Skip navigation

Ask Dr. Bob Your NT Questions - 01 Oct 1997

Send us your tips and questions. You can also visit Bob Chronister's online Tricks & Traps at http://www.winntmag.com/forums/index.html.

Q: What will happen to ISDN devices, which are expensive and can be hard to configure, now that 56Kbps modems are available?

Compared with other connection methods, ISDN has several important advantages that will ensure its place in the industry for a while. ISDN provides rapid (several seconds) logon times and guaranteed bandwidth (you get either 64Kbps or 128Kbps connections). You can purchase an ISDN router that lets you easily provide a network-wide connection and conceal your company's internal IP systems. ISDN devices will continue to compete with modems because you can now turn most ISDN devices on and off and use them on demand (i.e., in a dial-up mode, like you can with a conventional modem).

Q: I plan to purchase a router, but I have some concerns about Network Address Translation (NAT). Can you explain NAT?

NAT helps you simplify and conserve IP addresses because it minimizes the number of leased IP addresses you need. NAT enables private internal networks that use unregistered IP addresses to connect to the Internet. Specifically, NAT operates on a router, usually connecting two networks, and translates private (unregistered) IP addresses in the internal network into legal (registered) IP addresses before sending packets to another network (such as the Web). As part of this functionality, you can configure NAT to advertise only one IP address for the entire network to the outside world. This approach increases security because that one IP address effectively hides your entire internal network from other networks.

Companies typically implement NAT in remote access environments because you can easily control which IP addresses are used. A NAT router answers Address Resolution Protocol (ARP) requests for IP addresses inside a company's dynamic pool and even functions with Domain Name System (DNS) servers on the Internet. NAT can save you considerable hassle in assigning and maintaining IP addresses.

Q: I recently read that sales of asynchronous transfer mode (ATM) networks are down, in part because of the perception that ATM is difficult to set up. How hard is ATM to configure?

ATM is more difficult to configure than other networks because you must set the switches and NICs to the same protocol. To establish protocols and basic port configurations, you connect the NICs to the switches. For example, on most switches, you can dictate control port by port (e.g., you can set up a port as full duplex or half duplex). You also have to establish user and password information on the switches to configure them.

Configuring the Switch
You usually make the initial connection to the switch via a com port. Start by attaching a reversed cable to the machine com port and then connecting the cable to the switch com port. Open Hyperterminal in Windows NT, and select any of the available accounts, such as the HyperTerminal account. In the Connect To dialog box, change the connection to the appropriate com port (e.g., COM1). The system will use the built-in accounts (see the switch manuals for the default value) to log you on to the switch.

The major component you have to set up is the User Network Interface (UNI). You can use version 3.0 or version 3.1 of this protocol (I suggest you use the latest version, 3.1). The rest of the setup is a matter of choice. If you stack switches, you must properly configure the stack modules. For example, Screen 1 shows a partial display of the parameters of one of my switches. Notice the amount of detail, including the IP address and the temperature inside the switch. Screen 2 shows the setup for the ATM switching. Notice the use of UNI 3.1, stacking (Whitetree 2500 and 3000), and the use of ATM 155 backbones. After you assign all necessary parameters, you simply restart or reboot your switches.

Configuring the NICs
After you configure the switches, you need to configure the NICs--an easy task. For Madge cards, you set the LAN Emulation Client (LEC) to Ethernet, as you see in Screen 3.

You also have to set the adapter type, which in this case is Collage 25 (an ATM 25 card), as you see in Screen 4. Finally, you set the UNI to 3.1 in the Advanced Adapter Configuration dialog box, as you see in Screen 5. Some Madge adapters also have an optional setting for the frame size (my Madge cards are hardwired to 4544, which my Adaptec 155 doesn't recognize; in this situation, the Adaptec negotiates at the lowest level, which is a frame size of 1516). After you make these changes, you need to reboot your system to activate the NIC.

Adaptec's NICs are also easy to configure, but be sure you use the latest Adaptec drivers. The only default setting you may need to change is the Maximum Transfer Unit (MTU--the largest frame size), as you see in Screen 6. I tried to change this setting to 9234, but this setting won't work on my mixed network, and the cards automatically switched the MTU to 1516. The UNI is already set to 3.1, as you see in Screen 7, so all you have to do is save these settings and reboot. You can now browse the network (combined ATM and Ethernet--laptops--in my case).

Finally, the Adaptec cards ship with an intelligent monitoring tool. You install this tool as a protocol, although it runs as a service. Screen 8, shows the monitor displaying LEC status.

This monitor is excellent for displaying the most relevant log events for a particular NIC. If you want to monitor networks, this application is ideal.

Q: How can I change the number of days that Windows NT displays a warning message reminding users to change their password before it expires?

Warning: Using the Registry editor incorrectly can cause serious, systemwide problems. You may have to uninstall NT to correct them. Use this tool at your own risk.

Before NT 4.0, you couldn't change the number of days that NT displayed a warning message before the user's password expired. This value was always set to 14 days.

In NT 4.0, you can use the Registry editor to add a Registry entry that adjusts this value (this value does not appear in the Registry unless you add it).

Go to the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon key. Add the value PasswordExpiryWarning of data type REG_DWORD. The range for this value is in number of days, and the default value is 14.

Q: I want to disable Windows NT's browser services from reporting certain servers on my network. However, I still want to be able to find these servers using the universal naming convention (UNC) format. Can I do this?

Yes, NT will let you hide servers that you can still browse using UNC. Open your favorite Registry editor and go to the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters key. Add a new value, hidden, of data type REG_DWORD. Set the value to 1 (hidden) to hide the computer. (For more information on disabling the browser on your network, see George Spalding, "Too Many Servers Spoil Network Performance," August 1997.)

Q: I am trying to increase security on my network. How do I disable the last user that Windows NT lists during the logon process?

By default, in the Username space of the Logon Information dialog box, NT displays the name of the last person to log on. To make the Username space blank when this dialog box appears, you have to change the NT Registry--remember, always have a backup of your Registry before you edit it.

Use your Registry editor to go to the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon key. Add the value DontDisplayLastUserName of data type REG_SZ, and set it to 1, as you see in Screen 9. The Username space will be blank when the Logon Information dialog box appears.

Q: I recently migrated from Windows 95 to Windows NT 4.0. Although I am happy with the upgrade, I want NT 4.0 to automatically power down the way Win95 does. How can I make this happen?

To automatically shut down your system when you exit NT 4.0, you need to open the NT Registry and edit the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon key. Double-click the PowerdownAfterShutdown entry and set the value to 1, as you see in Screen 10.

Q: How do I remove unused shares when Windows NT boots?

NT maintains a list of mapped shares in the Registry. To update or change this list, go to the HKEY_CURRENT_USER/Software/Microsoft/Windows NT/CurrentVersion/Network/PersistentConnections key. Highlight and delete any unwanted entries. Double-click the Order entry to remove the drive letters for the shares you deleted.

Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish