Name

:-

Usha K. Agashe

Class

:-

Bsc 2nd Year Sem III (CS)

Subject

:-

C.S. Assignment

Submited By

Guided By

Usha K. Agashe

Mr. Dev Shahare

Windows 2000
Windows 2000 is anoperating system for use on both clientand servercomputers. It was produced by
Microsoft and released to manufacturing on December 15, 1999 and launched to retail on February 17, 2000. It is
the successor toWindows NT 4.0, and is the last version of Microsoft Windows to display the "Windows NT"
designation. It is succeeded byWindows XP(released in October 2001) and Windows Server 2003 (released in
April 2003). During development, Windows 2000 was known as Windows NT 5.0. Four ions of Windows 2000
were released:Professional, Server,Advanced Server, and Datacenter Server, the latter was both released to
manufacturing and launched months after the other ions. While each ion of Windows 2000 was targeted at a
different market, they shared a core set of features, including many system utilities such as the Microsoft
Management Console and standard system administration applications.
Support for people with disabilities was improved over Windows NT 4.0with a number of new assistive
technologies, and Microsoft increased support for different languages and locale information. All versions of the
operating system support NTFS 3.0, Encrypting File System, as well as basic and dynamic disk storage. The
Windows 2000 Server family has additional features, including the ability to provide Active Directory services (a
hierarchical framework of resources), Distributed File System (a file system that supports sharing of files) and
fault-redundant storage volumes. Windows 2000 can be installed through either a manual or unattended
installation.Unattended installations rely on the use of answer files to fill in installation information, and can be
performed through a bootable CD using Microsoft Systems Management Server, by the System Preparation
Tool.
Microsoft marketed Windows 2000 as the most secure Windows version ever at the time; however, it
became the target of a number of high-profile virus attacks such as Code Red and Nimda. For ten years after its
release, it continued to receive patches for security vulnerabilities nearly every month until reaching the end of its
lifecycle on July 13, 2010.

History

History of Microsoft Windows

Windows 2000 is a continuation of the Microsoft Windows NT family of operating systems,
replacing Windows NT 4.0. The original name for the operating system was Windows NT 5.0. Beta 1 of NT 5.0
was released in September 1997, followed by Beta 2 in August 1998. On October 27, 1998, Microsoft announced
that the name of the final version of the operating system would be Windows 2000, a name which referred to its
projected release date. Windows 2000 Beta 3 was released in January 1999. NT 5.0 Beta 1 was similar to NT
4.0, including a very similar themed logo. NT 5.0 Beta 2 introduced a new 'mini' boot screen, and removed the
'dark space' theme in the logo. The NT 5.0 betas had very long startup and shutdown sounds, though these were
changed in the early Windows 2000 beta, but during Beta 3, a new piano-made startup and shutdown sounds
were made, featured in the final version as well as for Windows ME. The new login prompt from the final version
made its first appearance in Beta 3 build 1946 (the first build of Beta 3). The new, updated icons (for My
Computer, Recycle Bin etc.) first appeared in Beta 3 build 1976. The Windows 2000 boot screen in the final
version first appeared in Beta 3 build 1994. Windows 2000 did not have a codename because, according to Dave
Thompson of Windows NT team, "Jim Allchin didn't like codenames".

Windows 2000 Service Pack 1 was codenamed "Asteroid"

and Windows 2000 64-bit was codenamed

"Janus." During development, there was a build for the Alpha which was abandoned some time after
RC1 after Compaq announced they had dropped support for Windows NT on Alpha. From here, Microsoft issued
three release candidates between July and November 1999, and finally released the operating system to
partners on December 12, 1999. The public could buy the full version of Windows 2000 on February 17, 2000.
Three days before this event, which Microsoft advertised as "a standard in reliability," a leaked memo from
Microsoft reported on by Mary Jo Foleyrevealed that Windows 2000 had "over 63,000 potential known
defects." After Foley's article was published, she claimed that Microsoft blacklisted her for a considerable
time. However, Abraham Silberschatz et al. claim in their computer science textbook that "Windows 2000 was the
most reliable, stable operating system Microsoft had ever shipped to that point. Much of this reliability came from
maturity in the source code, extensive stress testing of the system, and automatic detection of many serious
errors in drivers." InformationWeeksummarized the release "our tests show the successor to NT 4.0 is
everything we hoped it would be. Of course, it isn't perfect either." Wired News later described the results of the
February launch as "lackluster."

Novell criticized Microsoft's Active Directory, the new directory service

architecture, as less scalable or reliable than its ownNovell Directory Services (NDS) alternative.
Windows 2000 was first planned to replace both Windows 98 and Windows NT 4.0. However, that changed later.
Instead, an updated version of Windows 98 called Windows 98 Second ion was released in 1999 and Windows
ME was released in late 2000.
On or shortly before February 12, 2004, "portions of the Microsoft Windows 2000 and Windows NT 4.0 source
code were illegally made available on the Internet." The source of the leak remains unannounced. Microsoft
issued the following statement:
"Microsoft source code is both copyrighted and protected as a trade secret. As such, it is illegal to post it, make it
available to others, download it or use it."
Despite the warnings, the archive containing the leaked code spread widely on the file-sharing networks. On
February 16, 2004, an exploit"allegedly discovered by an individual studying the leaked source code" for certain
versions of Microsoft Internet Explorer was reported.
Microsoft

planned

to

release

64-bit

version

of

Windows

2000,

which

would

run

on 64-

bit Intel Itanium microprocessors, in 2000. However, the first officially-released 64-bit ions of Windows
wereWindows Datacenter Server Limited ion and later Windows Advanced Server Limited ion, which were based
on the pre-release Windows Server 2003 (then known as Windows .NET Server) codebase.37 These ions were
released in 2002, were shortly available through the OEM channel and then were superseded by the final
versions of Windows Server 2003.

