WNT: The True Story of Windows NT. What are the versions of the Windows operating system Is windows nt

Windows NT is not a further development of pre-existing products. Its architecture was created from scratch, taking into account the requirements for a modern operating system. The features of a new system based on these requirements are listed below.

In an effort to ensure compatibility (compatible) of the new operating system, the developers of Windows NT kept the familiar Windows interface and implemented support for existing file systems (such as FAT) and various applications (written for MS - Dos, OS / 2 1.x, Windows 3.x and POSIX). The developers have also included various networking tools in Windows NT.

Achieved portability of the system, which can now work on both CISC and RISC - processors. CISC includes Intel - compatible processors 80386 and higher; RISC is represented by systems with MIPS R4000, Digital Alpha AXP and Pentium P54 series and higher processors ...

Scalability means that Windows NT is not tied to a single-processor architecture of computers, but is able to take full advantage of the capabilities provided by symmetric multiprocessor systems. Windows NT can now run on computers with 1 to 32 processors. In addition, as users' tasks become more complex and their computing requirements expand, Windows NT makes it easy to

add more powerful and efficient servers and workstations to the corporate network. Additional advantages are provided by the use of a single development environment for both servers and workstations.

Windows NT has a uniform security system that meets US government specifications and complies with the B2 security standard. In a corporate environment, critical applications are provided with a completely isolated environment.

Distributed processing means that Windows NT has networking capabilities built into the system. Windows NT also allows communication with different types of host computers by supporting a variety of transport protocols and using high-level client / server facilities, including named pipes, remote procedure calls (RPCs), and Windows sockets.

Reliability and robustness provide architectural features that protect applications from damage to each other and the operating system. Windows NT uses fault-tolerant structured exception handling at all architectural levels, which includes recoverable NTFS and provides protection with built-in security and advanced memory management techniques.

Localization capabilities (allocation) represent the means for working in many countries of the world in national languages, which is achieved by using the ISO Unicod standard (developed by the international organization for standardization).

Windows NT concepts

The Windows NT operating system is available in two flavors: Windows NT Server and Windows NT Workstation. Windows NT Server 4.0 is a network operating system with Internet applications, file and print services, remote access, built-in router, file indexing, and network management. The second variant of Windows NT - Windows NT Workstation 4.0 resembles NT Server in many ways, but it is optimized as an operating system for a workstation. In terms of architecture and capabilities, Windows NT Server is a superset of Windows NT Workstation and includes all the capabilities of the latter. Further, in cases where it is not indicated which OS is meant, the comments refer to both.

The origins of Windows NT

The beginning of work on the creation of Windows NT falls on the end of the 88th year. Microsoft has commissioned David Cutler to lead a new software project: the development of New Technology (NT) OS. David Cutler was the main consultant of DEC, he worked in this firm for 17 years, developing OS and compilers: VAX / VMS, OS for MicroVAX I, OS RSX-11M, VAX PL / 1 compilers, VAX C.

Windows NT initially developed as a lightweight version of OS / 2 (OS / 2 Lite) that could run on less powerful machines by stripping some of its functionality. Over time, however, after seeing how well Windows 3.0 was accepted by consumers, Microsoft refocused itself and began developing an improved version of Windows 3.1. Microsoft's new strategy was to create a single family of Windows-based operating systems that spanned many types of computers, from the smallest notebooks to the largest multiprocessor workstations.

Windows NT, as the next generation of Windows systems was named, ranks at the highest level in the hierarchy of the Windows family. This operating system, originally supporting the familiar graphical user interface (GUI) of the Windows user, was the first fully 32-bit operating system from Microsoft. The Win32 API, a programming interface for developing new applications, made available to applications improved OS features, such as multi-threaded processes, synchronization, security, I / O, object management.

The conceptual advantages of Windows NT over the MS-DOS / Windows 3.1 pair were obvious. Its 32-bit base, along with true multitasking and multi-threading, greatly increased the system's potential.

The first operating systems of the NT family, Windows NT 3.1 and Windows NT Advanced Server 3.1, appeared in July 1993. The codename for the next version of Windows NT 3.5 - Daytona - coinciding with the name of the Florida expressway, may indicate that its main advantage is speed. Indeed, the performance of version 3.5 increased 1.5 times compared to version 3.1, and after its release, many corporate users who rejected version 3.1 for one reason or another, reconsidered their attitude towards the NT line: in 1995, the share of Windows NT in their the market sector has doubled and amounted to 15%.

Features of Windows NT 4.0

In August 1996, the next version of Windows NT 4.0 was released. Initially, this next version of Windows NT was supposed to be numbered 3.52, but it was numbered 4.0, which was previously mentioned in the computer press in connection with another upcoming version of Windows NT, codenamed Cairo. Perhaps this suggests that this latest version (Windows NT 4.0) has so many important new features that require more meaningful encoding changes. The innovations introduced in Windows NT Server 4.0 are mainly related to improved user interface, increased Internet support, new and modernized administration tools, and improved system performance.

There are many significant changes introduced in Windows NT 4.0, of which the following are the most significant:

implementation of the interface in the style of Windows 95;

orientation towards the Internet and intranet;

architectural changes that dramatically improve the performance of graphics operations;

Modified NetWare Interaction - Gateway and NCP Client now support NDS;

support for multi-protocol routing;

the appearance in Windows NT 4.0 of the emulator of Intel "ovsky processors for RISC platforms.

There are also other improvements in version 4.0. For example, Windows NT Server 4.0 significantly improves scalability over Windows NT Server 3.51, which allows for significantly better performance on computers with 4 processors, and also provides linear performance gains on machines with eight or more processors.

The performance of Windows NT Server 4.0 when working as a file server also increased significantly and exceeded the performance of Windows NT Server 3.51, according to some reports, by more than 2 times.

The new Windows NT administrative tools can be run remotely on Windows 95 clients. In addition, Windows NT Server provides a remote boot service for Windows 95 clients. (This is useful for diskless workstations.)

Windows NT 4.0 introduces a new Windows 95-style graphical user interface. While some users may not always like this change, Microsoft is restoring the "one interface for all platforms" concept that was originally considered one of the strengths of Windows NT. On a network with client stations running Windows 95 or Windows NT (or a mixed network that includes such stations), Windows NT Server administrators can perform their functions using the same interface as workstation users.

Aside from the outside changes, the redesign of the GUI hasn't had a huge impact on the way the network is managed. The basic Windows NT Server administrator tools remain the same. User Manager for Domains, Server Manager, Disk Administrator, Event Viewer, Performance Monitor, DHCP Manager, WINS Manager, Network Client Administrator, License Manager, and Migration Tool for NetWare have not changed significantly. The Remote Access Administrator hasn't changed either, but it has now been moved from a separate folder under the Administrative Tools menu. The new System Policy Editor, which is compatible with both Windows NT and Windows 95, replaces the User Profile Editor familiar from Windows NT Server 3.x. Version 4.0 includes four additions: Administrative Wizards, the aforementioned System Policy Editor, and the advanced Windows NT Diagnostics and Network Monitor (a network monitoring program previously available only with Microsoft Systems Management Server).

