Microsoft has included a number of tools with each iteration of windows to simplify system administration. While some tools have very specific purposes and won’t be used that often, that are some that will be used on a daily basis.

Microsoft Management Console

This is the console root framework used for all administrative tools in windows.

created to be a frontend interface framework to control and run administrative tools.

All administrative tools follow this layout

Mainly used by system administrators, and as a barebones framework

MMC is customizable due to the feature of adding/deleting snap-ins of whatever admin tools you want in the interface

start by pressing Windows+R to open Run, then type in mmc

⁠

Computer Management

computer management is a “done-for-you” variation of MMC.

Pre-Built Admin Tools MMC variation, a good starting point

It comes already pre-equipped with some snap-ins for what Microsoft thinks are good snap-ins for an administrative console

It’s under Administrative Tools in Control Panel

⁠

Device Manager

drivers are extremely hardware specific+ OS specific software that teaches the OS how to properly communicate with whatever device you’re plugging into your computer.

Device Manager allows you to view + change hardware devices on the OS

Allows administrators to load and update third-party drivers

Drivers Can be found on the device manufacturer’s website

Usually the first place you check when a piece of hardware device does not function after installation

There are different colored icons that all have different meanings:

⁠

This icon means the device is a problem state and a problem code is displayed, the PC is having trouble communicating with the device.

⁠

This icon represents a disabled device which is a device that is physically present, consuming resources, but is not enabled.

⁠

This icon represents a disabled device.

variant of MMC

⁠

Local Users and Groups

variant of MMC that allows for granular control over local user accounts and groups for windows OS

Users section

allows for the viewing, creation, and modification of individual users.

You can also access disabled users

Groups Section

allows the viewing, creation, and modification of groups

Different from the User Accounts Control Panel applet, in the sense that the control panel applet only allows you to control the admin group. But from the Local users & Groups MMC extension, you can view permissions from all the groups.

⁠

Local Security Policy

variant of MMC that allows you set the default security settings for the entire system.

Can be used in Active Directory to manage entire company networks by using local security policy along side group policies to distribute the policies company-wide

Standalone computers using local security policy aren’t managed through Active Directory. In that case, you just use the regular local security policy MMC by its self.

Can control security policies such as:

Enforce Password History

Max Password Age

Min Password Age

Password Complexity Requirements

Account Lockout Duration

Image

⁠

Performance Monitor

visual interface that collects counter information and then converts that information to a console or event log.

variant of MMC

Can be used a general troubleshooting tool or security-troubleshooting tool. For instance, you can see where the resources are being used and where the activity is coming from.

Has much more detailed information than the performance tab in task manager

⁠

Services

A variant of MMC that acts an administrative tool that allows you to interact with the services running on the computer.

Services are low-level programs that run in the background

The status of the services will typically be started or stopped, but you can also right click and make the service start, pause, resume, or restart.

If you right click a service and click properties from the menu, you can choose the startup type.

⁠

System Configuration

a system utility designed to troubleshoot the windows startup process, msconfig.

It can disable/enable software, device drivers, or windows services that run at startup

There are 5 tabs in the System Configuration tool used to troubleshoot the startup process:

General

The general tab allows you to choose how you want the computer to startup.

⁠

Boot

This tab is used to choose safe boot (safe mode) and turn on the information so that you can see all drivers as they load — quite useful when you’re trying to figure out why the system keeps getting hanged up at Bootup.

⁠

Services

At this tab, you can view the services installed on the system and their current status (running or stopped

You can also enable or disable services

⁠

Startup

This tab allows you to turn on or off items that runs at startup.

This tab will redirect you to the startup section of Task Manager

⁠

Tools

At this tab, you can launch a number of administrative tools to configure various windows features to help make the startup process even more smooth

⁠

Task Scheduler

allows you to configure an application to run automatically or at any regular interval.

a variant of MMC

Terms used to describe the options for configuring tasks

Action

what the task actually does

Condition

an optional requirement that must be met before the task runs

Setting

any property that affects the behavior of the task

Trigger

the required condition for the task to run

Ex: You could configure a report to run automatically(action) every Tuesday (trigger) when the system has been idle for 10 minutes (Condition), and only when requested (setting).

⁠

Component Services

COM+ (Component Object Model) is the model that allows developers to build applications that work in very large computing environments and across the enterprise.

a variant of MMC

Used when developers are developing object oriented applications that are going to be deployed in the windows OS

It’s coupled alongside the Event Viewer & Services tool so that you get a total view of everything happening with the application

If a COM+ based application needs any further configuration so it can run on a computer, you’ll make those changes inside of the Component Services Tool.

