By Tim Poulsen
As we showed you in the June 1998 issue of our journal, Microsoft is working hard on the next version of NT. In that article, we covered some of the major new features of NT 5.0. In this article, we take a more detailed look at Windows NT 5.0 Beta 1.
Beta get ready for NT 5.0With so many new features promised for the next version of Windows NT, you'll want to get a head start on mastering them. Microsoft announced that Beta 2 was to be released in the second quarter. Although we haven't seen Beta 2 yet, we have had the chance to kick around Beta 1. If Beta 2 isn't shipping by the time you read this article, don't expect to see the final version of 5.0 until the end of this year or early next year.
As with most Microsoft betas, we found that Beta 1 doesn't include every promise Microsoft made for NT 5. Still, Beta 1 contains many new features—certainly enough for you to get a leg up on the learning curve.
Windows NT 5.0 offers a wealth of new capabilities. Some of these capabilities include
While we don't have space to cover all of the new features in detail, we will cover the Beta's installation, Active Server features, the new Microsoft Management Console, data storage enhancements, and new hardware support. We'll cover the other features in upcoming issues.
Installing the betaInstalling Version 5.0 is not significantly different from installing Version 4.0. One great new feature is the ability to upgrade Windows 95 computers to Windows NT. For our tests, we upgraded a Texas Instruments Extensa 550CD laptop running Windows 95 and Office 95 to Windows NT Workstation 5.0 without a problem.
The Setup utility scanned our system for incompatibilities, reported its findings, and offered us the option of canceling the upgrade if we didn't like what it had found. Other standard setup dialog boxes appeared and quickly disappeared as Setup automatically migrated our Windows 95 settings to Windows NT.
Our test workstation had Office 95 installed already. Setup automatically migrated Office 95 and its settings. Setup never prompted us for a single Office installation disk during the upgrade.
This may not be the case for other software; you may well need the original setup disks. Some applications install different components on Windows 95 systems than on Windows NT. In those cases, you'll need the original disks to add the correct components to your system.
After a successful migration, we were able to start putting Beta 1 through its paces. Each of the major areas showed quite a bit of promise. But with any piece of beta software, you need to be aware of a few things.
Active DirectoryWith its complex and difficult domain structure, Windows NT has rightly taken a beating for the difficulty associated with setting up and managing large user environments. The Active Directory changes all that by replacing 3.x/4.0-style domains and the complicated multidomain models that large sites require.
The Active Directory is a network-wide hierarchical database of computing resources. That's where you store all information that describes your computing environment, including data about users, groups, computers, printers, and so forth.
But Active Directory doesn't completely replace NT's domain structure. You still create Windows NT domains in the Active Directory environment; however, Active Directory allows you to create a hierarchy of domains to organize your network.
Each domain automatically trusts the other domains with transitive Kerberos trusts. Kerberos refers to the security level used by NT. Transitive (implicit) trusts simplify the job of configuring a multidomain environment.
For example, consider a network with domains A, B, and C. Domain A trusts domain B and domain B trusts domain C. In previous versions of Windows NT, domain A did not inherit any trusts, therefore domain A did not automatically trust domain C. If you wanted that to happen, you had to configure the extra trust manually.
Using the same scenario with Windows NT 5.0 transitive trusts, domain A inherits domain B's trust of domain C. When a user from domain C tries to access a resource in domain A, the Kerberos security subsystem transparently authenticates the user across domain boundaries via the transitive trust.
Windows NT 5.0 can also be easily configured as a workgroup member to support networks that don't need the capabilities offered by the Active Directory. Furthermore, Windows NT 5.0 provides backward compatibility for clients not yet upgraded. These clients see the Active Directory server as a domain controller.
You should start learning and planning now for your implementation of Active Directory Services. If you're not already using TCP/IP as the basis of your network, start making the switch. Get to know Microsoft's DNS server software, since the Active Directory relies on TCP/IP and DNS.
You can use other DNS systems, but Microsoft's version enables you to set up dynamic DNS naming services. With dynamic DNS, all the necessary resource records for DNS clients are created automatically in the DNS database. This greatly reduces the administrative overhead required to maintain a DNS server.
