Home > Store

Ultimate Windows 2000 System Administrator's Guide, The

Register your product to gain access to bonus material or receive a coupon.

Ultimate Windows 2000 System Administrator's Guide, The


  • This product currently is not for sale.
Not for Sale


  • Copyright 2000
  • Dimensions: 7-3/8x9-1/4
  • Pages: 928
  • Edition: 1st
  • Book
  • ISBN-10: 0-201-61580-0
  • ISBN-13: 978-0-201-61580-7

This is an expert, comprehensive, real-world guide to every aspect of administering Windows 2000 Server and Windows 2000 Advanced Server. Begin with a detailed overview of Windows 2000 concepts, deployment and installation: the role of the system administrator, basic Windows 2000 features, organization, and architecture. Next, gain an in-depth understanding of what it takes to deploy and manage the Active Directory; manage users and the new group policies; security, print and file services, networking, and more. Section III covers enterprise-class Windows 2000 administration issues, including performance tuning, integration with Microsoft System Management Server, running Terminal Server, and clustering. The book also contains a handy quick-reference guide covering the most important commands in both the core operating system and the Windows 2000 Resource Kit toolset. For all sysadmins and netadmins working with Windows 2000, or planning to do so; and for senior IT managers responsible for architecting, deploying, and managing Windows 2000 environments.

Sample Content

Table of Contents



About the Authors.

1. Administrative Overview.

Windows 2000 — An Historical Perspective.

What's in a Name — The Windows 2000 Family.

Windows 2000 Administration Roles.

Windows 2000 Features and Their Administration Implications.


2. Windows 2000 Structure and Architecture.

Structural Modes, Subsystems, and Managers.

Windows 2000 Processes.

Stored and Virtual Memory.

The Boot Process.

The Windows 2000 Registry.

Viewing Application Dependencies.

Reviewing Application Compatibility.

IntelliMirror and Other Innovations.


3. Planning and Installation.

Logical and Physical Structures.

Understanding the Current Enterprise.

Planning for Windows NT Upgrades.



4. Getting Started.

Interface Basics.

Microsoft Management Console.




5. The Active Directory.

Directory Services.

Active Directory Structural Components.

Open Standards Support and Naming Conventions.

Migration and Backward Compatibility.

Administrative Interface Snap-Ins.

API Options.

Administrative Security and Trust Relationship.

Administrative Delegation.


6. Active Directory Management and Use.

Planning for the Active Directory.

Installing the Active Directory.

Active Directory MMC Snap-In Tools.

Creating Organizational Units.

Locating Objects.

Active Directory Object Access.

Standard and Special Permissions.

Active Directory Administrative Delegation.

Global Catalog Refinement.

The Active Directory Connector.


7. User Accounts and Groups.

User Accounts.



8. Group Policies.

Understanding Group Policies.

GPO Implementation.

Implementing Group Policy by Example.



9. Permissions Security, Folder Sharing, and Dfs.

Reviewing NTFS Permissions.

Folder Sharing.

Distributed File System Sharing.


10. Kerberos and the Public Key Infrastructure.

Kerberos Authentication.

The Public Key Infrastructure.


11. Additional Security Issues and Solutions.

Security Policy.

Windows 2000 System Lockdown.

Secure Network Services and Architecture.

The End User's Responsibility.


12. Networking Basics and Naming Services.

Networking Basics.

Naming Services and IP Assignments.


13. Virtual Private Networks and IP Security.

Virtual Private Networks.

IP Security.


14. Disk Management, Backup and Restoration, and Disaster Recovery.

Disk Management.

Backup and Restoration.

Disaster Management.


15. Terminal Services.

Conceptual Review.

Installing Terminal Services.

Configuring Terminal Services.

Connection Management.

Terminal Services Administration.

Terminal Services from a User's Perspective.


16. Internet Information Services.


Understanding the IIS Web Server.

Working with the SMTP Server.

Understanding the NNTP Server.

Understanding the FTP Server.


17. Cluster, Indexing, Message Queuing, SMS, and WSH.

Understanding Cluster Services.

Index Services.

Message Queuing Services.

System Management Server.

Windows Scripting Host.

Example WSH Scripts.


Appendix: Windows 2000 Commands and Utilities.

Backup Commands.

Batch Commands.

Comparison Commands.

Compression Commands.

Display Commands.

File Management Commands.

File Manipulation Commands.

Miscellaneous Commands.

