How I may help
LinkedIn Profile Email me!
Call me using Skype client on your machine

Reload this page Configuring Microsoft Windows Servers

Here are notes on the intricacies behind each step toward configuring Microsoft's Windows 2008, 2003, 2000, NT4 in a corporate data center. (I'm not done updating this for Windows 2008 yet). All topics are in this one large file for quick searches through all topics.

 

Topics this page:

  • Preparations

  • First Logon

  • Component Config
  • Lock Down Server

  • Dfs

  • Storage

  • Boot-up Tweeks

  • Start-up Tweeks

  • Remote Access

  • Printers

  • Novell Interop

  • Apple Interop

  • UNIX Interop

  • Your comments???

  •  

    Site Map List all pages on this site 
    About this site About this site 
    Go to first topic Go to Bottom of this page


    Set this at top of window. Preparation - Backup

      Before you mess with the server after installation, consider taking a full backup so that you don't have to waste time installing again in case you make a fatal mistake during configuration.


    Go to Top of this page.
    Previous topic this page
    Next topic this page

    Set this at top of window. Upon First Logon

      Use the Administrator account/password to logon.

    1. Create a regular user account.
    2. Before you run install any applications:

    3. High Contrast
    4. If you chose Accessiblity, the screen will be white and IE will display large font selections. To unselect this mode, unselect "Use High Contrast" in Programs | Accessories | Accessiblity | Magnifier.

    5. Turn off Vista/2008 UAC

    Go to Top of this page.
    Previous topic this page
    Next topic this page

    1. Configure
    2. Smart-X CoreConfigurator (orginally created by Guy Teverovsky before he joined Microsoft) provides a GUI to configure Windows Server 2008 Server R2 Core minimal install.
    3. Enable Windows File Protection
    4. While you still have the Installation CD in the tray, populate the %systemroot% \System32 \Dllcache folder with the driver catalog needed by Microsoft's SFC (System File Checker) utility:
        SFC /SCANNOW /ENABLE

      Once enabled, files are protected by being re-written (from the install CD) when a change to the file is detected.

    5. SFCList utility enumerates the thousands of files protected by SFC.
        sfclist -l >sfclist.txt

    6. Enable Legacy Plug and Play Support
    7. If a Plug and Play device driver is contained in the DRIVER.CAB file within the %systemroot%\ Driver Cache\i386 folder, it will be automatically installed on startup.

      If the driver is not contained in the DRIVER.CAB file, the Add/Remove Hardware Wizard starts automatically.

      For example, if you want to install an Iomega Parallel port or other such device, go to Device Manager, Port Settings tab, select the “Enable Legacy Plug And Play Detection” check box.

      Install scanners and cameras from Control Panel | Scanners and Cameras snap-in | Wizard.

      Legacy adapters require System resources: memory and I/O ranges, direct memory access (DMA), and interrupt requests (IRQs)another page on this site.

    8. Verify Drivers
    9. To verify whether drivers are functioning properly:
      1. run the Driver Verifier Manager utility:
          VERIFIER.EXE
      2. screen captured Click the GUI's Settings tab and “Preferred Settings” to FLAG the type and IOLEVEL of verification to perform
      3. Click Apply to write the preferences to the Registry
      4. Reboot the machine
      5. Run the verifier using these command line switches:
          VERIFIER.EXE

    10. Validate Driver Signing
    11. To identify drivers not digitally signed (by Microsoft's WHQL), run the File Signature Verification utility GUI, which by default logs to file SIGVERIF.TXT:
        sigverif

      Unsigned files include c:\windows \system \spool \drivers \w32x86 \3

    12. Update Drivers
    13. To install modems and cameras, etc., instead of the old Add/Remove Hardware wizard (which requires a reboot), use the Device Manager MMC snap-in:
        devmgmt.msc /a
      First, Scan For Hardware Changes, then right-click on a device | Properties | Driver tab | Update Driver...

      Separate Integrated and Plug-in Audio Sound Cards

      If you have a sound card built into your motherboard but want to install a new sound card, first disable the “integrated” card in Device Manager (not CMOS), then install the new card and let Windows detect it.

      To receive analog audio output from the headphone jack on the CD-ROM drive, uncheck the "Enable Digital CD Audio For This CD-ROM Device" check box. To find this box, from the Properties menu of the CD-ROM drive, View the Properties, double-click the CD-ROM device in the Hardware tab of the Sounds And Multimedia Properties dialog box.

