Windows
2000 Tips Page 3
Tips
pg1 Tips pg2 Tips pg4
Remove
W2000:
Pop in a blank floppy disk, go to a command prompt in Win98 and
type
format a: /s /q (means quick format with system), then copy c:\windows\command\sys.com
a:
reboot off floppy and from the A:> prompt,
type: sys c: and reboot into Win98 since theres no menu and
del d:\winnt, d:\program files, d:\Documents and suggest after
reboot, make sure everythings gone like, ntldr, boot.ini, pagefile.sys,
ntdetect, and any other win2000 files left behind. OR format the
partition if it's running a different one.
You're Done......
---------
Here's how to Use Network Connection Wizard
to Transfer Data in Win2000 to move files and folders to a new
machine with ease:
Open the Networking and Dial-up Connections folder in Control
Panel.
Double-click Make New Connection to start the Network Connection
Wizard, then click Next.
On the Network Connection Type page, click Connect directly to
another computer, then click Next.
Complete the wizard to specify the role of your computer, Host
or Guest, and the connection device (infrared, serial, or parallel
port) page, who may use the connection, and the name of the connection.
--------
ATI Technologies Inc. has recently updated its Win2000 section
providing information on which drivers are included in the final
Win2000 CD and which drivers will be supported. "Display drivers
are provided on the Win2000 release CD for products based on the
Rage 128, Rage XL, Rage XC, Rage Pro, Rage LT Pro, Rage IIC, Rage
II/II+ and Mach64 VT."
-------
Installed a driver that doesn’t work right
and want to remove it? You have to go into Safe Mode, then
change settings or remove newly installed software that may be
causing problems. Safe Mode Boot uses default settings for mouse,
keyboard, monitor, storage, and other media that can get the machine
to a functional state. You can also choose Step-by-Step Configuration
Mode so that you can choose the drivers and files for startup.
As with NT 4, you still have the Last Known Good Config as an
option for backing-out changes.
--------
MSINFO has been incorporated into the Win2000 Computer Management
console. If you right-click the My Computer icon, select Manage,
then System Tools, you’ll see System Information in the list of
tools. Expand the items under System Information, and you’ll recognize
the sections you’ve accustomed to seeing.
-------
Get ride of that annoying log-on screen:
Fire Up reggie and go to the registry key;
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
AutoAdminLogon.
0 prompts for password,
1 bypasses it.
-------
Something went wrong:
The Recovery Console address repairing Win2000 installations.
In fact, the Recovery Console can help administrators with NTFS,
FAT and FAT32 systems. The console can be run from text-mode Setup
using the Win 2000 CD or Boot floppies or choose the Repair option
from the Welcome screen. For greater ease of use, it can be configured
as an entry on a boot.ini by running WINNT32/CMDCONS. For security
reasons, users must log on to the Win2000 installation they want
to access. Files cannot be copied from the system to a floppy
or other form of removable media. Once users are logged into the
console, they can type "Help" to obtain a list of commands. The
commands provided include: FixMBR, Fdisk, Format, Copy, Del/Delete,
Dir, Type, and Enable/DisableService.
-------
Q. Where are the Dr Watson logs in Windows
2000?
Win2000 includes a new ver 5 of Dr Watson named (DRWTSN32.EXE)
of which has now relocated the log and user dump location to the
%systemdrive%\Documents and Settings\All Users\Documents\DrWatson.
To chg it;
Fire Up (regedit.exe)
Move to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DrWatson
From the Edit menu select New then String Value
Enter a name of CrashDumpFile if you want to set the crash dump
file name
and location or LogFilePath to set the location of the log file
Press Enter
Double click the new value and set to the required location/file
name
Click OK
Close the registry editor
-----
The upgrade paths you can perform:
Windows NT Workstation "TO" Windows 2000 Professional
Windows NT Server "TO" Windows 2000 Server, Advanced Server, Datacenter
Windows 2000 Advanced Server "TO" Windows 2000 Datacenter
You cann't perform the following upgrades:
Windows NT Workstation "TO" Windows 2000 Server, Advanced Server,
Datacenter
Windows 2000 Professional "TO" Windows 2000 Server, Advanced Server,
Datacenter
Windows 2000 Server "TO" Windows 2000 Advanced Server, Windows
2000 Datacenter
------
If you get Da blue screen of death/SYSTEM_LICENSE_VIOLATION, stop
hacking around in the reggie --- ok.
