The Best Gateway for Tech Trends

Copyright 2023 @compsmag - All Right Reserved
Blogs

How to Use Windows Administrative Tools

by Thomas Mohr
by Thomas Mohr

The article explains how to Use Windows administrative tools. Programs can be used to manage sophisticated user and group settings, format hard drives, adjust Windows services, change operating system startup, and many other things. Follow the steps are given below.

The Administrative Utilities folder contains a large number of system tools included with Windows. These tools are more complex and powerful, so they’re hidden where most Windows users can’t find them. Not the “core” or Home Windows 8.1, 8, or 7 editions, but only the Professional or Enterprise versions of Windows include some of these tools. This list of tools is taken from a Windows 8.1 Professional computer. Here is the article for how to Access Administrative Tools in Windows.

Wireshark and Microsoft Message Analyzer

Wireshark is a well-known network traffic monitoring tool. It works with the overwhelming majority of known protocols and has a clear and logical graphical interface based on GTK+ and a powerful filter system. Plus, it’s cross-platform, running on Linux, Solaris, FreeBSD, NetBSD, OpenBSD, Mac OS X, and of course Windows. Wireshark reveals the smallest details of network traffic and network protocols. If you have the necessary knowledge, you can effectively troubleshoot and diagnose a variety of problems that arise on the network using Wireshark.

A less popular alternative to Microsoft’s Wireshark Message Analyzer (MMA) is worth mentioning. Message Analyzer can also capture, display and analyze network traffic, but its killer feature is that in addition to network traces it also reports system call traces so you can correlate what installed apps are doing with what is happening on the network. Message Analyzer also lets you save and reload captures, aggregate saved captures, and analyze trace file data. You can use Microsoft Message Analyzer in several scenarios:

Step 1: Capture network traffic for security analysis. You can capture and save all network traffic on a network segment so that you can analyze it and identify potentially malicious packets.

Step 2: Application troubleshooting. Some applications, such as Skype, use a variety of ports and protocols to provide different communication services. If the server application cannot communicate with clients, Message Analyzer can capture the communication attempts and potentially identify the problem that is blocking them.

Step 3: Troubleshooting Network and Firewall Configuration You can use Message Analyzer to capture communication between network hosts. If a network host does not receive an early response, you can determine where communication is failing and possibly identify the network or firewall configuration that is preventing the response.

clonezilla

Clonezilla is a free and open source tool designed to clone individual hard drive disks and partitions, as well as facilitate system backup and disaster recovery. There are two types of Clonezilla available: Clonezilla live (for single machine backup and restore) and Clonezilla SE (the server edition for larger deployments). Clonezilla is a very fast backup and cloning application. After the LiveCD boots up you simply press ENTER a few times and it starts backing up up partitions or an entire hard drive to another hard drive, which can be an external USB drive. Clonezilla supports the following file systems: FAT, NTFS, ext2, ext3, ext4, reiserfs, reiser4, XFS, JFS, JFS, VMFS and HFS+.

Clonezilla is amazing for one-time booking operations. However, it does not distinguish RAID from software; it splits it into separate devices. Clonezilla SE helps, for example, when dozens of PCs of the same type don’t have an OS. You can install the OS and other necessary software on the first PC, take a snapshot, and then deploy the snapshot to other PCs on the network. In addition, Clonezilla SE can support up PCs over the network at night or anytime you want.

PowerShell ISE and Its Script Browser and Script Analyzer Add-ons

The PowerShell console is an interactive environment built on the .NET Framework that lets you run various commands in real time. It is specifically designed for system administrators and power users who need to automate the administration of operating systems (Linux, macOS, Unix and Windows) and processes related to applications running on those operating systems. Also, you can run cmd.exe commands in the PowerShell environment. PowerShell ISE looks and works the same as cmd.exe. All frequently used utilities like ping, ipconfig and nslookup will work exactly as you expect.

PowerShell ISE offers some very useful add-ons. One of them is the Script Browser. Suppose you want to do something in PowerShell and you know what result you need, but you don’t know how to get. Also, you think it’s likely that someone else has already encountered a similar problem and written a great script. In such situations, of course, you would go to the TechNet Script Center. However, finding the right script can be a long and tedious process. Wouldn’t it be great to have a tool that could understand what you need and automatically look for the appropriate script? Well, the Script Browser add-on will let you easily find the scripts you need on TechNet. Another great add-on is Script Analyzer; it will automatically analyze your scripts and suggest changes that will improve their effectiveness. You can easily install these add-ons by running the following commands:

Install-Module -Name Scriptbrowser

Install-Module -Name ISEScriptAnalyzerAddOn

Enable-ScriptBrowser

Enable-ScriptAnalyzer

RSAT Tools for Windows 11

Remote Server Administration Tools (RSAT) allow IT administrators to remotely manage roles and features on Windows servers and remotely manage Active Directory from your Windows 10 Professional or Enterprise workstations. The RSAT package includes:

Step 1: Server Manager

Step 2: The Microsoft Management Console (MMC) snap-in

Step 3: Hyper-V

Step 4: Windows PowerShell cmdlets

Step 5: command line tools

Basically, with RSAT, you have all the Windows Server administration tools on your workstation, so you don’t need to RDP your servers. This makes managing Windows Server more secure.

tools of internal systems Suite

Sysinternals Suite is used to troubleshoot and investigate security breaches on computers running Microsoft operating systems. There are more than 40 tools in six categories:

Step 1: File and disk tools

Step 2: network tools

Step 3: process tools

Step 4: security tools

Step 5: System Information Tools

Step 6: Miscellaneous tools

Step 7: You can download the tools individually from the Microsoft website or download all of them in a single Sysinternals Suite. Here are the most popular free tools in this suite:

System Monitor (Sysmon)

System Monitor (Sysmon) is a system service that you can install on any computer running a Windows system. Sysmon enhances the logging functionality of the Windows operating system by writing detailed information about process creations and terminations, network connections, and file creations to the Windows event log. Sysmon writes events to the log using the following IDs:

Step 1: Event ID 1. Creation of a new process

Step 2: Event ID 2. Creating a new file

Step 3: Event ID 3. New network connection detected

Step 4: Event ID 5. Process terminated

Step 5: Event ID 6. Driver loaded

Step 6: Event ID 7. Uploaded image

Step 7: Event ID 8. Remote thread creation detected

Installing Sysmon on a server or another computer in a Windows environment will increase the number of events written to the event log, which can have its downsides. However, having a more detailed event log makes it much easier to know what happened on a specific computer, which can be especially useful for investigating a suspected security breach.

AccessChk

You can use the AccessChk tool to determine what permissions are assigned to users and groups, including group-managed service accounts, for the following features:

Step 1: files

Step 2: directories

Step 3: registry keys

Step 4: global objects

Step 5: Windows Services

AccessChk is also useful for verifying that security settings on files and directories are set correctly. Many famous breaches have occurred when trusted people gained access to files on file shares where permissions were not set correctly.

autoruns

You can use Autoruns to determine which applications are set to start automatically when a computer starts up or a user logs on. The tool lists all applications configured to start in the startup folder, as well as in Run, RunOnce, and other keys in the computer’s registry. Autoruns also provides information about File Explorer shell extensions, toolbars that have been installed, browser helper objects, autostart services, and Winlogon notifications.

process explorer

The Process Explorer tool lets you view the files and directories that a specific process has opened. It also provides information on CPU performance, memory utilization, and digital signature processing. You can also use Process Explorer to determine which security account started a process, when the process started, and whether the process is communicating with external hosts over the network. Process Explorer works as a replacement for Task Manager. It allows you to not only view resource consumption information about a specific process, including memory usage, handlers, objects and threads, but also suspend or kill a process. You can also use VirusTotal’s integration to check if a specific process is infected with malware.

Process Monitor

Process Monitor provides system administrators with real-time information about file systems, registry, processes, and thread activity. You can also configure Process Monitor to capture and record data about activity instead of just providing a real-time display. Process Monitor allows you to perform the following tasks:

Step 1: Capture process details including image path, command line, User ID and Session, and network usage

Step 2: Capture service details including file and network usage

Step 3: Determining which registry key applications are using to store data

Step 4: Record gigabytes of data around captured events

Step 5: Log all operations at boot time

Step 6: Use filters to search for certain data

Conclusion

Here they are final from our article What are Windows Administrative Tools and how to To use. The techniques we have listed here will easily take you to the “Administrative Tools” box, where you can perform more actions related to complex situations. The article is now complete and now you know ways to open administrative tools in Windows 11.

You Might Be Interested In
Blogs DailyComputer GuidesguiderobertGuides and Tutorialsguiding12How To GuideHow To GuidesLinux GuidesOriginals How toSoftware tips and tutorialsTipsTricksWindows 10Windows 11
Thomas Mohr

Thomas Mohr is a self-described "enthusiastic technical writer" who comes from a background in technology. He enjoys learning about new Apple devices and accessories, conducting research on them, and assisting readers in making sense of complex technology. His weekend plans include studying and watching a tonne of anime all at once.

Leave a Comment

* By using this form you agree with the storage and handling of your data by this website.

You may also like

How to Fix “Discord Error Code 1006” issue on Windows 11/10

How to Fix “Helldivers 2 Quickplay Not Working” issue

How to Fix “Helldivers 2 login limit reached” issue

How to Fix “TikTok Picture Swipe Not Working” issue

How to Fix “Network Adapter Error Code 31” issue on Windows 11/10

How to Fix “Location Is Not Available” issue in Windows 11/10

Where technology meets possibility" "Compsmag has Proudly Shared Free Information Since 2014.

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More