Network Wrangler – Tech Blog

20 Windows Tools SysAdmins Should Know, #11-20

…Cont’d from 20 Windows Tools Every SysAdmin Should Know, #1-10

11. RegEdit – configure all the things!

Anyone that’s been in IT for long surely must have peaked at their registry.  This is where most of the configuration data for most apps and most of the operating system still lives, even in 2013.

RegEdit Registry Editor

One handy feature is you can export and import branches of the registry.  BUT, do NOT do this if you’re not absolutely sure what you’re doing.  This can REALLY screw up your machine.  Also note, I’ve not seen it documented, but you can export files that are bigger than what the importer will read in (IIRC, the importer will only read the first 64KB or so of a registry file).

12. Server Monitoring

If you have more than one or two servers to keep track of, automate the monitoring of those servers so you don’t have to sit and babysit them.  There are many good products on the market, all of which will monitor for low disk space, high CPU usage, event log errors, crashed services and more.  We’re partial to PA Server Monitor, but GFI and SolarWinds also make nice products.

Server Monitoring Software

If you like low-level control with scripts and config files to spelunk through, Nagios is a very popular (and free) open source product that is very well respected. Open Source Server Monitor List tries to collect all of the big names in open source monitoring.

13. Password Management

If you’re in IT, it’s very likely you have the keys to the kingdom, so to speak.  Please, oh please, don’t store your passwords in a text file or Excel spreadsheet.  And do make them long, with non-alphanumeric characters thrown in.  This will help keep your systems safe.  But then you have passwords that you can’t remember.  So you need a password manager.  KeePass and LastPass are two excellent open source solutions you should consider.

14. Ping and tracert – simple connectivity test

Ping is a quick test to check and see if:

  • A connection to the target is IP address is possible
  • How fast the connection is (in milliseconds)
  • How stable the connection is (i.e. were packets dropped)

Simply run:  ping.exe google.com

Windows Ping.exe

A bit more interesting is tracert (trace route).  This uses a bunch of ping packets to detect each computer between you and the target server, and lists how long each hop is.  This can help diagnose where a network link is down, or maybe a routing problem.

Here you can see the route packets take from an example PC to google.com:

Windows Tracert (Trace Route)

There are some neat visual trace route tools on the Internet that display the different network hops on a map.  A quick Google search will show you a list of them.

Be sure to run -? after both of the commands above to see the various command line options that are also useful.

15. net.exe and sc.exe

Need to stop a service but don’t want to launch services.msc, wait for the service list to load, find the service, and press the stop button?  Net.exe to the rescue!

Services have a short “service name” and a more descriptive “display name”.  Either can be used with the net.exe command.  If using the display name (which usually contains spaces), enclose it in quotes.  In the example below I’ve stopped and started the Windows Update service.

Net.exe and SC.exe

Another handy command is the sc.exe (Service Control) command – it lets you install, remove, and query services.  Just run “sc.exe query” to get a quick list of all the services on the computer and the current status.

16. Notepad++ – for viewing large log files

Opening a 100MB log file in Notepad is a pain.  WordPad is slightly quicker, but it can’t open files that are currently being written to (as many log files are).  Notepad++ handles large files with ease.  One great feature is the “Find All in Current Document”.  In this contrived example, we’re looking for all requests in an IIS log file that came from 192.168.7.37.  Piece of cake – they’re all shown together.  You can also mark matching lines, etc.  And did I mention it can open huge files without breaking a sweat?  Huge fan here!

Notepad++

17. Remote Desktop

Remote Desktop apps are life savers when you need to look at a server and don’t want to walk into the server room.  Windows Remote Desktop app (aka RDP) is great.  There are RDP clients for Linux, OSX and even the iPhone (and probably more than that).  You might have known that you can copy/paste text, URLs, etc. from the remote desktop to your workstation and vice versa.  But did you know you can also copy/paste files as a simple form of remote file copy?  Very useful.

18. Speedfan – server temperature display

There aren’t many good ways to see a server’s internal hardware temperatures, even though most motherboards have built-in temperature probes.  SpeedFan is a great utility that can read those probes and display them in a simple user interface.  If you want to access those temperatures from across the network, use Power Admin’s free SpeedFan HTTP Agent app.

Speedfan Server Temperature Display

Please note: There are a few reports of server blue screens with SpeedFan, particularly on Dell hardware, so try it out on a staging server before putting it on the production server.

Which leads us to…

19. Blue screen crash analysis

If you’ve got a server crashing, there is a cool service by OSR where you can upload the crash dump file and their system will do a quick automated review of the crash dump and give you a starting point for the cause of the crash (hopefully even showing the offending driver that was involved).

How do you use their service?  Configure Windows to create a crash dump of course!

Go to Start and right-click on My Computer and choose Properties. From there, choose the “Advanced System Settings” link.  This will lead you to the System Properties dialog below:

System Properties - Blue Screen Crash Analysis

The Settings button will show this dialog

System Properties Settings

Choose the memory dump type (which controls how much data is dumped). Depending how much RAM you have, a Kernel memory dump may be too large for the free OSR service. So you may need to choose the Small Memory dump option.

You can also see where the dump file will be written, which in this case is C:\Windows\MEMORY.DMP.  Often this will already be configured and the MEMORY.DMP file is out there waiting for you. NOTE: When choosing a Kernel memory dump, you specify the file to save to.  When choosing a Small Memory dump, you specify the folder where the dump will be stored.

This .DMP file is what you zip and upload to the OSR page for analysis:

http://www.osronline.com/page.cfm?name=analyze

Memory.dmp File Analysis

20. That’s all!

Your suggestion here!
OK, we cheated, there are only 19! 🙂 What do you recommend for #20?

Leave your comments below!

Tweet this

Share on Google+

Posted

in

, , ,

by

Doug N

Tags: