Mark Minasi's Windows 2000 Newsletter No. 1

Tuesday, December 28, 1999

To subscribe, visit To unsubscribe, link to Visit the Archives at

What's Inside



Hello to all newsletter subscribers and valued readers; I thought I'd get my first issue out before the end of the world in two days <g>! First, let's get a few housekeeping details out of the way.

GETTING OFF THIS MAILING LIST: If you're on this list and want to be removed, please mail me at and just indicate that you want to removed, and in that case you have my apologies -- no one hates unnecessary mailbox clutter more than me.

PRIVACY POLICY: Mike Toot from the Seattle area sent me a note asking about privacy, was I going to sell your name to some spammeister? Heck yeah, you should expect to soon get some mail with the subject "GIRLS! GIRLS! GIRLS! XXX Action!..." Just kidding. Seriously, the only person you'll be hearing from is me, with one exception: as you may know, I write columns for Windows NT Magazine. NT Mag's got some online newsletters of their own and at some point we might do some kind of cooperative venture. Other than that no, I won't ever use your address info. I *may* end up selling advertising in this at some point, but that would be clearly-marked content inside the newsletter -- no advertiser would get the mailing list. And if you'd like to forbid me from sharing your address info from NT magazine, drop me a line and I'll do that.

HTML OR TEXT?: I've modified the signup to ask whether you want your newsletter in HTML format or text format. I'll start off in text and branch out to HTML for those who want it later, so if you signed up for HTML and are wondering why you got text, relax, it's all part of the plan so far -- please understand that the newsletter will be a "spare time" project for me for the near future. I have assumed that anyone who signed up before I put in the HTML option will want text, if you'd prefer HTML when I get there then please mail me and let me know.

FINDING THE BOOK: Sybex did an initial run of only about 15,000 books, as the book will be replaced by the Second Edition in February, but every copy has been bought up by bookstores, so if you're looking for a copy and can't find it locally then try my Amazon link at here.. (And the Amazon discount's pretty good!)

Early Reviews on Mastering Windows 2000 Server, Advance Edition

Many, many thanks to those of you who've written in with comments on the W2K book, and even more thanks to Carlos Perez, who took a moment to offer a few kind words on Here's a few of your kind comments:

"This is the book that every IT and IS needs to learn how to get things done in Win2k. This is not a book for study for the exams, I believe that this book will become the Win2k Bible for all IT professionals out there. It has helped me mount a great lab and prepare for the migration to win2k. Mark has done another great job! I really recommend this book." -- Carlos Perez

"...I would have forgiven you for being late on your book, or even a lesser book, but, just like your NT Server Book, I just can't put it down. I am somewhere between a newbie, and a NT seasoned veteran, and you book seems to be just right!" -- Perry Sedlar

"I just got the book today, but I've already found solutions to several questions I had on our server! Looking forward to reading the rest." -- Rod Peterson

"Well, I've just started reading the book, but, as usual, I am enjoying it very much already..." -- Craig Dayton

"I've been attending course 1579 this week and have been able to furnish answers from the book numerous times. I've made a believer out of the other class members. Most will be placing orders this week. I'm glad it arrived last week!" -- Warren Bierley

How is the "Advance Edition" different from the next one? Will I need to "upgrade?"

Alan D. Crowetz asks if there will be an "upgrade" to the February edition of the book. My co-authors and I put together the book with the intention of meeting Microsoft's late-October 1999 advertised ship date. The product release was delayed to 17 February 2000 but we had a finished book, so we shipped what we had as an "Advance Edition." It was based on RC2. Since then, the RTM ("Release To Manufacturing") code is out and we have updated the book to match what'll be available in shrink-wrap on 17 February.

As far as I can tell, the differences between RC2 and RTM are cosmetic. They rearranged a bunch of wizards and so we re-shot a bunch of screen shots and fixed small factual errors. No major rewrites simply because we didn't have the time for that. What all that means is:

If you already own the Mastering Windows 2000 Server, Advance Edition then you probably should NOT buy the upcoming second edition, which will appear in February. It's mostly just updated screen shots.

Tech Tips/Errata (Latin for "stuff I got wrong in the book")

Several of you have written to point out goofups.

Figure 2.1 Screwup

Chris Moller discovered that I messed up in Figure 2.1. "It should have the following domain names in the diagram: ACME, WESTCOAST, and EASTCOAST. Instead, it lists the same DNS names as in Figure 2.2." Thanks Chris! (Tony Ott also found this.)

Group Policies

Howard Roberts caught me repeating something that Microsoft told me but that I didn't check (sorry):

"I finished reading the first couple of chapters in Mastering Windows 2000 Server. And it looks like the book is going to be very useful in understanding Windows 2000. I do however think you may have a problem with your discussion of Group Policies. Your book states that you can use a Group Policy at the OU level to implement different password policies. (Your example was password expiration). This seems to confict with Microsoft's official curriculum based on Beta 3.

"Although password policies appear in the template at the OU and Site level templates, they only work when implemented in the Domain GPO. My tests seem to indicate that this is true. I created an OU. Moved a W2K Pro computer into it, and created a user account in the OU. I created a GPO for the new OU and restricted password length to a minimum of 7, and set an expiration policy of one day. The domain policy was left at the default of no password minimum, and 42 days. Since the OU policy is run after the Domain Policy, the Domain policy should be overwritten by the OU policy. This is not the case. The user can change his password to one that is less than 7 characters, and his password did not expire after one or even three days.

"Microsoft's recommended criteria for deciding between multiple domains vs one domain with OU's, includes the following.

"If different security policies (such as password policies) are needed you need separate domains, because these can only be set at the domain level.

"One other tidbit I learned the hard way. I needed to log on locally at a domain controller with an account that was not a member of any group that is granted that permission. No problem. I go the Domain GPO and grant the account the Log On Locally right. Didn't work. I discovered that there is a default GPO for the Domain Controllers OU. When I granted the Log on Locally right it worked within 5 minutes.

"Hope this is helpful. I found your NT 4 book very useful and look forward to finishing this one." VERY helpful, thanks Howard!

Domain Controllers and Multiple Drives

Tony Ott needed a clarification on a statement about configuring domain controllers. "I have just started reading your "Mastering Windows 2000 Server" book. So far it is great. I have a question about a comment you made on page 26. You state that 'Domain Controllers will run best with two physical hard disks.' Are you recommending RAID 1, or a C: and D: drive with different parts of the OS on each drive?"

Tony, What I meant was this: in any database, you'll get better performance if you have one physical drive for the database and one for the transaction log. That way, they can both operate simultaneously and things run faster. So I'm not suggesting RAID 1 OR c:/d:.

What I mean is this:

physical hard disk 1 == C: drive

physical hard disk 2 == D: drive

So what I'm saying does not involve RAID.


I will be at the following conferences talking about W2K:

January 10 -- Firefly, the largest Canadian computer distributor, at their annual meeting, in Toronto.

January 24 -- Sun Microsystems, wearing my asbestos suit as I explain W2K to Sun presales technical folks.

February 15-17 -- Windows 2000 Rollout in San Francisco, speaking on Intellimirror, W2K Overview, and Active Directory


That's our first issue. I hope there's been a useful bit or two in here. Mail me at with questions, comments, kudos or brickbats. If you have not seen it yet, please visit my site.

May Y2K treat you all lightly and thank you for your kind and continued support!


To subscribe, visit To unsubscribe, link to Visit the Archives at

All contents copyright 2001 Mark Minasi. You are encouraged to quote this material, SO LONG as you include this entire document; thanks.