Boswell's Q&A

Admin's Bag of Tricks

What admin tools do you find indispensable for doing your job?

Readers: I'd like to reverse the Q&A direction this week and ask you—the readers—a question. All of you work very hard at managing Windows servers and Windows-based applications. Each of you has a unique stockpile of knowledge and experience. I'd like you to take a minute or two to share some of what you know.

We're putting together a list of tools and utilities that every Windows admin should have available to do daily operations and troubleshooting. This list goes beyond the usual suspects, Replmon and Xcacls and so forth. We're looking for out-of-the-way tools that you've come to rely on to make your job simpler.

The tools can be open source, shareware, Microsoft downloads, or reasonably priced commercial utilities. Ideally, the tool would not require deploying agents to your servers or doing Schema modifications or performing activities that would incite lively debate at Monday morning's Change Control meeting. Simple and practical, that's what we're looking for.

If you have a recommendation for the list, jot it down in an e-mail and send it to me at [email protected] along with a short blurb about why you find the tool to be nifty and/or cool. Feel free to share a war story about how the tool helped you find or recover from a problem. Or better yet, how it kept you out of trouble in the first place.

We'll include the best submittals in a future column and post all of the submittals on the web site. If your submittal gets included in the column, you'll win a coveted ball cap, which not only looks great, it can be used as legal tender to settle all computer-related wagers, both public and private.

To prime the pump, here's a few of the tools and utilities I use every single day:

Get Help from Bill

Got a Windows or Exchange question or need troubleshooting help? Or maybe you want a better explanation than provided in the manuals? Describe your dilemma in an e-mail to Bill at mailto:[email protected]; the best questions get answered in this column.

When you send your questions, please include your full first and last name, location, certifications (if any) with your message. (If you prefer to remain anonymous, specify this in your message but submit the requested information for verification purposes.)

For editing everything from INF files to scripts to full chapters in a book, I use a graphics-based version of the VI Improved (VIM) editor called gvim. Not only does gvim include font coloring for a bazillion different file types, it can be customized in a thousand ways to fit your personal work style. And it's available on Windows and Linux, making it the ideal portable editor. Download a copy from

When I change a user's password, I want that change to take effect for that user immediately without relying on the PDC Emulator to intervene. To accomplish this, I use a Resource Kit utility called Acctinfo.dll. This is an Active Directory Users and Computers addon that displays a new property page for User accounts. Not only does this page show lots of useful, behind-the-scenes information about the account, it allows me to target a password change directly at a domain controller in the user's site.

I spend lots of time (too much time, probably) trying to figure out exactly what applications are doing on a system, especially when I need to determine why an app won't run on a terminal server. For this kind of work, I use two utilities from the legendary Mark Russinovich and Bryce Cogswell: Regmon and Filemon. These tools show every single touch to a disk, a named pipe, the Registry, and so forth. It also tells you exactly what was read or changed. These and other nifty tools are available at

Finally, for diagnostic and security work, there's nothing like a packet sniffer. Netmon is, well, it's okay, but it won't win any awards. I don't like the idea of spending thousands on a Fluke or some other high-end traffic analyzer, although they're certainly worth the money. Instead, I use an open source packet analyzer called Ethereal Combined with a promiscuous-mode packet driver called Winpcap, you can use Ethereal to analyze hundreds of different network protocols. Before long, you'll amaze your friends and dismay your enemies with your detailed knowledge of network transactions. You'll also see why NetBIOS name resolution is a tool of Sauron.

Until next week!

About the Author

Contributing Editor Bill Boswell, MCSE, is the principal of Bill Boswell Consulting, Inc. He's the author of Inside Windows Server 2003 and Learning Exchange Server 2003 both from Addison Wesley. Bill is also Redmond magazine's "Windows Insider" columnist and a speaker at MCP Magazine's TechMentor Conferences.

comments powered by Disqus
Most   Popular