Local Users
In the Windows 9x environment there is no such thing as a local user. Anyone who turns on the computer will have access to it. There is no way to keep track of who is using the computer or who is allowed to use the computer. For some users this might be fine. They might be in an environment where limiting access to the computer is not a problem. Since the target market of the NT/2000/XP operating systems was the corporate and business community, there needed to be a way to make the log in process very secure. Local Users were created, and these were the only people that could successfully log on to the computer.

A Local User account must first be created on the local computer before that user will ever be able to log on. This allows the administrator to only allow authorized users to log on. Keep in mind that this will only work on computers that are not part of a domain. Local user accounts essentially allow users to log on and gain access to resources only on the computer where the local user account was created. This local user account is created only in that specific computer security database and it will not replicate the local user account information to any other computer that might be networked to that computer.

Disk Management
One task of an administrator is to constantly maintain and manage the hard drive storage. Whether dealing with user desktops or servers, the administrator will have to be aware of how to properly and effectively manage storage space in the Windows NT/2000/XP operating system environment. Proper disk management will enable administrators to keep hard drives in the best working condition and maximize them for optimal free space. Figure shows what the disk management screen looks like. For example, if there is free space on the hard disk, it must be partitioned and formatted so that data can be stored on that part of the disk. In addition, if there is more than one hard disk, each disk will also have to be partitioned and formatted so that it can store data. Whether setting up the remaining free space on a hard disk on which Windows 2000 was installed or setting up a new hard disk, the administrator needs to be aware of the tasks that are involved.

There are two types of disks that are available in Windows 2000 and XP, basic disks and dynamic disks. A system with one disk will need to be either basic or dynamic because both types cannot be used on the same physical disk. However, if the system has more than one disk, then one could be made basic and the other dynamic.

Basic Disks
Basic Disk storage is typically referred to as the industry standard and is identified by a hard drive that is divided into partitions. A partition is a portion of the disk that functions as a physically separate unit of storage. This allows for the separation of different types of information, such as user data on one partition and applications on another. A basic disk can contain up to four primary partitions, or up to three primary partitions and one extended partition, for a maximum of four partitions. The operating system will treat these partitions on a single hard drive as separate drives depending on how many partitions exist. A basic disk can contain primary partitions, extended partitions, and logical drives. If a second disk is added to the system, the computer will recognize it as a basic disk first. Basic disk storage is the default in Windows 2000 and XP so all new disks added will be basic disks until they are converted to dynamic. As previously mentioned, basic disks are the industry standard. This means that all versions of Microsoft Windows, MS-DOS, Windows NT, Windows 2000, and Windows XP support basic storage.

Dynamic Disks
For an operating system to support basic disks, the disk management tool is not really needed. All of the Windows operating systems that have come before NT, 2000, and XP have been using basic disk storage as the standard. However, when dealing with the size and the amount of hard drives that corporations and businesses use today, basic disk storage is no longer efficient.

One of the main reasons to have a disk management tool is to use multidisk volumes. When using Dynamic Disk Storage, multidisk volumes are referred to as hard disk space. This is because the hard drives are no longer dealt with as if they were one complete disk divided by partitions, but rather as multidisk volumes. These multidisk volumes are often comprised of many disks. Drives might span across these disks to give better use of the available disk space by allowing areas of unallocated space on different disks to be combined. They can also improve disk performance by letting more than one disk drive read and write data. The main difference between basic and dynamic disks is that dynamic disk volumes can be created and expanded to include new disks and storage space while the operating systems is running. This makes dynamic disk management easier than having to create partitions. Finally, multidisk volumes allow the use of RAID-5 technology to make volumes fault tolerant. To use any of these multidisk structures in Win2K, dynamic disks must be used. It is important to note that Windows 2000 Professional does not support the mirrored and RAID-5 fault tolerant volumes. Only the Windows 2000 Server supports these types of volumes.

1. Simple Volume – Acts as a basic disk that will contain disk space from a complete single disk and is not fault tolerant.
2. Spanned Volume – This volume will include disk space from multiple disks. There can be up to 32 disks in a spanned volume. In a spanned volume the operating systems will write data to the first disk until it runs out of space and then will continue to write data to the proceeding disks for as many disks as are included in the volume. A spanned volume is not fault tolerant. If any disk in a spanned volume fails, the data in the entire volume is lost.
3. Striped Volume – Also known as RAID-0, a stripped volume combines areas of free space from multiple hard disks, up to 32, into one logical volume. This volume is used to optimize performance by allowing data to be written to all the disks at the same rate. This volume is not fault tolerant so if one disk fails in the volume then all the data will be lost.
4. Mirrored Volume – Contains two identical copies of a simple volume that stores the same data on two separate hard drives. Mirrored volumes provide fault tolerance in the event of hard disk failure because if one disk happens to fail it can be replaced with a new one and all of the data will be backed up on the other disk.
5. RAID-5 Volume – Consists of three or more parts of one or more drives or three or more entire drives. Again, users can have up to a total of 32 disks. In this volume, data is written to all drives in equal amounts to improve performance. Each drive contains parity information, which holds copies of the data that is being written to the other two disks. This enables fault tolerance because in the event that one of the drives should fail, the remaining two disks recreate the data automatically without having to shut down the server. Once the failed hard drive gets replaced, the data gets restored to the new drive. This is known as striping with parity.

The services section of the Administrative Tools Utility is useful for troubleshooting problems with the computer. The services tab of the Administrative Tools will list all the services that are running on a computer and allow the administrator to start or stop any of the services that might be running. For example, if files are being copied from one computer to another computer or a hard drive and there is an Anti-Virus program installed in one system, then the services function can be used to stop the Anti-Virus program. This allows the files to be copied faster because they will not have to be scanned by the Anti-Virus program.

Local Security Policy
The Local Security Policy is a function of the Administrative Tools Utility that allows the administrator to select additional security options. There are close to 40 security options that are available to increase the effective security on a computer. Figure shows an example of just one of the many types of local security policies that can be implemented on a local computer. This security policy will not affect any other computer that is networked to it. The policy will deny access to the computer from the network by anyone who uses this computer or by specific people that use this computer. If the Add button, for example, is selected the administrator will be able to select who to apply this policy to from a list of users.

In general, the use of RAID by Windows 2000 is another area of contrast between this OS (being a NOS) and Windows 9x.

Lab Activity  (PDF, 10 KB)   In this lab, students will be able to create users and groups as well as assign properties to each.