Chapter 3 - Planning Your Windows 2000 Advanced Server Installation
This chapter will help you plan for the installation of Windows 2000 Advanced Server on a domain (grouping) of two to five servers. The information in Getting Started is designed to help with the installation of such a domain, intended to serve 100 or fewer clients. For help with planning the installation of a larger number of servers, see the Windows 2000 Server Resource Kit, Deployment Planning Guide. For a listing of other sources of information, see Finding Further Information in Chapter 1, Welcome.
On This Page
Introduction
System Requirements and Hardware Compatibility
Important Files to Review
Deciding Whether to Upgrade or Install
Decisions to Make for an Upgrade
Upgrading an Existing Windows NT Domain
Decisions to Make for a New Installation
Choosing a Licensing Mode
Deciding Whether a Computer Will Contain More Than One Operating System
Choosing a File System
Planning Disk Partitions for New Installations
Choosing Components to Install
Networking: TCP/IP, IP Addresses, and Name Resolution
Deciding Between Workgroups and Domains
Introduction
Planning Your Windows 2000 Advanced Server Installation is designed to help you gather information about your servers and your configuration requirements. If you are upgrading rather than performing a new installation, you will want to read only part of this chapter. If you are performing a new installation, a section to focus on is Decisions to Make for a New Installation. The following list of headings will help you find the information that applies to you:
Sections to read if you are upgrading:
System Requirements and Hardware Compatibility
Important Files to Review
Decisions to Make for an Upgrade
Upgrading an Existing Windows NT Domain
Choosing a File System
Sections to read if you are performing a new installation:
System Requirements and Hardware Compatibility
Important Files to Review
Decisions to Make for a New Installation
Choosing a Licensing Mode
Deciding Whether a Computer Will Contain More Than One Operating System
Choosing a File System
Planning Disk Partitions for New Installations
Choosing Components to Install
Networking: TCP/IP, IP Addresses, and Name Resolution
Deciding Between Workgroups and Domains
After making the decisions outlined in this chapter, you’ll be ready to run Windows 2000 Setup and, later, to start the Configure Your Server program. Together Setup and Configure Your Server help you get your servers up and running quickly.
To find out more about the Configure Your Server program, see the chart in Chapter 4, Running Setup for Windows 2000 Advanced Server, or see the Learn more selections available within Configure Your Server. After running Setup, you can also display Windows 2000 Help, by clicking Start, and then clicking Help.
System Requirements and Hardware Compatibility
Before installing your server, make sure that you have chosen hardware that supports Windows 2000 Advanced Server.
System Requirements
To ensure adequate performance, make sure that computers on which you will install Windows 2000 Advanced Server meet the following requirements:
133-MHz Pentium or higher central processing unit (CPU).
A maximum of eight CPUs per computer are supported.
256 megabytes (MB) of RAM recommended minimum (128 MB minimum supported; 8 gigabytes (GB) maximum).
For computers with more than 4 GB of RAM, see the Hardware Compatibility List (HCL), described in Hardware Compatibility later in this chapter.
A hard disk partition with enough free space to accommodate the Setup process. The minimum amount of space required will be approximately 1 GB. More space might be needed, depending on the following:
The components being installed: the more components, the more space needed.
The file system used: FAT requires 100-200 MB more free disk space than other file systems.
The method used for installation: if installing from across a network, allow 100-200 MB more space than if installing from the CD-ROM. (More driver files need to be available during installation across a network.)
The size of the paging file.
In addition, an upgrade could require much more space than a new installation, since the existing user accounts database can expand by as much as a factor of ten during the upgrade, as Active Directory functionality is added.
Note The Setup process requires the free disk space described in the previous paragraphs. After Setup is finished, actual hard disk space used for the operating system (excluding user accounts) is usually less than the free space required for Setup, depending on system components installed.
For additional information about planning the sizes of disk partitions, including information about creating a separate partition for Remote Installation Services, see Planning Disk Partitions for New Installations later in this chapter.
VGA or higher-resolution monitor.
Keyboard.
Mouse or other pointing device (optional).
For CD-ROM installation:
A CD-ROM or DVD drive.
High-density 3.5-inch disk drive, if you plan to start the computer from the Setup media and your system does not support starting the computer from the CD-ROM. If your computer does not have a working operating system and does not support startup from the CD-ROM, you must have a high-density 3.5-inch disk drive.
For network installation:
One or more Windows 2000–compatible network adapters and related cables. See the HCL, which is on the Windows 2000 CD-ROM, in the Support folder, in Hcl.txt. You can find updated versions of the HCL on the following Web site:
A server from which to offer network access for the Setup files.
Hardware Compatibility
Windows 2000 Setup automatically checks your hardware and software and reports any potential conflicts. To ensure a successful installation, however, check to make sure your computer hardware is compatible with Windows 2000 Advanced Server before starting Setup.
To do this, see the Windows 2000 Hardware Compatibility List (HCL). If your hardware is not listed, Setup might not be successful. (Note that one type of hardware no longer supported is the microchannel bus.)
To see the version of the HCL that was released with Windows 2000, on the Windows 2000 CD-ROM, in the Support folder, open Hcl.txt.
Updated versions of the HCL are available at:
In addition, check that you have updated drivers for your hardware devices and that you have the latest system BIOS. The device manufacturers can assist you in obtaining these items. For more information about the ACPI standard for the BIOS, see Understanding ACPI BIOS later in this chapter.
Finally, before installing Windows 2000 Advanced Server, consider taking a device inventory of the hardware devices in your computer. For more information, see the next section, Taking an Optional Device Inventory.
Taking an Optional Device Inventory
To ensure smooth functioning of your adapters and other devices in your computer, be sure to read System Requirements and Hardware Compatibility earlier in this chapter. For specific information about using a mass storage controller (such as a SCSI, RAID, or Fibre Channel adapter) with a driver that was supplied by the manufacturer, see the next section, Mass Storage Drivers and the Setup Process.
Windows 2000 includes Plug and Play technology so that devices (for example, video and network adapters) can be automatically recognized by the operating system, configuration conflicts are avoided, and you do not have to specify each devices settings by hand. However, if you have devices that do not use Plug and Play, or you are aware that your Plug and Play devices are not implemented exactly to the standards, you might want to take steps to avoid device configuration conflicts. This section describes steps you can take, if you choose, to understand your device configuration before running Setup.
To better understand the configuration of the devices in your computer, take an inventory of them. To do this, if you have an existing operating system, use it to obtain the current settings, such as memory address and interrupt request (IRQ), used with your devices. For example, with Windows NT 4.0, you can use Control Panel to view settings (on the Start menu, point to Settings, click Control Panel, and then double-click icons such as Network and Ports). You might also choose to view system BIOS information. To do this, watch the screen while starting the computer and then press the appropriate key when prompted.
During Setup, Windows 2000 automatically takes a device inventory as well. However, taking your own inventory helps prevent the following difficulties:
If two or more adapters share IRQ settings or memory addresses, Windows 2000 might not be able to resolve the conflict. To prevent this, you can take one of two approaches.
You can remove one of the adapters before running Setup and re-install it afterward, using the Help topics on hardware for guidance in configuring it. (To display Help, after running Setup, click Start, and then click Help.)
Alternatively, you can to modify one adapters IRQ settings and memory addresses before running Setup, so that each adapters settings are unique.
If adapters do not respond in a standard way to the attempts by Windows 2000 to detect or enumerate them, Windows 2000 might receive indecipherable or inaccurate information. In this case, you might need to remove these devices before running Setup, and re-install and configure them afterward, using the Help topics about hardware for guidance. To display Help, after running Setup, click Start, and then click Help.
The following table lists the kinds of information to gather before starting Setup.
