NT FAQ
Welcome to the NT FAQ, I hope you find valuable information here.
This FAQ is copyright © 1997 John Savill (SavillTech) and should not be reproduced without my permission, however feel free to save it locally and/or print it.
This is an old version so check for current info if needed.
Other NT Links: http://www.savilltech.com/links.html
Q. What are the differences between NT Workstation and NT Server?
A. See table Below
| Workstation | Server | |
| Connection to other clients | 10 | Unlimited |
| Connection to other networks | Unlimited | Unlimited |
| Multiprocessing | 2 CPUs | 4 CPUs |
| RAS | 1 connection | 255 connections |
| Directory Replication | Import | Import and Export |
| Macintosh Services | No | Yes |
| Logon Validation | No | Yes |
| Disk Fault Tolerance | No | Yes |
| Network | Peer-to-peer | Server |
A. New Technology. Its also interesting to
note the heritage
RSX -> VMS -> ELN -> NT all major designs of David
Cutler
Also VMS +1 letter = WNT (Windows NT) :-) (aka HAL and IBM in
2001)
Q. What is the NT Boot Process?
A. Firstly the files required for NT to boot are
The common Boot sequence files are
The boot sequence is as follows
Q. When I boot up NT, it pauses for about 30 seconds on the blue screen.
A. Each dot represents one NT device driver, and sometimes if something is wrong with that driver the startup will be delayed. However there is a known problem with NT if your computer has one or more IDE disks and one or more SCSI disks which results in a pause of around 30 seconds. The problem is due to the detection code used by NT and is currently being investigated by Microsoft.
A. Virtual Memory makes up for the lack of RAM in computers by using space on the hard disk as memory, Virtual Memory. When the actual RAM fills up then virtual memory is created on the hard disk. When physical memory runs out, the Virtual Memory Manager chooses sections of memory that have not been recently used and are of low priority and writes them to the swap file. This process is hidden from applications, and applications views both virtual and actual memory as the same.
Each application that runs under Windows NT is given its own virtual address space of 4GB (2GB for the application, 2GB for the operating system).
The problem with Virtual Memory is that as it writes and reads to the hard disk, this is much slower than actual RAM. This is why if an NT system does not have enough memory it will run very slowly.
A. In the late 1980's the Windows environment was created to run on the Microsoft DOS operating system. Microsoft and IBM joined forces to create a DOS replacement that would run on the Intel platform that led to the creation of OS/2, and at the same time Microsoft was working on a more powerful operating system that would run on other processor platforms. The idea was that the new OS would be written in a high level language (such as C) so it would be more portable.
Microsoft hired Dave Cutler (who also designed Digital's VMS) to head the team for the New Technology Operating System (NT :-) ). Originally the new OS was to be called OS/2 NT.
In the early 1990's Microsoft release version 3.0 of its windows OS which gained a large user base, and it was at this point that Microsoft and IBM's split started as the two companies disagreed on the future of their OS's. IBM views Windows as a stepping stone to the superior OS/2, where as Microsoft wanted to expand Windows to compete with OS/2, so they split, IBM kept OS/2 and Microsoft change OS/2 NT to Windows NT.
The first version of Windows NT (3.1) was release in 1993 and had the same GUI as the normal Windows Operating System, however it was a pure 32 bit OS, but provided the ability to also run older DOS and Windows apps, as well as character mode OS/2 1.3 programs.
Q. How do I install the SYMBOL files?
A. Symbol files are produced by the linker when a program is built, and are used to resolve global variables and function names in an executable.
For more information see Microsoft Knowledge Base article Q148659
A. Windows NT (both the Workstation and Server) is a 32-bit Operating System. It is a preemptive, multi-tasking Operating System, which means that the Operating System controls allocation of CPU time, not the applications, stopping one application from hanging the OS. NT supports multiple CPU's giving true Multi-tasking, using symmetrical multiprocessing, meaning the processors share all tasks, as opposed to asymmetrical multiprocessing, where the OS uses one CPU and the applications another. NT is also a Fault Tolerant Operating System, with each 32bit application operating in its own Virtual Memory address space (4 GigaBytes) which means one application cannot interfere with another's memory space.
