Windows 2000 is served This special feature article was a one-off in addition to my regular column. It was a review of the newly-released Windows 2000 operating system. It felt good to stretch my wings a little here.

---

And so Microsoft has finally completed its biggest ever undertaking and Windows 2000 (W2K) is now their flagship-operating platform. The result is another massive training exercise for the worldwide community of developers who target this platform, and the prospect of a whole host of product upgrades to go along with it. For this article I have removed my Visual Basic hat and will be discussing some of the wider issues that are relevant to all developers. I'd like to start by reviewing some of the general features of the W2K product set and then move on to have a closer look at a few of the most important technologies and concepts that you should target as you prepare yourself for working with this architecture.

From the day that Windows 95 emerged from Microsoft it has been a battle for Windows NT to keep up in two key areas. While NT has always been a more robust and, arguably, enterprise-oriented operating system it has always lacked features that its lower-ended sibling has had from day one. In 1995 Microsoft found themselves in the uncomfortable position of having the more powerful desktop shell only available on their low-end operating system, whereas the old Program Manager shell still sat on their high-end, premier operating system, Windows NT 3.51. Finally, a year later, Windows NT 4 (known at the time as the Shell Update Release) was made available and the most obvious shortcoming had been overcome. The second most serious shortcoming, plug and play, has only now been finally overcome after another four years of development.

W2K family

W2K will finally ship in four different versions:

Professional: The standard desktop edition for users, which supports up to two processors and 4GB of memory.

Server: Basic server edition, which supports four processors and 4GB of memory. Provides file, print, intranet, and networking services.

Advanced Server: As Server edition, but supports 8 processors and 8GB of memory. Also offers two-node fail-over, and 32-node network load balancing.

Data Center Server: Delivery date is still to be announced at the time of writing (late January 2000). As Advanced Server edition, but will support up to 32 processors and 64GB of memory. It also offers a cascading fail-over among four nodes. This is Microsoft's high-end product for enterprise servers that need to support intensive online transaction processing (OLTP) services.

Key features

W2K introduces so many new features that it's difficult to know what to skip for the sake of brevity. However, the key features as I see them are

Installation: Windows finally understands the FAT32 partitioning scheme introduced by Windows 95 SR2. The good news here is that you can make up a boot disk from Windows 95 SR2 or Windows 98 and format the hard disk on your target machine to be greater than 2GB. Previous versions of Windows NT would have refused to install onto such a partition and so boot partitions were generally confined to being 2GB in size. Therefore if you've got a machine with a single 9GB disk then you can also have a single 9GB C: drive if you want. However, having said all that it really is a good idea to have your boot partition separate from your data. Service pack 4 of Windows NT 4 was notorious for failing halfway through the update of the core system files, leaving an unbootable machine. I know of people who shared data with their boot partition (under NTFS) that fell foul of this and lost their data. Either way, the choice is there now.

When you install the server edition there is only so much that you can do from the installation dialogs, although it isn't immediately obvious at the time. For instance, under NT4 you could specify that a server would be a domain controller. With W2K you must complete the basic installation of the operating system first, and then after your first proper local login you are presented with a wizard front-end application that allows you to set up additional components and services. In the case of the domain controller example, this is really dependent upon Active Directory services being installed first, and only then can you specify the kind of role that the server will take in the network.

Related to the theme of installation is that of service packs, an area of previous criticism that Microsoft has also addressed in this release. Despite the level of service packs available for NT 4 reaching 6a, the generally available install disk only included the service pack 1 level fixes. Once this had been installed then it was then necessary to subsequently apply the latest service pack, making the whole operation take longer. Now, thanks to a process known as service pack slipstreaming, it will be possible to create a new W2K installation kit that contains both the latest service pack and any subsequent hot fixes that might be available.

Disk/file system: NTFS has been the subject of much improvement. The concept of disk partitions is being replaced with a new concept called dynamic volumes. As the name implies this is an operation whereby a raw area of physical disk can be added to an existing volume dynamically (i.e. without the need for a reboot). W2K will continue to support partition-based disks, but as of now they are considered to be legacy configurations. Under the previous disk partitioning mechanism it was possible to have up to 4 partitions residing within a single physical disk, but now this option is completely configurable.

