As a system administrator, you’ll use many different utilities to keep your workstations running at peak efficiency. In this video, you’ll learn about Device Manager, Performance Monitor, Services, and many other administrative tools.
<< Previous Video: Network Command Line Tools Next: Windows Firewall with Advanced Security >>
The Computer Management utility or it is sometimes referred to as the Microsoft Management Console is a single console that you can build to do whatever you need to do. It’s a blank slate, and you can add some predefined plugins to build out exactly the System Tools you need to do your job.
In this course, we use a number of different individual tools. So in the Computer Management screen, you can put all of those individual tools into one single utility. So you can have on one screen the Event Viewer, the view of the shared folders, Local Users and Groups, the Performance Monitor, or any other utilities that you’d like to have in one single view.
When you start the Microsoft Management Console, it’s a blank slate. So you want to go to the File pull-down menu and choose Add/Remove Snap-in. From this view, you can decide exactly which snap-ins you’d like to include on this management console. Let’s click Computer Management. And when I click Add, you’ll see that it gives me the option to choose Computer Management for this local computer or Computer Management for another computer that may be somewhere else on the network. In this case, let’s choose Local Computer.
I’m also going to add the Device Manager. Let’s choose Event Viewer. And we’ll do one more, the Event Viewer also asking which computer we’re going to look at. It’ll be this local computer. And lastly, let’s choose Services. We’ll click Add. And again the local computer is what we’ll choose. You can see the snap-ins are now listed in this window, and we’ll click OK.
Now, I have a customized view of the utilities that I’d like to manage for this particular system. And you can choose any of these from the menu. I’ll choose services, and it brings up my services view. If I choose Event Viewer, it brings up the Event Viewer for this computer. So by adding the right snap-ins, I can really create a single point to begin managing this particular system.
Now that I’ve created the perfect console for me, I can also save this console. I’m going to save this particular console directly to my desktop and save it with the default of Console1. Now, if I close that console and then double click on Console1, it will launch a new Microsoft Management Console with exactly the same settings I saved previously in that session. This makes it very easy for me to create either a single or multiple management consoles that would be customized for whatever task I need it.
By default, the operating system that’s running on your computer doesn’t have a way to directly communicate to the hardware that’s in your computer. In order to make this connection your operating system has device drivers that act as the intermediary between the operating system and the hardware. These device drivers are specific to the operating system, and they’re very specific to the hardware.
So if you’re running Windows 7, you need device drivers that have been created for Windows 7. And if you’re running Windows 10, you need device drivers that had been specifically written to run in Windows 10. If you ever run into problems with the hardware in your system, it’s very common for tech support to ask if you have the latest device drivers installed in your operating system. The place you would go to view these device drivers is the Device Manager.
You can start the Device Manager as a standalone utility, or you can use it as a snap-in in Computer Management. You can also start Device Manager from the command line by typing in devmgmt.msc. From the Device Manager, you have complete control of the hardware. Let’s look, for example, at the network adapters that are inside my computer.
There’s a single network adapter. And if I right mouse click, you’ve got the option to update the driver, disable the device, uninstall the device, scan the entire system for any hardware changes, or you can choose the properties of this individual device. Here, you can see a general overview. There are also advanced options that you can configure for this specific hardware device. And here’s the driver details that show you the driver is version 8.4.13.0. You can then change the device driver. You can update or delete the driver that’s on your system or manage any other aspect of how your operating system communicates with the hardware.
You’re probably familiar with the log in process that you use every time you start up Windows. You’re logging on with a specific user name to gain access to the operating system. And you would manage those users in a utility named Local Users and Groups. You’re probably seeing the Administrator Group before in Windows. This is the super user or the highest level user in the Windows operating system. You might have also seen Guest Users, although guest user logins generally have limited access if those are even enabled at all.
Most of the people logging into Windows are regular users. These are users that are running applications. They’re printing, and they’re using other aspects of the operating system.
Most users are members of one or more groups within the operating system. In Windows, a group is a logical collection of users. And these users often share a common set of rights and permissions. You can add users to a group to assign those rights and permissions or remove them from a group so that they don’t have those rights and permissions. This makes it very easy to manage the system. You can simply manage the group, instead of managing individual users that may be on your network.
If you’re part of a larger organization, then there are probably tens, hundreds, or even thousands of computers that need to be managed by your IT department. In Windows, this management is usually provided through a technology called Active Directory. And inside of Active Directory you can assign group policies that would affect many different computers at once.
At home, of course, you don’t have Active Directory. And there are no group policies that you can centrally manage. Instead, you’re managing all of those policies on a single computer. And you can do that by using the local security policy utility in Microsoft Windows. If you’re running the Home Edition of Windows, you won’t see this specific utility available. You’ll need to be running the Pro or Professional Edition, the Ultimate Edition, or the Enterprise Edition of Windows to be able to use the local security policy.
The local security policy is separated into different categories. For example, you have account policies, which handle the password and account lockout policies. You’ve got local policies for auditing user rights and security options. And there are even policy settings for the Windows Defender Firewall with Advanced Security.
If we choose Account Policies and choose Password Policies, we could make some configuration settings such as the maximum password age, the minimum password length, if we should store passwords using reversible encryption, and other settings as well. This allows you to make your system as secure as you would like with very granular controls over these very specific security policies.
If you’d like to collect metrics of how your system has been performing over a long period of time, then you want to use the performance monitor. You’ll find this in the administrative tools folder within the control panel. This allows you to provide long-term monitoring of metrics such as disk utilization, memory utilization, CPU details, and much more.
You can also tell Performance Monitor to look for particular values. And if you happen to exceed one of those values, you can assign automation or send alerts that a particular event has occurred. Once you gather all of these metrics, this information can be saved so that you can view it later and create detailed reports of exactly what occurred during that time frame.
Here’s our view of the Performance Monitor. You can see that it’s collecting statistics on the percentage of our processor time on the system. If we click the Plus sign, you’ll see that there are hundreds of different statistics you can measure. For example, just under Processor is caching information, interrupt information, user time, and so on.
If we scroll down to the System section, we can turn on other settings. For example, perhaps we’d like to monitor how much traffic is being used to read and write from disk. So we will choose two options. Let’s choose that we would like File Read Bytes/sec. Let’s add that. And let’s do File Write Bytes/sec and choose that as well. And when I click OK, those will be added into this list as well. And as I click through and start accessing information that is on disk, you’ll start to see some of those values will begin changing on the graph. And now, we’re monitoring those metrics as well.
Many of the applications in Windows are apps that we interact with directly. For example, we may be adding information into a spreadsheet or document. Or we may be using a browser to surf the internet. But there are a number of applications running Windows that don’t interact with us at all. We call these services. These services or things like file indexing, antivirus, and network browsing that all occur behind the scenes.
When you start your computer, these services are configured to start automatically with your operating system. But this also means that if you’re having problems during the startup process, it may be related to some of these services. You can manage these services from the command line using the net start or the net stop command. But another good way to manage these services in the Windows graphical interface is using the Services Utility. You can find that in your Control Panel under Administrative Tools, or you can type services.msc to launch the utility.
Here’s the Services Utility running on my computer. And it’s remarkable how many services are installed in Windows. We can see the service name on the left side, a description of the service, and then a status that will tell us whether this service is running or not. One service you may often need to manage is the Print Spooler service. So I’m going to type in pr to move down to the Print Spooler.
I’m going to right mouse click and choose the Properties option. From here, I can stop the service and started again. I can change how it logs on to the network. And I can change how it recovers if there’s a problem.
For example, after the first failure, I can restart the service. After the second failure, it’s set to restart the service. And then after any subsequent failures, it’s currently set to take no action. But I could choose to restart, to run a program, or to restart the entire computer.
There may be times when you need to have a particular application or a batch file, execute automatically at a particular time of the day. You can manage this process using the built-in Windows Task Scheduler. You can not only add your own task to the Task Scheduler, but you can also use predefined schedules that are built in already. This is one that allows you to organize the tasks as well, so you can find exactly what you’re looking for. And you can find all of this inside of the Task Scheduler, which is located in the Control Panel under Administrative Tools.
Here’s the Task Scheduler on my computer under the Task Scheduler Library and Microsoft and Windows. You can find many different categories of tasks. And if I scroll down on this main screen, you can see there are 83 tasks that are active and not expired. And you can see exactly what tasks are going to run at any particular time.
If you’d like to see more details about a task, you can click on it. For example, let’s choose the Defrag task. And you can see there is a general option that shows you how this task will run. It shows you the triggers that cause that task to run, the actions that will occur and any conditions. For example, your system won’t perform a Defrag automatically if the computer is on anything but AC power.
