Image 1 of 14
System Mechanic 6 Mobile Toolkit meets many support professionals‘ system recovery and maintenance tool needs. Information technology professionals working within larger enterprise environments, however, may wish to check out the industrial-strength utilities and remote administration functionality Winternals includes in its Administrator‘s Pak version 5.0. Here‘s a sampling of some of the different tools the Administrator‘s Pak includes.
Once installed, you can access the 10 administrative tools included in Winternals‘ Administrator‘s Pak using Windows Start menu individually, or you can open the Administrator‘s Pak navigation menu, shown here.
As with System Mechanic 6 Mobile Toolkit, the Administrator‘s Pak includes a File Restore utility for recovering deleted files. Once a deleted file is found, it can be recovered to the location the user specifies.
The Administrator‘s Pak‘s Remote Recover utility, which leverages a boot CD, floppy disk or PXE boot client to enable remote administration of a system‘s drives, enables remote disk administration on a wide variety of Windows systems. Using Remote Recover, remote disks, volumes and files appear as if mounted locally. An operating system need not even be installed on the remote system, which enables using Remote Recover to also perform remote installations. In addition to partitioning disks, Remote Recover also supports remotely formatting drives, running hard disk checks, salvaging data and more.
Winternals‘ AD Explorer supports connecting to Active Directory domains, searching for Active Directory objects and performing common Active Directory tasks. In addition to using AD Explorer to add Active Directory objects, you can also use the utility to delete attributes, rename objects, review an object‘s properties, edit security permissions and more.
Using Winternals‘ Insight for Active Directory, administrators can monitor Active Directory LDAP calls (made from any system on the network) to identify configuration problems, review applications and services accessing Active Directory and more. Insight for Active Directory logs system activity and can save events to text files. The information Insight for Active Directory collects proves particularly helpful in confirming replication events, troubleshooting logon and client application errors and review authentication failures. Further, double-clicking an event listed within Insight for Active Directory opens that event‘s listing within Winternals‘ AD Explorer utility for additional troubleshooting support.
Winternals may well be best known for its ERD Commander recovery utility. Administrator‘s Pak 5.0 includes ERD Commander 2005. Using the ERD Commander wizard, support professionals can create a powerful boot CD used to recover failed systems.
When using the ERD Commander wizard to create a bootable rescue CD-ROM, several configuration options exist. Depending upon the options selected, the CD-ROM can boot directly to ERD Commander 2005, as a Remote Recover client or either choice depending upon the selection the user selects when booting.
When creating an ERD Commander 2005 bootable CD-ROM, you can also specify a wide range of recovery tools and rescue utilities that will be included on the ERD Commander CD-ROM.
Once the ERD bootable CD is created, you can use it to boot to a graphical environment in which numerous utilities are available. In addition to providing access to networking tools (File Sharing, Map Network Drive and TCP/IP Configuration) and administrative utilities (including Disk Management, Event Log, RegEdit, Service and Driver Manager and System Info), ERD Commander provides console and command line access, a Solution Wizard and more.
Filemon Enterprise Edition, included with Administrator‘s Pak 5.0, supports monitoring file activity both on local and remote systems. Filemon captures file system activity in real time, and the utility supports logging the data it captures to a permanent file. Using Filemon, an administrator can monitor file activity, such as might be desirable when seeking to identify files associated with a specific error or system crash.
The Administrator‘s Pak also includes Regmon Enterprise Edition, which enables real-time tracking of registry activity. Using Regmon, administrators can learn where specific registry settings are stored, determine which keys are associated with specific application activities and more. The user can right-click a registry process to access additional information about that process, including its registry location, request type, process result and properties.
Discovering system applications associated with specific network connections is simplified using the Administrator‘s Pak‘s TCPView Professional utility. TCPView Professional monitors TCP/IP connections in real time, either on the local or a remote system, and captures data using a variety of filters you specify.
Similar to Windows‘ native netstat command, the Tcp View Stat command adds additional information to TCP/IP monitoring results, including process names. Further, TCPVStat can also reveal the amount of data transferred for each endpoint.