WNT: The True Story of Windows NT. Windows NT what is this program and is it needed? Hardware Requirements

At the end of 1988, Microsoft appointed David Cutler to lead a new software project: creating a new Microsoft operating system for the 1990s. He assembled a team of engineers to develop a New Technology (NT) system.

The original plan was to develop NT with OS/2-style user and program interfaces (APIs), but OS/2 sold poorly, and Windows 3.0 was a great and ongoing success in the marketplace. Seeing the market challenge and the complexities involved in developing and maintaining two incompatible systems, Microsoft decided to change course and direct its engineers towards a strategy of a single holistic operating system. This strategy was to develop a family of Windows-based operating systems that would cover many types of computers, from the smallest laptops to the largest multiprocessor workstations. Thus, the next generation of Windows systems was called Windows NT.

Windows NT supports the Windows Graphical User Interface (GUI) and is also the first Windows-based Microsoft operating system to support the Win32 API, a 32-bit programming interface for developing new applications. The Win32 API exposes advanced operating system features such as multithreading, synchronization, security, I/O, and object management to applications.

In July 1993, the first operating systems of the NT family appeared - Windows NT 3.1 and Windows NT Advanced Server 3.1.

Versions

Windows NT 3.1 (July 27, 1993)
Windows NT 3.5 (September 21, 1994)
Windows NT 3.51 (May 30, 1995)
Windows NT 4.0 (August 24, 1996)
Windows 2000 (February 17, 2000)
Windows XP (October 25, 2001)
Windows XP 64-bit Edition (March 28, 2003)
Windows Server 2003 (April 25, 2003)
Windows XP Media Center Edition 2003 (December 18, 2003)
Windows XP Media Center Edition 2005 (October 12, 2004)
Windows XP Professional x64 Edition (April 25, 2005)
Windows Fundamentals for Legacy PCs (July 8, 2006)
Windows Vista (November 30, 2006)
Windows Home Server (November 7, 2007)
Windows Server 2008 (February 27, 2008)

Structure of Windows NT

Structurally, Windows NT can be represented as two parts: the user mode part of the operating system and the kernel mode part of the operating system.

The part of Windows NT that runs in kernel mode is called the executive part. It includes a number of components that manage virtual memory, objects (resources), I/O and the file system (including network drivers), process communication, and part of the security system. These components interact with each other using inter-module communication. Each component invokes the others through a set of carefully specified internal procedures.

The second part of Windows NT, operating in user mode, are servers - the so-called protected subsystems. Since subsystems cannot automatically share memory, they communicate with each other by sending messages. Messages can be sent between a client and a server, or between two servers. All messages go through the Windows NT runtime. The Windows NT kernel schedules protected subsystem threads in the same way it schedules normal application process threads.

Support for protected subsystems is provided by the execution part. Its constituent parts are:

Object manager. Creates, deletes, and manages runtime objects, abstract data types used to represent system resources.
Security monitor. Sets protection rules on the local computer. Protects operating system resources, protects and registers executable objects.
Process manager. Creates and terminates, suspends and resumes processes and threads, and stores information about them.

Virtual memory manager.

I/O subsystem. Includes the following components:
- an I/O manager that provides device-independent I/O;
- file systems - NT drivers that execute file-oriented I / O requests and translate them into calls to conventional devices;
- network redirector and network server - file system drivers that transmit remote I / O requests to network machines and receive requests from them;
- executive device drivers - low-level drivers that directly control the device;
- a cache manager that implements disk caching.

The execution part, in turn, is based on the lower-level services provided by the NT kernel. Kernel functions include:

process planning,
handling interrupts and exceptions,
processor synchronization for multiprocessor systems,
system recovery after failures.

The kernel runs in privileged mode and is never removed from memory. The only way to access the kernel is through an interrupt.

Windows NT protected subsystems run in user mode and are created by Windows NT at boot time. Immediately after creation, they begin an endless cycle of their execution, responding to messages coming to them from application processes and other subsystems. Among protected subsystems, one can single out a subclass called environment subsystems. Environment subsystems implement operating system application interfaces (APIs). Other types of subsystems, called integral subsystems, perform tasks required by the operating system. For example, most of the Windows NT security system is implemented as an integral subsystem, network servers are also implemented as integral subsystems.

The most important environment subsystem is Win32, a subsystem that provides application access to the 32-bit Windows API. Additionally, this system provides a graphical interface and manages user input/output.

Each protected subsystem runs in user mode, calling a system runtime service to perform privileged actions in kernel mode. Network servers can run in both user mode and kernel mode, depending on how they are designed.

Subsystems communicate with each other by passing messages. When, for example, a user application calls an API procedure, the environment subsystem that provides the procedure receives the message and executes it either by calling the kernel or by sending the message to another subsystem. When the procedure completes, the environment subsystem sends a message to the application containing the return value. Sending messages and other activities of protected subsystems is invisible to the user.

The main tool that holds all the Windows NT subsystems together is the Local Procedure Call (LPC) mechanism. LPC is an optimized version of the more general remote procedure call (RPC) that is used to communicate between clients and servers located on different machines on a network.

Hello everyone I will say right away that Windows NT is not really a program, it is a Windows family from Microsoft. Under the name Windows NT, the concept of operating systems from Microsoft is hidden, not a specific one, but all systems. Windows today is a very popular operating system and there is no more popular than it. My opinion is that popularity is primarily due to the fact that there is no worthy alternative and will not be any more - it's stupid now to compete with the giant Microsoft.

But nevertheless, everything is correct - you really can have something that will have the name Windows NT, because this name appears in many places. I won’t give exact examples, I don’t remember, but you can easily meet this inscription in your Windows.