If you are not changing keys and still get this crash, check any
programs
you might have running which may be trying to modify keys!
-----
TIP: In Windows NT 4, if you log
on and no domain controller can be found, you are logged on using
cached information -- assuming you have previously logged onto
the machine. You are given a warning "A domain controller could
not be contacted and you have been logged on using cached information".
This warning can be enabled in Win2000 by doing the following
on each computer:
Start the registry editor (Regedit.exe)
Move to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
NT\CurrentVersion\Winlogon
From the Edit menu select New - String Value
Enter a name of ReportControllerMissing and press Enter
Double click the new value and set to TRUE (uppercase)
Click OK
Now for each user who you wish to have controller
missing message displayed do the following;
Start (Regedit.exe)
Move to HKEY_CURRENT_USER\Software\Microsoft\Windows
NT\CurrentVersion\Winlogon
From the Edit menu select New - DWORD Value
Enter a name of ReportDC and press Enter
Double click the new value and set to 1
Click OK
You might want to automate this via a logon script or via a policy
template.
-------
A quickie to speed your Win2000 up;
Many document based programs "like Office" may add options to
the New context menu. This can slow down the system since IE 4
has to generate/fetch the icons for each of the documents. To
remove items from this new context menu;
Identify the file extension for the context menu item; ex; the
"obd" for Microsoft Office Binder (if you are unsure of the extension
just create a
document of the type then check the extension).
Start the registry editor (Regedit.exe)
Move to HKEY_CLASSES_ROOT\.<extension>, e.g.HKEY_CLASSES_ROOT\.obd
Delete or rename the ShellNew key. It may not always be at the
root of
the key, example -- you might have to go to
HKEY_CLASSES_ROOT\.obd\Office.Binder.9\ShellNew.
Close the registry editor
DONE !!!
-----
A interesting Tip from a MAC user, to move an Outlook Personal
Address Book on a Mac to a PC? This can be done by having the
user create a message and address it to all the members of their
Personal Address Book. DO NOT SEND THE MESSAGE.
Close the message and save it to the Inbox.
When the user connects to their mailbox the PC will have them
open the message and then right click on the addresses of the
message and add them to
the contacts. This only works for single addresses and will not
work for
personal DLs.
------
Many utilities used to administer an NT 4 domain do not come with
Win2000 or work in a different way, however you could copy the
NT 4 administration utilities to a Win2000 puter and administer
the it with no adverse effects.
locate "Can I administer my domain from an NT Workstation?" it
gives you a quick way to install the tools.
------
Security Mailing lists and what to do because Hackers like to
keep up to date with all the info too.
Da two most popular mailing lists for NT security.
Go to http://xforce.iss.net/maillists/ for more information on
security lists and how to join them.
(A) =NTBugtraq
For the discussion of security exploits and security bugs in Windows
NT and its related applications. To join, send e-mail to;
listserv@listserv.ntbugtraq.com
and in the text of your message (not the subject line), type:
subscribe ntbugtraq
To remove yourself, send e-mail to listserv@listserv.ntbugtraq.com
and in the text of your message (not the subject line), type:
unsubscribe ntbugtraq
(B) =NT Security
To join, send e-mail to majordomo@iss.net and in the text of your
message
(not the subject line), type:
subscribe ntsecurity
To remove, send e-mail to majordomo@iss.net and, in the text of
your message
(not the subject line), type:
unsubscribe ntsecurity
NT Security Mailing List is a moderated mailing list for Win NT
security as well as Win 95 and Windows For Work Group.
