Windows Vista : Performing Local PC Administration (part 2) - Performing common workstation administration tasks

- How To Install Windows Server 2012 On VirtualBox
- How To Bypass Torrent Connection Blocking By Your ISP
- How To Install Actual Facebook App On Kindle Fire
10/25/2011 11:49:39 AM

2. Performing common workstation administration tasks

When you administer workstations, you quickly notice that systems administration focuses on three key tasks:
  • Day-to-day administration of systems, often called proactive administration because it is performed before issues occur.

  • Building a proper set of tools for administration, both local and remote.

  • Troubleshooting when issues arise, often called reactive administration because it is performed after an issue has occurred.

The first task is easy because you can schedule its activities between daily, weekly, monthly, and ad hoc timelines. The second task is also easy because this is a one-time operation. The third task is more difficult because you never know when it will occur. However, if you create a proper administration schedule, you should have free time every day that allows you to deal with unexpected issues. And, if you set up your management and administration environment properly, you should be able to limit the occurrence of these unexpected issues.

One key element that greatly limits the number of unexpected issues is user education. Spend as much time as possible showing them how to do things right in Vista. It will save you a lot of time in the end because you won't have to deal with the simplest user issues.

Building an administrative task schedule

Ideally, you will be using a schedule of operations to perform administrative tasks. You have to deal with daily, weekly, monthly, and ad hoc tasks. The best way to do this is to use the following approach:

  • Daily tasks are performed first thing in the morning.

  • Weekly tasks are performed on Monday and Wednesday afternoons.

  • Monthly tasks are performed on Tuesday afternoons.

  • This leaves Thursday and Friday afternoons for ad hoc tasks.

In addition, you can automate several tasks. For example, you can get the Event Log to forward notifications of low disk space. You can also set a scheduled task to automatically clean temporary files from systems when low disk space notifications occur. Although you still need to monitor this task, it will be performed automatically for you so, instead of performing the task, your responsibility will be to verify that the task has been performed.

Ideally, your schedule will stay firm and if you set everything up right, overtime will be kept to a minimum.

Use Outlook's Task Management features to build your administrative task schedule. It will remind you of all the tasks you need to perform and when you need to perform them.

Table 4 outlines the tasks to perform and their frequency.

Table 4. Windows Vista Administration Tasks
Task NumberTask NameFrequencyComment
VA-01Run As AdministratorDailyAlthough this is not really an administrative task, you should make a habit of using a standard user account to perform everyday work and then, use Run As Administrator to perform any administrative task.
VA-02General System Status VerificationDailyReview Event Logs on each PC to determine if there are any issues.
VA-03Security Event VerificationDailyIn secure environments, you need to review auditing information on each sensitive system to identify if any untoward events occur.
VA-04Anti-malware Update Management DailyDailyYou need to verify that anti-virus and anti-spyware definitions update work correctly in your environment.
VA-05Backup Generation and VerificationDailyUser data should be backed up on a regular basis. Ideally, it will be redirected from local PCs to shared folders residing on servers. In addition, you need to provide overall systems protection. Finally, you need to test backups to make sure they work properly.
VA-06Uptime Report ManagementWeeklyReview uptime reports for each system. Identify reboots and find out why.
VA-07Free Space VerificationWeeklyYou need to verify that users are not running out of space on their systems.
VA-08Network Traffic MonitoringWeeklyYou should regularly monitor network traffic from select points on your network to ensure everything is working properly.
VA-09Volume Shadow Copy Operation VerificationMonthlyYou need to make sure that Shadow Copies are operating properly on your user's PCs so that they can recover data as needed.
VA-10Search Service ConfigurationMonthlyVerify that the search configuration is set properly on each system.
VA-11Disk Integrity CheckingMonthlyRun the disk checking tool on each system to correct any potential issues.
VA-12Disk DefragmentationMonthlyVerify the status of disk defragmentation on each system.
VA-13Temporary File CleanupMonthlyProactively clean up temporary and other file clutter on each system.
VA-14Wireless Connection Status VerificationMonthlyReview wireless connectivity in your network and make sure users have full access to this service.
VA-15Wired Network Connection Setup/VerificationMonthlyReview wired network connectivity and make sure user configurations are set properly.
VA-16Remote Access VerificationMonthlyReview remote access settings and make sure users have secure access to internal systems.
VA-17Security Patch Update ManagementMonthlyReview security updates, test them and apply them to affected systems.
VA-18Security Policy Review and UpdateMonthlyReview the security policy and determine whether updates are required. Keep user communication on security issues current.
VA-19Security Template Creation/ModificationAd hocSecurity templates allow you to control overall security settings on your systems. They often need to be reviewed when untoward events occur.
VA-20Inventory ManagementMonthlyReview inventory details. Determine if components are missing and review changes to overall inventory.
VA-21Script Generation and MaintenanceAd hocCreate scripts for operation automation and make sure they are working properly.
VA-22Service Pack DeploymentAd hocReview applicable service packs, test their installation and perform their deployment.
VA-23System DocumentationAd hocMuch as you hate to do it, you need to document the state of your environment on an ongoing basis.
VA-24System BIOS and Firmware ManagementAd hocWhen new firmware and BIOS software is delivered for your systems, you need to test and then apply it.
VA-25Device ManagementAd hocYou need to review and approve new devices as they become available for use in your network.
VA-26PC RebuildsAd hocOccasionally, you need to repair a PC that is damaged beyond recovery.
VA-27User Support through Windows Remote AssistanceAd hocUsers will require assistance on an ad hoc basis. You need to be familiar with the procedure.
VA-28User Password ResetAd hocOccasionally, you must reset a user password so that they will be able to access the network.
VA-29PC RDC ManagementAd hocYou need to properly manage the Remote Desktop Connections you create to access PCs in your network.
VA-30Software Installation ManagementAd hocOccasionally, new software must be deployed to PCs.
VA-31GPO ManagementAd hocOccasionally, you need to create or modify existing GPOs to control more settings on your systems.
VA-32Computer Object ProvisioningAd hocAs new systems are brought on board in your network, you need to pre-populate the Active Directory with their accounts so that when they join the network, they will immediately be subject to appropriate Group Policies.
VA-33Internet Information Services OperationAd hocIIS should not be located on a PC except for development or testing purposes. Nevertheless, you need to verify its proper operation when it is installed.
VA-34System DiagnosticsAd hocWhen things go wrong on a system, you need to perform diagnostics to discover where the issue lies.
VA-35Encrypted Folder RecoveryAd hocWhen users lose access to their encrypted files, you need to use the recovery agent to restore them.
VA-36BitLocker Drive EncryptionAd hocWhen users lose access to their encrypted drives, you need to restore them through the recovery agent.
VA-37Transfer User SettingsAd hocOccasionally, you must change individual user's PCs. When this occurs, you must transfer their settings from one PC to the other.
VA-38Set Up Accessibility OptionsAd hocSome users have disabilities which require different accessibility options. In this case, you must work with them to identify the appropriate settings.
VA-39Set Up Multilingual ConfigurationsAd hocIf you work in an international organization, you may have to set up different languages for users to work in.
VA-40Resolve Printing IssuesAd hocIn some cases, your users will have difficulty working with printers or print jobs. You will need to assist them in identifying and resolving the issue.