Adapter |
Information to gather |
|---|---|
Video |
Adapter or chipset type and how many video adapters |
Network |
IRQ, I/O address, DMA (if used) connector type (for example, BNC or twisted pair), and bus type |
SCSI controller |
Adapter model or chipset, IRQ, and bus type |
Mouse |
Mouse type and port (COM1, COM2, bus, or PS/2) or USB |
I/O port |
IRQ, I/O address, and DMA (if used) for each I/O port |
Sound adapter |
IRQ, I/O address, and DMA |
Universal serial bus (USB) |
Devices and Hubs attached |
PC Card |
What adapters are inserted and in which slots |
Plug and Play |
Whether enabled or disabled in BIOS |
BIOS settings |
BIOS revision and date |
External modem |
Com port connections (COM1, COM2, and so on) |
Internal modem |
Com port connections; for nonstandard configurations, IRQ and I/0 address |
Advanced Configuration and Power Interface (ACPI); Power Options |
Enabled or disabled; current setting |
PCI |
What PCI adapters are inserted and in which slots |
Mass Storage Drivers and the Setup Process
If you have a mass storage controller (such as a SCSI, RAID, or Fibre Channel adapter) for your hard disk, see if the controller is on the Hardware Compatibility List (HCL) that was released with the software, that is, Hcl.txt in the Support folder on the Windows 2000 Advanced Server CD-ROM. This file (as contrasted with the updated HCL at https://www.microsoft.com/hwdq/hcl/) lists only the devices for which drivers are included on the Windows 2000 Advanced Server CD-ROM. If your controller is not listed in the HCL on the CD-ROM, but the manufacturer has supplied a separate driver file for use with Windows 2000, locate the floppy disk containing the file before beginning Setup. During the early part of Setup, a line at the bottom of the screen will prompt you to press F6. Further prompts will guide you in supplying the driver file to Setup so that it can gain access to the mass storage controller.
If you are not sure that your mass storage controller is supported, you can try running Setup. If the controller is not supported, an error message will indicate a problem with an inaccessible boot device.
Using a Custom Hardware Abstraction Layer (HAL) File
If you have a custom Hardware Abstraction Layer (HAL) file supplied by your computer manufacturer, before beginning Setup, locate the floppy disk or other medium containing the file. During the early part of Setup, a line at the bottom of the screen will prompt you to press F6: at this time press F5 (not F6). After you press F5, follow the prompts provided. This will allow you to include your HAL file in the Setup process.
Understanding ACPI BIOS
A computers basic input/output system (BIOS) is a set of software through which the operating system (or Setup) communicates with the computers hardware devices. The Advanced Configuration and Power Interface (ACPI) is the current standard for the way the BIOS works. Windows 2000 supports not only ACPI-compliant BIOS versions, but also some BIOS versions based on older advanced power management (APM) and Plug and Play designs.
Some ACPI-based BIOS versions are not compliant with the standard. The more recent the version of an ACPI BIOS, the more likely that it is compliant. An ACPI-based BIOS that is not compliant with the ACPI standard might not support workable communication between the operating system (or Setup) and your hardware. If workable communication is not supported, Setup stops and displays instructions for contacting your hardware manufacturer and taking other steps to solve the problem. If this happens, follow the instructions provided.
To learn more about the ACPI compliance of your BIOS:
For information about which ACPI-based BIOS versions are ACPI-compliant, see the Hardware Compatibility List (HCL) for Windows 2000. This is the definitive source for this information. For information about the HCL, see Hardware Compatibility earlier in this chapter.
For information about your BIOS version, before running Setup, restart the computer and watch the text on the screen. Pay particular attention to blocks of text containing the words BIOS or ACPI BIOS.
For information about BIOS versions for your hardware, check your hardware documentation and contact your hardware manufacturer.
If you think your BIOS might be a noncompliant ACPI BIOS, see the section about ACPI BIOS in Appendix A, System Recovery and Troubleshooting.
Important Files to Review
At some point in your planning process, before you run Setup, familiarize yourself with important files found on the root directory of the Windows 2000 Advanced Server CD-ROM:
Read1st.txt
Contains critical preinstallation notes vital to the success of your installation.
Readme.doc
Contains important usage information about hardware, networking, applications, and printing.
You should also review the Hardware Compatibility List for Windows 2000 Advanced Server. For more information, see Hardware Compatibility earlier in this chapter.
For the most recent information on compatible and certified applications for Microsoft Windows 2000, see the Directory of Windows 2000 Applications Web site:
https://www.microsoft.com/windows2000/techinfo/planning/default.asp
You can search this site for information on current applications and on applications specifically designed for Windows 2000.
Most of the information contained in Getting Started also appears in the Setuptxt folder on the Windows 2000 Advanced Server CD-ROM, in text files with file names of the form Advsrv*.txt.
Deciding Whether to Upgrade or Install
After you have reviewed System Requirements, Hardware Compatibility, and Important Files to Review earlier in this chapter, and before you run Windows 2000 Advanced Server Setup, you will need to determine whether to upgrade or to perform a new installation. Upgrading is replacing a version of Windows NT with Windows 2000 Advanced Server. Installing, in contrast with upgrading, means wiping out the previous operating system, or installing Windows 2000 Advanced Server on a disk or disk partition with no previous operating system.
Note Do not upgrade to or install Windows 2000 on a compressed drive unless the drive was compressed with the NTFS file system compression utility. Uncompress a DriveSpace or DoubleSpace volume before running Windows 2000 Setup on it.
If you have already decided whether to upgrade or to perform a new installation, see the following sections later in this chapter:
For an upgrade:
- see Decisions to Make for an Upgrade.
For a new installation:
- see Decisions to Make for a New Installation.
There are several reasons to choose to upgrade. (To determine whether your old operating system is a version from which you can upgrade, see the next section, Upgrading.) Configuration is simpler, and your existing users, settings, groups, rights, and permissions are retained. In addition, files and applications do not need to be re-installed. As with any major changes to the hard disk, however, it is recommended that you back up the disk before running Setup.
If you want to upgrade and then use the same applications as before, be sure to read Read1st.txt and the applications section of Readme.doc (in the root directory of the Windows 2000 CD-ROM). Also, for the most recent information on compatible and certified applications for Microsoft Windows 2000, see the Directory of Windows 2000 Applications Web site:
https://www.microsoft.com/windows2000/techinfo/planning/default.asp
It is possible to install Windows 2000 Advanced Server and also allow the computer to sometimes run another operating system. Setting up the computer this way, however, presents complexities because of file system issues. For more information, see Deciding Whether a Computer Will Contain More Than One Operating System later in this chapter.
Upgrading
If you upgrade, Setup automatically installs Windows 2000 Advanced Server into the same folder as the currently installed operating system. You can upgrade from the following versions of Windows NT:
Type of product purchased |
Products from which you can upgrade |
|---|---|
Windows 2000 Advanced Server upgrade |
Windows NT version 4.0 Enterprise Edition |
Windows 2000 Advanced Server, full product |
Windows NT version 4.0 Enterprise Edition |
If you have Windows NT 4.0 Server Enterprise Edition, you can upgrade to Windows 2000 Advanced Server, but not Windows 2000 Server.
Note If you have a version of Windows NT Server earlier than 3.51, you cannot upgrade directly to Windows 2000 Advanced Server from it. You must first upgrade to a version of Windows NT shown in the preceding table.
If you want to upgrade and then use the same applications as before, be sure to read Read1st.txt and the applications section of Readme.doc (in the root directory of the Windows 2000 CD-ROM). Also, for the most recent information on compatible and certified applications for Microsoft Windows 2000, see the Directory of Windows 2000 Applications Web site:
https://www.microsoft.com/windows2000/techinfo/planning/default.asp
Installing
If you plan to perform a new installation, note that:
For a new installation on a disk partition that contains applications you want to keep, you must back the applications up and re-install them after installing Windows 2000 Advanced Server.
If you want to perform a new installation of Windows 2000 Advanced Server on a partition that previously contained Windows 2000 Advanced Server, and if you have saved documents under My Documents and you want to keep them, back up the documents in the Documents and Settings folder (typically in the root directory), and then copy these documents back into the Documents and Settings folder after completing the installation.
Decisions to Make for an Upgrade
If you are upgrading, and you have an existing domain, you will need to decide on the order of server upgrades. For more information, see the following sections later in this chapter:
Upgrading an Existing Windows NT Domain
Planning the Order of Server Upgrades
Upgrading a Domain by Upgrading Domain Controllers First
Upgrading a Domain by Upgrading Member Servers First
In addition, if you are upgrading, you will need to decide whether to convert the file system, on any FAT or FAT32 partitions you might have, to the NTFS file system. For more information, see Choosing a File System later in this chapter.
Upgrading an Existing Windows NT Domain
Domains are an important feature of both Windows NT and Windows 2000. In Windows NT, a domain represents both the security and administrative boundaries for a grouping of accounts and network resources. However, in Windows 2000, a domain is still composed of a grouping of accounts and network resources under a single domain name, but it represents an administrative boundary only. The Active Directory forest is the security boundary. If you want to use domain-based user accounts and other domain features in Windows 2000 Advanced Server, you must have one or more domains.
With Windows 2000, servers can have one of three roles in relation to domains:
Domain controllers
contain matching copies of the user accounts and other Active Directory data in a given domain.
Member servers
belong to a domain but do not contain a copy of the Active Directory data.
