480 likes | 1k Views
Guide to Microsoft Windows Server 2003 Command Line Administration . Chapter 4 System Administration. Objectives. Perform power management tasks View and modify the registry Perform page file configuration tasks View and modify services Manage tasks and processes
E N D
Guide toMicrosoft Windows Server 2003Command Line Administration Chapter 4 System Administration
Objectives • Perform power management tasks • View and modify the registry • Perform page file configuration tasks • View and modify services • Manage tasks and processes • Create and perform data backups • Monitor and optimize a system Guide to Microsoft Windows Server 2003 Command Line Administration
Viewing What Is Installed on a System • To be a thorough systems expert, it is important to be aware of all server components and their functions - there are commands to display this data • SYSTEMINFO displays system information such as: OS name and version; OS configuration; OS build type; processor; BIOS version; total / available physical memory; page file max size / available / in use; page file location; domain / logon server; hotfixes • The SYSTEMINFO command can be a source of baseline and general system information for reference use • This system information is essential in the event of a system rebuild (something goes wrong with the server and the backup methods do not work properly) Guide to Microsoft Windows Server 2003 Command Line Administration
Result of Running SYSTEMINFO Guide to Microsoft Windows Server 2003 Command Line Administration
Using SYSTEMINFO to View System Information Guide to Microsoft Windows Server 2003 Command Line Administration
Viewing What Is Installed on a System (Cont.) • DRIVERQUERY provides a full list of drivers on the system and shows details about them • A driver is a piece of software that is used to bridge the gap between the operating system and a piece of hardware, and allows the OS to communicate with the device using standardized protocols • DRIVERQUERY displays a table containing all of the loaded drivers on a system, including details such as: driver filename; driver description; type of memory that hosts the driver; driver installation date and time • Many drivers are associated with hardware devices and sometimes more than one driver is needed for a device Guide to Microsoft Windows Server 2003 Command Line Administration
DRIVERQUERY Output Guide to Microsoft Windows Server 2003 Command Line Administration
Power Management • Power consumption and management are receiving scrutiny throughout the computer industry • From a hardware perspective, power management has two standards: • Advanced Power Management (APM) allows the BIOS to shut off or suspend power to certain high-use components when a pre-configured state has been achieved • Advanced Computer and Power Interface (ACPI) is a newer standard that allows the OS to fully control the power status of various components on the system • Most current servers are ACPI compliant, which allows for flexible power management schemes Guide to Microsoft Windows Server 2003 Command Line Administration
Power Management (Cont.) • Windows Server 2003 is divided into power schemes based on different power needs: • Home/Office Desk - turns off the monitor after 20 minutes of non-use • Portable/Laptop - turns off the monitor after 15 minutes of non-use, and the hard disk off after 30 minutes of non-use • Presentation - Never turns anything off • Always On - turns off the monitor after 20 minutes of non-use • Minimal Power Management - turns off the monitor after 15 minutes of non-use • Max Battery - turns off the monitor after 15 minutes ofnon-use Guide to Microsoft Windows Server 2003 Command Line Administration
Power Management (Cont.) • The POWERCFG command enables system power configuration from the command line • POWERCFG /LIST displays the current power schemes • POWERCFG’s HIBERNATE option results in a suspended state of operation in which the active configuration is stored on the hard disk, and the system is powered off • POWERCFG can distinguish between AC and DC current • POWERCFG can tell when the system is running on UPS battery power or on the normal power grid • Forcing the CPU to slow itself down is called CPU throttling and is done in order to save electricity Guide to Microsoft Windows Server 2003 Command Line Administration
POWERCFG Options and Arguments Guide to Microsoft Windows Server 2003 Command Line Administration
Registry • Other than the hardware, the registry is the single most vital component of the server • The registry is a database that contains every setting, pointer, configuration, profile, and policy on the system • The amount and importance of data in the registry makes it the most important AND the most dangerous OS object • It is sometimes necessary for system experts to look at or modify parts of the registry to gather data or fix problems • The registry is divided into five different sections, called hives, which are stored in two main files and a few smaller files; a hive entry that contains subentries is called a key • The hives are HKLM, HKCR, HKU, HKCC, and HKCU Guide to Microsoft Windows Server 2003 Command Line Administration
