   #copyright

Windows 2000

2007 Schools Wikipedia Selection. Related subjects: Software

   Windows 2000
   (Part of the Microsoft Windows family)
   Screenshot
   Screenshot of Windows 2000 Professional
   Developer
   Microsoft
   Web site: www.microsoft.com/windows2000
   Release information
   Release date:    February 17, 2000 info
   Current version: 5.0 SP4 Rollup 1 ( September 13, 2005) info
   Source model:    Closed source
   License:         Microsoft EULA
   Kernel type:     Hybrid kernel
   Support status
   Extended Support Period, only security updates will be provided unpaid.

   Windows 2000 (also referred to as Win2K) is a preemptible,
   interruptible, graphical and business-oriented operating system that is
   designed to work with either uniprocessor or symmetric multi-processor
   32-bit Intel x86 computers. It is part of the Microsoft Windows NT line
   of operating systems and was released on February 17, 2000. It was
   succeeded by Windows XP in October 2001 and Windows Server 2003 in
   April 2003.

   Windows 2000 is classified as a hybrid kernel operating system, and its
   architecture is divided into two modes: user mode and kernel mode. The
   kernel mode provides unrestricted access to system resources and
   facilitates the user mode, which is heavily restricted and designed for
   most applications.

   Windows 2000 was made available in four editions: Professional, Server,
   Advanced Server, and Datacenter Server. Additionally, Microsoft offered
   Windows 2000 Advanced Server Limited Edition, which was released in
   2001 and runs on 64-bit Intel Itanium microprocessors. All editions of
   Windows 2000 have common functionality, including many system utilities
   such as the Microsoft Management Console and standard system management
   applications such as a disk defragmentation utility. Support for people
   with disabilities was improved with a number of new assistive
   technologies, and Microsoft included increased support for different
   languages and locale information. All versions of the operating system
   support the Windows NT filesystem, NTFS 5, the Encrypting File System,
   as well as basic and dynamic disk storage. The Windows 2000 Server
   family has additional functionality, including the ability to provide
   Active Directory services (a hierarchical framework of resources),
   Distributed File System (a file system that supports sharing of files)
   and fault-redundant storage volumes. Windows 2000 can be installed and
   deployed to corporate desktops through either an attended or unattended
   installation. Unattended installations rely on the use of answer files
   to fill in installation information, and can be performed through a
   bootable CD using Microsoft Systems Management Server, by the System
   Preparation Tool.

   Microsoft has marketed Windows 2000 as "the most secure Windows we've
   ever shipped", however it has become the target of a number of
   high-profile virus attacks such as Code Red and Nimda, and more than
   six years after its release, continues to receive patches for security
   vulnerabilities on a near-monthly basis.

History

   Windows 2000 is a continuation of the Microsoft Windows NT line of
   operating systems, replacing its predecessor, Windows NT 4.0.
   Originally called Windows NT 5, Microsoft changed the name to Windows
   2000 on October 27, 1998 It was also the first Windows version that was
   released without a code name, though Windows 2000 Service Pack 1 was
   codenamed "Asteroid" and Windows 2000 64-bit was codenamed "Janus" (not
   to be confused with Windows 3.1, which had the same codename). The
   first beta for Windows 2000 was released on September 27, 1997 and
   several further betas were released until Beta 3 which was released on
   April 29, 1999. From here, Microsoft issued three release candidates
   between July and November 1999, and finally released the operating
   system to partners on December 12, 1999. The public received the full
   version of Windows 2000 on February 17, 2000 and the press immediately
   hailed it as the most stable operating system Microsoft had ever
   released. InformationWeek summarized the release "our tests show the
   successor to NT 4.0 is everything we hoped it would be. Of course, it
   isn't perfect either." Wired News later described the results of the
   February launch as "lackluster". Novell was not so impressed with
   Microsoft's new directory service architecture as they found it to be
   less scalable or reliable than their own Novell Directory Services
   (NDS) technology.

