THE SHUTDOWN UTILITY

Use the Shutdown.exe utility that's shipped with the Windows NT

Resource Kit to reboot the local machine. An example of the usage is

Shutdown /l/r/c/y. The command line arguments add flexibility to the

utility. Use /l to shut down the local machine, /r to reboot, /c to

close all programs, and /y to avoid having to answer Yes to prompts.

You can also use this utility in conjunction with the AT command to

schedule a shutdown at specific times. An example of this is:

AT 23:59 /every:M,T,W,Th,F shutdown /l /r /c /y

ADDING USER ACCOUNTS FROM A WINDOWS NT COMMAND LINE

You can add or delete computer accounts from the command line. This type of functionality is essential if you use script or bat files to automate tasks. From the command prompt, use the Net command:

Net computer \\computername /Add /Del.

You must have the appropriate permissions to add or delete an account in order for this to work.

ADMINISTERING A DOMAIN FROM AN NT WORKSTATION

To administer your domain from a Windows NT workstation, follow these

steps. First, install the NT Server client-based administration tools.

Next, insert the NT Server CD into your NT Workstation and run the <CD-

ROM drive>: *\clients\srvtools\winnt\setup.bat file. Doing so will

detect your processor and install the correct files in the

%SystemRoot%\System32 folder.

You'll probably now want to create shortcuts, on either the desktop or

the Start menu, for the following applications:

* Dhcpadmn.exe--DHCP Manager

* Poledit.exe--System Policy Editor

* Rasadmin.exe--Remote Access Administrator

* Rplmgr.exe--Remote Boot Manager

* Srvmgr.exe--Server Manager

* Usrmgr.exe--User Manager for Domains

* Winsadmn.exe--WINS Manager

Use the Showmbrs.Exe utility from the resource kit and output it to a text file to show membership of groups

Making an NT boot disk:

At any NT machine (Server or Workstation) format the floppy, then copy

the following files found in the root:

* Ntldr

* Ntdetect.com

* Boot.ini

* Ntbootdd.sys (if you have a non-SCSI enabled bios and are using SCSI

drives)

Now that you know you've got a boot disk, what are you going to do with

it? Well, if you're a staunch believer in fault tolerance, you've

implemented mirroring to protect your system partition. But, if one of

the disks in your mirror fails, you can use your boot disk and edit

your Boot.ini file to point to the partition to boot from.

PRINT SERVER CRASHED? QUICK RECOVERY IS POSSIBLE
We all know that when a print server crashes, restoring multiple
printer shares and accompanying permissions can take hours; in the
meantime, your users' collective blood pressure is going through the
roof. Here's a way to restore a print server quickly and with minimum
effort. This solution assumes that you have another server available
running NT.

Back up the \Winnt\System32\Spool\Drivers directory or copy the
directory to another server. (This directory contains all the printer
drivers for your installed printers.)

Save the HKEY_LOCAL_MACHINE\ SYSTEM\CurrentControlSet\ Control\Print
registry key to a floppy disk. Next, copy the files in the
\Winnt\System32\Spool\Drivers directory to the correct subdirectory,
and restore the HKEY_LOCAL_MACHINE\SYSTEM\
CurrentControlSet\Control\Print registry key. Your print manager will
list all your printers, with the proper permissions. You can use a
logon script to map the printers for users. If you copied the files and
registry key to a new server, users can add printers from the new print
server.

Printmig.exe
Imagine you have a mass of printer ports set up on a Windows NT-based print server. Now imagine that it crashes irrevocably and must be rebuilt without a restore being possible, or you have to duplicate the ports on another server.

Printmig is a graphical tool that allows you to backup the print set-up of one server into a .cab file and then restore it on another target server. This is a much more convenient and accurate restoration method than recreating each port by hand or wandering around the registry.

Printmig.exe is available on the latest Windows NT Resource Kit Supplement.

The Microsoft Windows NT Server 4.0 Resource Kit provides several powerful NT management resources:

Graphical IPConfig (wntipcfg.exe) is a graphical version of NT's standard Ipconfig command. Graphical IPConfig displays the system's IP address, host and domain name, and the DNS and WINS servers that are in use.

Remote Process Kill (wrkill.exe) installs as an NT service. This tool lets you list and optionally terminate a remote system's processes.

Duplicate Finder (dupfinder.exe) lists all the duplicate filenames that exist in a given disk or directory. The first time you run this utility, the number of duplicates you have will probably surprise you.

File and Directory Comparison (windiff.exe) lets you quickly check the file versions of your system's applications and scripts. You select a source and a target directory, and windiff.exe compares the contents of those directories, reporting on any version differences that it finds.

Switch Users (su.exe) lets you execute a program under the security context of a different logon ID. You'll find this feature particularly useful when you're performing administrative functions on networked client systems. Switch Users lets you enter the target logon ID and password and the name of the executable function that you want to run.

Remote Shutdown GUI (shutgui.exe) displays a handy dialog box that lets you shut down a networked computer (when you run the program without parameters). The tool can display a shutdown message on the remote system, delay the shutdown for a specific period of time, and optionally restart the system.

Share UI (shareui.dll) lets you create a special Shared Directories folder in My Computer that you can configure all your system's shares from. With Share UI, you can create and delete shares and edit the permissions of both the hidden and public shares on your system. To install this utility, navigate to the \NTResKit directory. Right-click the shareui.inf file, then select Install from the pop-up menu.

Network Watcher (netwatch.exe) lets you display a list of the users connected to your system's shares. The tool can monitor multiple systems, as well as connect and disconnect shares.

TweakUI (tweakui.cpl) is a powerful tool that lets you customize the appearance and behavior of the NT desktop. Such customization would otherwise require you to directly change the Registry. TweakUI offers two particularly handy features: You can turn off your CD-ROM drive's AutoPlay feature, and you can choose to clear all your history settings when you log off. To install this utility, navigate to the \NTResKit\PowerToys directory. Right-click the tweakui.inf file, then select Install from the pop-up menu.

Command Prompt Here (cmdhere.exe) To install this utility, you need to navigate to the \NTResKit\PowerToys directory. Right-click the cmdhere.inf file, then select Install from the pop-up menu that appears. Following installation, the Command Prompt Here option appears in a pop-up menu that displays when you right-click objects in Windows Explorer. To open a command prompt window in the current directory, simply select the option.

Inuse.exe provides administrators with the "on-the-fly" capability to

replace files currently in use by the operating system. Although you

can generally accomplish this by running an application's setup program

or a service pack's upgrade program, the setup and upgrade processes

typically replace multiple files. For troubleshooting purposes,

however, you may need to replace an individual file instead of an

entire set of files. The Inuse program provides this level of

administrative flexibility.

You run Inuse.exe from the command line and include the location of the

new file as well as the location of the file you wish to replace. For

example, to replace the Prodmod.dll file stored in C:\Program

Files\Prodsys with the Prodmod.dll stored on a network server named

Updates, you'd enter the following:

c:\tools\inuse.exe \\updates\prodmod.dll c:\program files\prodsys\

prodmod.dll

Inuse will display the existing filename and version, as well as the

replacement filename and version. You'll be prompted to continue and

then be given verification that the replacement occurred. If you wish

to avoid a confirmation, simply add the /y switch to the end of the

command.

Running 16 Bit Programs in Separate Memory Space

In a perfect world, we'd all be running the most up-to-date software,

never dealing with the 16-bit apps of days gone by. But since it's not

a perfect world, we still have to deal with backward compatibility.

Fortunately, NT will run 16-bit, 32-bit, and many DOS applications.

However, by default, all 16-bit applications share the same memory

space, so if one 16-bit program fails, they all fail. To get around

this problem, it's possible to launch 16-bit applications in separate

memory spaces. That way, if one application stops responding, it can be

shut down without affecting the others. Here are a couple of ways to do

it:

1. To start a Windows 16-bit application in a separate memory space for

a single instance, at the command prompt simply type: start /separate

[path] application_executable (e.g., start /separate

c:\programs\app.exe.)

2. You can also launch the program in a separate memory space at the

Run command by entering the name of the application and enabling the

Run In Separate Memory Space check box. If that check box is grayed

out, it's not a 16-bit app.

SETTING THE LOGON SCRIPT NAME FOR ALL USERS IN A GROUP

If you decide to implement logon scripts in your network, you need to

assign the script to your users. Obviously, you don't want to do this

by selecting users one at a time. In User Manager for Domains, it's

possible to select multiple users by holding down [Ctrl] as you select

users or holding the [Shift] key as you select a range of users.

Here's how you can select all users who are a member of a group:

1. Open the User menu and select Users.

2. Click the group you desire and click Select.

3. You can click an additional group and press Select, then click

Close.

4. Open the User menu and click Properties.

5. Make any changes you desire. For this example, click on Profile,

enter the filename of the logon script, and click OK. Also, as long as

the users are still selected, you can make any other desired changes as

well.

Don't forget, too, that the logon script must be stored in

systemroot\system32\repl\import\scripts

TUNE-UP TIME

When tuning the Server Service in Control Panel | Network | Services |

Server | Properties, you can choose among the following:

* Minimize Memory Used

* Balance

* Maximize Throughput For File Sharing

* Maximize Throughput For Network Applications

If you don't use the Server Service for file and print sharing, or if

it's used only by a few clients, set it to Minimize Memory Used or

Balance. If you don't have enough memory allocated, you may get error

messages such as "Not enough server memory/storage to process this

request," or, "Server refused connection."

If you have Maximize Throughput For Network Applications enabled, the

following applications will benefit:

* RAS Server

* Services for Macintosh

* DHCP Server

* WINS Server

* Internet Information Server

* DNS Server

* Microsoft File and Print Services for NetWare

* Microsoft Directory Service Manager for NetWare

* Microsoft Site Server

* Other application servers, like SAP R/3 server and Oracle SQL server

(uses Sockets) or Lotus Notes server (uses NETBIOS)

However, be aware that with Maximize Throughput For Network

Applications enabled, performance will suffer for each of the

following:

* Windows NT File and Print Services for Microsoft Network Clients

* Windows NT Primary Domain Controllers

* Windows NT Backup Domain Controllers in Resource Domains

FREE TOOLS!

The Zero Administration Kit contains some useful free tools:

* Floplock--This tool prevents use of the floppy disk drive (even after

rebooting) with a Discretionary Access Control List (DACL). If this

service is configured to start automatically, only administrators and

power users can access the floppy disk drive on a Windows NT

workstation, and only administrators can access the floppy disk drive

on an NT server.

* Con2Prt--This tool provides scriptable functionality to the Add

Printer Wizard, so printers can be added or removed from the command

line using a script.

* FixPrf--Windows Messaging doesn't automatically use the currently

logged on user name when it's started. The FixPrf tool forces the

Windows Messaging client to load with the user name of the user logging

in.

Additional information about the Zero Administration Kit is available

here:

http://www.microsoft.com/windows/zak/default.htm

Use DiskKeeper Lite-- A free tool for Defragmenting your NT drives. Read an excellent Article about it here or download the free tool here.

PROACTIVE USE OF PERFORMANCE MONITOR

To really understand what's going on in an NT network, you need to have

a baseline measurement of system functioning. The Performance Monitor

is the best tool for this job, starting with creating a log. It's easy

enough to do if you follow these steps:

1. Open Performance Monitor from Administrative Tools (Common).

2. From the View menu, select Log.

3. Click Edit | Add To Log.

4. In the Add To Log dialog box, you'll see a Computer field and an

Objects list. In the Computer field, specify the name of the computer

that you want to log. In Objects, add the counters that you want to

log.

5. Highlight the objects that you'll monitor and click Add, then click

Done.

6. Now go to Options and select Log.

7. Specify a filename in the File Name field.

8. At the bottom of the Log Options dialog box you'll see an Update

Time section. Keep in mind that the smaller the interval, the larger

the log. Specify the desired interval (60 seconds is usually a pretty

good indicator).

9. Click Start Log.

10. To stop monitoring and examine your log file, go back to Options |

Log and click Stop Log.

11. Next, click Options | Data From to bring up the Data From dialog

box. Enable the Log File radio button. At the bottom of the Data From

dialog you'll see the perfmon.log field. Click the button to the right

of that field and browse to your log file. (Note: Choosing File | Open

will not open log files.) Click Open and then click OK.

