Systems Management Tools
Systems management encompasses a huge variety of tasks. Third-party packages solve individual systems-management problems or cover a range, but NT comes with some useful tools to get you started.
SOFTWARE/SYSTEMS MANAGEMENT
In broad terms, the objective of systems management is to protect theintegrity of business applications and the security of business information byautomating, regulating, and enhancing systems functions. Such functions includeuser administration; system, security, performance, and event monitoring andmanagement; backup and archiving; licensing and quota management; scheduling;report distribution; diagnostics; and accounting and chargeback.
As Windows NT's role as a network operating system grows, so does the needfor systems management tools. This month's Lab Reports review a cross-section ofNT Server 4.0 systems management packages from both Microsoft and third-partyvendors. (For quick summaries of other systems management products in themarket, see the sidebar, "Systems Management Sampler," page 66.)
NT Server is a full-featured network operating system that comes with mostof the basic tools and utilities you need to build, manage, and maintain anetwork, so we'll start by summarizing the utilities available in NT Server4.0's default setup. However, these tools are only the tip of NT's systemsmanagement iceberg. A continuously growing number of third-party vendorsare adding to the systems management tools available for NT, and these productsspan the spectrum from very large enterprise-level packages (for networks with500 or more users) to individual department-level tools (for networks with fewerthan 500 users). The reviews starting on page 68 will explain what happened whenwe tested some of these products, and assess their key capabilities.
Windows NT Server's Built-in Utilities
In NT 4.0 Server, when you click Start and go to Programs, AdministrativeTools (Common), you see a list of built-in systems management utilities. Theseutilities give you a foundation for managing your network, so familiarizingyourself with them is worth the effort.
Microsoft provides excellent online Help and operation information for eachof these utilities. Read the introductory text and instructions from the Helpfiles to find out about the full range of each tool's administrativecapabilities.
Backup
NT's Backup utility lets you back up your local and network NTFS and FATvolumes to a tape drive. Backup boasts some impressive features: selection ofobjects by volume, directory, or individual filename; spanning of backup media;verification; compression; catalog storage; log files; full, incremental,differential, and daily backup types; and local Registry backup.
Backup performs reliable backups, but it lacks a few important features,such as scheduling. The only way to use this utility to perform unattendedscheduled backups is to use NT's Schedule service. Fortunately, Backup's Helpfile details the necessary procedures.
Disk Administrator
Disk Administrator helps you manage disk partitions, stripe sets, and volumesets. The utility provides a variety of disk management functions. For example,you can modify primary and extended partitions, dynamically assign driveletters, create volume sets and stripe sets, establish mirrored sets or diskduplexing, format volumes with FAT or NTFS, and restore damaged or disabled diskconfigurations.
You can perform most functions without rebooting to access newmodifications or drive assignments. Use this tool with caution--one wrong moveand you can delete a data drive or change drive assignments. Fortunately, theapplication prevents you from damaging the system and boot partitions and asksyou before committing changes. For more information about Disk Administrator,see Michael D. Reilly, "Windows NT Disk Administrator," November 1996.
Event Viewer
Event Viewer is NT's log file monitoring utility. Through Event Viewer, youcan examine the contents of the three main NT log files: System Log, SecurityLog, and Application Log. System Log records events and alerts for internalprocesses, services, and drivers. Security Log records security audit events,such as logons, access to user rights, object access, user/group management, andsystem shutdowns or restarts. Application Log records application-relatedalerts and system messages, including those of some system components (e.g., theReplication service writes to this file).
Each log file contains five types of events: successful operation ofservices and drivers, warnings, errors, success audits, and failure audits. Eachlogged event includes descriptive information, such as time and date, username,computer name, source, type and category designations, a description of theevent, and often, data associated with the event. You can remotely view eventlogs from other NT Server and NT Workstation computers on your network. You canexport a log file to a proprietary .evt format for future Event Viewer use, oryou can convert the log file to plain or comma-delimited text for databaseimport.
Event Viewer is indispensable for identifying problems with typical serveroperation, when you're connecting devices, and when you're monitoring useractivities. This application and the data it collects can often help youshort-circuit problems.
License Manager
License Manager is a tool for monitoring the legal use of softwarethroughout an enterprise-level NT network. It enforces strict compliance withsoftware license restrictions. However, License Manager administers only thesoftware licenses you configure it to monitor. By using a built-in replicationprocess (distinct from the server Replication service), License Managerpropagates all legal use restrictions to each server on the network.
License Manager can operate on a per seat (client) or per server basis foreach product; it can also monitor and log usage statistics for each user. Thisexcellent tool lets you provide users with access to the applications they need,while excluding users who don't require access to specific applications. Suchneed-based allocation can reduce the number of user licenses you must purchase.
Migration Tool for NetWare
Microsoft included Migration Tool for NetWare for administrators moving fromNetWare to an exclusively NT network. In theory, this tool copies NetWareinformation and data (e.g., user accounts, groups, and data files) onto an NTserver. However, systems administrators report mixed success from using thistool. Differences between NetWare and NT make "automagic" migrationdifficult to implement. User passwords do not migrate, duplicate name and grouperror handling is poor, and translation of file and user rights to permissionsis questionable. One good side of this tool is its detailed log file of everyaction that occurs on both sides of the migration process; this log can help youfix problems, correct improper configurations, or replace missing data after themigration is complete.
To test this tool, you need to configure the target NT Server computer andinstall NTFS, NWLink, and Gateway (and Client) Services for NetWare. For NetWare3.x versions, you must also run BINDFIX on the NetWare server to prepare thebindery; for NetWare 4.x versions, you must understand the Novell DirectoryServices (NDS) layout and structure so that you can re-create it in the domainenvironment on NT Server.
Network Client Administrator
Microsoft designed Network Client Administrator to simplify connecting anon-networked OS to an NT-based network. This utility provides a few otherfunctions, such as copying the client-based administration tools and examining aclient's Remoteboot configuration.
Unfortunately, Network Client Administrator frequently fails to do its job.The utility supports only DOS clients, cannot fine-tune NIC settings, and lacksNIC support. You can perform the same operations as Network ClientAdministrator--yet gain more control--by making Microsoft Network Client 3installation diskettes via the NT 4.0 Server CD-ROM. Simply copy the contents ofclientsmsclientdisk1 and disk2 onto two formatted floppies. Then runthe first floppy's SETUP utility on a DOS computer.
Performance Monitor
Performance Monitor is a graphical tool for monitoring and measuring theperformance and activity of your network and the computers on your network.Through this utility, you can view hundreds of specific metrics(counters) that let you measure various system activities. The metrics for eachsystem object (processor, memory, disk, cache, thread, network connection,Remote Access Service--RAS--client, etc.) include use levels, queue lengths,delay times, and throughput. Furthermore, Performance Monitor lets you customizecharting, altering, reporting, and logging of all metrics for one or morecomputers simultaneously. With Performance Monitor, you can identify networkbottlenecks, storage devices operating near capacity, systems with insufficientRAM, noisy network connections, and overall levels of bandwidth usage. For moreinformation about Performance Monitor, see Michael D. Reilly, "The WindowsNT Performance Monitor," March 1997, and Michael D. Reilly, "MoreWindows NT Performance Monitor," April 1997.
Server Manager
Server Manager is the primary tool for administering NT domains andcomputers. Managing a domain can involve activities such as promoting a BackupDomain Controller (BDC) to a Primary Domain Controller (PDC), synchronizingdomain servers with the PDC, and adding computers to or removing computers froma domain. Managing a computer addresses other issues, such as viewing connectedusers and in-use shares and resources, configuring administrative alerts,managing services and shares, and sending pop-up messages to connected users.Server Manager also provides the Replication service controls.
System Policy Editor
System Policy Editor is a utility you can use to create, edit, and manageindividual user, computer-specific, and systemwide policies. (A policyis a method to control, restrict, and configure user desktop settings, profiles,and system configurations.) System Policy Editor creates a file that overrulesthe local Registry with new settings, so be cautious when you use it. Forexample, instead of editing default user and computer policies, create policiesfor specific users, computers, or groups that you want to impose policies on. Anoverly restrictive default policy can prohibit everyone, includingAdministrators, from doing anything on a particular computer, including counter-acting that policy. For more information about System Policy Editor, see RobertSlifka, "How to Edit NT 4.0 System Policies," February 1997, and SeanK. Daily, "Further Explorations of the NT System Policy Editor," April1997.
User Manager for Domains
User Manager for Domains is a management tool for user- and group-based NTsecurity. With this utility, you can create, modify, and manage users andgroups. You can configure options (such as group membership, profile settings,home directory assignment, logon script pointers, access scheduling, workstationprivileges, and RAS restrictions) for each user, or create a template forcategories of users on your system.
You can also control system policies regarding accounts, user rights, andaudits. The account system policy sets parameters for user passwords and accountlockouts for failed logon attempts. The user rights system policy sets rightsfor each group or user, such as accessing computers over the network, changingthe system time and device driver controls, adding new software, and evenshutting down the system. The audit system policy controls which system eventswill be logged.
Windows NT Diagnostics
Windows NT Diagnostics provides general information about settings andconditions for your local hardware and operating system, and for other NTcomputers on a network. The tabbed dialog box can supply pages of informationabout the network operating system (NOS) version, motherboard and BIOS, video,storage media, memory and page files, services, device settings (IRQ, I/O, DMA,etc.), environmental variables, and network status. You can print the datadisplayed through this utility or save it to a file.
This tool does not diagnose problems, but if you plan to change your NTenvironment (e.g., add new hardware), you can get a reasonably completedescription of your system. Windows NT Diagnostics can help you identifyavailable IRQs, direct memory access (DMA) settings, and other tidbits that youneed to know about when you install new components. This utility provides asnapshot of your system's configuration; making a copy of this information canbe invaluable when you must recover from a failed or flawed installation of anew component. From this utility's File menu, you can also jump directly to theFind File utility (a simpler method than Start, Find, Files or Folders) orlaunch other administrative tools (such as Event Viewer, a Registry editor, TaskManager, Control Panel, and Notepad).
About the Authors
You May Also Like