If you are faced with the question of whether to remove Windows NT software or not, then I will answer this way - it is better not to remove it. Because there may be problems later. It is logical if you think about it, it becomes clear that everything where Windows NT is written, then you should uninstall it only when you are sure of it.

Windows NT was developed in the 1990s, after Microsoft stopped working with IBM (oh, they made cool laptops), together these companies developed OS / 2, it was also an operating system that I still don’t understand, but it doesn’t matter. In short, then they began to cut Windows and you yourself know what came of it - mega Krutetskaya Windows, there is only one monopoly, everyone doesn’t like it, but everyone uses it

Yes, there is also Linux, but alas, it is for a narrow circle of users - not at all for those who need it simply and beautifully and not difficult. I personally like Windows, although it didn’t please many people, especially Windows 10, but I don’t see anything crooked in it ..

Ancient Windows, once upon a time it was a masterpiece and the ultimate dream:

But compare, this is already a seven, well, that is, Windows 7, many are still sitting on it and are not going to get off:

I was a long fan of Windows XP, even very long, I sat while sitting - Windows 7 was already out, and I was hanging out on XP ... And so I bought new hardware, it was a 1150 socket, everything was new, but I managed to install Windows XP there and I still sat for two years. Then Windows 10 came out, and I eventually switched to it. The computer has been working for weeks and everything is fine, there are no glitches and blue screens, there are no errors. Everything works like clockwork. True, in XP this was also almost non-existent. So I somehow like everything about Windows ..

I wrote a list of where exactly you can notice such as Windows NT:

descriptions of some system files;
Windows settings, system settings, Windows NT can be found everywhere;
in reference materials for the program or even in the instructions for some equipment;
it is unlikely, but it is possible that some kind of virus will mow down under Windows NT;
in system folders, for example in C:\Windows, there is a bunch of junk, in the description of which Windows NT is found;

I completely forgot to write, I myself can’t say for sure, but it seems that there is an operating system itself called Windows NT, here is its boot screen.

Roots

It all started in 1975 when Digital Equipment Corporation initiated the development of its 32-bit VAX platform.

The project was led by Cutler, who had already built a reputation for being a tough systems engineer by building the RSX-11M for the famous PDP-11 minicomputers. In 1977, the VAX-11/780 machine and its operating system, VMS 1.0, were announced. Four years later, Cutler was insanely tired of "attributing" numbers after the same three-letter prefix, and he decided to leave Digital. However, the functionaries of the corporation turned out to be more cunning: since a talented developer cannot be kept in the bosom of the organization, they decided to imitate the atmosphere of a startup and free creativity. An autonomous division in Seattle was created, and Cutler was allowed to recruit the required number of personnel (about 200 people) directly from Digital employees. The new structure took up the design of the processor architecture and operating system, codenamed Prism.

Diagram of the development of operating systems of the Windows NT family

The "happy moment" did not last long, the big bosses failed to bring the work they had begun to its logical conclusion, and in 1988 Cutler, along with his 200 engineers and programmers, found himself on free bread. But the well-known developer was not left out of work: at that time, a decision was ripe in the head of Bill Gates about the need to create a server OS that competes with Unix clones. Only to get David Cutler, the future Microsoft CEO agreed to hire 20 ex-Digital engineers of his choice. In November 1988, a team of five Digital people and one Microsoft programmer set to work.

The task was to write an OS for the new Intel i860 RISC processor, codenamed N-Ten. From here, by the way, the abbreviation NT arose, later interpreted by Microsoft marketers as New Technology. Already in December 1988, the first fragments of the system were ready. The catch was that the i860 only existed on paper, so the code had to be tested on a software emulator. Development was carried out on "toy", by today's standards, Intel 386 25 MHz machines with 13 MB of RAM and 110 MB hard drives.

The microkernel architecture that underpinned NT from the very beginning became crucial when it was discovered in 1989 that the hardware i860 was not capable of efficiently executing written code. I had to switch to MIPS R3000 and then to the standard Intel 386 processor, which was done in less than a year by a team that increased to 28 engineers.

In 1990, the most important event that became a key event in the fate of NT took place - the release and dizzying success of Windows 3.0. In fact, it was Microsoft's first multi-tasking OS with a decent graphical interface that allowed real work to be done. It was the borrowing of this interface and API that predetermined the future of NT. Initially, the server OS was supposed to be a remake of the joint OS / 2 project with IBM and, accordingly, function with existing OS / 2 applications. However, the third version of Windows appeared just in time: Redmond abandoned his allies and refocused the NT development team on the design of the Win32 API, made in the "image and likeness" of the Win16 interface. This provided much-needed continuity that made it easier to port applications from the desktop to the server platform.

The NT development team, which had by then become Windows NT, began to grow rapidly, and soon had about 300 people working in it. The abandonment of OS/2 orientation led to serious problems in the relationship between Microsoft and IBM. There were no official statements, just at one of the inter-corporate presentations, IBM employees found in confusion that the OS created had nothing to do with the brainchild of their company. Nevertheless, Windows NT 3.1 (numbering was "adjusted" to the current version of 16-bit Windows that existed at that time) included support for DOS, Win16, POSIX and OS / 2 APIs, including. In July 1993, a new server system from Microsoft came out and started its journey.

