This is the update to an article I have been using from the EARLY 2000's, which went "dead" in about 2006/2007.
I have modified the article in minor ways to keep it "current".
This process will work on supported hardware or a VM.
Microsoft discontinued support for Windows NT Workstation 4.0 as of January 1, 2021.
Microsoft support for Windows NT Server 4.0 — including Standard, Enterprise Edition, and Terminal Server Edition — ended Dec. 2004. This means that Microsoft will no longer provide nonsecurity hot fixes for Windows NT Server 4.0.
Microsoft provided online support forums until Jan. 2005.
This guide ASSUMES the use of a NT4.0 SP4 ISO for install
Hardware Qualification (old/unneeded)
1. Qualify your hardware:
2. Insert a blank diskette.
3. Execute cd-rom_drive:\Support\Hqtool\Makedisk.bat
4. Reboot from the diskette
5. Run NTHQ from the diskette.
6. Make sure that the hardware components listed is on the HCL (Hardware Compatibility List).
1. To prepare Hard Disks and other hardware devices:
2. Slots, IRQ and DMA availability limits
3. Domain name & Work Station names.
4. Download Disk Format Tools, updated NTFS/HIMEM
5. Format hard disk by executing, from command-line, a Disk Format Tools from a diskette that SUPPORTS CD Drives & NTFS!
IF NEEDED: Disk Format Tools, can converts NTFS TO FAT32 TO FAT16 (Any TO Any).
The partition size that NTFS (NT File System) supports (as implemented in Windows NT 4.0) is very large, on the order of 16 terabytes. FAT and HPFS partitions (used in previous versions of NT, as well as in Windows 95 and 98) are, "originally", limited to 4 gigabytes (GB).
6. Review THEN Commit changes before formatting.
7. If use removable media (portable drives such as Zip/SD/USB disks), create alternate hardware sets NTFS volumes require reboot after mounting.
8. Select C: as the boot-up system disk.
Beverly Hills Software, the NT Resource.
1. Create 3 NT Setup boot diskettes from the CDROM:
From a Windows 9x computer: x:\I386\winnt32 /ox
2. To save setup time, copy Server setup files to I386SERV (or Ppc or Alpha or MIPS) directory on the C: disk. copy Work Station setup files to I386WORK
OPTIONALLY 3. For unattended setup:
4. Execute setup program WINNT32 to upgrade from version 3.51
1. Press "N" to install rather than Enter for Upgrade.
2. Partition to install NT (USE "your premade "WORK-AROUND" 7.8GB)
3. File system (Leave it as NTFS partition, DO NOT FORMAT IT AGAIN)
4. Use Location WINNT for Server, WINTWS for Workstation, WINIIS for IIS.
1. ) Get information
1. Installation type (Workstation or Server)
2. User Name . Organization can contain 255 characters. This creates an unmovable SID (Security IDentifier) which uniquely identifies the domain
3. Licensing Mode per Server for 10 concurrent connections.
4. Computer Name (a.k.a. Netbios Name) is 15 characters or less, unique and contain no spaces
5. Type of server - PDC, BDC, or member (stand-alnoe) server.
Changing from PDC to member server requires reinstall
6. Password for Administrator account
7. Request creation of non-bootable Emergency Repair Disk to save the machine-specific Registry (files in the Repair folder). Internally. NT compares setup.txt files. (Just in case, Modern Tools are better mind you)
8. If custom setup was selected earlier: Optional components
2. ) Installing Windows NT networking
1. "Wired to the network" rather than "Remote access to the network" (RAS and Dial-up networking)
2. Leave unchecked to not install IIS v3 (wait to install with downloaded IIS's lastest supported setup file).
3. Network interface care installation (Select from list, Have Disk, etc.)
5. No to DHCP Server (Dynamic Host Configuration Protocol) to automatically obtain an IP address.
6. IP (Internet Protocol) addressing (ICP = I see many Problems)
3. ) Finishing setup
1. Time zone, date, and time
2. Exchange box configuration
Uncheck "Show this welcome screen next time you start Windows NT" and close the help screen.
Boot up again using [VGA mode] as Administrator
Install drivers for video, hard drives, etc.:
1. Install video driver (Display Type, Change, Have Disk, Browse to select folder, Open, close screen.
2. Verify hard disk drivers. In some cases, NT 4.0 Setup mistakes an EIDE controller for a generic ATAPI controller, and automatically loads the ATAPI.SYS driver--which doesn't know how to deal with the second drive. To correct the problem, disable ATAPI.SYS (using Control Panel/Devices) and load the appropriate EIDE driver.
3. Boot up again using [VGA mode]
4. select new video settings (256 colors, 75 Mhz, 800x600, Small Fonts, etc.)
5. Boot up again using default mode
The default location of the CD-ROM is stored in the Registry:
From Windows NT Explorer
1. Set NT Explorer's View, Options to Show all files because Files that are not displayed are not copied.
2. Create New "Users" folder under the root
3. Click to expand folder WINNT
Right-click on Explorer.exe and Create Shortcut
Right-click on Notepad.exe to Create Shortcut to edit notes about the configuration.
4. Copy Notepad.exe in C:\Winnt\Profiles\Default Users\ SendTo
5. Unselect "Read Only" attribute for boot.ini file.
6. Winnt\System32 folder:
7. Go to C:\Winnt\Profiles\All Users\Start Menu\Programs\ Administrative Tools (Common)
Minimize other windows to expose an area of the desktop around the NT Explorer screen.
Ctrl-right-click each of the following to create Shortcut
windisk.exe Disk Administrator file
usrmgr.exe User Manager for Domains
srvmgr.exe Server Manager
perfmon.exe Performance Monitor
winmsd.exe Windows NT Diagnostics
dhcpadmin.exe DHCP Administrator
eventvwr.exe Event Viewer
Optional: Create new shortcuts on the desktop by highlighting and Ctrl-dragging these files to the desktop:
1. Rdisk.EXE to backup the Registry to the Emergency Repair Disk.
2. POLEDIT.EXE (Policy Editor) in “Program Files \ORKTools \Tools \Policy \Editor”
3. regedt32.exe used to manipulate the Registry.
4. NT Backup or better 3rd Party backup software
1. If desired for security, Macintosh access, etc.: Convert FAT to NTFS:
2. Execute Disk Administrator (from the NT Administrative Tools) to create a 32-bit signature in the Master Boot Record recognized by the NT fault tolerant driver (Ftdisk.sys).
Select Options, Colors and Patterns, select Primary Partition, and set color to a lighter color so you could see the asterisk (*) which highlights the boot drive.
To make NTFS partition larger than 4G, extend the NTFS partition.
RAID 0 (Redundant Array of up to 15 Inexpensive Disks with equal amounts of space accessed in 64K blocks with no fault tolerance)? Use NT Volume sets to sequentially use up to 32 unpartitioned areas combined from 1 or more disks (starting with a single drive to allow for future expansion). Failure in any part of a volume set crashes the whole set.
Noting the speed of current HDD/SSD's, ONLY the "lastest/last" SCSI PCI controllers (perhaps SATA1.5) with NT4 drivers, could benefit from RAID 0.
RAID 1 mirroring two drives The most dependable.
RAID 5 disk striping with parity. Use Striped Sets to spread use of unformatted free space of the same size on 2 to 32 disks. Improves performance. Cannot be used to store system data.
3. Create a Fault Tolerant boot diskette.
4. Important: Create an NT boot diskettes by copying files:
(if dual-booting) bootsect.dos.
5. Click on boot.ini to add option to boot from secondary drive (if file has already been made read/write)
Add "IIS" and/or other member server services to boot-up entry.
If using Mirror drives for redundancy:
6. Execute Network from the Control Panel: or right-click on the desktop's Network Neighborhood, select Properties, click Change button,
Change a server's Identification domain name.
Specify networking Protocol and specify Server, Gateway, and DNS addresses.
Command Prompt hostname for your computer's NetBIOS computer name.
Find the PDC hostname from another local computer with command Run \\<hostname> Can't see new hosts immediately from Network Neighborhood because Master Browser is not updated frequently.
Command Prompt IPCONFIG /ALL for IP address and Ethernet adapter info. and 48-bit MAC address Unique Identifier burned in the EPROM.
7. Communication with remote servers:
To set server as a WINS Proxy (to listen for WINS requests, resolve from cache, or forward to a WINS server): Set HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Netbt\Parameters key RKNG, EnableProxy to 1.
Command Prompt (Packet InterNet Groper) PING 127.0.0.1 loopback IP address to verify connections - TTL (Time To Live) not timed out.
Command Prompt PING your gateway address to make sure it's up.
Command Prompt TRACERT (Trace RouTe) of hops toward a remote domain name.
Command Prompt ROUTE PRINT (or netstat -r) for Active Routes: Network Address, Netmask, Gateway Address, Interface, Metric
Command Prompt nbtstat to display protocol statistics and current TCP/IP network connections ESTABLISHED. Use cursor, not Tabs to skip around an IP address.
8. Receive TCP/IP from DHCP within IP scope and NetBIOS Scope )
9. WINS Server address or WINS Replication partnerships (Push & Pull)
10. DNS primary server connection to WINS server for NetBIOS resolution.
11. DNS secondary server with a zone transfer from the primary DNS server on the same zone, different subnet.
Apply Service & Option Packs
Once you could get on the Internet (and if you don't have the files on CD or Zip disk, Etc.):
Download from Microsoft's web site and install in the order below:
1. Cumulative Windows NT Service Pack 3 (18 MB) has:
2. Service Pack 6a, Final for NT 4.0. Installs all other services packs also (cumulative).
3. NT 4.0 USB Patch
4. Internet Explorer 6.with Service Pack 1 upgrade which includes:
5. Once IE6 is installed, you can look at the list of IE 6 add-ons (Real Audio, NetShow, Acrobat Reader, etc.)
6. Windows NT 4.0 Option Pack (DOWNLOAD.EXE retrieves 85MB into folder PWSSetup) has:
Internet Information Server - IIS LATEST
Pesonal Web Server
FrontPage (or other) server extensions.
