A+ Certification / Beginners

Administrative Tools

Microsoft has included a number of tools with each iteration of Windows to simplify system administration. While some tools have very specific purposes and are used only on rare occasions, you will come to rely on a number of them and access them on a regular basis. It is this latter set that we will examine in the following sections.

Task Manager

Task Manager lets you shut down nonresponsive applications selectively in all Windows versions. In current versions of Windows, it can do so much more, allowing you to see which processes and applications are using the most system resources, view network usage, see connected users, and so on. To display Task Manager, press Ctrl+Alt+Delete and click the Task Manager button (in earlier Windows versions, you only needed to press Ctrl+Alt+Delete). In Windows XP, whether the Security screen appears depends on whether you're using the Windows XP Welcome screen (you can change this setting on the Screen Saver tab of the computer's Display Properties dialog box). By default, in Windows 7, Vista, and XP, the Windows Security screen does not display if you press Ctrl+Alt+Del (unless it is a member of a domain); instead, Task Manager opens right away or you are given a set of tasks, among them Start Task Manager.

You can also right-click on an empty spot in the Taskbar and choose it from the pop-up menu that appears.

Tip:
To get to Task Manager directly in any of the Windows versions that include it, you can press Ctrl+Shift+Esc.

Task Manager has at least five tabs: Applications, Processes, Performance, Networking, and Users. A sixth tab, Services, appears in Windows 7 and Windows Vista.

The Networking tab is shown only if your system has a network card installed (it is rare to find one that doesn't). The Users tab is displayed only if the computer you are working on is a member of a workgroup or is a stand-alone computer. The Users tab is unavailable on some computers that are members of a network domain (depending on the OS and the configuration). Let's look at these tabs, in the order of their appearance, in more detail:

  • Applications
    The Applications tab lets you see which tasks are open on the machine. You also see the status of each task, which can be either Running or Not Responding. If a task/ application has stopped responding (that is, it's hung), you can select the task in the list and click End Task. Doing so closes the program, and you can try to open it again. Often, although certainly not always, if an application hangs you have to reboot the computer to prevent the same thing from happening again shortly after you restart the application. You can also use the Applications tab to switch to a different task or create new tasks.
  • Processes
    The Processes tab lets you see the names of all the processes running on the machine. You also see the user account that's running each process as well as how much CPU and RAM resources each process is using. To end a process, select it in the list and click End Process. Be careful with this choice because ending some processes can cause Windows to shut down. If you don't know what a particular process does, you can look for it in any search engine and find a number of sites that will explain it.

You can also change the priority of a process in Task Manager's Processes display by right-clicking on the name of the process and choosing Set Priority. The six priorities, from lowest to highest, are as follows:

  • Low
    For applications that need to complete sometime but that you don't want interfering with other applications. On a numerical scale from 0 to 31, this equates to a base priority of 4.
  • Below Normal
    For applications that don't need to drop all the way down to Low. This equates to a base priority of 6.
  • Normal
    The default priority for most applications. This equates to a base priority of 8.
  • Above Normal
    For applications that don't need to boost all the way to High. This equates to a base priority of 10.
  • High
    For applications that must complete soon, when you don't want other applications to interfere with the applications' performance. This equates to a base priority of 13.
  • Realtime
    For applications that must have the processor's attention to handle timecritical tasks. Applications can be run at this priority only by a member of the Administrators group. This equates to a base priority of 24.

If you decide to change the priority of an application, you'll be warned that doing so may make it unstable. You can generally ignore this option when changing the priority to Low, Below Normal, Above Normal, or High, but you should heed this warning when changing applications to the Realtime priority. Realtime means that the processor gives precedence to this process over all others-over security processes, over spooling, over everything-and this is sure to make the system unstable.

Task Manager changes the priority only for that instance of the running application. The next time the process is started, priorities revert back to that of the base (typically Normal).

Services (Windows 7 and Vista only): The Services tab lists the name of each running service as well as the process ID associated with it and its description, status, and group. A button labeled Services appears on this tab, and clicking it will open the MMC console for Services, where you can configure each service. Within Task Manager, right-clicking a service will open a context menu listing three choices: Start Service, Stop Service, and Go To Process (this takes you to the Processes tab).

Performance: The Performance tab contains a variety of information, including overall CPU usage percentage, a graphical display of CPU usage history, page-file usage in MB, and a graphical display of page-file usage. This tab also provides you with additional memoryrelated information such as physical and kernel memory usage as well as the total number of handles, threads, and processes. Total, limit, and peak commit-charge information also appears. It's good to know that you can use the Performance tab to keep track of system performance. Note that the number of processes, CPU usage percentage, and commit-charge information always appear at the bottom of the Task Manager window, regardless of which tab you have currently selected.

Networking: The Networking tab provides you with a graphical display of the performance of your network connection. It also tells you the network adapter name, link speed, and state. If you have more than one network adapter installed in the machine, you can select the appropriate adapter to see graphical usage data for that adapter. Bluetooth would show up on this screen as well.

Users: The Users tab provides you with information about the users connected to the local machine. You'll see the username, ID, status, client name, and session type. You can rightclick the name of any connected user to perform a variety of functions, including sending the user a message, disconnecting the user, logging off the user, and initiating a remotecontrol session to the user's machine.

Use Task Manager whenever the system seems bogged down by an unresponsive application.

MMC

Microsoft created the Microsoft Management Console (MMC) interface as a front end in which you can run administrative tools. Many administrators don't even know that applications they use regularly run within an MMC.

Computer Management

Windows includes a piece of software to manage computer settings: the Computer Management Console. The Computer Management Console can manage more than just the installed hardware devices; the Computer Management Console can manage all the services running on a computer, in addition to a Device Manager that functions almost identically to the one that has existed since Windows 9x. It contains an Event Viewer to show any system errors and events as well as methods to configure the software components of all the computer's hardware.

To access the Computer Management Console, you can go through Administrative Tools in Control Panel or just right-click the Computer/My Computer icon and choosing Manage. After you are in Computer Management, you will see all of the tools available. This is one power-packed interface, which includes the following system tools:

  • Device Manager: Lets you manage hardware devices.
  • Event Viewer: A link to the tool that allows you to view application error logs, security audit records, and system errors.
  • Shared Folders: Allows you to manage all of your computer's shared folders.
  • Local Users And Groups: Allows you to create and manage local user and group accounts.
  • Performance Logs And Alerts: Shows you how your system hardware is performing, and alerts you if system performance goes under a threshold you set.

Computer Management also has the Storage area, which lets you manage removable media, defragment your hard drives, or manage partitions through the Disk Management utility. Finally, you can manage system services and applications through Computer Management as well.

Administrative Shares vs. Local Shares

Administrative shares are created on servers running Windows on the network for administrative purposes. These shares can differ slightly based on which OS is running, but end with a dollar sign ($) to make them hidden. There is one for each volume on a hard drive (C$, D$, etc.) as well as admin$ (the root folder - usually C:\WINDOWS), and print$ (where the print drivers are located). These are created for use by administrators and usually require administrator privileges to access.

Local shares, as the name implies, are those that are created locally and are visible with the icon of a hand beneath them.

Services

This tool (SERVICES.MSC) is an MMC snap-in that allows you to interact with the services running on the computer. Select Start a Control Panel a Administrative Tools and choose Services and you will see those configured on the system. The status of the services will typically either be started or stopped, and you can right-click and make a choice from the context menu: Start, Stop, Pause, Resume, Restart. Services can be started automatically or manually or be disabled. If you right-click a service and choose Properties from the menu, you can choose the startup type as well as see the path to the executable and any dependencies.

Performance Monitor

Performance Monitor differs a bit in different versions of Windows, but it has the same purpose throughout: to display performance counters. While lumped under one heading, two tools are available-System Monitor and Performance Logs And Alerts. The System Monitor will show the performance counters in graphical format. The Performance Logs And Alerts utility will collect the counter information and then send that information to a console or event log.

Performance Monitor's objects and counters are very specific; you can use Performance Monitor as a general troubleshooting tool as well as a security troubleshooting tool. For instance, you can see where resources are being utilized and where the activity is coming from.

Working with Performance Monitor

  1. Select Start → Control Panel → Administrative Tools, and choose Performance. (Windows 7 calls it Performance Monitor, while Windows Vista calls it Reliability and Performance Monitor.)
  2. Click the Add Counters button (depending on the OS, you may need to choose the Performance Monitor section before the Add Counters button will show), and choose to add the Processor Performance object.
  3. Add the %Processor Time counter (if it is not added by default), and then click Close.
  4. Choose Start → Search → For Files And Folders and click the Search Now button without specifying any particular files to look for. Quickly change to Performance Monitor and watch the impact of this search on the processor. This action is time consuming and therefore will help you notice the changes that take place in Performance Monitor.
  5. Run the same operation again, but this time change your view within Performance Monitor to histogram (click the two buttons to the left of the plus sign [+]).
  6. Run the same operation again, and change your view within Performance Monitor to report (click the button directly to the left of the plus sign [+]).
  7. Exit Performance Monitor.

Task Scheduler

Accessible either beneath Computer Management or via Start → All Programs → Accessories → System Tools, the Task Scheduler (Scheduled Tasks in Windows XP) allows you to configure an application to run automatically or at any regular interval. There are a number of terms used to describe the options for configuring tasks: action (what the task actually does), condition (an optional requirement that must be met before a task runs), setting (any property that affects the behavior of a task), and trigger (the required condition for the task to run).

For example, you could configure a report to automatically run (action) every Tuesday (trigger) when the system has been idle for 10 minutes (condition), and only when requested (setting).

Windows System Configuration Tools

The Msconfig system configuration tool differs a bit in the tabs that it has based on the Windows version you are running, but the key ones are General, Boot, Services, Startup, and Tools. In Windows XP, Boot is actually Boot.ini, and this tab lets you modify the BOOT.INI file and also specify other boot options. On the Services tab, you can view the services installed on the system and their current status (running or stopped). You can also enable and disable services as necessary.

The Msinfo32 tool, displays a fairly thorough list of settings on the machine. You cannot change any values from here, but you can search, export, save, and run a number of utilities (accessed through the Tools menu option). There are a number of command-line options that can be used when starting Msinfo32, and Table-11 summarizes them; with the exception of three that are available in Windows 7 and Vista as well, most are available only in Windows XP.

Table-11 Msinfo32 command-line options


Option 			Function
/category (available  	Specifies a category to be selected when the
only in Windows XP)	utility starts

/computer 		Allows you to specify a remote computer to
			run the utility on

/nfo 			Creates a file and saves it in .NFO format

/pch (available only	Displays the history view
 in Windows XP)

/report 		Creates a file and saves it in .TXT format

/showcategories 	Shows category IDs instead of friendly names
(available only in 
Windows XP)

/? (available only	Shows the command-line options available
in Windows XP) 		for use with the utility

Another utility to know is the DxDiag (DirectX Diagnostic) tool. This tool (which can be summoned alone or from the Tools menu of Msinfo32) allows you to test DirectX functionality. When you start it, you can also verify that your drivers have been signed by Microsoft. DirectX is a collection of application programming interfaces (APIs) related to multimedia.

Finally, MSTSC (Remote Desktop Connection) is used to configure remote desktop connections. It offers a glut of options.

Power Management

The Advanced Configuration Power Interface (ACPI) must be supported by the system BIOS in order to work properly. With ACPI, it is the BIOS that provides the operating system with the necessary methods for controlling the hardware. This is in contrast to Advanced Power Management (APM), which only gave a limited amount of power to the operating system and let the BIOS do all the real work. Because of this, it is not uncommon to find legacy systems that can support APM but not ACPI.