For notebook users a very useful new feature is the local caching of network data. This is a significant improvement to the My Briefcase concept in the way that copies of network files can be stored locally for you to use on the move. To make it work you right-click on a network file or folder within the Windows Explorer and select the Make Available Offline option. The neat thing about this is that files and folders still appear to be in the same place i.e. on the network. For example, if your F: drive is a network resource then you would still see the F: drive when you are unplugged from the network, and you will be able to see and work with any files that you had previously marked to be available. Then, when you reconnect to the network, an automatic synchronisation takes place, although quite correctly you are asked to decide how you want to play it if both the offline and online copies have each been updated since the previous synchronisation.

Windows File Protection: Microsoft has become much more protective of the core system files that make up Windows. System files are now marked as super-hidden, and efforts are made to stop you tampering with them. For example, if you click on the Winnt folder within the Windows Explorer then no files are initially displayed and you are presented with a rather blunt message:

This folder contains files that keep your system working properly. There is no need to modify its contents.

There are also safeguards in place to prevent you from accidentally deleting core files - Microsoft claim that you could delete all the files on your hard disk and the machine would still boot, but I strongly suggest that you don't try this at home. Windows is also very concerned about certain files being overwritten; Microsoft has identified around 2600 files that are crucial to the smooth running of the full package and refers to them as Windows Protected Files. A background task called the System File Protection service checks whether any of the protected files have been replaced and, if so, takes steps to restore the original.

Server features: When the Windows NT Option Pack was made available for free a member of the Microsoft UK team expressed the opinion that this new bundle of software really should have pushed up the name of the underlying operating system to Windows NT 4.5, and I think with some justification. The Option Pack chiefly consisted of Microsoft Transaction Server (MTS), Internet Information Server (IIS), Certificate Server, and Message Queue Server (MSMQ). Now all of these features are available as an integral part of the W2K Server family, with some aspects available within W2K Professional as appropriate.

IIS 5.0 continues its rather rapid evolution, this time with ease of administration being an obvious point of focus for the development team. There are new wizards available that are specifically targeted towards the more difficult tasks, most notably for the creation of certificates. Also new is HTTP compression which, as the name suggests, reduces the size of textual data being sent down the line. In order for this to work the receiving browser must be able to handle a compressed HTTP stream, which IE4 and IE5 can, as well as Netscape Navigator 4. The downside to this is that it does add slightly to the load on the processor, but as the main bottleneck is usually the speed of the data connection it is likely to be beneficial on many newer machines.

Windows Driver Model: As part of the continuing drive to eventually converge the NT platform and the Windows 98 family the Windows Driver Model (WDM) has been adopted to ease the load on the poor device driver writers. W2K and Windows 98 use the same drivers to control hardware, thereby reducing the burden on hardware manufacturers. In fact this burden is even more reduced because of the way that Microsoft has redesigned the overall model. Previously a driver had to be written from scratch, although templates were made available within the DDK to get things started. In W2K Microsoft has split the concept of a device into two halves. One half provides the general functionality that the class of driver provides, such as an audio class that covers items such as sound cards. Microsoft provides a class driver that provides the high-level features common to the functionality of the device in question. It is then up to the hardware manufacturer to write a minidriver that provides the specific functionality that is unique to the device. Driver developers will be pleased to know that the new sample DDK code - from which starting point many drivers do actually get written - is finally a realistic representation of how a professionally written driver should be coded.

Power management: W2K incorporates a power management facility that features several levels of shutdown, from simple screen blanking and hard-drive spindown to complete hibernation. This concept was originally introduced with Windows 95 as Advanced Power Management (APM) but now the Advanced Configuration and Power Interface (ACPI) specification has superseded it. W2K supports both APM and ACPI, but the APM support is a legacy feature. ACPI is actually part of an initiative called OnNow which, according to Microsoft, "defines a hardware-level interface that enables operating systems to implement power management in a consistent, hardware platform-independent way".

W2K provides power management via the Power Manager, a new kernel-mode subsystem. In order for this to work the motherboard must have a BIOS that supports ACPI. Applications, too, must support this feature in terms of cleaning up, closing files, and saving state data. Notification comes as a WM_POWERBROADCAST message; initially Windows signals its intention to enter suspend mode and all applications are given the option to vote on this. If all applications approve then a subsequent WM_POWERBROADCAST message is despatched stating that the suspend operation is actually about to happen - this is the time to save your data and your state. Finally, when the PC wakes up again, another WM_POWERBROADCAST message is sent and each application should be able to recover itself to a stable operational state.

Plug and play: This is one of the features that users have been waiting for the most. The Plug and Play Manager subsystem will automatically identify any devices which "appear" (i.e. are plugged in) as long as they conform to the ACPI specification. Windows tends to keep quite a few of the more common device drivers on hand and will automatically install it if it can, otherwise it will prompt the user to make it available. As a new device is being added a sub-component of the Plug and Play Manager (called the Arbiter) will dynamically reassign whatever resources it and all other devices require in order to make it all fit.

W2K Application Specification

Since the days of Windows 3.1 Microsoft has provided guidelines for the development of Windows applications in order to provide both a consistent experience for the end user and to promote harmony between each application and the underlying operating environment. Originally called the Designed for Windows logo program it has now evolved into the W2K Application Specification. Two levels of conformance exist, one for W2K Professional and the other for the W2K Server range.

The core specification is really aimed at ensuring that an application doesn't use any outdated features that were found in earlier versions of Windows. The application must be 32-bit, must support long filenames and UNC paths, and it must also ensure that all file types have associated file types, descriptions, and actions.

Installation requirements have been updated somewhat in that Windows installer-based packages must be provided (see my regular column from last January for more on this). It is also important that the product should correctly support uninstallation. The uninstall mechanism should be accessed via the Add/Remove Programs icon with Control Panel, rather than as a shortcut in the Start menu. Actually, on this subject Microsoft has also become more strict in declaring what should and shouldn't be visible from the Start menu. It is now recommended that shortcuts to help files and readme documents be also excluded in order to avoid cluttering up the whole Start menu area.

One of the problems that Microsoft testers found while assessing the compatibility of existing applications with W2K is that the location of the My Documents folder has in more than a few cases been hard coded. In W2K the location of this folder has been moved to C:\Documents and Settings\<username>\My Documents, so of course the full path cannot be hard coded because it will alter for each user. Defaulting to each user's My Documents folder for the storage of user-created data is an Application Specification requirement, but the means by which it is achieved apparently needs better publicising to the development community. For the record the way to do this is to make a call to SHGetFolderPath and specify CSIDL_PERSONAL as the folder type. Of course you should use the common dialogs whenever you can, and these now include the relevant My Documents location for the current user (see Figure 1).

Figure 1: Redesigned common dialog

The Application Specification also includes requirements for the OnNow/ACPI support and Active Directory. There are also some specific requirements for the server editions of W2K; most notably that anything which has a need to be managed must be done so via a Microsoft Management Console (MMC) snap-in.

Kernel changes

You might notice from the descriptions of the four editions of W2K that are outlined above that the 4GB process space limit has now been exceeded on the two higher-end versions. Under Windows NT 4 the 4GB limit was determined by the 32-bit addressing scheme used on the Intel architecture, but the more recent x86 chips include a feature known as Physical Address Extension (PAE) that uses a 36-bit physical addressing scheme and thereby allows up to 64GB of physical memory to be addressed. To accommodate this W2K includes a new API set (included with all four editions of the product) called the Address Windowing Extensions (AWE) that provides support for this feature. The API consists of just four functions: VirtualAlloc, AllocateUserPhysicalPages, MapUserPhysicalPages, and FreeUserPhysicalPages.

Also new at the kernel level is the Job object which is a programming feature that creates a relationship between multiple NT processes. Sometimes it is desirable for a program to spawn a whole new process in order to perform a task. For example Visual C++ runs within the context of a Microsoft Developer Studio application, which is a single Win32 process. However the main compilation routine is performed by a separate executable called CL.EXE, which in turns spawns child processes (e.g. CL2.EXE). If it becomes necessary for the logical task of compilation to be halted it was previously very difficult to implement a means of killing all of the processes together because no explicit relationship between them existed. Within W2K a process can create a Job object using the CreateJobObject function and then subsequent processes can be added by calls to AssignProcessToJobObject. If the need should arise to kill all of the added processes together then a simple call to TerminateJobObject will do the deed. Job objects can be named and shared, and they can also be used to manipulate common attributes of all member processes.

Active Directory

What's the most important improvement within W2K? Well, the answer depends upon whom you ask. A typical user would probably argue the case for Plug and Play, but anybody who actually supports Windows NT-based networks currently will argue that it is Active Directory. The problem so far has been that the domain model used in previous versions of Windows NT isn't suited to the size of enterprise networks that exist today, and for Microsoft this has been bad news since they will have undoubtedly lost corporate sales because of it. NT 4 domains consist of a Primary Domain Controller (PDC), probably a Backup Domain Controller (BDC), and client workstations. If you have multiple domains then it is necessary to set up all kinds of trust relationships between them.

Active Directory (AD) still uses domains, but the concept of a primary domain has been replaced with a more enterprise-friendly hierarchical model. The directory service is concerned with maintaining a database of all of the objects that exist within the network, but within the structure of a secure and partitioned namespace. Objects can be anything, such as users, computers, printers, applications, and so on. In terms of the overall hierarchy, objects exist within namespaces - that is, it is a bounded area within which a given name can be resolved. The objects here exist hierarchically, for example individual user objects exist within a collection object (called a container in AD). This namespace of hierarchical objects is called a tree. On a larger scale a collection of trees can exist as a forest, which doesn't share the same namespace but does fall under a common schema that defines the rules and definitions that specify the content of, and relationships between, a set of objects within a directory service.

Every object that exists within an Active Directory namespace has a distinguished name (DN). The name of the DN is based upon a hierarchical path through the namespace. For example, if my web site was an Active Directory hierarchy that existed on the Internet (it's not, before you try), then my DN could be

/O=Internet/DC=COM/DC=jonperkins/CN=Users/CN=Jon

This DN identifies the user object Jon within the jonperkins.com domain.

For the software developer the means by which you manipulate Active Directory is the Active Directory Service Interface (ADSI). Programmatically, for those of us who connect via COM Automation interfaces, this means setting a reference to the Active DS Type Library. With Visual Basic for instance (inevitably), I could set the value of my home page property within the Jon object as follows:

Dim oUser As IADsUser
Set oUser = GetObject("LDAP://O=Internet/DC=Com/DC=jonperkins/CN=Users/CN=Jon")
oUser.HomePage = "http://www.jonperkins.com/index.htm"
oUser.SetInfo
Set oUser = Nothing

COM+ and DNA2000

DNA 2000 is Microsoft's platform for supporting multi-tiered applications (the letters stand for Distributed interNet Architecture). It is really a collection of technologies that come together to provide the services necessary to host applications that conform to the data/business/presentation services model.

At the heart of DNA is COM+ Services 1.0, formerly known as Microsoft Transaction Server (MTS) but now fully integrated into the operating system rather than an add-on provided by an option pack. COM+ isn't just a renaming of MTS 2.0 however, it also adds new features such as distributed transaction support, role based security management, and thread synchronisation. It also incorporates the message queuing services previously available in Microsoft Message Queue Server (MSMQ). The administration of COM+ components can now be found under the Component Services icon within the Administration Tools folder (which has been sensibly moved from the Start menu to Control Panel). Figure 2 shows an illustration of the Component Services folder, and Table 1 shows the new features within the COM+ Services. I intend to provide a more thorough coverage of the creation of COM+ components within a forthcoming Visual Basic column.

Figure 2: Component services MMC snap-in

DNA 2000 is the overall architecture that provides a suitable environment for Web applications. Actually, that's the Microsoft definition; in fact it is just as suitable for conventional EXE-based front ends as it is for browser-based applications. W2K doesn't provide the final piece of jigsaw for the great DNA 2000 plan though. While you can build proper DNA 2000 applications today with W2K there are still some products yet to appear that will complete the picture. In my Visual Basic column this month I introduce XML, a new standard for the transfer of both data and the definition of that data. XML is very important to DNA 2000 and to this end a new version of SQL Server will provide a high-degree of support for it. Similarly a new product called Microsoft BizTalk Server will provide business process integration within the enterprise through the exchange of XML-formatted business documents. Finally, Microsoft AppCenter will simplify the deployment and management of Windows DNA applications within "farms" of servers.

Last word

Microsoft has dedicated a huge amount of effort into producing an operating system that offers so much. Finally, their high-end operating system no longer excludes important features that can only be found in their lower-end offering. Equally as importantly they have finally started to deliver a platform that scales from notebook all the way up to corporate server. We really have had to wait a long time for this upgrade, but I think it was worth it - not that we had any choice. I don't doubt that many companies will want to wait until the first service pack has been in circulation for a while, although Microsoft are undoubtedly impatient for a rapid uptake so I wouldn't be surprised to see this psychologically important milestone reached within the next six months. Having finally produced a code base that doesn't have the gaping holes of its predecessor I would envisage that future versions wouldn't be so difficult to get out of the stable. And so, having overcome its greatest technical challenge to date, we now have to wait and see if it can have a similar success with its greatest legal challenge too!