Table 4 lists administrative activities you need to perform on PCs. Networked environments normally host servers and it is these servers that normally provide centralized or shared services. Because of this, this table does not mention items such as Printer Management because printers should not be shared on PCs, but on servers.

Building an administration toolkit

The key to proper systems administration is having the right toolkit. You've already begun to create a standard administration desktop. Now, you need additional tools. Vista offers unparalleled support for comprehensive management tools. For example, you can rely on the Microsoft Management Console version 3.0 to build your own administration console, one that will give you access to almost every tool you need to administer both your own local PC and remote PCs. In addition, you can use the Windows Sidebar to display custom gadgets — gadgets that report information on system performance and on system operation. This turns your desktop into an administrative control system, one that provides a central base of operations for the support of PC operations in your organization.

First, begin by creating a custom console that gives you access to most of the operations you need. As you've seen before, the most useful of existing console is the Computer Management console found in Administrative Tools. Although this is a good general purpose console, it is not an all-encompassing tool. As shown in Figure 5, Computer Management includes the following capabilities by default:

  • You can use it to manage either local or remote systems. The console opens the local system by default. To change to a remote system, right-click on Computer Management (Local) and select Connect to another computer. Type in the name of the other computer or select Browse to locate it and click OK. Some minor functionality will not be available on remote systems, but this console still gives you access to almost everything you need.

  • System Tools lists the Task Scheduler, the Event Viewer, Shared Folders, Local Users and Groups, Reliability and Performance tools and the Device Manager. Shared Folders are seldom used on PCs. Local Users and Groups are used mostly to manage accounts stored in the local Security Accounts Manager (SAM) database. I

  • Storage gives you access to disk management features for both local and removable storage.

  • Services and Applications gives you access to installed Services and WMI Control lets you configure the Windows Management Instrumentation settings on a system.

Several of the tasks you perform on an ongoing basis can be performed from here. For example, the Disk Management node gives you access to disk drives and especially their Properties (right-click on the drive). Here you can view free space, perform disk cleanup, check the disk volume, defragment it, and back it up as shown in Figure 6. You also have access to hardware information for the disk, previous versions to restore data, and security descriptors for the data. These capabilities make Computer Management quite powerful. In addition, Computer Management automatically includes additional console contents as you add Windows Components to the system.

Figure 5. The Details of the Computer Management console

Figure 6. Performing Disk Management from the Computer Management console

However, Computer Management does not provide default access to everything. For this reason, you may want to modify it to create a custom MMC, one which will build on Computer Management's features and add even more tools.

In addition to all the features of the Computer Management console, this custom console should include the following snap-ins:

  • The Active Directory Users & Computers snap-in

  • Group Policy Management

  • NAP Client Configuration for the local system

  • Print Management for the local system

  • Security Configuration and Analysis

  • Security Templates

  • Windows Firewall with Advanced Security for the local system

You can add more snap-ins if you would like, or simply add them to discover their use. Note that many of the snap-ins listed in the snap-in dialog box are already part of Computer Management. To create this console:

  1. Use Start => Run to execute the following command:

    mmc /a %SystemRoot%\system32\compmgmt.msc

    This launches the Computer Management console in editing mode.

  2. Choose File => Save As to save the console as Custom Management Console.msc under the Documents folder. You save it in Documents to ensure it is protected and to make it easier to locate later.

  3. Choose File => Add/Remove Snap-in to open the dialog box.

  4. Click the Advanced button and check the Allow changing the parent snap-in option. Click OK.

  5. Use the drop-down list to select Computer Management (Local) under Parent Snap-in. Doing this places additional snap-ins under Computer Management.

  6. Double-click each of the snap-ins listed earlier. Click OK when done.

  7. Choose File => Options, name the console Custom Management Console, make sure it is set to User mode – full access, and deselect Do not save changes to this console. Click OK when done.

  8. Choose File => Save to save your changes.

  9. Close the console.

  10. Open the Documents folder in Windows Explorer and use the right mouse button to drag the console to the Quick Launch area; select Create shortcut here. Now, you can simply right-click on this shortcut and select Run As Administrator each time you need it.

There are several uses for this console as you will see, but it is basically the most common tool you will use to manage your network of PCs. The resultant console is displayed in Figure 7.

Second, get access to some cool gadgets you can add to yours and end users' Windows Sidebar to display system information. Gadgets can be found at the Some cool gadgets that support system administration include the following:

  • Battery Gadget: This feature displays battery status information for notebooks and tablet PCs.

  • Drive Information Gadget: This gadget lists the status of your disk drives in Vista.

  • Network Utilization Gadget: This gadget shows a graphical display of network throughput from your system.

  • Remote Desktop Gadget: You can use this gadget to quickly link to any remote desktop.

  • Uptime Gadget: You can find out how long a system has been running.

This list is not exhaustive, but it displays a selection of tools you can use to make your life as an administrator easier. The resultant desktop including the custom console is displayed in Figure 7.


New gadgets come out almost every day. Make sure that you check the on a regular basis to discover what other cool tools you can rely on.

Figure 7. Working with a Custom Administration Desktop

Using a standard troubleshooting strategy

Despite your best administrative efforts, your users will run into situations that will either be due to their inexperience or to their use of tools or components they shouldn't normally have access to. When this occurs, you need to troubleshoot the issue and discover how to fix it.


Users should not run computers in administrative mode even if User Account Control is enabled. Users should be locked down and have only standard user access rights. Vista has made vast improvements in the ability a standard user has to control the computer environment and this should be sufficient. You'll soon find that if you lock down computer systems, you'll have a much more stable PC environment.

Troubleshooting is usually based on a series of questions you need to answer. Common questions should include:

  • Who was using the PC when the problem first occurred?

  • Who else has been using the PC, and have they experienced similar problems?

  • Who has worked on this problem previously (if it has happened before)?

  • Who has the same problem on another PC (that you know of)?

  • When did this problem occur the first time, and has it occurred since?

  • When was the last time you downloaded or installed application?

  • When was the last time you installed new hardware?

  • When did you last clean up the PC with Disk Cleanup or Disk Defragmenter, delete files or cookies, or perform similar deletions of data?

  • What are your thoughts on what caused the problem?

  • What have you tried to troubleshoot the problem yourself?

  • What do you think can be done to solve the problem?

  • Why do you think the problem occurred?

  • How do you think the problem occurred?


Windows Vista includes a new set of tools for event management. Many of the questions listed above can be answered by reviewing the information in the Vista Event Viewer.

Then, you need to use general troubleshooting procedures to resolve the issue. These procedures should include:

  • Locate a solution by searching the PC's help and support center

  • Locate a solution by searching the company's support files

  • Search manufacturer's Web sites

  • Search technical sites (MS Knowledge Base, TechNet)

Basically, you need to use a troubleshooting process, as shown in Figure 8, to resolve the issue. Relying on this process ensures that issues are resolved as quickly as possible, and documenting solutions will ensure you can build a list of solutions for future reference.

Figure 8. Using a standard troubleshooting process
Top 10
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 2) - Wireframes,Legends
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 1) - Swimlanes
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Formatting and sizing lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Adding shapes to lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Sizing containers
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 3) - The Other Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 2) - The Data Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 1) - The Format Properties of a Control
- Microsoft Access 2010 : Form Properties and Why Should You Use Them - Working with the Properties Window
- Microsoft Visio 2013 : Using the Organization Chart Wizard with new data
Video Sports
programming4us programming4us