Administrative Wizards wizards allow you to easily, step by step, perform actions such as creating user accounts, managing their groups, controlling access to files and directories, installing a new printer, installing and uninstalling programs, connecting a modem, preparing packages for installation floppies for new customers and monitoring compliance with license agreements for installed programs. All of this will be useful for those administrators who find that, despite the presence of a graphical interface, the management tools of Windows NT are still complex.

Windows NT 4.0 has several useful system monitoring components borrowed from Microsoft's Systems Management Server. The main application is the Performance Monitor tool, which graphically monitors selected system events. In particular, Performance Monitor can be used to obtain diagrams of CPU utilization, total I / O of network cards and the number of bytes transferred over HTTP.

Another application, Monitor Tool, is also capable of capturing and monitoring network traffic in and out of an NT computer. The monitoring scenario (for example, the description of which frames of which protocols need to be tracked, which traffic characteristics to measure, from which workstations or users) can be saved and reused, if necessary.

The set of wizards is still far from being fully functional. For example, there is no program in it that would move the user's budget from one domain to another, that is, it would perform the procedures associated with the need to delete one account and create another.

Other innovations in Windows NT Server 4.0 are mainly related to the Internet and intranet. An important place among them is occupied by the following included in the delivery set, software components:

Internet Information Server (IIS) version 2.0 is a Microsoft product that provides Web-, ftp- and gopher-server services, the capabilities of Internet Information Server are comparable, and in a number of tests are superior to the similar popular Server Netscape product. Microsoft Internet Information Server 2.0, the fastest Web server for Windows NT Server - 40 percent faster than its 1.0 predecessor;

Distributed Component Object Model (DCOM), which provides secure communication between components over the Internet;

DNS / WINS Server, which makes it easy to find the desired Web sites on the Internet or intranet networks;

PPTP technology (point-to-point tunneling protocol), which extends the functionality of the Windows NT Server Remote Access Server (RAS) and provides the ability to create private networks on the Internet;

FrontPage, which lets you create Web pages from a variety of templates, validate links, and overall manage the Web sites you create;

index server Microsoft Search Server, which allows you to easily find information on distributed servers intranet-network within any documents, including those created in Microsoft Office.

Two features of the new system designed to work on the Internet are of particular interest to administrators. The first is the DNS name service. It allows the use of DNS names, but only supports static addressing. To address this limitation, Microsoft is offering DNS and WINS integration, calling this combination "true dynamic DNS." Now, when the WINS client needs to determine the IP address corresponding to the symbolic NetBIOS name, it first accesses the WINS database and then the DNS itself. Thus, both dynamically resolved WINS names and static DNS names can be used as equals in the system.

In addition, Windows NT 4.0 includes a Web-based administration utility that allows you to access Windows NT administration tools from any Web browser. For security reasons, remote administration should use Web browsers that can log the user directly to the Windows NT server (that is, such as Internet Explorer) or support SSL.

One of the improvements is that the growing role of the Internet and client / server systems is driving an increase in the number of mobile users. Microsoft has therefore improved RAS (improved ISDN support) and provided the means to secure RAS over the Internet. PPTP (creates encrypted traffic over the Internet) and Multilink PPP (allows you to combine multiple channels into one) Clients can be Windows NT 4.0 Workstation or Windows 95.

The Distributed Component Object Model is another key addition to Windows NT Server 4.0. The Object Composition Model (COM) allows software developers to create applications that are made up of discrete components. The Distributed Model (DCOM) in Windows NT Server 4.0 extends COM to allow individual components to communicate over the Internet. DCOM is a growing Internet standard published in the format defined in RFC 1543.

When developing Windows NT 4.0, Microsoft chose to sacrifice stability for performance. To this end, changes were made to the architecture: the window manager and GDI libraries, as well as the graphics adapter drivers, were moved from user mode to kernel mode. This change represents a departure from the microkernel concept in previous versions of Windows NT 3.x.

Moving the graphics library and drivers to the kernel area improves the speed of graphics I / O. These changes have a particular impact on the speed of execution of Win32 applications, while Windows-16 applications and graphical DOS applications work in much the same way as in version 3.5.

At the same time, the described changes make the operating system less reliable in principle. Indeed, since the software for graphics cards is usually developed by the manufacturers of this hardware, and this software changes frequently (along with the hardware), it is difficult to expect from it the reliability that is required for the operating system modules.

New features in Windows NT 5.0

Windows NT 5.0, an improved version of Windows NT, is expected in late 1997. It will not only be fully 32-bit, but also fully object-oriented. Windows NT 5.0 is based on an object-oriented file system implemented on the basis of the OLE 2.0 standard, which allows you to store objects rather than files. An object-oriented approach allows you to cost-effectively ensure the correctness of multiple copies of data, such as documents, spreadsheets, applications, and other types of information stored on different machines on the network.

Windows NT 5.0 promises a lot, and the innovations will primarily affect the following subsystems:

Active Directory is a global reference service that develops a 2-tier approach to DNS name resolution. Active Directory contains information not only about files, but also about objects of other types, for example:

Computer name, IP address, Username, password, mailing address, Application name, computer, version, access rights.

Distributed File System (Dfs) is a distributed file system (freely available at www.microsoft.com). The directories of this file system, located on different servers, are mounted in a common tree starting on the root server with the root share name. Different subtrees of the same share can consist of not only Microsoft file systems, but also Novell NCP and Sun NFS. Certain branches of the distributed file system can be transparently replicated at the request of the administrator.

Distributed Component Object Model (DCOM) - software objects (ActiveX or others) can be distributed across network servers and called by applications from any computer. Information about the location of objects is registered in Active Directory.

Security features: Windows NT 5.0 will use Kerberos or electronic signature to verify document access rights, and encrypted document transmission over the network.

Hardware Requirements

Opinions vary as to whether Windows NT's hardware requirements are high. Some people think that they are too high, and some consider these requirements to be quite acceptable. It all depends on what tools or what kind of computer equipment is at the disposal of a potential Windows NT consumer, and what tasks it faces.

To run Windows NT Workstation 4.0, the computer must have a minimum i486 processor (Microsoft has dropped any support for i386 processors in this version of the system), at least 12 MB of RAM, and 108 MB of disk space. And although this OS is quite functional on computers with less than 16 MB of RAM, it is recommended to install it if you have RAM, the capacity of which is twice the allowed minimum, that is, it is 24 MB, and the free disk space is at least 216 MB. You can run Windows NT Workstation 4.0 on a system with fewer resources, but then the user is unlikely to be satisfied with its performance.

For Windows NT Server 4.0, Microsoft specifies the following hardware requirements: i486 processor or higher, 16 MB RAM, and 148 MB or more contiguous free disk space. To get acquainted with the functionality of the system, this may be sufficient, but for "industrial" use these minimum requirements are clearly not enough. A server with a low to moderate load (determined by the number of users served) requires 32 MB of RAM and a hard disk with a capacity of at least 1 GB.

For a complete list of hardware tested for compatibility with Windows NT, see the documentation for the system and on the server. www.microsoft.com.

Areas of use for Windows NT

With its high performance, stability, advanced security tools, and having a wide range of basic system functions in its arsenal, Windows NT Server can find applications in various areas, and, above all, it can be used as a server in a corporate network. This is where its ability to act as a domain controller is very useful, which allows you to structure the network and thereby simplify administration and management tasks. It is also used as a file server, print server, application server, remote access server, and communication server (software router).

Clients on a Windows NT Server network can be computers with different operating systems installed on them. Supported as standard: Windows NT Workstation, MS-DOS, OS / 2, Windows for Workgroups, Windows 95, UNIX clones, Macintosh. Basic clients are included as standard with Windows NT Server.

Windows NT Server is a powerful platform for complex network applications, especially those built using client-server technology. Combined with BackOffice servers, it can meet a very wide range of corporate user needs. For example, Windows NT Server can run Microsoft's SQL Server database server, as well as other well-known database servers such as Oracle and Sybase database servers, Adabas and InterBase.

The powerful Microsoft System Management Server administration system can be installed on the Windows NT Server platform, the functions of which are inventory of the hardware and software configuration of network computers, automatic installation of software products on workstations, remote control of any computer and network monitoring.

Windows NT Server can be used as a communications server with IBM mainframes and IBM AS400 systems. For this purpose, a special product Microsoft SNA Server has been created, which allows you to easily combine IBM PC-compatible workstations and powerful mainframes in one network. SNA Sever is a gateway that allows workstation access to both LAN servers and mainframes without the need for two network cards or multiple network protocol stacks. This leads to lower hardware costs and less RAM required. By providing transparent access to mainframes, SNA Server integrates with NT Server security to provide authorization for host access. SNA Server can work with any of the protocols supported by NT Server: IPX / SPX, TCP / IP, or NetBEUI.

Windows NT Server is the platform for Microsoft Exchange, a new high-performance collaboration suite built on top of a mail server.

Finally, the latest version of Windows NT 4.0 provides a robust platform for Internet-facing applications: Web servers, Web browsers, information retrieval systems, and Internet e-commerce systems.

The Windows NT Workstation operating system is positioned primarily as a client in Windows NT Server networks, as well as in NetWare, Unix, Vines networks. On NetWare networks, Windows NT workstations fill a notorious gap - the lack of a good application server. A computer with Windows NT installed on it can be a workstation in peer-to-peer networks, performing simultaneously the functions of both a client and a server. Windows NT Workstation can be used as an OS for a stand-alone computer when increased performance or security is required, as well as when implementing complex graphical applications, for example, in computer-aided design systems.

Development history

The development of Windows NT, tentatively titled "NT OS / 2", was started in November 1988 by a team led by David Cutler. Dave cutler ), who moved to Microsoft from DEC, where they developed VAX and VMS. The work proceeded in parallel with the development by IBM of its own operating system, OS / 2 2.0, which was finally released only in April 1992. At the same time, Microsoft continued to develop its operating systems of the DOS and Windows families, which are less demanding on computer resources than IBM OS / 2. After Windows 3.0 was released in May 1990, Microsoft decided to add a Windows API-compatible programming interface (API) to NT OS / 2. This decision caused serious tensions between Microsoft and IBM, which ended in a breakdown in collaboration. IBM continued to develop OS / 2 on its own, and Microsoft began working on a system that was eventually released under the name Windows NT. Although this system did not immediately become popular, like DOS, Windows 3.x or Windows 9.x, from a marketing point of view, Windows NT has proved to be significantly more successful than OS / 2.

It should be noted that OS / 2 and then POSIX APIs were originally planned as NT APIs; Windows API support was added last. In addition, Intel i860 and then MIPS were initially planned as the hardware platform for NT, support for Intel x86 was also added later. Then, in the process of evolution of this OS, support for both originally planned software interfaces and both originally planned hardware platforms disappeared. There was not even a single release version of this OS for the i860, although precisely from the code name of this processor, N10(N Ten), comes the name of the NT OS itself. Microsoft now decodes NT as New Technology... And as an alternative to the POSIX subsystem, Microsoft began to offer the Microsoft Windows Services for UNIX package.

To develop the NT operating system, Microsoft invited a group of specialists from DEC, led by David Cutler ( English) with experience in building multitasking operating systems such as VAX / VMS and RSX-11. Some similarities noted between the internal architectures of Windows NT and the VMS family of operating systems gave reason to accuse the newly hired Microsoft employees of stealing DEC intellectual property. The resulting conflict was resolved peacefully: DEC recognized Microsoft's ownership of the technologies underlying Windows NT, and Microsoft created and maintained a version of Windows NT for the DEC Alpha architecture.

Despite the common roots, the compatibility of Windows NT and OS / 2 has diminished with each new release of the OS. OS / 2 API 2.0 support, although planned for NT, was never completed; Windows NT 4.0 removed support for the HPFS file system, and Windows XP removed the software support subsystem for OS / 2 1.x.

Versions

Internal architecture

Kernel components

Custom Mode Components

The user interface subsystem in Windows NT implements a windowed interface similar to that of previous versions of Windows. Two types of objects of this subsystem that were absent in 16-bit versions of Windows and in Windows 9x are window stations and work tables... A window station corresponds to one Windows NT user session - for example, a new window station is created when connecting via Remote Desktop. Each running process belongs to one of the window stations; services, other than those marked as capable of interacting with the desktop, run in separate, invisible window stations.

Each window station has its own clipboard, a set of global atoms (used for DDE operations), and a set of desktops. The desktop is the context for all global user interface subsystem operations such as setting hooks and broadcasting messages. Each running thread belongs to one of the desktops - the one where the windows it serves are located; in particular, a single thread cannot create multiple windows belonging to different desktops. One of the desktops can be active (visible to the user and able to respond to his actions), the rest of the desktops are hidden. The ability to create multiple desktops for a single session and switch between them has not yet been provided by standard Windows user interface tools, although there are third-party programs that provide access to this functionality.

Window stations and desktops exhaust the Windows NT user interface subsystem objects that can be assigned access rights. The remaining object types are - window and menu- provide full access to any process that is with them in the same window station. Therefore, Windows NT services run in separate window stations by default: they run with elevated privileges, and the ability of user processes to manipulate service windows indefinitely could lead to crashes and / or security problems.

Programming interfaces

Native API

For applications, Windows NT provides several sets of APIs. The main one is the so-called "native" API ( NT Native API), implemented in the dynamic link library ntdll.dll and consisting of two parts: system calls of the NT kernel (functions with the prefixes Nt and Zw that transfer execution to the kernel functions ntoskrnl.exe with the same names) and functions implemented in user mode (with the prefix Rtl). Some of the functions of the second group use system calls internally; the rest consist entirely of unprivileged code, and can be called not only from user-mode code, but also from drivers. In addition to the Native API functions, ntdll also includes the functions of the C Standard Library.