Networking Commands.

Print Commands.

Search Commands.

System Management Commands.

Resource Kit Support Tools.



Index. 0201615800T04062001


Windows 2000 is a complex, feature-rich operating system product family whose deployment in an enterprise requires highly skilled individuals to support its installation, maintenance, and optimization. These individuals are aided by the abundance of tools and wizards for effective operating system management that Microsoft has provided. Indeed, many of the enhanced tools should shift the traditional role of administrator to that of proactive manager of computing environments. Thus, the depth of function, flexibility, and granularity of Windows 2000 ultimately represents both opportunity and challenge for system administration.

This book is written to help you succeed in the administration of the Windows 2000 Server family. Much of the information it provides is also applicable to the desktop Windows 2000 Professional version. While the use and management of Windows 2000 Professional is incorporated, the Server side is clearly our primary focus. In this preface we provide a framework for the primary topics covered, define the target audience, and describe how to use this book.

The Role of the Administrator

Windows 2000 will not eliminate the system administrator. To the contrary, features such as the Active Directory and the Microsoft Management Console will vastly broaden this role. Rather than spend time on mundane tasks and the management of dozens of disjointed tools, a consolidated approach provided by Windows 2000 will free the administrator to concentrate on more mission critical activities.

The functions of the Windows 2000 system administrator are generally those that support the user population and those that support the system. The following list summarizes some of the most common responsibilities:

User-oriented tasks
  • Adding and removing users
  • Group management
  • User application support
  • End-user customer service, education, and communication
  • Management of basic services like mail and printing
System-oriented tasks
  • Booting, shutdown, and everything in between
  • Backups and restoration
  • Hardware maintenance, additions, and removal
  • System accounting and monitoring
  • System administration logs
  • System security and password aging
  • Network support
  • General troubleshooting

Obviously this list only scratches the surface of system administration and IT management. However, as a means of setting the reader's expectations, it does underscore the types of activities for which this book can be used as a guide.

Basis of Our Research

In preparing this book we utilized three primary sources of information. First, we relied heavily on our combined professional experience in application development, system administration, and IT management. Unlike so many books written in theory by technical writers, our recommendations did not emerge from a vacuum but are based on reality and experiences. We hope the experience we bring to this book will assist our fellow IT professionals to better manage an enterprise.

Second, we used observations from system administrators in the field to provide "reality checks" to our conclusions. Theoretical understanding of Windows 2000 is a nice beginning, but it is no substitute for the actual experience of system administrators. Because Windows 2000 is a new product, one of our primary sources was participants in Microsoft's Rapid Deployment Program and their experience with final beta and final release versions of the operating system.

Finally, we performed extensive tests and simulated real-world environments in an extensive laboratory environment. The tests centered primarily on the Server and Advance Server versions; however, Windows 2000 Professional was also tested and is periodically referenced as client software within the broader enterprise framework. Windows 2000 DataCenter was not available for testing at the time this book was written, and so references to it are based on published Microsoft specifications. Where differences exist in the version levels, we call attention to them.


This book was written for system administrators and other IT professionals who manage a Windows 2000 environment. Administrators coming from other operating system environments like UNIX will find many significant conceptual differences and numerous familiar technologies. Seasoned Windows NT administrators will find many familiar aspects but many significant differences as well that will require a general updating of their technical skills. The addition of the Active Directory, a new domain model, advanced authentication technologies, and the enhanced Microsoft Management Console are just a few examples of entirely new or expanded operating system features.

Our aim was to produce an intermediate reference guide for administrators, leaving out specialized architectural or programming topics. Thus, this book should be used for an understanding of key concepts and for common "how-to" walkthrough support. Experienced professionals should find the discussions on operating system migration and the use of the new enhanced tools valuable. Those with moderate system administration experience can also benefit, but we assume these readers already have hands-on operating system experience. Novices will need to learn network and operating system fundamentals.

Attempting to provide useful information to an audience of system administrators was a challenge. Inevitably, some of the book's material may appear either overly basic or too advanced, and depending on a reader's level of experience, some discussions will be more helpful than others. To accommodate this wide variance in prior knowledge, we first cover each major topic from a conceptual basis and then expand this foundation with discussions on applying specific advanced Windows 2000 functions.

System administrators coming from UNIX might find helpful our sister publication Windows NT & UNIX: Administration, Coexistence, Integration, & Migration (Addison-Wesley 1998). There will be updates of that book focusing on Windows 2000 in the future.


The book is organized into three sections and an appendix:

  • The first four chapters focues on Windows 2000 concepts, deployment, and installation. They cover the role of the system administrator, Windows 2000 features, operating system structure, and deployment and actual installation. Chapter 4 discusses getting started with tools like the Microsoft Management Console (MMC).
  • The heart of the book, chapters 5 through 14, is a discussion of fundamental administration topics. In a series of very technical chapters, we cover the Active Directory, user management, group policies, security, printer and file services, networking, and other topics essential to Windows 2000 system administration.
  • The last part of the book covers advanced tools and concepts. It examines the Internet Information Service and optional components such as Terminal Services, System Management Server, Indexing Services, Message Queuing Services, Cluster Services, and other topics that are applicable to enterprise-level system administration.
  • The Appendix, Windows 2000 Commands and Utilities, is a quick reference for the most significant commands in the operating system and in the Windows 2000 Resource Kit.

A Glossary of common terms is also provided.

Other References

A wealth of information should be utilized by system administrators to supplement this book. The Windows 2000 operating system provides extensive online help available from the Start -> Help facility. Microsoft also regularly posts white papers on its website, which should be regularly checked for updated information.

At the time of publication, Microsoft had not released some anticipated Windows 2000 auxiliary tool kits. In the interim, we suggest at least two Windows NT downloadable components. The Zero Administration Toolkit (ZAK) facilitates administration of Windows NT. Its current tools are available from http://www.microsoft.com/windows/zak. Operating system interoperability is increasingly an important issue with Windows 2000 deployment. Microsoft provides a number of helpful applications for the management of such environments. Also, Microsoft Services for UNIX provides a number of tools and applications for enterprises that must interoperate with Windows 2000 and UNIX. For information on it see the Microsoft Web page at http://www.microsoft.com/Windows/server/Deploy/interoperability.

Trade magazines can also be an excellent source of information. We recommend Computer World, Windows 2000 Magazine (formerly Windows NT), Platform Decisions, ENT, MS Journal, and Dr. Dobbs Journal. As for online services, we strongly recommend Microsoft's security and patch e-mail service at http://www.microsoft.com/security. Other Web-based services are Windows 2000 Advantage.com, Lyris nt-administration tools, Bug Track, Brainbuzz.com, and San NT.

Finally, we will be posting updated information on Windows 2000 on our website at http://www.EnterpriseCertified.com/w2kbook.htm.


This book is a result of the efforts of many individuals, whose support the co-authors would like to acknowledge.

The special effort of contributors Byron Bielman and Ellen Beck Gardner in the development of this book deserve our thanks. Thanks also to our very supportive editor Gary Clarke and his editorial assistant Rebecca Bence, as well as executive editor J. Carter Shanklin, marketing director Robin Bruce, production coordinator Marilyn Rash, and the entire Addison Wesley Longman production team. The extremely valuable insights of AWL reviewers John Holmwood, Martin Sjoelin, Bryan E. Helvey, and Michael P. Deignan (president, Ideamation, Inc.) are also greatly appreciated. Production coordinator Diane Freed and copy editor Dianne Wood provided superior assistance.

Microsoft's Rapid Deployment Program (RDP) team provided firsthand information on the use of the Windows 2000 operating system, and we greatly appreciate the Microsoft engineers who managed the RDP newsgroups and those RDP participants who provided data. Several RDP members clearly went an extra mile in reviewing early drafts of the book. Thus, we cannot overstate the value of contributions made by Andrew van der Stock, James Edelen, James Morris of the University of Washington, Michael Brown and Rick Kingslan of MSCE+I, Tom Gutnick, and Uwe Mundry. They are truly unsung heroes.

Microsoft was extremely cooperative in the development of the book. We thank Ed Muth and Michael Emanuel, who, despite their heavy schedules, made themselves and members of the Windows 2000 team available, and group vice president Jeff Raikes, who made resources available when needed. Our thanks also go to John Ford, who continually extended himself by providing friendly support and road maps into the Microsoft organizational maze; Marsha Kabakov and Dean Murray, who provided early educational information; and Donna Senko and Anne Marie McSweeny, who gave insight into the Windows 2000 certification programs. We thank Nancy Lewis and the longtime support of her excellent team, and we acknowledge the support and insight of Ian Rogoff, Gary Schare, Chris Ray, Andy Forsberg, Douglas Miller, Liz Brackett, and Stephen Walli. In our Rocky Mountain region, we acknowledge Chris Munger, Gene Cornfield, and Kent Sarff.

