Windows 2000: A Six-Month Report Card

Six months after the release of Windows 2000, the consensus of thought is that it is reliable -- nothing less and not much more, yet.

Microsoft Corp. ( released Windows 2000 Feb. 17 in three versions: Windows 2000 Professional, Windows 2000 Server, and Windows 2000 Advanced Server. The products represented the culmination of about five years of development work on what was formerly known as Windows NT 5.0. At its introduction, Microsoft referred to Windows 2000 as the most important product launch in company history.

Since then, Windows 2000 has gotten favorable reviews from customers, vendors, and the press for its reliability and stability. Microsoft's first Service Pack (SP1) was nothing more than a rollup of necessary but low-profile fixes. ENT estimates Microsoft shipped at least 4.5 million copies of the operating system, a little ahead of conservative projections but not a barnstorming rate, either. But despite the growing base, few customers have progressed to the Active Directory portion of their Windows 2000 migrations yet.

Microsoft, however, fell behind schedule on supporting pieces for the Windows 2000-based enterprise -- Windows 2000 Datacenter Server and the various BackOffice 2000 components. Windows 2000 has shown scalability promise through aggressive bench-marking efforts by Microsoft, but all of the highest-profile benchmarks rely on these still unreleased software components. Some analysts say Microsoft’s focus on what it now calls its most important project, the .NET initiative, means the company isn’t putting enough resources into encouraging developers to write applications for Windows 2000 right now.


For the most part, IT managers contacted by ENT for this report card indicate they are impressed by Windows 2000. At the same time, many of these IT managers haven’t deployed Windows 2000 in their enterprise environments for several reasons.

"Windows 2000 has met my expectations in almost every way," says Andrew Baker, a brokerage information systems coordinator at Lewco Securities Corp. (, a unit of Schroder Group. The operating system has been stable in test environments, but Lewco Securities Corp. hasn’t rolled it out on mission-critical systems.

"[It’s] no fault of the operating system, but many of our projects were held up by Y2K concerns, so we have a bit of catching up to do this year," Baker says. "I still expect to migrate my Web servers to Windows 2000/IIS 5, based on preliminary testing, and then plan for a larger-scale domain migration for early 2001."

John Harris, a manager for laboratory resources at USi Engineering Group (, prefers to err on the side of caution. "We are still testing Windows 2000 [and were] not planning to roll it out to the corporate users until after SP1," Harris says. He says his organization will adhere to its original deployment plan, which called for a Windows 2000 roll-out in the third or fourth quarter of this year. "I've been running it on my personal desktop for nearly a year and it has certainly met my expectations, but then I'm not trying to make it work with Tivoli, Veritas, and a number of other persnickety applications that may or may not have had an update for [Windows 2000]."

As major Microsoft software releases go, Windows 2000 has been a walk in the park. Windows NT 4.0, for example, was besieged almost from the get-go by a fair share of reliability, stability, and security problems -- most of which weren’t sufficiently patched until the release of SP5 in spring 1999. Likewise, the launches of Windows 95, Windows 98, and Microsoft Office have all been besmirched by a variety of well-known issues.

Sure, Windows 2000 has produced a few bugs, but none with the drama or intensity comparable to the pulse quickening litany of vulnerabilities that first assailed Windows NT 4.0. Less than six months after its release, Windows NT 4.0 had already been tagged with an exploit attack that could elevate the privileges of any user with local login rights on a workstation or server to those of an administrator (getadmin.exe); a denial-of-service attack in which over-sized packets sent to a port on the Windows NT TCP/IP stack could cause a Windows NT box to blue-screen; and a utility -- dubbed pwdump.exe -- that could partially decrypt passwords stored in the Windows NT SAM.

The most significant bug coughed-up by Windows 2000 to date is an incompatibility between Active Directory and Windows 2000 domain controllers with more than 50 IP addresses. This problem affects only a very small number of organizations that have deployed Windows 2000 thus far.

Other, potentially serious vulnerabilities -- including an IP fragment reassembly problem that could be leveraged as a denial-of-service attack and an exploit that could allow a user to modify attributes in the Active Directory without the permissions necessary to do so -- received little publicity and were promptly patched by Microsoft.

Windows 2000 SP1 was released in late July and fixed about 260 problems, none of them critical.

"It’s a solid release so far, with hardly anything really big to talk about. Microsoft needed this," says Rob Enderle, senior analyst at Giga Information Group Inc. (

Platform Momentum

In the first four months since the launch, Microsoft says it sold 3 million Windows 2000 licenses. The company said nothing at the operating system’s six-month anniversary. Continuing at a pace of about 750,000 licenses per month, Microsoft should have sold about 4.5 million units by now.

That’s less than half as many license shipments Microsoft sold of Windows NT in 1999, according to market research firm IDC (

But IDC says the company probably hasn’t had much of a decline in Windows NT sales, therefore Windows 2000 sales this year are an add-on to the Windows NT 4.0 business that’s selling about the same amount as in 1999.

"Windows 2000 sales are considerably ahead of what our initial projections were," says one IDC analyst. And a spike in sales is still to come.

"We had to get to SP1, we had to get to six months on the program. People had to do their DNS rearchitecting, Active Directory design, and all that. Those things take time," he says. "I think there’s going to be a ramping of growth, and I see no reason why it won’t continue in a fairly linear fashion throughout the year."

