Welcome to TechNet Blogs Sign in | Join | Help

Syndication

News

Locations of visitors to this page These postings are provided "AS IS" without warranty, and confer no rights.
Hey Admins! Let's explore Vista together. (Part 1)

 

Okay so let's look at some things in Vista from a sys-admin perspective that are good to know when your troubleshooting issues on your client's machines.  Your client could be your user base, your family, or yourself. 

Guided Help

You're Dad calls, he wants all the icons on the desktop to go away.  You could either waste your time trying to talk him through it or teach him how to fish...  If you haven't seen guided help, it's one of the WOW moments of Vista.  More and more guided help will be showing up which will help you fend off the masses with the easy questions, like finding a printer, etc.

1) Open Help and Support

2) Click Options|Settings and select "Include Windows Online Help and Support when you search for help"

3) Type in "icons guided help"

4) Click show me step-by-step and say "WOW"

 

Reliability Monitor

Start here when your Mom say's "I didn't do anything it just stopped working".  Just type perfmon in the start menu and click

"Reliability Monitor".

Mom, you didn't do anything?  Why must you lie to me, you know you're not qualified to run leakdiag.exe...

 

 

Slow bootup or shutdown issues?

Not to worry, we have that built in too now.  Just open eventvwr and browse to this event collection:  Applications and Services Log -> Microsoft -> Windows -> Diagnostics-Performance -> Operational.  Here you'll find some diagnostic logging that can help determine why you're system is taking a long time to boot or shutdown.  it also shows general performance issues that can help you speed up your system.

Log Name: Microsoft-Windows-Diagnostics-Performance/Operational
Source: Microsoft-Windows-Diagnostics-Performance
Date: 4/9/2007 1:09:52 PM
Event ID: 101
Task Category: Boot Performance Monitoring
Level: Warning
Keywords: Event Log
User: LOCAL SERVICE
Computer: Brad-DC-01
Description:
This application took longer than usual to start up, resulting in a performance degradation in the system startup process:
File Name : Start++.exe
Friendly Name : Start++
Version : 0.0.4.6
Total Time : 21494ms
Degradation Time : 16494ms
Incident Time (UTC) : 4/9/2007 8:06:00 PM

Data Collection Sets

You know how jazzed I am about SPA for Windows 2003, yes it is a wonderful thing and has saved me a lot of pain tracking down the user(s) that is slamming my server.  Well in Vista/LH we now have that functionality built in.  It also lives under perfmon.  Say you have a users system that is acting sluggish well click on the "system performance" setting under "data collection sets" and click the play button.  Repro.  Click stop.   Now you'll have a report with all your performance data during that period.  This is good for any type of resource issue from the CPU to the network.


The new Task Scheduler

Last topic for today.  The new beefed up task scheduler is quite handy now.  Gone are the days of AT jobs, hello robust functionality!  This is an area you'll want to explore on your own but I thought I'd give an example of how to attach a task to an event. 

What if we wanted to take an action when this event came in?

Log Name: System
Source: Tcpip
Date: 4/13/2007 1:44:41 PM
Event ID: 4226
Task Category: None
Level: Warning
Keywords: Classic
User: N/A
Computer: brad-dc-01
Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Just alt-click that event and select "Attach task to this event".   Fill in the details, point to your script that has the task you want to be performed (netstat, netmon, netstat, etc) and you're done! 

Published Saturday, April 14, 2007 12:22 AM by Brad Rutkowski

Comment Notification

If you would like to receive an email when updates are made to this post, please register here

Subscribe to this post's comments using RSS

Comments

# re: Hey Admins! Let's explore Vista together. (Part 1) @ Saturday, April 14, 2007 7:09 PM

Hey Brad great blog! I saw this post then had to read all your others some very cool stuff in there!

One thing you say "SPA for Windows 2003" whats SPA??

Packetboy

# re: Hey Admins! Let's explore Vista together. (Part 1) @ Saturday, April 14, 2007 7:11 PM

doh! should have googled that one.. checking it out now! But I love the switch to turn on netlogon logging using nltest!!

Packetboy

# re: Hey Admins! Let's explore Vista together. (Part 1) @ Monday, April 16, 2007 11:37 AM

I'll post something shortly for SPA for sure.

Brad Rutkowski

# re: Hey Admins! Let''s explore Vista together. (Part 1) @ Tuesday, May 08, 2007 5:05 PM

Hello! Great site! I've found a lot information here. I don't know how to thank you. I hope you'll be writing more and more.

Thank you again. Bye.

cheap rain tires

# re: Hey Admins! Let''s explore Vista together. (Part 1) @ Wednesday, May 09, 2007 8:16 AM

Hello! Very interesting. Thank you.

cheap rain tires

# re: Hey Admins! Let''s explore Vista together. (Part 1) @ Wednesday, May 09, 2007 2:27 PM

Hello! Very interesting. Thank you.

Max R.

