Systems Management Tools

In broad terms, the objective of systems management is to protect the integrity of business applications and the security of business information by automating, regulating, and enhancing systems functions. Such functions include user administration; system, security, performance, and event monitoring and management; backup and archiving; licensing and quota management; scheduling; report distribution; diagnostics; and accounting and chargeback.

As Windows NT's role as a network operating system grows, so does the need for systems management tools. This month's Lab Reports review a cross-section of NT Server 4.0 systems management packages from both Microsoft and third-party vendors. (For quick summaries of other systems management products in the market, see the sidebar, "Systems Management Sampler," page 66.)

NT Server is a full-featured network operating system that comes with most of the basic tools and utilities you need to build, manage, and maintain a network, so we'll start by summarizing the utilities available in NT Server 4.0's default setup. However, these tools are only the tip of NT's systems management iceberg. A continuously growing number of third-party vendors are adding to the systems management tools available for NT, and these products span the spectrum from very large enterprise-level packages (for networks with 500 or more users) to individual department-level tools (for networks with fewer than 500 users). The reviews starting on page 68 will explain what happened when we tested some of these products, and assess their key capabilities.

Windows NT Server's Built-in Utilities
In NT 4.0 Server, when you click Start and go to Programs, Administrative Tools (Common), you see a list of built-in systems management utilities. These utilities give you a foundation for managing your network, so familiarizing yourself with them is worth the effort.

Microsoft provides excellent online Help and operation information for each of these utilities. Read the introductory text and instructions from the Help files to find out about the full range of each tool's administrative capabilities.

Backup
NT's Backup utility lets you back up your local and network NTFS and FAT volumes to a tape drive. Backup boasts some impressive features: selection of objects by volume, directory, or individual filename; spanning of backup media; verification; compression; catalog storage; log files; full, incremental, differential, and daily backup types; and local Registry backup.

Backup performs reliable backups, but it lacks a few important features, such as scheduling. The only way to use this utility to perform unattended scheduled backups is to use NT's Schedule service. Fortunately, Backup's Help file details the necessary procedures.

Disk Administrator
Disk Administrator helps you manage disk partitions, stripe sets, and volume sets. The utility provides a variety of disk management functions. For example, you can modify primary and extended partitions, dynamically assign drive letters, create volume sets and stripe sets, establish mirrored sets or disk duplexing, format volumes with FAT or NTFS, and restore damaged or disabled disk configurations.

You can perform most functions without rebooting to access new modifications or drive assignments. Use this tool with caution--one wrong move and you can delete a data drive or change drive assignments. Fortunately, the application prevents you from damaging the system and boot partitions and asks you before committing changes. For more information about Disk Administrator, see Michael D. Reilly, "Windows NT Disk Administrator," November 1996.

Event Viewer
Event Viewer is NT's log file monitoring utility. Through Event Viewer, you can examine the contents of the three main NT log files: System Log, Security Log, and Application Log. System Log records events and alerts for internal processes, services, and drivers. Security Log records security audit events, such as logons, access to user rights, object access, user/group management, and system shutdowns or restarts. Application Log records application-related alerts and system messages, including those of some system components (e.g., the Replication service writes to this file).

Each log file contains five types of events: successful operation of services and drivers, warnings, errors, success audits, and failure audits. Each logged event includes descriptive information, such as time and date, username, computer name, source, type and category designations, a description of the event, and often, data associated with the event. You can remotely view event logs from other NT Server and NT Workstation computers on your network. You can export a log file to a proprietary .evt format for future Event Viewer use, or you can convert the log file to plain or comma-delimited text for database import.

Event Viewer is indispensable for identifying problems with typical server operation, when you're connecting devices, and when you're monitoring user activities. This application and the data it collects can often help you short-circuit problems.