Windows 2000 introduced many of the new features of
Windows 98 and 98 SE into the NT line, such as the
Windows Desktop Update,
3DNow!,
SSE and
SSE2 support,
Windows Driver Model,
Internet Connection Sharing, etc. Certain new features are common across all editions of Windows 2000, among them NTFS 3.0,
UDF support, the
Encrypting File System (EFS),
Logical Disk Manager, Image Color Management 2.0, support for
PostScript 3-based printers,), the
Data protection API (DPAPI), an
LDAP/
Active Directory-enabled
Address Book, usability enhancements and multi-language and locale support. Windows 2000 also introduced
USB device class drivers for USB printers,
Mass storage class devices, and improved FireWire
SBP-2 support for printers and scanners, along with a
Safe removal applet for removable storage devices. Windows 2000 SP4 added native
USB 2.0 support,
Wireless Zero Configuration support and
SSE3 support. Windows 2000 is also the first Windows version to support
hibernation at the operating system level (OS-controlled
ACPI S4 sleep state) unlike Windows 98 which required special drivers from the hardware manufacturer or driver developer. A new capability designed to protect critical system files called
Windows File Protection was introduced. This protects critical Windows system files by preventing programs other than Microsoft's operating system update mechanisms such as the
Package Installer,
Windows Installer and other update components from modifying them. The
System File Checker utility provides users the ability to perform a manual scan of the integrity of all protected system files, and optionally repair them, either by restoring from a cache stored in a separate "DLLCACHE" directory, or from the original install media. Microsoft recognized that a serious error (a
Blue screen of death or stop error) could cause problems for servers that needed to be constantly running and so provided a system setting that would allow the server to automatically reboot when a stop error occurred. Also included is an option to
dump any of the first 64
KB of memory to disk (the smallest amount of memory that is useful for
debugging purposes, also known as a minidump), a dump of only the kernel's memory, or a dump of the entire contents of memory to disk, as well as write that this event happened to the Windows 2000
event log. Windows 2000 also introduced core system administration and management features, such as the
Windows Installer,
Windows Management Instrumentation and Event Tracing for Windows (ETW) into the operating system.
Plug and Play and hardware support improvements The most notable improvement from
Windows NT 4.0 is the addition of Plug and Play with full
ACPI and
Windows Driver Model support. Similar to
Windows 9x, Windows 2000 supports automatic recognition of installed hardware, hardware resource allocation, loading of appropriate drivers, PnP APIs and device notification events. The addition of the kernel PnP Manager along with the Power Manager are two significant subsystems added in Windows 2000. Windows 2000 introduced version 3 print drivers (user mode printer drivers) based on
Unidrv, which made it easier for printer manufacturers to write device drivers for printers. Generic support for 5-button mice is also included as standard and installing
IntelliPoint allows reassigning the programmable buttons. Windows 98 lacked generic support.
Driver Verifier was introduced to stress test and catch device driver bugs.
Shell Windows 2000 introduces layered windows that allow for transparency, translucency and various transition effects like shadows, gradient fills and alpha-blended GUI elements to top-level windows. Menus support a new
Fade transition effect. : "Web-style" folders, media preview and customizable toolbars The
Start menu in Windows 2000 introduces
personalized menus, expandable
special folders and the ability to launch multiple programs without closing the menu by holding down the SHIFT key. A
Re-sort button forces the entire Start Menu to be sorted by name. The
Taskbar introduces support for balloon notifications which can also be used by application developers. Windows 2000 Explorer introduces customizable Windows Explorer toolbars, auto-complete in Windows Explorer address bar and Run box, advanced file type association features, displaying comments in shortcuts as tooltips, extensible columns in Details view (IColumnProvider interface), icon overlays, integrated search pane in Windows Explorer, sort by name function for menus, and
Places bar in common dialogs for
Open and
Save.