Unlike earlier version of Windows (such as Windows for Workgroups and Windows 95), NT is a complete Operating System, and not an addition to DOS.
NT supports different CPU's: Intel x86, IBM PowerPC (Not to be supported for NT5.0) and DEC Alpha.
NT's other main plus is its Security with a special NT file system (NTFS) that allows permissions to be set on a file and directory basis.
A. Originally there were .ini files in Windows, however the problem with .ini files are many, e.g. size limitations, no standard layout, slow access, no network support etc. Windows 3.1 (yes Windows not Windows NT) had a registry which was stored in reg.dat and could be viewed using regedit.exe and was used for DDE, OLE and File Manager integration. In Windows NT the Registry is at the heart of NT and is where nearly all information is stored, and is split into a number of subtrees, each starting with HKEY_ to indicate that it is a handle that can be used by a program.
| HKEY_LOCAL_MACHINE | This contains information about the hardware configuration and installed software. |
| HKEY_CLASSES_ROOT | This is just a link to HKEY_LOCAL_MACHINE\SOFTWARE\Classes and contains links between applications and file types as well as information about OLE. |
| HKEY_CURRENT_CONFIG | Again this is a link to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles\Current and contains information about the current configuration. |
| HKEY_CURRENT_USER | This is a link to HKEY_USERS\<SID of User> and contains information about the currently logged on users such as environment, network connections, printers etc. |
| HKEY_USERS | Contains information about actively loaded user profiles, including .default which is the default user profile. |
Each of the subtrees has a number of keys, which in turn have a number of subkeys. Each key/subkey can have a number of values which has 3 parts
To edit the registry there are two tools available, regedt32.exe and regedit.exe.Regedit.exe has better search facilities, but does not support all of the Windows NT registry value types. If you want to just have a look around the Registry:
Q. What files make up the registry, and where are they?
A. The files that make up the registry are stored in %systemroot%/system32/config directory and consist of
There are also other files with different extensions for some of them
Q. How do I restrict access to the registry editor?
A. Using the registry editor (regedt32.exe)
Q. What is the maximum registry size?
A. The maximum size is 102MB, however it is slightly more complicated than this.
The registry entry that controls the maximum size of the registry is HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\RegistrySizeLimit. By default this entry will not exist so it will need to be created:
The minimum size is 4MB, and if anything less than this is entered in the registry then it will be forced up to 4MB. The maximum is 80% of the paged pool (which has a maximum size of 128MB, hence 102MB which is 80% of 128MB). If no entry is entered then the maximum size is 25% of the paged pool. The paged pool is an area of physical memory used for system data that can be written to disk when not in use.
An important point to note is that the RegistrySizeLimit is a maximum, not an allocation, and so setting a high value will not reserve the space, and it does not guarantee the space will be available.
This can also be configured using the System Control Panel applet, click on the Performance tab and the maximum registry size can be set there. You would then need to reboot.
For more information see Knowledge Base Article Q124594
Q. Should I use REGEDIT.EXE or REGEDT32.EXE?
A. You can use either for NT. REGEDIT does have a few limitations, the largest is that it does not support the full regedit data types such as REG_MULTI_SZ, so if you edit this type of data with REGEDIT it will change its type.
REGEDIT.EXE is based on the Windows95 version and has features that REGEDT32.EXE lacks (such as search). In general REGEDIT.EXE is nicer to work with. REGEDIT.EXE also shows your current position in the registry at the bottom of the window.
Q, How do I restrict access to a remote registry?
A. Access to a remote registry is controlled by the ACL on the key winreg.
It is possible to set up certain keys to be accessible even if the user does not have access by editing the value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurePipeServers\winreg\AllowedPaths\Machine (use regedt32). You can add paths to this list.
See knowledge base article Q153183 at http://www.microsoft.com/kb/articles/q153/1/83.htm
Q. What service packs and fixes are available?
A. See table below. All directories are off of ftp.microsoft.com/bussys/winnt/winnt-public/fixes/usa/nt40. Just click on the file name for a direct FTP link For people in Europe ftp.sunet.se/pub3/vendor/microsoft/bussys/winnt/winnt-public/fixes may provide faster access.
There are also Microsoft BBS numbers where Service Packs can be downloaded from, e.g. for the UK it is 44 1734 270065, however the fixes tend to be a few days later than on the FTP site.
| File Name | Directory | Description (Microsoft Article No.) |
| Sp1_400i.exe | /ussp1/i386 | Service Pack 1 |
| Sp2_400i.exe | /ussp2/i386 | Service Pack 2 (around 14Mb!) |
| Nt4sp3_i.exe | /ussp3/i386 | Service Pack 3 (around 18Mb!) |
Service Pack 1 Hotfixes /hotfixes-postsp1/
| KRNL40I.EXE | /32proc-fix | Q140065 |
| AFD40I.EXE | /afd-fix | Q140059 |
| CDFS40I.EXE | /cdfs-fix | Q142687 |
| NDIS40I.EXE | /mcanet-fix | Q156324 |
| NDIS40I.EXE | /ndis-fix | Q142903 |
| NTBCKUPI.EXE | /NTBackup-fix | Q142671 |
| NTVDM40I.EXE | /ntvdm-fix | Q134126 |
| PCM40_I.EXE | /pcmcia-fix | Q108261 |
| SPX40I.EXE | /spx-fix | Q153665 |
| SYN40I.EXE | /syn-attack | Q142641 |
| NTFS40I.EXE | /toshiba-fix | Q150815 |
| STONE97I.EXE | /winstone97 | Q141375 |
Service Pack 2 Hotfixes /hotfixes-postsp2/
| ALPHA40.EXE | /Alpha-fix | Q156410 |
| DNS40I.EXE | /dns-fix | Q142047, Q162927 |
| IISFIX.EXE | /iis-fix | Q163485, Q164059 |
| KRNL40I.EXE | /krnl-fix | GET THIS. IT WILL FIX THE NT
CRASH WHEN USING A VIRUS KILLER! Q135707, **Q141239** |
| TCP40I.EXE | /oob-fix | Q143478 |
| RAS40I.EXE | /ras-fix | Q161368 |
| RPC40I.EXE | /RPC-fix | Q159176, Q162567 |
| SECFIX_I.EXE | /sec-fix | Q143474 |
| SERIALI.EXE | /serial-fix | Q163333 |
| SETUPDDI.EXE | /setupdd-fix | Q143473 |
| SFMSRVI.EXE | /sfmsrv-fix | Q161644 |
| WTCP40I.EXE | /TCPIP-fix | Q163213 |
Service Pack 3 Hotfixes /hotfixes-postsp3/
| ASPFIX.EXE | /asp-fix | Q165335 |
| DNSFIX_I.EXE | /dns-fix | Q142047 |
| ADMNFIXI.EXE | /getadmin-fix | Q146965 |
| ICMPFIXI.EXE | /icmp-fix | Q154174 |
| IIS-FIXI.EXE | /iis-fix | Q143484 |
| JAVAFIXI.EXE | /java-fix | Q168748 |
| DISBLLMI.EXE | /lm-fix | Q147706 |
| LSA-FIXI.EXE | /lsa-fix | Q154087 |
| NDISFIXI.EXE | /ndis-fix | Q156655 |
| OOBFIX_I.EXE | /oob-fix | Q143478 |
| W32KFIXI.EXE | /dblclick-fix | Q170510 |
| CHARGENI.EXE | /simptcp-fix | Q154460 |
| WINSFIXI.EXE | /winsupd-fix | Q155701 |
| ZIP-FIXI.EXE | /zip-fix | Q154094 |
The file names above are for the Intel platform (hence the ending I), but they may also be available for Alpha and PPC, just substitute the I for a A(Alpha) or P(PPC).
I should note a health warning, "If it ain't broke, don't fix it" and I would tend to agree with this, so unless you have a problem, or require a new feature of a Service Pack think if you really want it. Also if you are going to apply it to a live system, try and test it first, as sometimes a Service Pack will introduce new problems.
Q. What are the Q numbers and how do I look them up?
A. The Q numbers relate to Microsoft Knowledge Base articles and can be viewed at http://www.microsoft.com/kb
Q. How do I install the Service Packs?
A. If you receive the Service Pack by downloading from a Microsoft FTP site, then copy the file to a temporary directory and then just enter the file name (e.g. Sp2_400i.exe). The file will be expanded and among the files created a file called UPDATE.EXE will be created. Just run this file. If there is no UPDATE.EXE, just .sym files you have downloaded the symbols version which is used for debugging NT, download the normal version (see above).
If you receive Service Packs via CD, if you just insert the CD (for SP2 and later) and an Internet Explorer page will be shown and you can just click on install for the Service Pack.
Q. How do I install the Hot fix?
A. Again copy the file to a temporary directory and run the file name. A few files will be created, one called HOTFIX.EXE. Run "HOTFIX /install" which will install the Hot Fix.
The newer Hot fixes (Java fix for Service Pack 3 onwards) you just double click on the downloaded file.
A. Use the command Hotfix /remove. To force the remove using the registry editor (regedt32) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\HOTFIX and delete the entry for the HOTFIX. Then use explorer to goto %SystemRoot%\HOTFIX\HF00?? and copy the backed up files back to their original location.
Q. How do I install Service Pack 3?
A. Before you install Service Pack 3 you must remove Internet Explorer 4.0 preview if installed:
Also before installing SP3 make sure you have an up to date Repair Disk (RDISK /S). To install Service Pack 3 download Nt4sp3_i.exe and follow the instructions below
Q. Emergency Repair Disk issues after installation of Service Pack 3.
A. Due to changes in Service Pack 3 the Emergency Repair Disk process has changed. The file setupdd.sys that is on the 2nd NT installation disk has been superseded by the one supplied with service pack 3. To extract the file from the Service Pack 3 executable, follow the instructions below:
This is discussed in the Service Pack 3 readme file, and also in knowledge base article Q146887.
Q. How do I remove the Java Hotfix for Service Pack 3?
A. Manually unpack the hotfix
javafixi /x
Then type
hotfix -y
And it will remove the hotfix.
This method may become the new standard for hot fixes.
Q. How do I install multiple Hotfixes at the same time?
A. When you extract the files in a hotfix, generally the following will be extracted
The hotfix.exe is the same executable for all the hotfixes, and the hotfix.inf is basically the same, the only difference is the files that are to be copied, e.g. tcpip.sys, and a description of the hotfix. To install multiple hotfixes at the same time all that is needed is to decompress the hotfix files and update the hotfix.inf with the information on which files to copy.
The reason we copied the .inf files is that you can just cut and paste the hotfix specific information to the common hotfix.inf. When you decompressed a hotfix you will see which files were created, you could then search the .inf file for the file name and it would be in two places, the directory it belongs in and the [SourceDisksFiles] section. You could then go to the bottom of the file and cut and paste the HOTFIX_NUMBER and COMMENT and add to the end of HOTFIX.INF.
This is very hard to explain and an example is probably the best way to demonstrate this. Suppose you want to install
The procedure would be as follows
To install just type
hotfix
from the directory created (i.e. hotfix), you will see a dialog copying the files (the ones you have specified in the hotfix.inf file :-) ), and the system will reboot. To see what hotfixes are installed:
For more information have a look at Q166839 at http://www.microsoft.com/kb/articles/q166/8/39.htm
Q. How do I install Hotfixes the same time as I install Service Pack 3 onwards?
A. Update.exe that ships with Service Pack 3 checks for the existance of a hotfix subdirectory, and if in that directory the files hotfix.exe and hotfix.inf are present you are asked when running update.exe if you also want to install the hotfixes.
For more information have a look at Q166839 at http://www.microsoft.com/kb/articles/q166/8/39.htm
Q. When will NT 5.0 be released?
A. NT 5.0 was originally scheduled for release late 1997, but has now been delayed until the second quarter of 1998. Complete Beta's should be available in Summer 1997.
A. NT 5.0 (aka Cairo) is the next major release of NT. It is expected to include the following new features:
Q. How can a FAT partition be converted to an NTFS partition?
A. From the command line enter the command convert d: /fs:ntfs . This command is one way only, and you cannot convert an NTFS partition to FAT. If the FAT partition is the system partition then the conversion will take place on the next reboot.
After the conversion File Permissions are set to Full Control for everyone, where as if you install directly to NTFS the permissions are set on a stricter basis.
Q. How can a NTFS partition be converted to a FAT partition?
A. A simple conversion is not possible, and the only course of action is to backup all the data on the drive, reformat the disk to FAT and then restore your data backup.
Q. How do I run HPFS under NT 4.0?
A. If you want NT support for HPFS, you can upgrade from 3.51 to 4.0 which will retain HPFS support. You can manually install the 3.51 driver under NT 4.0, however this is not support by Microsoft.
%SystemRoot%\system32\drivers
directory.Pinball key in the
editor's left panel and select New Dword from the Edit
menuQ, How do I compress a directory?
A. Follow instructions below (this can only be done on an NTFS partition)
Q. How do I uncompress a directory?
A. Follow the same procedure above, but uncheck the compress box.
Q. Is there an NTFS defragmentation tool available?
A. There are two for NT that I know of, the first is Executive Software which has a product called Disk Keeper Lite which is free, and also Norton Utilities has a defragmentation tool with its NT tool set (which I have never used). The full version of DiskKeeper allows the defragmentation to be done in the background so you don't have to worry about it.
Q. Can I undelete a file in NT?
A. It depends on the file system. NT has no undelete facility, however if the filesystem was FAT then boot into DOS and then use the dos undelete utility. With the NT Resource kit there is a utility called DiskProbe which allows a user to view the data on a disk, which could then be copied to another file. It is possible to search sectors for data using DiskProbe.
A. No. There are rumors that NT 5.0 will support FAT32.
Q. Can you read an NTFS partition from DOS?
A. Not with standard DOS, however there is a product called NTFSDos which enables a user to read from a NTFS partition. The homepage for this utility is http://www.ntinternals.com.
Q. How do you delete a NTFS partition?
A. You can boot off of the three NT installation disks and follow the instructions below:
Usually a NTFS partition can be deleted using FDISK (delete non-DOS partition), however this will not work if the NTFS partition is in the extended partition.
You can delete an NTFS partition using Disk Administrator, by selecting the partition and pressing DEL (as long as it is not the system/boot partition).
There is also a utility called delpart.exe that will delete a NTFS partition from a DOS bootup.
Q. Is it possible to repartition a disk without losing data?
A. There is no standard way in NT, however there is a 3rd party product called Partition Magic which will repartition FAT, NTFS and FAT32, however there is a bug in the product which makes the boot partition unbootable if it is repartitioned. A fix is available for this from their web site
Q. What is the biggest disk NT can use?
A. The simple answer to this question is that NT can view a maximum partition size of 2 terabytes (or 2,199,023,255,552 bytes), however there are limitations that restrict you well below this number.
Both FAT and HPFS have internal limits of 4 GB due to the fact they use 32-bit fields to store file sizes.
NTFS uses 64-bits for all sizes, leading to a max size of..... 16 exabytes!!! (18,446,744,073,709,551,616 bytes), however NT could not handle a volume this big.
For IDE drives, the maximum is 136.9 GB, however for a standard IDE drive this is constrained to 528MB. The new EIDE drives can access much larger sizes.
SCSI 2 has a maximum size of 7 gigabytes.
Q. Can I disable 8.3 name creation on a NTFS?
A. From the key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\FileSystem, change the value NtfsDisable8dot3NameCreation from 0 to 1
Q. How can I stop NT from generating LFN's (Long File Names) on a FAT partition?
A. Using the registry editor change the value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\FileSystem\Win31FileSystem from 0 to 1 and only 8.3 file names will be created.
The reason for not wanting the LFN's to be created is that some 3rd party disk utilities that directly manipulate FAT can destroy the LFN's. Utilities such as SCANDISK and DEFRAG that come with DOS 6.x and above do not harm LFN's.
Q. I can't create any files on the root of a FAT partition.
A. The root of a FAT drive has a coded limit of 512 entries, so if you have exceeded this you will not be able to create any more files. I don't have this many! Remember Long File Names take up more than one entry, see the next FAQ for more information, so if you have many LFN's on the root this will drastically reduce the number of files you can have.
A. Long File Names are stored using a series of linked directory entries. A LFN will use one directory entry for its alias (the alias is the 8.3 name automatically generated), and a hidden secondary directory entry for every 13 characters in its name, so if you had a 200 character long file name, this would use 17 entries!
