As I expected, the basic file and directory commands worked well on all my systems. I could move files between drives and use the floppy disk. The command line supports long filenames, but you must enclose them in quotation marks for certain functions.
In my testing of ERD Commander 2000's advanced commands, I began with Chkdsk. Chkdsk invokes Microsoft's autochk.exe utility, which Winternals copies to the ERD Commander 2000 boot disks. The Chkdsk command operates exactly as it does when you use it to check an NT disk for errors at boot time. I used Chkdsk to scan IDE, SCSI, and fault-tolerant drives on my test network's various systems and encountered no problems.
The Access command modifies NTFS file permissions by adding the Everyone group to an object's ACL. Access' syntax is straightforward, requiring only a path to the file I wanted to modify. By adding the /S switch, I could also change permissions on the files of subdirectories in the path I specified. The Access command's syntax also supports wildcards. After I executed Access and rebooted, the files that I modified displayed the Everyone group permissions, as I expected.
The Regedit, Password, and Service commands required that I load the registry into memory, so I used the Regload command to satisfy the requirement. On my network's multiboot systems, I could choose to load a registry from any of my bootable partitions.
Regedit is a command-line registry editor that lets you edit values under the SYSTEM registry key. Regedit command options let you query, add, delete, and find values. Because Regedit requires that you enter the full subtree, key, and subkey that you want to modify and has a complex command syntax, I spent a lot of time typing commands and going back to the Help text to check my syntax—a tedious chore, but it got the job done.
Figure 2 shows some sample Regedit commands. In the first command, I queried the value of a particular registry key. Next, I used the Add argument to change a value. Finally, to check the results of Add, I repeated the first query command. I made several changes to my test systems, including adding hexadecimal values, which you can format as bytes or words. After rebooting the systems—a sign of success in itself—I used Microsoft's regedt32.exe to double-check each system's registry. I found that all the changes I had made with ERD Commander 2000 were in place.
The Password command listed the local accounts and let me change the passwords at will. I simply had to type the Password command and the local account, followed by the new password I wanted to apply. The only hiccup in this process was that ERD Commander 2000 couldn't deal with user accounts longer than one word. The product also limits you to changing only one password between reboots. Figure 3 shows the ERD Commander 2000 interface
as I issued the Registry and Password commands.
Next, I typed the Service command to list all the services and drivers available on my Win2K and NT systems. I could then change the startup parameters of any service or driver. This feature can help you circumvent drivers that are preventing a system from booting.
What About the Recovery Console?
You might notice some similarities between ERD Commander 2000 and Microsoft's Recovery Console (RC), which Win2K Server and Win2K Professional include—particularly, the capability to add both ERD Commander 2000 and the RC to your hard disk and boot loader menu. You might also have discovered that the RC works on both Win2K and NT. Compared with ERD Commander 2000, however, the RC poses certain limitations.
First, the RC lets you access only the \%systemroot% and \%windir% directories. Second, the RC requires that you use the local administrator account to log on—a good security requirement, but one that can create a problem if you forget the administrator password or if the SECURITY and SAM registry hives are damaged. Third, the RC doesn't provide advanced capabilities to change the registry, file permissions, or local account passwords. Finally, Microsoft's licensing agreement doesn't let you install or use the RC on non-Win2K systems.
These limitations notwithstanding, the RC offers important functionality in a disaster-recovery scenario. However, if you want to save a few dollars by using the RC instead of a utility such as ERD Commander 2000, you won't have every tool you need in a crisis situation. When you consider the downtime that a misconfigured or corrupted server can cause, the cost of ERD Commander 2000 is justified.
Secure Your Servers
ERD Commander 2000's valuable tools help you resolve problems on Win2K and NT systems. The product's functionality is impressive—but a bit unnerving. Although ERD Commander 2000 gives you the confidence to use the more secure NTFS on all your partitions, anyone who has the product can create bootable media and use them to access your system's partitions and registry. Thus, ERD Commander 2000 gives you the impetus to take the most basic security measure of all: keeping your servers behind locked doors.