   Originally, Windows 2000 was planned to replace both Windows 98 and
   Windows NT 4. However, that was later changed. Instead, an updated
   version of Windows 98 called Windows 98 Second Edition was released in
   1999 as a successor to Windows 98. In 1999, Microsoft started
   development on a project called Windows Neptune, which was supposed to
   be a home-user edition of Windows 2000. However, the project lagged in
   production time – and only one alpha release was built. Windows Me was
   released as a substitute, and the Neptune project was cancelled in
   favour of Whistler (Windows XP). The only elements of the Neptune
   project which were included in Windows 2000 were the ability to upgrade
   from Windows 95 or Windows 98, and support for the FAT32 file system.

   On September 29, 2000, Microsoft released Windows 2000 Datacenter
   Server, targeted at large-scale computing systems with support for 32
   processors.

   Four service packs were released for Windows 2000: Service Pack 1 (SP1)
   on August 15, 2000, Service Pack 2 (SP2) on May 16, 2001, Service Pack
   3 (SP3) on August 29, 2002 and its last Service Pack (SP4) on June 26,
   2003. Microsoft has stated that they will not release a Service Pack 5,
   but instead, have made available an "Update Rollup" for Service Pack 4.
   Microsoft phased out all development of their Java Virtual Machine
   (JVM) from Windows 2000 in Service Pack 3.

   Windows 2000 has since been superseded by newer Microsoft operating
   systems. Microsoft replaced Windows 2000 Server products with Windows
   Server 2003, and Windows 2000 Professional with Windows XP
   Professional.

Architecture

   The Windows 2000 operating system architecture consists of two layers
   (user mode and kernel mode), with many different modules within both of
   these layers.
   Enlarge
   The Windows 2000 operating system architecture consists of two layers
   (user mode and kernel mode), with many different modules within both of
   these layers.

   Windows 2000 is a highly modular system that consists of two main
   layers: a user mode and a kernel mode. The user mode refers to the mode
   in which user programs are run. Such programs are limited in terms of
   what system resources they have access to, while the kernel mode has
   unrestricted access to the system memory and external devices. All user
   mode applications access system resources through the executive which
   runs in kernel mode.

User mode

   User mode in Windows 2000 is made of subsystems capable of passing I/O
   requests to the appropriate kernel mode drivers by using the I/O
   manager. Two subsystems make up the user mode layer of Windows 2000:
   the environment subsystem and the integral subsystem.

   The environment subsystem was designed to run applications written for
   many different types of operating systems. These applications, however,
   run at a lower priority than kernel mode processes. There are three
   main environment subsystems:
    1. Win32 subsystem runs 32-bit Windows applications and also supports
       Virtual DOS Machines (VDMs), which allows MS-DOS and 16-bit Windows
       3.x ( Win16) applications to run on Windows.
    2. OS/2 environment subsystem supports 16-bit character-based OS/2
       applications and emulates OS/2 1.3 and 1.x, but not 32-bit or
       graphical OS/2 applications as used on OS/2 2.x or later.
    3. POSIX environment subsystem supports applications that are strictly
       written to either the POSIX.1 standard or the related ISO/ IEC
       standards.

   The integral subsystem looks after operating system specific functions
   on behalf of the environment subsystem. It consists of a security
   subsystem (grants/denies access and handles logons), workstation
   service (helps the computer gain network access) and a server service
   (lets the computer provide network services).

Kernel mode

   Kernel mode in Windows 2000 has full access to the hardware and system
   resources of the computer. The kernel mode stops user mode services and
   applications from accessing critical areas of the operating system that
   they should not have access to.

   The executive interfaces with all the user mode subsystems. It deals
   with I/O, object management, security and process management. It
   contains various components, including:
     * Object manager: a special executive subsystem that all other
       executive subsystems must pass through to gain access to Windows
       2000 resources. This is essentially a resource management
       infrastructure service that allows Windows 2000 to be an object
       oriented operating system.
     * I/O Manager: allows devices to communicate with user-mode
       subsystems by translating user-mode read and write commands and
       passing them to device drivers.
     * Security Reference Monitor (SRM): the primary authority for
       enforcing the security rules of the security integral subsystem.
     * IPC Manager: short for Interprocess Communication Manager, manages
       the communication between clients (the environment subsystem) and
       servers (components of the executive).
     * Virtual Memory Manager: manages virtual memory, allowing Windows
       2000 to use the hard disk as a primary storage device (although
       strictly speaking it is secondary storage).
     * Process Manager: handles process and thread creation and
       termination
     * PnP Manager: handles Plug and Play and supports device detection
       and installation at boot time.
     * Power Manager: the power manager coordinates power events and
       generates power IRPs.
     * The display system is handled by a device driver contained in
       Win32k.sys. The Window Manager component of this driver is
       responsible for drawing windows and menus while the GDI ( graphical
       device interface) component is responsible for tasks such as
       drawing lines and curves, rendering fonts and handling palettes.

