If you have purchased a computer and set it up in your home, you are that computer’s administrator. Computers on a network in a company or an institution, such as at a university, are called clients. The clients are managed by one or more system or network administrators, who have the task of ensuring that the network and its services are reliable, fast, and secure. Although most network administration takes place on the server (host, as described in earlier chapters), clients must also be administered. Windows Vista includes administrative tools that make it easy to ensure that client computers are operating as they should.

You can use the administrative tools to track and view the activity on your computer. You can set up criteria for gathering event information, and then Windows automatically gathers that information for you. In the event of a problem, you can view that data to help you find and fix the problem.

When you open an administrative tool, Windows uses a two-pane view that is similar to Windows Explorer. The hierarchy of tools in the left pane of the window is called a console tree, and each main category of tools is called a node. The nodes in the console tree allow you to manage and monitor system events and performance, and make adjustments as necessary.

Windows Vista offers a set of tools that helps you administer your computer and ensure it operates smoothly. The Administrative Tools window, opened from the Control Panel, provides tools that allow you to configure administrative settings for local and remote computers. If you are working on a shared or network computer, you might need to be logged on as a computer administrator or as a member of the Administrators group in order to view or modify some properties or perform some tasks with the administrative tools. You can open User Accounts in the Control Panel to check which account is currently in use or to check with your system administrator to determine whether you have the necessary access privileges. Many Windows users won’t ever have to open the Administrative Tools window, but computers on a network will probably require administrative support.

Every time you start Windows, an event-logging service notes any unusual event that occurs, such as a failed logon, the installation of a new driver for a hardware device, the failure of a device or service to start, or a network interruption. For some critical events, such as when your disk is full, a warning message appears on your screen. Most events, however, don’t require immediate attention, so Windows logs them in an event log file that you can view using the Event Viewer tool. Event Viewer maintains several logs in two categories: Windows Logs and Applications and Services Logs. Windows Logs maintains three logs: System, for events logged by Windows operating system components; Security, for security and audit events (such as who logged on); and Application, for Windows program events. Applications and Services Logs maintains individual program and service logs. When you are troubleshooting problems on your computer, you can use the Event Viewer logs to monitor what activity took place.

Event logs grow in size as you work on your computer, but Event Viewer provides tools that help you view just the information you need and store the information you want to save for later. For example, you can apply a filter that allows you to view only events matching specified criteria, such as all events associated with a certain user. You can also search for a specific event using similar criteria. You probably don’t want your active log to include events that happened long ago. With Event Viewer, you can archive, or save, your log periodically and then clear the archived events. Most administrators archive event logs on a regular schedule.

You can control how any log in the Event Viewer collects data by defining a maximum log size (the default is 512K) and instructing Event Viewer how to handle an event log that has reached its maximum size. Only users with administrative rights can change log settings. In addition to specifying a maximum log size, you can also choose from three log options when the log is full: new events can automatically overwrite the oldest events, new events can overwrite only events older than a specified number of days, or Event Viewer will not overwrite events, in which case you must manually clear a full log before it can resume logging events.

If a problem arises related to the memory on your computer, Windows automatically tries to detect it and displays an alert message, which allows you to run the Memory Diagnostic Tool. If you also suspect a memory problem, you can run the Memory Diagnostic Tool from Administrator Tools. When the memory tool starts, you can have the program restart your computer and run the memory tool immediately or run it later. While the memory tool runs, a progress bar indicates the status of the test. When the test is done, Windows restarts again. If the results indicate a problem, you should contact your computer or memory manufacturer for information about fixing the problem.

WINV-7.3.1

On a daily basis, your system generates a variety of performance data, such as your computer’s memory or processor use, or the amount of congestion on a device. As the system administrator, you can use the Reliability and Performance tool to create charts from the data that enable you to observe how a computer’s processor behaves over time. The types of performance data you monitor and record are called performance objects. Each performance object has a set of counters associated with it that provides numeric information. The Reliability and Performance tool charts the numeric data gathered from the counters and provides graphical tools to make it easier to analyze and track the performance of your computer. Performance charts include statistics about each counter you select, but unless you know how your system should perform, these statistics might not be very meaningful. For this reason, administrators create baseline charts—charts made when the computer or network is running at a normal level. When there are problems, the administrator can create another performance chart that can be compared to the baseline chart.

Using Windows Vista, you can monitor local security settings with the Local Security Settings tool to ensure that computer users are adhering to the organization’s security policies. For example, you can change the way the User Account Control (UAC) works, including how and when Windows prompts administrators and standard users for permission to make system changes. You can also set user account and password options to require computer users to create complex passwords of a specific length and change them on a regular basis. A complex password contains characters from at least three of the four following categories: uppercase (A - Z), lowercase (a - z), numbers (0 - 9), and nonalphanumeric (!, $, *, etc.). In addition to setting security options, you can also monitor, or audit, the success or failure of security related events, such as account logon and logoff activities, and user account changes, which appear in the Event Viewer in the Security node.

Computer Management consolidates administrative tools, such as Event Viewer and Performance, into a single window that you can use to manage a local or remote computer. The three nodes in the Computer Management window (System Tools, Storage, and Services and Applications) allow you to manage and monitor system events and performance and to perform disk-related tasks. Each node contains snap-in tools, which come in two types: stand-alone or extension. Stand-alone snap-ins are independent tools, while extension snap-ins are add-ons to current snap-ins. The selected tool appears in the right pane, and you can use the toolbars and menus that appear to take appropriate action with the tool.

WINV3.2.2

The Storage node in the Computer Management window provides you with tools, such as Disk Defragmenter and Disk Management, to help you manage your disks. The Disk Management tool is a graphical tool for managing disks that allows you to partition unallocated portions of your disks into volumes. A volume is a fixed amount of storage on a disk. A single disk can contain more than one volume, or a volume can span part of one or more disks. Each volume on a disk is assigned its own drive letter, which is why the term volume is often synonymous with the term drive. Thus, the same physical disk might contain two volumes. Each volume can use a different file system, so you might have a single disk partitioned into two volumes, each with its own file system. You might partition a single hard disk in two different ways: first, with a single NTFS volume, and second, with one NTFS volume and one FAT volume, which can be helpful if you have a computer with two operating systems, Windows 98/Me on the FAT volume and Windows Vista on the NTFS volume.

WINV-1.6

In Windows Vista, you can manage the access privileges and permissions of local user and group accounts. A local user account is an individual account with a unique set of permissions, while a group account is a collection of individual accounts with the same set of permissions. You can change local user and group accounts in the Computer Management window using the Local Users And Groups tool. This security feature limits individual users and groups from accessing and deleting files, using programs such as Backup, or making accidental or intentional system-wide changes. You can create or modify a user account, disable or activate a user account, identify members of groups, and add or delete members to and from groups.

WINV-7.3.4

If you are having problems with Windows Vista or a program installed on your computer and can’t figure out what to do, you can use System Information to locate valuable information for a support technician. For most people, the information in System Information is difficult to understand. However, if a support technician asks you for information about your system, you know where to find it. After you find the information, you can save and send it to the support technician.

If you’re experiencing problems with your system, you can use the System Configuration tool from Administrator Tools to help you troubleshoot and configure your computer. To help you troubleshoot your system, you can select an option to start Windows Vista with a minimal set of resources, which can help you successfully boot and narrow down the problem. After you reboot successfully, you can start to select services and startup items to add them into the equation and determine what works and what doesn’t. If you need to launch an administrator tool during the process, you can do it from the Tools tab.