professional computer. However, Windows 2000 Professional was the first client operating system able to exploit Active Directory's new functionality. As part of an organization's migration, Windows NT clients continued to function until all clients were upgraded to Windows 2000 Professional, at which point the Active Directory domain could be switched to native mode and maximum functionality achieved.
Active Directory requires a DNS server that supports SRV resource records, or that an organization's existing DNS infrastructure be upgraded to support this functionality. It also requires that one or more domain controllers exist to hold the Active Directory database and provide Active Directory directory services.
Volume fault tolerance
Along with support for simple, spanned and striped volumes, the server family of Windows 2000 also supports fault tolerant volume types. The types supported are mirrored volumes and RAID-5 volumes:
- Mirrored volumes: the volume contains several disks, and when data is written to one it is also written to the other disks. This means that if one disk fails, the data can be totally recovered from the other disk. Mirrored volumes are also known as RAID-1.
- RAID-5 volumes: a RAID-5 volume consists of multiple disks, and it uses block-level striping with parity data distributed across all member disks. Should a disk fail in the array, the parity blocks from the surviving disks are combined mathematically with the data blocks from the surviving disks to reconstruct the data on the failed drive "on-the-fly".
Editions
Microsoft released various versions of Windows 2000 to cater to different markets and business needs. It released Windows 2000 Professional, Windows 2000 Server, Windows 2000 Advanced Server and Windows 2000 Datacenter Server:
- Windows 2000 Professional was designed as the desktop operating system for businesses and power users. It is the basic unit of Windows 2000, and the most common. It offers greater security and stability than many of the previous Windows desktop operating systems. It supports up to two processors, and can address up to 4 GB of RAM. The system requirements were a Pentium Processor @133 MHz or greater, at least 64 MB of RAM, 650 MB of hard drive space, and a CD-ROM drive (recommended: Pentium II, 128 MB of RAM, 1 GB of hard drive space, and CD-ROM drive).
- Windows 2000 Server products share the same user interface with Windows 2000 Professional, but contain additional components for running infrastructure and application software. A significant component of the server products is Active Directory, which is an enterprise-wide directory service based on LDAP. Additionally, Microsoft integrated Kerberos network authentication, replacing the often-criticised NTLM authentication system used in previous versions. This also provided a purely transitive-trust relationship between Windows 2000 domains in a forest (a collection of one or more Windows 2000 domains that share a common schema, configuration, and global catalogue, being linked with two-way transitive trusts). Furthermore, Windows 2000 introduced a DNS server which allows dynamic registration of IP addresses.
- Windows 2000 Advanced Server is a variant of Windows 2000 Server operating system designed for medium-to-large businesses. It offers clustering infrastructure for high availability and scalability of applications and services, including main memory support of up to 8 gigabytes (GB) on Physical Address Extension (PAE) systems and the ability to do 8-way SMP. It has support for TCP/IP load balancing and enhanced two-node server clusters based on the Microsoft Cluster Server (MSCS) in the Windows NT Server 4.0 Enterprise Edition.[32] A limited edition 64-bit version of Windows 2000 Advanced Server was made available via the OEM Channel. It also supports failover and load balancing.
- Windows 2000 Datacenter Server is a variant of the Windows 2000 Server that is designed for large businesses that move large quantities of confidential or sensitive data frequently via a central server. As with Advanced Server, it supports clustering, failover and load balancing. Its minimum system requirements are normal, but it was designed to be capable of handing more advanced hardware - for instance it was capable of supporting computers with up to 32 CPUs and 64 GBs RAM. A limited edition 64-bit version of Windows 2000 Datacenter Server was made available via the OEM Channel.
Deployment
Windows 2000 can be deployed to a site via various methods. It can be installed onto servers via traditional media (such as via CD) or via distribution folders that reside on a shared folder. Installations can be attended or unattended. An attended installation requires the manual intervention of an operator to choose options when installing the operating system. Unattended installations are scripted via an answer file, or predefined script in the form of an INI file that has all the options filled in already. An answer file can be created manually or using the graphical Setup manager. The Winnt.exe or Winnt32.exe program then uses that answer file to automate the installation. Unattended installations can be performed via a bootable CD, using Microsoft Systems Management Server (SMS), via the System Preparation Tool (Sysprep), via running the Winnt32.exe program using the /syspart switch or via running Remote Installation Services (RIS).
The Sysprep method is started on a standardised reference computer — though the hardware need not be similar — and it copies the required installation files from the reference computer's hard drive to the target computer's hard drive. The hard drive does not need to be in the target computer and may be swapped out to it at any time, with hardware configuration still needing to be done later. The Winnt.exe program must also be passed a /unattend switch that points to a valid answer file and a /s file to point to the location of one or more valid installation sources.
Sysprep allows the duplication of a disk image on an existing Windows 2000 Server installation to multiple servers. This means that all applications and system configuration settings will be copied across to the new Windows 2000 installations, but it also means that the reference and target computers must have the same HALs, ACPI support, and mass storage devices — though Windows 2000 automatically detects Plug and Play devices. The primary reason for using Sysprep is for deploying Windows 2000 to a site that has standard hardware and that needs a fast method of installing Windows 2000 to those computers. If a system has different HALs, mass storage devices or ACPI support, then multiple images would need to be maintained.
Systems Management Server can be used to upgrade system to Windows 2000 to multiple systems. Those operating systems that can be upgraded in this process must be running a version of Windows that can be upgraded (Windows NT 3.51, Windows NT 4.0, Windows 98 and Windows 95 OSR2.x) and those versions must be running the SMS client agent that can receive software installation operations. Using SMS allows installations to happen over a wide geographical area and provides centralised control over upgrades to systems.
Remote Installation Services (RIS) are a means to automatically install Windows 2000 Professional (and not Windows 2000 Server) to a local computer over a network from a central server. Images do not have to support specific hardware configurations and the security settings can be configured after the computer reboots as the service generates a new unique security ID (SID) for the machine. This is required so that local accounts are given the right identifier and do not clash with other Windows 2000 Professional computers on a network.[33] RIS requires that client computers are able to boot over the network via either a network interface card that has a Pre-Boot Execution Environment (PXE) boot ROM installed or that it has a network card installed that is supported by the remote boot disk generator. The remote computer must also meet the Net PC specification. The server that RIS runs on must be Windows 2000 Server and the server must be able to access a network DNS Service, a DHCP service and the Active Directory services.[34]
Total cost of ownership
In October 2002, Microsoft commissioned IDC to determine the total cost of ownership (TCO) for enterprise applications on Windows 2000 versus the TCO of Linux on the same enterprise applications. IDC looked at security and other infrastructure tasks, and Web Serving. According to the report, Windows 2000 had a lower TCO for four infrastructure items and Linux had a lower TCO for web serving. IDC's report was based on telephone interviews of IT executives and managers of 104 North American companies in which they determined what they were using for a specific workload for file, print, security and networking services.
IDC determined that the four areas where Windows 2000 had a better TCO than Linux — over a period of five years for an average organization of 100 employees — were in the use of file, print, network infrastructure and security infrastructure. They determined, however, that Linux had a better TCO than Windows 2000 when it came to web serving. The report also found that the greatest cost was not in the procurement of software and hardware, but in staffing costs and downtime. The report did not take into consideration the impact of downtime to the profitability of the business (although they did apply a 40% productivity factor, in order to recognize that employees are not entirely unproductive during periods of IT infrastructure downtime) though it did find that Linux servers had less unplanned downtime than Windows 2000 Servers. They found that most Linux servers ran less workload per server than Windows 2000 servers and also found that none of the businesses they interviewed used 4-way SMP Linux computers. IDC also did not take into account specific application servers — servers that need low maintenance and are provided by a specific vendor — when they performed their study. The report did emphasise that TCO was only one factor in considering whether to use a particular IT platform, and also noted that as management and server software improved and became better packaged the overall picture that was being shown in their report could change.[35]
Current Status
Windows 2000 has now been superseded by newer Microsoft operating systems. Microsoft replaced Windows 2000 Server products with Windows Server 2003, and Windows 2000 Professional with Windows XP Professional. The Windows 2000 family of operating systems moved from mainstream support to the extended support phase on June 30, 2005. Microsoft says that this marks the progression of Windows 2000 through the Microsoft Lifecycle policy. Under the extended support phase, Microsoft continues to provide critical security updates on a monthly basis and pay per incident telephone support. However, free technical support and design changes are no longer provided. Because of its old age, Microsoft is not offering current components such as Internet Explorer 7 for Windows 2000. They claim that IE 7 is reliant on security features designed only for Windows XP Service Pack 2 and Windows Vista, and is thus non-trivial to port back to the Windows 2000 platform.[36] Microsoft is strongly advising all businesses still running Windows 2000 to consider upgrading their operating system to Windows Server 2003 or Windows Vista for increased security. All Windows 2000 support including security updates will be terminated on July 13, 2010.[3][4]