   The Windows 2000 Hardware Abstraction Layer, or HAL, is a layer between
   the physical hardware of the computer and the rest of the operating
   system. It was designed to hide differences in hardware and therefore
   provide a consistent platform to run applications on. The HAL includes
   hardware specific code that controls I/O interfaces, interrupt
   controllers and multiple processors.

   The hybrid kernel sits between the HAL and the executive and provides
   multiprocessor synchronization, thread and interrupt scheduling and
   dispatching, trap handling and exception dispatching. The hybrid kernel
   often interfaces with the process manager and is responsible for
   initialising device drivers at bootup that are necessary to get the
   operating system up and running.

Common functionality

   Certain features are common across all editions of Windows 2000, among
   them being NTFS 5, the Microsoft Management Console (MMC), the
   Encrypting File System (EFS), dynamic and basic disk storage, usability
   enhancements and multi-language and locale support. Windows 2000 also
   has several standard system utilities included as standard. As well as
   these features, Microsoft introduced a new feature to protect critical
   system files, called Windows File Protection. This prevents programs
   (with the exception of Microsoft's update programs) from replacing
   critical Windows system files and thus making the system inoperable.

   Microsoft recognized that the infamous Blue Screen of Death (or stop
   error) could cause serious problems for servers that needed to be
   constantly running and so provided a system setting that would allow
   the server to automatically reboot when a stop error occurred. Also
   included is an option to dump any of the first 64 KB of memory to disk
   (the smallest amount of memory that is useful for debugging purposes,
   also known as a minidump), a dump of only the kernel's memory, or a
   dump of the entire contents of memory to disk, as well as write that
   this event happened to the Windows 2000 event log. In order to improve
   performance on computers running Windows 2000 as a server operating
   system, Microsoft gave administrators the choice of optimizing the
   operating system's memory and processor usage patterns for background
   services or for applications.

NTFS 5

   Microsoft released the third version of the NTFS file system — also
   known as version 5.0 — as part of Windows 2000; this introduced quotas,
   file-system-level encryption, sparse files and reparse points. Sparse
   files allow for the efficient storage of data sets that are very large
   yet contain many areas that only have zeroes. Reparse points allow the
   object manager to reset a file namespace lookup and let file system
   drivers implement changed functionality in a transparent manner.
   Reparse points are used to implement volume mount points, junctions,
   Hierarchical Storage Management, Native Structured Storage and Single
   Instance Storage. Volume mount points and directory junctions allow for
   a file to be transparently referred from one file or directory location
   to another.

Encrypting File System

   The Encrypting File System (EFS) introduced strong file-level
   encryption to Windows. It allows any folder or drive on an NTFS volume
   to be encrypted transparently to the end user. EFS works in conjunction
   with the EFS service, Microsoft's CryptoAPI and the EFS File System
   Run-Time Library (FSRTL). As of September 2006, its encryption has not
   been compromised.

   EFS works by encrypting a file with a bulk symmetric key (also known as
   the File Encryption Key, or FEK), which is used because it takes a
   relatively smaller amount of time to encrypt and decrypt large amounts
   of data than if an asymmetric key cipher is used. The symmetric key
   that is used to encrypt the file is then encrypted with a public key
   that is associated with the user who encrypted the file, and this
   encrypted data is stored in the header of the encrypted file. To
   decrypt the file, the file system uses the private key of the user to
   decrypt the symmetric key that is stored in the file header. It then
   uses the symmetric key to decrypt the file. Because this is done at the
   file system level, it is transparent to the user.

   Also, in case of a user losing access to their key, support for
   recovery agents that can decrypt files is built in to EFS.

