Author: Dan DiNicolo

Windows 2000 supports updating drivers in a few different ways. One way is via Device Manager, where drivers can be updated on a device-by-device basis as necessary using the Update Device Driver Wizard. Note that it is also possible to update device drivers (as well as system files) via the Windows Update feature. The good news is that only an administrator can do this.

Windows 2000 also supports a few new features with respect to drivers. One of these features is driver signing. Simply, Microsoft digitally signs all drivers and system files included with the operating system in order to certify that they have been tested and function correctly under Windows 2000. As the administrator, you can control how the system responds to unsigned files via the Hardware tab in the System program, where you will find the Driver Signing button.
Note that if you attempt to install an unsigned driver, by default the system will warn you, but you can also configure it to ignore the signatures or block unsigned files completely (you should also know that this can be controlled via Group Policy – more on this later in the series as well). Other important things you should know about driver signing in Windows 2000:

• The Signature Verification Utility, Sigverif.exe, will show you all drivers and system files that have not been digitally signed. You can save the output to a file, and choose which types of files to scan via the Advanced properties in the program.
• Another tool that exists in Windows 2000 for the purpose of verifying driver activities is the Driver Verifier tool, Verifier.exe. This tool can be used to verify that a driver is functioning correctly and without errors.

The way that you interact with network adapters has also changed from Windows NT 4. Where previously all settings were found in the Network program in Control Panel, now all network settings reside in the Network and Dialup Connections program. One major change is that each connection is viewed as a separate connection object. So, if you had 1 NIC, a VPN connection to your office, and a dialup connection to your ISP, you would have 3 connection objects, each of which could be separately configured.

Note that you cannot create additional Local Area Connection objects – these are added automatically by Windows 2000 as you add network adapters. The properties of a given connection object allow you change settings including protocol settings, driver properties (on a network card), authentication and encryption protocols (for dialup and VPN connections), as well as settings for redial and so forth. Another thing that has changed is how protocol bindings are configured. These are not handled in the properties of a connection object, but instead from the Advanced Settings menu item on the Advanced menu in Network and Dial-up Connections.

The bad news is that I/O device monitoring, configuration, and troubleshooting covers a whole gamut of hardware including printers (already covered), fax printers, scanners and cameras, multimedia devices, mice, keyboards, smart card readers, modems, infrared, and USB devices. The good news is if you know the basics, you should be fine. Most I/O devices are looked at individually below according to where you configure settings in Control Panel (where applicable):

Fax: Allows you to set properties such as fax user information and cover pages. Users send a fax by printing it to the fax printer. This tool also allows an Administrator to set properties with respect to how faxes are sent, received, or saved. Note that you will only see this tool is a fax modem is installed, and that a fax printer cannot be shared like other printers.

Scanner and Cameras: Not much to see here except an Add button, link to the associated troubleshooter and a Test button on a device’s General tab.

Sounds and Multimedia: You can get into and change the properties (such as drivers) or related hardware from here.

Mouse: change the speed, button configuration, click settings, pointer speed, and mouse hardware settings.

Keyboard: control input locales (language layout), key speed, and hardware settings.

Wireless Link: This option exists in Control Panel if your system has an infrared device installed. The Wireless Link icon appears on the taskbar whenever another infrared device is within range, allowing you to exchange files between systems or print to a printer with an infrared port.

Smart Cards (not in Control Panel): Smart cards will be automatically detected by Plug and Play (if compliant), and will connect to either a serial, USB, or PC Card port. In order to use a smart card, a certificate must first be installed on your card, which includes your private and public keys (requires an Enterprise Certificate Authority – more on this later in the series). The smart card can then be used to log on locally or remotely. Users will be prompted for a PIN number after inserted their smart card. Smart Cards use the Extensible Authentication Protocol (EAP) as their authentication method.

USB Devices (not in Control Panel): USB devices are listed in Device Manager under Human Interface Devices. One issue with USB is that your system BIOS may not support it, or may have it disabled (enable in BIOS). All USB devices attached to the same controller have a fixed amount of bandwidth to share. This can be allocated via the Advanced tab of the USB controller’s properties. Note also that there are two types of USB hubs: those that are self-powered (electrical plug – more power), and those that are bus-powered (less power, not good for things like scanners, etc). You can view the amount of power that a device will consume from the Power tab of the USB Root Hub properties.

