Before you deploy Windows, yes!—more planning. Advance preparation might not reduce by much the total time it takes to bring the server online, but it will reduce the number of procedures that you have to do, redo, and then do again. Before installing Windows on any computer there are a number of things to consider, such as the system requirements, how you want to partition your hard disks, what licensing modes will be used, and so forth.
Before installing Microsoft Windows 2000, check that you have appropriate and adequate hardware. This involves both meeting the minimum system requirements (hopefully exceeding them if you want the server to do any real work) and checking the Microsoft Hardware Compatibility List (HCL) to be sure that the computer and peripherals are supported.
Table 5-1 lists the minimum system requirements for Windows 2000 Advanced Server, along with some more practical recommendations for the minimum necessary hardware.
The late Duchess of Windsor was fond of saying that you can never be too rich or too thin. Now you can add the axiom that without a doubt, you can never have too much processing power or too much RAM on a domain controller, or on any server for that matter. The only restriction is economic. Get the most server you can afford.
Table 5-1. Minimum requirements for achieving adequate performance
Minimum | Recommended Minimum |
---|---|
Intel Pentium 166 | One or more Intel Pentium II 300 or faster microprocessors (or compatible processors—check the HCL) |
64 MB RAM minimum, 128 MB recommended, 8 GB maximum | 128 MB RAM minimum, 256 MB or more recommended |
VGA monitor resolution | Super VGA monitor capable of at least 800-by-600 |
Keyboard and mouse or other pointing device | Keyboard and mouse or other pointing device |
850 MB partition with 650 MB free disk space | 2 GB free disk space on a 7200 rpm or faster hard disk |
Bootable CD-ROM | Bootable 12x or faster CD-ROM or DVD-ROM drive (El Torito-compatible) |
1.44 MB floppy | 1.44 MB floppy |
One or more network adapters | One or more PCI-based Fast Ethernet network adapters with Preboot Execution Environment (PXE) support |
Yes, the name of the specification is indeed El Torito. The engineers who developed the standard named it after the restaurant where they had held many, presumably happy, collaborative meetings.
Before buying server hardware, check the HCL in the \Support folder on the Windows 2000 installation CD. If updated drivers are available for the hardware, download and copy them to a floppy disk or available local disk so that you can use them during installation, if necessary (they can also be added to unattended installations, as discussed later).
If a component in the system isn't listed in the HCL, visit the manufacturer's Web site or contact the manufacturer of the device to see whether updated drivers are available. In general, though, the rule is this: don't use a server that isn't 100 percent compatible and certified.
Although having a fast processor is important for some server applications, older systems can be made to work extremely well by adding more RAM. Even Pentium 100 systems can perform reasonably well as servers if you increase their installed RAM to 256 MB or more.
Real World
Hardware Compatibility
Although it's true that many devices not in the HCL will work most of the time, servers are needed all the time. Inevitably, some traceable-to-the-hardware fault will show up, and you'll have no recourse. Microsoft will justifiably point out that you should be using hardware from the HCL. And the manufacturer will shrug and say that they're "working on" drivers. Neither is a good position to be in.
If you have machines that aren't 100 percent compatible, try them out as clients. Often, Windows 2000 Professional or Microsoft Windows XP works perfectly well on a machine that's not in the HCL.
Before installing Windows, determine how you want to partition the hard drives. We recommend that you use a single partition for client installations. Although a single partition is the simplest option for servers, you gain flexibility (and security) by creating a 2- to 4-GB partition for the operating system, and another partition with the remaining space. In this way the operating system is separate from applications and data (especially the Inetpub folder belonging to Internet Information Services) and permits the use of such services as Remote Installation Services (RIS) on the server, which must be installed on a nonsystem partition.
If you plan to create multiple partitions, we recommend that you create the partitions in Windows after the installation is finished.
Servers with multiple disks should take this strategy as well, more or less. If the first hard disk is small, make it into a single partition for Windows and use other drives for data and applications that can't be installed on the same drive as Windows (such as RIS). Otherwise, split the first disk into two partitions (one being a 4-GB partition for Windows) and create full-size partitions on subsequent disks.
Of course, most serious servers will make use of some form of redundant array of independent disks (RAID). Hardware RAID can be treated simply as a single drive: if the RAID is used for the system drive, create a 4-GB partition on it for Windows and leave the rest for data and applications.
Although hardware RAID is the highest performance and simplest RAID solution, Windows also supports software-based RAIDs that don't require a special RAID disk controller, thereby saving money. However, software-based RAID (as well as software-based disk spanning, mirroring, and striping) can create problems with Windows Setup, because Setup has difficulty handling dynamic volumes. Although most upgrades should work fine, you can't perform a clean install on a dynamic volume unless the dynamic volume is "hard-linked." (Only dynamic volumes that were upgraded from basic volumes are hard-linked.) Problems do occur. One of our computers now relies on a floppy disk to boot into Windows 2000 and can't be upgraded to a newer version of Windows precisely for that reason. Therefore, if you use the software RAID feature of Windows, leave the first hard disk as a basic disk and use software RAID only for applications and data.
Real World
Just Say NTFS
Although the Windows 2000 Server family supports three different file systems for hard drives—FAT(16), FAT32, and NTFS—the file system choice is simple: NTFS.
