Mark Minasi's Windows 2000/NT Newsletter

Issue #3 March 2000

To subscribe, visit To unsubscribe, link to Visit the Archives at

What's Inside


This month:  the skinny on how to synch your domain controller's time service to the Internet's time servers and how to test to see if it's working, speculation about how to use SIS anywhere, a new edition of the NT Server 4.0 book is out, Microsoft rolls out W2K, I'm doing a free live Webcast this 21 March (sign up now), the folks Down Under beat me up for not doing more with command lines, your reviews and questions, and more!

7th Edition of Mastering Windows NT Server 4.0 is Out

It's probably the last one we'll do, so we tried to do the best possible job.  The Seventh Edition includes the usual round of fixes to small mistakes, as well as two new chapters.  The penultimate chapter is a discussion of how to use the best Resource Kit tools, adapted with the gracious permission of Windows 2000 Magazine from my regular column "This Old Resource Kit."  The final chapter is an overview of Windows 2000.  The Seventh includes a CD-ROM version of the book.  (And I know you want to know about CD-ROM versions of the 2000 book, read on...)  I've got links to the Seventh as well as my other books at, please stop by and take a look.

Microsoft Rolls Out Windows 2000 with Thousands of Features and Even More Bugs, Sybex Rolls Out the Second Edition

Well, on the week of 14 February, Microsoft came to San Francisco.  On that Thursday, BillG stood in front of a humongous fake laptop -- I remember thinking during the boring parts that PCMCIA slots for a laptop that big could probably fit a surfboard, a kind of interesting concept -- and rolled out Win2k.  A few days beforehand, Sybex rolled out the Second Edition of the Windows 2000 Server book.  As I've said in previous newsletters, don't buy it if you already have the Advance Edition, there are only minor changes -- the biggest difference between the new blue cover is a few dozen screen shots that changed between RC2 and the shrink-wrap version.   Amazon will deliver it to you at a discount from this link: (now, is that a link, or what?)

In related news, you might have heard that some claim that Windows 2000 shipped with 63,000 bugs.  While that sounds like a huge number, remember that Windows 3.1 was considerably smaller, and industry scuttlebutt has it that Win 3.1 shipped with 5,000 bugs.  In any case, even if it's one tenth that size, 6,000 bugs would still be a lot of bugs.  Guess there will definitely be a Service Pack 1!  But while we're on the subject, if you're tired of buying software products with thousands of known defects, learn how to help change the industry in my book The Software Conspiracy:  Why Software Vendors Ship Faulty Products, How They Can Harm You, and What You Can Do About It.  There's a link to my separate site on the topic here.

Slashdot Reviews The Software Conspiracy

Speaking of The Software Conspiracy, Slashdot published a very favorable review of it at

"Minasi Unplugged:"  Mission Critical Software sponsors a free live Webcast on Tuesday, 21 March

Mission Critical Software, makers of One Point Domain Manager, Enterprise Administrator, and a bunch of other tools that make managing NT in the enterprise possible, have asked me to do a live, on-line presentation and Q&A. They have called it "Minasi Unplugged" (marketing people, what are you gonna do with 'em?) and it's free. I'll do a brief presentation and then take questions live over the Web. Sign up at .  It all takes place 11 AM Eastern time on Tuesday, 21 March 2000 -- see you there!

Newsletter Archives are Open

For those just joining us, this is the third issue and if you'd like to see the ones you missed, then click to  Log in with your e-mail address as a user account name and whatever password you specified.   Those of you who signed up before 29 January 2000 weren't asked for a password, so just leave the password field blank.  (The archives aren't exactly a high security area, if you know what I mean.)  The newsletters are stored in HTML format.

Reviews and Reader Comments

Your very kind reviews continue to fill the mailbox; thanks so very much!  Special thanks to Gary Hanson and Carey Chin for taking a moment to post a message on Amazon.