Basic and dynamic disk storage

   Windows 2000 introduced the Logical Disk Manager for dynamic storage.
   All versions of Windows 2000 support three types of dynamic disk
   volumes (along with basic storage): simple volumes, spanned volumes and
   striped volumes:
     * Simple volume: this is a volume with disk space from one disk.
     * Spanned volumes: multiple disks spanning up to 32 disks. If one
       disk fails, all data in the volume is lost.
     * Striped volumes: also known as RAID-0, a striped volume stores all
       its data across several disks in stripes. This allows better
       performance because disk read and writes are balanced across
       multiple disks.

   Windows 2000 also added support for the iSCSI protocol.

Accessibility support

   Microsoft made an effort to increase the usability of Windows 2000 for
   people with visual and auditory impairments and other disabilities.
   They included several utilities designed to make the system more
   accessible:
     * FilterKeys: These are a group of keyboard related support for
       people with typing issues, and include:
          + SlowKeys: Windows is told to disregard keystrokes that are not
            held down for a certain time period
          + BounceKeys: multiple keystrokes to one key to be ignored
            within a certain timeframe
          + RepeatKeys: allows users to slow down the rate at which keys
            are repeated via the keyboard's keyrepeat feature
     * ToggleKeys: when turned on, Windows will play a sound when either
       the CAPS LOCK, NUM LOCK or SCROLL LOCK keys are pressed
     * MouseKeys: allows the cursor to be moved around the screen via the
       numeric keypad instead of the mouse
     * On screen keyboard: assists those who are not familiar with a given
       keyboard by allowing them to use a mouse to enter characters to the
       screen
     * SerialKeys: gives Windows 2000 the ability to support speech
       augmentation devices
     * StickyKeys: makes modifier keys (ALT, CTRL and SHIFT) become
       "sticky" — in other words a user can press the modifier key,
       release that key and then press the combination key. Normally the
       modifier key must remain pressed down to activate the sequence.
       (Activated by pressing Shift 6 times quickly)
     * On screen magnifier: assists users with visual impairments by
       magnifying the part of the screen they place their mouse over.
     * Narrator: Microsoft Narrator assists users with visual impairments
       with system messages, as when these appear the narrator will read
       this out via the sound system
     * High contrast theme: to assist users with visual impairments
     * SoundSentry: designed to help users with auditory impairments,
       Windows 2000 will show a visual effect when a sound is played
       through the sound system

Language & locale support

   Windows 2000 has support for many languages other than English. It
   supports Arabic, Armenian, Baltic, Central European, Cyrillic,
   Georgian, Greek, Hebrew, Indic, Japanese, Korean, Simplified Chinese,
   Thai, Traditional Chinese, Turkic, Vietnamese and Western European
   languages. It also has support for many different locales, a list of
   which can be found on Microsoft's website.

Games support

   Windows 2000 included version 7.0 of the DirectX application
   programming interfaces, commonly used by game developers on Windows 98.
   The majority of games written for recent versions of DirectX could
   therefore run on Windows 2000, in contrast to Windows NT 4.0, which
   only provided support for DirectX 3.

System utilities

   Windows 2000 introduced the Microsoft Management Console (MMC), which
   is used to create, save, and open administrative tools. Each of the
   tools is called a console, and most consoles allow an administrator to
   administer other Windows 2000 computers from one centralised computer.
   Each console can contain one or many specific administrative tools,
   called snap-ins. Snap-ins can be either standalone (performs one
   function), or extensions (adds functionality to an existing snap-in).
   In order to provide the ability to control what snap-ins can be seen in
   a console, the MMC allows consoles to be created in author mode or
   created in user mode. Author mode allows snap-ins to be added, new
   windows to be created, all portions of the console tree can be
   displayed and for consoles to be saved. User mode allows consoles to be
   distributed with restrictions applied. User mode consoles can have full
   access granted user so they can make whatever changes they desire, can
   have limited access so that users cannot add to the console but they
   can view multiple windows in a console, or they can have limited access
   so that users cannot add to the console and also cannot view multiple
   windows in a console.

