With the introduction of Windows 2000, Microsoft is encouraging MCSEs to update their skills and certifications to cover Windows 2000. In this Daily Drill Down, I’ll look at the Microsoft Official Curriculum (MOC) course 1560, "Updating Support Skills from Microsoft Windows NT to Microsoft Windows 2000." This five-day course will help you update your existing Windows NT skills to Windows 2000.
This course is meant for those administrators who already have a strong background in Windows NT 4.0. Microsoft recommends that you have completed course 803, "Administering Microsoft Windows NT 4.0," and course 922, "Supporting Microsoft Windows NT 4.0 Core Technologies," or have equivalent skills and knowledge.
Contents of the course
The course is divided into 16 modules. Each module takes a look at a different topic with Windows 2000. At times, the modules seem out of order. For instance, a new installation is covered in Module 1, but upgrading is not covered until Module 6. There are plenty of labs and sample questions, and you’ll get evaluation copies of Windows 2000 Professional and Windows 2000 Advanced Server. Also included is the course CD that contains the multimedia presentations shown in class, as well as answers to labs and sample questions.
Module 1: Installing Microsoft Windows 2000
This module gives you a good overview of unique features in the Windows 2000 family, which consists of Windows 2000 Professional, Windows 2000 Server, Windows 2000 Advanced Server, and Windows 2000 Datacenter Server. It gets into different types of installation, licensing, file systems, and disk partition options. It even has a pre-installation checklist for you, although it isn’t very thorough.
The problem with this module is the lab. Since it takes such a long time to install Windows 2000, the lab is actually a multimedia simulation that lasts about 45 minutes. It walks you through each step of the install but quickly skips through the steps that are time-consuming, such as copying files and updating the system. Given the time allotted for this course, this may be the only solution. Problematic installations could take days to complete.
Module 2: Implementing DNS in Windows 2000
Understanding this module is essential to becoming a Windows 2000 administrator. This module starts with a multimedia presentation about DNS (included in your course CD) and covers installing DNS and configuring zones. Windows 2000 DNS has several new features, all of which are covered here. The lab has four exercises, which require you and a partner to install and test DNS.
Module 3: Installing Active Directory
This is one of the longest modules in the class. It covers the concept of Active Directory in a multimedia presentation (included in your course CD). The components of Active Directory (trees, forests, domains, organizational units (OUs), DNS naming conventions, and global catalog) are explained in detail. This module contains one of the better labs as it leads you and a partner through installing Active Directory. You also get to switch your domain from mixed to native mode. Understanding Active Directory is key to proceeding in the course.
Module 4: Creating the Physical Structure of Active Directory
The physical structure of Active Directory includes replication, sites, subnets, global catalog servers, etc. This module’s lab leads you through the process of creating a site, a subnet, and a site link.
Module 5: Administering Active Directory
Much of the material presented in earlier modules deals with new concepts, but this module helps you get your bearings. It introduces you to the procedures that you’ll use to administer Windows 2000. The functions that you’re used to in Windows NT, such as creating user and computer accounts and creating and managing groups, are outlined. You’ll also learn how to create an OU and to delegate control of Active Directory objects, which are new features in Windows 2000.
There are three labs in this module. They are good at not only leading you through the tasks, but also at explaining the processes through a series of fill-in-the blank questions.
Module 6: Upgrading to Windows 2000
This module explains how to upgrade member servers and domain controllers and the specific order in which the upgrade must be performed. Native mode, which is an all-Windows 2000 domain controller environment, is compared against the mixed-mode model. As with the first module, you’ll view a multimedia presentation about the installation process.
Module 7: Deploying Windows 2000 Professional by Using Remote Installation Services
Remote OS Installation is a new feature to Windows 2000, which allows you to remotely install Windows 2000 Professional by connecting to a Remote Installation Services (RIS) Server. This module explains how to install and configure a RIS Server. It also explains how to prepare the client computer, which is referred to as pre-staging. The lab is another multimedia presentation that steps you through the process.
Module 8: Using Group Policy to Manage Desktop Environments
This module describes Group Policy, which allows you to manage desktop environments across a Windows 2000 network by applying configuration settings to computer and user accounts. Inheritance of Group Policy in Active Directory and how that Group Policy is stored in only one domain are discussed. There are three labs containing nine exercises. You plan, create, set permissions, and delegate management of Group Policy in the first lab.
The second lab covers implementing administrative templates and Script Policy. The third lab is about implementing folder redirection. This set of labs is probably the best in the course. Not only do they lead you through performing the tasks, but there are also plenty of fill-in-the blank questions that help you understand the work you performed.
Module 9: Using Group Policy to Manage Software
Windows 2000 includes Software Installation and Maintenance, which is similar to Systems Management Server (SMS). This is a long module that goes into detail about this new technology. If you haven’t used SMS to deploy software, you may not realize the convenience of this feature. The two labs teach you to publish, install, and delete software using Group Policy.