A CNE/MCSE reader (deadly combination, bet it nets the big bucks -- now go buy my buddy Todd Lammle's books and get your CCNA!) says "Mark, your books got me through the MCSE!!!!!"  Not true at all, Jackie, you did it all yourself, but thanks!

Another reader says "I think Mastering NT 4.0 server is one of the best references I've see in the industry and am really looking forward to seeing the same from the Mastering Win2k Server book."  Thanks so much, David, we're working hard to build the 2000 book into the best it can be.

A student from years ago says "I've been following Mark's work since taking an OS/2 class from him in Richmond, VA years ago. I'm about half way through the Win2k Mastering book now, and it is fabulous. The section on NT4 user profiles is the best discussion I've ever seen of the topic. Keep up the great work."  Lisa, take a bow.  Lisa Justice worked like a dog to do that profiles writeup in the NT 4.0 book.  Thanks for the kind thought, Donald.

An Australian reader tells me that "my boss said we needed books on 2000, so I jumped on the Net, looked for your name, and there it was, Mastering Windows 2000.  We bought 15 copies -- and the boss paid for it!  Thanks for all the help."  You're welcome, Elias, and thank you!

"I am currently less than a quarter of the way through Mastering Windows 2000 Server: Advanced Edition Based on RC2.; It is by far the best book on Windows 2000 that I have seen yet. Mark has done it again (I have his NT 4 Server books as well). I was think that posting an errata sheet for each edition would be very helpful."  Thanks, William!

"I am a student and reading your books made me decide to pursue computers as a career."    So it's MY fault then, hmmm?  Many thanks, Shawn, best of luck.

Another reader asks that I not sell his name and wonders about a Linux newsletter.  Don't worry, Allan, I've already promised not to do that.  The point of this newsletter is to get the info out and (with hope) save me some time -- I'm getting to the point where I can't answer all of the reader mail, so I'm hoping this will reduce the questions a bit.   And funny you should mention Linux ... I'm working on a Linux book right now and I hope to be able to talk about it in a newsletter or two.

Tech Section

This month, we dug up a bit of undocumented gold and considered petabytes versus exabytes.  But first, to this month's Most Common Publishing Question.

What about CDs?

Several of you have mailed me to ask about buying Mastering Windows 2000 Server in a CD-ROM format.  As some of you know, we began including a CD-ROM in every copy of Mastering Windows NT Server 4.0 as of the fifth edition.  The CD-ROM includes a fully searchable on-line version of the book, and some of you have asked if you can buy something like that for Mastering Windows 2000 Server

First of all, why didn't we include a CD?  There isn't a CD in the current book mainly because of time constraints; it was a real trick getting the second edition out concurrently with Windows 2000's release and Sybex simply didn't have time for CD preparation.

Well, some have asked, why not offer one now as a separate item?  I'm not exactly the guy to answer that question, as I don't run Sybex, the books' publishing house.  But my understanding of the economics of CDs runs something like this.  Ignoring for a moment the time involved in actually creating the CD, it costs about a dollar apiece to burn and label a CD.  The big cost comes in fulfillment -- taking orders, processing them, and sending them out adds about another six dollars.  That's seven dollars cost of goods and handling.  On top of that, the publisher needs some overhead covered, profit, royalties for that greedy author, that kind of thing.  Then it goes to the store, which usually marks it up about 100 percent.  Result:  selling a CD-only version of the book might well end up with a list price of twenty bucks.  In contrast, building a CD and including it in a book -- which has to be handled anyway -- only increases the marginal cost a bit.

The story's not over, however; if we can find a cheaper way to offer a CD version then I'm sure that Sybex will -- they're just as interested in keeping you readers happy and making a few more bucks as some of you are interested in a CD-ROM version.  In any case, there will probably be one in the third edition, but I've not even started on that yet.