Although the official documentation for the Native API is sparse, the community of enthusiasts has managed to collect a lot of information about this interface through trial and error. In particular, in February 2000, Gary Nebbet's book “ Windows NT / 2000 Basic API Function Reference"(ISBN 1-57870-199-6); in 2002 it was translated into Russian (ISBN 5-8459-0238-X). A source of information about the Native API can be the Windows DDK, which describes some of the kernel functions available through the Native API, as well as examining the Windows code (reverse engineering) - by disassembling, using the Windows 2000 source code that became available as a result of a leak, or using the source Windows 2003 texts available through the Windows Research Kernel program.

Programs that run before the subsystems that run other Windows NT APIs are loaded are limited to using the Native API. For example, the autochk program, which checks disks when the OS boots after an abnormal shutdown, uses only the Native API.

Win32 API

The most common application for Windows NT uses the Win32 API, an interface based on the Windows 3.1 API that allows you to recompile existing programs for 16-bit versions of Windows with minimal changes to the source code. The compatibility of the Win32 API and the 16-bit Windows API is so great that 32-bit and 16-bit applications can freely exchange messages, work with each other's windows, etc. In addition to supporting the functions of the existing Windows API, a number of new features, including support for console programs, multithreading, and synchronization objects such as mutexes and semaphores. Win32 API documentation is included with the Microsoft Platform SDK and is available on the website.

The Win32 API support libraries are mostly named the same as the Windows 3.x system libraries, with the addition of the 32 suffix: these are kernel32, advapi32, gdi32, user32, comctl32, comdlg32, shell32, and a number of others. Win32 API functions can either independently implement the required functionality in user mode, or call the Native API functions described above, or access the csrss subsystem through the LPC mechanism ( English), or make a system call to the win32k library, which implements the kernel-mode support necessary for the Win32 API. The four listed options can also be combined in any combination: for example, the Win32 API WriteFile function calls the Native API NtWriteFile function to write to a disk file, and calls the corresponding csrss function to output to the console.

Win32 API support is included in the Windows 9x family; it can also be added to Windows 3.1x by installing the Win32s package. To facilitate porting existing Windows applications that use MBCS encoding to represent strings, all Win32 API functions that accept strings as parameters have been created in two versions: functions with the A ( ANSI) accept MBCS strings, and functions with the suffix W ( wide) accept strings encoded in UTF-16. In Win32s and Windows 9x, only A functions are supported, whereas in Windows NT, where all strings inside the OS are stored exclusively in UTF-16, each A function simply converts its string parameters to Unicode and calls the W version of the same function. The supplied H-files of the library also define the names of the functions without the suffix, and the use of the A- or W-version of the functions is determined by the compilation options, and in Delphi modules before the 2010 version, for example, they are rigidly tied to the variants with the suffix A. It is important to note that that most of the new features introduced in Windows 2000 or later Windows NT operating systems exist only in the Unicode version, because the task of ensuring compatibility with old programs and with Windows 9x is no longer as pressing as it used to be.

POSIX and OS / 2

The first release of Windows NT 4 supported four platforms (x86, Alpha, MIPS, and PowerPC), but support for less common platforms declined as service packs were released: MIPS support was removed from SP1, and PowerPC support was removed from SP3. Recent releases of Windows NT 4 only supported x86 and Alpha; although support for Alpha was planned for Windows 2000, it was dropped from RC2. As a result, x86 is the only platform supported on Windows 2000.

64-bit processor support was first introduced in Windows XP for IA-64, the Intel Itanium processor architecture. On the basis of the 64-bit version of Windows XP, 64-bit server versions of Windows 2000 were also created; later, Itanium support was added to some versions of Windows Server 2003. The second 64-bit architecture supported in the Windows NT family was AMD's x86-64 architecture, which was later implemented in Intel processors under the name EM64T. Windows Server 2003 SP1 x64 and Windows XP Professional x64 were released concurrently, both server and desktop versions of the same version of Windows — specifically, the same updates apply to these editions. Since 2005, Microsoft has decided to end support for IA-64 .; The latest version of Windows NT to fully support Itanium is Windows NT 5.2 (XP Professional 64-bit Edition and Server 2003). However, for more expensive (and, accordingly, more difficult to upgrade) servers, special versions of Windows Server 2008 and Windows Server 2008 R2 were released, and Windows Server 2012 did not receive IA-64 support.

Notes (edit)

see also

• ReactOS is an open source operating system compatible with Windows NT applications and drivers.

In late 1988, Microsoft commissioned David Cutler to lead a new software project: Microsoft's new operating system for the 1990s. He assembled a team of engineers to develop a New Technology (NT) system.

The original plan was to develop NT with OS / 2-style user and programming (API) interfaces, but OS / 2 sold poorly, and Windows 3.0 had great and consistent success in the marketplace. After seeing the market benchmarks and the complexities of developing and maintaining two incompatible systems, Microsoft decided to change its course and direct its engineers towards a strategy of one cohesive operating system. This strategy was to develop a family of Windows-based operating systems that spanned many types of computers, from the smallest notebooks to the largest multiprocessor workstations. So, the next generation of Windows systems was called Windows NT.

Windows NT supports the Windows graphical interface (GUI), and is also the first Windows-based operating system from Microsoft to support the Win32 API, a 32-bit programming interface for developing new applications. The Win32 API makes the advanced features of the operating system available to applications, such as multi-threaded processes, synchronization, security, I / O, object management.

In July 1993, the first operating systems of the NT family appeared - Windows NT 3.1 and Windows NT Advanced Server 3.1.

Versions

• Windows NT 3.1 (July 27, 1993)
• Windows NT 3.5 (September 21, 1994)
• Windows NT 3.51 (May 30, 1995)
• Windows NT 4.0 (24 Aug 1996)
• Windows 2000 (February 17, 2000)
• Windows XP (October 25, 2001)
• Windows XP 64-bit Edition (March 28, 2003)
• Windows Server 2003 (April 25, 2003)
• Windows XP Media Center Edition 2003 (December 18, 2003)
• Windows XP Media Center Edition 2005 (October 12, 2004)
• Windows XP Professional x64 Edition (April 25, 2005)
• Windows Fundamentals for Legacy PCs (July 8, 2006)
• Windows Vista (November 30, 2006)
• Windows Home Server (November 7, 2007)
• Windows Server 2008 (February 27, 2008)

Windows NT structure

Structurally, Windows NT can be represented in two parts: a part of the operating system that runs in user mode, and a part of the operating system that runs in kernel mode.