12. When the log file is open, use the Add Counter button to add the

objects and counters that you monitored. Do this for each view needed

(chart, alert, log, or/and report); otherwise, the log file's data

won't be available.

Download Microsoft's NT powertoy for the sendto option. This tool also works under Windows 2000.

Available at: http://www.microsoft.com/ntworkstation/downloads/PowerToys/Networking/NTSendToX.asp

JOINING A DOMAIN- from a command line

Need a way to join the domain from the command line? Just use NETDOM,

from the Windows NT 4.0 Resource Kit Supplement 2.

This utility can be used to add NT workstations or stand-alone servers

to your domain. It will also create the computer account--if one

doesn't already exist--if you use the command with administrator

credentials. The syntax, run on one line, is as follows:

NETDOM /Domain:Domain1 /user:administrator /password:adminpassword

MEMBER computer1 /JOINDOMAIN

where "administrator" is the account name and "adminpassword" is the

password for the account. So what does this command accomplish? It adds

Computer1 to Domain1 by specifying the administrator credentials with

the administrator account.

If you simply want to create a computer account but won't add the

workstation to the domain until later, use the following syntax:

NETDOM /Domain:Domain1 /user:administrator /password:adminpassword

MEMBER computer1 /ADD

COMMON BLUE SCREEN ERROR MESSAGES

Nothing ruins a day quicker than the Blue Screen of Death. It's true

too that unless you're an original NT developer, most of the blue

screen information isn't exactly easy to decipher. There are a few

common Stop messages, however, that can help you narrow the possible

reasons for a BSOD. Here are some Stop messages that typically appear

in the first few lines of the blue screen:

1. STOP: 0x0000000a

2. STOP: 0x0000001e

3. STOP: 0x00000050

These three error messages are usually caused by one or more of the

following conditions or circumstances:

* There's a hardware failure involving the memory, processor, or

motherboard (particularly Stop messages 1 and 2).

* There's a problem related to anti-virus software (typically Stop

messages 2 and 3).

* There are problems associated with services installed by third-party

software (Stop message 3).

Armed with this information, you at least have a starting point for

your troubleshooting efforts.

Troubleshoot Install Problems

USING NTDETECT.COM TO TROUBLESHOOT INSTALL PROBLEMS
If Setup hangs at the "Setup is inspecting your computer's hardware
configuration" screen, use Ntdetect.com to find out which hardware
component might be the problem. To do so, follow these steps:

1. Make a Windows NT Setup disk, copy Ntdetect.chk from the Windows NT
4.0 CD-ROM to the diskette, and rename the extension to .com.

2. Use the MS-DOS DISKCOPY command to copy the contents of the Windows
NT Setup disk to a formatted, blank floppy disk.

3. Replace the Ntdetect.com file on the copy of the Windows NT Setup
disk you created with the Ntdetect.chk file located on the Windows NT
4.0 CD-ROM (Support\Debug\I386\Ntdetect.chk).

4. Rename Ntdetect.chk to Ntdetect.com.

5. Insert the copy of the Windows NT Setup disk you created into the
floppy disk drive and restart the computer.

6. The debug version of Ntdetect.com will display hardware information
on the screen as it is detected. To move to the next screen, press any
key. Continue until Setup hangs.

The contents of the screen at the point of lockup should give you an
indication of which hardware component is causing the problem.

SETTING UP A VPN CONNECTION

You can establish secure, multiple-protocol VPN connections over the
Internet using PPTP. By dialing into your ISP's point of presence, you
can access corporate networks and programs without dialing directly
into your company's network.

To use PPTP to connect to a server across the Internet, you must
install the PPTP protocol. Go to Control Panel | Network, click the
Protocols tab, highlight Point To Point Tunneling Protocol, and click
Add.

After the protocol is loaded, Remote Access Service Setup will be
launched. You must add at least one VPN port in RAS Setup. You may need
to configure the newly created VPN adapter for the Dial Out And Receive
Calls option. The default setting is Receive Calls Only.

Specify the protocols to run for the VPN port. If you have Service Pack
3 or later installed, reapply the service pack and restart the
computer.

