An Inexpensive Way to Automate Your NT Maintenance Tasks

To keep your Windows NT 4.0 network operating smoothly, you need to regularly perform maintenance tasks, such as checking for dirty volumes and defragmenting your drives, paging file, and Registry hives. Another important task is to periodically update your Emergency Repair Disk (ERD) in case your NT system goes awry. Although you can purchase utilities that perform these tasks, the cost can be high, especially if your network has many workstations.

You have an alternative, however. You can save money by creating a maintenance program. You just need to create several simple batch files that automatically prompt several utilities to execute. Because these utilities are either freeware or part of a typical NT 4.0 network, you'll incur few costs.

The Utilities
The batch files prompt three maintenance utilities (Contig, PageDefrag, and Chkntfs) and one backup utility (Rdisk) to regularly execute on your NT workstations. Contig defragments files and makes them contiguous. PageDefrag defragments paging files and Registry hives. Chkntfs displays the status of the volume dirty bit for drives and lets you schedule NT's Chkdsk utility to run at reboot. Rdisk copies the HKEY_LOCAL_MACHINE SAM and HKEY_LOCAL_MACHINE SECURITY database files for all users and groups into the repair directory so that you can copy them to the ERD.

Table 1 shows you where you can find these maintenance and backup utilities. The table also details the support tools you need to create your maintenance program. You use the support tools to modify the NT Registry and the NT Schedule service (also known as the At service) so that you can schedule the maintenance program to run during off-hours. The support tools are typically part of an NT 4.0 network, with one exception: the Multi-Remote Registry Change shareware utility.

Table 1 also shows you where to copy the utilities on your NT system. Because you need to copy three of the utilities on all your users' workstations, you might want to use the logon.bat script you see in Listing 1, page 10, if you have many workstations. You can download this script from the Win32 Scripting Journal Web site. After you replace LogonServer with your logon server's name, put logon.bat on your domain controller's Netlogon share. You then modify the regular NT logon script to call for this batch file when users log on to the network, prompting NT to install the utilities on their workstations. After you copy the utilities to every workstation in your network, you need to remove this script from the Netlogon share. Otherwise, NT will overwrite the utilities every time users log on.

The Scripts
An NT administrator with little scripting experience can create the batch files that run the maintenance, backup, and support utilities. The maintenance program uses the following four scripts.

Ntmaintenance.bat. This script, which is the main component of the maintenance program, prompts the execution of the maintenance and backup utilities. To create this script, simply download and modify the file from the Win32 Scripting Journal Web site. You run ntmaintenance.bat from a shared directory on the network.

Stopat.bat. This script stops the Schedule service so that you can modify it. To create this script, use the Net View command to get a list of active computers on your network and Microsoft Excel (or another spreadsheet program) to add commands to the script. You run this script from an administrator's machine.

At.ini. This script controls the startup account and password for the Schedule service on all workstations. To create this script, copy and modify an initialization (.ini) file from the Rservice utility.

Scheduler.bat. This batch file schedules ntmaintenance.bat to run. To create this script, modify the stopat.bat file.

You create and use these scripts at various points in the maintenance program. Developing the maintenance program involves stopping, modifying, and restarting the Schedule service and preparing for, creating, and scheduling the ntmaintenance.bat script.

You can stop, modify, and restart the Schedule service in several ways. I demonstrate three approaches: using the Net View command combined with Excel to stop the service, using Multi-Remote Registry Change to modify the service, and using Rservice to restart the service.

Stopping the Schedule Service
You first need to create the stopat.bat script, which stops the Schedule service. You begin by running the command

net view > stopat.bat

to obtain a list of your active network computers. This command outputs the list to the stopat.bat file. The output file has a .bat suffix because, for novice scriptwriters, creating and using a batch file to stop a service is quicker and less risky than creating and using an Rservice utility .ini file.

After you have the stopat.bat output, open the file in Excel and import it as a Fixed width file type. Delete any rows preceding the first computer name and the last row that states the command completed successfully. Delete the Remark column and any empty columns, so that only the column containing the server and workstation names remains. In front of this column, insert a column and type netsvc schedule in its first cell (i.e., cell A1). Use Excel's automatic fill function to fill the rest of the cells in column A. In cell C1, type /Stop and use the automatic fill function to fill the rest of the cells in column C. Screen 1 shows what the spreadsheet looks like.

If you don't want to include certain machines in your scheduled maintenance program, you can remove them from the spreadsheet. For example, you might not want to include file servers, because a server fault can affect the entire company. After you remove the machines, save the spreadsheet as type Text (Tab delimited) (*.txt) but leave the same name and extension as the original batch file (i.e., stopat.bat). Use a text editor to check the results.

You now have the stopat.bat script. On a machine in which you are logged on as an administrator, open the command prompt and run the script.

Although this approach to stopping the Schedule service is easy to implement, it has one drawback: You need to repeat this process every time you introduce a machine to your domain. If you add machines often, you might consider automating this process with a script or creating an Rservice .ini file instead of using a batch file. (If you want to use a scripting solution, see Devin Singleton, "Enumerating NT Users, Computers, Domains, and Groups," January 1999. This article shows you how to use Active Directory Service Interfaces—ADSI—to enumerate computers on an NT 4.0 network.)

Modifying and Restarting the Schedule Service
The next step is to modify the Schedule service. Specifically, you need to change the Schedule service startup mode from manual to automatic, change the permissions from a user account to an administrator account, and change the account password. For the Registry changes, you use Multi-Remote Registry Change. For the account service management changes, you use Rservice.

To change the startup mode and the permission in the Registry, I recommend that you use Multi-Remote Registry Change instead of the Microsoft Windows NT Server 4.0 Resource Kit's reg.exe or Rservice. Unlike reg.exe, Multi-Remote Registry Change lets you access and manipulate most Registry keys, including remote hives. This multithreaded utility also lets you define machine groups. Using Multi-Remote Registry Change is also easier than using Rservice because the Multi-Remote Registry Change's log file is easy to understand and its GUI is easy to use, as Screen 2 shows.

After you create your machine groups in Multi-Remote Registry Change, you can change the startup mode and permission keys. (The utility's Help file contains instructions for creating machine groups.) Under the Single Key tab, access the Start value in the HKEY_LOCAL_MACHINE SYSTEMCurrentControlSetServices Schedule Registry key. As Screen 2 shows, change this value to 2 (automatic). In the same Registry key, access the ObjectName value and change it to an account with administrator rights.

You use the Rservice utility to change the Schedule service password. Copy the pcmx86.ini file that comes with the Rservice binary to a new file, at.ini, so that you have the pcmx86.ini file intact in case of problems. The at.ini file will look similar to that in Listing 2. Notice that two entries don't contain any data. The startup parameters entry is empty because the Schedule service doesn't use startup parameters. The other files entry is empty because you don't need any other files.

Before you use the at.ini file, you need to modify several entries:

You don't need to modify the following entries: service name, executable, installation directory, source directory, access permissions, automatic start, and registry settings.

You now need to update the username and password that the At command will use. Open a command prompt from the directory containing Rservice and at.ini, and type

rservice /change at.ini /c

This command changes the Schedule service parameters on all the workstations that you specify in the at.ini file. The /c switch causes the command to prompt you for a password. Type the password that the administrator account running the At command is using. After the command executes, you need to restart the Schedule service on all the machines by staying in the same command prompt and typing

rservice /start at.ini

This command restarts the Schedule service on all the workstations.

Preparing for and Creating the Ntmaintenance.bat Script
So far, you've modified all the workstations so that the Schedule service is running. You're now ready to create the ntmaintenance.bat script that runs the relevant commands. After you've created this script, you can schedule it to run on each workstation at a regular interval. Follow these four steps:

The ntmaintenance.bat script begins by using the Net Send command to display the message In maintenance, please do not disturb. The script then runs Contig on the appropriate drives. The -s switch performs a recursive processing of subdirectories when you specify a filename with wildcards. For example, to defragment all DLLs under C:winnt, you enter "contig -s c:winnt*.dll". The -q switch makes Contig run in the quiet mode, where the only data it prints during a defrag run is the summary information. The script redirects the summary information to a text file for future reference. The text file places the data on the workstation's hard disk, but you can just as easily write the data to the central share if you prefer.

After running Contig, the script executes the Rdisk utility. The /s- switch tells the utility to copy the repair information without displaying the initial Create Repair Disk? dialog box and to automatically quit when finished. (For more information about this switch, see the Microsoft article "RDISK /S and RDISK /S- Options in Windows NT," http://support.microsoft.com/ support/kb/articles/q122/8/57.asp.) The Xcopy command copies the repair information to the \ServerNameNetERD$ shared directory you created in step 1. I prefer copying the information to two servers for redundancy. If you're copying more than one file and the destination doesn't exist, the /i switch assumes that destination must be a directory.

Next, the script runs the Chkntfs utility. The /c switch tells the utility to schedule Chkdsk to run on the appropriate drives at the next reboot if the volume dirty bit is on.

Finally, the script runs the Shutdown utility to shut down and reboot the local machine. The five switches tell the utility exactly what it needs to do. The /l switch specifies to shut down the local machine. The /c switch forces all the applications in that machine to shut down. The /r switch tells the utility to reboot after shutdown. The /y switch answers yes to all prompted questions. The /t: switch sets the timer for system shutdown in 60 seconds and gives users a notification message specifying that the shutdown is for maintenance.

Scheduling the Script
After you've finished creating the ntmaintenance.bat script, you need to schedule it to run, preferably during off-hours. You can modify stopat.bat to create the scheduler.bat script in Listing 4. Scheduler.bat runs the ntmaintenance.bat script every Sunday at 12:01 a.m. In this batch file, you're using the At command's /interactive switch (which lets the command work with the desktop) and /every switch (which tells the command to run on that specified day).

The Results
I have successfully implemented this maintenance program where I work. NT users and management are happy. Users are happy because drive problems are rare. Management is happy because the company didn't have to spend thousands of dollars buying various one-task software programs.