Geek of All TradesTools of the Trade

Greg Shields

Every industry has its technicians, and every technician has his bag of tools to help get the job done. The world of IT is no different. Whether you're a specialist focusing your skills on the perfection of a single service or someone whose job is to keep everything afloat simultaneously, you need tools just like the folks in other fields. Yet, unlike the tools used by your electrician or your dentist, those we use in IT aren't so much ones you can wrap your hands around. Rather, our tools are logical extensions of the otherwise manual actions we need to accomplish. These tools allow us to automatically or more rapidly accomplish an otherwise complex or time-consuming activity. We may not need a hammer and saw to build our computing environment, but most of us couldn't live a day without our Windows Sysinternals utilities.

With this in mind, this month I take a deep dive into the Microsoft TechNet site and its offshoots to locate some of the very best tools available. As an IT professional who seeks to make life easier at little to no cost, you're sure to appreciate these 19 free downloads. Note that some have already been featured in TechNet Magazine's Utility Spotlight column; in those cases, I'll link to those columns to offer you more information on how to use the particular tool.

ADMX Migrator Windows Vista and Windows Server 2008 change the Group Policy format from ADM to ADMX. ADMX's XML-based format is entirely different than the old syntax and can be challenging to work with in a text editor. If you've created custom ADM Group Policy files, this tool automatically upgrades those files to the new format. It also provides a way for you to create your own custom ADMX files through its graphical interface (see Figure 1).


Figure 1 ADMX Migrator

BITS Administration Utility Kicking off a traditional file transfer can significantly impact the performance of both machines involved with the transfer. Also, traditional transfers that are interrupted midstream usually need to be restarted from scratch. For these reasons, the Background Intelligent Transfer Service (BITS) was developed. Yet while BITS is natively available in technologies like Windows Server Update Services (WSUS) and Configuration Manager, many administrators don't realize they can use the BITS Administration Utility and a little scripting to initiate and manage their own robust file transfers.

Debug Diagnostic Tool Troubleshooting Windows crashes and hangs can be a notoriously difficult process if you don't have specialized training. The Debug Diagnostic Tool assists with this process by analyzing system resources both during and after the crash to identify and report on the root cause of the problem.

Group Policy Inventory A tool for Windows Server 2003 and earlier environments, Group Policy Inventory is designed to poll for Group Policy and Windows Management Instrumentation (WMI) information across multiple computers at once. The resulting information can identify installed software, the success of Group Policy Object (GPO) distribution, and hardware inventory, among other capabilities. One handy use for this tool is in testing out a candidate WMI filter before attaching it to a GPO.

Internet Explorer Administration Kit The IEAK has been around almost as long as Internet Explorer. Designed to be a comprehensive configuration control utility for Internet Explorer, this tool locks down virtually every Internet Explorer setting to those that are customized for your organization. If you want to lock down your users' home pages, connection profiles, and even customize the Internet Explorer logo, the IEAK provides the necessary tools for you to get the job done.

LimitLogin Some administrators in highly secure or specialized environments wish they could limit users to a specific number of concurrent logins. Particularly useful with Windows Server 2003 Terminal Servers, LimitLogin enables administrators to enforce concurrent login quotas while tracking all login information right within Active Directory itself.

Microsoft Baseline Security Analyzer A longtime favorite among security administrators and those in small environments, the MBSA scans systems in your environment for known security vulnerabilities and unsecure configurations. Unlike WSUS, which focuses strictly on the presence or absence of updates on a computer, MBSA goes an extra step by identifying where a configuration setting may be bad for system security while making suggestions towards how to resolve the problem.

Microsoft File Server Migration Toolkit If you've attempted to move or consolidate data within a large file server, you recognize that this process is no small feat. Maintaining file paths and permissions during a migration makes complicated what seems at first blush to be a simple file copy. Microsoft File Server Migration Toolkit (see Figure 2) eases this process by leveraging Distributed File System (DFS), Volume Shadow Copy service (VSS), and other technologies to assist with any large-scale file server migration project.


