SOFTWARE/SYSTEMS MANAGEMENT

In broad terms, the objective of systems management is to protect the integrity of business applications and the security of business information by automating, regulating, and enhancing systems functions. Such functions include user administration; system, security, performance, and event monitoring and management; backup and archiving; licensing and quota management; scheduling; report distribution; diagnostics; and accounting and chargeback.

As Windows NT's role as a network operating system grows, so does the need for systems management tools. This month's Lab Reports review a cross-section of NT Server 4.0 systems management packages from both Microsoft and third-party vendors. (For quick summaries of other systems management products in the market, see the sidebar, "Systems Management Sampler," page 66.)

NT Server is a full-featured network operating system that comes with most of the basic tools and utilities you need to build, manage, and maintain a network, so we'll start by summarizing the utilities available in NT Server 4.0's default setup. However, these tools are only the tip of NT's systems management iceberg. A continuously growing number of third-party vendors are adding to the systems management tools available for NT, and these products span the spectrum from very large enterprise-level packages (for networks with 500 or more users) to individual department-level tools (for networks with fewer than 500 users). The reviews starting on page 68 will explain what happened when we tested some of these products, and assess their key capabilities.

Windows NT Server's Built-in Utilities
In NT 4.0 Server, when you click Start and go to Programs, Administrative Tools (Common), you see a list of built-in systems management utilities. These utilities give you a foundation for managing your network, so familiarizing yourself with them is worth the effort.

Microsoft provides excellent online Help and operation information for each of these utilities. Read the introductory text and instructions from the Help files to find out about the full range of each tool's administrative capabilities.

Backup
NT's Backup utility lets you back up your local and network NTFS and FAT volumes to a tape drive. Backup boasts some impressive features: selection of objects by volume, directory, or individual filename; spanning of backup media; verification; compression; catalog storage; log files; full, incremental, differential, and daily backup types; and local Registry backup.

Backup performs reliable backups, but it lacks a few important features, such as scheduling. The only way to use this utility to perform unattended scheduled backups is to use NT's Schedule service. Fortunately, Backup's Help file details the necessary procedures.

Disk Administrator
Disk Administrator helps you manage disk partitions, stripe sets, and volume sets. The utility provides a variety of disk management functions. For example, you can modify primary and extended partitions, dynamically assign drive letters, create volume sets and stripe sets, establish mirrored sets or disk duplexing, format volumes with FAT or NTFS, and restore damaged or disabled disk configurations.

You can perform most functions without rebooting to access new modifications or drive assignments. Use this tool with caution--one wrong move and you can delete a data drive or change drive assignments. Fortunately, the application prevents you from damaging the system and boot partitions and asks you before committing changes. For more information about Disk Administrator, see Michael D. Reilly, "Windows NT Disk Administrator," November 1996.

Event Viewer
Event Viewer is NT's log file monitoring utility. Through Event Viewer, you can examine the contents of the three main NT log files: System Log, Security Log, and Application Log. System Log records events and alerts for internal processes, services, and drivers. Security Log records security audit events, such as logons, access to user rights, object access, user/group management, and system shutdowns or restarts. Application Log records application-related alerts and system messages, including those of some system components (e.g., the Replication service writes to this file).

Each log file contains five types of events: successful operation of services and drivers, warnings, errors, success audits, and failure audits. Each logged event includes descriptive information, such as time and date, username, computer name, source, type and category designations, a description of the event, and often, data associated with the event. You can remotely view event logs from other NT Server and NT Workstation computers on your network. You can export a log file to a proprietary .evt format for future Event Viewer use, or you can convert the log file to plain or comma-delimited text for database import.

Event Viewer is indispensable for identifying problems with typical server operation, when you're connecting devices, and when you're monitoring user activities. This application and the data it collects can often help you short-circuit problems.

License Manager
License Manager is a tool for monitoring the legal use of software throughout an enterprise-level NT network. It enforces strict compliance with software license restrictions. However, License Manager administers only the software licenses you configure it to monitor. By using a built-in replication process (distinct from the server Replication service), License Manager propagates all legal use restrictions to each server on the network.

License Manager can operate on a per seat (client) or per server basis for each product; it can also monitor and log usage statistics for each user. This excellent tool lets you provide users with access to the applications they need, while excluding users who don't require access to specific applications. Such need-based allocation can reduce the number of user licenses you must purchase.

Migration Tool for NetWare
Microsoft included Migration Tool for NetWare for administrators moving from NetWare to an exclusively NT network. In theory, this tool copies NetWare information and data (e.g., user accounts, groups, and data files) onto an NT server. However, systems administrators report mixed success from using this tool. Differences between NetWare and NT make "automagic" migration difficult to implement. User passwords do not migrate, duplicate name and group error handling is poor, and translation of file and user rights to permissions is questionable. One good side of this tool is its detailed log file of every action that occurs on both sides of the migration process; this log can help you fix problems, correct improper configurations, or replace missing data after the migration is complete.