Phone and Modem Options: since Windows 2000 cannot detect certain internal modems, you can use the Modem tab in this program to open the Add New Modem wizard. Going into the properties of a modem allows you to run a diagnostic test, as well as write the results to a log file.

One additional note with respect to modems. You should be aware that Windows 2000 Pro supports Multilink, the ability to aggregate the bandwidth from two or more physical connections into one logical connection. Modems, ISDN and X.25 connections are all supported. You can configure the properties that Multilink will use on a connection-by-connection basis. For example, you could choose to use Multilink when dialing the office, but not your ISP. The default is that all lines are dialed, but this can be changed, as shown below. Options are configured from the Options tab of a connection object in Network and Dial-up Connections. Multilink must be enabled and configured on both the client and RAS server in order to function.

Windows 2000 obviously provides support for mobile computing. In this section we’ll explore mobile hardware profiles, APM, ACPI, and other power related options.

Windows 2000 still supports the use of hardware profiles to control which hardware drivers and services are loaded when Windows 2000 boots, such as when you are either on or off the network. If you have more than one hardware profile, you will be prompted to choose one when the system boots. The default hardware profile includes networking support, but if the machine is a laptop, you should also create an ‘off the network’ profile. Specify that a profile is for a laptop by choosing ‘This is a portable computer’ in the properties of the profile. Windows 2000 will automatically attempt to determine whether or not the computer is docked. If you want the profile to be used exclusively in a docked or undocked mode, you should choose the appropriate of option.

If Windows 2000 detects a docking station, you will find an Eject PC button on the Start menu that you can use to dock or undock without a reboot. Windows 2000 also supports changing PC Cards, drives, and external hardware (such as USB or parallel devices) without a reboot. However, you should notify the system that you are planning to unplug a device by using the Unplug option in Add/Remove hardware, or the Unplug/Eject taskbar icon.

Another new feature in Windows 2000 is the ability to support multiple monitors. Windows 2000 can support up to 10, and allows you to extend the desktop across these additional monitors. Of course, you will need a number of separate display adapters for this to work (or an adapter that supports dual monitors). One adapter must function as the primary display device, the others as secondaries. Color depth and resolution can be configured for each device individually, via the Display program. A few important notes on multiple monitors:

• PCI or AGP display adapters are the only types supported for multiple monitors in Windows 2000
• If you have an on-board display adapter, this will automatically be made a secondary. You should always install Windows 2000 with the onboard adapter only. If another adapter is present, Windows 2000 will disable the onboard adapter during setup. Add additional display adapters after the OS is installed. If your setup now has an onboard and a PCI adapter, for example, the PCI will be the primary, the onboard the secondary. Note that your BIOS may not support using the onboard adapter when another physical adapter is present.
• You can drag the monitor icons in the Display program to match the physical layout of your monitors.
• If multiple monitors is not working correctly, be sure that the ‘Extend My Windows Desktop Onto This Monitor’ checkbox is selected for any secondaries, and that you are using a display adapter capable of supporting multiple monitors (PCI or AGP)

This section takes a look at hardware devices on a type-by-type basis. Note that to install, configure, or uninstall a device, you must be logged on as Administrator (or a member of the administrators group, of course). If an administrator has already loaded the drivers for a device, then you would not need administrative privileges to do these things.

One of the big changes in Windows 2000 is the support for Plug and Play. If you install a Plug and Play device, Windows will automatically assign resources to the device including IRQ numbers, DMA channels, I/O port addresses, and memory access ranges, and will ensure these are unique. However, with a non Plug and Play device, you may need to configure these settings manually, via Device Manager (found in the Computer Management tool and very similar to the Win98 tool). New devices can be added via Add/Remove Hardware in Control Panel, if the process isn’t started automatically by Windows 2000 when you plug in a device. The Add/Remove Hardware wizard will allow you to Add, Troubleshoot, Uninstall, or Unplug a device.

