Neat Tricks in NT 4.0 and Benchmarks

The new NT 4.0 Explorer interface has some neat features you'll want to learn. Table 1 lists these navigation tricks.

This capability is not new, but do you know that in User Manager, you can assign rights and permissions to groups of users by selecting all their names and then performing the administration functions? Beware, though! This action will overwrite any pre-existing permission setups (i.e., if certain users have certain rights, you will erase those rights in favor of the new attributes--this action is handy, though, for initial setups of numerous users).

Changing Security
NT File System (NTFS) is a secure file system and generally easy to administer. To grant or deny specific users and groups the permissions to read, write, execute, delete, change permissions, or take ownership of the selected objects, you simply highlight certain files or directories and select a few menu items.

But what if you already have different permissions set up throughout your file system and you want to remove access from a group or a user without mucking up the existing set? If you glance at the menu items, you might think you have to go through all the files, one at a time, looking at the permissions and removing the particular user or group. This procedure is time-consuming, susceptible to error, and just plain painful with thousands of files.

Lucky for us, Microsoft has provided a command-line utility, cacls.exe, that lives in your \%systemroot%\system32 directory. cacls stands for Change Access Control Lists. The utility lets you change the user and group access permissions for files and directories.

You can tighten your system security by removing the Everyone group from all the files and directories without wiping out the permissions that are in place. First, issue the command cacls*.*/T/E/g Administrator:F to ensure that the Administrator account can access all files and directories, just in case you remove your ability to modify them further. Next, issue the command cacls *.* /T /E /r EVERYONE from the command prompt in the root directory to change the permission of every file and directory on your system.

To see the permissions in place, as in Screen 1, issue the command cacls *.* /T. Add | more to the end of the command line so the listing doesn't scroll by too fast.

As with most of the command-line utilities that Microsoft provides, online Help is available. However, as Screen 2 shows, the Help is a bit cryptic.

Birth of a Benchmark
And now for something completely different: The Lab's mandate is to give readers criteria for judging and selecting software and hardware products. To develop those criteria, we Lab guys test products, just as the labs of other magazines do. However, we've become frustrated with the methods of most testing and the standards for benchmarking. So we've decided to develop meaningful and repeatable benchmarks.

A realistic way to define the word benchmark is as a distortion of reality. No one has discovered a way to accurately duplicate real-world user loads without sitting down at every company in the world and testing each network, server, and workstation in the application mix and their user load.

With that reality check in mind, you can further define a benchmark as a reasonable simulation of average user activity: Shoot for the median, and you stand a good chance of representing a useful cross-section of user load and configurations in the real world.

Some benchmarking strategies, such as TPC, ServerBench, NetBench, AIM, RPMarks, and RDBMarks, are synthetic: They test system performance by generating loads or transactions that do not occur in the natural IS world. These strategies don't always relate cleanly to real, end-user system performance and activity, so you don't get a feel for real environment scaleability. You are best served by not using these numbers to extrapolate system performance for your corporate environment. Some published results can mislead you.

The currently fashionable method of reporting system performance is with one number, such as TPC-C. Vendors and magazines use this number to say, "This machine is the fastest computer in the world," or, "This system is the best price/performer."