To test this tool, you need to configure the target NT Server computer and install NTFS, NWLink, and Gateway (and Client) Services for NetWare. For NetWare 3.x versions, you must also run BINDFIX on the NetWare server to prepare the bindery; for NetWare 4.x versions, you must understand the Novell Directory Services (NDS) layout and structure so that you can re-create it in the domain environment on NT Server.

Network Client Administrator
Microsoft designed Network Client Administrator to simplify connecting a non-networked OS to an NT-based network. This utility provides a few other functions, such as copying the client-based administration tools and examining a client's Remoteboot configuration.

Unfortunately, Network Client Administrator frequently fails to do its job. The utility supports only DOS clients, cannot fine-tune NIC settings, and lacks NIC support. You can perform the same operations as Network Client Administrator--yet gain more control--by making Microsoft Network Client 3 installation diskettes via the NT 4.0 Server CD-ROM. Simply copy the contents of \clients\msclient\disk1 and \disk2 onto two formatted floppies. Then run the first floppy's SETUP utility on a DOS computer.

Performance Monitor
Performance Monitor is a graphical tool for monitoring and measuring the performance and activity of your network and the computers on your network. Through this utility, you can view hundreds of specific metrics (counters) that let you measure various system activities. The metrics for each system object (processor, memory, disk, cache, thread, network connection, Remote Access Service--RAS--client, etc.) include use levels, queue lengths, delay times, and throughput. Furthermore, Performance Monitor lets you customize charting, altering, reporting, and logging of all metrics for one or more computers simultaneously. With Performance Monitor, you can identify network bottlenecks, storage devices operating near capacity, systems with insufficient RAM, noisy network connections, and overall levels of bandwidth usage. For more information about Performance Monitor, see Michael D. Reilly, "The Windows NT Performance Monitor," March 1997, and Michael D. Reilly, "More Windows NT Performance Monitor," April 1997.

Server Manager
Server Manager is the primary tool for administering NT domains and computers. Managing a domain can involve activities such as promoting a Backup Domain Controller (BDC) to a Primary Domain Controller (PDC), synchronizing domain servers with the PDC, and adding computers to or removing computers from a domain. Managing a computer addresses other issues, such as viewing connected users and in-use shares and resources, configuring administrative alerts, managing services and shares, and sending pop-up messages to connected users. Server Manager also provides the Replication service controls.

System Policy Editor
System Policy Editor is a utility you can use to create, edit, and manage individual user, computer-specific, and systemwide policies. (A policy is a method to control, restrict, and configure user desktop settings, profiles, and system configurations.) System Policy Editor creates a file that overrules the local Registry with new settings, so be cautious when you use it. For example, instead of editing default user and computer policies, create policies for specific users, computers, or groups that you want to impose policies on. An overly restrictive default policy can prohibit everyone, including Administrators, from doing anything on a particular computer, including counter-acting that policy. For more information about System Policy Editor, see Robert Slifka, "How to Edit NT 4.0 System Policies," February 1997, and Sean K. Daily, "Further Explorations of the NT System Policy Editor," April 1997.

User Manager for Domains
User Manager for Domains is a management tool for user- and group-based NT security. With this utility, you can create, modify, and manage users and groups. You can configure options (such as group membership, profile settings, home directory assignment, logon script pointers, access scheduling, workstation privileges, and RAS restrictions) for each user, or create a template for categories of users on your system.

You can also control system policies regarding accounts, user rights, and audits. The account system policy sets parameters for user passwords and account lockouts for failed logon attempts. The user rights system policy sets rights for each group or user, such as accessing computers over the network, changing the system time and device driver controls, adding new software, and even shutting down the system. The audit system policy controls which system events will be logged.

Windows NT Diagnostics
Windows NT Diagnostics provides general information about settings and conditions for your local hardware and operating system, and for other NT computers on a network. The tabbed dialog box can supply pages of information about the network operating system (NOS) version, motherboard and BIOS, video, storage media, memory and page files, services, device settings (IRQ, I/O, DMA, etc.), environmental variables, and network status. You can print the data displayed through this utility or save it to a file.

This tool does not diagnose problems, but if you plan to change your NT environment (e.g., add new hardware), you can get a reasonably complete description of your system. Windows NT Diagnostics can help you identify available IRQs, direct memory access (DMA) settings, and other tidbits that you need to know about when you install new components. This utility provides a snapshot of your system's configuration; making a copy of this information can be invaluable when you must recover from a failed or flawed installation of a new component. From this utility's File menu, you can also jump directly to the Find File utility (a simpler method than Start, Find, Files or Folders) or launch other administrative tools (such as Event Viewer, a Registry editor, Task Manager, Control Panel, and Notepad).