Stand-alone servers
belong to a workgroup rather than a domain.
A domain must have at least one domain controller. For resilience, a domain should have multiple domain controllers to support the handling of logon requests and directory updates.
It is recommended that you plan the roles that your servers will have within domains in Windows 2000 before running Setup. However, you can still make adjustments to these roles after Setup.
There are a number of important points to remember about upgrading an existing Windows NT domain to run with Windows 2000:
You must use the NTFS file system on domain controllers. In addition, any servers that have any partition formatted with FAT or FAT32 will lack many security features. For example, on FAT or FAT32 partitions, a shared folder can be protected only by the permissions set on the share, not on individual files, and there is no software protection against local access to the partition.
If you want to upgrade a server and then use the same applications as before, be sure to read about application compatibility.
One important source of application compatibility information is Read1st.txt and the applications section of Readme.doc (in the root directory of the Windows 2000 CD-ROM). For more information about these files, see Important Files to Review earlier in this chapter.
For the most recent information on compatible and certified applications for Microsoft Windows 2000, see the Directory of Windows 2000 Applications Web site:
https://www.microsoft.com/windows2000/techinfo/planning/default.asp
You can search this site for information on current applications and on applications specifically designed for Windows 2000.
When upgrading the domain controllers in a Windows NT domain to Windows 2000, you must upgrade the primary domain controller first.
When you begin upgrading domain controllers, if you have a remote access server that is a member server, it is recommended that you upgrade it before the last domain controller is upgraded. Such a server is dependent on domain controllers for user information, and therefore should not be left behind when domain controllers are upgraded. As an alternative, you can weaken the security permissions on Active Directory so that the remote access server running Windows NT can read user attributes from the Windows 2000 domain controllers. For more information, see the Windows 2000 Server Resource Kit, Deployment Planning Guide.
The roles of the servers in a domain are named somewhat differently with Windows 2000 Advanced Server as compared to Windows NT. With Windows NT, the possible roles were primary domain controller (limited to one per domain), backup domain controller, member server, or stand-alone server. Windows 2000 has only one kind of domain controller (without a primary or backup designation), and it includes the roles of member server and stand-alone server. When you upgrade, Windows 2000 Setup assigns server roles as follows:
Role in Windows NT domain |
Role in Windows 2000 domain |
|---|---|
Primary domain controller |
Domain controller |
Backup domain controller |
Your choice of domain controller or member server |
Member server |
Member server |
Stand-alone server |
Stand-alone server |
Planning the Order of Server Upgrades
When planning the order of server upgrades in a domain, there are two somewhat different approaches: upgrading the domain controllers first, or upgrading the member servers first. You can mix these approaches. However, when you begin upgrading domain controllers, you must upgrade the primary domain controller first.
If you upgrade member servers first (without upgrading domain controllers), a variety of features become available, but none that require Active Directory. One you begin upgrading domain controllers, Active Directory features become available.
For additional information about planning the order of server upgrades, see the following:
For background information about server roles (which you must understand to plan the order of server upgrades), see Upgrading an Existing Windows NT Domain earlier in this chapter.
For more detailed information about upgrading domains, or information about upgrading domains with more than five servers, see the Windows 2000 Server Resource Kit, Deployment Planning Guide.
For information about how to carry out each kind of upgrade, see Upgrading a Domain by Upgrading Domain Controllers First or Upgrading a domain by Upgrading Member Servers First later in this chapter.
The following table shows the advantages and disadvantages of the two approaches to server upgrades:
Order of server upgrades |
Advantages |
Disadvantages |
|---|---|---|
Domain controllers first (must start with primary domain controller) |
Provides all the features of Active Directory as well as the other features of Windows 2000 Advanced Server (see lists that follow). |
Requires you to organize Active Directory structures at time of upgrade. Note that with a small domain (2-5 servers), organizing Active Directory structures will take little effort. |
Member servers first |
Provides protocol support and other features (see the appropriate list, later in this section) whether or not domain controller upgrades and the organizing of Active Directory structures have been carried out. |
Does not provide features that are part of Active Directory. |
The lists in Features Available with Domain Controller Upgrade and Features Available with Upgrade of Any Server later in this chapter, show the features that are available with each approach to upgrading servers. For more detailed information about new features, see Chapter 2, What's New in Windows 2000 Advanced Server.
Features Available with Domain Controller Upgrade
When domain controllers are upgraded and begin communicating on a network, all the features of Windows 2000 Advanced Server become available through these servers. Of these features, the Active Directory features are listed in this section, and a number of other features are listed in Features Available with Upgrade of Any Server later in this chapter. For more information about the Active Directory features, see the section on Active Directory in Chapter 2, What's New in Windows 2000 Advanced Server. After running Setup, you can also display topics on Active Directory in the Windows 2000 Help. To display Help, click Start, and then click Help.
Note The features available when domain controllers are upgraded include not only the features in the following list, but also the features in Features Available with Upgrade of Any Server later in this chapter.
Active Directory includes the following features:
Simplified management of network-resource information and user information.
Group Policy, which you can use to set policies that apply across a given site, domain, or organizational unit in Active Directory.
Security and authentication features, including support for Kerberos V5, Secure Sockets Layer v3, and Transport Layer Security using X.509v3 certificates. (For more information, see Chapter 2, What's New in Windows 2000 Advanced Server.)
Directory consolidation, through which you can organize and simplify the management of users, computers, applications, and devices, and make it easier for users to find the information they need. You can take advantage of synchronization support through interfaces based on the Lightweight Directory Access Protocol (LDAP), and work with directory consolidation requirements specific to your applications.
Directory-enabled applications and infrastructure, which make it easier to configure and manage applications and other directory-enabled network components.
Scalability without complexity, a result of Active Directory scaling to millions of objects per domain and using indexing technology and advanced replication techniques to speed performance.
Use of Internet standards, including access through Lightweight Directory Access Protocol and a namespace based on the Domain Name System (DNS).
Active Directory Service Interfaces (ADSI), a powerful development environment.
Additional features, as described in the section on Active Directory in Chapter 2, What's New in Windows 2000 Advanced Server.
Features Available with Upgrade of Any Server
The features in the following list are available when member servers are upgraded in a domain, regardless of whether domain servers have been upgraded. The features available when domain controllers are upgraded include not only the features in the following list, but also the features in the previous one. For more detailed information about new features, see Chapter 2, What's New in Windows 2000 Advanced Server.
Management tools:
Microsoft Management Console
Plug and Play
Device Manager
Add/Remove Hardware wizard (in Control Panel)
Support for universal serial bus
New Backup utilityFile system support:
Enhancements to the latest version of the NTFS file system include support for disk quotas, the ability to defragment directory structures, and compressed network I/O.
Application services:
Win32 Driver Model
DirectX 5.0
Windows Script HostPrinter protocol support:
Device and protocol support allowing choices from more than 2,500 different printers. Other printing enhancements are included, for example, Internet Printing Protocol support, which allows users to print directly to a URL over an intranet or the Internet.
Scalability and availability:
Improved symmetric multiprocessor support
Security:
Encrypting file system
Upgrading a Domain by Upgrading Domain Controllers First
You can upgrade a domain by taking one of two general approaches: upgrading domain controllers first or member servers first. If you are not sure which approach you want to take, see Planning the Order of Server Upgrades earlier in this chapter.
If you upgrade your Windows NT domain by upgrading the domain controllers first, the upgrade has the following three stages:
Carrying out backups and other preparations so you can restore the previous installation if necessary.
Upgrading the primary domain controller. You must do this before upgrading any backup domain controllers.
Upgrading other servers in the domain.
This section describes the actions to take for these stages. For a more in-depth discussion of planning the upgrade of domain controllers, see the Windows 2000 Server Resource Kit, Deployment Planning Guide. For details about what versions of Windows NT can be upgraded to Windows 2000 Advanced Server, see Upgrading earlier in this chapter.
Backups and Other Preparations
As with any major change to the contents of hard disks on your servers, it is recommended that you back up each server before upgrading it. Also be sure to review the section on preparing for upgrades in Chapter 4, Running Setup for Windows 2000 Advanced Server.
In addition, to safeguard your existing network integrity, you might consider removing a backup domain controller temporarily from a network. To do this, in your existing Windows NT network, choose a backup domain controller, ensure that it has a current copy of the user accounts database, and back it up. Then disconnect its network cable. After upgrading your primary domain controller to Windows 2000 (you must upgrade the primary domain controller first), this disconnected system is available for promotion to a Windows NT primary domain controller if needed. However, in the course of an uneventful upgrade, you would not and could not promote the Windows NT backup domain controller to primary domain controller. Instead, you would continue the upgrade process, eventually reconnecting the disconnected server and upgrading it.