Furthermore, systems that get their IP addresses from DHCP can be automatically registered with the DNS server. Users attempting to access these computers by their fully qualified domain names (for example, server.company.com) will be successful even as IP addresses change.
You'll name your Active Directory domains based on your DNS configuration, such as ntdomain.zd.com. Windows NT 5.0-aware applications will use these new names rather than the old NetBIOS-style names (for example, NTDOMAIN).
Microsoft Management ConsoleTo manage the Active Directory and the many other aspects of Windows NT 5.0, the new Microsoft Management Console (MMC) replaces older tools such as User Manager and Server Manager. Actually, MMC is simply a shell, providing no management functionality in itself. Rather, MMC is a host for add-ons that actually supply the management functions.
These add-ons come in the form of ActiveX controls called snap-ins. Microsoft calls the combination of the MMC shell and one or more snap-ins a tool. Some preconfigured MMC tools are available on the Start menu for performing basic administrative functions, such as managing your computer or your directory.
You can create your own tools by adding or removing snap-ins. You can save these tools, add them to your Start menu, or distribute them to other administrators.
MMC uses a Windows Explorer-like interface, as shown in Figure A. As you can see, the left pane, called the Scope Pane, shows container objects that you can manage. The right pane shows properties and details for the object you select on the left. The Computer management tool included with Beta 1 also provides three wizards to assist with basic hardware functions. You get to those by clicking on Getting Started in the Scope pane.
Figure A: NT 5.0 introduces the Microsoft Management Console
Microsoft has announced that it will update its BackOffice suite to support MMC and snap-ins. Microsoft expects third-party software vendors to follow suit. In fact, MMC compatibility is a prerequisite to being certified to use the Windows NT 5-compatible logo on third-party software, and many vendors have announced they will comply with the new requirement.
Data storage enhancementsVersion 5.0 also will introduce a number of data storage enhancements, including a new version of NTFS, FAT32 support, disk quotas, the Encrypting File System (EFS), and a new version of the Backup utility. The Distributed File System (DFS) is available now, but Windows NT 5.0 adds fault-tolerant DFS roots and nested junctions, support for DNS-style naming, and integration with the Active Directory.
Version 5.0 of NTFS offers performance enhancements and enables many of the other new features we've mentioned. For example, the new NTFS adds the file-system features necessary to enable disk quotas and file encryption. With dynamic volume support, you can add disk space to volumes without rebooting.
Version 5 adds improved link tracking and junction points. Distributed link tracking enables more robust file shortcuts. When you move a file to a new volume or to a different computer, the shortcut is automatically updated to preserve the link. If a link should get broken, the management tools enable you to re-establish it, according to Microsoft's documentation.
Junction points, akin to UNIX's symbolic links, let you join a volume to an NTFS folder. The grafted volume appears as if it were part of the folder and doesn't require a separate drive letter. One potential "gotcha," at least in Beta 1, comes when you break the link. The folder to which you grafted the volume is immediately deleted, without warning. Figure B shows using the linkd command to join the CD-ROM volume to the Cdrom folder. (In Beta 1, the linkd command is not installed automatically. We found it hidden in a Preview folder on the distribution disk.)
Figure B: LINKD joins the CD-Rom volume to the CD-rom folder
Windows NT 5.0 retains support for FAT and older NTFS versions. You can also use FAT32 volumes, which lets you dual-boot with Windows 95 or upgrade those systems to Windows NT. You can still use the DOS-like CONVERT command to convert your FAT or FAT32 volumes to NTFS. But you'll use the new CHKNTFS command (with the /E switch) to upgrade your current NTFS volumes to Version 5.
Both commands work without damaging your data, but if you're converting your boot drive, schedule the conversion for the next time you reboot instead of converting immediately. Windows NT 5.0 does not include the capability of converting to the FAT32 format.
To encrypt a file using the Encrypting File System on an NTFS Version 5 volume, right-click on a file or folder and choose Encrypt. Your files are encrypted using the DES algorithm and your private key. NT automatically decrypts your files when loaded into your applications, provided you're the one accessing the files. Other users cannot decrypt your files or read your data.
This transparency is possible because NT implements EFS as a file system driver that sits between the I/O Manager and the NTFS driver within the kernel mode portion of Windows NT. The new model requires no changes to your applications.