New and updated features

Windows 2000 introduced many of the new features of Windows 98 and Windows 98 SE into the NT line, such as
the Windows Desktop Update, Internet Explorer 5 (Internet Explorer 6, which came in 2001, is also available for
Windows 2000), Outlook Express, NetMeeting,FAT32 support, Windows Driver Model, Internet Connection
Sharing, Windows Media Player, WebDAV support etc. Certain new features are common across all ions of
Windows 2000, among them NTFS 3.0, the Microsoft Management Console (MMC), UDFsupport, the Encrypting
File System (EFS), Logical Disk Manager, Image Color Management 2.0, support for PostScript 3-based
printers, OpenType (.OTF) and Type 1 PostScript (.PFB) font support (including a new fontPalatino
Linotypeto showcase some OpenType features), the Data protection API (DPAPI), anLDAP/Active Directory-

enabled Address Book, usability enhancements and multi-language and locale support. Windows 2000 also
introducedUSB device class drivers for USB printers, Mass storage class devices, and improved FireWire SBP2 support for printers and scanners, along with a Safe removal applet for storage devices. Windows 2000 is also
the first Windows version to support hibernation at the operating system level (OS-controlled ACPI S4 sleep
state) unlike Windows 98 which required special drivers from the hardware manufacturer or driver developer.
A new capability designed to protect critical system files called Windows File Protection was introduced. This
protects critical Windows system files by preventing programs other than Microsoft's operating system update
mechanisms such as the Package Installer, Windows Installer and other update components from modifying
them. The System File Checkerutility provides users the ability to perform a manual scan the integrity of all
protected system files, and optionally repair them, either by restoring from a cache stored in a separate
"DLLCACHE" directory, or from the original install media.
Microsoft recognized that a serious error or a stop error could cause problems for servers that needed to be
constantly running and so provided a system setting that would allow the server to automatically reboot when a
stop error occurred. Also included is an option to dumpany of the first 64 KB of memory to disk (the smallest
amount of memory that is useful for debugging purposes, also known as a minidump), a dump of only the
kernel's memory, or a dump of the entire contents of memory to disk, as well as write that this event happened to
the Windows 2000 event log. In order to improve performance on servers running Windows 2000, Microsoft gave
administrators the choice of optimizing the operating system's memory and processor usage patterns for
background services or for applications. Windows 2000 also introduced core system administration and
management features as theWindows Installer, Windows Management Instrumentation and Event Tracing for
Windows (ETW) into the operating system.

The

Plug and Play and hardware support improvements

most

notable

improvement

from Windows

NT

4.0 is

the

addition

of

Plug

and

Play

with

full ACPI and Windows Driver Model support. Similar to Windows 9x, Windows 2000 supports automatic
recognition of installed hardware, hardware resource allocation, loading of appropriate drivers, PnP APIs and
device notification events. The addition of the kernel PnP Manager along with the Power Manager are two
significant subsystems added in Windows 2000.
Windows 2000 introduced version 3 print drivers (user mode printer drivers). Generic support for 5-button mice is
also included as standard and installing IntelliPoint allows reassigning the programmable buttons. Windows 98
lacked generic support. Driver Verifier was introduced to stress test and catch device driver bugs.

Shell

Windows 2000 introduces layered windows that allow for transparency, translucency and various transition
effects like shadows, gradient fills and alpha blended GUI elements to top-level windows. Menus support a
new Fade transition effect.

Improvements in Windows Explorer: "Web-style" folders, media preview and customizable toolbars

The Start Menu in Windows 2000 introduces personalized menus, expandable special folders and the
ability to launch multiple programs without closing the menu by holding down the SHIFT key. A Re-sort button
forces the entire Start Menu to be sorted by name. The Taskbarintroduces support for balloon notifications which
can also be used by application developers. Windows 2000 Explorer introduces customizable Windows Explorer
toolbars, auto-complete in Windows Explorer address bar and Run box, advanced file type association features,
displaying comments in shortcuts as tooltips, extensible columns in Details view (IColumnProvider interface), icon
overlays, integrated search pane in Windows Explorer, sort by name function for menus, and Places bar in
common dialogs forOpen and Save.
Windows Explorer has been enhanced in several ways in Windows 2000. It is the first Windows
NT release to include Active Desktop, first introduced as a part of Internet Explorer 4.0 (specifically Windows
Desktop Update), and only pre-installed in Windows 98 by that time. It allowed users to customize the way
folders look and behave by usingHTML templates, having the file extension HTT. This feature was abused
by computer viruses that employed malicious scripts, Java applets, orActiveX controls in folder template files as
their infection vector. Two such viruses are VBS/Roor-C and VBS.Redlof.a. Other features new to Explorer
include customizable toolbars, auto-complete in address bar and Run box, advanced file type association
features and a Places bar in common dialogs.
The "Web-style" folders view, with the left Explorer pane displaying details for the object currently
selected, is turned on by default in Windows 2000. For certain file types, such as pictures and media files, the
preview is also displayed in the left pane. Until the dedicated interactive preview pane appeared in Windows
Vista, Windows 2000 had been the only Windows release to feature an interactive media player as the previewer
for sound and video files, enabled by default. However, such a previewer can be enabled in previous versions of
Windows with the Windows Desktop Update installed through the use of folder customization templates. The
default file tooltip displays file title, author, subject and comments; this metadata may be read from a
special NTFS stream, if the file is on an NTFS volume, or from an OLEstructured storage stream, if the file is a
structured storage document. AllMicrosoft Office documents since Office 4.0 make use of structured storage, so
their metadata is displayable in the Windows 2000 Explorer default tooltip. File shortcuts can also store
comments which are displayed as a tooltip when the mouse hovers over the shortcut. The shell introduces
extensibility support through metadata handlers, icon overlay handlers and column handlers in Explorer Details
view.
The right pane of Windows 2000 Explorer, which usually just lists files and folders, can also be
customized. For example, the contents of the system folders aren't displayed by default, instead showing in the
right pane a warning to the user that modifying the contents of the system folders could harm their computer. It's
possible to define additional Explorer panes by using DIV elements in folder template files. This degree of

customizability is new to Windows 2000; neither Windows 98 nor the Desktop Update could provide it. The new
DHTML-based search pane is integrated into Windows 2000 Explorer, unlike the separate search dialog found in
all previous Explorer versions. TheIndexing Service has also been integrated into the operating system and the
search pane built into Explorer allows searching files indexed by its database.

NTFS 3.0

Main article: NTFS

Microsoft released the version 3.0 of NTFS (sometimes incorrectly called NTFS 5 in relation to the
kernel version number) as part of Windows 2000; this introduced disk quotas (provided by QuotaAdvisor),filesystem-level encryption, sparse files and reparse points. Sparse files allow for the efficient storage of data sets
that are very large yet contain many areas that only have zeros. Reparse points allow the object manager to
reset a file namespace lookup and let file system drivers implement changed functionality in a transparent
manner. Reparse

points

are

used

to

implement volume

mount

points, junctions,Hierarchical

Storage

Management, Native Structured Storage and Single Instance Storage. Volume mount points and directory
junctions allow for a file to be transparently referred from one file or directory location to another.
Windows 2000 also introduces a Distributed Link Tracking service to ensure file shortcuts remain
working even if the target is moved or renamed. The target object's unique identifier is stored in the shortcut file
on NTFS 3.0 and Windows can use the Distributed Link Tracking service for tracking the targets of shortcuts, so
that the shortcut file may be silently updated if the target moves, even to another hard drive.

Encrypting File System

Main article: Encrypting File System

The Encrypting File System (EFS) introduced strong file system-levelencryption to Windows. It allows
any folder or drive on an NTFS volume to be encrypted transparently by the user. EFS works together with the
EFS service, Microsoft's CryptoAPI and the EFS File System RuntimeLibrary (FSRTL). To date, its encryption
has not been compromised.
EFS works by encrypting a file with a bulk symmetric key (also known as the File Encryption Key, or
FEK), which is used because it takes less time to encrypt and decrypt large amounts of data than if
an asymmetric keycipher were used. The symmetric key used to encrypt the file is then encrypted with a public
key associated with the user who encrypted the file, and this encrypted data is stored in the header of the
encrypted file. To decrypt the file, the file system uses the private key of the user to decrypt the symmetric key
stored in the file header. It then uses the symmetric key to decrypt the file. Because this is done at the file system
level, it is transparent to the user.
For a user losing access to their key, support for recovery agents that can decrypt files is built into EFS.
A Recovery Agent is a user who is authorized by a public key recovery certificate to decrypt files belonging to
other users using a special private key. By default, local administrators are recovery agents however they can be
customized using Group Policy.

Basic and dynamic disk storage

Main article: Logical Disk Manager

Windows 2000 introduced the Logical Disk Manager and the diskpartcommand line tool for dynamic storage. All
versions of Windows 2000 support three types of dynamic disk volumes (along with basic disks):simple
volumes, spanned volumes and striped volumes:

Simple volume, a volume with disk space from one disk.

Spanned volumes, where up to 32 disks show up as one, increasing it in size but not enhancing
performance. When one disk fails, the array is destroyed. Some data may be recoverable. This corresponds
to JBOD and not to RAID-1.

Striped volumes, also known as RAID-0, store all their data across several disks in stripes. This allows
better performance because disk reads and writes are balanced across multiple disks. Like spanned
volumes, when one disk in the array fails, the entire array is destroyed (some data may be recoverable).

In addition to these disk volumes, Windows 2000 Server, Windows 2000 Advanced Server, and Windows 2000
Datacenter Server supportmirrored volumes and striped volumes with parity:

Mirrored volumes, also known as RAID-1, store identical copies of their data on 2 or more identical disks
(mirrored). This allows for fault tolerance; in the event one disk fails, the other disk(s) can keep the server
operational until the server can be shut down for replacement of the failed disk.

Striped volumes with parity, also known as RAID-5, functions similar to striped volumes/RAID-0, except
"parity data" is written out across each of the disks in addition to the data. This allows the data to be "rebuilt"
in the event a disk in the array needs replacement.

Accessibility

With Windows 2000, Microsoft introduced the Windows 9x accessibility features for people with visual and
auditory impairments and otherdisabilities into the NT-line of operating systems. These included:

StickyKeys: makes modifier keys (ALT, CTRL and SHIFT) become "sticky": a user can press the modifier
key, and then release it before pressing the combination key. (Activated by pressing Shift five times quickly.)

FilterKeys: a group of keyboard-related features for people with typing issues, including:

SlowKeys: Ignore any keystroke not held down for a certain period.

BounceKeys: Ignore repeated keystrokes pressed in quick succession.

RepeatKeys: lets users slow down the rate at which keys are repeated via the keyboard's key-repeat
feature.

ToggleKeys: when turned on, Windows will play a sound when the CAPS LOCK, NUM LOCK or SCROLL

LOCK key is pressed.

SoundSentry: designed to help users with auditory impairments, Windows 2000 shows a visual effect when
a sound is played through the sound system.

MouseKeys: lets users move the cursor around the screen via thenumeric keypad.

SerialKeys: lets Windows 2000 support speech augmentation devices.

High contrast theme: to assist users with visual impairments.

Microsoft Magnifier: A screen magnifier that enlarges a part of the screen the cursor is over.

Additionally, Windows 2000 introduced the following new accessibility features:

On-screen keyboard: displays a virtual keyboard on the screen and allows users to press its keys using
a mouse or a joystick.

Microsoft Narrator: Introduced in Windows 2000, this is a screen reader that utilizes the Speech API 5.

Languages and locales

Main article: Multilingual User Interface

Windows 2000 introduced the Multilingual User Interface (MUI). Besides English, Windows 2000 incorporates
support

for Arabic,Armenian, Baltic,

Central

European, Cyrillic, Georgian, Greek, Hebrew,Indic,

Japanese, Korean, Simplified Chinese, Thai, Traditional Chinese,Turkic, Vietnamese and Western European
languages. It also has support for many different locales.

Games

Windows 2000 included version 7.0 of the DirectX API, commonly used by game developers on Windows
98. The last version of DirectX that Windows 2000 supports is DirectX 9.0c (Shader Model 3.0), that shipped with
Windows XP Service Pack 2. Microsoft published quarterly updates to DirectX 9.0c through the February 2010
release after which support was dropped in the June 2010 SDK. These updates contain bug fixes to the core
runtime and some additional libraries such as D3DX, XAudio 2,XInput and Managed DirectX components. The
majority of games written for versions of DirectX 9.0c (up to the February 2010 release) can therefore run on
Windows 2000.
Windows 2000 included the same games as Windows NT 4.0 did:FreeCell, Minesweeper, Pinball, and Solitaire.

System utilities

Windows 2000's Computer Management console can perform many system tasks. This image shows a disk defragmentation in
progress.

Windows 2000 introduced theMicrosoft Management Console(MMC), which is used to create, save, and open
administrative tools. Each of these is called a console, and most allow an administrator to administer other
Windows 2000 computers from one centralised computer. Each console can contain one or many specific
administrative tools, called snap-ins. These can be either standalone (with one function), or an extension (adding
functions to an existing snap-in). In order to provide the ability to control what snap-ins can be seen in a console,
the MMC allows consoles to be created inauthor mode or user mode. Author mode allows snap-ins to be added,
new windows to be created, all portions of the console tree to be displayed and consoles to be saved. User mode
allows consoles to be distributed with restrictions applied. User mode consoles can grant full access to the user
for any change, or they can grant limited access, preventing users from adding snapins to the console though
they can view multiple windows in a console. Alternatively users can be granted limited access, preventing them
from adding to the console and stopping them from viewing multiple windows in a single console.
The main tools that come with Windows 2000 can be found in theComputer Management console (in
Administrative Tools in the Control Panel). This contains the Event Viewera means of seeing events and the
Windows equivalent of a log file, a system information utility, a backup utility, Task Scheduler and management
consoles to view open shared folders and shared folder sessions, configure and manage COM+applications,
configure Group Policy, manage all the local users and user groups, and a device manager. It contains Disk
Management andRemovable Storage snap-ins, a disk defragmenter as well as a performance diagnostic console,
which displays graphs of system performance and configures data logs and alerts. It also contains
aservice configuration console, which allows users to view all installed services and to stop and start them, as
well as configure what those services should do when the computer starts. CHKDSK has significant performance
improvements.
Windows 2000 comes with two utilities to the Windows registry,REG.EXE and REGEDT32.EXE.91 REG has been
directly ported from Windows 98, and therefore does not support ing registry permissions.91 REGEDT32 has the
older multiple document interface (MDI) and can registry permissions in the same manner that Windows NT's
REGEDT32 program could. REG has a left-side tree view of the Windows registry, lists all loaded hives and
represents the three components of a value (its name, type, and data) as separate columns of a table.
REGEDT32 has a left-side tree view, but each hive has its own window, so the tree displays only keys and it
represents values as a list of strings. REG supports right-clicking of entries in a tree view to adjust properties and
other settings. REGEDT32 requires all actions to be performed from the top menu bar. Windows XP is the first
system to integrate these two programs into a single utility, adopting the REG behavior with the additional NT
features.91

The System File Checker (SFC) also comes with Windows 2000. It is acommand line utility that scans system
files and verifies whether they were signed by Microsoft and works in conjunction with the Windows File
Protection mechanism. It can also repopulate and repair all the files in theDllcache folder.92

Recovery Console

The Recovery Console is usually used to recover unbootable systems.

Main article: Recovery Console

The Recovery Console is run from outside the installed copy of Windows to perform maintenance tasks that can
neither be run from within it nor feasibly be run from another computer or copy of Windows 2000. 93 It is usually
used to recover the system from problems that cause booting to fail, which would render other tools useless, like
Safe Mode or Last Known Good Configuration, or chkdsk. It includes commands like 'fixmbr', which are not
present in MS-DOS.
It has a simple command line interface, used to check and repair the hard drive(s), repair boot information
(including NTLDR), replace corrupted system files with fresh copies from the CD, or enable/disable services and
drivers for the next boot.
The console can be accessed in either of the two ways:
1. Booting from the Windows 2000 CD, and choosing to start the Recovery Console from the CD itself
instead of continuing with setup. The Recovery Console is accessible as long as the installation CD is
available.
2. Preinstalling the Recovery Console on the hard disk as a startup option in Boot.ini, via
WinNT32.exe, with the /cmdcons switch.94 In this case, it can only be started as long as NTLDRcan
boot from the system partition.

Windows Scripting Host 2.0

Main article: Windows Script Host

Windows 2000 introduced Windows Script Host 2.0 which included an expanded object model and support for
logon and logoff scripts.

Server family features

The Windows 2000 server family consists of Windows 2000 Server, Windows 2000 Advanced Server, and
Windows 2000 Datacenter Server.
All ions of Windows 2000 Server have the following services and features built in:

Routing

and

Remote

Access

Service (RRAS)

support,

facilitating dial-up and VPN connections

using IPsec, L2TP or L2TP/IPsec, support for RADIUS authentication in Internet Authentication Service,
network connection sharing, Network Address Translation, unicast andmulticast routing schemes.

Remote access security features: Remote Access Policies for setup, verify Caller ID (IP address for VPNs),
callback and Remote access account lockout95

Autodial by location feature using the Remote Access Auto Connection Manager service

Extensible Authentication Protocol support in IAS (EAP-MD5 and EAP-TLS) later upgraded to PEAPv0/EAPMSCHAPv2 and PEAP-EAP-TLS in Windows 2000 SP4

DNS server, including support for Dynamic DNS. Active Directoryrelies heavily on DNS.

IPsec support and TCP/IP filtering

Smart card support

Microsoft Connection Manager Administration Kit (CMAK) and Connection Point Services

Support for distributed file systems (DFS)

Hierarchical Storage Management support including remote storage, a service that runs with NTFS and
automatically transfers files that are not used for some time to less expensive storage media

Fault tolerant volumes, namely Mirrored and RAID-5

Group Policy (part of Active Directory)

IntelliMirror, a collection of technologies for fine-grained managementof Windows 2000 Professional clients
that duplicates users' data, applications, files, and settings in a centralized location on the network.
IntelliMirror employs technologies such as Group Policy,Windows Installer, Roaming profiles, Folder
Redirection, Offline Files(also known as Client Side Caching or CSC), File Replication Service(FRS),
Remote Installation Services (RIS) to address desktop management scenarios such as user data
management, user settings management, software installation and maintenance.

COM+, Microsoft Transaction Server and Distributed Transaction Coordinator

MSMQ 2.0

TAPI 3.0

Integrated Windows Authentication (including Kerberos, Secure channel and SPNEGO (Negotiate) SSP
packages for Security Support Provider Interface (SSPI)).

MS-CHAP v2 protocol

Public Key Infrastructure (PKI) and Enterprise Certificate Authoritysupport

Terminal Services and support for the Remote Desktop Protocol(RDP)

Internet Information Services (IIS) 5.0 and Windows Media Services4.1

Network Quality of Service features97

A new Windows Time service which is an implementation of Simple Network Time Protocol (SNTP) as
detailed in IETF RFC 1769. The Windows Time service synchronizes the date and time of computers in a
domain98 running on Windows 2000 Server or later. Windows 2000 Professional includes an SNTP client.

The Server ions include more features and components, including the Microsoft Distributed File System (DFS),
Active Directory support and fault-tolerant storage.