Special thanks to executive editor Charlie Simpson of Enterprise Systems and Platform Decision magazines and to the Windows NT 2000 magazine team, especially managing editor Karen Forster, senior acquisition editor Amy Eisenberg and news editor (and my partner in crime on other book projects) Barrie Sosinsky. Computer World's Bruce Hoard, Ellen Fanning, and Stefanie McCann also warrant a special thanks.

Bob Williams has special personal and professional acknowledgments. Thanks to family members Flora Williams and Sue and Mike Montgomery. Great appreciation for years of support to friends Bill Kuehl, Deb Murray, Ed Nichols, Ellen and Kevin Gardner, Ivory Curtis, Jim Fry, Dr. James and Wanda Riviere, Karen Bircher, Margaret Krawczck, Mark and Toni Sehnert, Martha McGavin, Mike and Mary Glynn, Roger Ayan, Roger Caauwe, and Scott Woodland. Finally, to my goddaughter, Emily, and brother, Alex.

Mark Walla expresses personal thanks to a number of people who have provided support and encouragement. Special thanks to his parents Gary Wally and Sandy Minter and their respective spouses Kay and Jules, and to brother Tom Walla and Brittany. Professional and personal thanks also to Dave and Anne Peterson, Troy Love, Jim Welch, Bryon Beilman, Peter Shen, John LaPorte, Dem Pilafian, Darrel Ritchie, Dave Kovsky, Carl Castillo, Diane Horn, Kent Tang, Nancy Robins, Glen Sater, Joseph Chen, Dan Chinon, Kevin Greenfield, Jim Fitzgerald, and Mark Malinowski.



Submit Errata

More Information

InformIT Promotional Mailings & Special Offers

I would like to receive exclusive offers and hear about products from InformIT and its family of brands. I can unsubscribe at any time.


Pearson Education, Inc., 221 River Street, Hoboken, New Jersey 07030, (Pearson) presents this site to provide information about products and services that can be purchased through this site.

This privacy notice provides an overview of our commitment to privacy and describes how we collect, protect, use and share personal information collected through this site. Please note that other Pearson websites and online products and services have their own separate privacy policies.

Collection and Use of Information

To conduct business and deliver products and services, Pearson collects and uses personal information in several ways in connection with this site, including:

Questions and Inquiries

For inquiries and questions, we collect the inquiry or question, together with name, contact details (email address, phone number and mailing address) and any other additional information voluntarily submitted to us through a Contact Us form or an email. We use this information to address the inquiry and respond to the question.

Online Store

For orders and purchases placed through our online store on this site, we collect order details, name, institution name and address (if applicable), email address, phone number, shipping and billing addresses, credit/debit card information, shipping options and any instructions. We use this information to complete transactions, fulfill orders, communicate with individuals placing orders or visiting the online store, and for related purposes.


Pearson may offer opportunities to provide feedback or participate in surveys, including surveys evaluating Pearson products, services or sites. Participation is voluntary. Pearson collects information requested in the survey questions and uses the information to evaluate, support, maintain and improve products, services or sites, develop new products and services, conduct educational research and for other purposes specified in the survey.

Contests and Drawings

Occasionally, we may sponsor a contest or drawing. Participation is optional. Pearson collects name, contact information and other information specified on the entry form for the contest or drawing to conduct the contest or drawing. Pearson may collect additional personal information from the winners of a contest or drawing in order to award the prize and for tax reporting purposes, as required by law.


If you have elected to receive email newsletters or promotional mailings and special offers but want to unsubscribe, simply email information@informit.com.

Service Announcements

On rare occasions it is necessary to send out a strictly service related announcement. For instance, if our service is temporarily suspended for maintenance we might send users an email. Generally, users may not opt-out of these communications, though they can deactivate their account information. However, these communications are not promotional in nature.

Customer Service

We communicate with users on a regular basis to provide requested services and in regard to issues relating to their account we reply via email or phone in accordance with the users' wishes when a user submits their information through our Contact Us form.

Other Collection and Use of Information

Application and System Logs

Pearson automatically collects log data to help ensure the delivery, availability and security of this site. Log data may include technical information about how a user or visitor connected to this site, such as browser type, type of computer/device, operating system, internet service provider and IP address. We use this information for support purposes and to monitor the health of the site, identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents and appropriately scale computing resources.

