Windows NT

Support Menu

Last Updated On: 08/05/2004

Windows NT Navigation

The Logon Process

The logon process, while it can be automated through changes in the registry, can never be bypassed. The logon process must take place. This is an important security feature. A user cannot access Windows NT unless that user actively logs on.
The logon process is initiated by using the CTRL-ALT-DELETE key sequence. This is a security feature that greatly lessens the likelihood that someone could write a program that mimics the logon process to steal a username and password. This key sequence sends an interrupt that a typical application can't accept. (That's why this key sequence reboots the system in DOS).

The logon process follows these steps:

  1. A user initiates the CTRL-ALT-DEL logon key sequence and enters his/her username and password.
  2. NT's local security authority checks this information with the SAM (Security Accounts Manager) for a valid account.
  3. This account is checked with the directory database to determine what files that user has access to and on what level that permission exists.
  4. An access token is returned. This token acts as a key, giving the user access to the resources, which have been granted to that particular user.
  5. Whenever a new process begins, the token is attached. This way, the user does not have to resubmit his/her security information every time a process or application attempts to access resources.

    Windows 95 also has the ability to log on users, but you will notice that 95 will create a user account for someone logging on if one does not already exist. If a user wants to log on to Windows NT, that user must already have an account set up in Windows NT; otherwise NT will not allow the user to log on.


The Windows NT desktop was designed to have the look and feel of the Windows 95 desktop. Many of the same shortcuts and features are common to both operating systems. There are, however, some important differences.

The Security Applet

To access the security applet, simply use the CTRL-ALT-DEL key sequence. A security applet will appear, giving you the options of locking the workstation, bringing up the Task Manager, shut down, log off, and change password.

Start Menu Options

One common feature between Windows NT 4.0 and Windows 95 is the "Start" button on the task bar. Most of the features are identical, so we will focus on those that are very different which include the Command Prompt and the Administrative Tools.

Command Prompt

The Windows NT 4.0 Command Prompt is accessible by clicking Start then Programs and then Command Prompt. This is very similar to the Windows 95 DOS prompt, but it is not DOS. It is a 32-bit command prompt that emulates many features of DOS and does allow most DOS applications to run in Windows NT. This command prompt is very useful, especially since there are things that can be done from here that cannot be done anywhere else. For example, typing the command "RDISK" at the command prompt performs the task of making or updating a repair disk. You could also type a command at the RUN command prompt by clicking Start then Run. However, it is often easier to use the command prompt.

Administrative Tools

Window NT 4.0's Administrative Tools menu is accessed by clicking Start, Programs, and then Administrative Tools. A wide variety of useful tools can be found here. Some are added when other components are installed, but only the default tools will be covered in this curriculum.

A user must be logged on as administrator in order to access the features of the Administrative Tools


Windows NT Backup is a very basic backup utility for use with a mass storage device such as a tape backup drive. It works well but lacks some features found in many commercial backup software packages, such as scheduling. More information is found about NT Backup in TechNet.

Disk Administrator

Disk Administrator is a utility that allows the user to delete, create, and modify partition and drive information on local mass storage devices such as hard drives and CD-ROM's. See the Disk Administrator Section for more details.

Event Viewer

The Event Viewer is a powerful tool for troubleshooting Windows NT problems. See the Event Viewer section for more details.

Performance Monitor

NT Performance Monitor is an optimization tool used to determine system performance problems. It is an extremely powerful tool, but it is beyond the scope of this curriculum and Dell support. If you wish more information about Performance Monitor, a very good article resides in TechNet called "Zen and the Art of Performance Monitoring".

Remote Access Administrator

Windows NT Workstation can act as a server in some respects. Other systems can connect to a system running NT Workstation and access files and other resources (Only one connection is allowed on a system running NT Workstation, as opposed to Server, which allows 256 concurrent connections). That same feature not only exists on a network, but over an analog phone line. Remote Access Administrator is used to configure incoming RAS connections. This tool is also beyond the scope of this curriculum and Dell support.

User Manager and User Accounts

Windows NT requires that a user account be present for a user before that user can log into the operating system. This is very vital security feature since without an account, it is impossible to walk up to an NT system and log on.

User Manager is used to create and modify user accounts. The user accounts that exist are listed in the top window. Notice that two accounts exist in the Figure 12: Michael_Hughes (Administrator renamed) and guest.

The bottom window contains groups. Individual user accounts can be placed into these groups to give them common user rights. Rather than having to keep up with the user rights of a hundred people who should all have the same rights anyway, place them in the same group.

User accounts are created by accessing the "User" menu in User Manager. By choosing "New Userů", a prompt will appear for the account information,

Accounts are renamed, deleted, copied, and altered, all from the User Manager. The accounts can be added to groups and attributed to different NT characteristics as well. In User Manager two default accounts already exist in the User Manager upon installation of NT--Administrator and Guest. Administrator is an account that gives the user full access to all resources and configurations. A user must be logged on as administrator to have access to administrative tools and to have the ability to change most system settings.

Guest is a default account that allows users to log on and use installed applications, but not much else. Rights are very restrictive with this account. Both of the default accounts, administrator and guest, can be renamed or copied to create new accounts with the same characteristics. They cannot, however, be deleted. In the above figure, the account for administrator was renamed Michael_Hughes. This enables the user to log on to Windows NT and various network servers using one logon with the same username and password.

Windows NT Diagnostics

This area is covered in detail by clicking on NT Diagnostics in the menu