W2000 Domain with XP pro and Windows 98 - Best practices

Posted on 2004-11-22
Last Modified: 2010-03-18
Hi all, i'd like you to point me in some directions regarding the following:

A school with 7 servers W2k (2 DC+DNS, 1 DHCP, 1 ISA2000+Exchange2000, 3 File and Print Servers) , none of the servers has backup hardware like tapes.

Workstations, 50 W98, 75 WinXP pro

I would like to apply group policies, which is no problem with Windows XP Pro, but regarding the W98 i really don't know how to handle them.

I'd like to restrict access to the w98 definitions like control panel, disable command line, disable access to the network settings, disable software instalation and so on....

The users can be using whatever machine is available (w98 ou XP) , i'd like to have drives mapped regardless of logging in w98 or xp.

I really want to lock down the w98's.

I also need a good strategy to backup all the servers.



Question by:bmquintas
    LVL 9

    Accepted Solution

    Group policies are not possible with Windows 98 machines.  Only NT-based systems can implement gorup policies.  If you need a solution for 98, try Winlock (  I used it when I still had 98 machines.  Only problem is management has to be done machine-by-machine.  No central management is possible.

    The mapped drives can be done with a simple logon script specified under the profile tab of user properties on the server.  If you need assistance creating that script, let me know and I'll post examples.

    Backing up servers really requires a tape backup.  Worst case....if you simply cannot get a tape backup, try implementing Distributed File System and creating a Replica Set for the essential files that you do not want to lose.  Copying files to another server gives you a small measure of security, anyway.  Good link to discuss these concepts further and walk you through the installation is here:

    Also...for those 98 machines to properly read the Active Directory structure, you will need to install the DSClient onto all of those machine, or they may not work properly.;en-us;288358

    Hope that helps.

    LVL 6

    Author Comment

    Thanks for the heads up James, what about using poledit for w98, can i get something with that?
    With xp , i don't need to assign logon scripts to users, i'll assign them to OU's through GP, do i need do assign them to individual users to get the drives mapped with 98?
    LVL 9

    Expert Comment

    Yes...poledit can be used.  I kind of forgot about that.  I don't know you'll have the same flexibility as WinLock.  I know that for what I wanted (at the school I manage) poledit was insufficient, but for your purposes, it might just do the trick.  Good link for poledit info:

    As far as the drives go...I would still use logon scripts for all of the machines.  The reason is that it will make the transition easier if a user ever moves from 98 to XP machines.  If there will never be any users that move between differing machine types, then you can easily implement drive mapping with group policy.  I have found the approach a little overkill for the school I maintain.  If you ever need to add or make changes, they can be more quickly implemented if you use logon scripts, than using group policy.

    Group policy is great...but the more you add to it, the more quirky it can become.  If I can do something without group policy, I usually try to.  But in theory, it won't hurt to do it either way.

    LVL 6

    Author Comment

    Thanks for helping James.

    Expert Comment

    Bruno, there is a new server-based version of WinLock available.  I paid $500 (k-12 pricing) and got something like 7 products from Visionsoft: .  You still have to deploy the WinLock7 client on each W98 machine - or you can do it with a login script - but all of the settings are centralized by account on the server.  I use Group Policy for our XP machines.

    I also use an imaging product to duplicate settings out to each of the workstations - Norton Ghost is a popular one, but I use Acronis.

    (Director of Technology for a K-8 school district)

    LVL 6

    Author Comment

    Thanks for the info i'll get a look into it.

    Featured Post

    Enabling OSINT in Activity Based Intelligence

    Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

    Join & Write a Comment

    Have you ever set up your wireless router at home or in the office to find that you little pop-up bubble in the bottom right-hand corner of Windows read "IP Conflict - One of more computers on the network have been assigned the following IP address"…
    This article is in response to a question ( here at Experts Exchange. The Original Poster (OP) requires a utility that will accept a list of IP addresses …
    Internet Business Fax to Email Made Easy - With eFax Corporate (, you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
    This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor ( If you're looking for how to monitor bandwidth using netflow or packet s…

    731 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    16 Experts available now in Live!

    Get 1:1 Help Now