We hate when people change things without telling us. But Microsoft saw fit
to alter some functions in Windows NT 4.0 without asking our permission. So,
after a new NT 4.0 Server installation refused to work, we had to figure out
what was going on.
From NT 3.51 to 4.0, lots of things moved, and many default settings
shifted. We can understand why just about everything in the interface moved
around because the arrangement makes more sense now. But security defaults,
domain relationships, and user rights have changed, too. Some things have
changed for the better, some (in our opinion) for the worse. But we suppose your
feelings depend on how you look at it.
Domains vs. User Rights
In NT 3.51, the default is that the Everyone group has permission to log on
locally to a system. Because all users in a domain and on a local system are
members of the Everyone group by default, anyone can use any system (workstation
or server) to log on to a domain. In NT 3.51, this permission was a security
hole. Not so in NT 4.0.
When I (Joel) set up my new NT 4.0 Server and tried to log on to another
corporate domain where I had an account, I got the message Local policy of
this system does not allow you to log in interactively, and the system
denied me access. Very annoying, compared with what I was used to.
In NT 4.0, you have to explicitly grant the Log on locally user
right to specific users by changing the local Security Accounts Manager (SAM)
database on that system. So, for all users of your local domain--or users of any
other networked domain--you have to either go to the system they want to use and
add their logons to the Log on locally user right, or make the users
members of a group and assign that group to the Log on locally
permission. You have to change the SAM for every user and for every system that
people use as a shared workstation. Specifically administering the local
accounts database on every workstation in your enterprise is a pain, but it is
another level of security--or rather, it plugs a hole. One other change you will
notice is that NT 4.0 disables the Guest account by default, whereas NT 3.51
enables it.
Windows 95 on NT
I (Dean) received a Timex Datalink watch for Christmas 1995. I used Windows
95 and Schedule+ to enter appointments and phone numbers into the watch. When I
upgraded my system to NT, I found that the version of Schedule+ for NT could no
longer program my watch. Also, none of the network games I like to play over
lunch worked.
I decided to install Win95 on my NT system as a secondary OS and use it
when I want to program my watch or play games. But I figured that installing
Win95 while keeping my NT system intact would be like pulling the rug out from
under me while I'm standing on it.
When I originally installed NT, I wiped out the hard disk and set up a
512MB FAT partition as drive C. Then I set up the rest of the hard disk as an
NTFS partition.
The first thing I did for the Win95 installation was back up the NT files I
would need if the hard drive got hosed. Second, I created an Emergency Repair
Disk with the RDISK utility. Next, I found a system running Win95 and formatted
a floppy using the Make a system disk option. I then copied the sys.com
file from the \windows\command directory to the disk.
I took the disk back to my system, put it in the drive, booted, and pressed
Enter at the time and date prompts. At the A:\> prompt, I typed SYS C: and
pressed Enter. This action overwrote the boot sector on the C drive and
installed the Win95 DOS files. To install the rest of Win95, I needed to access
my CD-ROM drive. I rebooted my system and then installed the DOS CD-ROM drivers.
I rebooted again, and at the C:\> prompt, I ran Setup from the Win95 CD-ROM.
Now I had a fully functioning Win95 system, but I couldn't access my NT
stuff. Now, how could I get NT back without wiping out the work I had just done
and without wiping out my NT setup? I dug out my NT CD-ROM and the three boot
floppies. I booted to the first floppy and went through the setup process to the
point where the prompt asked me whether to repair the system or install NT. I
chose the Repair option and said to repair everything.
I answered all the prompts and rebooted. My reward was the familiar NT boot
menu with a new Microsoft Windows option at the bottom. I selected the first
boot option (NT) to make sure everything was OK with my NT setup (it was) and
rebooted, selecting the Microsoft Windows option. This option booted Win95, and
everything was good! I ran Schedule+ and told it to use the same directory I was
using under NT to access my schedule information.
Putting Win95 back on my system was quite easy. I can now program my watch
and play network games by simply rebooting my system to Win95. Doing these
things under NT would be nice, but at least I can live with this setup for now.
Smart I/O
Tired of slow I/O? Well, a consortium of vendors (hardware and software) has
developed a new standard called I2O (intelligent I/O) that breaks new ground in
functionality and cross-compatibility.
I2O is a set of specifications for network, disk, and other I/O devices
that transfers I/O processing from your main CPU to specialized I/O processors
on the controller cards. These processors and new software components (in the
OS) dramatically reduce the effects of I/O requests on system performance. Now
data can go directly from one device to another (say, from disk directly to a
LAN card) without involving the CPU, and involving the OS only to maintain
security and other administrative information. Products that implement this new
technology will ship this spring.
CD AutoPlay
Are you annoyed by the Windows NT CD-ROM applet that plays that tired old
sound each time you insert a recent CD-ROM into your drive? Well, you can
disable CD AutoPlay (also known as AutoRun or Auto Insert Notification) with a
minor change to your Registry (use regedt32.exe):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\AutoRun:0 = OFF
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\AutoRun:1 = ON
As always, use extreme care when you change your Registry.
Cool Uses for NT
Hey out there--what are you using NT for? In the Windows NT Magazine
Lab, we are always trying to find novel tasks that NT is good for. If you are
implementing NT in a cool new way or putting together an intense NT
environment--such as a render farm, multimedia development studio, or a high-end
database installation with a specific new product--write to us at
labguys@winntmag.com and tell us about it. If we base a product review on your
situation, we'll send you some cool Windows NT Magazine stuff (T-shirts,
coffee mugs,...).