   The main tools that come with Windows 2000 can be found in the Computer
   Management console (found in Administrative Tools in the Control
   Panel). This contains the event viewer — a means of seeing events and
   the Windows equivalent of a log file, a system information viewer, the
   ability to view open shared folders and shared folder sessions, a
   device manager and a tool to view all the local users and groups on the
   Windows 2000 computer. It also contains a disk management snap-in,
   which contains a disk defragmenter as well as other disk management
   utilities. Lastly, it also contains a services viewer, which allows
   users to view all installed services and to stop and start them on
   demand, as well as configure what those services should do when the
   computer starts.

   Windows 2000 comes bundled with two utilities to edit the Windows
   registry. One acts like the Windows 9x REGEDIT.EXE program and the
   other could edit registry permissions in the same manner that Windows
   NT's REGEDT32.EXE program could. REGEDIT.EXE has a left-side tree view
   that begins at "My Computer" and lists all loaded hives. REGEDT32.EXE
   has a left-side tree view, but each hive has its own window, so the
   tree displays only keys. REGEDIT.EXE represents the three components of
   a value (its name, type, and data) as separate columns of a table.
   REGEDT32.EXE represents them as a list of strings. REGEDIT.EXE was
   written for the Win32 API and supports right-clicking of entries in a
   tree view to adjust properties and other settings. REGEDT32.EXE was
   also written for the Win32 API and requires all actions to be performed
   from the top menu bar. Because REGEDIT.EXE was directly ported from
   Windows 98, it does not support permission editing (permissions do not
   exist in Windows 9x). Therefore, the only way to access the full
   functionality of an NT registry was with REGEDT32.EXE, which uses the
   older multiple document interface (MDI), which newer versions of
   regedit do not use. Windows XP was the first system to integrate these
   two programs into one, adopting the REGEDIT.EXE behaviour with the
   additional NT functionality.

   The System File Checker (SFC) also comes bundled with Windows 2000. It
   is a command line utility that scans system files and verifies whether
   they were signed by Microsoft and works in conjunction with the Windows
   File Protection mechanism. It can also repopulate and repair all the
   files in the Dllcache folder.

Recovery Console

   The Recovery Console is an application that is run from outside the
   installed copy of Windows and that enables a user to perform
   maintenance tasks that cannot be run from inside of the installed copy,
   or cannot be feasibly run from another computer or copy of Windows
   2000. It is usually used to recover the system from errors causing
   booting to fail, which would render other tools useless.

   It presents itself as a simple command line interface. The commands are
   limited to ones for checking and repairing the hard drive(s), repairing
   boot information (including NTLDR), replacing corrupted system files
   with fresh copies from the CD, or enabling/disabling services and
   drivers for the next boot.

   The console can be accessed in one of two ways:
    1. Starting from the Windows 2000 CD, and choosing to enter the
       Recovery Console instead of continuing with setup, or
    2. Installing the Recovery Console via Winnt32.exe, with the /cmdcons
       switch. However, the console can then only be used if the system
       boots to the point where NTLDR can start it.

Server family functionality

   The Windows 2000 server family consists of Windows 2000 Server, Windows
   2000 Advanced Server and Windows 2000 Datacenter Server.

   All editions of Windows 2000 Server have the following services and
   functionality built-in:
     * Routing and Remote Access Service (RRAS) support, facilitating
       dial-up and VPN connections, support for RADIUS authentication,
       network connection sharing, Network Address Translation, unicast
       and multicast routing
     * DNS server, including support for Dynamic DNS. Active Directory
       relies heavily on DNS.
     * Microsoft Connection Manager Administration Kit and Connection
       Point Services
     * Support for distributed file systems (DFS)
     * Hierarchical Storage Management support, a service that runs in
       conjunction with NTFS that automatically transfers files that are
       not used for some period of time to less expensive storage media
     * Fault tolerant volumes, namely it supports Mirrored and RAID-5
     * Group policy (part of Active Directory)
     * IntelliMirror, a collection of technologies for fine-grained
       management of Windows 2000 Professional desktops (roaming profiles,
       software installation, settings management).
     * Kerberos authentication
     * Public Key Infrastructure (PKI) support
     * Terminal Services and support for the Remote Desktop Protocol (RDP)
     * Internet Information Server (IIS) 5

Distributed File System

   The Distributed File System, or DFS, allows shares in multiple
   different locations to be logically grouped under one folder, or DFS
   root. When users try to access a share that exists off the DFS root,
   the user is really looking at a DFS link and the DFS server
   transparently redirects them to the correct file server and share. A
   DFS root can only exist on a Windows 2000 version that is part of the
   server family, and only one DFS root can exist on that server.

