Windows 2000 Operating System Introduction
Computing Department, Lancaster University, UK
�Overview
Goals
Overview Windows 2000 and product variations Introduce key Windows 2000 concepts such as the Win32 API, processes, threads, virtual memory, kernel mode and user mode Introduce tools that can be used to examine Windows 2000 internal behaviour
�Course Textbook
This book has been used as
a basis for much of the material you will find within this course By far the best textbook in this area buy it!
�Introduction
�Brief History of Windows (1)
Windows 1.0
Windows 2.0
Announced in 1983, released in November 1985 Released in 1987 New feature: overlapping Windows! Required Intel 8086 or 8088 Processor Could access 1 megabyte of memory
Windows 3.0
Introduced on May 22, 1990 Big change: Supported 16-bit protected mode (Intel 286/386 processors) Could access upto 16 megabytes of memory
�Brief History of Windows (2)
Windows 3.1
Released in April 1992 TrueType fonts (scalable) Multimedia Ran only in protected mode Required 286/386 with > 1MB of memory
Windows NT
Introduced in July 1993 First Windows version supporting 32-bit mode of Intel 386, 486 and Pentium processors Designed to be portable to non-Intel processors
�Brief History of Windows (3)
Windows 95
Windows 98
Introduced in August 1995 Also supported 32-bit programming mode
Windows 2000
Released in June 1998 Performance improvements & hardware support Internet Integration Introduced in February 2000
Released in September 2000
Windows Millennium
�What is Windows 2000? (1)
Protected, virtual memory, 32-bit operating
system
Separate, protected per-process address space Preemptive, multithreaded multitasking Symmetric multiprocessing: 2-32 CPUs Design started in 1989 Microkernel(-ish) architecture C2 security (US Dept. of Defence) High performance, robust file system Full support for UNICODE (www.unicode.org) Defines unique 16-bit values for the worlds character sets
Modern O/S features and functionality
�What is Windows 2000? (2)
Designed to be portable
Originally supported x86, MIPS, Alpha and PowerPC Now only x86 (IA-64 Intel Itanium support in future)
Integrated networking
Peer to peer bundled (similar to Windows 9x) 2000 Server adds enterprise-wide capability (domains) 5 transports: NetBeui, TCP/IP, IPX/SPX, AppleTalk, DLC
Multiple O/S personalities
Win32, OS/2 1.x character mode, POSIX subsystems Win32 is primary environment
�Windows 2000 vs. Windows 9x (1)
Windows 2000
Requirement: O/S stability, applications protected from each other, O/S protected from applications Goal: Runs most 16-bit DOS and Win16 business applications Long term desktop and server OS for Microsoft Requirement: Runs all 16-bit DOS and Win16 applications, including games and device drivers Still contains a lot of 16-bit code (graphic & windowing system) Many 32-bit APIs call 16-bit code in the Win9x kernel
Windows 9x
�Windows 2000 vs. Windows 9x (2)
Windows 2000 supports symmetric multiprocessing
(SMP)
Windows 2000 filing system supports security Windows 2000 is fully 32-bit Windows 2000 is fully reentrant
Windows 9x contains lots of 16-bit code Significant portions of 9x are nonreentrant
No master processor: OS and user threads can be scheduled to run on any processor
Windows 2000 cant run all older MS-DOS/Windows
applications (direct hardware access)
�Product Packaging
Windows 2000 Professional
Windows 2000 Server
Desktop version Licensed for 2CPUs, 4GB RAM Superset of Win2K Professional Adds Server and Networking Functionality (Domains, DNS) Licensed for 8 CPUs, 8GB RAM
Windows 2000 Advanced Server
4 node clusters Licensed for 32 CPUs, 64GB RAM
Windows 2000 Datacenter Server
�Key Concepts
�Win32 Application Programming Interface (API)
Primary programming interface to Microsoft
Windows operating systems (95, 98, 2000, CE) Think Win32.EXE, not Windows 2000.EXE Windows 2000 is designed to support multiple programming interfaces using environment systems
Win32 Application .EXE
Win32 API
Win32s Win 3.1/DOS Windows 95/98/ Millennium Windows 2000
�Processes, Threads and Jobs
What is a process?
