If you believe what Microsoft says, 1999 is the year that Windows 2000 - previously referred to as NT 5.0 - will ship. This major rewrite of the company's operating system, which promises to change just about everything in Windows NT 4.0 except possibly the cursor, won't become available until the second half of the year at the earliest. But resellers and integrators should start preparing now. With the massive architectural changes in Windows 2000, particularly on the more complex server side, it may take most of the year to prepare for and grasp the new concepts in this upgraded OS. Brooks Talley takes an in-depth lookAlthough Microsoft intends to squeeze something for everyone into Windows 2000, larger corporations are most likely to benefit from the significant changes. Windows 2000 is designed to leave behind the operating system's workgroup heritage. The new product will cater to sites that host tens of thousands of users with new features, such as a real directory service and a built-in software distribution system. Judging by the early Beta 2 of Windows 2000 and well-documented plans, it looks like Microsoft could succeed in courting enterprise customers - that is, if it can deliver everything it has promised.
A feature-complete Beta 3 of Windows 2000 is due later this quarter, but your customer that might be planning the move shouldn't be waiting for the official release to start getting migration plans in order. Although no self-respecting organisation would consider embracing and installing Windows 2000 the day it ships, there are things that can be done within today's NT 4.0 environments to ease the transition to Windows 2000.
The big change
Among the many changes Microsoft is making to the next version of NT, the Active Directory that replaces the operating system's network domain model is likely to be the most significant. It may also be the main reason for large companies to upgrade. NT 4.0's domain model - how an NT network structures users and resources on a network today - has always been my single biggest complaint about NT networks. Theoretically, it can be set up elegantly, but inevitably it evolves into a mess of trust relationships - the glue that allows different domains to interoperate and share resources - so even administrators begin to lose track.
By enforcing hierarchical design and mapping the units in the network tree to well-known Domain Name Service (DNS) names, Active Directory promises to alleviate the many weaknesses the domain model caused: messy administration, confusing trust relationships, and the dual existence of computers - often with different names - in DNS and the domain.
However, migrating from the domain model to the new Active Directory in Windows 2000 will be quite an undertaking, because it means changing your network design. The migration will involve getting out a whiteboard and trying to figure out where existing domains fit into the new Active Directory name space. For companies with just a few domains, this shouldn't be a problem. But many NT installations have hundreds of domains, and figuring out their relationships will be a challenge.
Wisely, Microsoft isn't abandoning NT domains altogether - that would necessitate massive simultaneous client and server upgrades. Rather, the Active Directory encompasses domains, using them as smaller units in the larger hierarchy. To get started, you need to upgrade only the Primary Domain Controllers that will participate in the Active Directory.
Leveraging good technologies
One area in which Microsoft often excels - or opens itself up for anticompetitive scrutiny, depending on how you look at it - is in bolstering one of its products with another. Such is the case with Windows 2000's built-in software distribution model, the Application Installation Service (AIS), which makes good use of Active Directory.
Using this service, you can assign an application to a group of users or a single user, and that application will automati-cally be installed wherever the associated user or users log in to the network. In addition, if the application has been damaged - if some of its files have been deleted, for example - it will be reinstalled. Because this AIS function will take on the simpler software distribution functions of Microsoft's Systems Management Server (SMS), which will afford larger-scale distribution, users may want to upgrade to the version of SMS that will work with Windows 2000.
The software distribution capability leverages the Active Directory in two ways: the application is an attribute of a user or group, and the information on where to find the application on the network and how to install it resides in the Active Directory. Like the directory, the AIS will appeal more to large organisations that have many users who roam around the network, as opposed to small companies that have a one-to-one ratio of client PCs to users.
Death of NetBIOS
No doubt I'm not the only one celebrating the death of NetBIOS, Microsoft's proprietary networking protocol, in Windows 2000. With this upgrade, network administrators can say good riddance to this broadcast-happy protocol that creates excess network traffic, and say hello to everyone's favourite, IP. Although NT 4.0 could use IP, it was simply as a transport for the inelegant NetBIOS protocol. Windows 2000 is at heart an IP and DNS-based NOS. Microsoft will continue to support NetBIOS in Windows 2000 to allow for backward compatibility.
Windows 2000's adoption of DNS for naming computers meant something had to be done to make sure DNS information stays accurate, even when Dynamic Host Configuration Protocol (DHCP)-configured hosts change addresses. The answer here is Dynamic Domain Name Server (DDNS), an Internet standard that allows hosts to dynamically update DNS information. In this way, Windows 2000 hosts can rely solely on DNS for naming, yet not lose the benefits of DHCP, which include IP address conservation and simplified administration.
The benefits of a pure IP and DDNS naming are clear: computers will have only one name, and that name will exactly describe where they are in the hierarchy. This will reduce administration effort, ease troubleshooting, and allow NT to integrate more smoothly in IP-oriented networks.
Another boon for NT administrators that may frustrate end users is Windows 2000's inclusion of disk quotas - something NetWare administrators have enjoyed for more than a decade. Quotas limit the amount of space users can take up on the server on a per-user or per-group basis. In the past, server disk space has pretty much been a free-for-all, with no real way to measure or limit users' hunger for disk space. Many an NT administrator has suffered a bout of apoplexy upon discovering 40 copies of Quake in one user's directory. With quotas, such disk-hogging behaviour will be easily limited.
Another disk enhancement is Windows 2000's capability to actually add new disks without rebooting the server. Again, this is something other network operating systems have had for years, and NT administrators' prayers will finally be answered, Microsoft promises.
Big customer sites that run demanding programs on their NT application servers will benefit from Windows 2000's support of as much as 64GB of memory - 16 times NT 4.0's anaemic 4GB limit. Though 4GB may seem like a lot of memory, it's not nearly capable of running an enterprise-class application.
Boons for customers
In Windows 2000, Microsoft has been paying particular attention to an issue that is important to customers in big and small companies alike - security. This move is necessary, given NT 4.0's less-than-impressive record. Windows 2000 scraps the LAN Manager authentication scheme that plagued NT 4.0 and moves to a Kerberos-based scheme, which, in addition to providing tighter security, will allow integration with other platforms that support Kerberos. The public key certificate server is another step forward, allowing organisations to manage their own public key infrastructure. In theory, the transition to Kerberos should be transparent, but using the same network troubleshooting tools may be difficult.
The upgrade's inclusion of Windows Terminal Server (WTS) is another step forward for Windows 2000. Like Citrix's WinFrame, WTS allows multiple clients to connect to a server and get their own sessions, complete with the new graphical user interface. WTS not only simplifies administration - because each client's programs actually reside on the server - but it could potentially reduce the overall cost of an NT network. Memory, disk space, and processing power can be concentrated in a central server, allowing cheaper clients to be used.
Although WTS' simplified administration is likely to attract departments or small companies that lack dedicated IT staff, the cost savings offered by reinventing old PCs as Windows terminals will appeal to customers across the board. As current implementations of Citrix have shown, users will need to boost server and networks before deploying thin clients.
Changes in NT Workstation
PC users will not see nearly as much of a difference in NT Workstation 5.0 compared with the current version unless they are part of a network. But Microsoft has included a few strictly end-user features in NT Workstation 5.0, such as DirectX 6.0, a set of interfaces for graphics and sound that will let users play virtually every game that runs on Windows 98.
It will also let users install peripherals that use the Universal Serial Bus specification, and will work with digital video disc devices.
Although NT Workstation 5.0 users sitting at their desks won't notice a big change, those on the road will. Notebook users who have been struggling to get NT 4.0 running smoothly on a mobile PC will be relieved to find the inclusion of decent power management and PC Card support in Windows 2000. NT 4.0 was virtually unusable on notebooks without proprietary, vendor-supplied extensions.
Latest power management
Windows 2000 will support Advanced Configuration and Power Interface or ACPI, the new generation of power management, and will be capable of dynamically loading drivers to PC Cards when they're inserted. Additionally, Windows 2000 offers a new service to ease synchronisation of files when they're used on a mobile system.
The whole Windows 2000 package is staggering in scope, and it's easy to understand why Microsoft is having such a hard time getting it all together. So far, the beta versions have been promising but understandably imperfect.
Ironically, that difficulty itself shows some of Microsoft's lack of understanding of enterprise computing - you wouldn't catch IBM trying to roll this sheer volume of updates into a single release of OS/400 or OS/390.
Not only will this upgrade make NT ready for the enterprise, but hopefully the experience of building it will make Microsoft more ready as well.
10 biggest changes in Windows 2000
1 Active Directory: organises administrative information into a single, hierarchical directory 2 Improved security: Kerberos-based log-ins and IPSec support provide secure environment 3 Windows Terminal Server: allows true multi-user access from low-cost terminals 4 Application Installation Service: automatically installs applications as users move around the network 5 Improved disk management: allows on-the-fly addition of storage 6 Hierarchical storage management: automatically moves infrequently used data to slower, less expensive media 7 Microsoft Management Console: integrates administrative functions into a single program 8 64GB memory limit: allows very large databases and other applications 9 Disk quotas: limits use of server disk space on a per-user or per-group basis10 Windows scripting host: allows automation of common tasks