Also, for any computer that will be a domain controller in the Windows 2000 domain, make sure that there is plenty of room on the disk, beyond the space needed for the operating system itself. (For information about the disk requirements for the operating system, see System Requirements earlier in this chapter.) When Setup upgrades the user accounts database to the format used by Windows 2000 Advanced Server, the database can expand by as much as a factor of ten.
Upgrading Servers
The first domain controller to be upgraded in a Windows NT domain must be the primary domain controller. As you upgrade this server, you will be given the choices of creating a new domain or a child domain, and of creating a new forest or a domain tree in an existing forest. For the upgrading of a domain of two to five servers (which is the size of domains discussed in this manual), create a new domain and a new forest. For information about domain structures to use with larger numbers of servers, see the Windows 2000 Server Resource Kit, Deployment Planning Guide.
During the upgrade, you can to choose the location of three important items: the database containing user accounts and other Active Directory data, the log file, and the system volume (Sysvol) folder. The database and the log file can be on any kind of partition (FAT, FAT32, or NTFS). The database can expand by as much as a factor of ten from the size it had with Windows NT, so allow plenty of room for it. (Initially, the log file will take up very little space.) The system volume folder must be on an NTFS partition. (For information about NTFS and other file systems, see Choosing a File System later in this chapter.)
After the primary domain controller is upgraded to a Windows 2000 domain controller, it will be fully backward-compatible. This means that the domain controller appears as a Windows 2000 domain controller to Windows 2000 servers and clients, but emulates a Windows NT 4.0 primary domain controller to other servers and clients.
After upgrading your primary domain controller and ensuring that it is functioning to your satisfaction, upgrade any backup domain controllers next. (If possible, it is best to begin the upgrades soon, rather than allowing a long delay.) Also, if you have a remote access server that is a member server, it is recommended that you upgrade it before the last domain controller is upgraded. A remote-access member server is dependent on domain controllers for user information and therefore should not be left behind when domain controllers are upgraded. As an alternative, you can weaken the security permissions on Active Directory so that the remote access server running Windows NT can read user attributes from the Windows 2000 domain controllers. For more information, see the Windows 2000 Server Resource Kit, Deployment Planning Guide.
Note When the second domain controller is upgraded, it copies the first (the former primary domain controller). Therefore, be sure that the first domain controller is running and available on the network as you upgrade the second. Similarly, be sure that at least one Windows 2000 domain controller is available on the network when you upgrade the third, fourth, and any remaining Windows NT domain controllers.
Upgrade the backup domain controllers one at a time (ensure that each is backed up before upgrading). Start and test each server on the network to ensure that it is functioning to your satisfaction before upgrading another backup domain controller.
When you have completely upgraded all domain controllers to Windows 2000 domain controllers, you have the option of changing the domain from mixed mode (where Windows NT domain controllers can exist in the domain) to native mode (where only Windows 2000 domain controllers can exist in the domain). This is an important decision, because you cannot revert to mixed mode after changing to native mode.
For information about domain trees, mixed mode, native mode, or any other item related to domains, after running Setup, see the topics under Active Directory in Windows 2000 Help (click Start, and then click Help). For information about performing upgrades in domains larger than two to five servers, see the Windows 2000 Server Resource Kit, Deployment Planning Guide.
Upgrading a Domain by Upgrading Member Servers First
You can upgrade a domain by taking one of two general approaches: upgrading domain controllers first or member servers first. For information about the advantages and disadvantages of each approach, see Planning the Order of Server Upgrades earlier in this chapter.
Note If you have a remote access server that is a member server, and you have begun upgrading any domain controllers, be sure to read Upgrading Servers earlier in this chapter.
Before upgrading any server, be sure to back it up, and review the section on preparing for upgrades in Chapter 4, Running Setup for Windows 2000 Advanced Server.
If you upgrade a domain by upgrading member servers first, you can upgrade one, a few, or all of the member servers at a given time. Choose the order of the upgrades by considering which of your servers would be most improved by the features in Windows 2000 Advanced Server. For information about the features available when member servers are upgraded, see Features Available with Upgrade of Any Server earlier in this chapter.
After upgrading member servers in a domain, when you are ready to upgrade domain controllers, follow the instructions in Upgrading a Domain by Upgrading Domain Controllers First earlier in this chapter.
Decisions to Make for a New Installation
The following list outlines the basic decisions you will need to make if you have decided to perform a new installation. Each area is discussed in more detail in the sections that follow. You will need to consider:
What licensing mode to use
Windows 2000 Advanced Server supports two licensing modes: Per seat and Per server. Per seat mode requires a separate Client Access License (CAL) for each computer that accesses Windows 2000 Advanced Server. Per server mode requires a separate CAL for each concurrent connection to this server.If you plan to use Terminal Services as an application server, you will probably choose Per seat licensing, and you will also need to install components used by Terminal Services. For more information about licensing, see Choosing a Licensing Mode later in this chapter. For more information about Terminal Services and the component or components needed for it, see Choosing Components to Install later in this chapter.
Whether you want to be able to choose between different operating systems each time you start the computer
A computer can be set up so that each time you restart it, you can choose from several different operating systems. For more information, see Deciding Whether a Computer Will Contain More Than One Operating System later in this chapter.
What file system to use
The file systems to choose from are NTFS, FAT, and FAT32. NTFS is recommended. It is the only file system that supports Active Directory, which includes many important features such as domains and domain-based security. However, it might be necessary to have a FAT or FAT32 partition in situations where you must set up a computer so that it sometimes runs Windows 2000 and sometimes runs an earlier operating system. For more information, see Choosing a File System later in this chapter.
What partition you will install on, or whether you will need a new partition for your installation
If you are performing a new installation, you will need to review your disk partitions before running Setup (for an upgrade, you will use existing partitions). A partition divides a disk into one or more areas that can be formatted for use by one file system. Different partitions often have different drive letters (for example, C: and D:). After running Setup, you can modify the partitioning of the disk. For information about planning the partitions for a new installation, see Planning Disk Partitions for New Installations later in this chapter.
What components to install
There are a variety of optional components to choose from when installing Windows 2000 Advanced Server. Your choices depend on how you will use your server. For more information, see Choosing Components to Install later in this chapter.
How to handle networking, IP addresses, and TCP/IP name resolution
Most networked computers currently use TCP/IP as the network protocol. If you use a different network protocol, before running Setup you will need to familiarize yourself with your current settings. With TCP/IP (the protocol used on the Internet), you will need to make decisions about how to handle IP addresses and how they will be resolved (translated) into names that users recognize. For more information, see Networking: TCP/IP, IP Addresses, and Name Resolution later in this chapter.
Whether to create domains or workgroups for your servers
A domain is a grouping of accounts and network resources under a single domain name and security boundary. A workgroup is more basic, intended only to help users find such things as printers and shared folders within that group. Domains make it easier for an administrator to control access to resources and keep track of users. For more information, see Upgrading an Existing Windows NT Domain earlier in this chapter and Deciding Between Workgroups and Domains later in this chapter.
Choosing a Licensing Mode
Windows 2000 Advanced Server supports two licensing modes: Per seat and Per server. If you choose the Per seat mode, each computer that accesses a Windows 2000 Advanced server requires a separate Client Access License (CAL). With one CAL, a particular client computer can connect to any number of Windows 2000 Advanced servers. This is the most commonly used licensing method for companies with more than one Windows 2000 Advanced Server.
In contrast, Per server licensing means that each concurrent connection to this server requires a separate CAL. This means that at any one time, this Windows 2000 Advanced server can support a fixed number of connections. For example, if you selected the Per server client licensing mode and five concurrent connections, this Windows 2000 Advanced Server could have five computers (clients) connected at any one time. Those computers would not need any additional licenses.
The Per server licensing mode is often preferred by small companies with only one Windows 2000 Advanced server. It is also useful for Internet or remote access servers where the client computers might not be licensed as Windows 2000 network clients. You can specify a maximum number of concurrent server connections and reject any additional logons.
If you are unsure which mode to use, choose Per server since you can change once from Per server to Per seat at no cost. (However, if you plan to use Terminal Services as an application server, see the next paragraph.)
If you plan to use Terminal Services as an application server (not just for remote administration), the licensing mode is usually Per seat, except with the Terminal Services Internet Connector license, where the mode would always be Per server. In addition, if you will use Terminal Services, you will also need to install one or two components: Terminal Services and (for an application server) Terminal Services Licensing. For more information about these components, see Choosing Components to Install later in this chapter.
