Systems Management Tools

SOFTWARE/SYSTEMS MANAGEMENT

In broad terms, the objective of systems management is to protect the
integrity of business applications and the security of business information by
automating, regulating, and enhancing systems functions. Such functions include
user administration; system, security, performance, and event monitoring and
management; backup and archiving; licensing and quota management; scheduling;
report distribution; diagnostics; and accounting and chargeback.

As Windows NT’s role as a network operating system grows, so does the need
for systems management tools. This month’s Lab Reports review a cross-section of
NT Server 4.0 systems management packages from both Microsoft and third-party
vendors. (For quick summaries of other systems management products in the
market, see the sidebar, “Systems Management Sampler,” page 66.)

NT Server is a full-featured network operating system that comes with most
of the basic tools and utilities you need to build, manage, and maintain a
network, so we’ll start by summarizing the utilities available in NT Server
4.0’s default setup. However, these tools are only the tip of NT’s systems
management iceberg. A continuously growing number of third-party vendors
are adding to the systems management tools available for NT, and these products
span the spectrum from very large enterprise-level packages (for networks with
500 or more users) to individual department-level tools (for networks with fewer
than 500 users). The reviews starting on page 68 will explain what happened when
we tested some of these products, and assess their key capabilities.

Windows NT Server’s Built-in Utilities
In NT 4.0 Server, when you click Start and go to Programs, Administrative
Tools (Common), you see a list of built-in systems management utilities. These
utilities give you a foundation for managing your network, so familiarizing
yourself with them is worth the effort.

Microsoft provides excellent online Help and operation information for each
of these utilities. Read the introductory text and instructions from the Help
files to find out about the full range of each tool’s administrative
capabilities.

Backup

NT’s Backup utility lets you back up your local and network NTFS and FAT
volumes to a tape drive. Backup boasts some impressive features: selection of
objects by volume, directory, or individual filename; spanning of backup media;
verification; compression; catalog storage; log files; full, incremental,
differential, and daily backup types; and local Registry backup.

Backup performs reliable backups, but it lacks a few important features,
such as scheduling. The only way to use this utility to perform unattended
scheduled backups is to use NT’s Schedule service. Fortunately, Backup’s Help
file details the necessary procedures.

Disk Administrator
Disk Administrator helps you manage disk partitions, stripe sets, and volume
sets. The utility provides a variety of disk management functions. For example,
you can modify primary and extended partitions, dynamically assign drive
letters, create volume sets and stripe sets, establish mirrored sets or disk
duplexing, format volumes with FAT or NTFS, and restore damaged or disabled disk
configurations.

You can perform most functions without rebooting to access new
modifications or drive assignments. Use this tool with caution–one wrong move
and you can delete a data drive or change drive assignments. Fortunately, the
application prevents you from damaging the system and boot partitions and asks
you before committing changes. For more information about Disk Administrator,
see Michael D. Reilly, “Windows NT Disk Administrator,” November 1996.

Event Viewer
Event Viewer is NT’s log file monitoring utility. Through Event Viewer, you
can examine the contents of the three main NT log files: System Log, Security
Log, and Application Log. System Log records events and alerts for internal
processes, services, and drivers. Security Log records security audit events,
such as logons, access to user rights, object access, user/group management, and
system shutdowns or restarts. Application Log records application-related
alerts and system messages, including those of some system components (e.g., the
Replication service writes to this file).

Each log file contains five types of events: successful operation of
services and drivers, warnings, errors, success audits, and failure audits. Each
logged event includes descriptive information, such as time and date, username,
computer name, source, type and category designations, a description of the
event, and often, data associated with the event. You can remotely view event
logs from other NT Server and NT Workstation computers on your network. You can
export a log file to a proprietary .evt format for future Event Viewer use, or
you can convert the log file to plain or comma-delimited text for database
import.

Event Viewer is indispensable for identifying problems with typical server
operation, when you’re connecting devices, and when you’re monitoring user
activities. This application and the data it collects can often help you
short-circuit problems.

License Manager

License Manager is a tool for monitoring the legal use of software
throughout an enterprise-level NT network. It enforces strict compliance with
software license restrictions. However, License Manager administers only the
software licenses you configure it to monitor. By using a built-in replication
process (distinct from the server Replication service), License Manager
propagates all legal use restrictions to each server on the network.

License Manager can operate on a per seat (client) or per server basis for
each product; it can also monitor and log usage statistics for each user. This
excellent tool lets you provide users with access to the applications they need,
while excluding users who don’t require access to specific applications. Such
need-based allocation can reduce the number of user licenses you must purchase.

Migration Tool for NetWare
Microsoft included Migration Tool for NetWare for administrators moving from
NetWare to an exclusively NT network. In theory, this tool copies NetWare
information and data (e.g., user accounts, groups, and data files) onto an NT
server. However, systems administrators report mixed success from using this
tool. Differences between NetWare and NT make “automagic” migration
difficult to implement. User passwords do not migrate, duplicate name and group
error handling is poor, and translation of file and user rights to permissions
is questionable. One good side of this tool is its detailed log file of every
action that occurs on both sides of the migration process; this log can help you
fix problems, correct improper configurations, or replace missing data after the
migration is complete.