Throughout its life, Windows 2000 has received four full service packs and one rollup update package following SP4, which is the latest service pack for Windows 2000. These were: Service Pack 1 (SP1) on August 15 2000, Service Pack 2 (SP2) on May 16 2001, Service Pack 3 (SP3) on August 29 2002 and its last Service Pack (SP4) on June 26 2003. Microsoft phased out all development of their Java Virtual Machine (JVM) from Windows 2000 in Service Pack 3. Many Windows 2000 users were hoping for a Windows 2000 Service Pack 5, but Microsoft cancelled this project early on in its development, and instead released Update Rollup 1 for Service Pack 4 which is a collection of all the security-related hotfixes and some other significant issues. The Update Rollup, however, does not include all non-security related hotfixes and is not subjected to the same extensive regression testing as a full service pack. Microsoft states that this update will meet customers needs better than a whole new service pack, and will still help Windows 2000 customers secure their PCs, reduce support costs, and allow their systems to support the current generation of computer hardware.[37]
Security criticisms
A number of potential security issues have been noted in Windows 2000. A common complaint is that "by default, Windows 2000 installations contain numerous potential security problems. Many unneeded services are installed and enabled, and there is no active local security policy".[38] In addition to the choice of insecure defaults, according to the SANS Institute, the most common flaws found in the OS are remotely exploitable buffer overflow vulnerabilities.[39] Other flaws in the operating system that have received criticism include the use of vulnerable encryption techniques.[40]
Computer worms first came into the public spotlight during the period where Windows 2000 was the dominant server operating system. Code Red and Code Red II were famous (and highly visible to the worldwide press) worms that exploited vulnerabilities of the Windows Indexing Service of Windows 2000s Internet Information Services (IIS). In August 2003, two major worms named the Sobig worm and the Blaster worm began to attack millions of Microsoft Windows computers, resulting in the largest down-time and clean-up cost to that date. The 2005 Zotob worm was blamed for security compromises on Windows 2000 machines at Homeland Security, the New York Times, ABC and CNN.[41]
See also
- Comparison of operating systems
- Microsoft Servers
- Windows NT Startup Process
- DEC Multia - Windows 2000 Beta ran on Alpha-PUs
Notes and references
- Notes
- ^ "Enterprise Source Licensing Program". Microsoft. Retrieved 2007-04-05.
- ^ http://support.microsoft.com/kb/891861
- ^ a b "Windows 2000 Transitions to Extended Support".
- ^ a b "Microsoft Product Lifecycle for Windows 2000 family".
- ^ a b c "New Capabilities and Features of the NTFS 3.0 File System".
- ^ "Microsoft and CyberSafe Extend Windows 2000 Security Across the Enterprise" (Press release). Microsoft. January 17 2000. Retrieved 2006-09-17.
{{cite press release}}
: Check date values in:|date=
(help); Cite has empty unknown parameter:|1=
(help) - ^ Trott, Bob (October 27 1998). "It's official: NT 5.0 becomes Windows 2000". infoWorld. Retrieved 2006-04-22.
{{cite web}}
: Check date values in:|year=
(help)CS1 maint: year (link) - ^ "Windows 2000 history". ActiveWin. Retrieved 2006-04-22.
- ^ Bugfest! Win2000 has 63,000 'defects' February 14, 2000
- ^ Mary Jo Foley: The Exit Interview September 20, 2006
- ^ InformationWeek, December 28, 1999, "Special Report"
- ^ Wired News, November 2000, "The Truth, The Whole Truth, and Nothing But The Truth"
- ^ "NDS eDirectory vs. Microsoft Active Directory?". Novell. November 17 1999. Retrieved 2006-04-22.
{{cite web}}
: Check date values in:|year=
(help)CS1 maint: year (link)NDS eDirectory is a cross-platform directory solution that works on NT 4.0, Windows 2000 when available, Solaris and NetWare 5. Active Directory will only support the Windows 2000 environment. In addition, eDirectory users can be assured they are using the most trusted, reliable and mature directory service to manage and control their e-business relationships — not a 1.0 release.
- ^ a b "Statement from Microsoft Regarding Illegal Posting of Windows 2000 Source Code". Microsoft. February 20 2004. Retrieved 2007-01-11.
{{cite web}}
: Check date values in:|year=
(help)CS1 maint: year (link) - ^ "Appendix D - Running Nonnative Applications in Windows 2000 Professional". Microsoft Windows 2000 Professional Resource Kit. Microsoft.
- ^ Microsoft. "Active Directory Data Storage".
- ^ Inside Microsoft Windows 2000 (Third Edition). Microsoft Press.
- ^ "Microsoft KB article 222193: Description of the Windows File Protection Feature".
- ^ a b Esposito, Dino (June 2000), More Windows 2000 UI Goodies: Extending Explorer Views by Customizing Hypertext Template Files, MSDN Magazine, retrieved 2007-08-26
- ^ Sophos, VBS/Roor-C threat analysis. Accessed 2007-08-26.