The kernel-mode part of Windows NT is called the executive part. It includes a number of components that manage virtual memory, objects (resources), I / O and the file system (including network drivers), process communication, and partly security. These components interact with each other using intermodular communication. Each component calls the others through a set of well-specified internal procedures.

The second part of Windows NT, operating in user mode, is made up of servers - the so-called protected subsystems. Since subsystems cannot automatically share memory, they communicate with each other by sending messages. Messages can be transmitted both between a client and a server, and between two servers. All messages go through the Windows NT executive. The Windows NT kernel schedules threads of protected subsystems in the same way as threads of regular application processes.

Support for protected subsystems is provided by the executive part. Its constituent parts are:

• Object manager. Creates, deletes, and manages executive objects - abstract data types used to represent system resources.
• Security monitor. Sets up protection rules on the local computer. Protects operating system resources, protects and registers executable objects.
• Process manager. Creates and terminates, suspends and resumes processes and threads, and also stores information about them.

Virtual memory manager.

• I / O subsystem. Includes the following components:
  • an I / O manager that provides device-independent I / O;
  • file systems - NT drivers that execute file-oriented I / O requests and translate them into calls to ordinary devices;
  • network redirector and network server - file system drivers that transmit remote I / O requests to and receive requests from machines on the network;
  • executive device drivers - low-level drivers that directly control the device;
  • cache manager that implements disk caching.

The runtime, in turn, relies on the lower-level services provided by the NT kernel. The kernel functions include:

• process planning,
• handling interrupts and exceptions,
• synchronization of processors for multiprocessor systems,
• system recovery after failures.

The kernel runs in privileged mode and is never removed from memory. The kernel can only be accessed through an interrupt.

Windows NT protected subsystems run in user mode and are created by Windows NT at boot time. Immediately after creation, they begin an endless cycle of their execution, responding to messages coming to them from application processes and other subsystems. Among the protected subsystems, one can distinguish a subclass called environment subsystems. Environment subsystems implement operating system application interfaces (APIs). Other types of subsystems, called integral subsystems, perform tasks required by the operating system. For example, most of the Windows NT security system is implemented as an integral subsystem, network servers are also implemented as an integral subsystem.

The most important subsystem of the environment is Win32, a subsystem that provides access for applications to the 32-bit Windows API. Additionally, this system provides a graphical interface and controls user input / output.

Each protected subsystem runs in user mode, invoking the system service of the executive to perform privileged kernel mode actions. Network servers can run in either user mode or kernel mode, depending on how they are designed.

Subsystems communicate with each other by passing messages. When, for example, a user application calls an API procedure, the environment subsystem that provides this procedure receives the message and executes it either by accessing the kernel or by sending a message to another subsystem. Upon completion of the procedure, the environment subsystem sends a message to the application containing the return value. The sending of messages and other activities of the protected subsystems are invisible to the user.

The primary tool that holds all Windows NT subsystems together is the Local Procedure Call (LPC) mechanism. LPC is an optimized version of a more general tool, remote procedure call (RPC), that is used to communicate between clients and servers located on different machines on a network.

Hello everyone. I will say right away that Windows NT is not really a program, it is a family of Windows from Microsoft. Under the name Windows NT hides the concept of operating systems from Microsoft, not a specific one, but all systems. Windows today is a very popular operating system and it is not more popular. My opinion is that the popularity is primarily due to the fact that there is no worthy alternative and will no longer be - it is foolish to compete with the giant Microsoft now.

But nevertheless, everything is correct - you may actually have something that will have the name Windows NT, because this name appears in many places. I will not give exact examples, I do not remember, but you can find this inscription in your Windows calmly.

If you are faced with the question of uninstalling Windows NT software or not, then my answer is - it is better not to uninstall. For there may be problems later. It is logical if you think about it, it becomes clear that everything where Windows NT is written, then you should uninstall it only when you are sure of it.

Windows NT was developed in the 1990s, after Microsoft stopped working with IBM (oh, they made cool laptops), together these companies developed OS / 2, this was also an operating system that I still did not understand, but it does not matter. In short, then they began to cut Windows and you yourself know what came of it - mega cool Windows, one monopoly, everyone does not like it, but everyone uses

Yes, there is also Linux, but alas, it is for a narrow circle of users - not at all for those who need it simply and beautifully and so that it is not difficult. I personally like Windows, although it didn't please many people, especially Windows 10, but I don't see anything crooked in it ..

Ancient Windows, once upon a time it was a masterpiece and the ultimate dream:

But compare, this is already a seven, well, that is, Windows 7, many are still sitting on it and are not going to climb:

I was a longtime fan of Windows XP, even for a very long time, I sat while I was sitting - Windows 7 was already out, and I was hanging out on XP ... And so I bought new hardware, it was socket 1150, everything is new, but I managed to put Windows XP there and I still sat for about two years. Then Windows 10 came out, and I switched over time to it. The computer works for weeks and all the rules, there are no glitches and blue screens, no errors. Everything works like a clock. However, in XP, this was also almost absent. So I like Windows somehow ..

I wrote a list where exactly you can see something like Windows NT:

1. descriptions of some system files;
2. Windows settings, system settings, Windows NT can be found everywhere;
3. in reference materials for the program or even in the instructions for some equipment;
4. it is unlikely, but it is possible that some kind of virus will mow under Windows NT;
5. in system folders, for example, in C: \ Windows, there is a bunch of junk of every kind, in the description of which you can find Windows NT;

I completely forgot to write, I myself cannot say for sure, but it seems that there is an operating system itself called Windows NT, here is its boot screen.

The Windows NT or New Technology operating system was created by a development team led by Dave Cutler.

Windows NT is a priority multitasking 32-bit operating system. The operating system includes security features and advanced network services as fundamental components. Windows NT also provides compatibility with many other operating systems, file systems, and networks. Windows NT can operate both on computers equipped with CISC processors with a complex instruction set computing and on computers with RISC processors with reduced instruction set computing. The Windows NT operating system also supports high performance multiprocessor systems.

Only the exterior is familiar in Windows NT. There are powerful new features hiding behind the graphical user interface.

Windows Creation TasksNT. Windows NT is not a further development of pre-existing products. Its architecture was re-created taking into account the requirements of a modern operating system. The features of the system developed on the basis of these requirements are as follows.

Seeking to provide compatibility the new operating system, the Windows NT developers retained the familiar Windows interface and implemented support for existing file systems (such as FAT) and various applications (written for MS-DOS, OS / 2 1.x, Windows 3.x and POSIX). The developers have also included various networking tools in Windows NT.

Achieved portability(portability) of a system that can now run on both CISC and RISC processors. CISC includes Intel-compatible 80386 processors and above. RISCs are represented by systems with MIPS R4000, Digital Alpha AXP and Pentium P54 series and higher processors.

Scalability(scalability) means that Windows NT is not tied to a single-processor architecture of computers, but is able to take full advantage of the capabilities provided by symmetric multiprocessor systems. Windows NT can now run on computers with from 1 to 32 processors. In addition, as users' tasks become more complex and the demands on the computer environment expand, Windows NT makes it easy to add more powerful and efficient servers and workstations "corporate networks.