The alias is generated using the first six characters of the
LFN, then a ~ and a number for the first 4 versions of a files
with the same first six characters, e.g. for the file
john savills file.txt
the names generated would be johnsa~1.txt, johnsa~2 etc.
After the first 4 version of a file, only the first two characters of the file name are used, and the last 6 are generated, e.g. jo0E38~1.txt
Q. How do I change access permissions on a directory?
A. You can only set access permissions on an NTFS volume. Follow the instructions below:
Q. How can I change access permissions from the command line?
A. A utility called CACLS.EXE comes as
standard with NT, and can be used from the command prompt. Read
the help with the CACLS.EXE program (cacls /?). To give user john
read access to a directory called files enter:
CACLS files /e /p john:r
/e is used to edit the ACL instead of replacing it, therefore
other permissions on the directory will be kept. /p sets
permission for user:<permission>
Q. I have a CHKDSK scheduled to start next reboot, but I want to stop it.
A. If the command chkdsk /f /r (find bad sectors, recover information from bad sectors and fix errors on the disk) is run, on the next reboot the check disk is scheduled, however you may want to cancel this check disk. To do this perform the following:
Q. My NTFS drive is corrupt, how do I recover?
A. To restore an NTFS drive using the information below, it must have been created using Windows NT 4.0, if it was not created using NT 4.0 you should see Knowledge base article Q121517. To restore an NTFS partition you must locate the spare copy of the boot sector and copy it to the correct position on the drive. You need the NTdiskedit utility (you can also use Disk Probe that comes with the resource kit) which is available from Microsoft Support Services.
Q. How can I delete a file without it going to the recycle bin?
A. When you delete the file, hold down the shift key.
Q. How can I change the serial number of a disk?
A. The serial number is located in the boot sector for a volume. For FAT drives its 4 bytes starting at offset 0x27; for NTFS drives its 8 bytes starting at offset 0x48. You'll need a sector-level editor to modify the number (like the Resource Kit's Diskprobe).
Q. How can I backup the Master Boot Record?
A. The Master boot record on the hard disk used to start the computer (the system partition) is the most critical sector so make sure this is the sector you backup. The boot partition is also very important (where %systemroot% resides). You need the DiskProbe utility that comes with the Resource Kit.
Q. How do I restore the Master Boot Record?
A. Follow the instructions below, however be very careful!!!
Q. What CD-ROM file systems can NT read?
A. NT's primary file system is CDFS a read only file system, however it can read any file system that is ISO9660 compliant.
Q. How do I disable 8.3 name creation on VFAT?
A. Start the registry editor (regedit.exe) and set the value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\FileSystem\Win95TruncatedExtensions to 0.
Q. How do I create a Volume Set?
A. A volume set allows you to take all the unused space on one or more drives (up to 32 drives per volume set) and combine it into a single, large, system recognizable drive. To create a volume set:
The main problem with volume sets is that if one drive in the volume set fails, the entire volume set becomes unavailable.
Q. How do I extend a Volume Set?
A. Extending a volume set is very simple, however a reboot will be required
The reboot will take longer than normal as the new area added has to be formatted to the same file system as the rest of the volume set.
Note: Only NTFS Volume Sets can be extended.
Q. How do I delete a Volume Set?
A. When you delete a volume set all the data stored will be lost. To delete a volume set:
Q. What is the maximum number of characters a file can be?
A. This depends on if the file is being created on a FAT or NTFS partition. The maximum file length on a NTFS partition is 256 characters, and 11 characters on FAT (8 character name, . , 3 character extension). NTFS filenames keep their case, whereas FAT filenames have no concept of case (however the case is ignored when performing a search etc on NTFS). There is the new VFAT which also has 256 character filenames.
NTFS filenames can contain any characters, including spaces, uppercase/lowercase except for the following
" * : / \ ? < > |
which are reserved for NT, however the file name must start with a letter or number.
VFAT filenames can also contain any characters except for the following
/ \ : | = ? " ; [ ] , ^
and once again the file name must start with a letter or number.
NTFS and VFAT also creates a 8.3 format file name, see Q. How to LFN's work?
