Windows 2003 Active Directory Administration Essentials 5

8/14/2019 Windows 2003 Active Directory Administration Essentials 5

1/26


2/26

viii

ContentsChapter 7 Command-Line, Support, andMicrosoft Windows Server 2003 Resource Kit Tools . . . . . . . . . . . . . . . . . 123

Window s 2003 Built-In Com mand-Line Too ls . . . . . . . . . . . . . . . . . . . . . . . . . . . 123Built-In Command-Line Event-Log Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 125

Eventcreate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 125

Eventquery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127Eventtriggers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 128

Built-In AD Management Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 129Dsadd . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 130

Dsadd User . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 130Dsquery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131

Dsquery User . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131

Windows 2003 Suppo rt Too ls . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132Support Tools Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132AD Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135

Dcdiag . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135Dcdiag with Replication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135Dcdiag with Dcpromo . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 136

Replmon . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137

Window s 2003 Reso urce Kit Utilities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 139Active Directory Users and Computers Enancement Tools . . . . . . . . . . . . . . . . . . . . 139

Acctinfo.dll . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 139Rcontrolad . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141Event Manipulation Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 142

Custreasonedit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 142

EventCombMT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 144Next: Special Domain Operation s . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 146

Books
http://www.windowsitlibrary.com/Ebookshttp://www.netiq.com/http://www.windowsitlibrary.com/Ebooks


3/26

123

Chapter 7:

Command-Line, Support, andMicrosoft Windows Server 2003 Resource Kit Tools

GUI is good. Command-line is better. Whats in the box is tasty. But add-ons are sweeter. Poetryaside, those lines indicate what this chapter offers. Ill review how to work with some key Windows

Server 2003 (Windows 2003) tools that offer great benefits if you know how to use them.I discuss selected command-line tools, support tools, and resource kit tools. From these toolsources, youll be able to build a custom toolkit tailored to your environment.

Windows 2003 Built-In Command-Line ToolsThe advantage of command-line tools is that you can use them without a GUI. This option is helpfulwhen you use Telnet or, as I discussed in Chapter 6, when you use the Special AdministrationConsole (SAC) through Windows 2003 s Emergency Management Services (EMS). Additionally, sometools can run under a normal user context and are therefore useful inside logon or startup scripts.

The downside of command-line tools is the learning curve. The tool names are hard toremember, and the multiple options that the tools offer can be equally baffling. However, althoughcommand-line tools can be cumbersome, their benefits typically outweigh their drawbacks.

When it comes to Windows 2003, the Microsoft development team got command-line tools right.Although not all GUI options are scriptable, those that are scriptable are well implemented andequally well documented.

To get a list of the command-line utilities available in Windows 2003, open the Help and SupportCenter and locate the Command-line reference A-Z , which Figure 7.1 shows. (Notice, however, thatthe last tool in the alphabet is Xcopy. Perhaps Windows 2006 will have commands that start withY and Z.)

Brought to you by NetIQ and Windows & .NET Magazine eBooks


4/26

Figure 7.1The Help and Support Center list of command-line tools

TipTypically, to reach the list of command-line utilities, I type

command line reference

in the search window.

You can also immediately locate the Help and Support Center list of command-line utilities byopening a command prompt and typing

hh ntcmds.chm

j

124 Windows 2003: Active Directory Administration Essentials



5/26

Windows 2003 offers a bevy of command-line tools almost too many. To keep the command-line tool section of the chapter manageable, Ill limit my discussion to those tools that help youmanage the event log and Active Directory (AD).

NoteDon t let the myriad options that each tool offers befuddle you. Almost every tool has a /?option that lists the tool s options. Alternatively, you can click the name of a tool listed inFigure 7.1 to display that tool s command-line options.

Built-In Command-Line Event-Log Tools The event log is perhaps the most underutilized Windows troubleshooting tool. Event logs recordmore useful knowledge than almost any other tool. The problem is that you have to keep checkingthem. Although third-party tools can help you consolidate and manage your event logs, you can alsoimprove your event-log experience with some of the built-in tools at your disposal. I ll examine threebuilt-in tools that can help you manage your event logs: Eventcreate, Eventquery, and Eventtriggers.

EventcreateEventcreate lets an administrator create a custom event in a specified event log. If you re a batch file

junky, and you want to have the status of your jobs reported to the event log, you ll want to use theEventcreate tool.