# Hey Admins! Taking some of the pain out of analyzing perfmon captures. @ Wednesday, February 13, 2008 6:03 PM

Performance Analysis of Logs (PAL) tool Project Description: Ever have a performance problem, but don't

Brad Rutkowski's Blog

# re: Hey Admins! Let's explore Vista together. (Part 1) @ Saturday, June 14, 2008 11:41 AM

I wanted to find out how to fix the microsoft-windows-diagnostics-performance/operational (event ID 100)boot performance montoring problem.  Can you offer a suggestion, please? Thank you for your time!!

Joel

# re: Hey Admins! Let's explore Vista together. (Part 1) @ Friday, June 27, 2008 10:06 PM

I have the same problem as Joel...My computer also continually freezes when on the Internet...usually when I am trying to access a link on a site.  What's up with that...please be advised I am not computer literate in terms of the lingo.

Mikey B

# re: Hey Admins! Let's explore Vista together. (Part 1) @ Tuesday, January 13, 2009 8:37 PM

I have a problem, i get a notice on my screen every now and again saying that the Hard Disk has predicted it will fail but everything is working fine and when i checked computer management the report goes like this,Logname:system Source Disk logged:13/01/2009 12:43:21 Event ID:52 Task category:none Level:Warning Keywords:Classic User N/A Computer: me-pc OpCode: I am not very savvy with computers but trying to learn. I get a notice on my screen every once in a while since yesterday afternoon saying that the Hard Disk predicted imminent failure so i backed up my files and it is now about 01;30 in the morning and everything works fine. I was wondering, is it possible that it might not be as catastrophic as windows says it is and maybe i don't have to replace the Hard Drive just yet? I was also wondering, is it possible to replace the internal Hard  Drive with an external one? I am using an Acer Aspire 3690 with Vista Basic, Can anyone please advise? Thankyou.

Paul H

# re: Hey Admins! Let's explore Vista together. (Part 1) @ Monday, January 19, 2009 6:03 PM

Hi Paul, run chkdsk from an elevated (alt-click, then run as administrator) cmd prompt.  You should be able to find the cmd prompt shortcut under accessories in the start menu.

Brad Rutkowski

# Interacting with Data Collector Sets via Powershell @ Wednesday, February 18, 2009 4:30 PM

Background: In an earlier post I talked about some new features for Windows 2008 and Vista.  One

Brad Rutkowski's Blog

# re: Hey Admins! Let's explore Vista together. (Part 1) @ Saturday, June 13, 2009 12:32 PM

Similar problem to Paul H. only I get message every time I boot up and in normal mode, the hard drive freezes up after a few minutes.  When I start up again same thing happens.  Only way I can keep hard drive running  is in safe mode.  Cannot back anything up in safe mode.  Gateway technician said to reload factore defaults which will wipe installed programs and data files that I cannot back up. Any recommendations?  Lew.

Lew Potsos

# re: Hey Admins! Let's explore Vista together. (Part 1) @ Saturday, June 13, 2009 12:40 PM

Some additional info to first message.  Error message states- Failure Predicted on Hard Drive 2.  WDC WD3200BEVT-22ZCTD-(S1)            Press F1 to contunue.  

Lew Potsos

# re: Hey Admins! Let's explore Vista together. (Part 1) @ Wednesday, June 17, 2009 12:00 PM

Hi Lew,

There should be an option in your BIOS to turn off this prompting about your HDD going to fail.  Look for something along the lines of SMART capability.

In all likelihood, your drive is going to fail, so back it up and get it replaced!

Brad Rutkowski

# re: Hey Admins! Let's explore Vista together. (Part 1) @ Monday, July 20, 2009 4:03 AM

Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">

+ <System>

 <Provider Name="Microsoft-Windows-Diagnostics-Performance" Guid="{cfc18ec0-96b1-4eba-961b-622caee05b0a}" />

 <EventID>103</EventID>

 <Version>1</Version>

 <Level>3</Level>

 <Task>4002</Task>

 <Opcode>33</Opcode>

 <Keywords>0x8000000000010000</Keywords>

 <TimeCreated SystemTime="2009-07-20T07:08:26.257Z" />

 <EventRecordID>112</EventRecordID>

 <Correlation ActivityID="{00000000-66C8-0000-AB84-7C7C0809CA01}" />

 <Execution ProcessID="1516" ThreadID="1976" />

 <Channel>Microsoft-Windows-Diagnostics-Performance/Operational</Channel>

 <Computer>ROGERS-PC</Computer>

 <Security UserID="S-1-5-19" />

 </System>

- <EventData>

 <Data Name="StartTime">2009-07-20T07:05:38.640Z</Data>

 <Data Name="NameLength">9</Data>

 <Data Name="Name">eventlog</Data>

 <Data Name="FriendlyNameLength">0</Data>

 <Data Name="FriendlyName" />

 <Data Name="VersionLength">0</Data>

 <Data Name="Version" />

 <Data Name="TotalTime">426</Data>

 <Data Name="DegradationTime">350</Data>

 <Data Name="PathLength">0</Data>

 <Data Name="Path" />

 <Data Name="ProductNameLength">0</Data>

 <Data Name="ProductName" />

 <Data Name="CompanyNameLength">0</Data>

 <Data Name="CompanyName" />

 </EventData>

 </Event>

jeff

Leave a Comment

(required) 
required 
(required) 

  
Enter Code Here: Required
Page view tracker