You’ll recognize the architecture of Windows 2000, which builds on the solid foundation poured for NT 4.0.

Looks Like Home

You’ll recognize the architecture of Windows 2000, which builds on the solid foundation poured for NT 4.0.

• By Michael Chacon
• 01/01/2000

With Y2K almost behind us, we won’t have to read any more articles about the end of civilization. Of course, it could be argued that civilization ended quite awhile ago, but at least we don’t have to worry about our information systems collapsing. Sure, there will be anomalies popping up now and then for amusement’s sake, but now we can focus on the blocking and tackling of fundamental network design and support. Happy New Year!

With distractions behind us, we can more clearly focus on digestion of Windows 2000, which is necessary, as this is one hearty meal. I highly recommend you take small bites or risk choking. As Win2K hits the streets, early adopters will slide in their CDs straightaway and run toward the upgrade and migration adventure. The cautious majority will watch with a careful eye and then follow behind, plucking the arrows out the backs of predecessors and marking their locations.

No matter what group you fit into, you’ll be considering how Win2K fits into your information system future. This will include at minimum evaluating the product against your Windows NT 4.x environment. As with all operating system evaluations, the most important aspects to begin with are architecture, architecture, and architecture.

A Sound Foundation

The good news for those of us drowning in this sea of new information is that the architecture of Win2K isn’t fundamentally different from NT 4.0. This is also good news because the new services that make up the bulk of what is considered Win2K are running upon the low-level services that have matured into a sound foundation.

Of course, there are changes to these low-level individual components of NT, but they’re essentially extensions to the existing components, which is in line with the extensibility of the original NT design. This reliance on the existing architecture as the foundation for new services is a good thing. It allowed Microsoft to make major renovations and to add high-level services, while maintaining reliability and stability by using production-tested core components.

Win2K continues with the familiar dichotomy of user mode and kernel mode areas, with an abstracted wall of protection between them. The user mode area is the container for the subsystems and processes that directly support the user’s applications. Processes running in this area can’t directly access the low-level processes and hardware in the kernel mode area. This prevents any one process running in user mode from bringing down the entire operating system.

The Kernel Mode

The kernel mode, otherwise known as processor mode, remains the same in Win2K. To review, it contains three major subdivisions that support the low-level operating system services. These are the Executive, Kernel, and Hardware Abstraction Layer (HAL).

The HAL is an image of CPU-specific code that allows Win2K to run across various hardware platforms. HAL allows a single version of Win2K to be optimized for different hardware. The kernel is responsible for the preemptive scheduling and management of the threads that ultimately perform the actual work of the system. The bulk of the kernel mode work is performed in the Executive, which is further subdivided into such fundamental services as the I/O Manager, Security Reference Monitor, Process Manager, and Virtual Memory Manager.

Briefly, when a process is initiated, it’s allocated its own virtual memory space and assigned an identifying handle so it can be referenced in the system. Any requests the process makes for resources are passed through the Security Reference Monitor to verify that the process has permission to access that resource with the specific permission requested. As the process reads or writes data, it uses the I/O Manager to access the particular device where the information is needed or where you want to place it.

Yes, There Are Changes

Now let’s talk about what changes. As I mentioned, the differences in Win2K are more about extensions and enhancements than major architectural reworks. The vast majority of the extra 10 million lines of code are in the new services. However, some of those lines deal with issues that companies have had with NT on its road to becoming accepted as an enterprise-level contender.

One of the most visible additions to the Executive is the Plug and Play Manager. This new Executive-level service manages communication between the Plug and Play bus drivers and the Plug and Play device drivers. The bus drivers allow Win2K to communicate to devices on PCI, ISA, SCSI, and USB bus types. The Plug and Play Manager has to exist in the Executive layer of Win2K because it deals directly with hardware through the drivers. This is a great example of adding functionality in Win2K through the existing architecture by adding to the Executive-level services instead of rewriting them.

