Power NT
NT provides several useful command line tools to help you manage your system. One example is the cacls.exe utility, which lets you modify Access Control Lists. It's also a great means for identifying who has rights to a particular directory. For example, from the Start, Run command line, simply type "cacls C:\Temp" to find out who has access to C:\Temp.
The sysdiff.exe utility is one of the useful command line tools that NT provides to manage your system. This NT 4.0 utility can profile an NT 4.0 server and install applications for NT. It's located on the NT 4.0 CD-ROM in the \Support\Hqtool directory.

NEWS SERVER FOR NT You can use a news server on your NT network to deliver news from the Internet to your users' desktops. One tool for performing this task is DNews News Server Software. DNews News Server allows you to provide fast access to 50,000-plus Internet (Usenet) news groups. Having your own local news server software allows you to create your own public or private discussion groups for enhanced communications across the organization and the Internet. For more info on this product, visit http://netwinsite.com

NT TOOLS--NETWORK CLIENT ADMINISTRATOR TOOL One of several useful command line tools NT provides for managing your system is the Network Client Administrator. This tool can create floppy disks for installing network client software. You'll find it in NT's Network Administrator group.

STORAGE ANALYSIS AND MANAGEMENT FOR NETWARE SERVERS Collecting data about the network is one of the critical functions of network management. FileWizard 5 from Knozall provides enterprise storage management capabilities for Windows NT servers and workstations, Novell NetWare networks, and Unix servers running NFS. You can view a FileWizard report to determine what kind of files are on the network, who owns them, when they were last used, how big they are, and when servers would run out of space. For more information, visit http://www.knozall.com

USING NT'S HARDWARE QUERY TOOL NT provides several useful command line tools for managing your system. One example is the Hardware Query Tool, which interrogates your hardware. To run the tool, put a blank floppy disk in drive A:, double-click the Makedisk icon in the \Support\Hqtool folder of the NT CD-ROM, then boot your computer with the disk and begin the program.

REMOTE CONTROL The more machines and operating systems you have on your network nodes, the harder it is to coordinate the activities on those systems. One tool designed to reduce administration time is Agent from ISE. Agent allows a central node to issue commands that are then executed on any one of those remote nodes. This client/server product uses TCP/IP to communicate between nodes, so you can manage and create remote tasks from a single point of control. You can invoke jobs, initiate backups, and pop up message windows. For a free 30-day trial, visit http://www.i-s-e.com/Product_Line/Agent/agent.htm

DRAG-AND-DROP FILE MANAGEMENT Looking for a better file manager than Windows NT Explorer? Here's another alternative to Windows NT Explorer--Drag and File from Canyon Software. Drag and File's features include these abilities: - Copy, move, or delete files across multiple directories and drives. - Display and select the contents of multiple drives and directories (including the contents of zipped files). - Hide or display duplicate files. - Associate data files to multiple applications. - Split screen mode--two file managers, one toolbar and drive bar. - Integrated ftp. Start an ftp session and drag and drop files between ftp and local drives. Download manager enables you to save actions and resume or redo them later. - New File Compare feature. - Encrypt files. - Shred files. For the full details, visit: http://www.canyonsw.com/dnf.htm

OPTIMIZE YOUR HARD DRIVE Windows 95 had a built-in disk defragmentation tool. NT doesn't. Defragmentation is a necessary and effective task in the maintenance of your system's hard drive. Defragmentation reduces access time to files and facilitates faster backups. Fortunately, you can use Diskeeper for Windows NT to defragment your drives for NT. Defragmentation reduces access time to files and facilitates faster backups. For more information, visit: http://www.execsoft.com

PERFORMANCE TUNING TOOL FOR NT Tuners are expert systems that can make intelligent and instant decisions to improve performance on your NT systems. AutoPilot is one such tuning tool that you can use to analyze and fine-tune your NT systems. Suggestions for fixes are provided instantly, and, in some cases, fixed automatically. For more information, visit: http://www.sunbelt-software.com/autoplt.htm

TRUSTED ENTERPRISE MANAGER NT doesn't provide the ability to push user administration down through the organization, making delegation of specific administrative tasks impossible. This forces you to centralize NT user account administration to ensure the integrity and security of your network. To distribute the administrative load, check out Trusted Enterprise Manager, which helps distribute user administration, increase productivity, improve customer service, apply security procedures, and decrease LAN management cost. For more information, visit: http://www.symark.com/nt.htm

DRAG AND ZIP With all of the utilities for compressing files, wouldn't it be great if you could find one that could handle most of these files? Check out Drag and Zip--a plug-in application for file manager. Its features include: - Zips and unzips files (ZIP, LZH, GZ, TAR, CAB, ARG, ZOO, and more). - Creates multidisk Zip files. - Creates multidisk self-extracting Zip files. - Works with Uuencoded, Xxencoded, MIME, and Bin/Hex files. - Makes Win 16 and Win 32 self-extracting files. - Makes autolaunch and password-protected self-extracting Zip files. - Scans Zip files for viruses. Drag and Zip works on Windows 95/98 and NT systems. Download an evaluation copy at: http://www.canyonsw.com/dnz.htm

AUDITING PRINT ACTIVITY To better understand the cost of doing business, many companies track copy machine usage, postage use, and even printing activity. They can use this information to bill users, clients, or departments to track usage patterns and reduce wasted printing. Print Manager can help you centralize tracking and auditing of all printing activity on a network of Windows NT servers. For more information, visit: http://www.sunbelt-software.com/printmgr.htm