To decrypt a file, you right-click and choose Decrypt. The command line CIPHER command offers more options for encryption and decryption than does the Explorer interface. There are also new encryption-related switches to the COPY command for you command-line warriors.
At TechEd 97 (a technical education conference run by Microsoft), Microsoft stated that EFS would work across network shares, but that feature isn't part of Beta 1. Nor can you encrypt files on floppy disks. Of course, floppy disks don't use NTFS, but the ability to store encrypted data on removable media would seem to be an obvious need. Maybe Microsoft will figure out a way of adding such a feature by the release date.
Until now, if you wanted to limit users' disk-space usage, you've been forced to use third-party solutions. With the release of Version 5.0, you'll finally have the option of enforcing disk-usage quotas with an integrated operating-system feature. Quota management can be performed from Explorer or the MMC Disk Management tool, as shown in Figure C. You set the quotas by using the new Quota tab in the Properties box for the C: drive.
Figure C: You can now control disk usage on your server
You can set default limits per volume as well as individual user limits. But, at least in Beta 1, you can't set limits on groups. And there's no Browse button, so you must enter user names manually, as shown in Figure D. You create a quota entry for a particular user using the Quota Settings for New Entry dialog box.
Figure D: You can limit the space your userts can take.
The quota limits seem to work as advertised, but they don't take effect immediately. Having set a 10MB quota, we were able to copy 20MB of files to the quota-limited drive. When we tried to copy more files, we were then given a message that the drive was full. We discovered another hitch when we deleted the files. Until we emptied the Recycle Bin, the system thought we were still exceeding the limit and wouldn't permit further copies to the drive. Emptying the Recycle Bin solved the problem, and subsequent copies, as expected, were limited by the 10MB quota.
Microsoft has enlisted the aid of Seagate Technology to rewrite the Backup utility. The version that will ship with Windows NT 5.0 will finally support backup media other than tape. You'll be able to back up local drives and network shares to optical and removable disks, drive arrays, network shares, and even floppy disks. The new Backup sports a spruced-up interface and even includes a backup and restore wizard, as shown in Figure E.
Figure E: NT 5.0 has a new backup utility.
New hardware supportAt long last, Windows NT includes Plug and Play hardware support! We plugged an old external (non-Plug and Play) modem into our test desktop system. While the system didn't automatically detect the external device, the hardware wizard did correctly identify and install the drivers for the modem.
Installing a modem on our test laptop was as simple as plugging in a PC Card. Removing a device was not intuitive, though. We had to choose to change the device's properties in the hardware wizard in order to find the Uninstall button.
Also part of Windows NT 5.0 are power management capabilities, via support for the Advanced Configuration and Power Interface (ACPI) specification. Developed by Intel, Microsoft, and Toshiba, ACPI enables advanced power management functions such as instant on, low-power sleep mode, and turning off peripheral devices that aren't being used.
Through the Power Management Control Panel application, you can configure the power management properties on your system. Beta 1 includes six basic power management schemes, such as Home/Office Desk, that you can use as is or customize. The schemes control when the monitor and hard disk will be turned off if your system is inactive.
On our Compaq ProLinea 575 test system, Windows NT 5.0 successfully turned off the hard disk but didn't reliably shut off the monitor after the allotted inactive period. Even so, this is pretty impressive, since the system was built long before ACPI was a glint in a designer's eye. On our test laptop, again not ACPI-compliant, the power manager reliably turned off the monitor and hard disk as configured.
ConclusionMicrosoft is working hard to add many new features to NT to make it easier to manage and more powerful. In this article, we covered some of the new features found in Beta 1 of NT 5.0.
Tim Poulsen is a senior curriculum developer at Ziff-Davis Education (Error! Bookmark not defined.), where he writes MCSE certification-oriented courseware. Tim presented some of the information in this article in the April 7, 1998 edition of PC Magazine.
Copyright © 1998, ZD
Inc. All rights reserved. ZD Journals and the ZD Journals logo are trademarks of ZD
Inc. Reproduction in whole or in part in any form or medium without
express written permission of ZD Inc. is prohibited. All other product
names and logos are trademarks or registered trademarks of their
respective owners.