The Eventcreate syntax from the Help file reads

eventcreate [ / s Computer [ / u Domain \ User [ / p Password ]] {[ / l {APPLICATION | SYSTEM }] |[ /so SrcName ]} / t {ERROR | WARNING | INFORMATION } /id EventID / d Description

NoteAccording to Microsoft s formatting legend, italics indicate information the user must supply;boldface indicates something the user must type exactly as shown; an ellipsis indicates aparameter that can be repeated in a command; brackets indicate optional items; bracesindicate choices from which the user must choose one only; and Courier font indicates code orprogram output.

Figure 7.2 shows a sample batch file script that, if a flag file is found, reports the finding tothe event log.

n

n

Chapter 7 Command-Line, Support, and Microsoft Windows Server 2003 Resource Kit Tools 125



6/26

Figure 7.2 Deploying Eventcreate

When the script reports the finding to the event log, the result appears in the format thatFigure 7.3 shows.

Figure 7.3 Result of an Eventcreate finding

The Eventcreate tool is handy, but it becomes even handier when you use it with utilities such asEventquery and EventCombMT. (I discuss EventCombMT in the Windows 2003 resource kit utilitiessection toward the end of the chapter.)




7/26

EventqueryEventquery s purpose is to query event logs on Windows 2003 servers for information already in thelogs including information you set the event logs to capture through Eventcreate. However, if youtry to use the Eventquery tool without preparation, you get the message that Figure 7.4 shows. Youfirst need to change the default command processor.

Figure 7.4Changing the default command processor

At the command prompt, type

cscript //H:CSCRIPT //S

which changes the command processor from the interactive GUI script processor to CScript.The Eventquery syntax from the Help file reads

eventquery [.vbs ] [ / s Computer [ / u Domain\ User [ / p Password ]]] [ /fi FilterName ] [ /fo {TABLE |LIST | CSV }] [ / r EventRange [ /nh ] [ / v ] [ / l [APPLICATION ] [SYSTEM ] [SECURITY ] ["DNS server" ][UserDefinedLog ] [ DirectoryLogName ] [*] ]

If I want to query all events that have event ID 106 in the Application log of the server I m currentlyon, for example, I can type

eventquery.vbs /FI ID eq 106 /l Application

and get the results that Figure 7.5 shows. Note that the response is available because I entered event

ID 106 onto this server with Eventcreate.




8/26

Figure 7.5Querying a server with Eventquery

EventtriggersThe Eventtriggers tool ties your event-management efforts together. That is, when an event you wantto monitor pops into the event log, you can have Eventtriggers notify you or set a command toexecute automatically. It s like having someone dedicated to monitoring the server logs and actingupon them if necessary.

The Eventtriggers tool includes three commands:

Eventtriggers create

Eventtriggers query Eventtriggers delete

For monitoring and notification to occur, you must first create the Eventtrigger, which will thenmonitor and act upon the occurrence of logged events that meet the criteria you set up. After youcreate some triggers, you can see them at work by using the Eventtriggers query command. You candelete Eventtriggers with the Eventtriggers delete command.

As an example, I ll create an Eventtrigger for event ID 106. That is, if event ID 106 appears in theApplication log, Eventtriggers fires off a batch file in response. In this example, I use the syntax

eventtriggers /create /tr FilePresent /l application /eid 106 /tk\\vmserver2\share\gobatch.cmd

which Figure 7.6 shows. This syntax creates a trigger named FilePresent and checks the Applicationlog for event ID 106. If Eventtriggers finds event ID 106, it automatically triggers the command

gobatch.cmd

which you can also see in Figure 7.6.




9/26

Figure 7.6 Deploying Eventtriggers to trigger actions based on events

NoteYou also have available the command Evntcmd, which converts events to SNMP traps, ornotifications. Evntcmd might be useful if you have many SNMP-related devices and amanagement station that s configured to address SNMP traps. For more information aboutSNMP traps, refer to my eBook The Definitive Guide to Enterprise Manageability , which NetIQalso sponsors. You ll find the eBook at http://www.netiq.com/offers/ebook/default.asp and the

SNMP information in Chapter 5.To test my Eventtrigger command syntax, I used the same command that I used when I

experimented with Eventcreate. That is, I created an event with event ID 106, then watched mytrigger react and execute the batch file. (The batch file that Eventtrigger triggers might send an email,display a pop-up, or perform any number of actions.)