DRAG AND VIEW Because many applications can exist on your network workstations, some users may be unable to read or view files other users have created if they don't have the same applications. Having a tool that enables users to view documents and files without needing a copy of the application could be useful. You might want to try Drag and View, which enables you to see the contents of files. Its features include the following abilities: - View, rotate, flip, convert, and perform color effects on graphics files. - Convert between 17 bitmapped formats. - Do screen captures. - Special DWG version views, prints, and zooms AutoCAD DWG files. - View word processing documents (Word, Works, WordPerfect, Ami Pro, Q&AWrite, ASCII, HEX). - View spreadsheets (Excel, Lotus, Quattro) and databases (FoxPro, Clipper, dBase). - Play animated GIF files; MIDI, WAV, and RMI sound files; and digital video AVI files. - Display latest Internet formats, interlaced GIF, progressive JPEG and PNG. - Display HTML with Internet Explorer ActiveX control. Use it as quick and dirty HTML editor. - Perform text searches (except graphics files). Drag and View supports Windows 95/98 and Windows NT. Download an evaluation copy from: http://www.canyonsw.com/dnv.htm

E-MAIL MARKETING TOOL FOR NT Many companies are using the Internet as a marketing tool to reach new and existing customers. One way to reach these customers (with their permission, of course) is e-mail. If you want to provide your marketing and sales team the ability to send customized messages to thousands of customers and prospects with a few simple mouse clicks, check out Email Marketing Manager. For more information, visit: http://www.softwareshelf.com/emark.htm

MANAGING E-MAIL LISTS If you want to reach your customer using the power of e-mail, you'll soon learn what a huge task it can be to manage e-mail lists and responses. One tool that could help you manage the task is List Manager, an application that allows your NT system to administer all of your e-mail lists with minimal internal effort, avoiding costly outsourcing expenses. It can handle tasks like subscriptions, message acceptance, and distribution. For more information, check out: http://www.ntpsoftware.com/products/lm

REMOTE PRINTER CONTROL FOR NT When a printer goes down, typically you run over to the workstation to which it's attached to troubleshoot and restart print jobs. However, using a tool like Print Console--a remote network printing console for NT--you can see all printers in a domain or domains from your workstation. You can manipulate print jobs and printers as if you were at that server. For more information, visit: http://www.sunbelt-software.com/printcons.htm

SECURITY TEST ANALYSIS TOOL Your network is only as strong as its weakest link. STAT checks the critical and vulnerable points in your network and warns you about the weak links in the chain. Suggestions for fixes are provided and in some cases fixed automatically. For more information, visit: http://www.sunbelt-software.com/stat.htm


Companies need to know what information and activity is taking place through their e-mail systems and need to track the volume of traffic so they can scale systems accordingly. If you use Microsoft's Exchange server to handle mail, you might want to try a utility called Promodag Reports. This utility analyzes all the messages exchanged through Microsoft Exchange Server from inside and outside the Exchange organization (including messages from Internet, Fax, Profs, Notes, MS Mail, CC:Mail). Promodag Reports builds a Microsoft Access relational database from message tracking files and provides analytical reports and graphs. For more information, visit: http://www.mercurysys.com


Keeping control of your dial-in connections can be a daunting task. Fortunately, tools like RAS Manager work with Windows NT RAS, providing additional levels of dial-in management and security. RAS Manager gives you control of your RAS resources and enforces your policies. This software sets the standard for controlling remote access to Windows NT networks. For more info, visit: http://www.acotec.com/index_e.html


Managing a multitude of printers scattered across your NT network can be time consuming and difficult. One tool that can help you manage these printers is Print Queue Manager for Windows NT, which allows full printing management for a Windows NT network. Features include print redirection, printing disaster recovery, load balancing, printer status, printer grouping, and print broadcasting. For more information, visit: http://www.sunbelt-software.com/pqm.htm


Are you protecting your systems from viruses? With more ways to get infected, you need to be vigilant in the tracking and elimination of viruses. One of the most popular tools for virus fighting is Norton AntiVirus for Windows NT. This utility provides complete and easy-to-use antivirus protection for Windows NT workstations and servers. For more information, visit: http://www.symantec.com


Whether your job is providing user support or training new users on your system, you constantly experience the need to look over the user's shoulder. That method of support is generally impractical and frequently impossible--but one utility can make this a reality: Control/T, a system management tool for Windows platforms. Control/T is also suitable for classroom training and product demonstrations. For more info, check out: http://www.cai.com/products/controlit.htm


If you manage access and permissions for multiple services and group or user accounts, you could use Domain Assistant for Windows NT. This program enables you to assign and reassign rights, ownership, and access status to either individuals or groups. It can find and replace account security properties across a selected domain. It can also locate and identify files whose owners you've deleted from the system, making it possible to delete or reassign these files. For more info, visit: http://www.ntpsoftware.com/products/da


