News Stay informed about the latest enterprise technology news and product updates.

Users can't stump Tom Shinder, SWM expert

IT pros keep trying to stump SearchWindowsManageability's resident management tools expert, Thomas Shinder. But he's too smart for them! Here are his answers to some users' tough questions.

Few IT managers can say they are masters of their IT domains, particularly in the complex world of Windows management. Fortunately, SearchWindowsManageability's resident management tools expert, Thomas Shinder, is on the case. Although SWM users try to stump him, he comes through with answers to their tough questions.

In this collection of tips, Shinder answers SWM users' questions about software manipulation, ARP caches, and migration issues. Shinder is an author, MCSE, editor, trainer and consultant. He specializes in ISA Server 2000.

SWM user: Why is an ARP cache not efficient when it is applied to a LAN?
Shinder: The ARP cache maintains a table of IP address to MAC address translations. The ARP cache should never get unmanageably large because ARP is only used to resolve MAC addresses on a local segment. Local segments on well-designed networks are created with a limited number of network hosts to prevent overabundant ARP and other broadcast traffic.
All remote communications are done through the gateway and only the gateway MAC is used to send requests to remote clients.

SWM user: What rights should be assigned to allow users to do software manipulation?
Shinder: That depends on what manipulations you want them to do. Try putting the users into the Power Users group. They should be able to 'manipulate' applications then. You can also use the restricted applications feature in Windows XP to get more control over application installation.

SWM user: What are the pitfalls that can cost productivity, time or money when going through a migration?
Shinder: Migrating users from a workgroup environment to a domain environment can be a bit of a challenge at first, but both you and the users will see the advantages after the implementation is complete.

If you are upgrading to Windows XP as your network client, you should plan on using Windows 2000 domain controllers. While you could make the XP clients go to a Windows NT 4.0 domain, you lose too much network management functionality by using Windows NT 4.0.

There is a tremendous amount of information available at the site on how to perform a number of different types of migration. In all migrations, you should take care of the following:

* Back up all user data
* Record all users account names and passwords
* Plan groups and rights assigned to groups
* Plan network shares and permissions
* Create a network usage policy
* Creating a network security policy

That is just a very short list of what you have in front of you. The specifics of your environment will determine what other issues you need to consider. Plan out everything you can think of in advance, and then attempt to implement your plan. Remember that nothing ever works as planned, so be flexible and consider viable alternatives when things don't work.

SWM user: Is it possible to use a workgroup name for the network neighborhood in a Windows 2000 Professional computer that is a part of Windows 2000 domain?
Shinder: I highly recommend that you do not use a workgroup name that is the same as your domain name. This will cause problems with your Browse list and confusion among your users. A better solution, from a security standpoint (and general network management standpoint), is to completely disable the browser service so that resources are not accessible via a browse list. Then publish the resources in the Active Directory that you want to clients to be able to access. You will need to install the Active Directory client software on the Win9x computers to allow them to access network resources via the Active Directory published list.

SWM user: Why can't I right click my folders and use sharing or properties?
Shinder: That indeed is a very unusual problem! I would make sure that you are logged into the computer with an account that is a member of the local administrator's group.


Read more Expert's answer compilations here.

Try to stump our experts! Ask a Windows-related question that has been plaguing you.

Dig Deeper on Windows client management

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.