Then things went smoothly: in September 1994, Windows NT 3.5 was released. The previous version was prepared in a feverish rush, everything had to be coded from scratch, and a lot of features remained unimplemented. Now it's time to think about efficiency, speed and ... organizing some kind of interaction with networks built on NetWare - the absolute leader of that time, dominating the local area network market. If in those years they were so attentive to the issues of regulation of monopolies, as is done today, perhaps it would be enough to write the appropriate slander to the appropriate authority. Alas, Microsoft had to deal with the situation on its own. Novell hesitated whether or not to provide client support for Windows NT. Redmond couldn't wait any longer—they wrote their NetWare client, and it was so good that it continued to be used after the original Novell software came out. In May 1995, thanks to the architecture based on the microkernel, a special "PowerPC edition" of the OS appeared - Windows NT 3.51. According to some reports, its release was delayed due to IBM's inability to stick to the plan to bring this processor to the market. Therefore, the evolution of the PowerPC version went a little further than Windows NT 3.5, which allowed it to become the basis for the next version of the OS.

If until now it was still possible to talk about some similarity between the architectures of Windows NT and even Unix (in some ways infinitely distant, but in some ways very similar to the VMS OS), then with the release of NT 4.0, which introduced the graphics subsystem into core, the last reason for such reasoning has disappeared. In theory, such a decision was an absolutely logical conclusion from the sad experience of trying to integrate the popular Windows 95 window environment into NT. Probably, the idea of repeating the architectural model of X Window - Unix - arose precisely because of the original "server orientation" of NT. However, if there were no problems with the “transplantation” of the graphical shell, then its performance in user mode (i.e., in the form of a regular application) left much to be desired, which is absolutely natural - supporting an abstract output device (be it a bitmap display, a printer, or in general whatever) the Windows graphics subsystem is incommensurably more complex and, accordingly, more demanding on resources than the X Window, which "understands" only raster displays. So, as part of the Windows NT 4.0 kernel, released in July 1996, another module appeared. The revision was called the Shell Update Release (SUR).

The next step was Windows NT 5.0, released on the market in 2000 under the name Windows 2000. The change of "titles" was influenced by marketers and turned out to be, in general, the right decision to reposition this operating system. The work continues to this day, as evidenced by the release of Windows Server 2003.

Battle for Windows The design and implementation of Windows Server belongs to Mark Lucovsky, one of the backers of the corporation's Server OS division. He leads an army of 5,000 developers assigned to seven labs. Another 5,000 programmers work at their workplaces in partner companies, contributing daily their mite to 50 million lines of the resulting Windows Server 2003 OS code.

Every day, a full compilation and assembly of the system is performed to check for operability and identify errors. Lists of detected bugs are sent to development teams. Corrections made must be reported on the bulletin board, which puts them in the queue for inclusion in the main assembly. The server farm involved in compiling the system is constantly being upgraded, however, like many years ago, a complete assembly takes 12 hours of machine time. And this is despite the division of the colossal array of codes into separate independent groups of source texts, organized into tree-like hierarchies.

The quintessence of the development process is the hour-long meetings in the so-called "war room" (War Room), held two or three times daily (at 9.30, 14.00 and 17.00). They are preceded by similar events in the local "battle rooms" of the working groups at 8.00. At the main meeting, corrections of previously discovered errors are discussed and the overall status of the project is determined. In recent days, they have been mainly looking for ways to solve an important problem - renaming Windows .NET Server 2003 to Windows Server 2003. Thousands of names in various modules, and this is at the last moment before the release of the system, which caused a serious headache for developers.

At the meeting, each team should report on the progress of their work, the process of correcting the errors found and the possible consequences of making or not making these amendments. If the problem cannot be solved or it is considered insufficiently important, the bug, according to the original terminology, is "kicked off" in the final release. Missing the morning meeting is equivalent to desertion.

The build starts every day at 4:30 pm and can be delayed until 6:00 pm so that after the third meeting in the "battle room" the latest fixes can be included in the system. The team cannot come to the meeting without a ready solution to the existing problems, otherwise it is better for them not to appear there at all. Each of the seven laboratories has a complete copy of the source code of the system, in which they make their own amendments, compile and check for operability. If everything went smoothly, the new code is merged with the code created by other teams into the main assembly. The problem may lie in the interaction of new code written by different groups. The main assembly is not always successful, sometimes the system is not viable. In this case, as soon as the culprit module is discovered (usually around three or four in the morning), those who wrote it are urgently called to the workplace and do not leave it until the error is corrected. Therefore, programmers must be ready to work 24 hours a day, 6 days a week (six days are introduced as the product release date approaches).

The main principle on which the final stages of testing are built is the use of own products in the project process. Once the system reaches the "first level" of stability, it becomes the main operating system in workgroups. The "second level" is considered to be reached when the OS acquires the ability to function. Only then is it allowed to be used on the Microsoft campus. So it was with the file server under NT, the first use of it was to store the source texts of Windows NT, so they did with the first, and with all subsequent versions of Active Directory.

The product is then submitted for testing to selected JDP (Joint Development Partners) partners. If errors are found, a "volitional decision" is made: leave them in the system and save the sales start date, or postpone the release date and do some improvements. In the latter case, all results are canceled and testing starts from scratch.

It is much more difficult to provide after-sales support. When flaws, security "holes" or the need to add new features to the product are identified, either a local patch or a full-fledged Service Pack has to be formed. Since others already existed before this patch or Service Pack, the new code is tested on many variants of the system, going through all possible combinations of patches and Service Packs. In addition, to carry out a full health check, the corporation maintains separate fragments of its network that operate on older versions of products (for example, Windows Server 2000), where you can "run in" the system in the "field conditions".

How VMS Became WNT

Some wits once joked that if you increment (increase by one) each letter of the name of the Cutler VMS operating system, you get WNT or Windows NT. According to professionals, this is true. Not a preconceived notion based on the fact that the main architects of NT were once the developers of the VMS, but an objective reality.