Windows 2000's Time Service:  The Undocumented Truth

Actually, I think this falls less in the category of "undocumented" and more in the category of "stuff Microsoft didn't get around to documenting because they had so many other things to document..."  But it's still pretty useful.

I've gotten a number of letters on W2K's time service.  W2K needs all machines in a domain to be time-synchronized.  For one thing, it needs this so that when two different domain controllers receive updates on the same data -- that is, if an admin sitting at a DC in Paris updates Lou's password at nearly the same time as an admin sitting at a DC in St Louis ALSO updates Lou's password, then those password changes will replicate around the enterprise and eventually AD will figure out that that it has a conflict on its hands.  It basically decides in favor of the most recent update -- which is why all W2K servers must agree on the time.

W2K does that in the following way.  The PDC of the forest root -- the first domain that you created's first domain controller, by default -- is the Master Time Server Dude.  All other servers automatically create a hierarchy, sort of like a "telephone tree," to distribute time synchronization information.  Everyone below that top dog, which is called the "forest root PDC FSMO master," automatically gets time synced from someone above it in the hierarchy.

But who syncs that top dog, the FSMO?

First of all, odd as this sounds, you NEEDN'T sync the FSMO.  All that matters in W2K is that all of the servers think it's the same time.  Sure, it'd be nice if it was the ACTUAL time, but that's not necessary.  If your whole enterprise was five minutes early, that would constitute no problem for AD, as long as ALL of the servers are five minutes early.

But as long as we've got this hierarchy, let's do it right.  You could use an atomic clock, one of those roughly-$100 things that read the official time off some AM signals out of Colorado or other places.  I've used the Zeit Arcron clocks, you can find them at  They've got one that plugs into the serial port of your PC and sets it time that way.  OR you could save a buck or two and just let the Internet set your time.

The suite of Internet standards includes a way of sharing time information called the Simple Network Time Protocol or sntp.  Many, many machines on the Internet serve as SNTP servers and will provide up-to-date time information to any machine running an SNTP client.  Fortunately, Windows 2000 includes an SNTP client.  You can tell an Windows 2000 machine to synchronize its clock from a given Internet time server with this command:

net time /setsntp:DNSNAME

For example, if a machine named were an SNTP server, you could tell your system to use it to synchronize with this command:

net time /

If you forget what server you told the clock to sync with, you can find out by typing this:

net time /querysntp

By default, the FSMO will try to synchronize with its time source once every 45 minutes until it successfully connects with the time source.  Then it does it again in 45 minutes, and again 45 minutes later.  It keeps re-synchronizing every 45 minutes until it has successfully synchronized three times in a row.  Then it reduces its frequency to once every eight hours.  You can change this with a Registry entry, although I'm not sure why you'd need to.  (All Time Service parameters are in HKLM\System\CurrentControlSet\Services\W32Time\Parameters.)

But where to find an SNTP server?  Oddly enough, there are many around.  Most ISP's big DNS servers seem to act as SNTP servers.  You can find out if a particular machine is an SNTP server with a neat little free tool called ntpquery.exe from  You just point it at a DNS name or IP address and if that machine is a time server, you get a screen full of incomprehensible long numbers.   

There doesn't seem to be a way to enable success/failure logging to the Event Log.  But there is a diagnostic program that you can use to figure out if you're connected to a useful time server.  Shipped on all Windows 2000 Professional and Server machines, the program is called w32tm.  While it's not as pretty as ntpquery.exe, it's free and integrates with the time service..

W32tm will not work if you've got the time service working, so you have to take the time service offline before running w32tm.  You can do that from Manage Computer as always, or you can do it from the command line -- "net stop w32time" stops the service, "net start w32time" starts it again.  If you run w32tm without options, it sits there and seems to do nothing, as it is now acting as a time server.  You can force it to cough up help about its legal options by starting it with a nonsense option, like "w32tm -iwishihadBill'smoney" or whatever you like.  In any case, what you want to do is to check that your Windows 2000 server can get to your chosen time server, and that time server is responding to it.  You have already set the time server's name with the /setsntp: option.  Test it with "w32tm -v -once," which synchronizes just once and to do it verbosely.  You'll get a fair amount of output, but inside it there should be a line that looks like

W32Time:     Recv'ed from server 48 Bytes...