To make a PPTP connection to a target server over the Internet, go to
Dial-Up Networking and make a new phone book entry for the server. For
the phone number, specify the IP address or host name of the server.
Make sure to specify the VPN port you want to use. Dial your ISP and
make your connection to the Internet.

Once you're connected to your ISP, dial the target server to establish
the PPTP connection and, voila!--you're in.

To merge two domains or just move some accounts,

the following procedure should help. You'll need the Addusers.exe

utility from the Resource Kit.

1. Log on as Administrator to the machine that has the accounts you

wish to move.

2. Run the following command: addusers /d <filename>

This will create a comma-separated file containing details of all

accounts and groups.

3. You don't need the information about global or local groups, so edit

the file to remove the [Global] and [Local] sections and their

contents.

4. Copy the file to the machine on which you want to create the

accounts.

5. Log on as an Administrator to the machine to which the accounts

should be added (for a domain, log on to the PDC).

6. Run the following command: addusers /c <filename>

This will read in the file and create the accounts.

HARDWARE HEADQUARTERS

To generate a detailed hardware configuration report that includes

whether or not your hardware is on the HCL, use the handy utility

called NTHQ.

First, you must create an NTHQ diskette that you can use to reboot the

machine. Put a floppy that you can overwrite in your floppy drive. On

the NT CD-ROM, go into the Support\Hqtool directory and execute the

Makedisk batch file. This batch file will automatically create a

bootable floppy that includes the hardware inventory software.

Next, shut down NT and restart with that floppy in the drive. (You

should first verify that your BIOS is set to boot from your floppy

drive rather than your hard disk.) The NTHQ program will automatically

start and create a RAM disk on which to store its compressed programs.

It will prompt you twice--once to continue with the program and once to

choose whether or not you want comprehensive discovery.

When the program is finished finding your devices, you can browse

around the different device categories within the GUI. Click the Save

button to save the report. You'll be prompted for a destination drive.

Select the floppy disk, and NTHQ will save the report to Nthq.txt.

ADDING CONTROL PANEL TO THE START MENU
You can increase the functionality of your Start menu by adding Control
Panel to it. Here's how:

1. Right-click Start and choose Open.

2. Right-click anywhere in the resulting Start Menu window and select
New | Folder. When the new folder appears, give it the following name
(you must type the name exactly as shown here--we suggest that you copy
and paste this text):
Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}

3. Close the Start Menu window and click the Start button.

Control Panel will now appear on the Start menu. When you move your
mouse over the new Control Panel folder, you'll see a cascading menu of
your system's Control Panel apps.

HAVING PERSISTENT PRINTER PROBLEMS?

You've probably had to troubleshoot a problem printer more than once.

Typically you're told by the printer's manufacturer to uninstall and

reinstall the printer driver. You've probably found, however, that this

doesn't always fix the problem. Sometimes you have no choice but to

remove a printer, but doing so isn't always as simple as it sounds.

When you use the Remove or Delete Printer options in Print Manager, the

printer connection in NT disappears immediately; however, the spooler

simply marks the printer for deletion--NT doesn't actually delete the

printer until you reboot the system (i.e., when the spooler service

stops and restarts).

You can try to stop and restart the spooler service via the Services

applet in Control Panel and then reinstall the printer, but if this

approach doesn't work, you'll have to edit the associated registry key

prior to the reinstall. After you make the registry change, stop and

restart the spooler service.

Run Regedt32. If you installed the printer locally (My Computer), go to

the following registry keys and delete the respective <Printer Name>

entries:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Environments\

Windows NT x86\ Drivers\Version-2\<Printer Name>

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Printers\

<Printer Name>

If you installed the printer as a network printer (network printer

server or \\<server name>), go to the following registry keys and

delete the respective <Server Name> and <Printer Name> entries:

HKEY_CURRENT_USER\Printers\Connections\<Server Name>

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Providers\

LanMan Print Services\Servers\<Server Name>\Printers\<Printer Name>

At this point, you'll be able to reinstall the printer driver

correctly.

NOTE: We'll remind you as always that registry editing can be risky, so

be sure you have a verified backup before you begin.