There are three main states of power management common in most operating systems:

  • Hibernate
    This state saves all the contents of memory to the hard drive, preserves all data and applications exactly where they are, and allows the computer to completely power off. When the system comes out of hibernation, it returns to its previous state.
  • Standby
    This state leaves memory active but saves everything else to disk.
  • Suspend/Sleep
    In most operating systems, Sleep is used interchangeably with Hibernate. In Windows XP, Hibernate is used instead of Suspend. Windows 7 and Windows Vista offer both Hibernate and Sleep (not Suspend). Sleep puts the system in a low-power state, while Hibernate turns it off.

If you are interested in saving power with a system that is not accessed often, one option is to employ Wake on LAN (WoL). Wake on LAN is an Ethernet standard implemented via a card that allows a "sleeping" machine to awaken when it receives a wakeup signal. Wake on LAN cards have more problems than standard network cards. In our opinion, this is because they're always on. In some cases, you'll be unable to get the card working again unless you unplug the PC's power supply and reset the card.

Windows offers quite a range of choices from the Shut Down (non-Windows XP/ Vista) or Turn Off Computer (Windows XP and Vista) command under the Start menu (in Vista, it appears as an icon of an on/off button and does not have a label). Note that with a configuration called Fast User Switching, Windows XP also displays Shut Down rather than Turn Off Computer. When you select this option, Windows presents you with several choices. Exactly which options are available depends on the Windows version you are running.

Tip:
Whether you see Shut Down or Turn Off Computer has a lot to do with the way your user interface is configured (Classic View, for example). Regardless of the name of the option, it performs the same function.

The possible choices are as follows:

  • Shut Down/Turn Off (Windows XP and Vista): This option writes any unsaved data to disk, closes any open applications, makes a copy of the Registry, and gets the computer ready to be powered off. Depending on the OS, the computer is then powered down automatically, or you'll see a black screen with the message It's now safe to turn off your computer. In this case, you can power off the computer or press Ctrl+Alt+Del to reboot the computer.
  • Restart: This option works the same as the first option, but instead of shutting down completely, it automatically reboots the computer with a warm reboot.
  • Stand By (Windows XP only): This option places the computer into a low-power state. The monitor and hard disks are turned off, and the computer uses less power. To resume working, press a key on the keyboard; the computer is returned to its original state. In this state, information in memory is not saved to hard disk, so if a power loss occurs, any data in memory will be lost.
  • Switch User: This option allows you to switch users on a machine without closing programs. This is generally not recommended in a work environment for the security reasons associated with leaving programs running.
  • Log Off: This option is recommended over Switch User because it closes all open programs and then logs off the user-allowing another user to then log on.
  • Lock: This option leaves programs running but locks the computer and requires the user's password to be entered again before the session can continue.
  • Hibernate: This option saves the session to disk and turns off the computer so no power is used. When the computer is powered back up, the session resumes.
  • Sleep: This option keeps the session in memory and puts the computer in a low-power state from which you can quickly resume. This is like Hibernate, but without fully powering down the computer.
Tip:
If you enable Hibernation on a Windows XP machine, you can place the computer into hibernation by holding down the Shift key while clicking Stand By on the Turn Off Computer screen. Using the Hibernation feature, any information in memory is saved to disk before the computer is turned off. Going into and coming out of hibernation takes more time than going into and coming out of Stand By/Sleep mode.

Sleep timers allow you to configure a system to sleep for certain periods of time to conserve power. While not included with the operating system, a number of downloadable programs can be found that will turn the machine off at a certain time or after some specified condition is met.

[Previous] [Contents] [Next]

In this tutorial:

  1. Microsoft Operating Systems Administration
  2. The Command Prompt
  3. The Windows Registry
  4. Administrative Tools
  5. Disk Management