     

      .
     
    Go to Top of this page.

    1. Multiple Hardware Profiles
    2. Windows 2000 automatically creates two profiles - the Docked Profile and the Undocked Profile - when an operating system basic input/output system (BIOS) query detects a hardware manufacturer's dock ID and serial number. Through Plug and Play enumeration, the operating system automatically selects the correct hardware profile based on whether the portable computer is docked or undocked. Portable computers that are not fully Plug and Play compliant might require manual hardware profile creation.

      Create different Hardware Profiles if you want to boot-up with an alternative set of devices enabled or disabled (such as networking and stand-alone). To do this, obtain the System Properties dialog box two ways:

      1. Control Panel | System program
      2. Righ-click on the My Computer icon.

      In the System Properties dialog box, click the Hardware tab, Hardware Profiles button. In the Hardware Profiles dialog box, copy the default profile. Or, to configure how a hardware profile is selected on startup, configure a hardware profile by first starting the computer and selecting the profile to be configured. A copied profile contains the same device and service startup configuration as the original profile.

      After Windows 2000 has started, use Device Manager and the Services window to modify the profile's configuration. In Device Manager, access the properties of a device. On the General tab of the device's properties, select the Device Usage drop-down list box to specify whether the device is enabled for all profiles, disabled for the current profile, or disabled for all profiles. In the Services window, access the properties of a service. On the Log On tab, select the hardware profile appearing in the You Can Enable Or Disable This Service For The Hardware Profiles Listed Below check box. Then click Enable or Disable to change the state of the service for the selected profile.

     

     
    Go to Top of this page.

    1. Set this at top of window. APM or ACPI BIOS Checks
    2. Do this! Turn off APM to avoid problems with hard drives! APM settings are displayed and configured using the Control Panel Power Options applet.

      If a portable computer has an APM-based BIOS, test it for compatibility with Windows 2000 using the Advanced Power Management Status utility on the Windows 2000 Professional installation CD-ROM in the \Support\Tools\Support.cab file:

        APMSTAT.EXE
      Either individually extract APMSTAT.EXE from SUPPORT.CAB or run SETUP.EXE from the \Support\Tools folder to install all support utilities.

      Do this! If you have ACPI, check the webpage of your motherboard manufacturer another page on this site to see if an upgrade is needed for the new ACPI power management features in Windows 2000.

      ACPI is an advanced replacement for APM. To check if you have ACPI:

      • In Windows 2000 & XP, select Shutdown. You have ACPI support if “Standby” appears on the list.
      • In Windows 98, Settings | Control Panel | System applet | Hardware tab | Device Manager You have ACPI support if "Advanced Power Management support" appears on the list.

     

      ACPI power management functionality is automatically and fully managed by the operating system and Plug-and-Play hardware. Therefore, ACPI is controlled by the Device Manager MMCanother page on this site under the Computer node.

      ACPI support is provided by the ACPI.SYS driver and the ACPIEC.SYS embedded controller driver loaded in the %systemroot%\ System32 \Drivers folder.

      The HAL for a computer containing both ACPI and APIC hardware is upgradable to a multiprocessor system or downgradable to a uniprocessor system. This also applies to the hardware-specific HAL for a non-ACPI computer containing APIC hardware.

     
    Go to Top of this page.

    1. Install Critical Update Notification
    2. Microsoft's Windows 2000 Downloads keeps up-to-date on the latest service packs and Hot Fixes (Security Updates) for NT from Microsoft's FTP site.

      The Windows Update program is UPDMGR.EXE in %systemroot%\system32. It uses Microsoft's Active Setup and ActiveX controls.

      A member of the Administrator group installs this to create a scheduled task on the local computer to query the http://windowsupdate.microsoft.com/ website for patches applicable to the computer. Rather than the default 5 minutes, set it to run once a day when your computer is likely to be powered up (such as at 12:30pm when you're usually having lunch).

     

     
    Go to Top of this page.

    1. Confirm Windows version and memory
    2. There are two ways to obtain a pop-up containing the version of the operating system you're running and how much memory is available to it:
      • From Windows Explorer, click Help, About Windows. Or...
      • From Run... type winver.exe View resulting screen

      Instead of using the old NT4 utility Uptomp.exe, use the Windows 2000 Device Manager MMC.