You can also add your own task to this list by using the Actions on the right side. If you want to create a task, simply click that option. And it will take you through all of those different configuration settings so you can make your task run exactly when you want it to.
The Microsoft Component Object Model is a common model for developers to build applications for the Windows platform. You often see this model used in the enterprise where application developers are creating object oriented applications for an organization. If you’re deploying these applications onto a Windows platform, you may need to use the Component Services app to be able to see how the application is configured in the operating system along with viewing Event Viewer and Services so that you get a total view of everything that’s happening with that application.
Inside of the Component Services utility, you can find the component services for individual computers that are on the network or for your local computer. Your local computer shows the COM+ applications, the DCOM configuration, running processes, and the distributed transaction coordinator. If there are any configurations that need to be made on a computer to be able to run these applications, you’ll make those changes inside of the Component Services utility.
Many Windows applications will read and write information to a database. In order to separate the application from the database engine that’s running, there is a technology in Windows called ODBC. This is the Open Database Connectivity. This allows the application developer to write an application without any concern of the type of database that may be running on the back end. This means the application developer can focus on the functionality of the application, and the end user can decide themselves what type of database they would like to use in their environment.
As an administrator, you’re able to configure this connection between the application and the database itself in the Administrative Tools under ODBC Data Sources. This is the ODBC Data Source Administrator on my Windows 10 desktop. If we click the Drivers tab, we can see all of the different data sources that are available to applications that would run inside of Windows. For example, an application can communicate to an Access database, to an Excel spreadsheet, to a Microsoft ODBC driver for Oracle, or to Microsoft’s own SQL Server. If there’s a database that you need to have added into your Windows configuration for an application to be able to access it, you’ll make all of those changes inside of this ODBC administrator.
If you’re a system administrator, then you’re also a printer administrator. And you can manage all the printers on your network in the Control Panel Administrative Tools under Print Management. This allows you to view all of the printers that might be running on your network. You can share printers all from one central console. And if you need to add or remove any printer drivers, you can do that from the Print Management utility.
From inside the Print Management utility, you can view any of the printers that you have on your system. There are filters available that would show you all printers and all drivers. And, of course, you can look at details of any individual print server that may be running on your network. From here, we can install drivers, so that anyone would be able to access that printer from the operating systems that they’re using. We could change any forms or ports that may be configured. And, of course, we can manage individual capabilities of that printers as well, all from the Print Management utility.
The memory modules that are installed in our computer are critical resources. And if we run into a problem with any of those modules, we’re going to have a problem with anything that’s running on our computer. Fortunately, Windows includes a Memory Diagnostics utility that we could launch from inside of Windows to be able to run when a system is restarted. This will run multiple passes of checks through an individual memory module. So if you’re trying to find a bad chip or a bad memory module, you may be able to find it using this Memory Diagnostics utility. You’ll find the memory diagnostics under the Control Panel in the Administrative Tools.
If you start the Memory Diagnostics utility, it will tell you that you can check your computer for memory problems. Would you like to restart now and check for problems? Or check for problems the next time you start your computer? In our case, we’ll choose Restart Now and have the system begin the Memory Diagnostics utility.
When your system restarts, the Memory Diagnostics tool will start automatically and begin its check of all the memory inside of your computer. This will take some time as it performs a number of passes to identify any issues. And if it does find a problem, it will show you that information inside of this utility.
There are a lot of events occurring in Windows. And many of them are occurring without you even knowing it’s happening. You can view of this event detail inside of the Windows Event Viewer. This will break out the events into different categories, such as Application, Security, Setup, and System. And it breaks each individual event into a different priority. For example, some events can be categorized as Information, Warning, Error, Critical, Successful Audit, and Failure Audit.
Here’s the Windows Event Viewer. You can see a summary of the events that are inside of my computer. There’s been one critical event in the last seven days. The Error Event showing in the last hour, 2 of those, 52 in the last 24 hours, and 130 in the last 7 days. If you wanted to drill down into the individual events, let’s choose the Windows Logs, and I’m going to choose the System Logs.
And from here, you can see the level of the message, the date and time, and the source. Let’s choose the Error Log at the top. And we can view the details that tell us that the application-specific permission settings do not grant Local Launch permission for the COM server application with the CLSID Windows Security Center Security app broker and app ID. By looking through the Event Viewer, you can get detailed information about any of these messages that come through. And if you’re troubleshooting a problem with an application or the operating system, you may be able to find the root cause of the issue inside of this Event Viewer.