Figure 2 File Server Migration Wizard

Microsoft Security Assessment Tool More a pencil-and-paper examination than a technological marvel, the MSAT is a comprehensive multiple-choice test that helps small- and medium-sized businesses understand their security posture (see Figure 3). You'll want to take the time to answer its hundreds of questions to understand your level of risk and evaluate the security defenses that you have already implemented.


Figure 3 The Microsoft Security Assessment Tool

Microsoft SharedView Computers were supposed to bring about levels of collaboration never before seen in business. But that real-time collaboration only works if you've got the right technology underpinnings. This free tool provides a way for up to 15 people to work on the same documents together.

Microsoft Windows Server 2003 Performance Advisor Using Data Collector Sets, both W indows Vista and Windows Server 2008 include the native capability to view snapshots of system performance and specified configurations. Yet their technology was based on the Server Performance Advisor originally written for Windows Server 2003. This tool collects performance data with an eye towards generating diagnostic reports geared towards specific server roles such as Active Directory, IIS, DNS, Terminal Services, among others.

Robocopy GUI While command-line and scripting activities have always been a part an IT administrator's daily workflow, sometimes you just want a graphical interface to get the job done. For your advanced needs associated with file copies and transfers, the Robocopy GUI provides that graphical interface. Exposing all of the functionality available through Robocopy's command line, this GUI tool makes it easy to set up file transfers and mirrors.

searchSd Security access control lists (ACLs) that are assigned to objects in Active Directory are most often exposed by viewing the properties of that object. But in situations where you want to view those ACLs across dozens or hundreds of objects, right-clicking each object for its properties no longer makes sense. In such cases, searchSd is a handy tool that enumerates ACLs and owners for Active Directory objects. This tool is particularly powerful when logging the configuration of Active Directory and its security for audit purposes.

Virtual Machine Remote Control Plus If your environment makes use of Virtual Server 2005, you might lament its Web-based management UI. While great for occasional use, it's likely you wish for a rich client application to manage your Virtual Server workloads. Virtual Machine Remote Control Plus provides just that forms-based interface. Using this tool, you can remotely control virtual machines as well as manage their configuration, all within its single interface.

Web Capacity Analysis Tool If you work primarily with Web servers, chances are you have used the Web Capacity Analysis Tool (WCAT) before. If not, you may not be aware of its ability to simulate traffic against a Web server. WCAT is designed to be used with a set of candidate clients to generate hits against a Web server, with the goal of determining that server's load capacity. Fully customizable, this tool provides a useful platform for deploying tests against Web servers in your environment in order to identify how much load you can safely support.

Windows Automated Installation Kit Installing a single Windows operating system is as easy as Next, Next, Finish. But those few mouse clicks grow far too cumbersome when you have to install hundreds of instances of the OS. The Microsoft WAIK provides a comprehensive platform upon which to rapidly deploy customized OS instances.

Windows Installer Clean Up Utility The unification of application installation under the Windows Installer is a boon to software developers and administrators alike. But sometimes the Windows Installer doesn't properly clean up its messes, leaving a computer in an inconsistent state that can prevent further installations or uninstallations. Used with care, the Windows Installer Clean Up utility can assist the administrator by removing installation information left by Windows Installer.

Windows Memory Diagnostic Natively available in Windows Vista and Windows Server 2008, but a separate download for earlier versions of Windows, the Windows Memory Diagnostic provides a testing platform to verify the functionality of RAM hardware on your computer. If you fear that a low-level hardware failure is causing higher-level problems, run this tool to verify that your RAM hasn't gone bad.

Windows SteadyState Designed with lab or kiosk computers in mind, Windows SteadyState provides a way for you to restore a shared computer back to its original configuration through a simple power cycle. Steady­State protects shared computers by effectively turning them into stateless appliances that can revert to your desired configuration at any time.

The job of being a systems administrator is difficult. As a result, it's important to have just the right tools. These 19 free tools are all available from Microsoft and are all designed to ease the administration of file servers, Exchange servers, and even desktops in your IT environment today.

Greg Shields, MVP, is a co-founder and IT guru with Concentrated Technology. His latest book, Windows Server 2008: What's New/What's Changed is available through SAPIEN Press. Get to know him at