In fact, NT is the embodiment of radically redesigned, implemented in the C language to achieve better mobility, the architectural ideas of the VMS assembler core, supplemented by the appropriate front-end APIs and new file and graphics subsystems. The commonality of the architectural solutions of the two systems is very high. So, they have the same concepts of processes, priorities (32 levels), management of changing priorities and control over the distribution of processor time between them. But despite the significant similarities, no doubt due to the previous experience of the team of the chief architect - Cutler, NT was originally created as a multi-threaded operating system - this "small" difference alone makes it possible to understand the degree of separation of NT from the "basic" VMS architecture.

Drivers in both operating systems work within the framework of a stack model, each layer of which is isolated from the others, which allows organizing a multi-stage device control scheme. Systems allow swapping of both user processes and system processes, including drivers. The way resources are represented is also similar, both systems treat them as objects and manage them using the Object Manager. NT security, like its underlying Discretionary Access Control Lists or DACLs, traces its lineage back to VMS 4.0.

In 1993, Digital engineers reviewed the specifications for Windows NT and found that it bore a striking resemblance to the experimental Mica operating system that had been created as part of the Prism project. Why such attention to Redmond products? Not from a good life, Digital employees began to study the insides of someone else's system. In 1992, the corporation fell into a protracted peak, money was slipping through its fingers, and sales of the new Alpha processor were slipping. Now in search of salvation, the company's bosses tried to seek help from their worst rival Intel, to which its president, Andrew Grove, refused. In the end, I had to bow to "Gates the Third" and ask for a port of Windows NT under Alpha in exchange for a promise to make NT, to the detriment of VMS, my main operating system. However, having received a pre-release version of NT, Digital's engineers slowly realized that the OS required significantly more RAM than their typical "$5,000 Alpha PC" would hold. NT was clearly not suitable for the mass market of RISC stations, an attempt to stand under the Microsoft flag for Digital (as, indeed, for most other companies) turned out to be a waste of time and money.

The game of "spot 10 differences" between WNT and VMS has paid Digital big dividends. According to one version published at the time in Business Week, instead of openly suing, the president of Digital, with irrefutable evidence of intellectual property infringement in his hands, decided to get more for less. He turned to Microsoft for clarification, which resulted in the signing of a large-scale contract under which Digital became the main network integrator for NT. In addition, in October of the same year, Redmond refused support in Windows NT for both processors competing with Alpha: PowerPC and MIPS. Unfortunately for the Digital management, the alliance was soon destroyed, and the status of "NT network installation services for Microsoft" passed to Hewlett-Packard, which, however, a few years later got another heavy burden of the corporation - the VMS OS.

Despite the fact that the paths of NT and VMS diverged, these operating systems continued a series of peculiar borrowings. In particular, Windows NT received support for clusters only in 1997, while VMS has had it since 1984, and a 64-bit version of Windows appeared even later (VMS migrated to a higher bit depth back in 1996). On the other hand, in VMS 7.0 in 1995, threads were announced at the kernel level, and a Registry-like database and a global event log, similar to the corresponding NT tools, became part of VMS 7.2. Windows Server 2003 is out, let's see what happens next...

In July 1993, the first operating systems of the NT family appeared - Windows NT 3.1 and Windows NT Advanced Server 3.1.

Versions

Windows NT 3.1 (July 27, 1993)
Windows NT 3.5 (September 21, 1994)
Windows NT 3.51 (May 30, 1995)
Windows NT 4.0 (August 24, 1996)
Windows 2000 (February 17, 2000)
Windows XP (October 25, 2001)
Windows XP 64-bit Edition (March 28, 2003)
Windows Server 2003 (April 25, 2003)
Windows XP Media Center Edition 2003 (December 18, 2003)
Windows XP Media Center Edition 2005 (October 12, 2004)
Windows XP Professional x64 Edition (April 25, 2005)
Windows Fundamentals for Legacy PCs (July 8, 2006)
Windows Vista (November 30, 2006)
Windows Home Server (November 7, 2007)
Windows Server 2008 (February 27, 2008)

Structure of Windows NT

Structurally, Windows NT can be represented as two parts: the user mode part of the operating system and the kernel mode part of the operating system.

Support for protected subsystems is provided by the execution part. Its constituent parts are:

Object manager. Creates, deletes, and manages runtime objects, abstract data types used to represent system resources.
Security monitor. Sets protection rules on the local computer. Protects operating system resources, protects and registers executable objects.
Process manager. Creates and terminates, suspends and resumes processes and threads, and stores information about them.

Virtual memory manager.

I/O subsystem. Includes the following components:
- an I/O manager that provides device-independent I/O;
- file systems - NT drivers that execute file-oriented I / O requests and translate them into calls to conventional devices;
- network redirector and network server - file system drivers that transmit remote I / O requests to network machines and receive requests from them;
- executive device drivers - low-level drivers that directly control the device;
- a cache manager that implements disk caching.

The execution part, in turn, is based on the lower-level services provided by the NT kernel. Kernel functions include:

process planning,
handling interrupts and exceptions,
processor synchronization for multiprocessor systems,
system recovery after failures.

The kernel runs in privileged mode and is never removed from memory. The only way to access the kernel is through an interrupt.

The Windows NT or New Technology operating system was created by a group of developers led by Dave Cutler.