Module 10: Installing and Configuring Terminal Services
Terminal Services is an optional component of Windows 2000. It has many uses, including making applications available for mobile users, Windows-based terminals, or palmtop computers. Terminal Services can also be used to perform remote administration on servers running Windows 2000.
This module explains installation and configuration and allows you to establish a terminal session. Since Terminal Services is an optional component, it requires an additional Terminal Services client license for each computer running a terminal session. There are two labs that walk you through the installation and configuration processes.
Module 11: Configuring Remote Access
Configuring Remote Access includes everything from Remote Authentication Dial-In User Server (RADIUS) to Virtual Private Networks (VPNs). This module describes new protocols that Windows 2000 supports and shows you how to configure inbound and outbound connections. Connection Sharing and Network Address Translator (NAT) are explained. A Connection Sharing server is used on a private network for IP translation. If you require configurable DHCP, DNS, and WINS services, then NAT can be enabled instead of Connection Sharing for IP translation. If you currently use a proxy server to handle IP translation on your network, it may be possible to use NAT in its place. NAT will not perform all the functions of a proxy server, however, such as Web caching. This long module has two labs, which are not up to par with some of the other labs.
Module 12: Securing Windows 2000
Securing Windows 2000 is an important topic, and this long module uses four different approaches to address it:
- Securing the Logon Process: This deals with how Windows 2000 uses Smart Cards to validate the logon process.
- Securing Desktops and Services Using Group Policy: A Security Template is a stand-alone Microsoft Management Console (MMC) snap-in that allows the creation of a text-based template file containing security settings for all security areas. The first lab leads you through the process of applying Security Templates.
- Securing Network Traffic by Using IPSec: IPSec authenticates computers and encrypts data on your network. IPSec is not an IETF standard and operates only on computers running Windows 2000. The second lab implements an IPSec solution on your classroom network.
- Securing Files by Using Encrypting File System (EFS): EFS allows users to encrypt NTFS files by using a strong public key scheme that will encrypt all files in a folder. This encryption can be set up to be transparent to the user or to require a public key. The third lab steps you through the EFS process.
Module 13: Support for DHCP and WINS
WINS and DHCP were supported in Windows NT 4.0, but Windows 2000 includes enhanced implementations. DHCP now includes unauthorized DHCP server detection and integration with DNS. WINS now has persistent connections and improved management capabilities. This is the shortest module in the course.
Module 14: Managing File Resources
Windows 2000 allows file resources to be shared and published in Active Directory. Publishing the information in Active Directory makes it easy for users to find them on the network. Much of this module deals with familiar concepts while explaining the enhancements. There are now 13 special access permissions with NTFS instead of the nine found in Windows NT. Windows 2000 disk quota is the last portion of the module. Although this is a relatively short module, there are three labs to help you fine-tune the new file resources available to you.
Module 15: Performing Disk Management
Basic disks and dynamic disks are the two disk storage types offered by Windows 2000. There is an MMC snap-in for disk management that you’ll use instead of Windows NT Disk Administrator. You can convert a disk from basic storage, which uses the partitions in the old versions of Windows, to dynamic—but not vice versa. Dynamic storage offers several advantages:
- Volume sets can be extended to noncontiguous space on the available disks.
- There’s no limit to the number of volumes you can create.
- Disk configuration information is stored on the disk instead of in the registry.
There is one lab that walks you through the processes of converting a basic disk to dynamic, creating a new volume, extending a volume, and mounting a volume.
Module 16: Implementing Disaster Recovery
Windows 2000 provides some new and enhanced disaster-protection features. They include:
- Fault-tolerant volumes
- Advanced startup options
- Recovery Console
- Backup utility
This module, which is quite short, explains how to implement fault-tolerant volumes, how to recover a failed mirrored volume, and how to recover from a failed RAID 5 volume. It also shows the Recovery Console and looks at the backup utility. Many administrators rely on third-party software for disaster recovery, fault-tolerant volumes, and backup. Windows 2000 does not give you many reasons to abandon your current software.
If you’re planning to migrate your existing NT network to Windows 2000 and already have a strong background in Windows NT 4.0, you should take this course. With Microsoft expiring the MCSE certifications for existing MCSEs, you’ll need to know what’s in store for you in the Windows 2000 track. In this Daily Drill Down, I’ve shown you what’s involved with Course 1560: Updating Support Skills from Microsoft Windows NT to Microsoft Windows 2000.
Troy Thompson, MCSE+I, has worked in the automation field for 15 years, and he has dealt with a variety of systems, including Wang OIS, Unisys BTOS, UNIX, Windows 3.11, Novell NetWare, Windows NT 3.51, and Windows NT 4.0. He’s worked as an administrator of a Novell and an NT network and as a systems analyst for an IBM mainframe. Currently, Troy is the Information System Security Officer at the Information Management shop at Fort Knox. If you’d like to contact Troy, send him an e-mail.The authors and editors have taken care in preparation of the content contained herein but make no expressed or implied warranty of any kind and assume no responsibility for errors or omissions. No liability is assumed for any damages. Always have a verified backup before making any changes.