Built-In AD Management Tools Microsoft has included a suite of command-line AD management tools in Windows 2003 s baseinstallation. Without your having to write custom scripts, these commands help you perform basicdirectory maintenance. I think you ll find the following built-in AD management tools and their

functions particularly useful. Dsadd Adds objects to the directory

Dsmove Moves objects from their current directory location to a new location

Dsget Gets information about and displays the properties of directory objects

Dsmod Modifies specific attributes of objects already present in the directory

Dsquery Locates directory objects that fit specified criteria

Dsrm Removes objects or a portion of a directory subtree

n


http://www.netiq.com/offers/ebook/default.asphttp://www.netiq.com/offers/ebook/default.asp


10/26

Although I lack the space to explore all the built-in tools and their commands in detail, I ll showyou the essential ropes with two of the tools and you can take it from there. I ll discuss the Dsaddtool s Dsadd user command and the Dsquery tool s Dsquery user command.

DsaddDsadd gives you a simple way to add several kinds of entities to AD quickly. The six Dsaddcommands are

Dsadd computer

Dsadd contact

Dsadd group

Dsadd OU

Dsadd user

Dsadd quotaDsadd UserThe Dsadd user syntax from the Help file looks a little daunting. It reads

dsadd user UserDN [-samid SAMName ] [-upn UPN ] [-fn FirstNam e ] [-mi Initial ] [-ln LastName ][-display DisplayName ] [-empid EmployeeID ] [-pwd {Password | *}] [ -desc Description ][-memberof Group ;...] [-office Office ] [-tel PhoneNumber ] [-email Email ] [-hometel

HomePhoneNumber ] [-pager PagerNumber ] [-mobile CellPhoneNumber ] [-fax FaxNumber ][-iptel IPPhoneNumber ] [-webpg WebPage ] [-title Title ] [-dept Department ] [-company Company ][-mgr Manager ] [-hmdir HomeDirectory ] [-hmdrv DriveLetter :] [-profile ProfilePath ] [-loscr

ScriptPath ] [-mustchpwd {yes | no }] [-canchpwd {yes | no }] [-reversiblepwd {yes | no }][-pwdneverexpires {yes | no }] [-acctexpires NumberOfDays ] [-disabled {yes | no }] [{-s Server |-d Domain }] [-u UserName ] [-p {Password | *}] [-q ] [{-uc | -uco | -uci }]

Don t let the extreme set of options deter you from deploying this command. You ll find thatDsadd goes well beyond the capabilities of the old Net user command. With Dsadd, you can setvirtually every option typically found in a user object.

For example, you can create a new user object for Jane Martin in DomainA s marketingorganizational unit (OU). In this example, her first name is Jane, her middle initial is A, and her lastname is Martin. She is a member of the Backup Operators group, and her telephone number is

302-555-1212. You would use the syntaxDsadd user cn=Jane_Martin,ou=marketing,dc=domaina,dc=com -fn Jane mi A -ln Martin

display Jane Martin memberof cn=Backup Operators,cn=builtin,dc=domaina,dc=comtel 302-555-1212

which Figure 7.7 shows.




11/26

Figure 7.7 Deploying Dsadd user to add user accounts anywhere in AD

TipDsadd is particular about its input requirements, especially when you specify the distinguishedname (DN) of the account you want to create and the group or groups to which you want toadd that user account. When you use Dsadd, you ll need to be precise.

DsqueryThe powerful Dsquery tool lets you search all of AD for specific object types. The Dsquery tool scommands are

Dsquery computer

Dsquery contact

Dsquery group

Dsquery OU

Dsquery site

Dsquery server

Dsquery user

Dsquery quota

Dsquery partition

You can also use Dsquery * which provides a global search through your entire AD.Again, because I don t have unlimited space for examples, I ll restrict my example to one

Dsquery command Dsquery user.

Dsquery UserYou ll probably use the Dsquery user command often. This useful command helps you locate userobjects in the directory.

