Joined: 10 Aug 2002
Location: Portland, Oregon USA
|Posted: Wed Mar 17, 2004 2:35 am Post subject: Book Review - Configuring Windows 2000 W/O Active Directory
Configuring Windows 2000
Without Active Directory
Book Specifications:softcover, 746 pages
Category: Windows 2000
Publisher's Suggested User Level: Not Rated
Reviewer's Recommended User Level: Intermediate
Suggested Publisher Price:$49.95 US / $77.95 CDN / £23.77 UK
Amazon US: Configuring Windows 2000 without Active Directory US
Amazon UK: Configuring Windows 2000 without Active Directory UK
Blurb from back cover:
The Complete Guide to Configuring Windows 2000 WITHOUT Active Directory
Active Directory (AD) is complex and invasive, and as a result many IT professionals struggle with comprehensive
Windows 2000 deployments that are contingent upon AD. Configuring Windows 2000 WITHOUT Active Directory is
about making the most of those Windows 2000 features and services that can be used independently of AD -- whether
in an existing NT4 domain environment, Novell's NDS, UNIX, or even in a standalone workgroup.
Although there are many books available on how to install and configure Windows 2000, I've not seen one which
concentrates on configuring Windows 2000 without using Active Directory. I admit to being a bit curious
about which features and services could be used in Windows 2000 independently of Active Directory.
The author makes a reasonable claim that many corporations are currently running Windows 2000 without Active
Directory due to budget constraints or lack of suitably trained staff. I tend to agree that with the current
economic downturn and with fewer staff and restricted budgets, IT Managers need to make the most of the resources
they already have. And to do so with a minimal risk of disruption to existing services. The question confronting
me is; can this book provide solutions to the many problematic configurations of a Windows 2000 environment that
is running without the use of Active Directory?
It appears this book is directed toward the corporate network IT manager, yet as I read it; I kept finding ideas
related to difficult-to-implement technologies which the home network user often faces. I would say this book
has a wider audience than I first thought when reading the blurb from the back cover.
Carol's walkthrough of Microsoft Management Console (MMC) is priceless. If you read carefully, you'll find a few
tips and tweaks which are not commonly known. I've found her explainations to be very solid, allowing a casual
user to be able to understand MMC and how to use it.
Learning how to use Local Group Policies and security templates is well covered in this book. For those wanting
to lockdown desktops and enforce tight security configurations would do well to read Chapter 2. Much of this
information can easily be applied to a desktop PC which is not connected to a network.
I found the discussion on configuring and installing ACPI/APM in chapter 3 to be a bit brief. I felt the author
could have devoted more effort to this topic. Yet all is forgiven when you reach the FAQ (Frequently Asked
Questions) section at the end of the chapter. Of particular interest in the FAQ is the listing of critical
Windows processes you can't end.
Casual users will find the discussion on Distributed File System (DFs) to be very useful in understanding how
data is located on home networks. Configuring a standalone DFs root and adding links to it can be a daunting
task. Yet I found the instructions in Chapter 4 to be clear and concise.
Indexing Service has left a bad taste in my mouth from the first time I had used it several years ago. It has
always been my habit to turn the function off in new installations of Windows. Yet, reading Carol's comments
and suggestions on this topic developed a curious twitch within my mind, and I just had to test it out once
more. To my surprise, Indexing Service is very much more improved in Windows 2000 and XP. Plus, by right-clicking
Indexing Service when it's stopped, and next selecting All Tasks | Tune Performance; you are
able to change how much memory and processing which is dedicated to this service. I found that to be very
useful information, indeed.
I've read a few books which were dedicated solely to the topic of Network Load Balancing. However, if you want
the fast skinny on the topic; you'll find it here. Once you start to think of wlbs.exe as a network driver
rather than a service, you'll quickly understand it's use and function. Be advised that Network Load Balancing
is only available on Windows 2000 Advanced Server and Datacenter Server. It is not usable on Windows 2000 Server
I found the information on IPSec in chapter 8 to be wonderful. Windows 2000 has IP Security built into the
TCP/IP stack, whereas Windows 9x and NT do not have it. Yet, if you have two or more w2k boxes on your network,
you can use IPSec between them and benefit from the secure communication provided. This is a topic you will want
to look at if your network has sensitive data which needs to be shared.
Style and Detail
Throughout the 746 pages of this book are 10 Tips, 2 Security Alerts, 16 Warnings, and a whopping 140 Notes. Yes,
I did indeed count them. I also found them to be a valuable addition to the text of the book.
Everything you need to know about configuring Windows 2000 Professional is here in this book. Sometimes twice.
For instance, activating a screen-saver password was first covered on page 83, then again later on page 121. I
admire the solid explanations of functions the author gives us, yet I find the book to be a bit unorganized.
Alas, the lack of an orderly flow to the book is my only complaint. Although it may be a bit of a task
to find a procedure or information on a Windows 2000 technology via the Table of Contents or index, you can
almost be sure that the topic is covered, generally in detail.
Anyone studying this book should have no problems mastering Windows 2000 Networking Service improvements without
the use of Active Directory. The step-by-step instructions for configuring things like Local Group Policy are
the best I've seen to date.
Laptop owners have an excellent chance to learn how EFS (Encrypting File System) works to secure data on laptops
sans the use of AD. I believe the process is a better approach than IBM's attempt to secure ThinkPads by placing
the POP (Power Up Password) and hard drive passwords in an EEPROM.
In short, if you want to secure your Windows 2000 Professional; or fine-tune and tweak your settings, buy this
This book receives an honored SFDC Rating of 8/10.
Security Forums Dot Com
Keywords: PCWriter,Carol Bailey, PC, Windows 2000, Configuring, Reference, manual, Active Directory, Local
Group Policy, Networking, review
This review is copyright 2004 by the author and Security-Forums Dot Com, and may not be reproduced in any form in any media without the express permission of the author, or Security-Forums Dot Com.