Deciding Whether a Computer Will Contain More Than One Operating System
A computer can be set up so that you can choose between two or more operating systems each time you restart the computer. For example, you could set up a server to run Windows 2000 Advanced Server most of the time but allow it to sometimes run Windows NT Server version 4.0 in order to support an older application. (However, to do this you would need to make specific file-system choices and would probably need the latest released Service Pack, as described in Multiple Operating Systems and File System Compatibility and Choosing a File System later in this chapter.) During restarts, a display would appear for a specified number of seconds, allowing you to select between the two operating systems. (You can specify a default operating system that will run if no selection is made during the restart process.)
Note If you set up a computer so that the installed operating systems include Windows 2000 and any other operating system, you must place Windows 2000 in a separate partition on the computer. (A partition divides a disk into sections that function as separate units and that can be formatted for use by a file system. Different partitions often have different drive letters, for example, C: and D:.) Placing Windows 2000 in a separate partition ensures that it will not overwrite crucial files used by the other operating system.
The reason for setting up a computer so that you can choose between two or more operating systems at startup is that it allows you to use applications that run only with a particular operating system. There are definite drawbacks to setting up a computer this way, however: each operating system uses valuable disk space, and compatibility issues, especially file system compatibility, can be complex. In addition, dynamic disk format (a new option with Windows 2000) does not work with multiple operating systems. The only operating system that can access a hard disk using dynamic disk format is Windows 2000.
Note If you are considering setting up a computer with more than one operating system to ensure that you will always have a way to start the computer (regardless of driver or disk problems), first take into account the variety of disaster-recovery features available in Windows 2000. One example of these features is safe mode, in which Windows 2000 restarts with default settings and the minimum number of drivers (ensuring the ability to start even if a new driver is causing a problem). With this and a variety of other disaster-recovery features, it is not necessary to maintain more than one operating system as a safeguard against system problems. Avoiding multiple operating systems means you also avoid file-system compatibility issues and other drawbacks. For more information about disaster recovery, see Appendix A, System Recovery and Troubleshooting.
Before deciding to set up a computer with more than one operating system, review the following restrictions.
On computers that contain MS-DOS and Windows 2000:
The primary partition must be formatted as FAT.
Windows 2000 must be installed last. Otherwise important files needed for starting Windows 2000 could be overwritten.
File system compatibility might be an issue. See Multiple Operating Systems and File System Compatibility later in this chapter.
On computers that contain Windows 95 and Windows 2000:
The primary partition must be formatted as FAT. (For Windows 95 OSR2, the primary partition must be formatted as FAT or FAT32.)
Compressed DriveSpace or DoubleSpace volumes won’t be available while you are running Windows 2000. It is not necessary to uncompress DriveSpace or DoubleSpace volumes that you will access only with Windows 95.
Windows 2000 must be installed last. Otherwise important files needed for starting Windows 2000 could be overwritten.
File system compatibility might be an issue. See Multiple Operating Systems and File System Compatibility later in this chapter.
On computers that contain Windows 98 and Windows 2000:
The primary partition must be formatted as FAT or FAT32.
Compressed DriveSpace or DoubleSpace volumes won’t be available while you are running Windows 2000. It is not necessary to uncompress DriveSpace or DoubleSpace volumes that you will access only with Windows 98.
File system compatibility might be an issue. See Multiple Operating Systems and File System Compatibility later in this chapter.
On computers that contain Windows NT 4.0 and Windows 2000:
- See Multiple Operating Systems and File System Compatibility and Computers that Contain Windows NT 4.0 and Windows 2000 Advanced Server later in this chapter.
On computers that contain multiple Windows 2000 partitions:
- See Computers that Contain Multiple Windows 2000 Partitions later in this chapter.
Multiple Operating Systems and File System Compatibility
On computers that contain multiple operating systems, compatibility becomes more complex when you consider file-system choices. The file systems to choose from are NTFS, FAT, and FAT32. (For more information, see Choosing a File System later in this chapter.)
NTFS is normally the recommended file system because it supports important features, including Active Directory and domain-based security. With NTFS, however, you need to take file-system compatibility into account when considering whether to set up a computer to contain more than one operating system, because the version of NTFS in Windows 2000 Advanced Server has new features in addition to those in Windows NT. Files that use any new features will be completely usable or readable only when the computer is started with Windows 2000 Advanced Server. For example, a file that uses the new encryption feature won’t be readable when the computer is started with Windows NT Server 4.0 or Windows NT 4.0 Enterprise Edition, which were released before the encryption feature existed. (For more information about features that affect file accessibility with Windows 2000 Advanced Server, see NTFS later in this chapter.)
Note If you want to set up a computer with both Windows NT and Windows 2000, and you want to have an NTFS partition, the only appropriate version of Windows NT is version 4.0 with the latest released Service Pack. Using the latest Service Pack maximizes compatibility between Windows NT 4.0 and the updated NTFS file system used with Windows 2000 Advanced Server. (Specifically, this compatibility in file systems is provided by Service Pack 4 and later Service Packs.) Even the latest Service Pack, however, does not provide access to files using the new features in NTFS.Using NTFS as the only file system on a computer that contains both Windows 2000 and Windows NT is not recommended. On these computers, a FAT partition containing the Windows NT 4.0 operating system ensures that when started with Windows NT 4.0, the computer will have access to needed files.
If you set up a computer so that it starts with Windows NT 3.51 or earlier on a FAT partition, and Windows 2000 Advanced Server on an NTFS partition, when that computer starts with Windows NT 3.51, the NTFS partition will not be visible.
Computers That Contain Windows NT 4.0 and Windows 2000 Advanced Server
If you plan to set up a computer so that it contains Windows NT 4.0 and Windows 2000 Advanced Server, first review the following precautions:
If your only concern is ensuring that you can always start the computer, setting up the computer so that you can start it with different operating systems at different times is not necessary. For more information, see Deciding Whether a Computer Will Contain More Than One Operating System earlier in this chapter.
Using NTFS as the only file system on a computer contains both Windows 2000 and Windows NT is not recommended. For more information, see Multiple Operating Systems and File System Compatibility earlier in this chapter.
Make sure that Windows NT 4.0 has been updated with the latest released Service Pack. For details, see Multiple Operating Systems and File System Compatibility earlier in this chapter.
Install each operating system on a separate drive or disk partition.
When you perform a new installation of Windows 2000 Advanced Server (as opposed to an upgrade), by default, the installation is placed on a partition on which no other operating system is located. You can specify a different partition during Setup.
Don’t install Windows 2000 on a compressed drive unless the drive was compressed with the NTFS file system compression feature.
On any partition where you perform a new installation of Windows 2000 (as opposed to an upgrade), you will need to re-install any programs, such as word processing or email software, after Setup is complete.
Install the programs used by each operating system on the partition with that system. If you want your programs to run with multiple operating systems, you need to install separate copies of the programs in each of the operating system partitions.
If the computer is on a Windows NT or Windows 2000 domain, each installation of Windows NT 4.0 Server or Windows 2000 Advanced Server on that computer must have a different computer name.
For more information about computers that contain multiple operating systems, see the Windows 2000 Resource Kit.
Computers That Contain Multiple Windows 2000 Partitions
You can set up a server so that it has multiple Windows 2000 installations (Windows 2000 Professional and/or Server) on multiple partitions. However, you must use a different computer name for each installation if the computer participates in a Windows 2000 domain. Because a unique security identifier (SID) is used for each installation of Windows 2000 on a domain, the computer name for each installation must be unique, even for multiple installations on the same computer.
Choosing a File System
You can choose between three file systems for disk partitions on a computer running Windows 2000 Advanced Server: NTFS, FAT, and FAT32. NTFS is the recommended system. FAT and FAT32 are similar to each other, except that FAT32 is designed for larger disks than FAT. (The file system that works most easily with large disks is NTFS.) This section provides information to help you compare the file systems. The sections that follow provide additional information about each file system.
NTFS has always been a more powerful file system than FAT and FAT32. Windows 2000 Advanced Server includes a new version of NTFS, with support for a variety of features including Active Directory, which is needed for domains, user accounts, and other important security features. For more details about features in NTFS, see NTFS later in this chapter.
The Setup program makes it easy to convert your partition to the new version of NTFS, even if it used FAT or FAT32 before. This kind of conversion keeps your files intact (unlike formatting a partition). If you don’t need to keep your files intact and you have a FAT or FAT32 partition, it is recommended that you format the partition with NTFS rather than converting from FAT or FAT32. Formatting a partition erases all data on the partition, but a partition that is formatted with NTFS rather than converted from FAT or FAT32 will have less fragmentation and better performance.