Although FAT16 and FAT32 had their places in the past, notably for dual-booting with Windows 95/98 and for their ability to be accessed from boot floppy disks, there is no place for them anymore on the hard drives of today's Windows clients and servers. Simply put, NTFS is more reliable, secure, and efficient than FAT and FAT32. You can also use the Safe Mode and Recovery Console features to gain access to a nonbooting NTFS system without compromising the system's security. Additionally, many Windows Server features or services require an NTFS partition. For example, to use a server as a domain controller or Active Directory server, an NTFS partition must be available.
The bottom line is that unless you need to keep a legacy version of Microsoft Windows 95, Windows 98, or Windows Me installed on the machine for compatibility reasons, use NTFS. Servers should always use NTFS.
After determining how you want to partition the drives, locate all the drivers for the hardware. Then record (or create) the following settings:
If you don't have a DHCP server and don't assign an IP address to the computer, Windows assigns the computer a restricted IP address. This IP address will work on a simple network with only one IP subnet, but it won't work on more complex networks, nor will it work as an Internet-accessible IP address. For more complex networks, install a DHCP server on the network or assign IP addresses manually. To acquire valid Internet IP addresses, you need to register with your Internet service provider for a scope of IP addresses.
Internet Information Services (IIS) is installed by default in Windows 2000, and unless it's been patched to the latest service pack, it could easily expose the server to a virus or other security risk as soon as the system is joined to a network. Therefore, disable the installation of Internet Information Services (IIS) during Windows setup, unless the server must run IIS and you're installing from an installation source that has the latest service pack and integrated hot fixes. You can install IIS after the system has been patched.
Real World
Licensing
There are two types of licensing modes for Windows servers, Per Server and Per Seat licensing. With Per Seat licensing, each client that accesses the server needs its own Client Access License (CAL). Clients with a CAL can connect to any number of servers, making this method the most common licensing method for companies with more than one Windows server. You would also commonly choose it when using Terminal Services/Remote Desktop Connection (unless you're using the Terminal Services Internet Connector License, in which case you would use Per Server).
Per Server licensing requires the server to have a CAL for each concurrent connection. For example, if you choose the Per Server licensing mode with 50 concurrent connections, the server can support a maximum of 50 simultaneous client connections. This licensing mode works well for companies using only a single Windows server or for Internet or remote access servers where the client computers might not be licensed as Windows network clients.
If you're unsure which licensing mode to use, choose Per Server. You can switch from Per Server to Per Seat once (without additional cost) but not from Per Seat to Per Server. You can use License Manager, located in the Administrative Tools folder on the Start menu, to keep track of the license purchases and holdings.
After you've recorded all of these settings, several physical tasks remain:
Under most circumstances, a server won't have two operating systems, but sometimes such an approach is appropriate. For example, you might want to keep an existing installation of Windows NT 4 in case you find specific incompatibilities with the software or hardware. For more information on upgrading your server from Windows NT to Windows 2000, see Chapter 7.
You must have a different computer name for each operating system installation on a network. A unique security identifier (SID) is generated for each Windows installation on a domain, and each SID is associated with one particular computer name. So, you can boot several operating systems, but in each system the computer is known to the network by a different name.
If for some reason you need to use multiple recent versions of Windows, keep the following things in mind:
If you need to run multiple operating systems on a computer, we suggest that you look into purchasing VMware Workstation, or Connectix Virtual PC. Both programs create one or more virtual machines in which you can install any operating system you like (including MS-DOS 4). The virtual machine runs as a Windows program and doesn't need a disk partition—just a chunk of hard disk space. This can be an excellent way to evaluate an operating system or provide a legacy operating system environment for testing or old applications.
Rather than upgrading the server, you can perform a clean install of Windows 2000. A clean install allows you to preserve the existing installation for use in case you encounter trouble setting up the server with Windows 2000. Performing a clean install is also the only option if the server is running a version of Windows earlier than 3.51 and you don't want to upgrade to Windows 3.51 or 4.0. However, when you perform a clean install, Windows 2000 doesn't migrate the existing programs and settings as it would if you upgraded the server.
The following list shows the issues involved when using Windows NT with newer versions of the Windows NT family (Windows 2000, Windows XP, and the Microsoft Windows .NET Server family) on computers with NTFS drives:
Dual booting with MS-DOS, Windows 95, Windows 98, Windows Me, or other personal operating systems should be performed on desktop computers and not on the server. Performing a dual boot with UNIX or another server operating system is perhaps more useful, but you should avoid it if possible.
If you do choose to perform a dual boot with another operating system, use the backup utility provided with the newest installed version of Windows or another supported backup program to perform a full backup of the system including system state information. Also, you should create an emergency recovery disk by using the Windows Backup utility (just for good measure). When installing or configuring the operating systems, be careful with the master boot record (MBR). Table 5-2 shows a list of additional factors you should consider when working with different operating systems.
Table 5-2. Dual boot issues
Operating System | Issue |
---|---|
Windows 95/98/Me | Install and boot before installing newer versions of Windows to keep Windows 95/98/Me from overwriting the MBR and preventing the newer version of Windows from booting. |
All operating systems | Programs must be installed separately in each operating system. |
All operating systems | Windows Servers can't be installed on drives that have been compressed with any program other than the NTFS File Compression utility. |
MS-DOS, OS/2 | If you install Windows on a computer that was previously performing dual boots between MS-DOS and OS/2 using the Boot command, at startup you can choose to boot only either Windows or the operating system you most recently booted. |