Distributed File System

Main article: Distributed File System (Microsoft)

The Distributed File System (DFS) allows shares in multiple different locations to be logically grouped under one
folder, or DFS root. When users try to access a network share off the DFS root, the user is really looking at
a DFS link and the DFS server transparently redirects them to the correct file server and share. A DFS root can
only exist on a Windows 2000 version that is part of the server family, and only one DFS root can exist on that
server.
There can be two ways of implementing a DFS namespace on Windows 2000: either through a standalone DFS
root or a domain-based DFS root. Standalone DFS allows for only DFS roots on the local computer, and thus
does not use Active Directory. Domain-based DFS roots exist within Active Directory and can have their
information distributed to otherdomain controllers within the domain this provides fault tolerance to DFS. DFS
roots that exist on a domain must be hosted on a domain controller or on a domain member server. The file and
root information is replicated via the Microsoft File Replication Service (FRS).

Active Directory

Main article: Active Directory

A new way of organizing Windows network domains, or groups of resources, called Active Directory, is
introduced with Windows 2000 to replace Windows NT's earlier domain model. Active Directory's hierarchical
nature allowed administrators a built-in way to manage user and computer policies and user accounts, and to
automatically deploy programs and updates with a greater degree of scalability and centralization than provided
in previous Windows versions. User information stored in Active Directory also provided a convenient phone
book-like function to end users. Active Directory domains can vary from small installations with a few hundred
objects, to large installations with millions. Active Directory can organize and link groups of domains into a
contiguous domain name space to form trees. Groups of trees outside of the same namespace can be linked
together to form forests.
Active Directory services could always be installed on a Windows 2000 Server, Advanced Server, or Datacenter
Server computer, and cannot be installed on a Windows 2000 Professional computer. However, Windows 2000
Professional is the first client operating system able to exploit Active Directory's new features. As part of an
organization's migration, Windows NT clients continued to function until all clients were upgraded to Windows
2000 Professional, at which point the Active Directory domain could be switched to native mode and maximum
functionality achieved.

Active Directory requires a DNS server that supports SRV resource records, or that an organization's existing
DNS infrastructure be upgraded to support this. There should be one or more domain controllers to hold the
Active Directory database and provide Active Directory directory services.

Volume fault tolerance

Along with support for simple, spanned and striped volumes, the server family of Windows 2000 also supports
fault-tolerant volume types. The types supported are mirrored volumes and RAID-5 volumes:

Mirrored volumes: the volume contains several disks, and when data is written to one it is also written to
the other disks. This means that if one disk fails, the data can be totally recovered from the other disk.
Mirrored volumes are also known as RAID-1.

RAID-5 volumes: a RAID-5 volume consists of multiple disks, and it uses block-level striping with parity
data distributed across all member disks. Should a disk fail in the array, the parity blocks from the surviving
disks are combined mathematically with the data blocks from the surviving disks to reconstruct the data on
the failed drive "on-the-fly."

Deployment

hideWindows 2000 system requirements

Minimum

Recommended

CPU

Pentium 133 MHz

Pentium II 300 MHz

Memory

32 MB (128 MB for Server) 128 MB

Hard drive

1 GB (2 GB for Server)

Graphics hardware

800600 VGA or better 1024768 VGA or higher

IA-32 PCs

Input device(s)

5 GB

monitor

monitor

Keyboard or mouse

Keyboard and mouse

Windows 2000 can be deployed to a site via various methods. It can be installed onto servers via traditional
media (such as CD) or via distribution folders that reside on a shared folder. Installations can be attended or
unattended. During a manual installation, the administrator must specify configuration options. Unattended
installations are scripted via an answer file, or a predefined script in the form of an INI file that has all the options
filled in. An answer file can be created manually or using the graphicalSetup manager. The Winnt.exe or
Winnt32.exe program then uses that answer file to automate the installation. Unattended installations can be
performed via a bootable CD, using Microsoft Systems Management Server (SMS), via the System Preparation
Tool (Sysprep), via the Winnt32.exe program using the /syspart switch or via Remote Installation Services (RIS).
The ability to slipstream a service pack into the original operating system setup files is also introduced in
Windows 2000.

The Sysprep method is started on a standardized reference computer though the hardware need not be similar
and it copies the required installation files from the reference computer to the target computers. The hard drive
does not need to be in the target computer and may be swapped out to it at any time, with the hardware
configured later. The Winnt.exe program must also be passed a /unattend switch that points to a valid answer file
and a /s file that points to one or more valid installation sources.
Sysprep allows the duplication of a disk image on an existing Windows 2000 Server installation to multiple
servers. This means that all applications and system configuration settings will be copied across to the new
installations, and thus, the reference and target computers must have the same HALs, ACPI support, and mass
storage devices though Windows 2000 automatically detects "plug and play" devices. The primary reason for
using Sysprep is to quickly deploy Windows 2000 to a site that has multiple computers with standard hardware.
(If a system had different HALs, mass storage devices or ACPI support, then multiple images would need to be
maintained.)
Systems Management Server can be used to upgrade multiple computers to Windows 2000. These must be
running Windows NT 3.51, Windows NT 4.0, Windows 98 or Windows 95 OSR2.x along with the SMS client
agent that can receive software installation operations. Using SMS allows installations over a wide area and
provides centralised control over upgrades to systems.
Remote Installation Services (RIS) are a means to automatically install Windows 2000 Professional (and not
Windows 2000 Server) to a local computer over a network from a central server. Images do not have to support
specific hardware configurations and the security settings can be configured after the computer reboots as the
service generates a new unique security ID (SID) for the machine. This is required so that local accounts are
given the right identifier and do not clash with other Windows 2000 Professional computers on a network. RIS
requires that client computers are able to boot over the network via either anetwork interface card that has a PreBoot Execution Environment (PXE) boot ROM installed or that the client computer has a network card installed
that is supported by the remote boot disk generator. The remote computer must also meet the Net
PC specification. The server that RIS runs on must be Windows 2000 Server and it must be able to access a
network DNS Service, a DHCP service and the Active Directory services.