Other popular security related mailing lists:
GENERAL SECURITY MAILING LISTS
Alert
Best of Security
Bugtraq
COAST Security Archive
Computer Privacy Digest (CPD)
Computer Underground Digest (CuD)
Cypherpunks
Cypherpunks-Announce
European Firewalls
Firewalls
Intruder Detection Systems Infsec-L
NTBugtraq
NT Security
Phrack
PRIVACY Forum
Risks
SAS (French Speaking Firewalls)
S-HTTP
Sneakers
Secure Socket Layer - Talk
UNINFSEC - University Info Security Forum
Virus
Virus Alert
WWW Security
SECURITY PRODUCTS
SOS Freestone Firewall package
Tiger
TIS Firewallk Toolkit
VENDORS AND ORGANISATIONS
CERT
CIAC
HP
Sun
------
What's "Scopy" from NT 4.0 resource kit;
It's a utility that enables files/folders BUT isn't supplied in
the Win2000 Resource Kit but its functionality has been packaged
into the XCOPY utility.
/X copies the audit settings (as /a in SCOPY)
/O copies ACL information (same as SCOPY)
/S copies subdirectories (same as SCOPY)
-------
Da "linkd" utility supplied with the Win2000 Resource Kit is used
to create directory junctions which are explained in 'What are
directory junctions?'.
System Internals have written a clone of linkd.exe called "junction"
which has some additional functions and can be downloaded from;
http://www.sysinternals.com/misc.htm#junction
------
Da Win 2000 Resource Kit has the GPOLMIG.EXE utility which can
convert a NT 4.0 system policy ".pol file" to a Windows 2000 group
policy object;
Just enter
C:\> gpolmig /?
The example syntax to migrate a system policy for the user policy
would be:
C:\> gpolmig c:\temp\ntconfig.pol /migrate user user1
{00000000-0000-0000-0000-000000000000}User
------
Some SMTP hosts do a reverse Domain Name Service (DNS) lookup
for security reasons when an SMTP connection is established. If
the reverse lookup fails to resolve properly, it should drop the
connection. To "STOP" this crap;
Fire Up (Regedit.exe)
Move to HKEY_LOCAL_MACHINE\System|CurrentControlSet\Services\MSExchangeIMC
\Parameters\
Double click on DisableReverseResolve (or create of type DWORD
if not there)
Set the type to binary and enter 1. Click OK
Close the registry editor
-------
You can share a printer and have the option to list it in the
Active
Directory which will enable users to search for it and find printers
nearest
to their location so do this;
Right click on the printer you wish to list in the Active Directory
and
select Properties
Select the 'Sharing' tab
Check the 'List in the Directory' box
Select the General tab and enter details of location for the printer
Click Apply then OK
------
Windows 2000 adds support for network place
accessed via the "My Network Places" branch of the Desktop so
-- to do it;
Start Explorer
Select My Network Places
Double click on the 'Add Network Place' wizard
When asked for the location to point to, for example \\warez\c$
for
the C drive of machine warez.
Click Next
You will then be asked for a description for the new network place,
ex; "C
drive on warez", click Finish
The new network is now listed
The places are actually stored under your user profile in the
folder
c:\documents and settings\<user name>\NetHood as folder
shortcuts.
------
Chklnks.exe from the Windows 2000 resource kit will also run on
NT 4.
-------
MS just released an Alpha release of IP version 6 from;
http://research.microsoft.com/msripv6/
It's for W2k and not for W9x and is cool as it run's along the
side of IP4 unaffected.
-------
Q. I'm unable to upgrade Windows 9x to Windows 2000 in a dual
boot
environment.
A. Microsoft does not support the upgrade of Windows 9x to Windows
2000 in
a dual boot environment. The problem seems to occur if Windows
2000 is
already installed on another partition. You may get the errors:
Windows 2000 Setup does not support upgrading from Windows if
you have
multiple operating systems installed. Setup will now exit.
or
Other Operating Systems Found
You cannot upgrade this Windows installation to Windows 2000,
because you
have more than one operating system installed on your computer.
Upgrading
one operating system can cause problems with files shared by the
other
operating system, and is therefore not permitted.
To official solution is to uninstall the other Windows 2000 installation
and remove the files ntldr, ntdetect.com and boot.ini from the
system
partition (c:\). You can try to just delete those files and leave
your
other installation intact and once the Win9x upgrade is complete
modify
boot.ini to include a link to the existing Windows 2000 installation.
Help
Menu