MicroSoft Windows NT Primer

Under Construction

This page is still under contruction. Due to traffic jams, please follow the detour signs to designated offramps to help avoid further collisions. Thank You and safe motoring...

MicroSoft Windows NT Primer

Disclaimer-

I do not claim to the veracity of all information in this page as it keeps changing as Windows NT keeps changing. I also do not dedicate my life to maintaining this page and do not plan on publishing to print. So use the information at your own risk, and use this as just a suppliment to some other book.

Windows NT is a recent update to the Windows Environment from MicroSoft. While incorporating some new features this version of Windows is, mostly, backwareds compatable with preveious versions. Here is a list of the most pronounced changes:

NT is an operating system unto itself.
NT has it's own boot loader.
NT runs new Win32 32-bit code.
NT runs old Win16 16-bit code.
NT has it's own file system, NTFS.
NT uses accounts to keep track of users.
NT uses a User Profiles to keep track of users application preferances.
NT has security built into the OS.
NT uses groups to group users together
NT can use workgroup sharing to share resources from one machine to another on the network.
NT uses Domains to share security and users between machines on a network.
NT has built in networking.

NT is an operating system

New to this version of Windows is that it does not require for another, lower level, operating system to boot. With previous versions of Windows you had to have MS DOS or another Operating System to handle the actual low level interactions with the machine. Now all of this is included in the WindowsNT program making it an operating system by itself.

But be warned, since NT incorporates so much more into it's environment, it also takes more processing power, RAM and disk space than older operating systems. Microsoft states that NT will run on a 486DX/66MHz with 12MB or RAM and a 100MB hard drive. But, if you do this, it could take up to 15 minutes just to turn on the machine. I would suggest that you have AT LEAST a Pentium 75Mhz with 16MB of RAM and 512MB of disk space. And even so this will be slow, just tolerable.

NT's Boot Loader Menu

NT has it's own boot manager built into it. With this you can have WindowsNT on one partition or disk and have another operating system on another system or disk. By doing this, you can still have your DOS and Windows 3.1 on your drive C: and still load Windows NT onto another disk, say D:.

Since NT is not 100% compatable with previous versions it is sometimes desirable to have both on the same system. If not needed, you can set the time-out value for the boot loader's menu to be 0. By doing this, it will still load the boot menu, but it will not pause for you to select an operating system.

NT is a 32-bit Operating system

NT is written as a 32-bit operating system. What this allows Microsoft to do is:

Address RAM Memory directly.
Add more intructions into the kernel.
Make it easier to emulate a 386 in memory to execute other programs at the same time.

NT can run 16-bit programs

NT can emulate the older versions of Windows, providing backward compatabily to the older software. This was important for getting Windows NT accepted into the market.

But it has some limitations, too. To do this, Windows is emulating an older machine, in memory, to execute the older programs. Because of this, it will always be slower than if the program ran in Win32 mode.

Also, it a piece of software needs direct access to hardware, it will not run under NT. NT uses it's own drivers and all accesses to the hardware has to go through these drives. Because of this, some older software could not get access to the devices directly and usually would not then run.

NT's private operating system

NT now has it's own file system, NTFS. With this, MicroSoft can add in some much needed functionality while still making the Operating system backwardly compatible with older operating system. The new operating system allows for:

Full 32-bit access.
Partitions larger than 2 GigaBytes(GB)
File names longer than 8 characters and including spaces, with multiple file name extentions
Built in compression
Security descriptors that can be set on a per user basis.
Combining partitions on other disks into one or more logical Disks, improving performance or reliabilty, depending upon the mode.

NT User Accounts

Everytime an NT Machine is turned on, the user must login before anything, other than shuting down, can be done. When the user does this, the NT Primary Domain Controller(PDC) can then give or deny accesses to system resources based upon this login's Security. The User also has a Profile, stored either locally or on the Domain, that is defined by the user as to how that user wants NT to look and act like.

For more detailed information

NT User Profiles

Each user to has a seperate User Profile. What this does is save the user's preferances to be saved on a per user basis. This affects from how the desktop looks to how some programs act. The user's profile can be locally stored on a machine or, if part of a domain, set to roam from machine to machine as the user moves around. To do this, the profile is copied back to the designated server each time the user logs out.

NT Security

The security is built into the NT Workstation and the NT Server. By doing this, MicroSoft makes it so that an anonymous user cannot just walk up and start modifying the machine, unless you want them to.

To gain access to a machine, the user must login on the console or, if accessing just a shared portion, login using a remote username and password challenge. Once the user is granted access to the machine, the security then limits just what the user may or may not use or change on the machine. It can also limit the user to logins only during designated hours.

NT User Groups

Windows allows you to group users into User Groups. By doing this, an administrator can give or remove permissions to whole groups of people through the group instead of doing so on a per user basis. There are groups defined on each local NT machine and some are Domain groups.

For the Domain groups to be available on an NT client, it must first be running NT itself and it must be a member of the Domain or one of the Domain's trusted Domains. If not, then the group only resistricts access on the Domain level. If so, then the group can be used to add or remove privlages on the local machine as well.

NT Workgroups

Workgroups are a collection of computers that allow sharing of information and/or resources across the network. The big differance between the Domains and the Workgroups is that in a Workgroup, each machine has seperate security information and that information would have to be updated on a per machine per account or group basis.

With an NT workgroup member, security can be set on a per user or group basis, but this information is only good on this one machine. When connecting from accross the network, a user would be prompted for this information if the machine you are using does not already have it from a previous request.

Each workgroup is given a name to help keep browsing the network easy. When browsing, you can view all of the groups on the network, and when in a group you are only shown the members of that group.

NT uses Domains to share users and security information

NT uses the idea of domains to group machines in a network so that users and security can be shared across the group and not have to be reset on each end every one. The machines in the network can be a combination of Servers and Clients. All of the Servers would be Windows NT. The Clients could be anything from DOS up to Windows NT Workstation or Server. If you use anything other than NT as a client it will only use the username and password to determine your accesses into the servers in the domain.

Using domain groups, you can set permissions on the servers and clients. Then if you need to update the permissions for this group of users, you just update one group and not all of the users in the group. Also, if you need to add someone to the group, it just gets added to the group lists on the server and does not need to be updated on each machine.

To share this information in a Domain, there needs to be at least a Primary Domain Controller(PDC). To make sure that network does not depend upon the service of just one machine, you can then setup one or more Backup Domain Controller(BDC). The BDC copies the user and security information from the PDC upon startup and syncronises any changes with the PDC on a set time basis. Some people would say that is inefficient, but if you have so many updates or so many users you do notice a difference in network speed, you should break up your network and/or domains into smaller sections.

NT has built in networking

Windows NT Workstation and Server both have Networking built into the Operating System. Don't get me wrong, you still have to install drivers and programs to your machine, but most of the basic services are included on the Windows NT CD-ROMs, ready for installation. This is a big step over previous versions of Windows in which networking seemed to be an added on feature after everything else was working.

Also, you can now run your Workgroup or domain across subnets. WindowsNT can do this by embedding it's preferred NetBEUI packets inside the TCP/IP protocol packets. Since NetBEUI was a broadcast protocol and was not passed on to other subnets, networks were limited in size because of cabling limits or excesive traffic. Now with being able to go across networking segments administrators can split up the networks into smaller, managable chunks, and still be able to provide the same services as if each machine was still on the same segment. This is not new, Microsoft had done this in previous products. But now it is easily implimented on both the client and server sides.