Management Consoles Flashcards
updating and troubleshooting devices.
Device manager (devmgmt.msc
Disks versus partitions/volumes/drives.
System, boot, and recovery volumes.
initalize disks and create formatted partitions.
Repartitioning and dynamic disks.
Disk Management (diskmgmt.msc)
Fragmentation, diminishing capacity, errors
Disk issues
improve read times by reallocating file data locations.
HDDs vs SSDs.
Disk Cleanup (cleanmgr.exe).
Identify and remove unwanted file caches
Defragment and Optimize Drives (dfrgui.exe)
Automate system activity/script.
Run tasks to date/time schedule.
Define custom task triggers.
Set credentials.
Task scheduler (tasksch.msc)
User accounts: add, modify, & remove. Reset password.
Security groups: collection of user accounts, allocate permissions to group, user accounts inherit permissions from groups
Local Users and Groups (lusrmgr.msc)
Manages the local device.
Detailed system and security configuration settings.
Administrative Templates
Local Group Policy (gpedit.msc)
Direct edits to system configuration database.
Editing the registry: subkeys and value entries. Name, data type, value. Export and import file formats
Registry Editor (regedit.exe)
HKEY_LOCAL_MACHINE
HKEY_USERS
Root keys
Default log files: System, security, application, setup. Application/service log files.
Event sources and severity levels: source application and ID. Critical, error, warning, and info levels. Audit success/failure.
Event Viewer
- View all running processes
– Interactive and system tray apps
– View processes from other accounts - Manage the view
– Move columns, add metrics - Combine all apps, processes, and services into a single tab
– Easy to view and sort
Task Manager Process Monitoring.
Task Manager utility (taskmgr.exe)
- What’s happening? - CPU, memory, etc.
- Statistical views - Historical, real-time
- Current versions include CPU, memory, disk,
Bluetooth, and network in the Performance tab
Task Manager Performance Monitoring
- Who is connected? What are they doing?
- Other options
– Disconnect a user, manage user accounts
Task Manager User Monitoring
- Manage which programs start with
a Windows login
– Easily toggle on and off - Multiple reboots
– Enable and disable
– You’ll find it
View processes that run at startup.
Task manager startup tab
- Non-interactive applications
– Hundreds of background processes - Manage from one screen
– Start, stop, restart
view status of background processes
Task manager services tab. service console (services.msc)
More detailed real-time performance data
* Detailed real-time view of performance
– Separated by category
* Categories
– Overview, CPU, Memory,
– Disk, and Network
Resource Monitor (resmon.msc)
- Gather long-term statistics
– perfmon.msc - OS metrics
– Disk, memory, CPU, etc. - Set alerts and automated actions
– Monitor and act - Store statistics
– Analyze long-term trends - Built-in reports
– View the data
Record performance indicators (counters) over time.
Run regular reports for comparison.
collect event traces
Performance Monitor (perfmon.msc)
- System overview
– msinfo32.exe - Hardware Resources
– Memory, DMA, IRQs, conflicts - Components
– Multimedia, display, input, network - Software Environment
– Drivers, print jobs, running tasks
General tab: select boot mode.
Boot tab: set custom boot parameters.
Services tab: view status of background processes.
Tools tab
System Configuration Utility (msconfig.exe)
C:
D:
x:
windows: Drive navigation
windows: move and copy files
copy
xcopy
robocopy
windows: Manage partitions and file system
diskpart
windows: Write a new file system to a drive
format
formats a disk for use with windows
windows: Scan disk for unusable sectors
chkdsk
windows: Shut down and restart the computer
shutdown
windows: Scan for damaged or missing system files
sfc
view the About Windows dialog - a quick check.
useful when troubleshooting - are you running the lastest version?
winver
in windows Copy files from one location to another
/v - Verifies that new files are written correctly
/y - Suppresses prompting to confirm you want to
overwrite an existing destination file
Copy
in windows Copies files and directory trees
xcopy /s Documents m:\backups
xcopy
robocopy
A better Xcopy
– Included with Windows 10 and 11
intergrated with Active Directory.
Powerful system management
Group Policy Management Console
gpmc.msc
run as Administrator
cmd, Ctrl + Shift + Enter
in windows command line troubleshooting:
if you are not sure
help
help dir
help chkdsk
[command] /?
list files and directories in windows
dir
change working directory in windows
cd/ chdir
the folder above the current folder in windows
..
make a directory in windows
md / mkdir
remove directory in windows
rd / rmdir
view the name of the device in windows.
This is the windows device name.
name can be changed in the system settings
hostname
fixes logical file system errors on the disk in windows
chkdsk /f
locates bad sectors and recovers readable information in windows
chkdsk /r
manage disk configurations in windows.
be careful - you can lose data.
diskpart
start the DiskPart command interpreter
ipconfig
the windows network command line
Displays detailed info about all adapters, including the IP address, subnet mask, default gateway, DHCP server, and DNS servers.
* Most of your troubleshooting starts with your IP address
– Ping your local router/gateway
* Determine TCP/IP and network adapter information
– And some additional IP details
* View additional configuration details
– DNS servers, DHCP server, etc.
ping
windows network command line
- Test reachability
– Determine round-trip time
– Uses Internet Control Message Protocol (ICMP) - One of your primary troubleshooting tools
– Can you ping the host?
netstat
windows network command line
- Network statistics
– Many different operating systems
netstat -a
windows network command line
show all active connections
netstate -b
windows network command line
show binaries (windows)
netstat -n
windows network command line
do not resolve names
nslookup
windows network command line
- Lookup information from DNS servers
– Canonical names, IP addresses, cache timers, etc. - Lookup names and IP addresses
– Many different options
windows network commands
net
view network resources in windows
net view \<servername>
– net view /workgroup:<workgroupname></workgroupname></servername>
map a network share to a drive letter in windows
– net use h: \<servername>\<sharename></sharename></servername>
view user account information and reset passwords in windows
– net user <username>
– net user <username> * /domain</username></username>
- Determine the route a packet takes to a destination in windows – Map the entire path
- Takes advantage of ICMP Time to Live Exceeded
message
– The time in TTL refers to hops, not
seconds or minutes
– TTL=1 is the first router
tracert
- Combine ping and traceroute
– Included with Windows NT and later - First phase runs a traceroute
– Build a map - Second phase
– Measure round trip time and packet loss at each hop
pathping
in windows
* Real-time system statistics
– CPU, memory, disk access, etc.
* Starting the Task Manager
– Ctrl-Alt-Del, select Task Manager
– Right mouse click the taskbar and
select Task Manager
– Ctrl-Shift-Esc
Task Manager
- Manage boot processes, startup, services, etc.
– One-stop shop
in windows Tools
system configuration
msconfig.exe
- Find unused or unneeded files
– A quick way to free up space - Select the categories
– Click the button
in windows Tools
disk cleanup
cleanmgr.exe
- Disk defragmentation
– Moves file fragments so they are contiguous
– Improves read and write time - Not necessary for solid state drives
– Windows won’t defrag an SSD - Graphical version in the drive properties
- Requires elevated permissions
in windows Tools
defrag
– Command line:
– defrag <volume>
– defrag C:</volume>
- The Windows Registry Editor
– The big huge master database
– Hierarchical structure - Used by almost everything
– Kernel, Device drivers
– Services
– Security Account Manager (SAM)
– User Interface, Applications - Backup your registry!
– Built into regedit
regedit.exe