Internet Connection Services for Microsoft RAS
Transaction Server 2.0
Message Queue Server 1.0
7. Install server applications software:
Anti-virus (very few options)
1. Use POLEDIT to specify default/All User Audit Policies
2. Execute User Manager for Domains program,
Select "Policies", select "User Rights", scroll down list to select "Log on Locally", Add Everyone. Reboot.
3. to access services on other domains:
1. Define cross-domain trusts
2. Create a global group
3. Assign local users to a global group
4. Assign local group to local domain
5. Test access
4. Execute the Server Manager program
Add Users by using "Add Domain" and input Workstation names.
Command Prompt PING your IP address to check for duplicate address use (if address returned is 0.0.0.0).
Check Network Browser
5. Execute NT Explorer to specify Permissions to folders and files in NTFS partitions.
6. Use NT Explorer to configure Properties of legacy 16-bit DOS program PIF files . Note: DOS programs running inside the same 4MB NTVDM.
Use C:\Winnt\System32\sysedit.exe to edit AUTOEXEC.NT and CONFIG.NT?
In a Common Prompt session, Press F7 for history of DOS commands.
IPC's & RPC's ?
7. Execute NT Explorer to mark specific (archive) folders and files in NTFS partitions for compression
8. Execute "Network Client Administrator" to
"Make Network Installation Startup Disk" to create boot-up diskettets used to create clients.
"Copy Client-based Network Admnistration Tools" pointers to a diskette read by a client machine used by Administrators.
Install Member Servers
which don't validate signons
1. Switch from PDC or BDC requires reinstall.
2. From Double-click Network icon> Properties or Start> Settings> Control Panel> Network> Services :
Network Services DHCP Server? (requires reboot)
DNS Server (Domain Name System) using a static database to resolve Internet names to IP addresses. for FTP to Unix servers which doesn't have WINS.
WINS Server (Windows Internet Name Service) using a dynamic database to resolve Netbios names to IP addresses.
3. Join the member server to its domain: Use Network icon, Identification tab, Change button.
4. Click Close and restart.
Baseline Performance (I am looking for more "MODERN TOOLS" for these tasks, I dont use NT4.0 alot anymore)
2. Test File handling,
3. Test backup and restore:
1. Test full system archive
2. Set archive bit off on all files.
4. Execute and run programs (identified in the Acceptance Test Script?) to make sure they work.
5. Make a test incremental backup
6. Test restore options:
Restore data from tape.
Recover from mirrored drive:
1. Execute Disk Administrator and Regenerate fault tolerance.
2. Recreate the mirror.
4. Test Print capability.
5. Test Applications functionality (reports).
6. Perl scripts in cgi-bin
7. Make a post-installation archive stored off-site
8. Turn off monitor and ensure restricted physical access (the door locks closed).
1. Execute Windows NT Explorer
create "Users" directory
View Options Show all files
Copy shortcuts to Notepad or other programs into C:\Winnt\Profiles\Default Users\ SendTo
Double click on boot.ini to set the default partition [boot loader] to boot-up.
2. Create on the desktop a shortcut to Rdisk to backup the Registry to the Emergency Repair Disk.
3. Set NTFS compression (using COMPACT.EXE or NT Explorer).
4. Select C: as the boot-up (system) disk.
5. Software Fault Tolerance?
6. Install Microsoft Office, then the Office Service Pack. The Windows 95 version of Microsoft Office runs today on both NT 3.51 and NT 4.0.
Monitoring & Optimization
Command Prompt netstat -e to display TCP/IP network error statistics on current connections ESTABLISHED.
Review Audit Logs.
Application, System, Security
Run command DISKPERF -Y to enable Disk Counters. (-N to disable)
NDIS 4.0 to capture data sent thru network cards (rather than all traffic promiscuously)
Network Monitor uses SNMP communities of trap servers and trap destinations. Set Capture filters and Display Filters by source/destination address, protocol.
Network> Services> Server> Properties:
Minimize Memory Used for small number (under 10) users
Balance (for 10-64 users)
(Default) Maximize Throughput for File Sharing
Maximize Throughput for Network Applications (SQL Server)
Ctrl-Alt-Del for (currently running) Task Manager
separate memory spaces
incoming concurrent sessions (max. 10 on a workstation and the number of licenses on a server)
Maintain NT Directory Services entries. This is unique to the domain model of NT networking, not to the Windows for Workgroups model.
Demote the SAM on a PDC (Primary Domain Controller)
Promote SAM on a BDC (Backup Domain Controller)
To reinstall DNS server, delete DNS files by copying boot file from System32\DNS\Samples folder.
Add resource records (A = Address of host, MX = Mail Exchange)
Use these reserved private addresses for testing:
1 Class A 10.0.0.0 - 10.255.255.255
16 Class B 172.16.0.0 - 172.31.255.255
255 Class C 192.168.0.0 - 192.168.255.255
In Network TCP/IP DNS search order, put local server address first.