 |
Send us your tips and questions. You can also visit Bob Chronister's online Tricks & Traps at http://www.winntmag.com/forums/index.html. |
For a long time, I have used LMHOSTS to resolve computer names in my network. I had no need for Windows Internet Name Service (WINS), Domain Name System (DNS), or Dynamic Host Configuration Protocol (DHCP), although I've had experience with them at client sites. To make a long story short, I recently added a second domain to my network. To do so, I performed the obligatory tricks: I enabled LMHOSTS lookup on all systems, enabled routing on both Primary Domain Controllers (PDCs), and used NBTSTAT to gather pertinent information about the network. I decided to set up a two-way trust relationship between the domains (the first domain is my permanent nine computers, and the second domain is my portable domain, which consists of two notebooks).
To my disgust, I could not establish a two-way trust using only LMHOSTS for name resolution. The notebook domain could not find the PDC of the first domain. To further complicate matters, I could ping (TCP/IP only, here) the PDC IP address but not its name. To enable name resolution, which then allowed a two-way trust, I had to add a WINS server (be sure to run a service pack after you install the server). On both domains, you must point to the WINS server in TCP/IP network setup (right click Network Neighborhood and choose Properties). Screen 1 shows this setup for the PC Card in my AST 133 laptop serving as a PDC. The WINS server is on the PDC of my first domain (WINS has very low overhead). I kept LMHOSTS enabled because static mappings in WINS can cause logon difficulties. Even with LMHOSTS enabled, I can browse with ease.
When I boot my single Pentium Pro motherboard, I get a blue screen of death that says, "STOP: 0*0000007F (0*0000000F, 0*00000000, 0*00000000, 0*00000000)." What's causing this problem?
Microsoft has documented this problem in Knowledge Base article Q160014 (http://www.microsoft.com/kb/articles/q160/0/14.htm). The problem is a function of faulty firmware on certain old motherboards. You can circumvent the blue screen by going into the BIOS and disabling the local Advanced Programming Interrupt Controller (APIC). If your vendor has not implemented enabling and disabling the local APIC as a BIOS option, contact your system vendor and request an updated BIOS that corrects Pentium Pro errata 5AP and 6AP.
To improve the performance of an application that runs at a low priority, can I change the application's priority?
The running instance of a program is known as a process--a memory address and space 4GB in size. The process has threads that do the work for the application.
The first thread the application creates is the primary thread, which can generate more threads. The operating system assigns CPU time to each thread. Windows NT has the advantage of being able to use multiple CPUs and assign a thread to a specific CPU. Because an application typically runs more than one thread at a time, NT governs access to the CPU by priority (i.e., NT assigns a priority to each thread). You can alter this priority to change the amount of time the operating system gives to an application.
When a software vendor writes an application, the developer assigns priority classes to a process in the application. Table 1 defines these priorities and gives their relative values. The thread scheduler assigns CPU time according to the process priority (generally written into the software) of a thread (for information about how NT's scheduler works, see Mark Russinovich, "Inside the Windows NT Scheduler, Part 1," July, and "Inside the Windows NT Scheduler, Part 2," on page 177). A thread with a process priority of 13 can preempt a thread with a priority of 8. This scheduling of CPU timeslices creates NT's preemptive multithreading design.
You can change the process priority, but you need to be aware of the consequences. First, running threads in realtime priority disrupts normal system activity. Mouse activity becomes slow and jerky, and attempts to control cursor position can be futile because the mouse driver can't keep up with the movement. Second, and most important, the application can call threads at the internal scheduled priorities (i.e., running an application in realtime priority does not ensure that all subsequent threads run in realtime priority). You seldom need to run applications at anything other than normal priority.
To run an application at thread priorities different from those the program assigns, you need to start the application from the command line. The full syntax of the start command is:
START \["title"\] \[/path\] \[/LOW | /NORMAL | /HIGH | /REALTIME\] \[command/program\]\[parameters\]
where "title" is the title to display in the window title bar, path is the starting directory, LOW specifies starting the application in the IDLE priority class, NORMAL specifies starting the application in the NORMAL priority class, HIGH specifies starting the application in the HIGH priority class, and REALTIME specifies starting the application in the REALTIME priority class. Notice that switches (namely, /LOW, /NORMAL, /HIGH, and /REALTIME)control process priority.
Finally, you can adjust the foreground boost for all your NT applications in NT Workstation from the Performance tab of the System applet in Control Panel. For more information about how NT handles foreground applications, see Christa Anderson, "Foreground Application Handling in NT 4.0," June 1997.