Registry (Cont.) • REGEDIT is a GUI program used to view and modify the registry • REGEDIT typed from the Run line opens the registry editor • Each registry key contains registry values and/or subkeys • A registry value contains specific information; subkeys are keys that exist as part of other keys • Entries can have one of five different data types: REG_SZ; REG_BINARY; REG_DWORD; REG_MULTI_SZ; REG_EXPAND_SZ • System experts are rarely called upon to create a new value, but it could become necessary Guide to Microsoft Windows Server 2003 Command Line Administration
Basic Registry Structure Guide to Microsoft Windows Server 2003 Command Line Administration
Automatic Program Launch Within The Registry • Much of the registry work an administrator will do involves applications that automatically start at log in • Administrators should become familiar with all of the registry’s system-essential programs that autostart • Autostart programs are located in HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Run; HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ RunOnce; HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ RunOnceEx • Vital programs such as anti-virus applications are often stored in the registry Guide to Microsoft Windows Server 2003 Command Line Administration
Creating a New Registry Entry Using REGEDIT Guide to Microsoft Windows Server 2003 Command Line Administration
Looking at the Registry • Consider REGEDIT to be the primary method of viewing the registry and its entries • However, there are registry commands that allow for quick modification and information gathering in situations in which the user knows exactly what they are looking for • These commands do not allow a view of the entire registry at the command prompt, but it is possible to view the contents of an entire hive • REG QUERY <KEYORHIVENAME> displays the entries and first-level subkeys for the specified key or hive • There are abbreviations used for specifying the hive name so there is no need to type the entire name when querying Guide to Microsoft Windows Server 2003 Command Line Administration
Hive Name Abbreviations Guide to Microsoft Windows Server 2003 Command Line Administration
Using REG QUERY to Determine the Contents of HKCC Guide to Microsoft Windows Server 2003 Command Line Administration
Manipulating the Registry • Registry changes are best done using REGEDIT • Programmers and application installation routines often make registry changes through routine scripts, or through .reg files, which are text files containing a registry entry • .reg files behave like batch files in that they can be run from the command line - but they contain no commands • .reg files are created by an administrator specifically for the registry and contain only registry keys and entries • It is important to back up keys and hives before editing, and it is important to backup the registry often • REG COPY, REG EXPORT, REG IMPORT, REG SAVE, REG RESTORE commands provide registry editing Guide to Microsoft Windows Server 2003 Command Line Administration
Page File Optimization • Page files are annex or overflow areas for RAM • A page file (also called a swap file) is required by Windows Server 2003 and should be optimized for best performance • Every system contains at least one page file • Because the page file acts as a copy of RAM, the system refers to the data within the page file as RAM, with no considerations for hard disk speed and data transfer rate • To optimize the performance of the page file and the system, first take a look at the current configuration of the page file using the PAGEFILECONFIG / QUERY command • For documentation purposes, PAGEFILECONFIG has a formatted output option (table, list, or comma delimited) Guide to Microsoft Windows Server 2003 Command Line Administration
Current Page File Configuration Guide to Microsoft Windows Server 2003 Command Line Administration
Changing the Page File Configuration • Changing the page file configuration • Windows Server 2003 automatically determines the optimal size for the page file; it begins at a particular initial size, and it automatically grows as the need arises • If manually adjusting the size of the page file, set the initial size somewhere between 1.5 and 3 times the RAM • PAGEFILECONFIG /CHANGE changes the existing page file according to the sizes specified • Moving page files • If the current system has two disks, it is best to store the page file on the disk that does not contain the system files • PAGEFILECONFIG CREATE and PAGEFILECONFIG DELETE allow users to create and delete page files Guide to Microsoft Windows Server 2003 Command Line Administration
Changing the Size of the Page File Guide to Microsoft Windows Server 2003 Command Line Administration
Services • Services are among the few programs that can automatically start when the system boots • Services stay in the background, monitor for certain events, and once those events occur, they perform specific tasks • Services are unique in that they start as soon as the server is running, and not when a user logs on • Learn about services by using the Windows service utility: Start menu, All Programs, Administrative Tools, Services • Service names come in two parts: the display name and the keyname, which is the actual name of the service • SC QUERY displays a list of all services; the <KEYNAME> option displays the entries associated with that keyname Guide to Microsoft Windows Server 2003 Command Line Administration
Workstation Service and Its Dependencies Guide to Microsoft Windows Server 2003 Command Line Administration
Starting and Stopping a Service • When troubleshooting a performance problem, it may be necessary to alter the way a service runs • SC START <KEYNAME>; SC STOP <KEYNAME>; SC PAUSE <KEYNAME>; SC CONTINUE <KEYNAME> all allow for service adjustments • SC CONFIGURATION <SERVICENAME> START=BOOT | SYSTEM | AUTO | DEMAND | DISABLED configures the specified service to start on boot, when the system kernel is loaded, automatically with logon, manually, or not at all Guide to Microsoft Windows Server 2003 Command Line Administration
Converting a Program into a Service • SC CREATE <KEYNAME> BINPATH=<EXEFILE> TYPE=SHARE START=AUTO instructs the system to start the program (EXEFILE) as a service without requiring an active logon Guide to Microsoft Windows Server 2003 Command Line Administration
Using SC CREATE to Create a Service Guide to Microsoft Windows Server 2003 Command Line Administration
The TASKLIST Command • Task Manager is a GUI tool that is used to display and control active processes and tasks • Task manager is normally accessed by pressing Ctrl+Alt+Del and navigating to the Task Manager button • Five tabs reside in the Task Manager window: Applications; Processes; Performance; Networking; Users • The TASKLIST command is used to display all of the current tasks (or processes) on the system • TASKLIST displays system processes, programs, subprograms, and services that are currently on the server • TASKLIST is the command prompt equivalent of Task Manager, but it only deals with processes Guide to Microsoft Windows Server 2003 Command Line Administration
Using TASKLIST to Display All Running Tasks Guide to Microsoft Windows Server 2003 Command Line Administration
Stopping a Task Manager Process • From the command prompt, it may be necessary to stop a process so as to restore order to the system • Stopping a process or application with Task Manager can forestall a complete system hang-up, but the same can be done from the command prompt with greater reliability • Task Manager is a process in and of itself, and if the system is on its way to failure, the command prompt may be the most effective way to shut off an offending process • The TASKKILL command allows for stopping a process or application from the command prompt • TASKKILL /IM <PROCESSNAME> stops PROCESSNAME Guide to Microsoft Windows Server 2003 Command Line Administration
Using TASKKILL Guide to Microsoft Windows Server 2003 Command Line Administration
Data Backup • The NTBACKUP utility is used to perform system backups in both GUI and command environments • When run from the command prompt or Run line, NTBACKUP launches the GUI tool; running it with certain command options runs the program from the command line • An issue when backing up OS data is that XCOPY cannot be used for files that are in use at the time of the copy; this fact typically leads to the use of backup programs instead • NTBACKUP can backup an object called the system state - a group of files that comprise the system • NYTBACKUP also includes automation features where it can backup specific files that are selected immediately,or it can backup those files as a backup job Guide to Microsoft Windows Server 2003 Command Line Administration
Data Backup (Cont.) • NTBACKUP can also take advantage of a file’s archive bit to allow more flexibility in how data is backed up • There are five different ways to back up files based on the archive bit: normal; copy; incremental; differential; daily • Server administrators traditionally back up data to external tape drives as part of their disaster recovery program Guide to Microsoft Windows Server 2003 Command Line Administration
Tape Backup Limitations • Tape backup has some limitations: the tapes can wear out; they are expensive; tape backup activity takes a long time • An advanced technology type of backup is called remote storage, where tape backup is centralized by allowing servers to first back up their data to a centralized network location before backing up to tape Guide to Microsoft Windows Server 2003 Command Line Administration