   There can be two ways of implementing DFS on Windows 2000: through
   standalone DFS, or through domain-based DFS. Standalone DFS allows for
   only DFS roots that exist on the local computer, and thus does not use
   Active Directory. Domain-based DFS roots exist within Active Directory
   and can have their information distributed to other domain controllers
   within the domain — this provides fault tolerance to DFS. DFS roots
   that exist on a domain must be hosted on a domain controller or on a
   domain member server. The file and root information is replicated via
   the Microsoft File Replication Service (FRS).

Active Directory

   A new way of organizing Windows network domains, or groups of
   resources, called Active Directory, was introduced with Windows 2000
   and obsoleted Windows NT's traditional domain model. Active Directory's
   hierarchical nature allowed administrators a built-in way to manage
   user and computer policies, user accounts, and to automatically deploy
   programs and updates with a greater degree of scalability and
   centralization than provided in previous Windows versions. It is one of
   the main reasons many corporations migrated to Windows 2000. User
   information stored in Active Directory also provided a convenient phone
   book-like function to end users. Active Directory domains can vary from
   small installations with a few hundred objects, to large installations
   with millions of objects. Active Directory contains the ability to
   organise and link groups of domains into a contiguous domain name space
   to form trees. Groups of trees existing outside of the same namespace
   can be linked together to form forests.

   Active Directory services can only be installed on a Windows 2000
   Server, Advanced Server, or Datacenter Server computer, and cannot be
   installed on a Windows 2000 Professional computer. However, Windows
   2000 Professional was the first client operating system able to exploit
   Active Directory's new functionality. As part of an organization's
   migration, Windows NT clients continued to function until all clients
   were upgraded to Windows 2000 Professional, at which point the Active
   Directory domain could be switched to native mode and maximum
   functionality achieved.

   Active directory requires a new DNS server that supports SRV resource
   records, or that an organization's existing DNS infrastructure be
   upgraded to support this functionality. It also requires that one or
   more domain controllers exist to hold the Active Directory database and
   provide Active Directory directory services.

Volume fault tolerance

   Along with support for simple, spanned and striped volumes, the server
   family of Windows 2000 also supports fault tolerant volume types. The
   types supported are mirrored volumes and RAID-5 volumes:
     * Mirrored volumes: the volume contains several disks, and when data
       is written to one it is mirrored to the other disks. This means
       that if one disk fails, the data can be totally recovered from the
       other disk. Mirrored volumes are also known as RAID-1.
     * RAID-5 volumes: a RAID-5 volume consists of multiple disks, and it
       uses block-level striping with parity data distributed across all
       member disks. Should a disk fail in the array, the parity blocks
       from the surviving disks are combined mathematically with the data
       blocks from the surviving disks to reconstruct the data on the
       failed drive "on-the-fly" (this works with various levels of
       success).