Icons

Microsoft released various ions of Windows 2000 for different markets and business needs: Professional, Server,
Advanced Server and Datacenter Server. Each was packaged separately.
Windows 2000 Professional was designed as the desktop operating system for businesses and power users. It
is the client version of Windows 2000. It offers greater security and stability than many of the previous Windows
desktop operating systems. It supports up to twoprocessors, and can address up to 4 GB of RAM. The system
requirements are a Pentium processor (or equivalent) of 133 MHz or greater, at least 32 MB of RAM, 650 MB of
hard drive space, and a CD-ROM drive (recommended: Pentium II, 128 MB of RAM, 2 GB of hard drive space,
and CD-ROM drive).
Windows 2000 Server shares the same user interface with Windows 2000 Professional, but contains additional
components for the computer to perform server roles and run infrastructure and application software. A significant
new component introduced in the server versions is Active Directory, which is an enterprise-wide directory
service

based

on LDAP(Lightweight

Directory

Access

Protocol).

Additionally,

Microsoft

integratedKerberos network authentication, replacing the often-criticised NTLM (NT LAN Manager) authentication
system used in previous versions. This also provided a purely transitive-trust relationship between Windows

2000domains in a forest (a collection of one or more Windows 2000 domains that share a common schema,
configuration, and global catalog, being linked with two-way transitive trusts). Furthermore, Windows 2000
introduced a Domain Name Server which allows dynamic registration ofIP addresses. Windows 2000 Server
supports up to 4 processors and 4GB of RAM, with a minimum requirement of 128 MB of RAM and 1 GB hard
disk space, however requirements may be higher depending on installed components.
Windows 2000 Advanced Server is a variant of Windows 2000 Server operating system designed for mediumto-large businesses. It offersclustering infrastructure for high availability and scalability of applications and
services, including support for up to 8 CPUs, a main memory amount of up to 8 gigabytes (GB) on Physical
Address Extension (PAE) systems and the ability to do 8-way SMP. It supports TCP/IP load balancing and
enhanced two-node server clusters based on the Microsoft Cluster Server(MSCS) in Windows NT Server 4.0
Enterprise ion. System requirements are similar to those of Windows 2000 Server, however they may need to be
higher to scale to larger infrastructure.
Windows 2000 Datacenter Server is a variant of Windows 2000 Server designed for large businesses that
move large quantities of confidential or sensitive data frequently via a central server. Like Advanced Server, it
supports clustering, failover and load balancing. Its minimum system requirements are normal, but it was
designed to be capable of handing advanced, fault-tolerant and scalable hardwarefor instance computers with
up to 32 CPUs and 32 GBs RAM, with rigorous system testing and qualification, hardware partitioning,
coordinated maintenance and change control. System requirements are similar to those of Windows 2000
Advanced Server, however they may need to be higher to scale to larger infrastructure. Windows 2000
Datacenter Server was released to manufacturing on August 11, and launched on September 26, 2000. This ion
was based on Windows 2000 with Service Pack and was not available at retail.

Service packs

Windows 2000 has received four full service packs and one rollup update package following SP4, which is the
last service pack. These were: SP1 on August 15, 2000, SP2 on May 16, 2001, SP3 on August 29, 2002 and
SP4 on June 26, 2003. Microsoft phased out all development of its Java Virtual Machine (JVM) from Windows
2000 in SP3. Internet Explorer 5.01 has also been upgraded to the corresponding service pack level.
Microsoft had originally intended to release a fifth service pack for Windows 2000, but Microsoft cancelled this
project early in its development, and instead released Update Rollup 1 for SP4, a collection of all the securityrelated hotfixes and some other significant issues.The Update Rollup does not include all non-security related
hotfixes and is not subjected to the same extensive regression testing as a full service pack. Microsoft states that
this update will meet customers' needs better than a whole new service pack, and will still help Windows 2000
customers secure their PCs, reduce support costs, and support existing computer hardware.

Security

During the Windows 2000 period, the nature of attacks on Windows servers changed: more attacks came from
remote sources via the Internet. This has led to an overwhelming number of malicious programs exploiting the IIS
services specifically a notorious buffer overflow tendency. This tendency is not operating-system-version
specific, but rather configuration-specific: it depends on the services that are enabled. Following this, a common
complaint is that "by default, Windows 2000 installations contain numerous potential security problems. Many
unneeded services are installed and enabled, and there is no active local security policy." In addition to insecure

defaults, according to the SANS Institute, the most common flaws discovered are remotely exploitable buffer
overflow vulnerabilities. Other criticized flaws include the use of vulnerable encryption techniques.
Code Red and Code Red II were famous (and much discussed) worms that exploited vulnerabilities of
the Windows Indexing Service of Windows 2000's Internet Information Services (IIS). In August 2003, two major
worms called Sobig and Blaster began to attack millions of Microsoft Windows computers, resulting in the largest
downtime and clean-up cost to that date. The 2005 Zotob worm was blamed for security compromises on
Windows

2000

machines

at

the

U.S. Department

of

Homeland

Security,

the New

York

Times Company, ABC and CNN.