IT organizations that have gone ahead with Windows 2000 deployments have generally positive things to say about the next-generation operating system platform.

"We are very excited with the performance, stability, and remote administrative capabilities that the platform has given us," says Benjamin Zachary, a senior network engineer with systems integrator Advanced PC Solutions (

According to Zachary, Advanced PC Solutions has performed Windows 2000 installations and migrations for a number of clients since the operating system debut.

"We have been installing Windows 2000 Server in commercial installations since the day it was publicly available, and we actually did a 15 computer installation and migration on opening day," he says.

Active Directory

Windows 2000 shipped with Microsoft’s first attempt at an enterprise directory service: Active Directory. Because of the difficulty involved in planning an Active Directory migration, which in larger sites with multiple directory services and scores of Windows NT domains could take over a year, many large enterprise customers haven’t begun planning a roll out of either Windows 2000 or Active Directory.

"Active Directory is not trivial," says John Enck, research director, server strategies, at GartnerGroup Inc. ( "I think a lot of people are wisely spending their time learning it, and there’s a healthy degree of skepticism about it."

One of the biggest hurdles that Active Directory faced out of the starting gate was its lack of interoperability tools for use with other enterprise directory services, particularly with the Novell Directory Services from Novell Corp. (

Both Novell and Microsoft announced interoperability and migration tools dubbed, respectively, DirXML and Services for NetWare 5.0. To date, only Microsoft has shipped its solution. Microsoft’s Services for NetWare includes a directory tool that facilitates bidirectional synchronization between both NDS and Active Directory sites. Services for NetWare can also facilitate Active Directory management from NetWare’s NWADMIN console, as well.

"This is a drop-in solution for customers who want to use NetWare networks with Windows 2000 servers and Active Directory," says Peter Houston, group product manager for Windows 2000 at Microsoft.

One such customer is Joe Chirra, assistant vice president at Mellon Financial Corp. ( Chirra says Mellon will begin planning its Windows 2000/Active Directory migration -- which must interoperate with the company’s existing NetWare 4.x and 5.x systems -- in the fourth quarter of this year. Among its selling points, Chirra is optimistic about the management benefits that Active Directory brings to the table. He says he’s confident Novell and Microsoft will deliver tools to facilitate interoperability between the two directory services.

"With 2000 and Active Directory, I’ll be able to consolidate all of the Windows NT 4.0 domains that we have out there into three domains, and that really reduces the management headache," he says. "We expect Microsoft and Novell to cooperate with one another, because in our world they’re both big players."

Another problem, notes Alan J. Mazer, president and CEO of Philadelphia-based systems integrator Micronautics, is that independent software vendors aren’t writing applications for Windows 2000 or Active Directory yet.

"Nobody is going to release products or write code for Active Directory in the first year," he predicts.


For Windows 2000, Microsoft rewrote its application logo program to create a new class of applications that leverage the operating system and directory services. The low number of Windows 2000 Certified applications, a result of the extremely high bar of that logo program, is frequently misinterpreted as lackluster ISV enthusiasm for Windows 2000.

Microsoft has two significant stamps for applications: Windows 2000 Ready and Windows 2000 Certified. "Ready" means an ISV tested that an application runs on Windows 2000 and will support customers who run the application on Windows 2000. Microsoft says several thousand applications are Windows 2000 Ready. "Certified" means an application has passed a series of tests at Microsoft contractor VeriTest (, ensuring the application installs properly on Windows 2000, adheres to all the disability requirements of the operating system, and takes advantage of Active Directory capabilities. More than 100 applications were certified by the end of June, surpassing Microsoft's goal for the logo program. About two-thirds of those applications are certified for Windows 2000 Professional.

Microsoft has done itself no favors by delaying major 2000-generation releases of its marquee applications, such as SQL Server 2000 and Exchange 2000 Server. The company also has diluted its Windows 2000 message with the new .NET initiative.

"Right now I’d give them a D," Gartner’s Enck says of the company’s efforts to get ISVs behind Windows 2000. "They’ve shifted so much emphasis to .NET, and they’re focusing so much on pushing developer attention to that, that they’re losing momentum on Windows 2000."


A lot of engineering work went into building Windows 2000's scalability. Some significant performance benchmarks have been performed with Windows 2000 Advanced Server and other shipping technologies, showing that Windows 2000 Advanced Server scales across eight processors better than Windows NT 4.0 Server, Enterprise Edition, did.

Some Redmond's most highly touted performance benchmarks, however, came on technologies that are unavailable for purchase at the six-month mark of Windows 2000: Windows 2000 Datacenter Server and SQL Server 2000. Both products were released to manufacturing in late summer, but wouldn’t be available until late September.

The scalability improvement of component load balancing is available only as a technology preview, and won’t be part of a product until Application Center 2000 ships.

On the Horizon

The majority of new servers going into production on Windows technology today are pressed into service with new Windows NT 4.0 licenses. This is unlikely to change until Windows 2000 domain planning is completed and pilot programs are satisfactorily run.

Windows 2000 deployments should pick up significantly over the next six months and into 2001, and that could have interesting ramifications for Windows 2000’s spotless reputation for reliability.

Microsoft’s current plans call for new Service Packs every six months. SP2 should be out sometime in February. With the new features getting their first real test in late 2000 and through 2001, it is still possible that SP3 proves to be the blockbuster Service Pack.

Must Read Articles