Monitoring and Optmizing System Performance and Reliability:

Driver signing: (KB# Q224404)

Configuring Driver Signing: (KB# Q236029)

• Open System applet in Control Panel and click Hardware tab. Then in the Device Manager box, click Driver Signing to display options:
• Ignore - Install all files, regardless of file signature
• Warn- Display a message before installing an unsigned file
• Block- Prevent installation of unsigned files
• The Apply Setting As System Default checkbox is only accessible to Administrators

Using System File Checker (sfc.exe): (KB# Q222471)

• /scannow - scans all protected system files immediately
• /scanonce - scans all protected system files at next startup
• /scanboot- scans all protected system files at every restart
• /cancel- cancels all pending scans
• /quiet - replaces incorrect files without prompting
• /enable - sets Windows File Protection back to defaults
• /purgecache - purges file cache and forces immediate rescan
• /cachesize=x- sets file cache size

Windows Signature Verification (sigverif.exe):

• running sigverif launches File Signature Verification
• checks system files by default, but non-system files can also be checked
• saves search results to Sigverif.txt

Task scheduler: (KB# Q235536 & Q226262)

• used to automate events such as batch files, scripts and system backups
• tasks are stored in the Scheduled Tasks folder in Control Panel
• running task with a user name and password allows an account with the required rights to perform the task instead of an administrative account
• set security for a task by group or user

Using offline files:

Offline files replaces My Briefcase and works a lot like Offline Browsing in IE5. By default, offline files are stored in the %systemroot%\CSC (Client Side Caching) directory.

Share a folder and set it's caching to make it available offline - three types of caching:

• manual caching for documents - default setting. Users must specify which docs they want available when working offline
• automatic caching for documents - all files opened by a user are cached on his local hard disk for offline use - older versions on users machine automatically replaced by newer versions from the file share when they exist
• automatic caching for programs -same as above, but for programs

When synchronizing, if you have edited an offline file and another user has also edited the same file you will be prompted to keep and rename your copy, overwrite your copy with the network version, or to overwrite the network version and lose the other user's changes (a wise SysAdmin will give only a few key people write access to this folder or everyone's work will get messed up).

Using Synchronization Manager, you can specify which items are synchronized, using which network connection and when synchronization occurs (at logon, logoff, and when computer is idle).

Encrypted files (EFS) are NOT encrypted in the offline cache. You must be a member of the Administrators group to view the offline cache (on an NTFS volume). File and folder permissions still apply in the offline cache, even when it is located on a FAT or FAT32 volume.

Performance Console: (KB# Q146005)

• Important objects are cache (file system cache used to buffer physical device data), memory (physical and virtual/paged memory on system), physicaldisk (monitors hard disk as a whole), logicaldisk (logical drives, stripe sets and spanned volumes), and processor (monitors CPU load)
• Processor - % Processor Time counter measure's time CPU spends executing a non-idle thread. If it is continually at or above 80%, CPU upgrade is recommended
• Processor -  Processor Queue Length - more than 2 threads in queue indicates CPU is a bottleneck for system performance
• Processor - % CPU DPC Time (deferred procedure call) measures software interrupts.
• Processor - % CPU Interrupts/Sec measures hardware interrupts. If processor time exceeds 90% and interrupts/time exceeds 15%, check for a poorly written driver (bad drivers can generate excessive interrupts) or upgrade CPU.
• Logical disk - Disk Queue Length - If averaging more than 2, drive access is a bottleneck. Upgrade disk, hard drive controller, or implement stripe set
• Physical disk - Disk Queue Length - same as above
• Physical disk - % Disk Time- If above 90%, move data/pagefile to another drive or upgrade drive
• Memory - Pages/sec - more than 20 pages per second is a lot of paging - add more RAM
• Memory - Commited bytes - should be less than amount of RAM in computer
• diskperf command for activating disk counters has been modified in Windows 2000, physical disk counters are now enabled by default, but you will have to type diskperf -yv at a command prompt to enable logical disk counters for logical drives or storage volumes. (KB# Q253251

Performance Alerts and Logs: (KB# Q244640)

• Alert logs are like trace logs, but they only log an event, send a message or run a program when a user-defined threshold has been exceeded
• Counter logs record data from local/remote systems on hardware usage and system service activity
• Trace logs are event driven and record monitored data such as disk I/O or page faults
• By default, log files are stored in the \Perflogs folder in the system's boot partition
• Save logs in CSV (comma separated value) or TSV (tab separated value) format for import into programs like Excel
• CSV and TSV must be written all at once, they do not support logs that stop and start. Use Binary (.BLG) for logging that is written intermittantly
• Logging is used to create a baseline for future reference

Virtual memory/Paging file:

• Recommended minimum paging file size is 1.5 times the amount of RAM installed. A system with 64 MB should have a 96 MB page file. Maximum page file size should not exceed 2.5 times the amount of RAM installed
• Set through Control Panel > System applet > Advanced tab > Performance Options > Change
• The most efficient paging file is spread across several drives, but is not on the system or boot partitions. (KB# Q123747)
• Maximum registry size can also be changed through the Virtual Memory dialog box

Hardware profiles:

• Created to store different sets of configuration settings to meet a users different needs (usually used with portables) such as whether a computer is docked or undocked.
• User selects the desired profile at Windows 2000 startup
• Profiles are created through Control Panel > System applet > Hardware tab > Hardware Profiles
• Devices are enabled and disabled in particular profiles through their properties in the Device Manager snap-in

Data recovery:

• Windows 2000 Backup is launched through Control Panel > System applet > Backup or by running ntbackup from the Start menu (KB# Q241007)
• Users can back up their own files and files they have read, execute, modify, or full control permission for
• Users can restore files they have write, modify or full control permission for
• Administrators and Backup Operators can backup and restore all files regardless of permissions

The Windows 2000 Registry:

Database that stores Windows 2000 configuration information for all installed software, hardware and users in a hierarchical structure. Consists of five main subtrees:

• HKEY_CLASSES_ROOT - holds software configuration data, file associations and object linking and embedding (OLE) data
• HKEY_CURRENT_CONFIG - holds data on active hardware profile extracted from SOFTWARE and SYSTEM hives
• HKEY_CURRENT_USER - contains data about current user extracted from HKEY_USERS and additional info pulled down from Windows authentication
• HKEY_LOCAL_MACHINE - contains all local computer hardware, software, device driver and startup information. Remains constant regardless of the user
• HKEY_USERS - holds data for user identities and environments, custom settings, etc

The Registry Editor (Regedt32.exe) has a read-only mode, a security menu, and supports the REG_EXPAND_SZ and REG_MULTI_SZ data types. Regedit.exe (another registry editing tool installed by Windows 2000) does not. Registry Editor automatically saves changes as they are made.

Secondary Logon Service (Run As): (KB# Q225035)

• Similar to the SU (Super User) command in UNIX
• Used to test setting using a particular user account while logged in with a different account
• Select the application icon using a single left-click, hold down the Shift key and right-click the icon. When the pop-up menu appears, click Run As. This brings up a dialog box titled "Run program as other user" - enter your credentials and click OK

Configuring and Troubleshooting the Desktop Environment:

User profiles:

• Is a collection of data and folders that store the user's desktop environment and application settings along with personal data.
• When a user logs onto a client computer running W2K Pro, he/she always receives his/her individualized desktop settings and all of their network connections regardless of how many users share the same computer.
• A user can change their user profile by changing their desktop settings - when they log off, Windows 2000 incorporates the changes into their user profile.
• Setting a profile as mandatory forces Windows to discard any changes made during the session so the next time the user logs on, the session remains unchanged from their last login.
• User profiles are stored in the %systemroot%\Documents and Settings\%username% folder in a fresh install of W2K. When upgraded from NT4, they are stored in %systemroot%\Profiles\%username%
• Roaming profiles are used in Windows 2000 domains for users who move from one computer to another but require a consistent desktop environment.

Multiple languages and locations:

Changed through the Regional Options applet in Control Panel. Open Region Options and click Input Locale tab to add more locales. Check each locale or language you want your system to support. (KB# Q177561)

On the Regional Options applet General tab, scroll through the items in the box labelled "Your System is Configured to Read and Write Documents in Multiple Languages" to see the available languages as well as the current default.

Manage and troubleshoot software by using Group Policy:

Deploy software by using Group Policy:

• Replaces setup.exe. Windows Installer packages are recognized by their .MSI file extension.
• Integrates software installation into Windows 2000 so that it is now centrally controlled, distributed, and managed from a central-point.
• The software life cycle consists of four phases, Preparation, Deployment, Maintenance, and Removal.

Maintain software by using Group Policy:

• Software package is installed on a Windows 2000 Server in a shared directory. A Group Policy Object (GPO) is created. Behavior filters are set in the GPO to determine who gets the software. Then the package is added to the GPO under User Configuration > Software Settings > Software Installation (this is done on the server). You are prompted for a publishing method - choose it and say OK.
• Set up Application Categories in Group Policy > computer or user config > Software Settings > Software Installation (right-click) > Properties > Categories > Add. Creating logical categories helps users locate the software they need under Add/Remove Programs on their client computer. Windows does not ship with any categories by default.
• When upgrading deployed software, AD can either uninstall the old application first or upgrade over top of it.
• When publishing upgrades, they can be option or mandatory for users but are mandatory when assigned to computers.
• When applications are no longer supported, they can be removed from Software Installation without having to be removed from the systems of users who are using them. They can continue using the software until they remove it themselves, but no one else will be able to install the software through the Start menu, Add/Remove Programs, or by invocation.
• Applications that are no longer used can have their removal forced by an administrator. Software assigned to the user is automatically removed the next time that user logs on. When software is assigned to a computer, it is automatically removed at start up. Users cannot re-install the software.
• Selecting the "Uninstall this application when it falls out of the scope of management" option forces removal of software when a GPO no longer applies.