Protecting data files is a top priority of any network administrator. The Double-Take utility monitors file changes as they occur on one or many source servers, replicating them in real time to a server over existing network links. In the event of a server failure, Double-Take's target server has backup copies of all your critical files immediately available for users. The target server can even assume the identity of the failed server, virtually eliminating data loss and downtime. For more info, visit: http://www.dbl.co.uk/double-t.htm ANOTHER STORAGE MONITORING SOLUTION We've mentioned a few other tools that help you manage and report on disk usage. Another one you should test is Storage Accountant, a Windows NT service and reporting program that allows network administrators to see by logical or physical grouping who is using how much of the server's disk storage. Reporting functions allow administrators to obtain the information necessary for charge-backs and cost allocation. Check it out at http://www.ntpsoftware.com/products/sm AUTOMATING FILE ARCHIVAL How long do you keep old files on your servers? Would you benefit from archiving old, unused files to tape or getting rid of them altogether? If so, check out this tool for identifying such files. File Archivist is a Windows NT service that locates unused files on the server, catalogs them, and moves them to a staging area. From there you can write them to tape and delete them from the system. Network administrators can specify a period of time after which unused files get archived. For more info, visit http://www.ntpsoftware.com/products/fa DISK REPORTING MADE EASY Need to get a better handle on disk usage on your NT systems? If so, check out DiskAdvisor 4.0, a complete disk-reporting tool for Windows NT. You can generate both standard and customizable reports for all major storage criteria, including wasted space, quotas, disk-space usage, and file security in both interactive and batch modes. Altogether, 18 predefined storage management reports are available, with almost as many ways to manipulate them. For more info, visit http://www.netcomsoft.com.au/da.html GRAPHICAL MONITORING TOOL FOR NT Monitoring the performance and stability of your NT systems is vital in ensuring that your system is running at its best and that it will be ready when you need it. NTManage combines graphical fault and performance monitoring with a rules-based notification and fault management system to help you do that. Though designed for the Windows NT platform, NTManage's flexible SNMP interface allows monitoring and management of all kinds of TCP/IP- and SNMP-enabled devices. For more info, visit http://www.lanware.net/products/ntmanage/overview.asp MONITORING NT EVENTS AND SERVICES You have a lot of activity to track and monitor on your NT system to keep it finely tuned and running at its best. System Sentinel is a suite of network services dedicated to the real-time monitoring, notification, and execution of corrective action related to Windows NT events, TCP/IP protocol, and system services. The product provides advanced monitoring through event filtering, caching, and routing of events. Send notification to media such as alphanumeric pagers, e-mail, ODBC databases, and Web servers. Scripts can execute to take corrective action. For more info, visit http://www.ntpsoftware.com PATCH TO NT GATEWAY FOR EXCHANGE Novell has released a patch file for GroupWise 5 NT Gateway for Exchange--Patch 2. It provides the following fixes: - Filtering switches /blockdom and /allowdom now work with directory synchronization as well as directory exchange. - The gateway can now initialize a migration in certain non-English environments. - Patch corrects a problem where GroupWise users could get deleted if the location of the gateway changed to another domain. - Mail from Exchange to GroupWise now works with a user ID on both GroupWise and Exchange. - Mail a user on an external GroupWise domain sends to MS Exchange no longer drops any recipients. - Patch fixes the problem with replies to mail sent from the Internet to MS Exchange through GroupWise 5.2 GWIA. Replies still don't work if GroupWise 5.5 GWIA is used with Internet addressing. You'll find the patch in the file exchnt2.exe, available for download from the Novell Support Web site at http://support.novell.com/misc/patlst.htm RESTORING DELETED FILES Do you remember the undelete command for DOS and Windows 3.1? Now it's back in Windows 95/98 and NT. File Rescue allows full recoverty of files after you've removed them from the Recycle Bin or deleted them from a command line or shared directory. For more info, visit http://www.file-rescue.com SALVAGE 98 FOR NETWARE AND NT Now you can recover those files you thought were long gone. Salvage 98 enables users to undelete files with an easy-to-use Windows Explorer interface, allowing you to search for deleted files by the owner, the person who deleted them, or the deletion date. The tool works with NetWare 3.x, 4.x, and 5 using the IntranetWare Client for Windows 95, 98, or Windows NT. For more details and to download a trial version, visit http://www.wiredred.com/salvage_98.html SETTING DISK USAGE LIMITS Need a way to limit and enforce disk space quotas on your NT systems? If so, take a look at QuotaAdvisor 4.0. Designed to remedy the lack of storage controls in the Windows NT environment and the increasing abundance of file-polluting conditions, QuotaAdvisor 4.0 monitors, manages, and enforces disk storage limits at the user or group level. Its driver technology enforces quotas before they are written. For more info, visit http://www.netcomsoft.com.au/quotaadvisor.html TRACKING UPDATES TO YOUR NT OS Having a tough time keeping up with what service packs and fixes you've applied to your NT systems? Service Pack Query Tool (SPQuery) enables you to determine not only which service pack you've installed, but also what fixes you've already applied. Version 2.0 shows you this information on all your machines in all domains. The SPQuery single machine license allows the query of all of the machines on the network and generates a full report. As an administrator, you can use this information to keep track of all configuration data on the networked machines. For more info, visit http://www.mtesoft.com/spquery3.html WORKING WITH MACS ON YOUR