what do you think so far? Whistler
is promising to be an… interesting upgrade to Windows 2000.
As you can see so far, there aren’t that many changes that would
confuse a Windows 2000 MCSE, which is why Microsoft is not retiring the
Windows 2000 SE track. (At least not at this point in time.)
Some of the changes are in Active Directory.
Some other enhancements include support for remote professionals to
remote control your system.
Assistance is an interesting new feature for Windows 2000.
It is found by going to Help
and Support from the Start Menu.
From the Help and Support Services window, click Support
on the top navigation bar. You
will then be brought to the support window.
This window shows you which options are available to you.
Click the Microsoft Remote Assistance option on the left navigation
bar. After navigating through
the introduction screens that describe the feature, you will arrive at the
you are inviting someone to view your current session of Windows and you
are allowing them to communicate with you on your computer.
You will be able to communicate with the remote person helping you
using either text-based chat services or Voice over IP, which Windows XP
and Whistler both support. This
person can be either someone from Microsoft, or someone within your own IT
department that you will be getting support from.
This Invitation, as it is called, can be sent via an email message,
by using a floppy disk, or using the MSN Messenger.
You will be able to password-protect the invitation so that only
that remote support professional can access your system.
Whistler also allows you to set how long the session will stay
active before they are unable to connect with the invitation that you sent
to the support person. The
only catch is that the person supporting your system must also be running
either Whistler, or a later version of a Microsoft operating system.
have been some improvements to the Access Control Lists in Whistler as
well. If you are not sure
exactly what an Access Control List is, well, it’s the list of access
control that each user has assigned to him or her for a particular object.
To get to the ACL of a particular folder, right-click the folder,
click Properties, go to the Security tab and click the Advanced button.
You will see a screen like the following if you did it correctly:
In Windows 2000, you did not have a column header called, “Inherited From.” This is a very helpful improvement for an Administrator, because if you can see that certain permission has been allowed or denied from a higher level, you can now see what level that permission is coming from. There is also an additional tab now called the Effective Permissions tab. Let’s look at this tab and see what it does:
feature allows you to select a user or group from Active Directory and see
exactly what their permissions will be for the object that you are
currently looking at, based on the Groups and permissions assigned to that
individual user account, or the permissions assigned to the groups that
user is a member of. If you
look at the screenshot displayed above, I selected the Users group to do
the comparison to.
Schema of AD has been divided into another section.
There will be a partition that will hold information specific to
Applications now that will be replicated to any DC’s that need that
information, not necessarily all Domain Controllers in a domain or forest.
That way, if you store DNS inside of Active Directory, the DNS
information would not be replicated to Servers that do not host DNS
themselves. This will cut
down on replication time because now if information changes on an
application server that takes advantage of AD, it will not replicate those
changes to any servers except for the one that has the application
installed onto it.
will also be various levels of functionality that Whistler will provide.
Windows 2000 had a “Native Mode” environment that allowed an
administrator to take advantage of features like group-nesting and
Universal Security Groups if the Domain was switched to Native Mode.
Well, there will be different “Levels” of versioning for AD
that will allow an administrator to take advantage of special features as
the System gets upgraded to all Windows 2000/Whistler Servers, then
another mode for a Whistler-only environment.
Servers do not rely on Global Catalog Servers to authenticate logon
requests for clients in a Native-mode domain.
you ever run dcpromo on a remote system and found that the process of
replicating all AD information from a remote DC took an excessively long
amount of time? Well,
Whistler gives you the ability to backup the AD database to a CD ROM and
have the dcpromo utility extract the AD information from the CD rather
than having to get it from the a remote server.
This only works if you add a DC in an existing domain.
It is not used for creating new domains, trees, or forests.
you get a chance to migrate user accounts from a Windows NT 4.0 domain to
a Windows 2000 Domain? Did
you notice one key thing that didn’t migrate over?
Namely, PASSWORDS. Wouldn’t
it have been nice if the Active Directory Migration tool could have done
that as well? Well, it can in
Whistler. As a matter of
fact, it can even pull them from an NT 4.0 domain to a Windows 2000
Directory Users and Computers also has a few noticeable enhancements to
it. One is the ability to
select multiple user accounts and configure common properties on them.
can assign multiple users to the same Office, give them duplicate
Descriptions, Telephone Numbers, Group Membership, Address information,
password expiration dates, logon hours, etc… all through Active
Directory. You can also drag
and drop user accounts as well in ADU&C.
is one more noticeable enhancement for Active Directory that the people at
Microsoft implemented, and that was the ability to see what a user
account’s effective group policy will be.
There are two levels that Active Directory will allow you to check
this: The Planning level and the Logging Level.
The planning level allows you to select a user account and select
which OU you would like to compare that user to.
That way, if you move a user into a different Active Directory
Organizational Unit, you will be able to see how all of the group policies
will affect him or her. Here
is a screenshot:
The second option that you could see is the Logging Option. Logging will check the User account with a Computer account that you choose and the result will be what permissions that user will have on the system. Now, this does not cover NTFS permissions, only Group Policy permissions.
are a list of New Command Prompt utilities that you have available in
Whistler and what they do:
you use Active Directory to deploy software through Group Policies, you
can now have it do a Full install of the software once the user logs onto
the system, rather than waiting for the user to execute the shortcut for
Trust relationships have been improved quite a bit in Whistler as well. Whistler now supports Cross-Forest trusts. If you create a cross-forest trust, all domains in each forest trust each other. Here is a screenshot of the new Domain Trust Wizard:
This concludes the section on Administrative enhancements. As you can tell, Microsoft has been fast at work, trying to improve their access control for Whistler. Administrators can now find out more information quicker than they could before. There have been many improvements over Windows 2000 and now let’s talk about How Terminal Services have been improved.