Windows NT is a 32-bit operating system with preemptive multitasking. As fundamental components, the operating system includes security tools and a developed network service. Windows NT also provides compatibility with many other operating systems, file systems, and networks. Windows NT is able to function both on computers equipped with CISC - processors with a complex instruction set (complex instruction set computing), and on computers with RISC - processors with a reduced instruction set (reduced instruction set computing). The Windows NT operating system also supports high performance multiprocessor systems.

Familiar in Windows NT is only the appearance. Behind the graphical user interface lie powerful new features.

Tasks set when creating WindowsNT. Windows NT is not a further development of pre-existing products. Its architecture was created anew, taking into account the requirements for a modern operating system. The features of the system developed on the basis of these requirements are as follows.

In an effort to provide compatibility new operating system, the developers of Windows NT retained the familiar Windows interface and implemented support for existing file systems (such as FAT) and various applications (written for MS-DOS, OS/2 1.x, Windows 3.x, and POSIX). The developers also included tools for working with various networking tools in Windows NT.

Achieved portability(portability) system that can now run on both CISC and RISC processors. CISC includes Intel-compatible processors 80386 and higher. RISCs are represented by systems with MIPS R4000, Digital Alpha AXP and Pentium P54 and higher processors.

Scalability(scalability) means that Windows NT is not tied to a single-processor computer architecture, but is able to take full advantage of the opportunities provided by symmetrical multiprocessor systems. Currently, Windows NT can run on computers with processors ranging from 1 to 32. In addition, as user tasks become more complex and the demands on the computing environment expand, Windows NT makes it easy to add more powerful and productive servers and workstations to the "corporate networks.

Additional benefits are provided by the use of a single development environment for both servers and workstations.

Windows NT has a uniform security system(security) that meets US government specifications and complies with B2 security standard. In a corporate environment, critical applications are provided with a completely isolated environment.

Distributed processing(distributed processing) means that Windows NT has networking capabilities built into the system. Windows NT also allows communication with various types of host computers through support for a variety of transport protocols and the use of high-level client-server facilities, including named pipes, remote procedure calls (RPCs), and Windows sockets.

Reliability and fault tolerance(reliability and robustness) are provided by architectural features that protect application programs from damage by each other and the operating system. Windows NT uses fault-tolerant structured exception handling at all architectural levels, which includes a recoverable NTFS file system and provides protection through built-in security and advanced memory management techniques.

Possibilities localization(allocation) represent means for robots in many countries of the world in national languages, which is achieved by using the Unicod standard (developed by the international organization for standardization - ISO).

Thanks to the modular design of the system, extensibility Windows NT, which allows the flexibility to add new modules at various levels of the operating system.

The package includes a number of applications: Internet Information Server 2.0, Index Server, FrontPage, Internet Explorer, Domain Name System (DNS) Server, Proxy Server and Internet Resource Center, all Service Packs, Plus! and a number of additional utilities, including both new ones, such as Administrative Wizards or Imager, and improved versions of older programs, such as Task Manager.

The Administrative Wizard allows you to automate typical network management tasks, and updated versions of Windows NT Diagnostic and Performance Monitor programs are used to quickly monitor the system status. The Task Manager dialog has been transformed into a powerful tool that provides a wealth of useful information, from CPU usage to the names of all active system processors.

One of the key components of Windows NT 4.0 is Internet Information Server 2.0. It is a flexible and multifunctional solution for both connecting to the Internet and creating your own private intranet. The user only needs to configure the TCP / IP protocol settings (with the DHCP service installed, the IP address is assigned automatically), start IIS and create one or more of their own Web pages. The Web documents are then available to all users on your network who have installed software that runs the TCP/IP protocol and a standard World-Wide Web browser.

There are some changes in the remote access subsystem, Remote Access Service (RAS). Now it is possible to use secure communication channels, the new Point-To-Point Tunneling Protocol (PPTP), the ability to use multiple modems to organize communication channels with remote networks.

Features of the network architecture of previous versions of Windows NT (multilevel model of protection against unauthorized access, the specifics of the modular system, etc.) limited its bandwidth when working in Fast Internet networks. In version 4.0, the algorithms for caching network requests were improved, the modules of the resource sharing subsystem were optimized, the mechanism for generating interrupts was changed (during the transition to high-speed networks, this function unexpectedly became a source of problems for network operating systems). The second change that Microsoft is pointing out is the increased performance of the OS when performing graphics operations.

The combination of a powerful network OS and a graphical interface designed for unskilled users looks rather unusual. Windows NT 4.0 is not just another version of the popular operating system. It is the basis for a new generation of Internet-oriented software products.

Architectural modules of Windows NT. As shown, Windows NT is a modular (better than monolithic) operating system that consists of separate interconnected relatively simple modules.

The main modules of Windows NT are (listed in order from the lowest level of architecture to the top): the hardware abstraction layer HAL (Hardware Abstraction Layer), the kernel (Kernel), the executive system (Executive), protected subsystems (protected subsystems) and environment subsystems (environment subsystems).

virtualizes hardware interfaces, thereby making the rest of the operating system independent of specific hardware features. This approach allows for easy portability of Windows NT from one hardware platform to another.

Core is the basis of the modular structure of the system and coordinates most of the basic operations of Windows NT. This component has been specifically optimized for space and performance. The kernel is responsible for scheduling the execution of threads, synchronizing the work of multiple processors, and handling hardware interrupts and exceptions.

Executing system includes a set of programming constructs of privileged mode (kernel mode), which represent the basic service of the operating system to the subsystems of the environment. The execution system consists of several components,

Rice. 2.32. Modular structure of Windows NT

each of them is designed to support a specific system service. Thus, one of the components - the Security Reference Monitor - operates in conjunction with protected subsystems and ensures the implementation of the system security model.