NT SYSTEM If you work in a mixed-desktop environment of NT, Windows, and Mac systems, you may need to format, read, and write Mac-formatted disks on your non-Mac systems. One way to do this is using a tool such as Mac-in-DOS. This utility enables PC users to read, write, and format Macintosh disks from PC drives. It includes support for network, Jaz, Syquest, Bernoulli, 3.5 disk, CD-ROM, and other drives. For more info, visit http://www.softwareshelf.com/mid.htm THE QUESTION: TechRepublic reader ashott@optonline.net, who was using DHCP Manager, needed a reg hack or any other way to shorten the time between when a lease is dropped and when it's returned to the pool. Copy and paste this URL into your browser: www.techrepublic.com/trbbs/message_detail.jhtml?thread_id=2955&thread_title= DHCP+and+Reg+Hack&ooc=open THE ANSWER: User powerstroke@mailcity.com stated that the registry setting is located in HKEY_LOCAL_MACHINE\System\CurrentControlSet\ services\DHCPServer\Parameters, noting that the database cleanup is how often it removes expired clients. CHANGE FILE NAME ASSOCIATIONS FROM THE COMMAND LINE Another command line tip is the use of the ASSOC command. To change a file name association, run ASSOC as follows: ASSOC [.ext[=[filetype]]] The term .ext specifies the file extension to associate with the file. The term filetype specifies the file type to associate with the extension. ASSOC with no parameters displays a list of file associations. ASSOC with just an extension displays the current association of the extension. ASSOC with an extension and equal sign but no file type deletes the association. COMMAND LINE ENHANCEMENTS IN NT 4.0 NT 4.0 provides several useful command line enhancements, including the following. CD /D changes the current directory and current drive at the same time. As an example, assume that the current drive is D: and the current directory on C: is the root directory. If you type CD /D c:\downloads, the current drive will become C: and the current directory on C: will become C:\downloads. MD can create multiple levels of directory in a single command. Assume you have no directory called C:\jim. If you type MD C:\jim\fred, NT will create a directory called \jim and then create another directory in \jim called fred. RD /S does a complete tree delete. RD /S \jim will remove directory \jim, even if there are subdirectories or files in \jim. DEL /S can delete in subdirectories. For example, DEL /S *.TXT will delete all text files in either the current directory or any subdirectory of the current directory. FOR /D makes wild cards match directory names instead of file names. FOR /L is equivalent to a BASIC FOR/NEXT loop. In addition, NT 4.0 enhances access to FOR variable references. If you write batch files, run HELP FOR from the command line to see all the new features of this command. To see the complete list of commands enhanced in NT 4.0, enter CMD /? on a command line. CREATE USER TEMPLATES Adding lots of new users to your network can be tedious. Creating a user template makes it easy to add multiple new users with the same group and access privileges. To do so: 1. Open the User Manager for Domains. 2. Add a new user by selecting User/New User from the menu bar. 3. Label this user as a template for the user level, such as Template--Worker or Template--Secretary. 4. Set the proper configuration option for Groups, Profile, and Dial-in. 5. The next time you need to add a user, simply select the template account and select User/Copy from the menu bar. NT makes a duplicate of the template user, so to complete the new user account setup, all you need to do is change the name and password. MONITOR WEB SERVER PERFORMANCE When you install IIS on NT Server 4.0 (or Personal Web Server on NT Workstation 4.0), the software adds its own monitoring entries to the Windows NT Performance Monitor. To access these new monitoring devices: 1. Launch the Performance Monitor from the Start button's Programs, Administrative Tools menu. 2. Select Edit, Add To Chart. 3. Select ftp, Gopher, http, and/or IIS from the Object pick list. REMOVING THE RECYCLE BIN The Recycle Bin may be more of a pain than a help, especially if you delete files often. To disable it so all files are truly deleted when you delete them: 1. Right-click the Recycle Bin icon and then click Properties. 2. You will then see tabs for each accessible drive, plus a global tab. You will also see a check box to disable the Recycle Bin. 3. Choose the drive you want, or the global setting, and choose the option to delete instead of sending files to the Recycle Bin. (A sliding control allows you to set the percentage of your disk used for the Recycle Bin, if you choose to leave the Recycle Bin enabled.) You can also just hold down the shift key while deleting files to bypass the Recycle Bin and permanently delete files. RESET YOUR SYSTEM CLOCK If you have a computer with an unreliable clock, you can use your LAN to correct it. At the command prompt, type NET TIME \\computername /SET /YES This sets the clock on your computer to the same time as the one on the server. SQL 7.0 BUG: SLOW PERFORMANCE Microsoft has reported that SQL Server 7.0 may infrequently run slower than SQL Server 6.5 when processing certain rare types of left outer joins that involve large result sets. A supported fix that corrects this problem is available from Microsoft, but it has not been fully regression tested and should be applied only to systems experiencing this problem. If this specific problem does not severely affect you, Microsoft recommends that you wait for the next SQL Server service pack, which will contain this fix. To resolve this problem immediately, contact Microsoft Product Support Services to obtain the fix. For a list of Microsoft Product Support Services phone numbers and information on support costs, please go to the following address on the World Wide Web: http://www.microsoft.com/support/supportnet/overview/overview.asp UNATTENDED, CUSTOMIZED INSTALLATIONS You can deploy customized installations throughout your organization using the tools in the Windows NT Workstation or Server version 4.0. These tools include unattended setup and the new sysdiff utility. Unattended setup lets a handful of technicians deploy the new operating systems without disrupting your end users' work day. The sysdiff utility prepares "snapshots" of the operating system before and after installation of apps. When the final snapshot (the "difference" file) is applied during or after Windows NT Setup, the changes you made to the master system by installing applications (registry settings, binary files--everything) are copied to the new installation. Or you can use sysdiff to create an INF from the difference file, and use the INF to install the applications during or after Windows NT Setup. This lets you include in your customized installation applications that do not have a scripted setup. You can also use sysdiff with unattended setup to create "spare" hard disks with the operating system and the applications preinstalled, ready to replace crashed disks in mission-critical computers. Unattended setup and sysdiff are described in Part 1, Windows NT Workstation Deployment, of the Windows NT Workstation Resource Guide. A printed version of the Resource Guide is included with the Windows NT Workstation Resource Kit, and the Windows NT Server Resource Kit includes an online version of the Windows NT Workstation Resource Guide. Disabling the Timer for NT Boot Loader by Tim Boone When your Windows NT system is set up in a dual-boot configuration, the Windows NT boot loader displays a menu of operating system choices (usually MS-DOS and Windows NT), waits 30 seconds for input, and then starts Windows NT if you fail to provide any input. If you want to boot to the other operating system, but get distracted before you make a selection, you'll have to reboot and try again. Of course, you can increase the value in the 'Show List For' text box in the Control Panel's System dialog box, but you'll still have the same problem if the timer counts down before you make a choice. You can disable the boot loader's timer so that the menu of operating system choices remains on the screen until you make a choice. To do so, you have to edit the boot.ini file and change the timeout value. First, though, you have to turn off boot.ini's Read-Only attribute. Once you've done that, open the boot.ini file in Notepad and change the timeout value from timeout=30 to timeout=-1. At this point, you should save the file and reboot your system. It's important to note that you can't make this change in the Control Panel's System dialog box because only values from 0 to 999 are valid in the Show List For text box. Now turn boot.ini's Read-Only attribute back on. THE QUESTION: TechRepublic reader jim@pandzik.com was looking for a short batch file for Windows 95/98 that would delete everything in the Temporary Internet Files, Cookies, and History folders. Copy and paste this URL into your browser: www.techrepublic.com/trbbs/message_detail.jhtml?thread_id=4060&thread_title= Deletion+Program&ooc=open THE ANSWER: User bugars recommended Wilson WindowWare's WinBatch, which will help Jim create a batch or macro for anything he can do with keystrokes. http://www.windowware.com/ PREVENTING GUEST ACCESS TO EVENT LOGS (contributed by Selvini Livio, selvini.livio@tiscalinet.it) Default Windows NT configuration gives guests the ability to view event logs (system and application logs). The security log is protected from guest access by default; it's viewable by users who have the "Manage Audit Logs" user right. To restrict guest access to the event log files, use the Registry Editor to open the key \HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\. For each [LogFileName] add (or change) the key value as follows: RestrictGuestAccess data type: REG_SZ value: 1 Set the value for each of the logs to 1. The change takes affect on the next reboot. Needless to say, you'll have to change the security on this key to prevent access to everyone except Administrators; otherwise, malicious users can reset these values. Simple Security Tips for Windows NT Server by Tim Boone Some people think that NetBIOS is inherently insecure and that any NT machine that has NetBIOS bound to TCP/IP (or that isn't blocking ports 135 to 139) is asking for trouble. If you use it carefully (with the messenger and alerter services disabled), you'll be OK. The main gate to all of your NT services is the "right to log on from the network." I highly recommend restricting this right severely -- by default, it's allowed to everyone. Depending on how many admins there are, you should either create a new Administrators group or simply remove administrators from the listing and add back in the individual users you want there. Now you have a much shorter list of users allowed to log in from the network, and Administrator isn't one of them. This is important, because you can't lock out Administrator from bad log-in attempts, so it opens a ripe opportunity for brute force attacks. Also, if you can't log on from the network, you can't get into the Registry, event logs, enumerate shares -- you name it. Make sure you have enabled account lockouts after a reasonable number of bad log-in attempts. This makes it much more tedious for someone to attack users who are allowed to log in from the network. Also make sure that a reasonable password length is required and that no one uses lame passwords. Turn off the messenger and alerter services. This prevents broadcast of the name of the console user in the NetBIOS name table. The only information they could get is the machine name (which a DNS lookup might reveal) and the domain or workgroup. Disable the guest account. Explicitly set the ACL for all shares. Do not ever leave it as "All access - Everyone." Avoid running services under the local system account. Make separate, bare-minimum permission accounts for most services. That way, if a service gets compromised, you limit the scope of damage and have a log of exactly which service did what. Set the permissions on your Registry at a tighter level than default. The resource kit has some good suggestions for this. THE QUESTION: TechRepublic reader Ellem recently got another hard drive and wanted to know how to mirror the drives on an NT workstation. Copy and paste this URL into your browser: www.techrepublic.com/trbbs/message_detail.jhtml?thread_id=4621&thread_title= NT+Workstation+and+RAID+1&ooc=open THE ANSWER: User kellyst@nabisco.com suggested using the Ftedit.exe tool from the NT Resource Kit to mirror the drives, adding that Microsoft does not support this action.

QUICK ACCESS TO A POPULAR ADMINISTRATOR KEY (contributed by Colin Reed, tower@post4.tele.dk) The HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services key is probably the key Windows NT administrators use most often. Instead of going to Run, typing Regedit, and clicking through the entire Registry Tree to get to this key, you can use a Windows Scripting Host (WSH) script to access it quickly. Michael Harris posted this script in response to a request I made for such a utility on the microsoft.public.scripting.wsh usergroup. The script requires the latest WSH 2.0 Beta, which you can download from http://msdn.microsoft.com/scripting. This script will work only with Regedit--not Regedt32. strKey = "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services" set sh = createobject("wscript.shell") sh.run "regedit" wscript.sleep 1000 'if already open, collapse tree to root... ' for n = 1 to 16 sh.sendkeys "{LEFT}" next 'expand the root ' sh.sendkeys "{RIGHT}" 'parse strKey in nodes... ' arNodes = split(strKey,"\") 'send each node to navigate to it 'then the right arrow key to expand it... ' for each n in arNodes sh.sendkeys n sh.sendkeys "{RIGHT}" next

CUSTOMIZE YOUR SEND TO BUTTON (contributed by Susan Eubanks, susaneubanks@hotmail.com) You're just a right-click away from customizing your Send To button so that it includes your frequent tasks. In Windows NT, go to the WINNT\Profile\All Users\Send To folder. Right-click a blank space on the screen, and select New, then Shortcut. At the Create Shortcut window, make your selection. (You can include administrative shares to a serve--i.e., \\servername\c$).) This tip works great on workstations frequently used for copying files. DISABLING THE WINDOWS LOGO KEY Administrators commonly disable browsing on public terminals by defining a system policy that revokes user access to Windows Explorer, the Run command, and the Find command. But even after you've removed Explorer, users can access disabled features using shortcuts with the Microsoft Windows logo key (e.g., logo key+E). Here's a quick script you can use with the Microsoft Windows NT Server 4.0 Resource Kit utility regini.exe to disable the right and left Windows logo keys and lock down your public or high-security systems. Create a file with an .ini extension, enter the commands below, and run the script by entering its full name (e.g., nologoskey.ini) at a command prompt. You must reboot the system to disable the Windows logo keys. Of course, you can also make these modifications manually with a Registry editor and reboot. ; ; This mapping disables both Windows logo keys ; \Registry\Machine\SYSTEM\CurrentControlSet\Control\Keyboard Layout Scancode Map = REG_BINARY 24 \ 0x00000000 0x00000000 3 \ 0xE05B0000 0xE05C0000 \ 0x0 See Microsoft Support Online article Q181348 (http://support.microsoft.com/support/kb/articles/Q181/3/48.asp) for an explanation of the binary values that appear in the script. The article states that if you encounter problems, you can delete the Registry key this script creates (HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\KeyboardLayout\Scancode Map) with a Registry editor running locally or over the network. If you delete the key, you need to reboot the system to restore access to the Windows logos keys. * AUTOMATIC LOGON IN WIN2K AND NT 4.0 When you're debugging code such as a device driver that takes down a system, you'll appreciate knowing how to enable an automatic system logon. The Registry's Winlogon key contains many entries that control how the logon process works. Two of these entries let you set up a system for automatic logon after a system restart or a logoff so that you can use the extra time to focus on cleaning up your code. Go to the following Registry key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon Enter a valid account name in the DefaultUserName (type REG_SZ) entry and the password for the account in the DefaultPassword (type REG_SZ) entry. If either entry doesn't appear in the Winlogon key, create it with a Registry editor. If you forget to enter a DefaultPassword, the OS automatically changes the AutoAdminLogon key value from 1 (true) to 0 (false), which disables the AutoAdminLogon feature. If the AutoAdminLogon entry disappears, you can recreate it manually--it has a data type of REG_SZ. A value of 1 enables AutoAdminLogon and a value of 0 disables the feature. Reboot the system to activate the changes. When automatic logon is enabled and you want to log on to the system as a different user, hold down the Shift key after logging off or restarting and you'll see the regular logon dialog box--a technique that works with Windows NT 4.0 and Windows 2000 (Win2K). Keep in mind that if you configure a system for automatic logon, anyone can restart the system and log on, so making this change exposes a potential security vulnerability. See Microsoft Support Online article Q97597 (http://support.microsoft.com/support/kb/articles/Q97/5/97.asp) for details. * KEEPING RAS CONNECTIONS ACTIVE AFTER LOGOFF The KeepRasConnections value entry in the Registry's Winlogon key controls whether RAS maintains active connections after a user logs off. If you want your dial-up or VPN connections to remain live, go to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon, add the value entry KeepRasConnections: REG_SZ: 1, and reboot. This entry doesn't typically appear in the Winlogon key; you must create it with a Registry editor. See Microsoft Online Article Q158909 (http://support.microsoft.com/support/kb/articles/q158/9/09.asp) for more information. FILENAME COMPLETION FOR DOS WINDOW (contributed by Nicholas Kohner, snowboardripper@hotmail.com) If you hate typing long directory names, such as Program Files, when using a DOS prompt, then: 1. Use regedit32.exe. 2. Set HKEY_CURRENT_USER\Software\Microsoft\Command Processor\CompletionChar to 9 (tab char). 3. Set HKEY_CURRENT_USER\Software\Microsoft\Command Processor\EnableExtensions to 1 (automatically expanded). If more than one choice exists for the start of a word, keep pressing Tab. THE QUESTION: TechRepublic member Joaxe needed to know how to configure a DHCP server that would allow Wyse Technology's WinTerms to download BIOS updates from an FTP server. Joaxe was unsure how to create options 161 and 162 for DHCP. Copy and paste this URL into your browser: www.techrepublic.com/trbbs/message_detail.jhtml?thread_id=4890&thread_title= DHCP+Options+for+FTP&ooc=open THE ANSWER: User Bert.chew said that Joaxe could configure the DHCP server by going to DHCP Options | Default and clicking the New button. THE QUESTION: TechRepublic member Jcolome has the NT Terminal Server CD but has lost the install disks. Jcolome was looking for a way to create these disks from within the CD. Copy and paste this URL into your browser: www.techrepublic.com/trbbs/message_detail.jhtml?thread_id=5030&thread_title= NT+Terminal+Server+Install+Disks&ooc=open THE ANSWER: User Dtimko recommended running WINNT.EXE/OX to create the disks or booting from the CD-ROM if he didn't want to use the disks. THE QUESTION: TechRepublic member Markosoteo was looking for a third-party utility that would help retrieve information from Windows NT's User Manager. Markosoteo wanted to be able to print out users, groups, etc., and import data into Excel or Lotus Notes. Copy and paste this URL into your browser: www.techrepublic.com/trbbs/message_detail.jhtml?thread_id=5262&thread_title= Extracting+information+from+User+Manager...&ooc=open THE ANSWER: User Imaxim recommended the shareware program Hyena, which can be found at the Adkins Resource Web site. Hyena can export users, groups, etc. to plain text. http://www.adkins-resource.com/
Protecting Your Registry by Jim Pile
We often suggest Registry edits and the use of REG files. We also frequently warn readers about potential problems that one can experience when making a Registry change. Here is one way to make those Registry edits safer.
If you want to edit a value using RegEdit, the safest thing to do is save the key before you make changes. Let's say that you're going to make a change in HKEY_CURRENT_USERSoftwareMicrosoftWindows NTCurrentVersionWinlogon. Before you make the change, click the Winlogon key and choose Registry, Export Registry File. Give the file a name you can remember (we used Winlog) and click Save.