That indicates that your system can find the time server and that the time server acknowledged the synchronization request.

This service requires that port 123 be open to the outside world, so set your firewalls appropriately.

Using Single Instance Store Almost Anywhere

You know from Chapter 3 that the Single Instance Store lets you greatly save space, as it runs in the background and finds duplicate files on a RIS volume. But SIS would be useful for more than just RIS, so I've always wondered if there were a way to turn it on for other drives as well.

Dave Shinoda tells me that a Microsoft speaker in San Francisco said that you could convince SIS to work its magic on any NTFS volume.  Any SIS-ed volume must contain a folder named "SIS Common Store."  That folder must contain a file named MaxIndex, which must contain eight hex zeroes.  Haven't had a chance to check it out yet, but it sounds interesting and I hope to give it a try in the near future.  If anyone knows more about this or has some positive results from experimenting, please let me know.

PB's and EB's in Disk Quotas

Tom Stodolka asks "On the disk quota options you can set the limit to KB,MB,GB,TB,PB and EB.  What is PB?"

PB is "petabytes," or 1024 terabytes (which are 1024 gigabytes).  And you didn't ask, Tom, but EB are exabytes, 1024 petabytes.  After that comes zettabytes (1024 exabytes) and yottabytes, 1024 zettabytes.  (Sadly, I am not making this up!)

What About a Command-Line Reference?

Fred Clausen of Australia asks why I discuss how nice it is that you can do more with the command line under 2000 and yet didn't include a command-line reference.  Time constraints, that's all.  There's great stuff that you can do on the command line now and I'd definitely like to be able cover them all.  I'm a slow writer, it's the bane of my existence -- I get to everything eventually, but I can't get my writing done nearly as quickly as I'd like.


A slower month for bugs (thank goodness...)

Mastering Windows NT Server, 6th Edition

It's nbtstat, not nbstat:  Lee Metcalfe points out that on page 950 we refer to "nbstat" when of course the command's name is "nbtstat."

Mastering Windows 2000, both editions

NT, not 2000:  Isaac Breitman of Santiago, Chile, found that on page 262 I referred to NTBackup, which only can back up to tape, as a Windows 2000 tool.  That was incorrect -- as you read elsewhere in the book, the backup program that comes with Windows 2000 is quite flexible.  Mea culpa.

Upcoming Conferences

I got to meet some of you in San Francisco and I hope more of you will join me at TechMentor and Windows 2000 Connections.  TechMentor is in Chicago this April 3 and 4, and Windows 2000 Connections is in Phoenix April 30-May 3rd.  Find out about TechMentor at and about Windows 2000 Connections at (  Technical trainers, join us for the Trainer's Spring Break conference in Hilton Head, SC in March 15 and 16 ( where it's me versus Dan York of Linuxcare slugging it out to answer the question "NT, or Linux?"

Until Next Month...

Please share this newsletter!  I'd like very much to grow this newsletter into a useful source of NT/2000 information.  Please forward it to any associates who might find it helpful, and accept my thanks.  We are now at 1400 subscribers and I aim to use this to get information to every single Mastering NT and 2000 Server reader.

Set up that test machine and start messing with W2K.  (After all, our MCSE certifications disappear in less than two years.)  

Thanks for letting me visit with you, take care, and stay warm!  Many, many thanks to the readers who have mailed me to offer suggestions, errata, and those kind reviews.  As always, I'm at

-- Mark

To subscribe, visit To unsubscribe, link to Visit the Archives at

All contents copyright 2001 Mark Minasi. You are encouraged to quote this material, SO LONG as you include this entire document; thanks.