Q. How can I stop chkdsk at boot time from checking volume x?
A. When NT boots it performs a check on all volumes to see if the dirty bit is set, and if it is a full chkdsk /f is run. To stop NT performing this dirty bit check you can exclude certain drives. The reason you may want to do this is for some type of removable drive, e.g. Iomega drives:
Where x is the drive letter, e.g. if you wanted to stop the check on drive f: you would type autocheck autochk /k:f *. To stop the check on multiple volumes just enter the drive names one after another, e.g. to stop the check on e: and g: autocheck autochk /k:eg *, you do not retype the /k each time.
If you are using NT 4.0 with Service Pack 2 or above, you can also use the CHKNTFS.EXE command which is also used to exclude drives from the check and updates the registry for you. The usage to disable a drive is
chkntfs /x <drive letter>:
e.g. chkntfs /x f: would exclude the check of drive f:
To set the system back to checking all drives just type
chkntfs /d
Q. How can I compress files/directories from the command line?
A. A utility is supplied with the resource kit called compress.exe which can be used to view and change the compression characteristics of a file/directory.
Q. What protections can be set on files/directories on a NTFS partition?
A. When you right click on a file in Explorer and select properties (or select Properties from the File menu) you are presented with a dialog box telling you information such as size, ownership etc. If the file/directory is on a NTFS partition there will be a security tab, and within that dialog, a permissions button. If you press that button you can grant access to users/groups on the resource at various levels.
There are six basic permissions
These can be assigned to a resource, however they are grouped for ease of use
The permissions above can all be set on a directory, however this list is limited for a file, and permissions that can be set are only No Access, Read, Change and Full Control.
Another permission exists called "Special Access" (on a directory there will be two, one file files, one for directories), and from this you can set which of the basic permissions should be assigned.
Q. How can I take ownership of files?
A. Sometimes you may want to take ownership of files/directories, usually as someone has removed all access on a resource and can't see it. You would log on as the Administrator and take ownership. You cannot give ownership to someone else, only take ownership.
Q. What is Distributed File System?
A. Distributed File System (or Dfs) is a new tool for NT server that was not completed in time for inclusion as part of NT 4.0, but is now available for download. It basically allows Administrators to simulate a single server share environment that actually exists over several servers, basically a link to a share on another server that looks like a subdirectory of the main server.
This allows a single view for all of the shares on your network, which could then simplify your backup procedures as you would just backup the root share, and Dfs would take care of actually gathering all the information from the other servers across the network.
You so not have to have a single tree (Dfs directory structures are called trees), but rather could have a separate tree for different purposes, i.e. one for each department, but that could have exactly the same structure (sales, info. etc).
For more information on DFS see http://www.microsoft.com/ntserver/dfs/dfsintro.htm
A. Dfs is available for download from Microsoft http://www.microsoft.com/ntserver/info/dfsdl.htm . Follow the instructions at the site and fill in the form about your site. The file you want for the I386 platform is dfs-v40-i386.exe.
Once downloaded just double click on the file, and agree to the license. It will then install files to your drive which you need to install.
A. Follow the instructions below, you must have first downloaded and expanded the file dfs-v40-i386.exe:
Q. How do I create a new folder as part of the Dfs?
A. Once Dfs is installed a new application, the Dfs Administrator, is created in the Administrative Tools folder. This app should be used to manage Dfs. To add a new area as part of the Dfs tree follow the procedures below:
A. Follow the procedure below:
A. The easiest way is to install TWEAKUI, and goto the Network Tab and just fill in the boxes. It can be done manually through the registry by following the instructions below:
The instructions above should only be done by someone who is happy with using the registry editor.
It is also possible using a program called autolog.exe that comes with the resource kit. Just run the executable and you will be able to fill in the information.
To logon as a different user you need to hold down the shift key as you logoff.
Q. How do I disable AutoLogon?
A. Again use TWEAKUI, or in REGEDIT set AutoAdminLogon to 0, and clear the DefaultPassword
Q. How do I add a warning Logon message?
A. You need to use the registry editor
This can also be done via the policy editor (poledit.exe)
Alternatively, a text message can be displayed by creating the key LogonPrompt in HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Winlogon
Q. How do I change Domain Names?
A. This is not so much a procedure but things to think about.
Q. How do I move a Workstation to another Domain?
A. Logon to the Workstation locally as Administrator (i.e. name of machine) and goto Control Panel. Double click Network and click change. Enter the new Domain name an