This week's article covers Implementing, Managing, and Troubleshooting Hardware Devices and Drivers. This includes a look at configuring and managing hardware, drivers, driver signing, multiple CPUs, and more.
by Dan DiNicolo
Welcome to the fourth article in my 70-240 in 15 minutes a week series. This week's article covers Implementing, Managing, and Troubleshooting Hardware Devices and Drivers. This includes a look at configuring and managing hardware, drivers, driver signing, multiple CPUs, and more. For those keeping score at home, there are approximately four more major topic areas to be covered for the Windows 2000 Professional section of the series. Once this is complete, we'll begin a look at Windows 2000 Server (70-215 material), followed by Active Directory Infrastructure (217), and finally Network Infrastructure (216). Once all is said and done, you should still have more than a good few months to actually write the exam - that's why you're here after all!
The material that this article will cover includes:
- Implementing, Managing and Configuring:
- Multiple display support
- Mobile computer hardware
- I/O devices
- Network Adapters
- Internet Connection Sharing (ICS)
- Managing and Troubleshooting:
- Drivers, Driver Signing, and System Files.
- Multiple CPU systems
Implementing Managing and Configuring Hardware Devices and Drivers
This section takes a look at hardware devices on a type-by-type basis. Note that to install, configure, or uninstall a device, you must be logged on as Administrator (or a member of the administrators group, of course). If an administrator has already loaded the drivers for a device, then you would not need administrative privileges to do these things.
One of the big changes in Windows 2000 is the support for Plug and Play. If you install a Plug and Play device, Windows will automatically assign resources to the device including IRQ numbers, DMA channels, I/O port addresses, and memory access ranges, and will ensure these are unique. However, with a non Plug and Play device, you may need to configure these settings manually, via Device Manager (found in the Computer Management tool and very similar to the Win98 tool). New devices can be added via Add/Remove Hardware in Control Panel, if the process isn't started automatically by Windows 2000 when you plug in a device. As shown below, The Add/Remove Hardware wizard will allow you to Add, Troubleshoot, Uninstall, or Unplug a device.
Once a device is installed in Windows 2000, the tool used to configure settings for that device is Device Manager. The tool allows you to view information about devices in a number of different ways. For example, you can view a device by type (CD-ROM, Monitor, etc), or by resource (IRQ, DMA, etc.), or by the bus that enumerated them. The default setting, 'Devices by type', is shown below with the Network adapters device type expanded.
By right clicking on a device and choosing its properties, we can configure additional setting for that particular device (though what settings can be changed depends on the device) such as driver or resource settings. The setting for a network card are shown below as an example:
You should be aware of the
purpose of each tab. The General tab provides device status information,
access to the associated troubleshooter, and whether the device is
enabled or disabled. The Advanced tab allows you to configure any
advanced properties for a device, and will vary based on the type of
device (for example, enabling Duplex Mode on a NIC). The driver tab
provides driver details, as well as the ability to uninstall or update a
driver (choosing upgrade driver will launch the driver update wizard).
The Resources tab is where settings such as IRQ and DMA settings are
maintained. Finally, the Power Management tab controls whether the
device can bring the computer out of standby, as well as whether the
device can be power managed by the OS.
are a few icons that you may see in Device Manager, as outlined below:
|Black Exclamation Point on yellow background
||Device is in a problem state (may still be functioning - see error
|Red 'X' over device
||Device is disabled
|Blue 'i' on white background
||Means that 'Use automatic settings' is not selected for a device,
and that resources were manually selected
||Resources for the device are not assigned
Additional details you should know about Device Manager:
- There now exists an option called Scan for Hardware Changes, which allows you to scan for changes in the state of a device. For example, if you had an external modem that was powered off when booting, you could turn it on and then choose this option.
- There is also an option in Device Manager called Show Hidden Devices. This will show legacy devices and devices no longer installed.
- Buried in the LPT properties Port Settings tab in Device Manager is a check box called
Enable legacy plug and play detection. This allows older parallel port plug and play devices (such as zip drives or scanners) to be detected.
- Do not confuse Device Manager (a tool with which you can make changes) with the System Information Tool. The System Information tool is simply the replacement for NT Diagnostics, and is strictly read-only in terms of functionality. In NT,
Winmsd.exe opened NT Diagnostics, now it opens the System Information Tool.