      To use the System Information MMC snap-in, run this from the WINNT/System32 folder, which invokes MSINFO32.MSC from "Program files \common files \Microsoft shared \msinfo":

        winmsd.exe View resulting screen

      To use the DirectX Diagnostics for testing multimedia components, run:

        DXDIAG.EXE View resulting screen


    Go to Top of this page.

    1. Verify whether the machine is Keeping Time
    2. Scheduled tasksanother page on this site depend on the accuracy of the computer's clock. Make sure that the system clock is accurate.

    3. Change Administrator name
    4. This is a common security precaution. But write the new name and put it in a secure but accessible place so if you get "run over by a truck"...

    5. Personalize Menus
    6. If you don't want menu items being hidden, unselect default "Use Personalized Menus" in Settings | Task Bar & Start Menu...

     

     
    Go to Top of this page.

    1. Convert from FAT to NTFS Native Mode
    2. If you didn't select NTFS for a drive partition during installation, this command will enable several features (such as compression and EFSanother page on this site) not available with FAT drives:

        convert drive_letter: /fs:ntfs /v

      There is no going back, however.

    3. Upgrade from Basic to Dynamic Disks
    4. A basic disk use partitions. Conversion to dynamic disks is done only after Windows 2000 installation. Only dynamic disks are used for mirrored volumes.

    5. Upgrade NT4 Sets to Volumes
    6. After upgrading from NT4, mirror and stripped sets remain as sets and must be upgraded to volumes. Do this before there is a problem with them because Windows 2000 does not allow sets to be created, only volumes.

    7. Set Disk Compression
    8. NTFS drives are set for compression from right-clicking a drive within the Explorer, not an MMC.

     

      tool WindowBlinds GUI extension, and Object Desktop extension suite for Windows, from Stardock provides for customization of themes.

      Russ Cooper's NT Bug Traq.com is a mailing list for the discussion of security exploits and security bugs in Windows NT and its related applications.

     
    Go to Top of this page.

    1. Migrate or Create Shares


    2.  
      Folders can be shared on both FAT and NTFS partitions. If you're doing this from a remote computer (not physically at the server), use the Shared Folder MMC snap-in. Share Permissions another page on this site

      To migrate share definitions from a Windows NT 4.0 machine, use CLI Regedit to browse to its Registry key:

        HKEY_LOCAL_MACHINE \SYSTEM \CurrentControlSet \Services \LanmanServer \Shares
      Select the Shares key, click the Registry menu, and select Export Registry File to a .reg file on a diskette. Then import onto the Windows 2000 machine by double clicking on the file and select Merge. You then need to start and stop server services:
        Net Stop Server
        Net Start Server

      When a folder is shared, Caching is automatically enabled and set to "Manual Caching For Documents". Windows 2000 Professional clients pin shared files into a cache when they select them to "Make Available Offline" on the File menu in Windows Explorer.

      The CLI utility to create shares has slightly different syntax than the field headings in the Properties GUI:
      Properties NET SHARE
      Share Name \\machine\driver:path
      Do not share this folder /DELETE
      Comment /REMARK:"text"
      User Limit: . Maximum allowed /UNLIMITED
      User Limit: . Allow 3 Users /ALLOW:3
      Caching:
    3. Automatic caching for Documents
    4. Automatic caching for Programs
    5. Manual caching for documents
    6. /CACHE:
    7. Automatic
    8. No
    9. Manual
    10. Map to Others' Shares
    11. The general format:

        NET USE [devicename | *] [\\Netbioscomputername\sharename[\volume] [password | *]]
                [/USER:[domainname\]username]
                [/USER:[dotted domain name\]username]
                [/USER:[username@dotted domain name]
                [[/DELETE] | [/PERSISTENT:{YES | NO}]]
        

      Example:

        NET USE X: \\NT-MASTER\Server\ /USER:TTI\wilsonmar passWord /PERSISTENT:NO
        
      How to specify domain ???

      To set home folder:

        NET USE {devicename | *} [password | *] /HOME
        

    Go to Top of this page.
    Previous topic this page
    Next topic this page

    1. Create Emergency Backup Diskette in an Envelope
    2. Get a blank diskette and make a snapshot from Programs | Accessories | System Tools | Backup. This is the same as ntbackup.exe

      Click the Emergency Repair Disk button.

      This also creates the repair\RegBack folder under %systemroot%.

      When done, the diskette should have files autoexec.nt, config.nt and setup.log.

      On each machine's housing, glue an envelope big enough to hold a new on this page ERD diskette to be prepared. This is only for test systems. An Emergency Repair Disk contains information which can be used in a brute force dictionary attack. So production environments typically have ERD's cataloged and stored in a secure environment away from the physical machines.

    3. Create Scheduled Tasks
    4. Scheduled tasksanother page on this site
     

      tool ERD Commander $349 from Winternals allows you to recover systems by giving you complete access to all files and the system registry hive, letting you replace missing or corrupt files, edit configuration information, or delete drivers or software that prevent your system from booting.
     
    Go to Top of this page.
    Previous topic this page
    Next topic this page

    Set this at top of window. Configuration of Windows Components

    • IIS (Internet Information Server)
    • IIS Configuration tasks another page on this site

    • SQL Server
    • This is on separate CD's labeled "BackOffice".

    • Stand-alone Multiple User Security
    • To enforce settings for multiple users on each stand-alone machine, use the System Policy Editor to create a Registry.pol file

    • Remove OS/2 and Posix Subsystems
    • Files in both the System32 folder and subfolder \dllcache:
        os2.exe, os2ss.exe, os2srv.exe

      Files in the System32 folder:

        posix.exe, psxss.exe, psxdll.dll

      Files in the \os2 folder, except the DLL subfolder, which supports cmd.exe.

      Delete registry keys which could reactivate deleted files: Within HKLM \System \CurrentControlSet \Control \Session Manager

        \Environment key Os2LibPath
        \Subsystems key Optional, OS2, and POSIX

     

     
    Go to Top of this page.
    Previous topic this page
    Next topic this page

    Set this at top of window. Lock Down Server

    1. Implement High Security Settings Policies Permissions
    2. To control access over the network, ... to set the Access Control Entry (ACE) in the ACL (Access Control List) stored in each file and folder. Reminder: Use the "Caching" option used to configure offline access to a shared folder. Denied permissions always override allowed permissions.

    3. Disable Unnecessary Services
      • Disable Unused ISAPI Listeners
      • Disable Internet Printing Protocol
      • Disable Index Server
      • Disable Admin web sites
      • Logoff users after a specified time has elapsed instead of the default screen saver which locks the workstation by installing from the Resource Kit the WinExit.scr screen saver [Q297267]. Users who are not administrators must add “Set Value” and “Create Subkey” permissions for the group Everyone on the registry key: HKEY_Local_Machine\ Software\ Microsoft\ WindowsNT\ CurrentVersion [Q262646]

    4. Restrict Access
      • Use IPSec filters [KB Q254728] Set NoDefaultExempt to 1 (2 on .NET Servers)
      • Disable Windows Auth on directories that don't need it
      • Disable write privilege to anonymous account in ftp-server

    5. Strong Accounts Policy
    6. Separate data
      • Install webroot/sites/virtroots on a different volume than %sysvol%.
      • Avoid RevertToSelf API calls in custom IIS ISAPI DLLs.
      • Set App Protection Process Model from default Medium to High.
      • Don't store in script files private data such as connect strings with passwords to SQL servers.
      • Turn off “Parent Paths” and don't code ../../ to disallow directory traversal attacks.
      • Use <runat=server> tags to specify server-side execution
      • Rename (and reference) .INC include files to .ASP


    Go to Top of this page.
    Previous topic this page
    Next topic this page

    Set this at top of window. Install Dfs - Distributed File Service

      Windows 2003 R2 "Branch" technology has improved DFS features, including its own MMC, instead of these steps on Windows 2000:

    • Dfs Root on a host server
    • From the Administrative Tools, select "Distributed File System" and "New Dfs Root Volume". In the Wizard, specify "host server Combines shared resources (child nodes) from different computers into a single console tree for the whole network".

    • Dfs Shares for Replicas
    • If you have Active Directory, you can create a Dfs shared folder so that a host server replicates (duplicates) its contents for local access, load balancing, and uninterrrupted fault tolerance:

      Select domain DFS and establish a replication Policy to specify how fault-tolerant roots get their information from the main root. These don't have to be on Windows 2000 servers.