This also points out that to fully exploit the new services in Win2K, you should seriously consider getting new hardware that supports the Advanced Configuration and Power Interface (ACPI). This will help to ensure that Plug and Play support in Win2K doesn’t devolve back to the “Plug and Pray” support found in the early testing ground that was Windows 95. Isn’t that just what you wanted to hear? Open up your wallets.

The New Security Model

Other examples of the extensibility through modularity of Win2K are the new security models supported. As I’ve discussed in the past, NT 4.0 authentication is based on NT LAN Manager (NTLM), which works rather well, but with some limitations. First, you must have an account on the system you want to access; and second, only users are authenticated, not servers. While servers have accounts in the SAM, when a user attempts to establish a session with a server, only the user’s token is compared to the ACL on the server to grant access. There’s no similar check with the server’s “token” for the client. Therefore, only users are verified, not servers. With Kerberos, both sides of the session conversation are equally verified.

To solve these limitations, public/private key security and shared key security—Kerberos—have both been added to the security services of W2K. All of the various new security services communicate with the Executive’s Security Reference Monitor (SRM) through standard security APIs exposed by the Security Support Provider Interface (SSPI). So instead of having to write a completely new security model, the authentication token compared to a DACL model is still intact. The only difference is that now you can use different (and more sophisticated) mechanisms to authorize the LSA to create a token to represent client processes.

Thread Handling

Another subtle low-level change affects how Win2K handles multiple threads. On the NT exams, a common question refers to the smallest unit of work as a thread. While this is essentially true in terms of CPU requests, threads have governors associated with them so that the system can allocate access to the CPUs fairly in relation to the thread’s priority. This mechanism is called a quantum, a measurement tied to the number of internal clock ticks of the processor. This controls the length of time a given thread can run on the CPU before the scheduler pauses that thread in deference to another thread of equal priority. You’ve seen this in the Control Panel | System | Performance tab, where you can select a performance boost in the foreground application.

Even though this tab is available in both NT Workstation and Server, it affects only Workstation. The control directly relates to a table that is preloaded with quantum (time slice) numbers of 6, 12, and 18 that will run the selected number of clock ticks before another thread with the same priority is given a chance at the CPU. On the server, the same table exists but the quantum numbers are the same throughout—each has a value of 36. That’s because Microsoft has determined for us that a server-based process is always best served by letting each thread have a longer crack at the CPU. It’s also been decided that foreground processes shouldn’t have longer access than background processes, which, of course, are assumed to be serving network clients.

In Win2K, the same control exposes this quantum configuration in more detail and with more flexibility. Win2K gives you, as administrator, control over how many quantum time slices should occur before a thread is paused to give another thread of equal priority access to the CPU. In the first change, this control is extended to both Win2K Professional (the workstation version) and Win2K Server.

The second change is that you can choose a variable or fixed quantum number. This choice determines whether Boost slide control in the Application Performance area on the Performance tab has any effect. The other control gives you an option to choose a short or long quantum time via a radio button. This control can be used to give a range of 3 to 9 quantums with short and 6 to 18 with the long selection. With this granularity, you can have more control of the preemptive multitasking aspect of Win2K. You can thus match it with the structure of your applications.

Job Objects

Another change is that processes can be collected and controlled as one job object. With this type of control, higher-level tasks that are accomplished through the combination of numerous processes can be assigned common parameters. Those common parameters include base priority, shared working set parameters and CPU time limits, and the ability to run all of the associated processes with the same access token.

These and other nuances demonstrate that the overriding design of Win2K supports significant changes to the functionality of the OS without having to alter the underlying architecture. Even the new encryption file service plugs in between the Security Reference Monitor (SRM) and the Local Security Authority (LSA). As encryption algorithms change, the Encrypted File System (EFS) driver and service can be replaced with a new one without radically changing the I/O manager or the SRM and LSA.

Although there’s much to learn about Win2K, much remains the same—allowing us to leverage our existing painfully acquired knowledge. This is an often unspoken strength of Win2K.