Environment subsystems are secure user-mode servers that run and support applications designed for different operating environments (different operating systems). Win32 and OS/2 subsystems are examples of environment subsystems.

Hardware abstraction layer(HAL) is a layer of software created by hardware manufacturers that hides (or abstracts) features that differentiate the hardware from the upper layers of the operating system. Thus, due to the filter provided by the HAL, different hardware looks similar from the point of view of the operating system; the need for special configuration of the operating system for the equipment used is removed.

When creating the hardware abstraction layer, the task was to prepare procedures that would allow a single driver for a particular device to support the operation of this device for all platforms. HAL is targeted at a large number of varieties of hardware platforms with a single processor architecture; thus, each of the hardware options does not require a separate version of the operating system.

HAL procedures are called both operating system tools (including the kernel) and device drivers. When working with device drivers, the hardware abstraction layer provides support for various I/O technologies (instead of the traditional focus on a single hardware implementation or costly adaptation to each new hardware platform).

The level of hardware abstractions also makes it possible to “hide” from other levels of the operating system the features of the hardware implementation of symmetric multiprocessor systems.

Core(Kernel) works in close contact with the hardware abstraction layer. This module is primarily concerned with scheduling the processor's actions. If the computer contains several processors, the kernel synchronizes their work in order to achieve maximum system performance.

The kernel dispatches flows(threads - threads of control, which are sometimes called subtasks, branches), which are the main objects in the planned system. Threads are defined in the context of a process; a process includes an address space, a set of objects available to the process, and a set of control flows that are executed in the context of the process. Objects are resources managed by the operating system.

The kernel schedules the threads of control in such a way as to maximize the load on the system processors and ensure that threads with a higher priority are processed in the first place. There are 32 priority values in total, which are grouped into two classes: real-time and variable. This approach allows you to achieve maximum efficiency of the operating system.

Subcomponents of the executive system, such as the I/O manager and the process manager, use the kernel to synchronize activities. They also interact with the kernel for higher levels of abstraction called kernel objects; some of these objects are exported within custom application program interface (API) calls.

The kernel manages two types of objects.

Dispatching objects(dispatcher objects) are characterized by a signaled state (signaled or nonsignaled) and control the dispatching and synchronization of system operations. These objects include events, mutants, mutexes, semaphores, threads, timers, semaphores, threads, and timers.

Control Objects(control objects) are used for kernel control operations, but do not affect scheduling or synchronization.

Control objects include asynchronous procedure calls, interupts, power notifies, power statuses, processes, profiles.

Executing system(Executive), which includes the kernel and the HAL hardware abstraction layer, provides a common system service that all subsystems of the environment can use. Each service group is managed by one of the individual components of the executive system:

Object Manager;

Virtual memory manager (Virtual Memory Manager);

Process Manager (Process Manager);

Means of calling local procedures (Local Procedure Call Facility);

I / O Manager;

Security Reference Monitor.

The security monitor, together with the Logon processor and secure subsystems, implements Windows NT security model.

The top level of the executive system is called System Services. Shown in fig. 2.33, a system service is an interface between the subsystems of the user mode environment and the privileged mode.

cache manager. The I/O architecture contains a single Cache Manager that performs caching for the entire I/O system. Caching is a technique used by the file system to increase efficiency.

Fig.2.33. System interface

Instead of directly writing to and reading from disk, frequently used files are temporarily stored in the cache; thus, work with these files is done in memory. Operations with data in memory are much faster than operations with data on disk.

The cache manager uses a file mapping model that is integrated with the Windows NT virtual memory manager. The cache manager provides a caching service for all file systems and network components that are managed by the I/O manager. Depending on the amount of available RAM, the cache manager can dynamically increase or decrease the size of the cache. When a process opens a File that was already in the cache, the cache manager simply copies the data from the cache into the virtual address space.

The cache manager supports services such as lazy write and lazy commit, which can drastically increase file system efficiency. The slow write process logs changes to the file structure cache for faster access. Later, when CPU usage is reduced, the cache manager writes the changes to disk. Slow-motion recording is like slow-motion recording. Instead of immediately marking the transaction as successful, the transferred information is cached and later written to the file system journal in the background.

File system drivers. In the Windows NT I/O architecture, file system drivers are managed by the I/O manager. Windows NT allows for a variety of file systems, including the existing FAT file systems. For bottom-up compatibility with MS-DOS, Windows 3.x, and OS/2 operating systems, Windows NT supports the FAT and HTFS file systems.

In addition, Windows NT also supports NTFS, a new file system designed specifically for use with Windows NT. NTFS provides a number of features, including file system recovery, support for Unicode, long filenames, and support for POSIX.

The Windows NT I/O architecture not only supports traditional file systems, but also allows the network editor and server to function as file system drivers. From the point of view of the I/O manager, there is no difference between working with a file hosted on a remote network computer and working with a file on a local hard drive. Redirectors and servers can be loaded and unloaded dynamically just like any other driver; one computer can simultaneously host a large number of redirectors and servers.

network drivers. The next type of drivers present as components in the I/O architecture are the network drivers. Windows NT includes integrated networking capabilities and support for distributed applications. Redirectors and servers function as file system drivers and run at or below the provider interface level, where NetBIOS and Windows socket reside.

Transport protocol drivers communicate with redirectors and servers through a layer called the Transport Driver Interface (TD1). Windows NT includes the following vehicles:

transmission control protocol/internet protocol TCP/IP, which provides the ability to work with a wide range of existing networks;
NBF is a descendant of the NetBIOS Extended User Interface (NetBEUI) that provides compatibility with existing LANs based on LAN Manager, LAN Server, and MS-Net;
Data Link Control (DLC), which provides an interface for accessing mainframes and networked printers;
NWLink is an IPX/SPX implementation that provides communication with No-well NetWare.

At the bottom of the network architecture is the network adapter card driver. Windows NT currently supports NDIS (Network Device Interface Specification) version 3.0 device drivers. NDIS provides a flexible communication environment between transport protocols and network adapters. NDIS 3.0 allows a single computer to have multiple NICs installed in it. In turn, each network adapter card can support multiple transport protocols to access different types of network stations.

Windows NT security model- represented by the security monitor (Security Reference Monitor), as well as two other components: the logon processor (Logon Process) and secure secure subsystems.

In a multitasking operating system such as Windows NT, applications share a number of system resources, including computer memory, I/O devices, files, and the system's processor(s). Windows NT includes a set of security features that ensure that applications cannot access these resources without proper permission.

The security monitor is responsible for enforcing the access validation and control policy of a particular local security subsystem. The security monitor provides services for confirming access to objects, checking user privileges, and generating messages for both privileged mode and user mode. The Security Monitor, like other parts of the operating system, runs in privileged mode.

The Windows NT logon process requires a security logon to authenticate a user. Each user must have a budget and must use a password to access that budget.

Before a user can access any computer resource from within Windows NT, the user must log on through the logon process in order for the security subsystem to recognize the username and password. Only after successful authentication, the security monitor performs an access validation procedure to determine the user's right to access this object.

Resource security is one feature provided by the security model. Tasks cannot access other people's resources (such as memory) except through the use of special sharing mechanisms.

Windows NT also provides controls that allow an administrator to capture user activity.

Windows NT memory management. Windows NT Workstation 3.51 is essentially a server operating system tailored for use on a workstation. This is the reason for the architecture, in which the absolute protection of applications and data takes precedence over considerations of speed and compatibility. The extreme reliability of Windows NT comes at a high system cost, so you need a fast CPU and at least 16MB of RAM to get acceptable performance. Under Windows NT, lower memory security is achieved by not being compatible with real-mode device drivers. Windows NT runs its own 32-bit NT applications, as well as most Windows 95 applications. Like Windows 95, Windows NT allows 16-bit Windows and DOS programs to run in its environment.

Windows NT's memory allocation scheme differs from that of Windows 95. Native application programs are allocated 2 GB of special address space, from the 64 KB boundary to 2 GB (the first 64 KB are completely inaccessible). Application programs are isolated from each other, although they can communicate through the Clipboard, DDE and OLE mechanisms.

At the top of each 2GB application block is code that the application program perceives as ring 3 system DLLs. These are actually just call forwarding stubs called client-side DLLs. When calling most API functions from a client-side DLL application, local procedures (Local Process Communication (LPC)) are invoked, which pass the call and its associated parameters to a completely isolated address space where the actual system code is contained. This server process checks the value of the parameters, executes the requested function, and sends the results back to the application's address space. Although the server process itself remains an application-level process, it is completely protected from and isolated from its caller.

Between the 2GB and 4GB marks are the low-level Windows NT ring 0 system components, including the kernel, thread scheduler, and virtual memory manager. The system pages in this area have supervisor privileges, which are set by the processor's physical ring protection circuits. This makes the low-level system code invisible and unwritable to application-level programs, but results in performance degradation during ring transitions. For 16-bit Windows applications, Windows NT implements Windows on Windows (WOW) sessions. Windows NT gives you the ability to run 16-bit Windows programs individually in their own memory spaces or together in a shared address space. In almost all cases, 16-bit and 32-bit Windows applications can communicate freely using OLE (through special thunk routines, if necessary) whether they run in separate or shared memory. Native applications and WOW sessions run in preemptive multitasking based on the control of individual threads. Multiple 16-bit Windows applications in the same WOW session run according to the cooperative multitasking model. Windows NT can also multitask multiple DOS sessions. Since Windows NT is a fully 32-bit architecture, there are no theoretical limits on GDI and USER resources.

Key differences in Windows 2000. Windows 2000 or W2k is a Microsoft operating system (OS) based on Windows NT technology, which was reflected in the original name of the W2k project, Windows NT 5.0. Windows 2000 is a fully 32-bit OS with preemptive multitasking and improved memory management. The W2k project is based on the same principles that once made NT so successful.

w2k interface similar to Windows 98 interface with IE 5.0 installed. However, we still note some details.

The first thing that catches your eye is that the color scheme has changed. Now it resembles one of the schemes used in the KDE desktop for Linux. Another noticeable detail is the shadow under the mouse cursor, which is removed/exposed in the Control panel -> Mouse -> Pointers, with a tick on Enable pointer shadow. In addition, a new effect has been added when the menu appears, now they gradually appear out of thin air. Controlled from Desktop Properties, on the Effects tab, check Use transition effects for menu and tooltips.

The Start Menu introduced a feature familiar from Office 2000, when only the most frequently used items are shown when opening, the rest are opened by pressing the down arrow. You can control this effect in the Taskbar Properties, in the General tab, with the Use Personalized Menus checkbox (similarly, in 1E5 this option is disabled in Tools -> Internet Options -» Advanced -> Enable Personalized Favorites Menu). There are a few more items in Desktop Properties, including Hide keyboard navigation indicators until I use the Alt key. If it is selected, it removes the underline under the letters that mean Keyboard shortcut in Windows programs until the key is pressed. .