Web Analytics

Pearson may use third party web trend analytical services, including Google Analytics, to collect visitor information, such as IP addresses, browser types, referring pages, pages visited and time spent on a particular site. While these analytical services collect and report information on an anonymous basis, they may use cookies to gather web trend information. The information gathered may enable Pearson (but not the third party web trend services) to link information with application and system log data. Pearson uses this information for system administration and to identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents, appropriately scale computing resources and otherwise support and deliver this site and its services.

Cookies and Related Technologies

This site uses cookies and similar technologies to personalize content, measure traffic patterns, control security, track use and access of information on this site, and provide interest-based messages and advertising. Users can manage and block the use of cookies through their browser. Disabling or blocking certain cookies may limit the functionality of this site.

Do Not Track

This site currently does not respond to Do Not Track signals.


Pearson uses appropriate physical, administrative and technical security measures to protect personal information from unauthorized access, use and disclosure.


This site is not directed to children under the age of 13.


Pearson may send or direct marketing communications to users, provided that

  • Pearson will not use personal information collected or processed as a K-12 school service provider for the purpose of directed or targeted advertising.
  • Such marketing is consistent with applicable law and Pearson's legal obligations.
  • Pearson will not knowingly direct or send marketing communications to an individual who has expressed a preference not to receive marketing.
  • Where required by applicable law, express or implied consent to marketing exists and has not been withdrawn.

Pearson may provide personal information to a third party service provider on a restricted basis to provide marketing solely on behalf of Pearson or an affiliate or customer for whom Pearson is a service provider. Marketing preferences may be changed at any time.

Correcting/Updating Personal Information

If a user's personally identifiable information changes (such as your postal address or email address), we provide a way to correct or update that user's personal data provided to us. This can be done on the Account page. If a user no longer desires our service and desires to delete his or her account, please contact us at customer-service@informit.com and we will process the deletion of a user's account.


Users can always make an informed choice as to whether they should proceed with certain services offered by InformIT. If you choose to remove yourself from our mailing list(s) simply visit the following page and uncheck any communication you no longer want to receive: www.informit.com/u.aspx.

Sale of Personal Information

Pearson does not rent or sell personal information in exchange for any payment of money.

While Pearson does not sell personal information, as defined in Nevada law, Nevada residents may email a request for no sale of their personal information to NevadaDesignatedRequest@pearson.com.

Supplemental Privacy Statement for California Residents

California residents should read our Supplemental privacy statement for California residents in conjunction with this Privacy Notice. The Supplemental privacy statement for California residents explains Pearson's commitment to comply with California law and applies to personal information of California residents collected in connection with this site and the Services.

Sharing and Disclosure

Pearson may disclose personal information, as follows:

  • As required by law.
  • With the consent of the individual (or their parent, if the individual is a minor)
  • In response to a subpoena, court order or legal process, to the extent permitted or required by law
  • To protect the security and safety of individuals, data, assets and systems, consistent with applicable law
  • In connection the sale, joint venture or other transfer of some or all of its company or assets, subject to the provisions of this Privacy Notice
  • To investigate or address actual or suspected fraud or other illegal activities
  • To exercise its legal rights, including enforcement of the Terms of Use for this site or another contract
  • To affiliated Pearson companies and other companies and organizations who perform work for Pearson and are obligated to protect the privacy of personal information consistent with this Privacy Notice
  • To a school, organization, company or government agency, where Pearson collects or processes the personal information in a school setting or on behalf of such organization, company or government agency.


This web site contains links to other sites. Please be aware that we are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of each and every web site that collects Personal Information. This privacy statement applies solely to information collected by this web site.

Requests and Contact

Please contact us about this Privacy Notice or if you have any requests or questions relating to the privacy of your personal information.

Changes to this Privacy Notice

We may revise this Privacy Notice through an updated posting. We will identify the effective date of the revision in the posting. Often, updates are made to provide greater clarity or to comply with changes in regulatory requirements. If the updates involve material changes to the collection, protection, use or disclosure of Personal Information, Pearson will provide notice of the change through a conspicuous notice on this site or other appropriate way. Continued use of the site after the effective date of a posted revision evidences acceptance. Please contact us if you have questions or concerns about the Privacy Notice or any objection to any revisions.

Last Update: November 17, 2020