Multiple Display Support
Another new feature in Windows 2000 is the ability to support multiple monitors. Windows 2000 can support up to 10, and allows you to extend the desktop across these additional monitors. Of course, you will need a number of separate display adapters for this to work (or an adapter that supports dual monitors). One adapter must function as the primary display device, the others as secondaries. Color depth and resolution can be configured for each device individually, via the Display program. A few important notes on multiple monitors:
- PCI or AGP display adapters are the only types supported for multiple monitors in Windows 2000
- If you have an on-board display adapter, this will automatically be made a secondary. You should always install Windows 2000 with the onboard adapter only. If another adapter is present, Windows 2000 will disable the onboard adapter during setup. Add additional display adapters after the OS is installed. If your setup now has an onboard and a PCI adapter, for example, the PCI will be the primary, the onboard the secondary. Note that your BIOS may not support using the onboard adapter when another physical adapter is present.
- You can drag the monitor icons in the Display program to match the physical layout of your monitors.
- If multiple monitors is not working correctly, be sure that the
'Extend My Windows Desktop Onto This Monitor' checkbox is selected for any secondaries, and that you are using a display adapter capable of supporting multiple monitors
(PCI or AGP)
Mobile Computer Hardware
Windows 2000 obviously provides support for mobile computing. In this section we'll explore mobile hardware profiles, APM, ACPI, and other power related options.
Windows 2000 still supports the use of hardware profiles to control which hardware drivers and services are loaded when Windows 2000 boots, such as when you are either on or off the network. If you have more than one hardware profile, you will be prompted to choose one when the system boots. The default hardware profile includes networking support, but if the machine is a laptop, you should also create an 'off the network' profile. Specify that a profile is for a laptop by choosing 'This is a portable computer' in the properties of the profile. Windows 2000 will automatically attempt to determine whether or not the computer is docked. If you want the profile to be used exclusively in a docked or undocked mode, you should choose the appropriate of option, as shown below.
If Windows 2000 detects a docking station, you will find an Eject PC button on the Start menu that you can use to dock or undock without a reboot. Windows 2000 also supports changing PC Cards, drives, and external hardware (such as USB or parallel devices) without a reboot. However, you should notify the system that you are planning to unplug a device by using the Unplug option in Add/Remove hardware, or the Unplug/Eject taskbar icon.
Windows 2000 continues to provide support for reducing power consumption via both Advanced Power Management (APM, or older hardware-based power management) and Advanced Configuration and Power Interface (ACPI, or newer power management coordinated by the OS). Power consumption options are configured via the Power Options program in Control Panel. What you should know about power management in Windows 2000:
- APM is only supported on Windows 2000 Professional - not on any of the Server products. Windows 2000 supports APM 1.2.
- In order to configure APM on a system, it must have an APM-compliant BIOS, and you must be a member of the administrators group. If you don't have an APM-based BIOS, you won't see the APM tab in Power Options.
- If you're having problems relating to APM, use the Apmstat.exe tool, which is available if you install the Support Tools from the Windows 2000 CD.
- You can configure different hardware schemes, to control what elements will be power-managed, and when. You can also set up custom schemes, with the settings you specify. An example of a built-in scheme is Presentation, where the computer will not power down the monitor, hard disks, or go into standby.
- To warn that batteries are running low, configure an alarm in the Alarms tab of Power Options (only seen on systems with batteries).
- Hibernate mode (shown below) can be enabled, and allows you to save the current system state (the contents of RAM) to the hard disk and put your computer into a low power standby. Doing this allows you to restart your system to the exact settings where you left off, by reloading the contents of the file into memory (gets you up and running more quickly). Note that although it suggests that computer will be totally powered down, it is still possible that a scheduled task (for example) could re-power the computer. As such you should know that if you are flying, having your computer in hibernate mode does not meet airline requirements - you still need to do a proper, complete shut down.
The bad news is that I/O device monitoring, configuration, and troubleshooting covers a whole gamut of hardware including printers (already covered), fax printers, scanners and cameras, multimedia devices, mice, keyboards, smart card readers, modems, infrared, and USB devices. The good news is if you know the basics, you should be fine. Most I/O devices are looked at individually below according to where you configure settings in Control Panel (where applicable):
Fax: Allows you to set properties such as fax user information and cover pages. Users send a fax by printing it to the fax printer. This tool also allows an Administrator to set properties with respect to how faxes are sent, received, or saved. Note that you will only see this tool is a fax modem is installed, and that a fax printer cannot be shared like other printers.
Scanner and Cameras: Not much to see here except an Add button, link to the associated troubleshooter and a Test button on a device's General tab.