How can I track which APIs and DLLs a particular application calls?
Use the APImon.exe application, which you see in Screen 2, from the Windows NT Server 4.0 or Windows NT Workstation 4.0 Resource Kits. Open APImon, and click Open from the File menu to open the application you want to monitor (I decided to monitor Winword.exe). Then click Start Monitor from the Tools menu to see a list of DLLs, as in Screen 3, and a list of APIs, as in Screen 4.
According to the APImon Help file, APImon monitors a running application for all API calls and counts and times all API calls. It can monitor page faults caused by the application you are monitoring and report them by API call.
You can use APImon as a performance monitor to tune your application. You can examine the APIs with the largest times and counts to determine where the hot spots are in your application. You can also look at which APIs the application uses, taking into account calls that cause ring transitions to kernel mode or client/server transitions. Large numbers of these calls can cause an application to respond slowly.
APImon can generate two types of reports: a report that contains all API calls and shows their counts and times, and a report that shows a trace of all APIs as they occurred in time.
Surprisingly, many people don't know about APImon. I have used it to figure out why applications act the way they do. If you discover a problem with an application using APImon, you can either fix it or notify the software vendor.
How can I change Windows NT's default print spool directory?
I get this question all the time, so I'll revisit this topic. To change the default print spool directory, you must use a Registry editor such as regedt32.exe. Warning: Using the Registry editor incorrectly can cause serious, systemwide problems. You may have to uninstall NT to correct them. Use this tool at your own risk. You can perform this change for all printers or for specific printers.
To change the default printer spool directory for all printers, go to the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Printers key. Add the value DefaultSpoolDirectory of data type REG_SZ where the string is the full path to the printer spool directory. Screen 5 shows the location of this Registry entry.
To change the default printer spool directory for specific printers, go to the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Printers key. Add the value SpoolDirectory of data type REG_SZ, where the string is the full path to the printer spool directory. (Note: The path you enter has to exist, or NT will use the default directory.) Screen 6 shows the location of this Registry entry.
How can I set up Windows NT to maintain network connections when I log off a server? I have several clients who want their dial-up connection to remain active even after they log off the server.
Open the Registry editor, and go to the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon key. Add the value KeepRasConnections of data type REG_SZ. Set the value to 1.
After migrating to Windows NT 4.0 from NT 3.51, I can't get replication to work properly. Can you help?
The problem is with permission. You need to change the way NT replicates by making a change in the Registry. Specifically, you need to add permission to a new Registry key (HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurePipeServers\Winreg) on the export machine that the import machine reads. By default, the replication user does not have permissions on this key. With the Registry editor, open this key, go to the Security menu, click Permissions, and grant read access to the replication user.
Recently, I added some software to my system and then reinstalled Service Pack 2 (SP2).
When I attempted to reinstall the hotfixes, the system informed me that the hotfixes were
already installed. I deleted the \winnt\hotfix directory and reran krnl40i.exe but still
could not install the hotfixes. I tried to remove the hotfixes (hotfix /r
If you can't install or delete a hotfix, open your favorite Registry editor and go to the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\HOTFIX key. Delete the hotfix entry. Then use Explorer or File Manager to navigate to %windir%\HOTFIX\Hf00..., and delete the hotfix entry. Reboot and reapply the hotfix. If possible, always remove the hotfix before you add a service pack.
How do I get my Sound Blaster audio card and CD-ROM drive to work in Windows NT 4.0? The Sound Blaster card works, but I can't get NT to recognize the CD-ROM drive.
Creative has an updated driver for NT 3.51 and NT 4.0 on its Web site at http://www-nt-ok.creaf.com/wwwnew/tech/ftp/ftp-sb16awe.html#nt. When you access this site, you see the following driver information:
Drivers for Windows NT
awent40.exe
File Date: 970115
File Size: 707,681 bytes
Description: Standalone Sound Blaster 16/AWE32/AWE64 drivers for Windows NT4.0 ONLY SDR-NTDRV-1-US (Revision 1)1. Support for SoundFont 2.0
2. Support for AWE64 and AWE64 Gold (Software wavetable not included)
3. Support NT4.0 PnP manager
4. Supports BOTH PnP and non-PnP (legacy) cards
I usually don't like to use a manufacturer's installation guide in this column. However, installing sound cards in NT is a pervasive problem, and the following guidelines by Creative are excellent for installing a plug-and-play (PnP) card in NT 4.0. Warning: Remove all installed legacy drivers or PnP drivers before you install the new driver. Otherwise, your system will lock up and be very difficult to fix.