Once a device is installed in Windows 2000, the tool used to configure settings for that device is Device Manager. The tool allows you to view information about devices in a number of different ways. For example, you can view a device by type (CD-ROM, Monitor, etc), or by resource (IRQ, DMA, etc.), or by the bus that enumerated them.

Windows 2000 supports a variety of DVD drives from a variety of different vendors. These devices (as with all hardware) should appear on the Hardware Compatibility List (HCL) in order to guarantee support. DVD drives and their properties are configured from Device Manager under DVD/CD-ROM devices. If the device is not automatically configured via Plug and Play, you can use the Add / Remove Hardware wizard to manually install the device.

Windows 2000 also supports removable media, such as tape devices. Again, these should appear on the HCL and will be detected and configured automatically if Plug and Play compliant. If not, again use the Add / Remove Hardware wizard to install manually. Note that unlike NT 4, the Backup program in Windows 2000 supports backing up to different media such as disk, CDR/W, Zip drives, and so forth, with the ability to span media.
Disk Quotas

Another new feature in Windows 2000 is the ability to use disk quotas. Disk quotas allow an Administrator to be able to track how much disk space a particular user is using, and decide on an appropriate course of action. The important stuff about disk quotas:

• Can only be set up on NTFS partitions / volumes.
• Configured on a partition-by-partition basis. That is, you could have quotas configured on drive C, and not D, for example.
• Quotas do not use NTFS compression in calculations – space is calculated based on uncompressed size of files.
• Quotas report only the amount of disk space available to user to programs.
• Quotas can be used for track ing space usage and/or denying space usage to those who go over the configured limit

When quotas are configured, they are configured for everyone saving files to that volume. If you wanted to configure special settings for a given user or users on that volume, you could use a Quota Entry, which would specify settings for that particular user. Note that quota entries can only be configured for users, and not groups. As such, you couldn’t set up an entry for the entire Sales group. If you needed special settings for this group, each user would need to be configured individually. For this reason, it is recommended that you try and have all users will similar needs save their files to the same partition. That way, you can configure all quota settings at once, and avoid quota entries for all but special cases. This screen shot shows both the Quota tab for a partition, as well as a quota entry for a particular user.

Before getting into the bigger details, know that Windows 2000 supports the FAT, FAT32 and NTFS file systems. You can convert FAT or FAT32 to NTFS using the Convert.exe program. There is no utility provided to convert NTFS to either FAT or FAT32.

Disks Management is an area that has changed significantly from NT 4. First of all, there are now two types of hard disk storage configuration – Basic and Dynamic. The two differ in capabilities as well as terminology, so it is important to keep things straight. A Basic disk is the traditional disk type from NT 4 (as w ell as 95, 98, etc). A Basic disk is divided into partitions (3 primary + 1 extended containing logicals, or 4 primaries maximum), and can be accessed by other operating systems, using the information stored in the master boot record (MBR). In Windows 2000, a Basic disk can contain existing RAID 0, 1, or 5 sets created in NT 4 (or previous versions) as well as volumes sets. However, none of these can be newly created under Windows 2000 if you are using Basic disks – they may only exist if the system has been upgraded from NT (you can however repair a failed RAID set, even on a Basic disk).

While Windows 2000 Server install IIS by default on a clean installation, Window s 2000 Professional only installs IIS (now called Internet Information Services in Professional as well) if Peer Web Services was previously installed on the machine (meaning an upgrade from 95, 98 or NT running PWS). However, if it was not installed by default, you can add it by using the Windows Components Wizard via Add/Remove Programs in Control Panel (incidentally, this is now where all Windows components are added, different from NT 4). Of course, you will need TCP/IP installed on the system prior to installing IIS. The tool to manage IIS is still called Internet Services Management (ISM), and is still an MMC snap-in. Installing IIS will create a directory called Inetpub, under which you will find the associated storage directories for the given services.Examples of the services installed include a default Website (wwwroot), default FTP site (ftproot), and virtual SMTP server (mailroot). Components can be included or excluded as you see fit. You can also control the properties of each and create new virtual sites as you would in IIS. To control Master properties, or those that will be inherited by all sites, go to the properties of the computername in ISM, and choose to edit a service (like WWW Service).