Sounds and Multimedia: You can get into and change the properties (such as drivers) or related hardware from here.
Mouse: change the speed, button configuration, click settings, pointer speed, and mouse hardware settings.
Keyboard: control input locales (language layout), key speed, and hardware settings.
Wireless Link: This option exists in Control Panel if your system has an infrared device installed. The Wireless Link icon appears on the taskbar whenever another infrared device is within range, allowing you to exchange files between systems or print to a printer with an infrared port.
Smart Cards (not in Control Panel): Smart cards will be automatically detected by Plug and Play (if compliant), and will connect to either a serial, USB, or PC Card port. In order to use a smart card, a certificate must first be installed on your card, which includes your private and public keys (requires an Enterprise Certificate Authority - more on this later in the series). The smart card can then be used to log on locally or remotely. Users will be prompted for a PIN number after inserted their smart card. Smart Cards use the Extensible Authentication Protocol (EAP) as their authentication method.
USB Devices (not in Control Panel): USB devices are listed in Device Manager under Human Interface Devices. One issue with USB is that your system BIOS may not support it, or may have it disabled (enable in BIOS). All USB devices attached to the same controller have a fixed amount of bandwidth to share. This can be allocated via the Advanced tab of the USB controller's properties. Note also that there are two types of USB hubs: those that are self-powered (electrical plug - more power), and those that are bus-powered (less power, not good for things like scanners, etc). You can view the amount of power that a device will consume from the Power tab of the USB Root Hub properties.
Phone and Modem Options: since Windows 2000 cannot detect certain internal modems, you can use the Modem tab in this program to open the Add New Modem wizard. Going into the properties of a modem allows you to run a diagnostic test, as well as write the results to a log file.
One additional note with respect to modems. You should be aware that Windows 2000 Pro supports Multilink, the ability to aggregate the bandwidth from two or more physical connections into one logical connection. Modems, ISDN and X.25 connections are all supported. You can configure the properties that Multilink will use on a connection-by-connection basis. For example, you could choose to use Multilink when dialing the office, but not your ISP. The default is that all lines are dialed, but this can be changed, as shown below. Options are configured from the Options tab of a connection object in Network and Dial-up Connections. Multilink must be enabled and configured on both the client and RAS server in order to function.
Additionally, you can configure the dialing conditions for Multilink, as outlined
The way that you interact with network adapters has also changed from Windows NT 4. Where previously all settings were found in the Network program in Control Panel, now all network settings reside in the Network and Dialup Connections program. One major change is that each connection is viewed as a separate connection object. So, if you had 1 NIC, a VPN connection to your office, and a dialup connection to your ISP, you would have 3 connection objects, each of which could be separately configured, as shown below:
Note that you cannot create additional Local Area Connection objects - these
are added automatically by Windows 2000 as you add network adapters. The
properties of a given connection object allow you change settings
including protocol settings, driver properties (on a network card),
authentication and encryption protocols (for dialup and VPN connections),
as well as settings for redial and so forth. Another thing that has
changed is how protocol bindings are configured. These are not handled in
the properties of a connection object, but instead from the Advanced
Settings menu item on the Advanced menu in Network and Dial-up
Connections, as shown below:
Internet Connection Sharing
Internet Connection Sharing (ICS) is a feature in Windows 2000 very similar to the same feature found in the second edition of Windows 98. With ICS, you can share a remote network connection from one machine with other machines on your single-subnet network. Essentially, ICS configures your Windows 2000 system as a Network Address Translation (NAT) server, translating private internal IP addresses to the public IP address provided by your ISP. Although this technology is usually used for sharing a Internet connection, it could also be used to share a connection to a private network. ICS is set up from the Sharing tab of the properties of a connection object, as shown below:
A few important notes in ICS:
- Ensure that the connection that is shared is the external connection (this would be your modem connection, or your second NIC connected to your DSL or Cable provider). You internal connection will automatically be reconfigured to support the range of addresses handed out by ICS.
- Only an administrator can set up ICS.
- You must have at least 2 connections on the system for it to work (for example, 1 NIC and a dial-up connection to your ISP)
- ICS turns your machine into a mini-DHCP server, and will hand out addresses to your internal clients (who should be set to use DHCP).
- You should not use ICS on a network containing existing DHCP servers (ICS does this), DNS servers (ICS proxies DNS requests), Windows 2000 domain controllers, or gateways (the gateway provided by ICS DHCP will be the ICS system internal interface). If you have these and need to continue using them, you will need to look at a server solution, such as NAT, found in Windows 2000 server Routing and Remote Access (RRAS).