Configure deployment options:

• You can assign or publish software packages.
• Software that is assigned to a user has a shortcut appear on a user's Start > Programs menu, but is not installed until the first time they use it. Software assigned to a computer is installed the next time the user logs on regardless of whether or not they run it.
• When software is assigned to a user, the new program is advertised when a user logs on, but is not installed until the user starts the application from an icon or double-click a file-type associated with the icon. Software assigned to a computer is not advertised - the software is installed automatically. When software is assigned to a computer it can only be removed by a local administrator - users can repair software assigned to computers, but not remove it.
• The software settings of a Group Policy is not refreshed like the rest of the settings. The user may need to logoff/logon or the system may need to be restarted for the new settings to take place (depending on type of software installation).
• Published applications are not advertised. They are only installed through Add/Remove Programs in the Control Panel or through invocation. Published applications lack resiliency (do not self-repair or re-install if deleted by the user). Finally, applications can only be published to users, not computers.
• With invocation, when a user double-clicks on an unknown file type, the client computer queries Active Directory to see what is associated with the file extension. If an application is registered, AD checks to see if it has been published to the user. If it has, it checks for the auto-install permission. If all conditions are met, the application is invoked (installed).
• Non-MSI programs are published as .ZAP files. They cannot take advantage of MSI features such as elevated installation priveleges, rolling back an unsuccessful installation, installing on first use of software or feature, etc. (KB# Q231747) .ZAP files can only be published, not assigned.
• Non-MSI programs can be repackaged using a 3rd party tool on the W2K Server CD called WinINSTALL LE. It works like SYSDIFF as it lets you take a snapshot of a system, install your application, take another snapshot and create a difference file that becomes your MSI install package. If you wish to assign a non-MSI program to a user or computer, you must first repackage it as an MSI file. (KB# Q236573)
• When software requires a CD key during installation, it can be pushed down with the installer package by typing misexec /a <path to .msi file> PIDKEY="[CD-Key]" (KB# Q223393)
• Modifications are created using tools provided by the software manufacturer and produce .MST files which tell the Windows Installer what is being modified during the installation. .MST files must be assigned to .MSI packages at the time of deployment. (KB# Q236943)
• Patches are deployed as .MSP files. (KB# Q226936)

Configure and troubleshoot desktop settings:

Desktop settings can be configured using the Display applet in Control Panel or by right-clicking on a blank area of the desktop and selecting properties.

User can change the appearance of the desktop, desktop wallpaper, screen saver settings and more.

Fax support:

• If a fax device (modem) is installed, the Fax applet appears in Control Panel. Does not appear when no fax device installed
• If the Advanced Options tab is not available in the Fax applet log off then log back on as Administrator
• Use the Fax applet to setup rules for how device receives faxes, number or retries when sending, where to store retrieved and sent faxes, user security permissions, etc.
• The Fax printer in your printer folder cannot be shared

Accessibility services: (KB# Q210894)

• Accessibility Wizard is used for deploying accessibility features to users who require them. Using the wizard, define the settings you want to deploy and, on the Save Settings to File page, save them to a file that has the .acw extension. Place the file on a network share and modify each user's login script so that it imports the settings. The command to import the file is this: %SystemRoot%\System32\Accwiz.exe filename. (KB# Q256956)
• Utility Manager enables users to check an Accessibility program's status, and start or stop an Accessibility program. Users with administrator-level access can designate to have the program start when Windows 2000 starts. The built-in programs accessible from the Utility Manager are Magnifier, Narrator, and On-Screen Keyboard.
• By default, automatic reset for accessibility options is disabled. When enabled, accessibilty options will be turned off if they have not be used for a pre-defined period of time. MS recommends enabling automatic reset on systems that are shared by more than one user.
• StickyKeys allows you to press multiple key combinations (CTRL-ALT-DEL) one key at a time
• FilterKeys tells the keyboard to ignore brief or repeated keystrokes
• SoundSentry displays visual warnings when your computer makes a sound (for aurally impaired)
• ShowSounds forces programs to display captions for the speech and sounds they make
• MouseKeys lets you control the mouse pointer with the numeric keypad
• Magnifier magnifies a portion of the desktop (for visually impaired) - available during GUI phases of OS installation (KB# Q231843)
• Narrator reads menu options aloud using speech synthesis (for visually impaired) - available during GUI phases of OS installation.