Additional advantages are provided by the use of a single development environment for both servers and workstations.

Windows NT has a homogeneous security system(security) that meets US government specifications and complies with the B2 security standard. In a corporate environment, critical applications are provided with a completely isolated environment.

Distributed processing(distributed processing) means that Windows NT has networking capabilities built into the system. Windows NT also allows communication with different types of host computers by supporting a variety of transport protocols and using high-level client-server facilities, including named pipes, remote procedure calls (RPCs), and Windows sockets.

Reliability and resiliency(reliability and robustness) are provided by architectural features that protect applications from being damaged by each other and the operating system. Windows NT uses fault-tolerant structured exception handling at all architectural levels, which includes recoverable NTFS and provides protection with built-in security and advanced memory management techniques.

Possibilities localization(allocation) represent tools for robots in many countries of the world in national languages, which is achieved by using the Unicod standard (developed by the International Organization for Standardization - ISO).

Thanks to the modular design of the system, extensibility Windows NT, which allows the flexibility to add new modules at different levels of the operating system.

The package includes a number of applications: Internet Information Server 2.0, Index Server, FrontPage, Internet Explorer, Domain Name System (DNS) Server, Proxy Server and Internet Resource Center, all Service Packs, Plus! and a number of additional utilities, among which there are both new ones, such as Administrative Wizards or Imager, and improved versions of old programs, such as Task Manager.

The Administrative Wizard allows you to automate the typical tasks that arise during network management, and the updated versions of Windows NT Diagnostic and Performance Monitor are used for online monitoring of the system state. The Task Manager dialog box has been transformed into a powerful program that provides a wealth of useful information, from CPU utilization to the names of all active system processors.

One of the key components of Windows NT 4.0 is Internet Information Server 2.0. It is a flexible and multifunctional solution both for connecting to the Internet and for creating your own private intranet. The user only needs to configure the parameters of the TCP / IP protocol (if the DHCP service is installed, the IP address is assigned automatically), start IIS and create one or more of his own Web pages. The Web documents are then available to all users on your network who have installed TCP / IP software and a standard World-Wide Web browser.

There have been some changes in the remote access subsystem, Remote Access Service (RAS). Now it is possible to use secure communication channels, the new Point-To-Point Tunneling Protocol (PPTP), the ability to use multiple modems to organize communication channels with remote networks.

Peculiarities of the network architecture of previous versions of Windows NT (multilevel model of protection against unauthorized access, specificity of modular system construction, etc.) limited its bandwidth when working in Fast Internet networks. In version 4.0, the algorithms for caching network requests were improved, the modules of the resource sharing subsystem were optimized, the mechanism for generating interrupts was changed (with the transition to high-speed networks, this function unexpectedly became a source of problems for network operating systems). The second change pointed out by Microsoft is the increased performance of the OS when performing graphics operations.

The combination of a powerful network operating system and a graphical interface designed for the unskilled user is rather unusual. Windows NT 4.0 is not just another version of the popular operating system. It is the foundation for a new generation of Internet-based software products.

Windows NT architectural modules. As shown, Windows NT is a modular (more advanced than monolithic) operating system that consists of separate interconnected relatively simple modules.

The main Windows NT modules are (listed in order from the lowest to the highest architecture level): Hardware Abstraction Layer (HAL), Kernel, Executive, protected subsystems, and environment subsystems).

virtualizes hardware interfaces, thereby ensuring that the rest of the operating system is independent of specific hardware features. This approach allows for easy portability of Windows NT from one hardware platform to another.

Core is the basis of the modular design of the system and coordinates the execution of most of the basic operations of Windows NT. This component has been specially optimized in terms of volume and efficiency. The kernel is responsible for scheduling the execution of threads, synchronizing the work of multiple processors, handling hardware interrupts and exceptions.

Executing system includes a set of kernel mode software constructs that represent the basic operating system service to the subsystems of the environment. The execution system consists of several components,

Rice. 2.32. Modular structure of Windows NT

each is designed to support a specific system service. Thus, one of the components, the Security Reference Monitor, functions in conjunction with the protected subsystems and ensures the implementation of the system's security model.

Environment subsystems are protected user-mode servers that provide execution and support for applications developed for different operating environments (different operating systems) .Examples of environment subsystems are Win32 and OS / 2 subsystems.

Hardware abstraction layer(HAL) is a software layer created by hardware manufacturers that hides (or abstracts) the differences between the hardware and the upper layers of the operating system. Thus, thanks to the filter provided by the HAL, the various hardware looks similar from the point of view of the operating system; eliminates the need for special settings of the operating system for the equipment used.

When creating the level of hardware abstractions, the task was to prepare procedures that would allow a single driver for a specific device to support the functioning of this device for all platforms. HAL is targeted at a wide variety of single-processor hardware platforms; thus, no separate operating system version is required for each of the hardware options.

HALs are referred to as operating system tools (including the kernel) and device drivers. When working with device drivers, the hardware abstraction layer provides support for various I / O technologies (instead of the traditional focus on one hardware implementation or requiring significant adaptation costs for each new hardware platform).

The level of hardware abstraction also allows "hiding" from other levels of the operating system the features of the hardware implementation of symmetric multiprocessor systems.

Core(Kernel) works closely with the hardware abstraction layer. This module is primarily concerned with scheduling processor actions. If the computer contains several processors, the kernel synchronizes their work in order to achieve maximum system performance.

The kernel handles dispatching streams(threads - threads of control, which are sometimes called subtasks, branches), which are the main objects in the planned system. Threads are defined in the context of a process; a process includes an address space, a set of objects accessible to a process, and a set of threads of control executed in the context of the process. Objects are resources managed by the operating system.

The kernel dispatches control threads in such a way as to maximize the load on the system processors and to provide priority processing of threads with a higher priority. There are 32 priority values ​​in total, which are grouped into two classes: real-time and variable. This approach allows you to maximize the efficiency of the operating system.

Subcomponents of the runtime system, such as the I / O manager and the process manager, use the kernel to synchronize activities. They also interact with the kernel for higher levels of abstraction called kernel objects; some of these objects are exported inside custom application programming interface (API) calls.

The kernel manages two types of objects.

Dispatch objects(dispatcher objects) are characterized by a signal state (signaled or nonsignaled) and control the dispatch and synchronization of system operations. These objects include events, mutants, mutexes, semaphores, threads, timers.

Control Objects(control objects) are used for kernel control operations, but do not affect dispatch or synchronization.

Control objects include asynchronous procedure calls, interrupts, notifications and power supply states, processes and profiles (asynhcronous procedure calls, interupts, power notifies, power statuses, processes, profiles).

Executing system(Executive), which includes the HAL core and hardware abstraction layer, provides a common system service that can be used by all subsystems in the environment. Each service group is managed by one of the separate components of the runtime system:

Object Manager;

Virtual Memory Manager

Process Manager

Local Procedure Call Facility;

I / O Manager;

Security Reference Monitor.