On the second tab of the Taskbar Properties, Advanced, there is a Start Menu Settings window, which allows you to add / remove lines included in the Start Menu, and expand some items. For example, if you tick the Expand Control Panel checkbox, then when you hover the mouse cursor over the Control Panel in the Start Menu, another menu will open to the right of it, in which there will be all the elements included in it. A useful feature on this tab is the Re-sort button. W2k, by default, puts folders with the latest installed programs at the very bottom of the Start Menu, folders can even be below links to files. Re-sort eliminates this injustice and arranges all folders from top to bottom in alphabetical order. However, the same effect can be achieved by right-clicking in Start Menu -> Programs and selecting Sort by name. In addition, with the right button, you can drag and drop any elements from there to any place.

Another difference that often fails people who have previously worked with NT and W9x, oddly enough, is the widespread use of Checkbox - Especially those that are just a square on a white background. So if you find yourself unable to do something, then look again at all the windows, perhaps you just did not pay attention to such a Checkbox.

task manager is one of the most powerful and convenient tools in NT for managing processes. It is called either , or by choosing from the menu that appears after right-clicking on the Taskbar. You can choose after .

Task manager consists of three tabs - Performance, Processes, Applications. Let's start with Performance. This tab shows real-time information about the processor(s) load, shows the load of physical memory, and shows how much RAM is used / free and how much is the system Swap "a. In addition, other additional information is given there, for example, Threads and Processes - the number of threads and processes currently running on the machine, Peak - the peak size of Swap "a during the session, Nonpaged - the amount of memory allocated for the kernel. This information can be used when you need to answer the question of what factor in the system is the "bottleneck" that slows down the work (although it is better to use Performance Monitor for this purpose).

The second tab, Processes, contains a list of currently active processes. For each process, you can find out some additional information, such as: PID (Process ID), the amount of RAM used, the number of threads generated by the process, and much more. You can add/remove displayed parameters via View -> Select Columns. In addition, quite specific actions can be performed with any of these processes. To do this, you just need to right-click on it, a context menu will appear, through which you can end the process, End Process, you can “kill” the process itself and all the others that it “spawned”, End Process Tree. You can set the priority of the process, from the highest RealTime to the lowest, Low. If the machine has two processors and a multiprocessor core, then another item appears in this menu, Set Affinity, which allows you to transfer the process to another processor, Cpu 0, Cpu l, and so on up to Cp31.

The last tab of the Task Manager - Applications, allows you to view a list of running applications and terminate any of them. Task Manager not only allows you to end applications, it can also start new applications. File -> New task (Run).

Active Directory- is a new user and network resource management tool. It is designed to facilitate the work of administrators of large networks based on W2k, and the entire network management and security system is built around it. To install Active Directory, you must have W2k Server. W2kPro can run in an Active Directory environment but cannot create one. Active Directory is built on the following principles:

1. Single registration in the network. Thanks to IntelliMirror technology, you can go to any computer in the office, enter your password

and in front of you will be your desktop, your documents and your settings.

2. Information security. Active Directory has built-in user authentication. For each object in the network, you can centrally set access rights, depending on groups and specific users. With Kerberos security, you can communicate securely even over open networks such as the Internet. At the same time, data transmitted over the network is encrypted, and passwords are not transmitted or stored on client machines. The Kerberos security system (named after the mythical three-headed dog, which, according to Greek mythology, guarded the gates of hell) has been known for a long time, but it is used for the first time in the OS from Microsoft. Without going into details, this system works like this:

The client sends a request to the authentication server for permission to access the required information;

The server checks the client's rights and sends him permission to receive the required information, encrypted using a key known to the client, and at the same time sends a temporary encryption key. Using this key, all transmitted information is encrypted, and the key lifetime is limited, so the authentication server sends a new key from time to time (naturally, the new key is encrypted using the current key), which is unknown to anyone except the server and client. Regularly changing encryption keys makes life very difficult for attackers who are hunting for your data.

However, as we all remember, in the Greek myth Kerberos could not resist the mighty Hercules. So in our case, despite all its advantages, the Kerberos security system cannot withstand all types of attacks. For example, it is possible to bombard an application with false requests, a so-called "Deny of service" attack, which can result in the application not using the Kerberos protocol.

3. Centralized management. When using Active Directory, the administrator does not have to manually configure each machine if, for example, it is necessary to change access rights to any one object or install a new network printer. Such changes can be made immediately For the entire network.

4 . Flexible interface. Directory structures change quickly and easily. For example, you can create a catalog of your company, separate the accounting department, marketing departments, secretariat into separate subdirectories and present all this in the form of a tree structure. Or, for example, create several trees representing different offices in different buildings or regions and easily set the connection and access rights between them. Connect a network printer to the accountant's directory with a single mouse movement. (The drivers will be installed on these computers automatically.) Or drag and drop the entire accounting department from one server to another with all their rights, folders and documents.

5. Integration with DNS. Through tight integration with Active Directory DNS, the same resource names are used on the local network as on the Internet, which leads to less confusion and promotes closer interaction between the local and wide area networks.

6. Scalability. Multiple Active Directory domains can be combined together under one management.

7. Ease of searching. In an Active Directory domain, various objects can be found by a variety of attributes, such as the user or computer name, the user's email address, and so on.

DFS (Distributed File System) is one of the Active Directory tools. It allows you to create network shares, which can include many file systems on different machines. For an Active Directory user, this is absolutely transparent and does not matter where and on what machines the files he works with are physically located - for him they are all located in one place. In addition, when using DFS and Active Directory, the management of such resources is simplified. It is centralized, you can easily and painlessly add new resources or delete old ones, change the physical location of the files included in DFS, etc.