Okay so let's look at some things in Vista from a sys-admin perspective that are good to know when your troubleshooting issues on your client's machines. Your client could be your user base, your family, or yourself.
You're Dad calls, he wants all the icons on the desktop to go away. You could either waste your time trying to talk him through it or teach him how to fish... If you haven't seen guided help, it's one of the WOW moments of Vista. More and more guided help will be showing up which will help you fend off the masses with the easy questions, like finding a printer, etc.
1) Open Help and Support
2) Click Options|Settings and select "Include Windows Online Help and Support when you search for help"
3) Type in "icons guided help"
4) Click show me step-by-step and say "WOW"
Start here when your Mom say's "I didn't do anything it just stopped working". Just type perfmon in the start menu and click
Mom, you didn't do anything? Why must you lie to me, you know you're not qualified to run leakdiag.exe...
Slow bootup or shutdown issues?
Not to worry, we have that built in too now. Just open eventvwr and browse to this event collection: Applications and Services Log -> Microsoft -> Windows -> Diagnostics-Performance -> Operational. Here you'll find some diagnostic logging that can help determine why you're system is taking a long time to boot or shutdown. it also shows general performance issues that can help you speed up your system.
Log Name: Microsoft-Windows-Diagnostics-Performance/OperationalSource: Microsoft-Windows-Diagnostics-PerformanceDate: 4/9/2007 1:09:52 PMEvent ID: 101Task Category: Boot Performance MonitoringLevel: WarningKeywords: Event LogUser: LOCAL SERVICEComputer: Brad-DC-01Description:This application took longer than usual to start up, resulting in a performance degradation in the system startup process: File Name : Start++.exeFriendly Name : Start++Version : 0.0.4.6Total Time : 21494msDegradation Time : 16494msIncident Time (UTC) : 4/9/2007 8:06:00 PM
Data Collection Sets
You know how jazzed I am about SPA for Windows 2003, yes it is a wonderful thing and has saved me a lot of pain tracking down the user(s) that is slamming my server. Well in Vista/LH we now have that functionality built in. It also lives under perfmon. Say you have a users system that is acting sluggish well click on the "system performance" setting under "data collection sets" and click the play button. Repro. Click stop. Now you'll have a report with all your performance data during that period. This is good for any type of resource issue from the CPU to the network.
The new Task Scheduler
Last topic for today. The new beefed up task scheduler is quite handy now. Gone are the days of AT jobs, hello robust functionality! This is an area you'll want to explore on your own but I thought I'd give an example of how to attach a task to an event.
What if we wanted to take an action when this event came in?
Log Name: SystemSource: TcpipDate: 4/13/2007 1:44:41 PMEvent ID: 4226Task Category: NoneLevel: WarningKeywords: ClassicUser: N/AComputer: brad-dc-01Description:TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Just alt-click that event and select "Attach task to this event". Fill in the details, point to your script that has the task you want to be performed (netstat, netmon, netstat, etc) and you're done!
Hey Brad great blog! I saw this post then had to read all your others some very cool stuff in there!
One thing you say "SPA for Windows 2003" whats SPA??
doh! should have googled that one.. checking it out now! But I love the switch to turn on netlogon logging using nltest!!
I'll post something shortly for SPA for sure.
Hello! Great site! I've found a lot information here. I don't know how to thank you. I hope you'll be writing more and more.
Thank you again. Bye.
Hello! Very interesting. Thank you.
Performance Analysis of Logs (PAL) tool Project Description: Ever have a performance problem, but don't
I wanted to find out how to fix the microsoft-windows-diagnostics-performance/operational (event ID 100)boot performance montoring problem. Can you offer a suggestion, please? Thank you for your time!!
I have the same problem as Joel...My computer also continually freezes when on the Internet...usually when I am trying to access a link on a site. What's up with that...please be advised I am not computer literate in terms of the lingo.
I have a problem, i get a notice on my screen every now and again saying that the Hard Disk has predicted it will fail but everything is working fine and when i checked computer management the report goes like this,Logname:system Source Disk logged:13/01/2009 12:43:21 Event ID:52 Task category:none Level:Warning Keywords:Classic User N/A Computer: me-pc OpCode: I am not very savvy with computers but trying to learn. I get a notice on my screen every once in a while since yesterday afternoon saying that the Hard Disk predicted imminent failure so i backed up my files and it is now about 01;30 in the morning and everything works fine. I was wondering, is it possible that it might not be as catastrophic as windows says it is and maybe i don't have to replace the Hard Drive just yet? I was also wondering, is it possible to replace the internal Hard Drive with an external one? I am using an Acer Aspire 3690 with Vista Basic, Can anyone please advise? Thankyou.
Hi Paul, run chkdsk from an elevated (alt-click, then run as administrator) cmd prompt. You should be able to find the cmd prompt shortcut under accessories in the start menu.
Background: In an earlier post I talked about some new features for Windows 2008 and Vista.  One
Similar problem to Paul H. only I get message every time I boot up and in normal mode, the hard drive freezes up after a few minutes. When I start up again same thing happens. Only way I can keep hard drive running is in safe mode. Cannot back anything up in safe mode. Gateway technician said to reload factore defaults which will wipe installed programs and data files that I cannot back up. Any recommendations? Lew.
Some additional info to first message. Error message states- Failure Predicted on Hard Drive 2. WDC WD3200BEVT-22ZCTD-(S1) Press F1 to contunue.
There should be an option in your BIOS to turn off this prompting about your HDD going to fail. Look for something along the lines of SMART capability.
In all likelihood, your drive is going to fail, so back it up and get it replaced!