The security monitor, together with the Logon processor and protected subsystems, implements Windows NT security model.

The top level of the runtime system is called System Services. Shown in fig. 2.33 system service is the interface between the subsystems of the user mode environment and the privileged mode.

Cache manager. The I / O architecture contains a single Cache Manager that caches the entire I / O system. Caching is a technique used by the file system to increase efficiency.

Figure 2.33. System interface

Instead of directly writing to and reading from disk, frequently used files are temporarily stored in cache memory; thus, the work with these files is done in memory. Operations with data in memory are much faster than operations with data on disk.

The cache manager uses a file display model that is integrated with the Windows NT Virtual Memory Manager. The cache manager provides a caching service for all file systems and network components that are controlled by the I / O manager. The cache manager can dynamically increase or decrease the size of the cache depending on the amount of available RAM. When a process opens a File that was already in the cache, the cache manager simply copies the data from the cache to the virtual address space.

The cache manager supports services such as lazy write and lazy commit, which can dramatically increase the efficiency of the file system. During slow writing, changes are recorded in the file structure cache for faster access. Later, when the CPU load is lowered, the cache manager writes the changes to disk. Slow-motion recording is like slow-motion recording. Instead of immediately marking the transaction as successful, the transferred information is cached and later written in the background to the file system log.

File system drivers. In the Windows NT I / O architecture, file system drivers are controlled by the I / O manager. Windows NT accepts a variety of file systems, including existing FAT file systems. For upward compatibility with MS-DOS, Windows 3.x, and OS / 2, Windows NT supports FAT and HTFS file systems.

In addition, Windows NT also supports NTFS, a new file system designed specifically for use with Windows NT. NTFS provides a number of features including file system recovery, Unicode support, long file names, and support for POSIX.

The Windows NT I / O architecture not only supports traditional file systems, but also enables the network editor and server to function as file system drivers. From the point of view of the I / O manager, there is no difference between working with a file located on a remote computer on the network and working with a file on a local hard disk. Redirectors and servers can be loaded and unloaded dynamically just like any other drivers; a large number of redirectors and servers can be located on one computer at the same time.

Network drivers. The next type of drivers present as components in the I / O architecture are network drivers. Windows NT includes integrated networking and support for distributed applications. Redirectors and servers function as file system drivers and run at or below the vendor interface level where NetBIOS and Windows Socket reside.

Transport drivers communicate with redirectors and servers through a layer called the Transport Driver Interface (TD1). Windows NT includes the following vehicles:

• Transmission Control Protocol / Internet Protocol TCP / IP, which provides the ability to work with a wide range of existing networks;
• NBF is a descendant of the NetBIOS Enhanced User Interface (NetBEUI), which provides compatibility with existing local area networks based on LAN Manager, LAN Server and MS-Net;
• data link control (DLC), which provides an interface for accessing mainframes and networked printers;
• NWLink is an IPX / SPX implementation that provides connectivity to No-well NetWare.

At the bottom of the network architecture is the driver for the network adapter card. Windows NT currently supports NDIS (Network Device Interface Specification) version 3.0 device drivers. NDIS provides a flexible communication environment between transport protocols and network adapters. NDIS 3.0 allows a single computer to have multiple network adapter cards installed on it. In turn, each NIC card can support multiple transport protocols to access different types of NICs.

Windows NT security model- represented by the Security Reference Monitor, as well as two other components: the Logon Process and the secure protected subsystems.

In a multitasking operating system like Windows NT, applications share a number of system resources, including computer memory, input / output devices, files, and system processor (s). Windows NT includes a set of security components that ensure that applications cannot access these resources without proper permission.

The Security Monitor is responsible for enforcing a policy for validating access and control by a specific local security engine. The Security Monitor provides services for verifying access to objects, verifying user privileges, and generating messages for both privileged mode and user mode. The Security Monitor, like other parts of the operating system, runs in privileged mode.

The logon process in Windows NT requires a security logon to authenticate the user. Each user must have a budget and must use a password to access that budget.

Before a user can access any resource on a computer from Windows NT, he must log on through the logon process in order for the security engine to recognize the username and password. Only after successful authentication does the Security Monitor perform an access validation procedure to determine the user's right to access this object.

Resource security is one of the features provided by the security model. Tasks cannot access other people's resources (such as memory) otherwise than through the use of special sharing mechanisms.

Windows NT also provides controls that allow an administrator to record user actions.

Windows NT memory management. Windows NT Workstation 3.51 is essentially a server operating system tailored for use on a workstation. This results in an architecture in which absolute protection of applications and data takes precedence over speed and compatibility considerations. Windows NT is extremely reliable at a high system cost, so a fast CPU and at least 16 MB of RAM are required to get acceptable performance. In Windows NT, low memory security is achieved by eliminating compatibility with real-mode device drivers. Windows NT runs native 32-bit NT applications, as well as most Windows 95 applications. Like Windows 95, Windows NT allows you to run 16-bit Windows and DOS programs in its environment.

The memory allocation scheme of Windows NT is different from the memory allocation of Windows 95. Native applications are allocated 2 GB of special address space, ranging from the 64 KB boundary to 2 GB (the first 64 KB is completely inaccessible). Application programs are isolated from each other, although they can communicate via the Clipboard, DDE and OLE mechanisms.

At the top of each 2GB application block is the code that the application interprets as ring 3 system DLLs. They are actually just call redirection stubs called client-side DLLs. When calling most API functions from an application, client-side DLLs refer to Local Process Communication (LPC) procedures that pass the call and its associated parameters into a completely isolated address space that contains the actual system code. This server process checks the parameter values, executes the requested function, and sends the results back to the application's address space. Although the server process itself remains an application-level process, it is completely shielded and isolated from the caller.

Between the 2GB and 4GB marks are the low-level Windows NT system components in Ring 0, including the kernel, thread scheduler, and virtual memory manager. The system pages in this area have supervisor privileges, which are defined by the physical processor ring circuits. This makes the low-level system code invisible and inaccessible to application-level programs, but it leads to performance degradation during transitions between rings. For 16-bit Windows applications, Windows NT implements Windows on Windows (WOW) sessions. Windows NT allows 16-bit Windows programs to run individually in their own memory spaces or together in a shared address space. In almost all cases, 16- and 32-bit Windows applications are free to interact using OLE (via special thunk routines, if necessary), regardless of whether they are running in separate or shared memory. Native applications and WOW sessions run in preemptive multitasking, based on the management of separate threads. Multiple 16-bit Windows applications in a single WOW session execute according to the cooperative multitasking model. Windows NT can also multitask multiple DOS sessions. Since Windows NT is a fully 32-bit architecture, there are no theoretical limits on GDI and USER resources.