- ICS is simply a home and small office single-subnet connection sharing solution.
Updating Drivers and System Files
Windows 2000 supports updating drivers in a few different ways. One way is via Device Manager, where drivers can be updated on a device-by-device basis as necessary using the Update Device Driver Wizard. Note that it is also possible to update device drivers (as well as system files) via the Windows Update feature. The good news is that only an administrator can do this.
Windows 2000 also supports a few new features with respect to drivers. One of these features is driver signing. Simply, Microsoft digitally signs all drivers and system files included with the operating system in order to certify that they have been tested and function correctly under Windows 2000. As the administrator, you can control how the system responds to unsigned files via the Hardware tab in the System program, where you will find the Driver Signing button. The Driver Signing Options dialog box is shown below:
Note that if you attempt to install an unsigned driver, by default the system will warn you, but you can also configure it to ignore the signatures or block unsigned files completely (you should also know that this can be controlled via Group Policy - more on this later in the series as well). Other important things you should know about driver signing in Windows 2000:
- The Signature Verification Utility, Sigverif.exe, will show you all drivers and system files that have not been digitally signed. You can save the output to a file, and choose which types of files to scan via the Advanced properties in the program.
- Another tool that exists in Windows 2000 for the purpose of verifying driver activities is the Driver Verifier tool,
Verifier.exe. This tool can be used to verify that a driver is functioning correctly and without errors.
Along the same lines, you should also be aware that Windows 2000 protects system files by not allowing them to be overwritten (sort of - keep reading). One of the things that has made previous Microsoft operating systems less reliable was the fact that any application could potentially overwrite a system file with a 'newer' version (the one that worked with the vendor's product), which could compromise system stability. Windows 2000 protects system files via WFP, or Windows File Protection. WFP works in the background, scanning system files for changes. If an application overwrites a system file, WFP replaces the file with the original 'official' digitally signed version. It does this by checking the dllcache directory for a cached copy of the file, or the source files, if they can be found. If the original is found, the OS replaces it transparently. If it cannot be found, the user is prompted to provide the CD (or source file location). Only if the user chooses not to provide a location will the newer version of this file be used. As such, you could say that WFP is passive protection, since it can be potentially circumvented. The good news is that if WFP does replace (or try to replace) a protected system file, an event is written to the System log. A command-line utility called the System File Checker,
Sfc.exe, can be used to scan the system for unofficial or unsigned system files, and provide an appropriate course of action (just identify, replace, etc).
Want to know more about these driver and file system tools? Click
Multiple CPU Systems
Windows 2000 Professional supports up to 2 CPUs for systems that require more processing power. Specifically, Windows 2000 supports Symmetric Multiprocessing (SMP), a setup whereby threads are distributed more or less evenly across system processors. If you installed Windows 2000 Professional on a multiprocessor system, you should have no problems because the proper Hardware Abstraction Layer (HAL) would have been installed during the installation process. However, if you are upgrading a single CPU Windows 2000 Professional system by adding a second CPU, you will need to update the HAL on the system. You do this via Device Manager. Expand the Computer branch, and choose Update Drivers from the Drivers tab in the properties of your device. From the Wizard, choose the 'Display a list of drivers from...' option and then 'Show all Hardware from this device class'. You will be presented with options such as those below. The MPS-compliant driver is for non-ACPI systems. Note that you
no longer use the NT 4.0 Uptomp.exe utility to upgrade to multiple processor support.
Well, that does it for another week. Next week we'll take a look at our next topic, Monitoring and Optimizing System Performance and Reliability. That includes a look at scheduling tasks, managing and troubleshooting performance, and recovering system state and user data. Another couple of side notes relating to the exam. Some people are using this series to help them prepare for the individual core exams, instead of the 70-240 upgrade exam. If this is your plan, my suggestion is that you consider not writing the Professional exam until we have also covered the Server materials. The reason for this is simple. Because much of the materials interrelate, Microsoft will ask you Server-type questions on the Professional exam, and vice versa. While that may not seem fair, unfortunately that's just how it is. If you are writing the upgrade, however, just carry on - you'll need to know it all anyhow! Thanks again for all the emails and comments, they certainly help keep me motivated. My sincere hope is that you'll also visit
my website (free prep questions!) and tell other about the series. As always, if you have any comments, questions, or ideas, I look forward to hearing from you. See you next week!