MCSE Core Technologies:
NT 4.0 Architecutre
Compiled by Amos Satterlee
back to Introduction/TOC


NT 4.0:
Runs in Protected mode. User mode (Ring 3) cannot directly access hardware and must go through Kernel mode (Ring 0).
  • Uses pre-emptive multitasking
  • Keeps applications in protected memory space
  • Uses a task scheduler to control multi-threading

    Legend:
    User Mode
    Kernel Mode
    		•   
    Win 16:
    Also known as Windows-on-Windows subsystem
  • 16-bit Windows applications multi-task cooperatively within a shared Virtual DOS Machine (VDM).
  • 16-bit aps can communicate with other aps.
  • more
    		•   
    Logon Process:
    Uses the WinLogon process. Mandatory logon using Ctrl-Alt-Del prevent Trojan Horses and key-capture.
  • Diagram
    		•     
    Virtual DOS Machine (VDM):
    This is a 32-bit software emulation of the hardware devices that DOS programs try to access directly
  • Autoexec.NT and Config.NT are the equivalent of Autoexc.bat and Config.sys.
  • DOS aps cannot communicate with other aps
    		•   
    Security Subsystem:
    Transfers data between the WinLogon process and the Security Reference Monitor.
  • Files, Groups, Policies and Permissions
    		•   
    POSIX:
    Only Version 1 aps are supported, and only in text mode.
    Win 32:
    The main subsystem that handles all 32-bit applications.
  • Also handles user input and screen output for the entire system.                       
    		•
    OS/2:
    Only Version 1.3 and earlier aps are supported, and only in text mode.
    Security Reference Monitor:
    Real-time validation of every access or action to make sure they're authorized
  • Security Accounts Manager (SAM) database
    		•  Object Manager:
    Controls activities of System Objects, including use, naming, removing, tracking, and security    		 Process Manager:
    Controls creation, deletion, and tracking of Process and Thread Objects
  • Allows applications to start, stop, or communicate between processes
    		•  Local Procedure Call Facility:
    Handles communication between an Application and its Subsytem in User Mode
  • Applications communicate with Subsystems in a client/server manner
    		•  Virtual Memory Manager:
    Maintains and controls Physical and Virtual Memory
  • more
    		•  I/O Manager:
    Oversees communication with disk storage devices and network adapters.

    Cache Manager:
    Manages all device caching for the system

    Files System drivers:supporting FAT, NTFS, etc.

    Network drivers:


    Device drivers:


    		 Windows Manager:
    Input and output services for the screen and graphic devices

    Graphics Device Interface:


    Graphics Device drivers:
    Kernel or Microkernel:
    Prioritizes and schedules threads
    Synchronizes multiple processores
    Assigns threads to processor(s) for execution
    Hardware Abstraction Layer (HAL):
    Hardware specific components and configurations
    Handles requests from the kernel and device drivers
    Handles details of symetric multi-processing (SMP)

    SYSTEM HARDWARE



    back to Introduction / TOC

    14 July 1999: Initial post