    • Dfs Child Nodes for Replicas
    • Click on the Dfs root. A stand-alone dfs root can have up to 128 replicas, all on the same level.

      Idea In the Comment field, it helps to enter the file's physical folder address.

    • Dfs for Windows 9x clients
    • Windows 9x clients need the "Dfs Services for Microsoft Network Client" service installed in order to use Dfs shares on Windows 2000 servers.

      Idea Put share points for software distribution and other tasks used only by the administrator in a hidden folder so nosey users won't browse them.

      The replication engine and compression scheme introduced in Windows 2003 R2 is called Remote Differential Compression (RDC), where replication stack-rank sequence can be specified by server.

     

     
    Go to Top of this page.
    Previous topic this page
    Next topic this page

    Set this at top of window. Configure Storage

    • Backup
    • Select files in the Excluded Files tab of the Options dialog
    • Select "Backup Mounted Drive" if one is used. This is not selected by default.
    • Select "Backup System State"

    • Export and Save Certificates
    • If you have a certificate and want to save yourself the hassle in case you need to rebuild your machine, or save your heirs the hassle of retrieving it in case you get run over by the perverbial truck, export your private key to a ".pfx" (Personal Info Exchange) file, move it to a floppy, and put it in your safe deposit box. This is like writing down your ATM PIN number on paper.

    • Group Policies for Software Publishing
    • Use the Group Policy Editor using the MS Windows Installer .msi file Publishing stored in the Windows 2000 Active Directory. Assign applications to Deploy, Disable, Remove (Uninstall).

      When upgrading, select Mandatory or Non-Mandatory.

    • Remote Storage
    • Used to manage backup media.

    • MTS (Microsoft Transaction Server)
      • Atomicity - either all changes are applied or none at all.
      • Consistency - actions taken as a group do not violate constraints.
      • Isolation - concurrent actions are not processed simultaneously in a conflicting way.
      • Durability - changes survive failures in the network or operating system.


    Go to Top of this page.
    Previous topic this page
    Next topic this page

    Set this at top of window. Boot.Ini to Speed Up System Startup

      Boot.ini Enhancements

      The Advanced Risc Computing (ARC) path is used by NTLDR to determine which disk contains the operating system. [Q102873] Example:

      To Display Boot, Configuration, Scratch, and Temp Directories for your local machine, run this from the Resource Kit:

      [boot loader]
      timeout=2
      default=multi(0)disk(0)rdisk(0)partition(1)\WINNT

      [operating systems]
      multi(0)disk(0)rdisk(0)partition(1)="Windows 2000" /fastdetect /NODEBUG /NOGUIBOOT
      multi(0)disk(0)rdisk(0)partition(1)\WINNT="Windows 2000 Professional [VGA mode]" /basevideo /sos
      C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows 2000 Recovery Console" /cmdcons
      C:\="Microsoft Windows 98"

      . Controller Physical Disk Partition
      IDE SCSI IDE SCSI
      lowest
      numbers
      multi(0) rdisk(0)  partition(1)
        scsi(0)  disk(0) partition(1)
      Remember: Partition numbers start with 1.

      • multi(0)rdisk(0) are used together only for IDE controllers
      • scsi(SCSI ID)disk(0) are used together only for SCSI controllers with SCSI BIOS INT 13 disabled.
      • signature(8b467c12)disk(1)rdisk(0) use of disk signature is new for Windows 2000's Plug and Play. It's used for boot partitions larger than 7.8 GB or 1024 cylinders.


    .

      Specify /NODEBUG and /NOGUIBOOT in Boot.ini

      Doing this slightly speeds up the Ntldr run during boot-up.

      1. This can only be done successfully installing two operating systems.
      2. Use Windows Explorer and navigate to the C: drive root directory.
      3. Make sure you have the correct Windows Explorer settings to view and change the boot.ini file:
        • If you don't see the boot.ini file, select Tools | Folder Options | View tab | Show hidden files and folders | OK.
        • Right-click on the boot.ini file and select Properties. Make sure that the "Read only" attribute is not selected. Click OK.
      4. Click your cursor in front of "/fastdetect", type "/noguiboot /NODEBUG". Note that there should be a space around each parameter.
      5. Exit and reboot.
      6. Verify these settings in Control Panel> System applet> Advanced tab> Startup and Recovery

     

     
    Go to Top of this page.
    Previous topic this page
    Next topic this page

    Set this at top of window. Speed Up System Startup

      Specify ACPI

      If you want the computer to shut itself off rather than waiting:
      1. Programs | Administrative Tools | Computer Management.
        or Settings | Control Panel | Device Manager
      2. Click Device Manager and double-click Computer.
      3. Under "Computer", if the computer model is "Standard PC", right-click on it for Properties.
      4. On the Driver tab, click "Update Driver..."
      5. From the Install Hardware Device Drivers page, click Display a list for the known drivers for this device
      6. Click Next.
      7. From the Select a Device Driver page, click Show all hardware of this device class.

      8. Select a "ACPI" Model and Next.

    Go to Top of this page.
    Previous topic this page
    Next topic this page

    Set this at top of window. Enabling Remote Access (RAS)

      A Remote Access Policy is needed. The default is "Control access through Remote Access Policy"

      RAS does not need to be in Active Directory

      Caching:

      • Manual Caching
      • Automatic Caching for Documents
      • Automatic Caching for Programs

     

      .

     
    Go to Top of this page.
    Previous topic this page
    Next topic this page

    Set this at top of window. Install Printers

    1. To add a printer, Settings | Printers.

      Deselect "Automatically Dectect And Install My Plug And Play Printer"

      The printer's NetBIOS host name rather than its IP address can be used to locate and connect to the port using the Microsoft Windows 2000 Standard TCP/IP Port Monitor (SPM) if that name is registered on the network.

      To use the NDIS (Network Driver Interface Specification) client to establish a connection with a printer shared as pi on a print server named c1:

        Net use lpt x : \\c1\p1
    2. If you Browse For Printer, in order to discover older HP printers (such as 4si), the DLC (Data Link Control) protocol must be installed (in Network Places).

    3. Add a port and (provide a Port Name) for each printer.

      If "List in the Directory" is checked, printers are automatically added to Active Directory when they are shared. Add the UNC path to non-Windows 2000 printers in the "Active Directory Users and Computers" MMC. Right-click on an OU, select New, click Printer.

     

      A "Printer" is a logical name for the software that is installed on the print server.

      A "Printer Device" is the physical name for the actual hardware that produces the printed output.

     
    Go to Top of this page.
    Previous topic this page
    Next topic this page
      If you use cluster service or have a UNIX printer which communicates with a RFC 1179 compliant LPD using TCP/IP:
      1. Install "Print Services for UNIX" (Lprmon) on a Windows print server under Control Panel | Network and Dial-up Connections | Advanced | Optional Networking Components | Componets list item "Other File and Print Services" | Details.
      2. Create a local LPR (Line Printer Resource) port from Control Panel | Printers | Add Printer | Next
      3. Specify the IP address (not UNC name) and LPR port above 1024. This automatically creates a print queue
      4. Share the printer for others to use
      5. On the client, run a LPR command such as this to test print a file containing RAW (ready to print) data type:

          lpr   -S server_name -P queue_name  file_name

      Pool Printers

      If you have several print devices on a server which use the same printer driver, build fault tolerance by allowing printing to occur on the first available printer. Right click on a printer, select the Ports tab, check "Enabling Printer Pooling", select the ports participating in the pool.

      Set Printer Priorities

      Create logical printers with different priorities. A 99 (high) Priority job prints before a 1 (low) Priority job.

      Set Separator Pages

      Define what appears on Separator Pages by creating a .sep file. But this is generally not a good idea. If confidentiality is an issue, get additional printers in individual offices.

      Confirm Printer Availability

      To confirm what printers have been defined to a server, try these commands which uses the Internet Printing Protocol (IPP): For a list of printers:
        http://server_name/printers
      For a specific printer_share_name:
        http://server_name/printers/printer_share_name.print

      Change the print spool location ???

        Fixprnsv.exe

      Unlike NT4, Windows 2000 spooler operations and print jobs are recognized by System Monitor.

     

     
    Go to Top of this page.
    Previous topic this page
    Next topic this page

    Set this at top of window. InterOperability with Novell Netware

       
      download Download this Visio 2000 file
       
      webpage article Interoperability in a Novell NetWare Environment notes that Microsoft is shipping Novell's Client for Windows 2000 with Windows 2000 Pro upgrade licenses.

      tool Windows Services for NetWare 5.0 ($149 per enterprise) also includes Microsoft Directory Synchronization Services (or MSDSS) and the Microsoft File Migration Utility (or MSFMU).

       

      Get Windows Clients to Use Novell Servers over NCP

      Microsoft's Client Service for NetWare —included with Windows 2000 Professional (but not with Windows 2000 Server)— authenticates a user on non-bindery mode NDS Servers. CSNW supports NetWare login scripts. Unlike a Novell client, CSNW is not NDS compatible. An NDS compatible client provides features (integrated messaging, multiprotocol support, management, security, etc.) required by several NetWare applications (Z.E.N. Works, Novell Distributed Print Services, Novell Storage Management Services, etc.).

      Get Windows Clients to Use Novell Servers over TCP/IP

      To allow Windows clients to access file, print, and directory services on a single NetWare bindery-based gateway server, install Microsoft's Gateway Services for NetWare (GSNW) product on a Windows 2000 machine (any version -- Server or Professional). GSNW enables client use of Novell's NDS (Network Directory Services) authentication, navigation, file services, and printing.

      The GSNW installation process automatically activates NWLink — the Microsoft implementation of Novell's IPX/SPX networking protocol that provides NetBIOS and the Routing Information Protocol (RIP) functionality on NetWare networks.

      Windows clients need to install the NWLink IPX/SPX/NetBIOS Compatible Transport Protocol. A change to Registry is necessary to set the default frame type to
      802.3 for NetWare versions 3.11 and lower
      802.2 for NetWare versions 3.12 and higher.

      Get Windows Clients to Use Novell Servers with SMB

      GNU SAMBA on a NetWare server makes it look like a Windows NT Server to Windows-based clients using Server Message Block (SMB) protocol — Microsoft's version of the Common Internet File System (CIFS) file and print services defined by X/Open CAE Specification C209. Microsoft now licenses these procotols as part of the DOJ decree.

      Get Novell Clients to use Windows 2000 Servers

      Microsoft's (Windows) File and Print Services for NetWare product makes a Windows machine behave like a Novell server to Netware client machines. This package presents dialog boxes similar to what Netware software presents while processing print jobs on Netware servers. This software displays and searchs Printers on the Windows 2000 print server the same way as NetWare print queues.


    Go to Top of this page.
    Previous topic this page
    Next topic this page

    Set this at top of window. InterOperability with Apple

      Get Apple clients using AppleTalk Printers on a Windows Server

      In order for Apple Macintosh clients to access print devices connected ONLY to a com port of a Windows 2000 Server on an AppleTalk network:

      The Novell client computer should use SAP (NetWare Service Advertising Protocol).

      1. Install Microsoft's File Services for Macintosh This also installs the AppleTalk protocol stack and Appletalk routing software on the Windows 2000 server even though an ApplTalk network can use TCP/IP.
      2. Configure Macintosh-accessible volumes on the server. Set session limits.
      3. Make new file extension associations for Intel-based and Macintosh files.
      4. Install Authentication files on every Macintosh client

      Windows clients using AppleTalk Printers

      LPR UNIX daemons

      Windows clients using Mac Machines

      On Windows clients, the AppleTalk protocol must be installed.

     

      .

     
    Go to Top of this page.
    Previous topic this page
    Next topic this page

    Set this at top of window. InterOperability with UNIX

      Add static mapings in WINSanother page on this site for UNIX servers.

     

      .

     
    Go to Top of this page.
    Previous topic this page
    Next topic this page

    The Windows 2000 WebRing

    The Windows 2000 WebRing is owned by Previous 5 Sites | Skip Previous | Previous| | Next | Skip Next | Next 5 Sites| | Random Site | List Sites | Join this WebRing]

    Next: Windows 2000 Administration another page on this site

    Portions ©Copyright 1996-2010 Wilson Mar. All rights reserved. | Privacy Policy |

    Related Topics:

  • Win2000 Install 
  • Perfmon Tweaks 
  • Active Directory 
  • Win2000 Admin 
  • WinNT4 Install 
  • Keyboard Shortcuts 
  • PC Hardware 
  • Free Training! 
  • Tech Support


    How I may help

    Send a message with your email client program


    Your rating of this page:
    Low High




    Your first name:

    Your family name:

    Your location (city, country):

    Your Email address: 



      Top of Page Go to top of page

    Thank you!