With this key saved, you can later double-click the REG file to restore the original Registry settings.
The same is true of a REG file. In many cases, we provide two REG files, one to make the changes, and one to return to the default. When we don't have that information (when the information is likely to be different on your computer) you can use RegEdit to protect yourself against problems. For example, if a REG file contains the key [HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer], you could run RegEdit, navigate to that key and choose Registry, Export Registry File to save the key to a backup file before you run the REG file to modify that key.
This is a lot more trouble than just running the REG file, but it assures you that you aren't stuck with a change that you don't like.
Working with FAT 32 and NTFS by Jim Pile
In the last tip we discussed a way to force Windows NT 4.0 Workstation and FAT 32 to coexist. However, there is another step you may want to take if you dual-boot Windows NT 4.0 Workstation and Windows 98 /FAT 32. Windows NT 4.0 Workstation can't read files on the FAT 32 partition, so Drive D is useless even though it appears in My Computer. On the other side of the fence, when you boot into Windows 98, you won't see the NTFS partition at all. So, in Windows 98 you have Drive C and the CD-ROM drive at Drive D. In Windows NT 4.0 Workstation you have Drive C, a useless Drive D, and your CD-ROM drive is E. You can easily eliminate the useless drive with Disk Administrator. Just click Start, Programs, Administrative Tools (Common), Disk Administrator. Click the FAT 32 partition to select it and then choose Tools, Assign Drive Letter. When the Assign Drive Letter dialog box opens, select the radio button labeled "Do not assign a drive letter" and click OK. Now, click your CD-ROM drive and choose Tools, Assign Drive Letter. Set your CD drive to D, since that letter is no longer used by the FAT 32 partition. Choose Partition, Exit to close Disk Administrator. Now, your Windows NT 4.0 Workstation system will use the same drive letters as Windows 98, and the useless FAT 32 partition won't appear.
Strong Passwords by Tim Boone
You can increase the security of a system by altering the parameters for valid passwords. From the User Manager For Domains application, select Policies/Account from the menu bar. In the Password Restrictions area of the dialog box, you can: 1. Set the age limit for passwords. This forces users to change passwords after a preselected number of days. 2. Set the minimum length of passwords to eight or more characters. 3. Keep a password history to prevent users from recycling old passwords. 4. Enable account lockouts that deactivate an account after a specified number of failed login attempts. - Share Selectively - To restrict drive and folder sharing to individuals or groups, first right-click the drive or folder to share, then select Sharing from the menu. From the Shared As section of the Sharing tab, click Permissions. Remove the Everyone entry and click the Add button to add individuals and/or groups to the access list. Finally, click OK in all the windows to close and exit.
Option 2 for Dual-Booting FAT 32 and Windows NT by Jim Pile
We recently discussed a way to dual-boot on a computer with a FAT 32 drive and Windows NT 4.0 Workstation on an NTFS partition. We also discussed a method you can use to hide the useless FAT 32 partition from NT. However, as several readers have pointed out, there is another option. You can download a free utility from Winternals that will let you read that FAT 32 drive in Windows NT 4.0 Workstation. Go to http://www.winternals.com/downloads/index.shtml and download FAT 32 for Windows NT 4.0. Install the program and check it out for a while. You'll find that your Windows 98 FAT 32 partition is perfectly readable. You will probably decide that simply reading the FAT 32 partition isn't enough for you -- you'll want to write to it as well. No problem, all you have to do is purchase FAT 32 for Windows NT 4.0 Professional for a mere $39. We have been using FAT 32 for Windows NT 4.0 Professional for several months now, and we have never had a hitch of any kind. Also, it opened up 20 GB of previously unavailable space on the FAT 32 partition. Perhaps you would also like to be able to read the NTFS partition while you're running Windows 98. If so, go to http://www.winternals.com/downloads/index.shtml and download NTFS for Win98. This utility will let you read your NTFS partition from Windows 98. If you would like to write to the NTFS partition from Windows 98, you'll need the commercial version, which is priced at $49.
Removing Items from the Start menu by Jim Pile
Here is a question from reader Doug M: "I am trying to remove the Documents, Settings, and Favorites item from my Start menu. I have tried using the Profile Manager and RegEdit, but cannot find the right keys. Can you help me?" Yes, I think I can help. We have gone over Documents and Favorites, but Settings is a different matter. To begin with, you could prevent Control Panel and Printers from appearing in Settings. Let's generate a single REG file to remove all Documents and Favorites from the Start menu and to remove Control Panel and Printers from the Settings menu. This REG file will also remove Control Panel and Printers from My Computer. As usual, be cautious about running REG files -- they do modify the Registry. To proceed, run Notepad and enter the following as shown here. Where you see BLANK LINE GOES HERE, press Enter -- please don't type in BLANK LINE GOES HERE. REGEDIT4 BLANK LINE GOES HERE [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoFavoritesMenu"=dword:00000001 "NoRecentDocsMenu"=dword:00000001 "NoSetFolders"=dword:00000001 BLANK LINE GOES HERE Now, choose File, Save As and name the file ItemsOff.reg. Locate a folder for the new REG file and click Save. You can enter the information in your REG file by simply double-clicking its icon. When the dialog box appears telling you that the information has been entered, click OK to close the dialog box and continue. Restart your computer to see your new changes take effect.
Installing Windows NT 4.0 Workstation From the Hard Disk by Jim Pile
Here's a tip from reader John W., who has some helpful comments on how to use the installation disc files on the hard disk: "Since a number of people seem interested in storing the distribution files on the hard drive, I have a couple of recommendations: 1. There is no need to expand the files -- they will be expanded during setup when NT needs the source files. This will eliminate the whole process as it was originally documented in your tip. Instead, you can just copy the \I386 folder from your CD to your selected folder on the hard disk. 2. Because Windows NT was very likely originally installed from a CD, when you add components, the default location for the source files will always be the prompted location that the Windows NT setup will look for. This location is stored in the following registry key, and can be changed. When you install new components, you will not have to browse for the source path. As usual, use caution with your registry editor. Click Start, Run, and type regedit then press Enter. When RegEdit opens, navigate to [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup] Locate your SourcePath string and edit it to have the full and exact path to where you copied your installation files in step #1 above. Close Regedit and you are finished." Thanks for the tip, John.
Preventing users from changing the Recycle Bin By Jim Pile
Here is a question from reader Cheryl L: "I have a number of Windows NT 4.0 Workstation systems. I would like to prevent the users from changing the Recycle Bin properties. What happens is that the properties get changed and files get lost. Is there a way to keep users from changing the Recycle Bin?" Yes, there is. You will need to edit the Registry, so be careful. For this job, you need to use Regedt32 rather than RegEdit. Click Start, then Run, then type "regedt32"and press Enter. Navigate to HKEY_Local_Machine\Software\Microsoft\Windows\CurrentVersion\Explorer\Bi tBucket. Now click BitBucket to select it and then choose Security, Permissions. When the Registry Key Permissions dialog box opens, change Everyone from Special Access to Read and then click OK. Now choose Registry, Exit to close the Registry Editor. The change will take place without a restart.
