Ask Dr. Bob - 20 Nov 2000

I need to delete a large number of files and directories. However, the Recycle Bin makes such a deletion cumbersome. Can I disable the Recycle Bin?

I can think of three ways to solve your problem. First, you can select the files and directories that you want to delete and simply press Shift+Del to delete the files. Second, you can open a command prompt window and use the Del command (and the filenames) to delete the files. Third, you can delete the files from a different computer. (Deleting across a network results in a permanent loss of the files.)

I have several Linux clients that need to exchange data with a Windows NT Server machine. How can I easily swap files between NT and Linux?

The simplest answer is to set up your Web server and FTP server on the NT Server system. This configuration will let your Linux clients add and—in the case of FTP—retrieve files from the NT Server machine.

Alternatively, you can install Samba on the Linux clients. Samba, a freeware utility that ships with Red Hat Linux, will let you view the Linux machine on the network and move files between NT and Linux.

Finally, you can install NFS on the NT Server system. The NFS server will let you share NT volumes and make them mountable under Linux—the UNIX equivalent of drive mapping. You'll find NFS support in Microsoft's Services for UNIX (SFU). I've also used Hummingbird's NFS Maestro Server a few times and had good results. NetManage offers InterDrive Server for Win NT, which also lets you create NFS-mountable volumes. Both Hummingbird and NetManage offer products that ease the integration of NT and UNIX.

I'm trying to use Microsoft Dfs for Windows NT 4.0 to ease network navigation across my company's WAN. However, I can't find a way to add directory pointers to other directories within the same Dfs root. For example, my Dfs root is called SJ. If I have a directory called Joe somewhere else within the same Dfs root, I can't create a Dfs directory called \machinename\SJ\user\joe. Has Microsoft removed this limitation from Dfs for Windows 2000? Can Dfs for NT 4.0 work with Dfs for Win2K?

Dfs won't let you create a Dfs directory that points to another directory under the same shared directory. Consider the Dfs root a shared directory. Although this limitation is inconvenient, you can work around it by creating a new share for the directory, then linking to directories in the new share. In other words, give the Dfs root share (e.g., SJ) an additional share name. Use a name that users will know not to connect to, such as noconnect. Dfs for Win2K contains the same limitation. Dfs for Win2K is compatible with Dfs for NT 4.0.

My company is looking for an interoffice and remote-employee VPN solution. Do you have any recommendations?

These days, the market is flooded with VPN solutions. You'll find products that use everything from PPTP and Layer 2 Tunneling Protocol (L2TP) to IP Security (IPSec) and proprietary protocols. You'll find products from proven market leaders such as Cisco Systems and Lucent Technologies, and you'll find products from up-and-comers such as RapidStream and Watchguard Technologies. Regardless of the vendor you choose, I recommend you choose a solution based on IPSec, the industry standard for encryption.

My VPN is based on a Cisco Secure PIX firewall. I've used various solutions from Cisco and competing companies to connect PIX to remote offices. I've found that you should try to stick with one vendor for your central and satellite offices' VPN solution. Although different vendors might base their solutions on IPSec 56-bit or 168-bit encryption, not all products work well with other vendors' products.

When you look at VPN solutions, consider which encryption level you want to implement. IPSec offers 56-bit and 168-bit encryption. Obviously, 168-bit encryption is more secure than 56-bit encryption, but depending on the VPN device, this degree of security might negatively affect your systems' performance.

You also need to consider whether you want to use public or private keys. Typically, public and private keys are the authentication models that VPN solutions use. Public keys are easier to use and less expensive than private keys, but private keys are more secure. If you choose public keys, most solutions let you choose an access code. You simply share this key across each VPN device. For private-key authentication, you need to obtain a key from a key authority such as VeriSign.

For your remote and traveling employees, you can use the same VPN products that you use for interoffice connectivity, or you can dedicate a device to remote employees. Many vendors ship IPSec clients with their VPN solutions. Others provide interoperability with third-party VPN software, such as IRE's and PGP's VPN solutions.

I'm running Windows NT 4.0 on my notebook. Because NT enables Num Lock by default, I type my password incorrectly every time I log on. How can I change this setting?

Changing the default Num Lock behavior requires a registry change. Go to the HKEY_USERS\.DEFAULT\Control Panel\Keyboard registry subkey, and find the InitialKeyboardIndicators subkey, of type REG_SZ with a default value of 0. This value, which Figure 1 shows, enables Num Lock during logon. Changing the value to 1 disables Num Lock. Changing the value to 2 disables Num Lock during logon, then reenables it after logon.

I recently purchased a Maxtor MaxAttach Network Attached Storage (NAS) device that has 240GB of disk space. I can configure the device only for RAID 1 and can set only share-level permissions. Can I use this device to share files between Windows NT and Sun Solaris?

Many low-cost NAS devices are limited in performance and function. They provide an inexpensive means of storing data on the LAN, but they simply can't compete with a quick NT server or some of the more expensive NAS servers.

Unfortunately, the MaxAttach series lets you configure the device only for RAID 1—a configuration that would reduce your usable disk space to about 120MB. Also, like many other NAS servers in its class (e.g., the Quantum Snap Server 4000), the MaxAttach lets you set only share-level—not file-level—permissions.

Regarding your desire to share files between Microsoft and UNIX machines, the MaxAttach device's capabilities are quite limited. Unlike the Snap Server 4000, the MaxAttach lets you configure a share as NFS or as SMP (i.e., Microsoft-compatible)—not both. Your only option is to enable FTP as a means of sharing files between OSs. If this file-sharing feature is essential, you'll need to look for another product.

I can't get VERITAS Backup Exec 8.0 to connect properly to my Microsoft Exchange Server mailboxes. I can connect to the Information Store (IS), but when I attempt to connect to the mailboxes, Backup Exec won't authenticate the backup. Do you know what is causing this obstruction? On a related topic, a mailbox backup on a Backup Exec 7.3 server is much more time-consuming than a backup of the IS. Has VERITAS fixed this problem in Backup Exec 8.0?

Regarding your first question, I remember experiencing a similar problem with mailbox-backup authentication when I first set up Backup Exec 8.0. To back up individual users' email, Backup Exec needs a mailbox to connect to. This mailbox must have a unique name and alias. You need to make sure that the mailbox name doesn't contain a partial heading from another email account. If you have two Backup Exec servers, be sure to give each one a unique email account—they can't share the same account.

Alternatively, a file called bewinui.uni might be causing this problem. Bewinui.uni maintains a user list for various Backup Exec functions. One of these functions involves the user account that Backup Exec uses to access Exchange Server mailbox accounts. Try renaming this file bewinui.old, then attempt to reconnect to the Exchange Server mailboxes through Backup Exec. This solution worked for me when I experienced the problem under Windows 2000 and Windows NT.

A mailbox-level backup is time-consuming because of the way Backup Exec backs up mailboxes. Backup Exec uses a Messaging API (MAPI) connection to copy the contents of each mailbox to the unique mailbox you created for Backup Exec, then backs up the unique mailbox. This two-tier procedure can add a lot of time to the backup process. Backup Exec 8.0 retains this procedure.

Corrections to this Article:
  • In Tricks & Traps: "Ask Dr. Bob" (December 2000), the question regarding the Maxtor MaxAttach Network Attached Storage (NAS) device incorrectly stated that "the MaxAttach lets you configure a share as NFS or as SMB (i.e., Microsoft-compatible)--not both." The text should have read "the MaxAttach lets you configure a share as NFS or as SMP (i.e., Microsoft-compatible)--not both." We apologize for any inconvenience this error might have caused.
Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.