1. After you download the driver from Creative, run the executable file and copy the files onto a floppy disk.
2. Make sure you have the NT 4.0 CD-ROM in the CD-ROM drive.
3. If you have already installed the pnpisa.sys driver, go to step 6.
4. In\Drvlib\Pnpisa , right click pnpisa.inf and select Install (if you don't see this file, click View\OptionsView\ and select Show all Files and unselect Hide extensions for known file types.)
5. Reboot your system when prompted.
6. Log on to your computer with Administrator privileges.
7. You will see a New Hardware Found message, and NT will prompt you to install drivers for several functions on your card.
For Sound Blaster 16 PnP and Creative Advanced Wave Effects Synthesis for AWE 32
7a. Choose Driver from disk provided by hardware manufacturer.
7b. Enter the path where NT can find sbpnp.inf.
7c. Select OK on the Select Device screen.
7d. Select Manual Configuration.
7e. If NT lists any conflicting devices at the bottom of the screen, you need to resolve them first by selecting basic configuration 0001 and highlighting the offending setting in the Resource Settings window. Click Change Setting, and select a setting that does not conflict with another device. Select OK when you finish resolving the conflict, and repeat this process for any other settings that conflict.
For Game Port
Repeat steps 7a through 7e, but enter the following path name:
\Drvlib\Audio\sbpnp\
For Creative 3D Stereo Enhancement Technology
7a. Choose Windows NT default driver.
For IDE CD-ROM (ATAPI 1.2)/Standard IDE/ESDI Hard Disk Controller
7a. Choose Do not install a driver(Windows NT will not prompt you again).
8. Reboot your machine when NT prompts you.
9. Your Sound Blaster card should work properly. If you need to change the resources that your card is using, open the Multimedia applet in the Control Panel, select the Devices tab, select Properties for the Sound Blaster driver, and click the Settings button. You will see the same resource picking dialog box that you saw when you were installing the device.
I have heard horror stories about security leaks in Windows NT. How serious are these leaks, and how can I avoid them?
The Internet is loaded with applications to compromise NT's security. Table 2 presents a partial listing of where to find such applications. Microsoft has prepared a response to the security vulnerabilities in NT, which you can read at http://www.microsoft.com/ntserver/info/eetimes.htm.
Security Pack 3 (SP3) has fixes for most NT hacks (for information on SP3's security fixes, see
Mark Joseph Edwards, "Service Pack 3 or Security Pack 3?" page 113). Another way to maintain your
security is by running passprop.exe, a new utility in the Windows NT Server 4.0 or Windows NT
Workstation 4.0 Resource Kits. This application either displays or modifies domain policies for
password complexity and Administrator lockout. You can set the following switches for this
application:
PASSPROP \[/complex\] \[/simple\] \[/adminlockout\] \[/noadminlockout\]
| /complex | Forces you to enter passwords that are complex (i.e., requiring passwords to be a mix of upper- and lowercase letters and numbers or symbols) |
| /simple | Lets you enter simple passwords |
| /adminlockout | Lets you lock out the Administrator account (the Administrator account can still log on interactively on domain controllers) |
| /noadminlockout | Doesn't let you lock out the Administrator account |
So why would you want to lock out the Administrator account? The main reason is to restrict hackers from using Administrator account backdoors to break into your NT system. If you lock out the Administrator account, you can use it only to log on interactively on domain controllers--network logons and logons to non-domain controllers will fail. This solution can help you avoid hackers, but can make administering your network somewhat cumbersome. For more information on NT security concerns, see Mark Minasi, "NT Security Scares?" June 1997, and John Meixner, "Foil Attacks on Your Registry," June 1997.
I can't get uptomp.exe (the Uni to Multiprocessor utility the comes with the Microsoft Windows NT 4.0 Resource Kit) to work. This problem is driving me nuts because of the cost of my second processor, which is just sitting there. What do I need to do?
Uptomp.exe does not copy the win32k.sys file. You can resolve this situation in two ways:
1. Obtain the update to uptomp.inf from Microsoft's ftp site at ftp://ftp.microsoft.com/bussys/winnt/winnt-public/reskit/nt40.
2. Manually edit the uptomp.inf file. Start by opening \reskit\uptomp.inf with Notepad or the editor of your choice. Add the following text directly below the line beginning with Winsrv.dll:
win32k.sys = 0, 2, win32k.sys
(Note: You must enter this new line above the black box that represents the end-of-file marker for this file.) Save the file. The next time you run uptomp.exe, it should run correctly.