To test this tool, you need to configure the target NT Server computer and
install NTFS, NWLink, and Gateway (and Client) Services for NetWare. For NetWare
3.x versions, you must also run BINDFIX on the NetWare server to prepare the
bindery; for NetWare 4.x versions, you must understand the Novell Directory
Services (NDS) layout and structure so that you can re-create it in the domain
environment on NT Server.

Network Client Administrator
Microsoft designed Network Client Administrator to simplify connecting a
non-networked OS to an NT-based network. This utility provides a few other
functions, such as copying the client-based administration tools and examining a
client’s Remoteboot configuration.

Unfortunately, Network Client Administrator frequently fails to do its job.
The utility supports only DOS clients, cannot fine-tune NIC settings, and lacks
NIC support. You can perform the same operations as Network Client
Administrator–yet gain more control–by making Microsoft Network Client 3
installation diskettes via the NT 4.0 Server CD-ROM. Simply copy the contents of
\clients\msclient\disk1 and \disk2 onto two formatted floppies. Then run
the first floppy’s SETUP utility on a DOS computer.

Performance Monitor

Performance Monitor is a graphical tool for monitoring and measuring the
performance and activity of your network and the computers on your network.
Through this utility, you can view hundreds of specific metrics
(counters) that let you measure various system activities. The metrics for each
system object (processor, memory, disk, cache, thread, network connection,
Remote Access Service–RAS–client, etc.) include use levels, queue lengths,
delay times, and throughput. Furthermore, Performance Monitor lets you customize
charting, altering, reporting, and logging of all metrics for one or more
computers simultaneously. With Performance Monitor, you can identify network
bottlenecks, storage devices operating near capacity, systems with insufficient
RAM, noisy network connections, and overall levels of bandwidth usage. For more
information about Performance Monitor, see Michael D. Reilly, “The Windows
NT Performance Monitor,” March 1997, and Michael D. Reilly, “More
Windows NT Performance Monitor,” April 1997.

Server Manager

Server Manager is the primary tool for administering NT domains and
computers. Managing a domain can involve activities such as promoting a Backup
Domain Controller (BDC) to a Primary Domain Controller (PDC), synchronizing
domain servers with the PDC, and adding computers to or removing computers from
a domain. Managing a computer addresses other issues, such as viewing connected
users and in-use shares and resources, configuring administrative alerts,
managing services and shares, and sending pop-up messages to connected users.
Server Manager also provides the Replication service controls.

System Policy Editor

System Policy Editor is a utility you can use to create, edit, and manage
individual user, computer-specific, and systemwide policies. (A policy
is a method to control, restrict, and configure user desktop settings, profiles,
and system configurations.) System Policy Editor creates a file that overrules
the local Registry with new settings, so be cautious when you use it. For
example, instead of editing default user and computer policies, create policies
for specific users, computers, or groups that you want to impose policies on. An
overly restrictive default policy can prohibit everyone, including
Administrators, from doing anything on a particular computer, including counter-acting that policy. For more information about System Policy Editor, see Robert
Slifka, “How to Edit NT 4.0 System Policies,” February 1997, and Sean
K. Daily, “Further Explorations of the NT System Policy Editor,” April
1997.

User Manager for Domains
User Manager for Domains is a management tool for user- and group-based NT
security. With this utility, you can create, modify, and manage users and
groups. You can configure options (such as group membership, profile settings,
home directory assignment, logon script pointers, access scheduling, workstation
privileges, and RAS restrictions) for each user, or create a template for
categories of users on your system.

You can also control system policies regarding accounts, user rights, and
audits. The account system policy sets parameters for user passwords and account
lockouts for failed logon attempts. The user rights system policy sets rights
for each group or user, such as accessing computers over the network, changing
the system time and device driver controls, adding new software, and even
shutting down the system. The audit system policy controls which system events
will be logged.

Windows NT Diagnostics

Windows NT Diagnostics provides general information about settings and
conditions for your local hardware and operating system, and for other NT
computers on a network. The tabbed dialog box can supply pages of information
about the network operating system (NOS) version, motherboard and BIOS, video,
storage media, memory and page files, services, device settings (IRQ, I/O, DMA,
etc.), environmental variables, and network status. You can print the data
displayed through this utility or save it to a file.

This tool does not diagnose problems, but if you plan to change your NT
environment (e.g., add new hardware), you can get a reasonably complete
description of your system. Windows NT Diagnostics can help you identify
available IRQs, direct memory access (DMA) settings, and other tidbits that you
need to know about when you install new components. This utility provides a
snapshot of your system’s configuration; making a copy of this information can
be invaluable when you must recover from a failed or flawed installation of a
new component. From this utility’s File menu, you can also jump directly to the
Find File utility (a simpler method than Start, Find, Files or Folders) or
launch other administrative tools (such as Event Viewer, a Registry editor, Task
Manager, Control Panel, and Notepad).