However, it is still advantageous to use NTFS, regardless of whether the partition was formatted with NTFS or converted. A partition can also be converted after Setup by using Convert.exe. For more information about Convert.exe, after completing Setup, click Start, click Run, type cmd and then press ENTER. In the command window, type help convert, and then press ENTER.
Note You can use important features such as Active Directory and domain-based security only by choosing NTFS as your file system.
There is one situation in which you might want to choose FAT or FAT32 as your file system. If it is necessary to have a computer that will sometimes run an earlier operating system and sometimes run Windows 2000, you will need to have a FAT or FAT32 partition as the primary (or startup) partition on the hard disk. This is because earlier operating systems, with one exception, can’t access a partition if it uses the latest version of NTFS. The one exception is Windows NT version 4.0 with Service Pack 4 or later, which has access to partitions with the latest version of NTFS, but with some limitations. Windows NT 4.0 cannot access files that have been stored using NTFS features that did not exist when Windows NT 4.0 was released. (For more information, see Deciding Whether a Computer Will Contain More Than One Operating System and Multiple Operating Systems and File System Compatibility earlier in this chapter.)
For anything other than a situation with multiple operating systems, however, the recommended file system is NTFS.
The following table describes the compatibility of each file system with various operating systems.
NTFS |
FAT |
FAT32 |
|---|---|---|
A computer running Windows 2000 can access files on an NTFS partition. A computer running Windows NT 4.0 with Service Pack 4 or later might be able to access some files. Other operating systems allow no access. |
Access is available through MS-DOS, all versions of Windows, Windows NT, Windows 2000, and OS/2. |
Access is available only through Windows 95 OSR2, Windows 98, and Windows 2000. |
The following table compares disk and file sizes possible with each file system.
NTFS |
FAT |
FAT32 |
|---|---|---|
Recommended minimum volume size is approximately 10 MB. Recommended practical maximum for volumes is 2 TB (terabytes). Much larger sizes are possible. Can’t be used on floppy disks. |
Volumes from floppy disk size up to 4 GB. Does not support domains. |
Volumes from 512 MB to 2 TB. In Windows 2000, you can format a FAT32 volume only up to 32 GB. Does not support domains. |
File size limited only by size of volume. |
Maximum file size 2 GB. |
Maximum file size 4 GB. |
NTFS
Some of the features you can use when you choose NTFS are:
Active Directory, which you can use to view and control network resources easily.
Domains, which are part of Active Directory, and which you can use to fine-tune security options while keeping administration simple. Domain controllers require NTFS.
File encryption, which greatly enhances security.
Permissions that can be set on individual files rather than just folders.
Sparse files. These are very large files created by applications in such a way that only limited disk space is needed. That is, NTFS allocates disk space only to the portions of a file that are written to.
Remote Storage, which provides an extension to your disk space by making removable media such as tapes more accessible.
Recovery logging of disk activities, which helps you restore information quickly in the event of power failure or other system problems.
Disk quotas, which you can use to monitor and control the amount of disk space used by individual users.
Better scalability to large drives. The maximum drive size for NTFS is much greater than that for FAT, and as drive size increases, performance with NTFS doesn’t degrade as it does with FAT.
This is only a partial list of the features in the newest version of NTFS. For more information about new features, see Chapter 2, What’s New in Windows 2000 Advanced Server.
The Setup program makes it easy to convert your partition to the new version of NTFS, even if it used FAT or FAT32 before. This kind of conversion keeps your files intact (unlike formatting a partition). Setup begins by checking the existing file system. If it is NTFS, conversion happens automatically. If it is FAT or FAT32, Setup gives you the choice of whether to convert to NTFS. If you don’t need to keep your files intact and you have a FAT or FAT32 partition, it is recommended that you format the partition with NTFS rather than converting from FAT or FAT32. Formatting a partition erases all data on the partition, but a partition that is formatted with NTFS rather than converted from FAT or FAT32 will have less fragmentation and better performance.
However, it is still advantageous to use NTFS, regardless of whether the partition was formatted with NTFS or converted. A partition can also be converted after Setup by using Convert.exe. For more information about Convert.exe, after completing Setup, click Start, click Run, type cmd and then press ENTER. In the command window, type help convert, and then press ENTER.
FAT and FAT32
FAT and FAT32 are alternative file-system options. You will need to use them if you must set up a computer to use a previous operating system some of the time (and Windows 2000 some of the time). For additional information, see the sections in this list (all found earlier in this chapter):
Deciding Whether a Computer Will Contain More Than One Operating System
Multiple Operating Systems and File System Compatibility
Computers that Contain Windows NT 4.0 and Windows 2000 Advanced Server
Choosing a File System
For details about the differences between FAT and FAT32, see the tables in Choosing a File System earlier in this chapter. If choosing between FAT and FAT32, the basic criterion is the size of the installation partition. Use FAT32 rather than FAT on partitions that are 2 gigabytes (GB) or larger.
Note Windows 2000 supports FAT32 volumes of any size created by Windows 95 or Windows 98. However, Windows 2000 formats FAT32 volumes only up to 32 GB. NTFS is the better option and should be used on volumes larger than 32 GB. If you choose to format a partition as FAT during Setup and the partition is larger than 2GB, Setup will automatically format it as FAT32.
Planning Disk Partitions for New Installations
You will need to plan your disk partitions before running Setup only if you are performing a new installation, not an upgrade. Disk partitioning is a way of dividing your physical disk so that each section functions as a separate unit. When you create partitions on a disk, you divide the disk into one or more areas that can be formatted for use by a file system, such as FAT or NTFS. Different partitions often have different drive letters (for example, C: and D:). A primary partition, or system partition,* *is one on which you can install the files needed to load an operating system, such as Windows 2000.
Important If you plan to delete or create partitions on a hard disk, be sure to back up the disk contents beforehand because these actions will destroy any existing data. As with any major change to disk contents, it is recommended that you back up the entire contents of the hard disk before working with partitions, even if you plan to leave one or more of your partitions alone.
Do not install Windows 2000 on a compressed drive unless the partition was compressed with the NTFS file system compression feature. (Uncompress a DriveSpace or DoubleSpace drive before running Windows 2000 Setup on it.)
Before running Setup to perform a new installation, you will need to determine the size of the partition on which to install Windows 2000 Advanced Server. There is no set formula for figuring a partition size. The basic principle is to allow plenty of room for the operating system, applications, and/or other files that you will group together on the installation partition. The files for setting up Windows 2000 Advanced Server require at least 1 GB of free space on the disk, as described in System Requirements earlier in this chapter. It is recommended that you allow considerably more disk space than the minimum amount. Allowing 2-4 GB on the partition is not unreasonable, and for larger installations it is not unreasonable to allow 10 GB.
This allows space for a variety of items, including optional components, user accounts, Active Directory information, logs, future service packs, the pagefile used by the operating system, and other items.
When you perform a new installation of Windows 2000 Advanced Server, you can select the partition on which to install. If you specify a partition on which another operating system exists, you will be prompted to confirm your choice.
During Setup, create and size only the partition on which you want to install Windows 2000. After Windows 2000 is installed, you can use Disk Management to manage new and existing disks and volumes. This includes creating new partitions from unpartitioned space; deleting, renaming, and re-formatting existing partitions; adding and removing hard disks; and upgrading and reverting hard disks between basic and dynamic formats. (Note that dynamic disk format does not work on a computer that contains more than one operating system. The only operating system that can access a hard disk using dynamic disk format is Windows 2000.)
Note If you’re setting up a computer so that it contains multiple operating systems, you must install Windows 2000 on its own partition. This ensures that Windows 2000 will not overwrite crucial files needed by the other operating system. For more information, see Deciding Whether a Computer Will Contain More Than One Operating System earlier in this chapter.
Disk Partition Requirements for Remote Installation Services
If you plan to use Remote Installation Services on this server (so that you can install operating systems onto other computers), you will need a separate partition for use by Remote Installation Services. Plan on using NTFS on this partition: NTFS is required for the Single Instance Store feature of Remote Installation Services. If you need to create a new partition for Remote Installation Services, plan on doing it after Setup, and leave enough unpartitioned disk space so that you can create it (2 GB of space is recommended, but you might need less, depending on how the server will be used). Alternatively, you can plan to use dynamic disk format, which allows more flexibility in the use of the disk space than basic format. (However, dynamic disk format does not work on a computer that contains multiple operating systems. The only operating system that can access a hard disk using dynamic disk format is Windows 2000.)