Very Application Focused

⁠

ODBC Data Sources

Open Database Connectivity

It allows you to view, create, and modify connections to databases

Separates the application from the database

Supports open data base connectivity and Supports Maximum interoperability

allows the application developer to create an application without having to worry about how its going to connect to the database

This allows the developer to completely focus on the functionality of the application, instead of worrying about how it’s going to talk to the database

If there is a database you need added to your windows configuration so an application can access it, you’ll have to do it in the ODBC Data Source admin tool

⁠

Print Management

used to manage multiple printers, print drivers, and print servers from a single interface

a variant of MMC

⁠

Windows Memory Diagnostics

diagnostic tool used to check the system for memory problems .

system must be rebooted for the tool to work and it will take several minutes

if errors were found, then upon startup, a error box will appear.

⁠

Windows Defender Firewall

a integrated host-based stateful firewall provided by Windows ( a stateful firewall is a firewall that understands and remembers the state of traffic that flows through it. It remembers which traffic has come in and which has not)

It acts on fundamental firewall rules

You can control traffic by filtering by applications. But you can either allow all traffic from an app or not allow any traffic from an app. There is no further control than that

No Scope (can’t differentiate between incoming & outcoming traffic)

You can’t configure advanced connection security rules, which means you can’t “only send this traffic over a IPsec tunnel”, which is a more secure connection.

⁠

Windows Defender (Advanced Security)

Allows Detailed Control over the security features of the firewall

a variant of MMC

you can control:

Inbound Rules

rules created to allow or deny network traffic inbound applications entering the OS

Outbound Rules

created to allow and deny network traffic leaving the OS

Connection Security Rules

rules for authenticating and encrypting traffic.

Programs

which programs are allowed inbound/outbound traffic

Protocol/Port

Which protocol or port are allowed in/out the network.

⁠

Event Viewer

tool that allows you to view all of the application error logs, security audit records, and system errors.

breaks each event into categories: information, warning, error, critical, successful audit, and failure audit

used to troubleshoot an application or the OS, you may be able to find the root cause of the issue in the event viewer

⁠

Task Manager

A system monitor program used to monitor all the current processes on the computer

It has 7 Tabs: Processes, Performance, App History, Startup, Users, Details, & Services.

Processes

View all running applications and processes on the system so you can see any abnormalities.

You can see which tasks are open on the machine and you can also see the status of each task, which can either be running or not responding.

If a task has stopped responding (hung-up), you right click the task and click end task

You can also change the priority of a process in Task Manager as well

Real-Time Priority is for applications that must have the processor’s attention to handle time critical tasks. This can only be done by administrators.

⁠

Performance

shows where resources are being used by each component of the PC by displaying a graphical interface or line graph

shows real time CPU utilization including where all the activity is coming from

Shows networking data as well

⁠

App History

Provides real time usage statistics regarding applications being run and the amount of system restores being used.

⁠

Startup

lists the name of the services to be configured at startup as well as the publisher, status, and startup impact.

From this tab you can choose any service listed and disable it.

⁠

Users:

provides information about the users logged into the local machine

You’ll see username, status, CPU usage, memory usage, disk usage, and network usage.

You can do a number of things from here:

view the active user’s processes,

send the user a message,

sign the user off

switch the user’s account

and remote-in to the user’s PC

⁠

Services:

Lists the name of each running service as well as the process ID associated with it and it’s description, status, and group.

Clicking on it will open up Microsoft Management Console (MMC) snap-in service.

By right clicking, you can do a list of things:

Start

Stop

Restart

Open Services

Details

Search online

⁠

It also provides information about any current applications that may be currently running as well

It can used to end frozen or stubborn programs

accessible by right clicking the task bar or ctrl+alt+del and choosing task manager.

Disk Management MMC

Lets you view a host of information regarding all of the drives installed in your system, including CD/DVD-ROM drives.

Allows you to review all the logical partitions configured and physical drives that are connected to the computer.

Disk Status

Healthy

means the volume is working perfectly and there are no problems

Healthy (At Risk)

means the volume has experienced some errors, but they’re not fatal. Yet!

Drive may be failing

Formatting

You see this when you are formatting a disk; only temporary status

Failed

means either the disk is damaged or there is an issue with the disk.

Initializing

normal when your setting up a new volume

Failed Redundancy

means a volume has failed in your RAID 1 or RAID 5 array

Resynching

means that you have a RAID 1 Array setup (Mirrored) volume and it’s copying from one drive to the other drive

Happens after a drive is replaced in RAID 1 (Mirroring)

Regenerating

means that you are running a RAID 5 setup on this drive, and one of your drives have failed so it had to be replaced with a new one.

The new drive is being uploaded with the data it needs

⁠

Mounting Drives

When the OS makes files and directories on a storage device available for use via the computer’s file system.

Mounting can also be used to extend available storage space

You can create a folder inside the drive that is running out of space, mount it, and have it pull the additional space from an extra storage space you have (usb, ssd, another hard drive).

You do this so you don’t have to go through the trouble of making a new volume.

This process is seamless and instantaneous.

⁠

Volume Sizes

Splitting Volumes

performed whenever you realize that you’ve allocated too much space to a certain volume, and you want to split it down the middle so you can have another free volume to work with

Ex: Volume C (100GB) → splits → Volume C (50GB) and Volume D (50GB)

Shrinking Volumes (Partitions) is the same, just not right down the middle as an even split or half.

Ex: Volume F (100GB) → shrinks (20GB) → Volume F (80GB) and Volume G (20GB)

Extending Volumes

You can also increase the size of particular volume by extending it. By extending, It means you have two volumes each measuring 10GB and you want to make one bigger, or extend it.

So you have volume A (10GB) & volume B (10GB). When you extend A over B, you’re reallocating space between the two volumes since they’re two halves of the same disk.

Ex: Volume A (10GB) → extends (5GB) → over Volume B (10GB), making Volume A (15GB) and Volume B (5GB) now.

Adding Drives

All new drives must be initialized before first use, then the drive needs to be mounted to the system. Initializing the drive allows the system to recognize it. The New Simple Volume Wizard can be used for designating the format type and for assigning/changing drive letters.

Adding Arrays

Arrays of disks are multiple disks working together for a specific purpose.

Also known as RAID (Redundant Array of Independent Disks). They’re used for fault tolerance so in the event of a disk failure, the system will continue to function.

RAID0

uses striping and does not add any fault tolerance, only adds to overall performance

RAID1

uses mirroring to add fault tolerance, creates complete duplicate of the volume.

RAID5

Striping with parity

Adds increased performance and fault tolerance

requires 3+ disks to work with

Storage Spaces

used to saves files to two or more drives to help protect you from a drive failure.

similar to RAID

Also allows you to add more drives if you need more storage for the files you want to protect from drive failure

Can use external hard drives to create the storage pool as well

System Utilities

The Run-Line

Allows you to start the application as a command instead of the GUI

⁠

Regedit

Windows registry is the big huge master database of the entire system

It is a hierarchal database and is built each time Windows boots, is updated as the system runs, and is saved on shutdowns.

Its used by almost everything: Kernel, Device drivers, services, security account manager, user interface and applications

You may have to make changes to this registry and when you do, make sure you create a hive (backup) incase you need to rollback the changes

HKEY - Handle for Registry Key

Registry has 5 Folders

Classes

Current User

Local Machine

Users

Current Configuration

⁠

Command

cmd , windows command line prompt used to control the OS

⁠

Services.msc

tool that allows you to interact with the services running on the computer.

Control background applications

services.msc is the run command

MMC

Build your own management framework using this skeleton

The base for mostly all admin tools

MMC is the run line command

MSTSC

Remote desktop protocol is used primarily by techs to remote-in to a person’s computer to see exactly what’s going on

MSTC is the run line command

Notepad

view and edit text files

notepad is the run line command

Explorer

The file explorer

explorer is the run line command

Msinfo32

System Information

msinfo32 is the run line command

Windows System Information • A wealth of knowledge • Hardware Resources - Memory, DMA, IRQs, conflicts • Components - Multimedia, display, input, network • Software Environment - Drivers, print jobs, running tasks

DxDiag

DirectX Diagnostic Tool

Displays reports of DirectX components that are disabled

⁠

Disk Defragmenter

defrag is the run line command

Tool used to improve read and write time for disk

moves files back together so they are contiguous (side-by-side or sequential)

Used only in PCs with HDDs

System Restore

Windows Update

REVIEW QUESTIONS

Want to print your doc?
This is not the way.

Try clicking the ⋯ next to your doc name or using a keyboard shortcut (

CtrlP

) instead.