- ^ "Virus.VBS.Redlof.a". Virus Encyclopedia. Viruslist.com. January 15, 2004. Retrieved 2007-08-26.
- ^ Windows 2000 Registry: Latest Features and APIs Provide the Power to Customize and Extend Your Apps, MSDN Magazine, November 2000, retrieved 2007-08-26
- ^ Kindel, Charlie (August 27, 1993), OLE Property Sets Exposed, MSDN Magazine, retrieved 2007-08-26
- ^ "Figure 1 Windows Shell Extensions", MSDN Magazine, June 2000, retrieved 2007-08-26
- ^ "Encrypting File System". Microsoft.
- ^ Microsoft Support KB 292264: List of Languages Supported in Windows 2000, Windows XP and Windows Server 2003.
- ^ Ask the Windows 2000 Dev Team.
- ^ However, as of mid-2007, Microsoft continues to publish bimonthly minor updates to DirectX 9.0c files; these updates do not advance the overall DirectX version number.
- ^ Microsoft Press (2000). MCSE 70-210, Microsoft Windows 2000 Professional, pages 58-63.
- ^ "Microsoft KB article 222471: Description of the Windows 2000 System File Checker (Sfc.exe)".
- ^ "Microsoft KB article 812487: Overview of DFS in Windows 2000".
- ^ Microsoft. Windows 200 Resource Kit, Chap. 1, "Introducing Windows 2000 Deployment Planning".
- ^ Mark Minasi. Installing Windows 2000 On Workstations with Remote Installation Services.
- ^ Microsoft Press (2000). MCSE 70-210, Microsoft Windows 2000 Professional, pages 543-551.
- ^ "Windows 2000 Versus Linux in Enterprise Computing", IDC.
- ^ "Windows 2000 users to miss out on IE 7". news.com. Retrieved 2007-01-11.
- ^ "Windows 2000 Update Rollup 1 for Service Pack 4". Microsoft. Retrieved 2006-09-27.
- ^ "governmentsecurity.org".
- ^ "SANS Institute".
- ^ Wired News, May, 16, 2000, "Critics Blast MS Security"
- ^ Wired News, April 12, 2006, "Border Security System Left Open"
- References
- Bolosky, William J.; Corbin, Scott; Goebel, David; & Douceur, John R. "Single Instance Storage in Windows 2000". Microsoft Research & Balder Technology Group, Inc. (white paper).
- Bozman, Jean; Gillen, Al; Kolodgy, Charles; Kusnetzky, Dan; Perry, Randy; & Shiang, David (October 2002). "Windows 2000 Versus Linux in Enterprise Computing: An assessment of business value for selected workloads". IDC, sponsored by Microsoft Corporation. White paper.
- Finnel, Lynn (2000). MCSE Exam 70-215, Microsoft Windows 2000 Server. Microsoft Press. ISBN 1-57231-903-8.
- Microsoft. Running Nonnative Applications in Windows 2000 Professional. Windows 2000 Resource Kit. Retrieved May 4 2005.
- Microsoft. "Active Directory Data Storage". Retrieved May 9 2005.
- Minasi, Mark (1993). Installing Windows 2000 of Mastering Windows 2000 Server. Sybex. Chapter 3 — Installing Windows 2000 On Workstations with Remote Installation Services.
- Russinovich, Mark (October 1997). "Inside NT's Object Manager". Windows IT Pro.
- Russinovich, Mark (2002). "Inside Win2K NTFS, Part 1". Windows IT Pro (formerly Windows 2000 Magazine).
- Saville, John (January 9 2000). "What is Native Structure Storage?". Windows IT Pro (formerly Windows 2000 Magazine).
- Siyan, Kanajit S. (2000). "Windows 2000 Professional Reference". New Riders. ISBN 0-7357-0952-1.
- Salomon, David; & Russinovich, Mark E. (2000). Inside Microsoft Windows 2000 (Third Edition). Microsoft Press. ISBN 0-7356-1021-5.
- Tanenbaum, Andrew S. (2001), Modern Operating Systems (2nd Edition), Prentice-Hall
- Trott, Bob (October 27 1998). "It's official: NT 5.0 becomes Windows 2000". InfoWorld.
- Wallace, Rick (2000). MCSE Exam 70-210, Microsoft Windows 2000 Professional. Microsoft Press. ISBN 1-57231-901-1.
External links
- Windows 2000 official product page
- Windows 2000 Professional feature list
- Windows 2000 Server Family
- Windows 2000 Server information at Technet
- Official support page
- Windows 2000 Transitions to Extended Support.
- The Road to Gold: Development of Windows 2000