For information about Remote Installation Services and about basic and dynamic disk formats, see Windows 2000 Help, available after running Setup. To display Help, click Start, and then click Help.
Options When Partitioning a Disk
You can change the partitions on your disk during Setup only if you are performing a new installation, not an upgrade. You can modify the partitioning of the disk after Setup by using Disk Management.
If you are performing a new installation, Setup examines the hard disk to determine its existing configuration, and then offers the following options:
If the hard disk is unpartitioned, you can create and size the Windows 2000 partition.
If the hard disk is partitioned but has enough unpartitioned disk space, you can create the Windows 2000 partition by using the unpartitioned space.
If the hard disk has an existing partition that is large enough, you can install Windows 2000 on that partition, with or without reformatting the partition first. Reformatting a partition erases all data on the partition. If you don’t reformat the partition but you do install Windows 2000 where there was already an operating system, that operating system will be overwritten, and you will have to re-install any applications you want to use with Windows 2000.
If the hard disk has an existing partition, you can delete it to create more unpartitioned disk space for the Windows 2000 partition. Deleting an existing partition also erases any data on that partition.
Choosing Components to Install
Windows 2000 Advanced Server includes a wide variety of core components, including a number of administrative tools, that Setup installs automatically. In addition, you can choose from a number of optional components that extend the functionality of Windows 2000 Advanced Server. You can install these components during Setup, or you can add them later (through Add/Remove Programs in Control Panel). Choosing more of these components means providing more possibilities on the server. However, you should choose only the components you need, since each component requires additional disk space. The following table (and the list that follows it) will help you choose the components you need in your installation.
Server function |
Possible components |
|---|---|
DHCP, DNS, and/or WINS server (in a TCP/IP network) |
Dynamic Host Configuration Protocol (DHCP), DNS, and/or Windows Internet Name Service (WINS)—all part of Networking Services |
Centralized administration of networks |
Management and Monitoring Tools |
Authentication and secure communication |
Internet Authentication Service (part of Networking Services) |
File access |
Indexing Service |
Print access |
Other Network File and Print Services (support for Macintosh and UNIX operating systems) |
Terminal services |
Terminal Services (application server mode); Terminal Services Licensing |
Application support |
Message Queuing |
Internet (Web) infrastructure |
Internet Information Services |
Dial-up access support |
Connection Manager Administration Kit and Connection Point Services (part of Management and Monitoring Tools). |
Multimedia communications |
Windows Media Services |
Support for a variety of client operating systems |
Other Network File and Print Services (support for Macintosh and UNIX operating systems). |
The following list describes the components in the preceding table and all other components that you can install.
Accessories and Utilities
Includes desktop accessories such as WordPad, Paint, Calculator, and CD Player, as well as games such as Solitaire. To select individual items, click Details and select from the list.
Certificate Services
Provides security and authentication support, including secure e-mail, Web-based authentication, and smart card authentication. For information about authentication of dial-up users, see Networking Services later in this list.
Cluster Service
Provides support for clustering, where several servers (called nodes) work together to provide users with constant access to server-based resources. If one of the nodes in the cluster fails, another node begins to provide service (a process known as failover).
Indexing Service
Provides indexing functions for documents stored on disk, allowing users to search for specific document text or properties.
Internet Information Services (IIS)
Provides support for Web-site creation, configuration, and management, along with Network News Transfer Protocol (NNTP), File Transfer Protocol (FTP), and Simple Mail Transfer Protocol (SMTP).
Management and Monitoring Tools
Provides tools for communications administration, monitoring, and management, including programs that support development of customized client dialers for remote users and implementation of phone books that can be automatically updated from a central server. In addition, Management and Monitoring Tools includes the Simple Network Management Protocol (SNMP).
Message Queuing
Provides a communication infrastructure and a development tool for creating distributed messaging applications. Such applications can communicate across heterogeneous networks and with computers that might be offline. Message Queuing provides guaranteed message delivery, efficient routing, security, transactional support, and priority-based messaging.
Networking Services
Provides important support for networking, including the items in the following list. For information about network monitoring, see Management and Monitoring Tools earlier in this list. For background information about IP addresses and name resolution, see Networking: TCP/IP, IP Addresses, and Name Resolution later in this chapter.
COM Internet Services Proxy. Supports distributed applications that use HTTP to communicate through Internet Information Services.
DNS. Provides name resolution for clients running Windows 2000. With name resolution, users can access servers by name instead of having to use IP addresses that are difficult to recognize and remember.
Dynamic Host Configuration Protocol (DHCP). Gives a server the capability of assigning IP addresses dynamically to network devices. These devices typically include server and workstation computers but can also include other devices such as printers and scanners. With DHCP, you do not need to set and maintain static IP addresses on any of these devices, except for intranet servers providing DHCP, DNS, and/or WINS service.
Internet Authentication Service (IAS). Performs authentication, authorization, and accounting of dial-up and virtual private network (VPN) users. IAS supports the widely-used protocol called Remote Authentication Dial-In User Service (RADIUS).
QoS Admission Control. Allows you to control how applications are allotted network bandwidth. You can give important applications more bandwidth, less important applications less bandwidth.
Simple TCP/IP Services. Supports Character Generator, Daytime Discard, Echo, and Quote of the Day.
Site Server ILS Service. Supports IP telephony applications; publishes IP multicast conferences on a network, and can also publish user IP address mappings for H.323 IP telephony (a standard for multimedia communications). Telephony applications (such as NetMeeting and Phone Dialer in the Windows Accessories) use Site Server ILS Service to display user names and conferences with published addresses. Site Server ILS Service depends on Internet Information Services (IIS).
Windows Internet Name Service (WINS). Provides name resolution for clients running Windows NT and earlier versions of Microsoft operating systems. With name resolution, users can access servers by name, instead of having to use IP addresses that are difficult to recognize and remember.
Other Network File and Print Services
Provides file and print services for the Macintosh operating system, as well as print services for UNIX.
Remote Installation Services
Provides services that you can use to set up new client computers remotely, without the need to visit each client. The target clients must either support remote startup with the Pre-Boot eXecution Environment (PXE) ROM, or else must be started with a remote-start floppy disk. On the server, you will need a separate partition for Remote Installation Services. For more information, see Disk Partition Requirements for Remote Installation Services earlier in this chapter.
Remote Storage
Provides an extension to your disk space by making removable media such as tapes more accessible. Infrequently used data can automatically be transferred to tape and retrieved when needed.
Script Debugger
Provides support for script development.
Terminal Services
Offers two modes: remote administration mode or application server mode.In application server mode, Terminal Services provides the ability to run client applications on the server, while thin client software acts as a terminal emulator on the client. Each user sees an individual session, displayed as a Windows 2000 desktop, and each session is managed by the server, independent of any other client session. If you install Terminal Services as an application server, you must also install Terminal Services Licensing (not necessarily on the same computer). However, temporary licenses can be issued for clients that allow you to use Terminal servers for up to 90 days.In remote administration mode, you can use Terminal Services to remotely log on to and manage Windows 2000 systems from virtually anywhere on your network (instead of being limited to working locally on a server). Remote administration mode allows for two concurrent connections from a given server and minimizes impact on server performance. Remote administration mode does not require you to install Terminal Services Licensing.
Terminal Services Licensing
Provides a licensing service that allows you to download, issue, and track licenses for Terminal Services clients. If you install Terminal Services in application mode (not in remote administration mode), you must also install Terminal Services Licensing (not necessarily on the same computer). However, temporary licenses can be issued for clients that allow you to use Terminal servers for up to 90 days. To register a license server quickly, install it on a computer that has Internet access. During Terminal Services Licensing Setup, you can select from two types of license server: domain license server (the default) or enterprise license server. A domain license server can only support Terminal servers that are in the same domain as the license server. You must choose a domain license server if the license server is in a workgroup or a Windows NT 4.0 domain. Regardless of the type of domain, you can choose a domain license server if you want to maintain a separate license server for each domain. In Windows 2000 domains, you must install the domain license server on a domain controller. In workgroups or Windows NT 4.0 domains, you can install the domain license server on any server. You can also choose to install a license server as an enterprise license server. An enterprise license server can support Terminal servers in Windows 2000 domains or mixed domains (that is, with some domain controllers running Windows 2000 and some domain controllers running Windows NT 4.0). You must choose an enterprise license server if the license server will support Terminal servers in multiple Windows 2000 domains.