Represents an instance of a running program
Per-process address space
You create a process to run a
Thread Thread Executive Executive
What is a thread?
program Starting an application creates a process
An execution context within a
What is a job?
process All threads in a process share the same per-process address space
Thread
Allows groups of process to be
managed as a single unit
Systemwide Address Space
�Task Manager
To start: Ctrl+Alt+Del or
right click on empty area of task bar Applications tab:
by threads
Lists visible windows owned
Lists processes Change priority
counters
Processes tab:
Performance tab:
Subset of performance
�Virtual Memory
Virtual address space = logical view Memory manager translates virtual addresses into
physical addresses Paging transfers some memory contents to disk, freeing physical memory
Virtual Memory Physical Memory
�Kernel Mode vs. User Mode (1)
Operating System Modes
Kernel Mode (OS) Privileged process mode Access to system data/hardware User Mode (Applications) Nonprivileged processor mode Limited access to system data/no direct hardware access
Applications separated from the operating
system prevented from modifying critical data However, OS components/device drivers can still corrupt system!
�Kernel Mode vs. User Mode (2)
Finding process with Most Kernel-Mode
Time
Run Performance Monitor (perfmon.exe) Click on + (add counter) Select Process as Performance Object Click on %Privileged Time Select all processes in Instance box (except _Total) Click on Add, click on Close Use up/down arrow keys to scroll through counters (type CTRL/H to turn on highlighting)
�Kernel Mode vs. User Mode (3)
Compare time spent in kernel mode vs.
user mode
Run Performance Monitor (perfmon.exe) Click on + (add counter) Select Process as Performance Object Click on %Privileged Time and, whilst holding Ctrl, click the %User Time counter Click on Add, click on Close Move mouse rapidly, and watch how the %Privileged Time and %User Time counters increase
�Windows 2000 Registry
Repository for system/user configuration information
Contains information Windows 2000 requires to boot & configure as well as current running system dynamic status information
Most common registry parameters can be adjusted
using a graphical utility
Advanced tuning/configuration requires direct access Regedt32 or Regedit
Organised to hives
Pieces of the registry database stored in different files
�Windows 2000 Registry
Repository for system/user configuration information
Contains information Windows 2000 requires to boot & configure as well as current running system dynamic status information
Most common registry parameters can be adjusted
using a graphical utility
Advanced tuning/configuration requires direct access Regedt32 or Regedit
Organised to hives
Pieces of the registry database stored in different files
�Registry Organisation
Five main hives for location machine information
\HKEY_LOCAL_MACHINE\System \HKEY_LOCAL_MACHINE\Hardware \HKEY_LOCAL_MACHINE\Software \HKEY_LOCAL_MACHINE\SAM
Controls booting and running the system Hardware configuration data, resource usage Volatile (not saved across boots) Per-machine software data (not critical for booting)
Try regmon!
\HKEY_LOCAL_MACHINE\Security System-wide security policies (on domain controllers)
Account & groups database (replicated on domain controllers)
�Windows 2000 Professional vs. Server vs. Advanced Server
Core operating system executables are identical Registry indicates system type (set at install
time)
HKEY_LOCAL_MACHINE\System\CurrentControlSet\C ontrol\ProductOptions ProductType: WinNT=Workstation, ServerNT=Server,
LanManNT=Server (Domain Controller)
Code in the OS tests these values and behaves
slightly differently in a few places
Licensing limits (no. of processors) Boot-time calculations (Memory Manager) Length of a time slice
�Tools Preview
Tool
Performance Monitor Task Manager
Executable
perfmon Bundled with 2000 Bundled with 2000
Functionality
System Monitoring, Viewing Performance Counter Logs Provides information about processes and performance
taskman
Process Viewer
Tlist Registry Monitor
pview
tlist regmon
Resource Kit
Resource Kit Inside Windows 2000 Inside Windows 2000
Shows processes and thread details
Shows process tree and thread details Monitor registry activity
File Monitor
filemon
Monitor file system activity