The syntax from the Help file reads

j




12/26

dsquery user [{StartNode | forestroot | domainroot }] [-o {dn | rdn | upn | samid }] [-scope{subtree | onelevel | base }] [-name Name ] [-desc Description ] [-upn UPN ] [-samid SAMName ][-inactive NumberOfWeeks ] [-stalepwd NumberOfDays ] [-disabled ] [{-s Server | -d Domain }][-u UserName ] [-p {Password | *}] [-q ] [-r ] [-gc ] [-limit NumberOfObjects ] [{-uc | -uco | -uci }]

The best news is that you can keep this syntax very short to get a quick result back. Forexample, if you want to check the location of all the users in your domain named Jane, you wouldsimply type

dsquery user name Jane*

Figure 7.8 shows the results of that query: all the DNs in your domain that include Jane in thename. This kind of DN-related query is particularly handy for backup and recovery purposes shouldyou need to perform an authoritative restore, which I discussed in the Chapter 6.

Figure 7.8 Deploying Dsquery user to locate users in AD

Windows 2003 Support ToolsThe support tools are an important element in maintaining server and AD health. You ll discoveran excellent set of advanced tools available as an additional install but free on the Windows 2003CD-ROM.

Support Tools Installation To locate the support tools, navigate to :\ Support\ Tools and launch SUPTOOLS.MSI, whichFigure 7.9 shows.




13/26

Figure 7.9 Locate SUPTOOLS.MSI

TipNote that this tools folder also holds automated deployment tools in Deploy.cab which youcan explore if you feel adventurous.

After you ve installed Suptools.msi, you ll see the results in the Start menu as Windows SupportTools. You won t find the specific tools listed. You ll need to launch the Suptools.msi Help file, whichthen displays the list of tools, as Figure 7.10 shows.

j




14/26

Figure 7.10 List of Support Tools in the Help and Support Center

NoteYou can get to the screen that Figure 7.10 shows either by starting with Suptools.msi in theStart menu (then launching Suptools.msi s Help file) or by going to the Help and SupportCenter.

n




15/26

AD Tools Many of the support tools exist to help you manage AD. You can get a list of AD-related tools byclicking the Active Directory Management Tools subset, which you can see in Figure 7.10. The toolslisted in the Active Directory Management Tools subset tools are deeply capable; exploring one ortwo tools in any depth could fill a chapter.

Some of the tools that I consider AD management tools don t appear in this tool subset but inother categories. Dcdiag, the first tool I discuss, is a case in point.

TipYou ll want to examine the Alphabetical List of Tools highlighted in Figure 7.10 to get a feel forall the tools available.

With your custom toolkit in mind, I ll discuss a few of the most important tools for day-to-dayAD management. After I discuss Dcdiag, I ll discuss its Active Directory Management Tools subsetdiagnostic counterpart: Active Directory Replication Monitor (Replmon).

DcdiagDcdiag is the Swiss Army knife of AD testing. You carry out most tests by using the syntax

dcdiag /test:

where can be any one of a huge number of options.For example, you can test whether a domain controller (DC) is healthy (by using the Advertising

switch), whether the topology between DCs is kosher (by using the Topology and Replicationswitches), which DCs hold which Flexible Single-Master Operation (FSMO, aka Operations Master)roles (by using the FSMOCheck switch), and much more.

Dcdiag with ReplicationSometimes, replication between DCs suddenly stops for no apparent reason. You can often find thecause by checking DNS, but discovering the extent of the problem can be difficult. If you use thesyntax

dcdiag /test:Replication

you get results that resemble those shown in Figure 7.11. Results that indicate individual replicationproblems can help you gauge the extent of the overall problem (in this case, no replication problems

exist).

j




16/26

Figure 7.11 Deploying Dcdiag

If you suspect replication problems, you can also carry out the test with the /v switch. Thisswitch enables verbose output, which can help you see precisely where problems lie.Dcdiag with DcpromoWhen you bring up new DCs at other sites, you might face a familiar challenge: problems that mightbe either on the server that you want to promote or in the domain itself. All you know is thatsomething is preventing the promotion of the server to DC. Dcdiag with the /test:DCPROMO switchcan help. If you want to create a new replica DC, you use the syntax

dcdiag /test:DCPROMO /DNSDomain: /replicadc

from the machine you want to promote to DC. If your DC-to-be passes all tests to be promoted,

you ll see the results that Figure 7.12 shows. You can then proceed knowing that the promotion islikely to work.




17/26


18/26

You can use Replmon to perform a host of validation tests. One powerful function is SynchronizeEach Directory Partition with All Servers, which you see listed in Figure 7.13. When you select andinitiate this function, the Synchronizing Naming Context with Replication Partners dialog box that yousee in Figure 7.14 will appear and offer three synchronization options.

Figure 7.14The Synchronize Naming Context with Replication Partners dialog box

AD replication is usually pull only that is, each DC in a site will pull the latest data from itspartners. You can change the replication mode by selecting the Push m ode option that Figure 7.14shows. Additionally, instead of waiting for replication to occur more widely, you can force replicationover site boundaries by selecting the Cross site boundaries option that Figure 7.14 shows.

NoteReplmon lets you perform a one-time push replication through the Push mode option thatFigure 7.14 shows.

CautionIve never encountered a need to use the first option that Figure 7.14 shows, Disables transitive replication . I typically want replication to occur everywhere, so I don t select that option.

You ll want to familiarize yourself with Replmon, which is one of the most useful tools fortroubleshooting AD problems. Be aware, however, that the Help function in Replmon is nonexistent.You might want to search on the tool name to access some of the many articles about deployingReplmon.

d

n




19/26

Windows 2003 Resource Kit UtilitiesThe Windows resource kits have always offered tools that perform various kinds of magic.

Historically, Microsoft made some tools available for download, but you had to purchase the resourcekit and the resource kit documentation to get most of the tools.With Windows 2003, Microsoft is apparently giving away the bulk of the resource kit utilities and

making others available as they re produced. To start developing your resource kit, go tohttp:// download.microsoft.com/ download/ 8/e/c/8ec3a7d8-05b4-440a-a71e-ca3ee25fe057/ rktools.exeand download and install the resource kit on your computer.

TipAlso available as a separate download is the Microsoft Internet Information Services (IIS) 6.0 Resource Kit . For an overview of the resource kit and to download it, go to

http://www.microsoft.com/downloads/details.aspx?familyid=80a1b6e6-829e-49b7-8c02-333d9c148e69&displaylang=en

Some of the utilities in the resource kit are command-line tools, others are GUI tools, and stillothers fall into a different category. I ll explore tools from the third category first.

Active Directory Users and Computers Enhancement Tools Two great resource kit tools enhance the capability of the Active Directory Users and Computersconsole the tool you use each and every day. I ll give you an overview of both Acctinfo.dll andRcontrolad.

Acctinfo.dllAcctinfo.dll isn t a program you can simply double-click and run. Rather, it attaches itself to the ActiveDirectory Users and Computers console to extend the console s capabilities. Acctinfo.dll displays allsorts of interesting account information about the most recent user logon. Previously, you would haveneeded scripting to get this information.

However, to get to these account information properties, you ll first need to complete thefollowing steps:

1. Copy Acctinfo.dll to \ %systemroot%\ system32

2. Then, use the syntax

regsvr32 acctinfo.dll

NoteYou ll need to repeat both steps to add Acctinfo.dll to each individual system.

n

j


http://download.microsoft.com/download/8/e/c/8ec3a7d8-05b4-440a-a71e-ca3ee25fe057/rktools.exehttp://www.microsoft.com/downloads/details.aspx?familyid=80a1b6e6-829e-49b7-8c02-333d9c148e69&displaylang=enhttp://www.microsoft.com/downloads/details.aspx?familyid=80a1b6e6-829e-49b7-8c02-333d9c148e69&displaylang=enhttp://www.microsoft.com/downloads/details.aspx?familyid=80a1b6e6-829e-49b7-8c02-333d9c148e69&displaylang=enhttp://download.microsoft.com/download/8/e/c/8ec3a7d8-05b4-440a-a71e-ca3ee25fe057/rktools.exe


20/26

Tip

If you want to remove Acctinfo.dll, simply use the syntaxregsvr32 /u acctinfo.dll

After you register Acctinfo.dll, you ll be able to see the newly available information on theAdditional Account Info tab in the dialog box that Figure 7.15 shows.

Figure 7.15The Additional Account Info tab

Without needing to use scripting, you can access lots of information (e.g., when the user spassword next expires, when the user most recently logged on, what the user account s SID is).

One interesting and useful feature is the Set PW On Site DC button that you can see in Figure7.15. When you click the Set PW On Site DC button, the dialog box that Figure 7.16 shows willappear. You can then change the user s password directly on the DC that the user uses for validation.

j




21/26

Figure 7.16The Change Password On a DC In the Users Site dialog box

If you use the Set PW On Site DC feature to change passwords, users will be able to access theirnewly changed passwords right away. They won t need to wait for replication from the PDC-Emulatorto this DC.