Windows Media Services
Provides multimedia support, allowing you to deliver content using Advanced Streaming Format over an internet or the Internet.
Networking: TCP/IP, IP Addresses, and Name Resolution
TCP/IP is the network protocol that provides Internet access. It is the protocol used by most servers, although you can use additional or different network adapters and their associated protocols on your servers. (For information about using other network adapters, read the adapter documentation, and see Taking an Optional Device Inventory earlier in this chapter.) Setup and the Configure Your Server program are designed to make it easy to configure TCP/IP and the services that support it.
To use TCP/IP, make sure that each server is provided with an IP address, either a dynamic or automatic address provided through software, or a static address that you obtain and set. Because these addresses are numbers and therefore hard to remember, you will also have to provide users with names that are easier to use. Mapping this type of name to an IP address is called name resolution, and can be accomplished by various methods, primarily DNS and Windows Internet Name Service (WINS). The following sections provide more information.
IP Addresses
As described in the preceding section, using TCP/IP requires that an IP address be provided for each computer, either automatically by Windows 2000, dynamically through the DHCP service (which you configure), or statically (using an IP address that you have obtained).
You can allow Windows 2000 to provide IP addresses automatically during Setup, and then, after Setup, change your configuration to use DHCP and/or static addressing. You can view information about DHCP and IP addressing in Windows 2000 Help after running Setup (click Start, and then click Help).
The following list describes the methods you can use to provide an IP address:
For a limited number of servers (five or fewer) on a small private network, you can use the Windows 2000 Advanced Server feature called Automatic Private IP Addressing (APIPA) to automatically assign IP addresses for you. In Setup, automatic addressing is available from the Networking Settings dialog box when you choose Typical settings.
If your network has more than one subnet, choose one server on which to install and configure the Dynamic Host Configuration Protocol (DHCP) component. The DHCP server will provide IP addresses dynamically to other computers. It must itself be assigned a static IP address (so other computers can locate it).
In this situation, in order to support clients, you might also need one or more servers with the DNS component and/or the Windows Internet Name Service (WINS) component. DNS and WINS are described in the next section, Name Resolution. One server or several servers can provide DHCP, DNS, and/or WINS. Any server providing these services should be assigned a static IP address (so other computers can locate it). For detailed information about assigning a static IP address, see the section on specifying networking settings in Chapter 4, Running Setup for Windows 2000 Advanced Server.
If a particular server will be directly providing access to users on the Internet, you must assign that server a static IP address. You can obtain an address and an associated domain name from an Internet Service Provider (ISP) or from the Internet Network Information Center (InterNIC). For more information about InterNIC, see:
If a computer has more than one network adapter, it will need a separate IP address for each adapter. For detailed information about assigning a static IP address, see the section on specifying networking settings in Chapter 4, Running Setup for Windows 2000 Advanced Server.
After a server is provided with an IP addressing option, the next components to consider are those that provide for name resolution, which is the process of mapping a computer name (something that users can recognize and remember) to the appropriate IP address. The following sections describe options for name resolution.
Name Resolution for TCP/IP
Name resolution is a process that provides users with easy-to-remember server names, instead of requiring them to use the numerical IP addresses by which servers identify themselves on the TCP/IP network. The name-resolution services are DNS and Windows Internet Name Service (WINS).
DNS
DNS is a hierarchical naming system used for locating computers on the Internet and private TCP/IP networks. One or more DNS servers are needed in most installations. DNS is required for Internet e-mail, Web browsing, and Active Directory. DNS is also required in domains with clients running Windows 2000. DNS is installed automatically when you create a domain controller (or promote a server to become a domain controller), unless the Windows 2000 software detects that a DNS server already exists for that domain. (Alternatively, you can explicitly select DNS as a component to install during or after Setup.)If you are installing DNS on a server, you will need to specify a static IP address on that server. In addition, you will need to configure the DNS clients so that they recognize that IP address. For information about assigning a static IP address, see the section on specifying networking settings in Chapter 4, Running Setup for Windows 2000 Advanced Server. For information about configuring DNS, see Windows 2000 Help, available as soon as the initial Setup process is finished (click Start, and then click Help).
Windows Internet Name Service (WINS)
If you provide support for clients running Windows NT or any earlier Microsoft operating system, you will need to install Windows Internet Name Service (WINS) on one or more servers in the domain. WINS is an optional software component and appears under Networking Services in the component list. (For more information about installing the WINS component, see Choosing Components to Install earlier in this chapter.) If you are installing WINS on a server, you will need to specify a static IP address on that server. In addition, you will need to configure the WINS clients so that they recognize that IP address.For information about assigning a static IP address, see the section on specifying networking settings in Chapter 4, Running Setup for Windows 2000 Advanced Server. For information about configuring WINS, see Windows 2000 Help, available as soon as the initial Setup process is finished (click Start, and then click Help).
Deciding Between Workgroups and Domains
A domain is a grouping of accounts and network resources under a single domain name and security boundary. A workgroup is a more basic grouping, intended only to help users find objects such as printers and shared folders within that group. Domains are the recommended choice for all networks except very small ones with few users.
In a workgroup, users might have to remember multiple passwords, one for each network resource. (In addition, different users can use different passwords for each resource.) In a domain, passwords and permissions are simpler to keep track of, since a domain has a single, centralized database of user accounts, permissions, and other network details. The information in this database is replicated automatically among domain controllers. You determine which servers are domain controllers and which are simply members of the domain. You can determine these roles not only during Setup but afterward.
Domains, and the Active Directory directory system of which they are a part, provide many options for making resources easily available to users while maintaining good monitoring and security. For more information about Active Directory, see Windows 2000 Help, available as soon as the initial Setup process is finished (click Start, and then click Help).
Planning for Domain Controllers and Member Servers
With Windows 2000, servers in a domain can have one of two roles: domain controllers, which contain matching copies of the user accounts and other Active Directory data in a given domain, and member servers, which belong to a domain but do not contain a copy of the Active Directory data. (A server that belongs to a workgroup, not a domain, is called a stand-alone server.) With Windows 2000, it is possible to change the role of a server back and forth from domain controller to member server (or stand-alone server), even after Setup is complete. However, it is recommended that you plan your domain before running Setup, and change server roles only when necessary.
It is a good idea to give careful thought to the names of your domain controllers before running Setup. You cannot change the name of a server while it is a domain controller. Instead, you must change it to a member or stand-alone server, change the name, and finally make the server a domain controller once again.
If you have multiple domain controllers, it provides better support for users than having only one. Multiple domain controllers provide automatic backup for user accounts and other Active Directory data, and they work together to support domain controller functions (such as validating logons). For more information about domain controllers, after running Setup, see the topics under Active Directory in Windows 2000 Help (click Start, and then click Help).
Special Aspects of Windows 2000 Domain Controllers
As you manage your Windows 2000 domain, there are several aspects of Windows 2000 domain controllers that you might want to learn more about. This section describes these aspects briefly. You can find more information in Windows 2000 Help, available as soon as the initial Setup process is finished (click Start, and then click Help).
One aspect of domains that you might want to learn more about is the assigning of operations master roles. These are special roles assigned to one or more domain controllers in an Active Directory domain. The domain controllers assigned these roles perform operations that are single-master (not permitted to occur at different places in a network at the same time). For example, the creation of security identifiers for new resources (such as new computers) must be overseen by a single domain controller, to ensure that the identifiers are unique.
The first domain controller installed in a domain is automatically assigned all the operations master roles. You can change the assignment of operations master roles after Setup, but in most cases this will not be necessary. You will need to be particularly aware of operations masters roles if problems develop on an operations master or if you plan to take one out of service. For more information about operations master roles, which are part of Active Directory, see Windows 2000 Help.
Another aspect of domain management that you might want to learn more about is the global catalog. This is a database on one or more domain controllers. Each copy of the database contains a replica of every object in the Active Directory but with a limited number of each objects attributes. In a multidomain setup, at least one domain controller that contains the global catalog must be running and available in order for users to log on. For more information about the global catalog, which is part of Active Directory, see Windows 2000 Help.
Additional Information About Domains
For information about upgrading an existing domain, see Upgrading an Existing Windows NT Domain earlier in this chapter.
For detailed information about domains, operations master roles, the global catalog, and other domain-related topics, see Active Directory in Windows 2000 Help, available after you install (or upgrade to) Windows 2000 on your first server. To display Windows 2000 Help, click Start, and then click Help.
For information about setting up multiple domains with structured relationships, see the Windows 2000 Server Resource Kit, Deployment Planning Guide.
.gif "Bb727072.spacer(en-us,TechNet.10).gif")