Work fast and smart with these Win2K and NT utilities
I'll wager that all systems administrators, and especially those who manage hundreds or thousands of remote systems, rely heavily on the Microsoft Windows 2000 Server Resource Kit or the Microsoft Windows NT Server 4.0 Resource Kit to help them do their jobs. I constantly find new and useful resource kit utilities for performing critical remote administration tasks. In fact, the resource kits contain so many helpful remote administration tools that I have trouble remembering them all. So, I've rounded up 10 of my favorite tools—5 each for Win2K and NT 4.0—that most remote administrators will find invaluable for performing their daily systems administration tasks.
I've chosen tools that I rely on heavily to administer a large Win2K-and-NT environment. I provide usage examples for each tool to give you a sense of its value and how you might use it in your environment. Although my discussion of the tools assumes that you've downloaded Microsoft Windows NT Server 4.0 Resource Kit Supplement One and Microsoft Windows NT Server 4.0 Resource Kit Supplement 4, most of the tools come with the base resource kits.
One point I want to make before I dive into the tools discussion is that the Win2K Server resource kit has raised the bar for the number of useful tools a resource kit provides. Some of these new tools work only with Win2K, but others work equally well with NT 4.0. None of the Win2K tools I mention work on NT, but other Win2K tools do. If you come across other Win2K resource kit tools that you'd like to use with NT, you might find that testing them for backward compatibility pays off.
5 Tools for Win2K
Here are the five tools I've found most useful for remotely managing Win2K systems. Many of these tools help you manage features such as the Windows Installer and Group Policy, which are new to Win2K. Some of the tools in my Win2K toolkit don't explicitly support an option to run against remote machines. However, you can use a variety of techniques to make local tools work remotely. For example, Win2K resource kit tools such as Rcmd and Rconsole let you install a remote shell capability on your Win2K devices. After you install the remote shell, you can use it to copy a tool to the remote machine and run that tool remotely.
1. Addiag. Addiag.exe is a multifaceted diagnostic tool that provides information about workstation or server applications that you've used Windows Installer technology to install. Addiag.exe also can tell you whether the current session is a Win2K Server Terminal Services (Terminal Services) session. You can instruct Addiag to return per-user or per-machine information. The tool also returns event-log entries related to Group Policy's software installation feature. Given the complexity of this Group Policy feature, Addiag is invaluable for helping you understand what's happening on a workstation that's subject to a software installation policy.
Figure 1 shows a command that generates a verbose log for a workstation that's in a Win2K domain and that uses Group Policy-based software installation. The command's /verbose:true option generates detailed output. The /user:false option generates machine-specific rather than user-specific information about the workstation. The /test option introduces a comma-delimited string of keywords that specify a set of tests. The Info test collects general information, such as the name of the workstation on which the command is running and the name and SID of the user who's logged on. The ServerApps test enumerates the applications that were installed using Group Policy. The ADHistory test queries the registry to determine the version number of the Group Policy Object (GPO) most recently applied to the machine. The MSILinks test queries the Windows Explorer shell to determine whether the installation distributed any shortcuts, and if so, which ones. The EventDump test dumps all software-related Application event-log entries, and the Check test determines whether an application that was installed on the local workstation contains all the GPO-defined components.
If you request a lot of data, and especially if you request the EventDump test and your event log contains many entries related to software installation, addiag.exe takes a while to run. I suggest that you send the command's output to a file to ensure that you don't miss anything.
You can also use Addiag to toggle several registry flags that control levels of debugging within the OS. For example, you can type
addiag /trace:MSIOn
to enable verbose logging to the msinnnn.log files. The Windows Installer application generates these log files in the \%temp% folder when Windows Installer installs an application. You can type
addiag /trace:AppMgmtOn
to turn on detailed software installation logging in the Application event log. For this command to work, you need to create a registry key called HKEY_ LOCAL_MACHINE\SOFTWARE\Microsoft\ Windows NT\CurrentVersion\Diagnostics on the machine on which you run the command.
2. Gpresult. The gpresult.exe tool is also related to Group Policy. A poor man's version of a Resultant Set of Policies (RSoP) tool, Gpresult tells you which Group Policy settings are in effect for the user who's logged on to the machine on which you carry out the command. Gpresult also tells you which GPO nodes of functionality (e.g., security, software installation, administrative templates) the computer executes. In its most verbose mode, gpresult.exe provides more information, such as which registry entries an administrative template policy modifies and which applications a software installation policy deploys.
To run the command, simply type
gpresult
at a command line. You can add the /v option to turn on verbose mode or the /s option to use super-verbose mode. By default, gpresult.exe displays GPO information per user and per computer. The /u option instructs the tool to return only per-user information; the /c option lists only per-computer information. Figure 2 shows some sample output from gpresult.exe. Be aware that when Gpresult enumerates the groups that the user who's running the command belongs to, the utility enumerates group membership in only the domain in which the command is running. Gpresult doesn't show membership in groups outside the local domain, even though they might also affect GPO processing.
3. Inuse. Inuse.exe solves a common software distributionrelated problem. Although you can update an application to a workstation while the user is logged on and running that application, the update can't replace files, such as DLL files, that are in use. Inuse takes advantage of a built-in OS feature that lets you replace in-use files after the next reboot.
Inuse.exe takes the form
inuse <newfile.dll> <oldfile.dll> /y
The /y option suppresses any confirmation prompting that inuse.exe provides. Although the file replacement doesn't occur until the next time the system is rebooted, Inuse registers the replacement operation in the registry's HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Control\SessionManager\PendingFile RenameOperations value. Inuse respects Windows File Protection (WFP) and doesn't replace a Microsoft-provided Win2K system file that WFP protects.
Previous
Register