The main differences between Windows 2000. Windows 2000 or W2k is Microsoft's operating system (OS) based on Windows NT technology, which was reflected in the original name of the W2k project - Windows NT 5.0. Windows 2000 is a fully 32-bit OS with priority multitasking and improved memory handling. The W2k project is based on the same principles that once made NT successful.

W2k interface similar to Windows 98 interface with IE 5.0 installed. However, we will note some details.

The first thing that catches your eye is that the color scheme has changed. It now resembles one of the schemes used in the KDE desktop for Linux. Another noticeable detail is the shadow under the mouse cursor, which is removed / exposed in Control panel -> Mouse -> Pointers, by ticking Enable pointer shadow. In addition, a new effect has been added when menus appear, now they gradually appear out of thin air. Controlled from the Desktop Properties, on the Effects tab by ticking Use transition effects for menu and tooltips.

The Start Menu introduces a function familiar from Office 2000, when when you open it only the most frequently used items are shown, the rest are opened if you press the down arrow. You can control this effect in Taskbar Properties, in the General tab by ticking Use Personalized Menus (similarly, in 1E5 this option is disabled in Tools -> Internet Options - »Advanced -> Enable Personalized Favorites Menu). There are several more items in the Desktop Properties, including the Hide keyboard navigation indicators until I use the Alt key. If it is selected, the underscore under the letters that stand for Keyboard shortcut in Windows programs is removed until you press .

On the second tab of Taskbar Properties, Advanced, there is a Start Menu Settings window, which allows you to add / remove lines included in the Start Menu, and expand some items. For example, if you check the Expand Control Panel checkbox, then when you hover the mouse cursor over the Control Panel in the Start Menu, another menu will open to the right, which will contain all the elements included in it. A useful feature on this tab is the Re-sort button. W2k, by default, puts folders with the latest installed programs at the very bottom of the Start Menu, folders may even be below the links to files. Re-sort removes this injustice and arranges all folders from top to bottom in alphabetical order. However, the same effect can be achieved by right-clicking in Start Menu -> Programs and choosing Sort by name. In addition, you can drag and drop any elements from there to any place with the right button.

Oddly enough, another difference that often let people down for people who previously worked with NT and W9x is the widespread use of Checkboxes - especially those that are just a square on a white background. So if you find that you cannot do something, then look through all the windows again, perhaps you simply did not pay attention to such a Checkbox.

Task Manager is one of the most powerful and easy-to-use process management tools in NT. It is called either , or by choosing from the menu that appears after right-clicking on the Taskbar. You can choose it after .

The Task manager consists of three tabs - Performance, Processes, Applications. Let's start with Performance. This tab shows information about the load of the processor (s) in real time, shows the load of physical memory, and shows how much RAM is used / free and how much system Swap is used. " Processes is the number of threads and processes currently running on the machine, Peak is the peak Swap "a" during a session, Nonpaged is the amount of memory allocated for the kernel. This information can be used when it will be necessary to answer the question of what factor in the system is the bottleneck that slows down the work (although it is better to use Performance Monitor for this purpose).

The second tab, Processes, contains a list of currently active processes. For each process, you can find out some additional information, such as: PID (Process ID), the amount of RAM used, the number of threads generated by the process, and much more. You can add / remove displayed parameters via View -> Select Columns. In addition, certain actions can be performed with any of these processes. To do this, you just need to right-click on it, a context menu will appear through which you can end the process, End Process, you can “kill” the process itself and all the others that it “spawned”, End Process Tree. You can set the priority to the process, from the highest RealTime to the lowest, Low. If the machine has two processors and a multiprocessor core, then another item appears in this menu, Set Affinity, which allows you to transfer the process to another processor, Cpu 0, Cpu l, and so on up to Cri31.

The last tab of the Task Manager - Applications, allows you to view the list of running applications and terminate any of them. Task Manager not only allows you to terminate applications, it can also launch new applications. File -> New task (Run).

Active Directory - it is a new tool for managing users and network resources. It is designed to facilitate the work of administrators of large W2k-based networks and the entire network management and security system is built around it. To install Active Directory you need to have W2k Server. W2kPro can run in an Active Directory environment, but cannot create one. Active Directory is built on the following principles:

1. Single registration on the network. Thanks to IntelliMirror technology, you can go to any computer in the office, enter your password

and in front of you will be your desktop, your documents and your settings.

2. Information security. User authentication is built into Active Directory. For each object in the network, you can centrally set access rights, depending on groups and specific users. Kerberos security enables secure communications even over open networks such as the Internet. At the same time, data transmitted over the network is encrypted, and passwords are not transmitted or stored on client machines. The security system Kerberos (named after the mythical three-headed dog, which, according to Greek mythology, guarded the hell gate) has been known for a long time, but it is used for the first time in an OS from Microsoft. Without going into details, this system works like this:

The client sends a request to the authentication server for permission to access the required information;

The server verifies the client's rights and sends him permission to obtain the required information, encrypted using a key known to the client, and at the same time sends a temporary encryption key. All transmitted information is encrypted with this key, and the key lifetime is limited, so the authentication server from time to time sends a new key (of course, the new key is encrypted using the current key), which is unknown to anyone except the server and the client. Regularly changing encryption keys makes life difficult for attackers hunting for your data.

However, as we all remember, in Greek myth, Kerberos was unable to withstand the mighty Hercules. So in our case, despite all its advantages, the Kerberos security system cannot withstand all types of attacks. For example, you can bombard an application with bogus requests, a so-called "Deny of service" attack, which can result in the application not using the Kerberos protocol.

3. Centralized management. Using the Active Directory service eliminates the need for the administrator to manually configure each machine, if, for example, it is necessary to change the access rights to any one object or install a new network printer. Such changes can be made all at once for the entire network.

4 . Flexible interface. Directory structures change quickly and easily. For example, you can create a directory of your company, select accounting department, marketing departments, secretariat in separate subdirectories and present all this in the form of a tree structure. Or, for example, create multiple trees representing different offices in different buildings or regions and easily define the relationship and access rights between them. Connect a network printer to the directory of accountants with one move of the mouse. (This will install the drivers on these computers automatically.) Or drag and drop the entire accounting department from one server to another with the mouse, with all their rights, folders and documents.

5. Integration with DNS. Because of its tight integration with DNS, Active Directory uses the same resource names on the LAN as on the Internet, resulting in less confusion and more interoperability between LAN and WAN.

6. Scalability. Multiple Active Directory domains can be merged together under one management.

7. Ease of search. In an Active Directory domain, you can find various objects based on a variety of criteria, such as username or computer name, user's email address, and so on.

DFS (Distributed File System) is one of the Active Directory tools. It allows you to create network shares that can include many filesystems on different machines. For the Active Directory user, this is absolutely transparent and it does not matter where and on what machines the files with which he works are physically located - for him they are all located in one place. In addition, the use of DFS and Active Directory simplifies the management of such resources. It is centralized, you can easily and painlessly add new resources or delete old ones, change the physical location of files included in the DFS, etc.