Versions

   Microsoft released various versions of Windows 2000 to cater to
   different markets and business needs. It released Windows 2000
   Professional, Windows 2000 Server, Windows 2000 Advanced Server and
   Windows 2000 Datacenter Server:
     * Windows 2000 Professional was designed as the desktop operating
       system for businesses and power users. It is the basic unit of
       Windows 2000, and the most common. It offers greater security and
       stability than many of the previous Windows desktop operating
       systems. It supports up to two processors, and can address up to 4
       GB of RAM. The system requirements were a Pentium Processor @133MHz
       or greater, at least 64 MB of RAM, 650 MB of hard drive space, and
       a CD-ROM drive (recommended: Pentium II, 128 MB of RAM, 1 GB of
       hard drive space, and CD-ROM drive).
     * Windows 2000 Server products share the same user interface with
       Windows 2000 Professional, but contain additional components for
       running infrastructure and application software. A significant
       component of the server products is Active Directory, which is an
       enterprise-wide directory service based on LDAP. Additionally,
       Microsoft integrated Kerberos network authentication, replacing the
       often-criticised NTLM authentication system used in previous
       versions. This also provided a purely transitive-trust relationship
       between Windows 2000 domains in a forest (a collection of one or
       more Windows 2000 domains that share a common schema,
       configuration, and global catalogue, being linked with two-way
       transitive trusts). Furthermore, Windows 2000 introduced a DNS
       server which allows dynamic registration of IP addresses.
     * Windows 2000 Advanced Server is a variant of Windows 2000 Server
       operating system designed for medium-to-large businesses. It offers
       clustering infrastructure for high availability and scalability of
       applications and services, including main memory support of up to 8
       gigabytes (GB) on Physical Address Extension (PAE) systems and the
       ability to do 8-way SMP. It has support for TCP/IP load balancing
       and enhanced two-node server clusters based on the Microsoft
       Cluster Server (MSCS) in the Windows NT Server 4.0 Enterprise
       Edition. A limited edition 64 bit version of Windows 2000 Advanced
       Server was made available via the OEM Channel. It also supports
       failover and load balancing.
     * Windows 2000 Datacenter Server is a variant of the Windows 2000
       Server that is designed for large businesses that move large
       quantities of confidential or sensitive data frequently via a
       central server. As with Advanced Server, it supports clustering,
       failover and load balancing. Its system requirements are normal,
       but are compatible with vast amounts of power:
          + A Pentium-class CPU at 400 MHz or higher - up to 32 are
            supported in one machine
          + 256 MB of RAM - up to 64 GB is supported in one machine
          + Approximately 1 GB of available disk space

Deployment

   Windows 2000 can be deployed to a site via various methods. It can be
   installed onto servers via traditional media (such as via CD) or via
   distribution folders that reside on a shared folder. Installations can
   be attended or unattended. An attended installation requires the manual
   intervention of an operator to choose options when installing the
   operating system. Unattended installations are scripted via an answer
   file, or predefined script in the form of an INI file that has all the
   options filled in already. The Winnt.exe or Winnt32.exe program then
   uses that answer file to automate the installation. Unattended
   installations can be performed via a bootable CD, using Microsoft
   Systems Management Server (SMS), via the System Preparation Tool
   (Sysprep), via running the Winnt32.exe program using the /syspart
   switch or via running the Remote Installation Service (RIS).

   The Syspart method is started on a standardised reference computer —
   though the hardware need not be similar — and it copies the required
   installation files from the reference computer's hard drive to the
   target computer's hard drive. The hard drive does not need to be in the
   target computer and may be swapped out to it at any time, with hardware
   configuration still needing to be done later. The Winnt.exe program
   must also be passed a /unattend switch that points to a valid answer
   file and a /s file to point to the location of one or more valid
   installation sources.

   Sysprep allows the duplication of a disk image on an existing Windows
   2000 Server installation to multiple servers. This means that all
   applications and system configuration settings will be copied across to
   the new Windows 2000 installations, but it also means that the
   reference and target computers must have the same HALs, ACPI support,
   and mass storage devices — though Windows 2000 automatically detects
   plug and play devices. The primary reason for using Sysprep is for
   deploying Windows 2000 to a site that has standard hardware and that
   needs a fast method of installing Windows 2000 to those computers. If a
   system has different HALs, mass storage devices or ACPI support, then
   multiple images would need to be maintained.

   Systems Management Server can be used to upgrade system to Windows 2000
   to multiple systems. Those operating systems that can be upgraded in
   this process must be running a version of Windows that can be upgraded
   (Windows NT 3.51, Windows NT 4, Windows 98 and Windows 95 OSR2.x) and
   those versions must be running the SMS client agent that can receive
   software installation operations. Using SMS allows installations to
   happen over a wide geographical area and provides centralised control
   over upgrades to systems.

   Remote Installation Services (RIS) are a means to automatically install
   Windows 2000 Professional (and not Windows 2000 Server) to a local
   computer over a network from a central server. Images do not have to
   support specific hardware configurations and the security settings can
   be configured after the computer reboots as the service generates a new
   unique security ID (SID) for the machine. This is required so that
   local accounts are given the right identifier and do not clash with
   other Windows 2000 Professional computers on a network. RIS requires
   that client computers are able to boot over the network via either a
   network interface card that has a Pre-Boot Execution Environment (PXE)
   boot ROM installed or that it has a network card installed that is
   supported by the remote boot disk generator. The remote computer must
   also meet the Net PC specification. The server that RIS runs on must be
   Windows 2000 Server and the server must be able to access a network DNS
   Service, a DHCP service and the Active Directory services.

Total cost of ownership

   In October 2002, Microsoft commissioned IDC to determine the total cost
   of ownership (TCO) for enterprise applications on Windows 2000 versus
   the TCO of Linux on the same enterprise applications. IDC looked at
   security and other infrastructure tasks, and Web Serving. According to
   the report, Windows 2000 had a lower TCO for four infrastructure items
   and Linux had a lower TCO for web serving. IDC's report was based on
   telephone interviews of IT executives and managers of 104 North
   American companies in which they determined what they were using for a
   specific workload for file, print, security and networking services.

   IDC determined that the four areas where Windows 2000 had a better TCO
   than Linux — over a period of five years for an average organization of
   100 employees — were in the use of file, print, network infrastructure
   and security infrastructure. They determined, however, that Linux had a
   better TCO than Windows 2000 when it came to web serving. The report
   also found that the greatest cost was not in the procurement of
   software and hardware, but in staffing costs and downtime. The report
   did not take into consideration the impact of downtime to the
   profitability of the business (although they did apply a 40%
   productivity factor, in order to recognize that employees are not
   entirely unproductive during periods of IT infrastructure downtime)
   though it did find that Linux servers had less unplanned downtime than
   Windows 2000 Servers. They found that most Linux servers ran less
   workload per server than Windows 2000 servers and also found that none
   of the businesses they interviewed used 4-way SMP Linux computers. IDC
   also did not take into account specific application servers — servers
   that need low maintenance and are provided by a specific vendor — when
   they performed their study. The report did emphasise that TCO was only
   one factor in considering whether to use a particular IT platform, and
   also noted that as management and server software improved and became
   better packaged the overall picture that was being shown in their
   report could change.

Security flaws

   A number of potential security issues have been noted in Windows 2000.
   A common complaint is that "by default, Windows 2000 installations
   contain numerous potential security problems. Many unneeded services
   are installed and enabled, and there is no active local security
   policy". In addition to the choice of insecure defaults, according to
   SANS, the most common flaws found in the OS are remotely exploitable
   buffer overflow vulnerabilities . Other flaws in the operating system
   that have received criticism include the use of vulnerable encryption
   techniques .

   Computer worms first came into the public spotlight during the period
   where Windows 2000 was the dominant server operating system. Code Red
   and Code Red II were famous (and highly visible to the worldwide press)
   worms that exploited vulnerabilities of the indexing service of Windows
   2000's Internet Information Services (IIS). In August 2003, two major
   worms named the Sobig worm and the Blaster worm began to attack
   millions of Microsoft Windows computers, resulting in the largest
   down-time and clean-up cost to that date. The 2005 Zotob worm was
   blamed for security compromises on Windows 2000 machines at Homeland
   Security, the New York Times, ABC and CNN.

Service Packs

   Throughout its life, Windows 2000 has received four full service packs
   and one rollup update package which is the latest service pack for
   Windows 2000. Many Windows 2000 users were hoping for a Windows 2000
   Service Pack 5, but Microsoft cancelled this project early on in its
   development. Service pack 5 went on to become Update Rollup 1 for
   Service Pack 4. Microsoft states that this update will meet customers
   needs better than a whole new service pack , and will still help
   Windows 2000 customers secure their PCs, reduce support costs, and
   allow their systems to support the current generation of computer
   hardware.

   Because Windows 2000 is now in the Extended support phase of the
   Microsoft Lifecycle Policy there will be no future service packs for
   Windows 2000. Only critical updates will be provided for Windows 2000
   unpaid.

   Retrieved from " http://en.wikipedia.org/wiki/Windows_2000"
   This reference article is mainly selected from the English Wikipedia
   with only minor checks and changes (see www.wikipedia.org for details
   of authors and sources) and is available under the GNU Free
   Documentation License. See also our Disclaimer.