Rcontrolad Rcontrolad is a tool that lets you control another useful little tool. When you double-click Rcontrolad,it expands into several files. First, you run the rcontrol_setup.exe program as a Domain Administrator.Second, you copy the included rcontrol.exe to the location from which you deploy your ActiveDirectory Users and Computers console. You ll then be able to right-click any XP or Windows 2003

computer and select Remote Control, as Figure 7.17 shows.Figure 7.17

Selecting Remote Control after deploying Rcontrolad




22/26

After Rcontrolad is installed, you can control target computers remotely. When you do, you ll beconnected through Terminal Services to the remote computer, as Figure 7.18 shows.

Figure 7.18Connecting to the remote computer

Rcontrolad is a handy alternative to manually adding each machine to the Control Panel RemoteDesktop applet.

Event Manipulation Tools In Chapter 1, I discussed the new Server Event Tracking feature, which lets administrators enter (andthereby better track) the reasons for restarting or rebooting a server. In this final section of Chapter 7,I discuss how you can extend that record-keeping capability and also leverage what you learned inthis chapter about the Eventcreate, Eventquery, and Eventtriggers tools.

CustreasoneditThe Custreasonedit tool lets you extend the Server Event Tracking feature s list of possible reasons for

shutting down and restarting a server. To use Custreasonedit to add to the list of reasons, you mustfirst introduce sample reasons to this computer. You do so by right-clicking the samplereasons.reg filein Windows Explorer and selecting Merge, as Figure 7.19 shows.

Figure 7.19 Expanding the samplereason.reg file




23/26

Use the syntax

custreasonedit /i

to launch the tool s GUI, as Figure 7.20 shows.

Figure 7.20 Introducing custom reasons for shutdown

After you ve run custreasonedit /i, you can see the sample reasons and add your own. Simplytype in the Title and Description, pick the Reason Category, select which check boxes you want tohave shown by default, and click Add. After you ve tailored the list, click Export to export to aregistry file. Then, merge the resulting registry file back into the system registry and your reasonswill be customized.

TipThe Custreasonedit process I describe customizes the reasons for this machine only. However,the readme.chm file tells you how to distribute the updated reasons list to multiple machines.

j




24/26

EventCombMTYou ve learned how to use the Eventcreate tool to capture selected events in the event log. Now,you might want a centralized way to locate these (and other) events across multiple servers. TheEventCombMT tool lets you perform event searches easily.

After you run EventCombMT, you can right-click in the left window and select the types of servers on which to query events, as Figure 7.21 shows (highlighted in yellow).

Figure 7.21Selecting servers to search

As Figure 7.22 shows, you can select the log files to search (highlighted in orange), the eventtypes (highlighted in green), any specific event IDs or event ID ranges (highlighted in yellow), or textwithin an event (highlighted in blue). In this example, I m checking one DC for event ID 105 andevent ID 106 in the Application, System, and Security logs.




25/26

Figure 7.22 Entering the types of events for the search

When you click Search in EventCombMT, the tool will query all the servers specified for thecriteria you established. When the search is finished, the Temp directory will contain several files, andthe Temp directory window will be exposed automatically. Open up a log file, such as the file Figure7.23 shows, to see the events returned from the search including those you created with theEvencreate tool.




26/26

Figure 7.23 Logged events that match the criteria you establish

NoteThe resource kit tools are downloadable, but Microsoft doesn t support them 100 percent.Should you need assistance with them, you ll get best-effort support.

Next: Special Domain OperationsYou can perform administrative tasks countless ways. However, familiarizing yourself with thecommand-line tools, support tools, and resource kit tools can really be a lifesaver. You can then

better leverage the event logs to figure out what s happening in your environment. Best of all, all thecommands and tools I ve discussed in this chapter are free. However, no centralized storage mechanism for events exists yet for that you ll still need a third-party tool.

In the final chapter of Windows 2003: Active Directory Administration Essentials , I consider someoperations you ll probably perform rarely, such as transferring or seizing server roles, addressing DCpromotions that fail partway through, cleaning up the metabase, and renaming DCs and domains. I lldiscuss how to perform these operations safely.

n


Date post:	30-May-2018
Category:	Documents
Upload:	zeeshanopel
View:	217 times
Download:	0 times

Windows 2003 Active Directory Administration Essentials 5

Documents