Ask Dr. Bob Your NT Questions - 09 Feb 2000

SEND US YOUR TIPS AND QUESTIONS.
For answers to more of your Windows NT questions, visit our online discussion forums at http://www.win2000mag.com/support.

I recently experienced a problem on my Windows NT installation after I tightened the security on the winnt folder. The system now shows a blue screen at startup, and I can't boot NT. How can I recover from this situation?

I recommend using Winternals Software's ERD Commander Professional Edition. This utility lets you boot to a 3.5" disk and perform recovery-related operations on dead or damaged NT systems. For example, you can read and write NTFS partitions. ERD Commander's Access command resets permissions on files, directories, or disks to Everyone:Full Access. You can use this feature to reset the permissions on your winnt folder and regain access to your NT installation. If you're familiar with Windows 2000's (Win2K's) Recovery Console (RC), think of ERD Commander as an RC for NT 4.0 systems. (ERD Commander, however, existed long before the RC.)

My Windows NT passwords aren't case-sensitive for remote access. However, passwords are case-sensitive for local logons. How can I correct this situation?

Your remote access machines are probably non-NT machines (e.g., Windows 9x, Windows for Workgroups—WFW). Although your system always handles NT-to-NT logons in a case-sensitive fashion, logons involving downlevel systems aren't case-sensitive. NT stores and uses case-sensitive Unicode-based passwords, but downlevel clients use the older LAN Manager (LanMan) password formats, which don't support case-sensitivity and aren't Unicode-compliant. Because limitations in downlevel Windows clients cause this behavior, you can't change it.

This problem also relates to password uniqueness policies. To support authentication to both NT-based and downlevel servers, NT retains two copies of every password: a case-sensitive NT version and a downlevel case-insensitive version. As a result, the downlevel version of several passwords might be the same, as is the case for mypassword, MyPassword, and MYPASSWORD. Therefore, changing only the case of passwords won't satisfy a password-uniqueness policy if you have such a policy set on the domain.

I have four Windows NT 4.0 Service Pack 4 (SP4) servers in my LAN: a Microsoft Exchange Server 5.5 machine (the BDC), an Internet Information Server (IIS) 4.0 machine, a SQL Server 7.0 machine (the PDC), and an NT Server 4.0, Terminal Server Edition (WTS) machine with the Citrix MetaFrame add-on. Can I disable the browser service on one of my servers? If so, which one can I disable and how do I accomplish the task? I also have a modem-sharing server running on a Windows 98 machine that is attempting to become a master browser. Can I prevent a Win98 machine (which has file and print sharing enabled) from taking part in browser elections?

A good rule of thumb for any network segment is to have at least two machines (preferably NT servers) running the Computer Browser service and participating in browser elections. The reason for this rule is fault-tolerance: You want to ensure that at least one machine is always available to maintain the browse list. However, I don't recommend leaving every machine (with file and print sharing enabled) configured to participate in browser elections because such a configuration unnecessarily wastes network bandwidth and increases the chance of browser-related problems (e.g., rogue browse masters, incomplete browse lists on client computers). I suggest you choose two NT servers on your network (including the PDC, if it's on the network segment in question) on which you'll leave the browser service enabled. (If a segment doesn't contain at least two NT servers, designate an NT workstation as a backup master browser.) On the rest of the NT servers and workstations, stop the Computer Browser service in the Control Panel Services applet and set its startup type to Disabled.

You can effect a similar change on your Win9x machines that have file or print sharing enabled. (Machines without file or print sharing enabled don't participate in browser elections.) Go to Control Panel, Network, File and printer sharing for Microsoft Networks. On the Advanced tab of the Properties dialog box for File and printer sharing for Microsoft Networks (which Screen 1 shows), set the Browse Master value to Disabled and click OK. To achieve a similar result on Windows for Workgroups (WFW) machines, edit the system.ini file. In the [Network] section, add a line that reads MaintainServerList=no (or change the existing line).

I recently attempted to create a dual-boot Windows NT 4.0 and Windows 98 installation. First, I created a 2GB FAT16 partition (i.e., C). Next, I installed Win98 in a directory called C:win98. Finally, I installed NT 4.0 in a directory called C:winnt. However, after I installed NT, the boot menu offered no option to start Win98. What did I do wrong?

I haven't experienced your problem in the NT 4.0 and Win98 dual-boot scenarios I've configured. However, you might want to try manually adding the following line to boot.ini:

C:="Windows 98"

This line will create a new option in the NT Boot Loader menu to boot Win98, and you can check whether the Win98 Boot Sector is intact. If choosing this option from the NT Boot Loader menu doesn't work, you have a few options. First, you can try reinstalling Win98. Second, you can use the Sys command from a Win98 boot disk to manually restore the Win98 boot sector. However, doing so will overwrite your NT boot sector with a Win98 boot sector, and you'll lose the NT Boot Loader. You'll need to restore the NT Boot Manager and utilize the bootsect.dos file that this procedure creates. (For instructions, see the sidebar "Repairing a Blown-Out NT Boot Sector" in Sean Daily's "Mastering Multibooting Madness," July 1999.)

After I installed Service Pack 5 (SP5) on my Windows NT workstation, I began seeing print notifications and print banners from Client Services for NetWare (CSNW). How do I prevent my Novell Netware-attached printers from printing banners?

SP5 replaces the nwprovau.dll file that resides in the winntsystem32 folder. The new SP5 DLL doesn't correctly read the CSNW print banner and notification Registry entries. To solve this problem, you must replace the SP5 version of the nwprovau.dll file with the SP4 version. If you created an installation directory when you applied SP5, you can find the SP4 version of the DLL in the winnt$ntservicepackuninstall$ folder. Otherwise, you'll need to copy the file from another SP4 system or from the i386 folder on the original NT 4.0 CD-ROM. If you get a File in Use message when you try to copy the replacement DLL, the simplest solution is to boot a second copy of NT, then perform the file replacement. If you don't have a second OS installed, you can use a third-party utility to boot to a command prompt, then copy the earlier nwprovau.dll file to the winntsystem32 folder.

What are Super Hidden Files?

Windows 2000 (Win2K) hides Super Hidden Files from the user even more deeply than the OS hides regular hidden files. For example, if you enable the ability to view hidden files and folders in Windows Explorer, Super Hidden Files will remain hidden. The Super Hidden File status is for folders such as the Cmdcons folder, which the Emergency Recover console uses.

You can view Super Hidden Files from the command line just as you would typical files, and you don't need the /ah dir switch (/ah sets the mode to attribute hidden). If you wish to view Super Hidden Files from Windows Explorer, select Folder Options from the Tools menu, select the View tab, and clear the Hide protected operating system files (Recommended) check box, as Screen 2 shows. Click Apply, then click OK. Super Hidden Files will now be visible in Windows Explorer.

You can also edit the Registry to accomplish this task. On a Windows 2000 Server (Win2K Server) machine, start your Registry editor (e.g., regedit.exe), and go to the HKEY_LOCAL_MACHINE\SOFTWAREMicrosoftWindowsCurrentVersionPoliciesExplorer key. (On a Windows 2000 Professional—Win2K Pro—machine, go to HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionExplorerAdvanced.) Create the value ShowSuperHidden (if the value doesn't already exist) of type REG_DWORD. Set the value to 1, click OK, and close the Registry editor.