****Top 4 Networking Essentials questions****
One of the great features of the ITTutor application is that it allows us to discover which questions are causing the most problems for users. A quick analysis of the log files reveals the following questions are the Networking Essentials questions answered incorrectly most often; Question Number 1 Which of the following are not layers in the TCP/IP architectural model? Intranet (Correct) Address (Correct) Transport Internet Application Physical Explanation. The TCP/IP reference model has 4 layers in it. Of the six possible answers above, Intranet and Address are incorrect and therefore should have been selected. Note the question is asking about the TCP/IP reference model, not the OSI reference model and this can catch you if you are not alert. Question Number 2 Which of the following have the physical topology of a bus? 10Base2 (Correct) Token Bus (Correct) 10BaseT ARCnet Explanation. 10Base2 networks and Token Bus networks use the bus physical topology. 10BaseT and ARCnet networks are cabled in a star with hubs at the center. This question has continually been in the top 5 list of incorrectly answered questions on the site from the first week we began analysis. There are no tricks in the question and the answers are covered in the online training material. Question Number 3 The unit of information that is manipulated at this OSI layer is a Packet. Which OSI layer does this refer to? Network (Correct) Physical Data Link Transport Explanation. This is a very dry subject! However it is important to know not only the OSI seven-layer model, but also the term used for the information at each layer. Question 4. Your customers network load is very high and they are intending adding more devices. You are trying to reduce the network traffic, cost is not an issue. The network only uses TCP/IP, which of the following devices would you choose? Router (Correct) Gateway Repeater Brouter Bridge Explanation. This question relies on a good understanding of the OSI model, network devices and even TCP/IP. If you understand the OSI model it should be clear that a Gateway is too far up the model to have any impact on network traffic. A Repeater is used to extend cable runs and does not reduce network traffic in any way. However a Router is designed to segment a network. By examining the Network ID a router can make a decision about the path a packet should travel through a network. A busy network can be broken into subnets separated by routers. A bridge is useful if the protocols on the network do not contain a network ID as they can reduce traffic by learning where a particular device is, however in this question TCP/IP is the only protocol used. A Brouter combines the elements of a bridge and a router, however as the question specifies TCP/IP there is no requirement for a brouter.
Booting Windows NT 4.0 Workstation, Windows 2000 Professional, and Windows 98 by Jim Pile
After I ran a tip on how to dual boot Windows NT 4.0 Workstation and Windows 98 FAT 32, I received a number of requests about adding Windows 2000 Professional to create a triple-boot system. Although the method I described will allow a triple boot, I recently found a freeware program called LegendOS Boot Manager that allows you to easily boot among the three operating systems, even when Windows 98 is running on a FAT 32 partition. As was the case with the method I described, Boot Manager requires that all three partitions exist on the same hard disk. To get started, download Boot Manager at http://legendos.sitebest.com/. Unzip the program to a floppy disk and then read the readme file thoroughly. Set the floppy disk aside for later use. Here is how to set up a triple boot installation (starting with a bare hard disk). I don't intend to imply that this is the only way this can be done -- it's just the way I did it. First, boot the computer using a Windows 98 startup disk. Run Fdisk and answer "no" when asked if you want to use the large hard-disk option (this prevents problems with Windows NT 4.0 Workstation). Create a maximum size partition for Windows NT 4.0 Workstation (2GB). Then restart using the startup disk and format the partition. Install Windows NT 4.0 Workstation. After you finish the installation of Windows NT 4.0 Workstation, restart using the Windows 98 startup disk and run Fdisk again. This time you can select large hard-disk support. Create a new partition for Windows 2000 Professional (size it as you wish). Now, create a partition for Windows 98 (also sized as you wish). Restart using the startup disk and format the new partitions. Next, run Fdisk and set the new Windows 2000 Professional to active. At this point you can install Windows 2000 Professional. When finished, start with the Windows 98 startup disk again and set the Windows 98 partition to active. Restart and install Windows 98. Now you're ready for the Boot Manager disk. Run Windows 98 (this partition should still be active) and place the disk in Drive A. Run Windows Explorer and create a new folder in Drive C named Boot. Copy the files from Drive A to the Boot folder. In the Boot folder, double-click Setup to run the program. Hit Enter. Select the partitions you want to use and name them as you wish. Save the boot information to Drive C. When you restart the computer, your boot selections will appear on the screen.
Changing the shortcut overlay By Jim Pile
Reader Allen H. asks if we can discuss how to change the shortcut overlay in Windows NT 4.0 Workstation. Allen has an arrow icon that he would like to use in place of the standard arrow. However, you can use any suitable icon that you have available. To change the overlay, we wrote a short REG file. Note that you need to customize this file to meet your own requirements. As usual, we don't guarantee the REG file to do what you expect. To generate the REG file, run Notepad and enter the following as shown. Where you see BLANK LINE GOES HERE, press Enter to create a blank line. REGEDIT4 BLANK LINE GOES HERE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\S hell Icons] "29"="C:\\WINNT\\Icons\\shortcut.ico" BLANK LINE GOES HERE Choose File, Save As, and name the file arrow.reg. Find a folder to store the file in and click Save. Now double-click the file's icon to merge its data with the Registry. When you restart the computer, the new overlay will take effect. If you decide to do this we must caution you that not all overlays are effective.
Removing Registry entries in Windows NT 4.0 Workstation By Jim Pile
Here is a question from reader Ahmad K.: "There are some applications that exist in the system Registry that won't disappear after using Add/Remove Programs in Control Panel. They are giving some errors because these applications no longer exist on the hard disk. Is there any way to clean and remove unwanted entries from my Registry?" Although stray Registry entries usually result from improper program removal, this is not the only reason for the problem. Unfortunately, some programs don't uninstall their Registry entries. Because going through the Registry with RegEdit32 isn't an easy, or necessarily safe, task, I suggest trying some software designed to clean the Registry. Microsoft offers a free program called RegClean that will search the Registry for unnecessary entries and then remove them. Each time you instruct RegClean to fix the Registry, the program creates a backup file named Undo computer yyyymmddhhmmss.reg where Computer is your computer's ID, yyyymmdd is the date (year, month, day) and hhmmss is the time in hours, minutes, and seconds. If something should go wrong, you can double-click the appropriate Undo file to get back to your starting point. RegClean works on Windows 9x, Windows NT 4.0, and Windows 2000 Professional. You'll find it at http://support.microsoft.com/support/kb/articles/Q147/7/69.asp. Please read the online documentation before using this program.
Most tips are from TipWorld - http://www.tipworld.com :The Internet's #1 Source for Computer Tips, News, and Gossip
Jim Pile has been an instrumentation engineer for 25 years. With this knowledge, he's been writing tutorial newsletters for both The Cobb Group and for IDG over the last five years. He can be reached at jim.pile@sunworld.com.