Backup Frequency and Timing • Tape backups are not performed every night because of the fact that they take time and the longer they take, the more likely the backup will encounter an open user file • Because of the inaccuracy of open file backups, reduce the possibility of a backup continuing through the night into normal working hours; full tape backups take a long time • In addition, full tape backups typically consume more than one tape and require a person to change tapes • Due to all of the associated issues and costs involved, full tape backups are usually scheduled to run on a weekly or monthly basis Guide to Microsoft Windows Server 2003 Command Line Administration
Working with NTBACKUP • The best way to handle data backups using NTBACKUP is to first use the GUI version to select files, create jobs, designate tape or media pools, and then automate the backup by creating a schedule within NTBACKUP • One reason why placing the NTBACKUP command in a batch file is a good idea is that NTBACKUP cannot back up nonsystem files that are in use; a way around this is to use the SC command to stop the running program, run NTBACKUP, and then use SC to restart the program • Running SC in this way is a perfect reason to use a batch file, which can then be automated using AT or the Scheduled Tasks Windows tool Guide to Microsoft Windows Server 2003 Command Line Administration
NTBACKUP Command Generated by the NTBACKUP GUI Program Guide to Microsoft Windows Server 2003 Command Line Administration
Using NTBACKUP GUI to Back Up the System State to the C Drive Guide to Microsoft Windows Server 2003 Command Line Administration
Monitoring and Optimization • Monitoring and optimization are important parts of system administration • Monitoring is a process in which a system is regularly checked for problems in normal operations • Optimization is the process of fine-tuning a system’s performance to its optimal capacity • When a system begins to slow down or behave erratically, programs such as Event Viewer and Performance Monitor are used to determine exactly where the problem is Guide to Microsoft Windows Server 2003 Command Line Administration
Event Viewer • Event Viewer is a utility that tracks application and system messages, alerts, and errors • The Performance Tool is used to monitor ongoing activities in specific areas of hardware and software performance Guide to Microsoft Windows Server 2003 Command Line Administration
Event Viewer (Cont.) • There are ways to add events to the GUI-based Event Viewer from the command line • The EVENTCREATE command will allow the creation of an event message that appears as the result of an action that occurs in a batch routine • EVENTCREATE /L APPLICATION /SO <ADMINISTRATOR or APPLICATION NAME> /T ERROR | WARNING | INFORMATION | /ID <EVENT ID> /D <DESCRIPTION> creates an event in Event Viewer’s application log with ADMINISTRATOR or APPLICATION NAME as the title, an event type of ERROR, WARNING, or INFORMATION, the specified EVENT ID, and the DESCRIPTION Guide to Microsoft Windows Server 2003 Command Line Administration
Event Created using EVENTCREATE Guide to Microsoft Windows Server 2003 Command Line Administration
Additional Commands • Other administrative commands and tools • The boot.ini file is an important system file that the system uses to determine which hard disks, partitions, and operating systems will be booted • The BOOTCFG command is used to view and modify the boot.ini file; it can be used on remote systems as well;BOOTCFG /QUERY displays the boot and OS sections of the boot.ini file • The INUSE command is used to replace a bad or corrupt file with a good file without disrupting service or functionality; INUSE <REPLACEMENTFILE> <CORRUPTFILE> replaces the CORRUPTFILE with the REPLACEMENTFILE Guide to Microsoft Windows Server 2003 Command Line Administration
Chapter Summary • There are several ways to administer systems from the command window • Use commands to determine and document the physical contents of the server and the software that is installed on it • GUI counterparts of the commands do not allow you to document and list a full inventory of the server’s contents Guide to Microsoft Windows Server 2003 Command Line Administration
Chapter Summary (Cont.) • Modified configuration commands allow for automation of the functions, and also are valuable in emergency situations when the GUI interface for Windows Server 2003 is unavailable: you can boot to a command prompt during boot • When the main interface locks up, you can open a command window from the Task Manager Guide to Microsoft Windows Server 2003 Command Line Administration
Command Summary Guide to Microsoft Windows Server 2003 Command Line Administration