Windows Explorer has been enhanced in several ways in Windows 2000. It is the first
Windows NT release to include
Active Desktop, first introduced as a part of
Internet Explorer 4.0 (specifically
Windows Desktop Update), and only pre-installed in
Windows 98 by that time. It allowed users to customize the way folders look and behave by using
HTML templates, having the
file extension HTT. This feature was abused by
computer viruses that employed malicious scripts,
Java applets, or
ActiveX controls in folder template files as their infection vector. Two such viruses are VBS/Roor-C and VBS.Redlof.a. The "Web-style" folders view, with the left Explorer pane displaying details for the object currently selected, is turned on by default in Windows 2000. For certain file types, such as pictures and media files, the preview is also displayed in the left pane. Until the dedicated interactive preview pane appeared in
Windows Vista, Windows 2000 had been the only Windows release to feature an interactive media player as the previewer for sound and video files, enabled by default. However, such a previewer can be enabled in previous versions of Windows with the
Windows Desktop Update installed through the use of folder customization templates. The default file tooltip displays file title, author, subject and comments; this metadata may be read from a special
NTFS stream, if the file is on an NTFS volume, or from an OLE
structured storage stream, if the file is a structured storage document. All
Microsoft Office documents since Office 4.0 make use of structured storage, so their metadata is displayable in the Windows 2000 Explorer default
tooltip.
File shortcuts can also store comments which are displayed as a tooltip when the mouse hovers over the shortcut. The shell introduces extensibility support through metadata handlers, icon overlay handlers and column handlers in Explorer
Details view. The right pane of Windows 2000 Explorer, which usually just lists files and folders, can also be customized. For example, the contents of the system folders aren't displayed by default, instead showing in the right pane a warning to the user that modifying the contents of the system folders could harm their computer. It's possible to define additional Explorer panes by using
DIV elements in folder template files. The new DHTML-based search pane is integrated into Windows 2000 Explorer, unlike the separate search dialog found in all previous Explorer versions. The
Indexing Service has also been integrated into the operating system and the search pane built into Explorer allows searching files indexed by its database.
NTFS 3.0 Microsoft released the version 3.0 of NTFS Reparse points allow the
object manager to reset a file namespace lookup and let file system drivers implement changed functionality in a transparent manner. Reparse points are used to implement
volume mount points,
junctions,
Hierarchical Storage Management, Native
Structured Storage and
Single Instance Storage.
Encrypting File System The Encrypting File System (EFS) introduced strong
file system-level
encryption to Windows. It allows any folder or drive on an NTFS volume to be encrypted transparently by the user. EFS works by encrypting a file with a bulk
symmetric key (also known as the File Encryption Key, or FEK), which is used because it takes less time to encrypt and decrypt large amounts of data than if an
asymmetric key cipher were used. For a user losing access to their key, support for recovery agents that can decrypt files is built into EFS. A Recovery Agent is a user who is authorized by a public key recovery certificate to decrypt files belonging to other users using a special
private key. By default, local administrators are
recovery agents however they can be customized using
Group Policy.
Basic and dynamic disk storage Windows 2000 introduced the
Logical Disk Manager and the
diskpart command line tool for
dynamic storage. Additionally, Windows 2000 introduced the following new accessibility features: •
On-screen keyboard: displays a
virtual keyboard on the screen and allows users to press its keys using a
mouse or a
joystick. •
Microsoft Narrator: introduced in Windows 2000, this is a
screen reader that utilizes the
Speech API 4, which would later be updated to Speech API 5 in
Windows XP • Utility Manager: an application designed to start, stop, and manage when accessibility features start. This was eventually replaced by the
Ease of Access Center in
Windows Vista. • Accessibility Wizard: a control panel applet that helps users set up their computer for people with disabilities.
Languages and locales Windows 2000 introduced the
Multilingual User Interface (MUI). It also has support for many different locales.
Games Windows 2000 included version 7.0 of the
DirectX, commonly used by
game developers on
Windows 98. The last version of DirectX that was released for Windows 2000 was DirectX 9.0c (Shader Model 3.0), which shipped with Windows XP Service Pack 2. Microsoft published quarterly updates to DirectX 9.0c through the February 2010 release after which support was dropped in the June 2010 SDK. These updates contain bug fixes to the core runtime and some additional libraries such as
D3DX,
XAudio 2,
XInput and
Managed DirectX components. The majority of games written for versions of DirectX 9.0c (up to the February 2010 release) therefore run on Windows 2000. Windows 2000 included the same games as
Windows NT 4.0 did:
FreeCell,
Minesweeper,
Pinball, and
Solitaire.
System utilities in progress. Windows 2000 introduced the
Microsoft Management Console (MMC), which is used to create, save, and open administrative tools. The main tools that come with Windows 2000 can be found in the
Computer Management console (in Administrative Tools in the Control Panel). This contains the
Event Viewer—a means of viewing system or application-related events and the Windows equivalent of a
log file, a system information utility,
a backup utility,
Task Scheduler and management consoles to view open shared folders and shared folder sessions, configure and manage
COM+ applications, configure
Group Policy, manage all the local users and user groups, and a
device manager. It contains
Disk Management and
Removable Storage snap-ins, a
disk defragmenter as well as a performance diagnostic console, which displays graphs of system performance and configures data logs and alerts. It also contains a
service configuration console, which allows users to view all installed services and to stop and start them, as well as configure what those services should do when the computer starts.
CHKDSK has significant performance improvements. Windows 2000 comes with two utilities to edit the
Windows registry,
REGEDIT.EXE and
REGEDT32.EXE. REGEDIT has been directly ported from
Windows 98, and therefore does not support editing registry permissions.
Recovery Console The
Recovery Console is run from outside the installed copy of Windows to perform maintenance tasks that can neither be run from within it nor feasibly be run from another computer or copy of Windows 2000. It is usually used to recover the system from problems that cause booting to fail, which would render other tools useless, like Safe Mode or Last Known Good Configuration, or
chkdsk. It includes commands like
fixmbr, which are not present in MS-DOS. It has a simple
command-line interface, used to check and repair the hard drive(s), repair boot information (including
NTLDR), replace corrupted system files with fresh copies from the CD, or enable/disable services and drivers for the next boot. The console can be accessed in either of the two ways: • Booting from the Windows 2000 CD, and choosing to start the Recovery Console from the CD itself instead of continuing with setup. The Recovery Console is accessible as long as the installation CD is available. • Preinstalling the Recovery Console on the hard disk as a startup option in
Boot.ini, via WinNT32.exe, with the /cmdcons switch. In this case, it can only be started as long as
NTLDR can boot from the
system partition.
Windows Scripting Host 2.0 Windows 2000 introduced Windows Script Host 2.0 which included an expanded object model and support for logon and logoff scripts.
Networking • Starting with Windows 2000, the
Server Message Block (SMB) protocol directly interfaces with
TCP/IP. In Windows NT 4.0, SMB requires the
NetBIOS over TCP/IP (NBT) protocol to work on a TCP/IP network. • Windows 2000 introduces a client-side DNS caching service. When the Windows DNS resolver receives a query response, the DNS resource record is added to a cache. When it queries the same resource record name again and it is found in the cache, then the resolver does not query the DNS server. This speeds up DNS query time and reduces network traffic.
Server family features The Windows 2000 Server family consists of Windows 2000 Server, Windows 2000 Advanced Server, Windows 2000 Small Business Server, and Windows 2000 Datacenter Server. All editions of Windows 2000 Server have the following services and features built in: •
Routing and Remote Access Service (RRAS) support, facilitating
dial-up and
VPN connections using
IPsec,
L2TP or
L2TP/IPsec, support for
RADIUS authentication in
Internet Authentication Service, network connection sharing,
Network Address Translation,
unicast and
multicast routing schemes. • Remote access security features: Remote Access Policies for setup, verify Caller ID (IP address for VPNs), callback and Remote access account lockout • Autodial by location feature using the
Remote Access Auto Connection Manager service •
Extensible Authentication Protocol support in
IAS (EAP-MD5 and EAP-TLS) later upgraded to PEAPv0/EAP-MSCHAPv2 and PEAP-EAP-TLS in Windows 2000 SP4 •
DNS server, including support for
Dynamic DNS.