On September 8, 2009, Microsoft skipped patching two of the five security flaws that were addressed in the
monthly security update, saying that patching one of the critical security flaws was "infeasible." According to
Microsoft Security Bulletin MS09-048: "The architecture to properly support TCP/IP protection does not exist on
Microsoft Windows 2000 systems, making it infeasible to build the fix for Microsoft Windows 2000 Service Pack 4
to eliminate the vulnerability. To do so would require re-architecting a very significant amount of the Microsoft
Windows 2000 Service Pack 4 operating system, ... there would be no assurance that applications designed to
run on Microsoft Windows 2000 Service Pack 4 would continue to operate on the updated system." No patches
for this flaw were however released for the newer Windows XP (32-bit) andWindows XP Professional x64
ion either, despite both also being affected.

Support lifecycle

Windows 2000 was superseded by newer Microsoft operating systems: Windows 2000 Server products
by Windows Server 2003, and Windows 2000 Professional by Windows XP Professional.
The Windows 2000 family of operating systems moved from mainstream support to the extended support phase
on June 30, 2005. Microsoft says that this marks the progression of Windows 2000 through the Windows lifecycle
policy. Under mainstream support, Microsoft freely provides design changes if any, service packs and nonsecurity related updates in addition to security updates, whereas in extended support, service packs are not
provided and non-security updates require contacting the support personnel by e-mail or phone. Under the
extended support phase, Microsoft continued to provide critical security updates every month for all components
of Windows 2000 (including Internet Explorer 5.0 SP4) and paid per-incident support for technical issues.
Because of Windows 2000's age, updated versions of components such as Windows Media Player
11 and Internet Explorer 7 have not been released for it. In the case of Internet Explorer, Microsoft said in 2005
that, "some of the security work in IE 7 relies on operating system functionality in XP SP2 that is non-trivial to port
back to Windows 2000."
While users of Windows 2000 Professional and Server are eligible to receive the upgrade license for Windows
Vista Business or Windows Server 2008, neither of these operating systems can directly perform an upgrade
installation from Windows 2000; a clean installation must be performed instead or a two-step upgrade through
XP/2003. Microsoft has dropped the upgrade path from Windows 2000 (and earlier) to Windows 7. Users of
Windows 2000 must buy a full Windows 7 license.
Although Windows 2000 is the last NT-based version of Microsoft Windows which does not include product
activation, Microsoft has introduced Windows Genuine Advantage for certain downloads and non-critical updates
from the Download Center for Windows 2000.

Windows 2000 reached the end of its lifecycle on July 13, 2010. It will not receive new security updates and new
security-related hotfixes after this date. In Japan, over 130,000 servers and 500,000 PCs in local governments
are affected; many local governments said that they will not update as they do not have funds to cover a
replacement.
As of 2011 Windows Update still supports the Windows 2000 updates available on Patch Tuesday in July 2010,
e.g., if older optional Windows 2000 features are enabled later. Microsoft Office products under Windows 2000
have their own product lifecycles. While Internet Explorer 6 for Windows XP did receive security patches up until
it lost support, this is not the case for IE6 under Windows 2000. The Windows Malicious Software Removal
Tool installed monthly by Windows Update for XP and later versions can be still downloaded manually for
Windows 2000.

Total cost of ownership

This

article may

be unbalanced towards

certain

viewpoints. Please improve

the

article by

on

adding

information

neglected viewpoints, or discuss the

issue on the talk page. (January 2014)

In October 2002, Microsoft commissioned IDC to determine the total cost of ownership (TCO) for enterprise
applications on Windows 2000 versus the TCO of the same applications on Linux. IDC's report is based on
telephone interviews of IT executives and managers of 104 North American companies in which they determined
what they were using for a specific workload for file, print, security and networking services. IDC determined that
the four areas where Windows 2000 had a better TCO than Linux over a period of five years for an average
organization of 100 employees were file, print, network infrastructure and security infrastructure. They
determined, however, that Linux had a better TCO than Windows 2000 for web serving. The report also found
that the greatest cost was not in the procurement of software and hardware, but in staffing costs and downtime.
While the report applied a 40% productivity factor during IT infrastructure downtime, recognizing that employees
are not entirely unproductive, it did not consider the impact of downtime on the profitability of the business. The
report stated that Linux servers had less unplanned downtime than Windows 2000 servers. It found that most
Linux servers ran less workload per server than Windows 2000 servers and also that none of the businesses
interviewed used 4-way SMP Linux computers. The report also did not take into account specific application
servers servers that need low maintenance and are provided by a specific vendor. The report did emphasize
that TCO was only one factor in considering whether to use a particular IT platform, and also noted that as
management and server software improved and became better packaged the overall picture shown could
change.