Active Directory relies heavily on DNS. •
IPsec support and TCP/IP filtering •
Smart card support • Microsoft Connection Manager Administration Kit (CMAK) and Connection Point Services • Support for
distributed file systems (DFS) •
Hierarchical Storage Management support including remote storage, a service that runs with
NTFS and automatically transfers files that are not used for some time to less expensive storage media •
Fault tolerant volumes, namely
Mirrored and
RAID-5 •
Group Policy (part of
Active Directory) •
IntelliMirror, a collection of technologies for fine-grained
management of Windows 2000 Professional clients that duplicates users' data, applications, files, and settings in a centralized location on the network. IntelliMirror employs technologies such as
Group Policy,
Windows Installer,
Roaming profiles,
Folder Redirection,
Offline Files (also known as
Client Side Caching or CSC),
File Replication Service (FRS), Remote Installation Services (RIS) to address desktop management scenarios such as user data management, user settings management, software installation and maintenance. •
COM+,
Microsoft Transaction Server and
Distributed Transaction Coordinator •
MSMQ 2.0 •
TAPI 3.0 •
Integrated Windows Authentication (including
Kerberos, Secure channel and
SPNEGO (Negotiate) SSP packages for
Security Support Provider Interface (SSPI)). •
MS-CHAP v2 protocol •
Public Key Infrastructure (PKI) and
Enterprise Certificate Authority support •
Terminal Services and support for the
Remote Desktop Protocol (RDP) •
Internet Information Services (IIS) 5.0 and
Windows Media Services 4.1 • Network
quality of service features • A new
Windows Time service which is an implementation of
Simple Network Time Protocol (SNTP) as detailed in IETF . The Windows Time service synchronizes the date and time of computers in a domain running on Windows 2000 Server or later. Windows 2000 Professional includes an SNTP client. The Server editions include more features and components, including the Microsoft Distributed File System (DFS), Active Directory support and fault-tolerant storage.
Distributed File System The Distributed File System (DFS) allows
shares in multiple different locations to be logically grouped under one folder, or
DFS root. When users try to access a
network share off the DFS root, the user is really looking at a
DFS link and the DFS server transparently redirects them to the correct
file server and share. A DFS root can only exist on a Windows 2000 version that is part of the server family, and only one DFS root can exist on that server. There can be two ways of implementing a DFS namespace on Windows 2000: either through a standalone DFS root or a domain-based DFS root. Standalone DFS allows for only DFS roots on the local computer, and thus does not use Active Directory. Domain-based DFS roots exist within Active Directory and can have their information distributed to other
domain controllers within the domain – this provides
fault tolerance to DFS. DFS roots that exist on a domain must be hosted on a domain controller or on a domain member server. The file and root information is replicated via the Microsoft
File Replication Service (FRS).
Active Directory A new way of organizing
Windows network domains, or groups of resources, called Active Directory, is introduced with Windows 2000 to replace Windows NT's earlier domain model. Active Directory's hierarchical nature allowed administrators a built-in way to manage user and computer policies and user accounts, and to automatically deploy programs and updates with a greater degree of scalability and centralization than provided in previous Windows versions. User information stored in Active Directory also provided a convenient phone book-like function to end users. Active Directory domains can vary from small installations with a few hundred objects, to large installations with millions. Active Directory can organise and link groups of domains into a contiguous
domain name space to form
trees. Groups of trees outside of the same namespace can be linked together to form
forests. Active Directory services could always be installed on a Windows 2000 Server Standard, Advanced, or Datacenter computer, and cannot be installed on a Windows 2000 Professional computer. However, Windows 2000 Professional is the first client operating system able to exploit Active Directory's new features. As part of an organization's migration, Windows NT clients continued to function until all clients were upgraded to Windows 2000 Professional, at which point the Active Directory domain could be switched to
native mode and maximum functionality achieved. Active Directory requires a DNS server that supports
SRV resource records, or that an organization's existing DNS infrastructure be upgraded to support this. There should be one or more
domain controllers to hold the Active Directory database and provide Active Directory
directory services.
Volume fault tolerance Along with support for simple, spanned and striped volumes, the Windows 2000 Server family also supports fault-tolerant volume types. The types supported are
mirrored volumes and
RAID-5 volumes: • Mirrored volumes
: the volume contains several disks, and when data is written to one it is also written to the other disks. This means that if one disk fails, the data can be totally recovered from the other disk. Mirrored volumes are also known as
RAID-1. • RAID-5 volumes
: a
RAID-5 volume consists of multiple disks, and it uses
block-level striping with parity data distributed across all member disks. Should a disk fail in the array, the parity blocks from the surviving disks are combined mathematically with the data blocks from the surviving disks to reconstruct the data on the failed drive "on-the-fly." == Deployment ==