Microsoft® Windows 2000 Knowledge Center
Using the Tools At Hand
The Support Tools on the Windows 2000CD
Along with many the useful tools already built into the Windows 2000 operating system, there are more than 40 additional Support Tools included on the Windows 2000 CD. Although the large majority of these tools are intended to assist support personnel and network administrators in diagnosing and resolving computer problems, many of them can be used by you to resolve issues on stand-alone installations of Windows 2000. We caution you to research carefully each of the tools to insure that you don’t inadvertently damage or disable your system.
Below you will find the reference to the tools as well as the corresponding file name for the specific tool. We have included brief descriptions of each tool, however you will find in-depth information about each tool once you install the Support Tools package.
To install Windows 2000 Support Tools
ACL Diagnostics (Acldiag.exe)
This command-line tool helps diagnose and troubleshoot problems with permissions on Active Directory objects. It reads security attributes from access control lists (ACLs) and writes information in either readable or tab-delimited format. The latter can be uploaded into a text file for searches on particular permissions, users, or groups, or into a spreadsheet or database for reporting. The tool also provides some simple cleanup functionality.
Active Directory Administration Tool (Ldp.exe)
Ldp is a graphical tool that allows users to perform Lightweight Directory Access Protocol (LDAP) operations, such as connect, bind, search, modify, add, and delete, against any LDAP-compatible directory, such as Active Directory. LDAP is an Internet-standard wire protocol used by Active Directory.
Active Directory Diagnostic Tool (Dsastat.exe) This diagnostic tool compares and detects differences between naming contexts on domain controllers.
DsaStat can be used to compare two directory trees across replicas within the same domain or, in the case of a Global Catalog, across different domains. The tool retrieves capacity statistics such as megabytes per server, objects per server, and megabytes per object class, and performs comparisons of attributes of replicated objects.
Active Directory Object Manager (Movetree.exe)
The Active Directory Object Manager (MoveTree) is a command-line tool that allows administrators to move Active Directory objects such as organizational units and users between domains in a single forest. These types of operations would be performed to support domain consolidation or organizational restructuring operations. MoveTree allows an organizational unit to be moved with all of the linked Group Policy objects in the old domain intact. The Group Policy object link is moved and continues to work, though clients receive their Group Policy settings from the Group Policy objects located in the old domain.
Active Directory Replication Monitor (Replmon.exe)
This tool enables administrators to view the low-level status of Active Directory replication, force synchronization between domain controllers, view the topology in a graphical format, and monitor the status and performance of domain controller replication through a graphical interface. The tool works as a client of a COM object. You can use it to create your own applications or scripts written in Visual Basic Scripting Edition (VBScripts) to extract specific data out of Active Directory and act on it. For example, it also includes functions which are wrapped APIs to make it easy to script replication between domain controllers with just a few lines of VBScript code.
Active Directory Search Tool (Search.vbs)
This VBScript tool performs a search against an Lightweight Directory Access Protocol (LDAP) server. It can be used by an administrator or any user who wants to get information from Active Directory. All search criteria are taken from the command line. However, certain properties of the search, such as the page size, can only be changed by modifying variable values in the script. Search.vbs requires Windows Script Host (WSH).
ADSI Edit (Adsiedit.msc)
ADSI Edit is a Microsoft Management Console (MMC) snap-in that acts as a low-level editor for Active Directory. Using Active Directory Service Interfaces (ADSI), it provides a means to add, delete, and move objects within the directory services. The attributes of each object can be viewed, changed, and deleted.
Advanced Power Management Status (Apmstat.exe)
This command-line tool provides status information on Advanced Power Management (APM) features. In Windows 2000, APM is primarily intended to support older notebook computers, while Advanced Configuration and Power Interface (ACPI) is the default power management scheme. ApmStat can run on any computer running Windows 2000, whether it uses APM or ACPI. The output of ApmStat can be helpful in troubleshooting APM problems. The tool reports on APM-related registry entries written by Ntdetect.com (Startup Hardware Detector), and on APM BIOS problems. ApmStat tells you whether a computer has multiple processors and whether it is running in ACPI mode.
Application Compatibility Program (Apcompat.exe)
This program is designed to overcome the most common causes of application incompatibility with Windows 2000. You can use this tool with a Windows interface by running the Application Compatibility program, or you can run this program as a command-line tool.
To use the Application Compatibility program:
- Click Browse and specify the executable (.exe) file for the program you want to run.
- Specify any of the Application Compatibility settings, and then click OK.
Browser Status (Browstat.exe)
BrowStat is a general purpose, character-based browser diagnostic tool. Use BrowStat to find out whether a browser is running and to find active Microsoft Windows for Workgroups (WFW) browsers in Windows 2000 and Windows NT domains. This tool also provides information about the state of the browser in a workgroup, including the name of the master browser.
ClonePrincipal (Clonepr.dll)
This tool assists administrators in migrating users from Windows NT to Windows 2000 by creating clones of the Windows NT 4.0 users and groups in the new Windows 2000 environment.
Dependency Walker (Depends.exe)
This tool scans any 32-bit or 64-bit Windows module (including .exe, .dll, .ocx, and .sys, among others) and builds a hierarchical tree diagram of all dependent modules. For each module found, it lists all the functions that are exported by that module, and which of those functions are actually being called by other modules. Another view displays the minimum set of required files, along with detailed information about each file including a full path to the file, base address, version numbers, computer type, debug information, and more.
DiskProbe (Dskprobe.exe)
DiskProbe is a sector editor for Windows 2000. It allows a user with local Administrator rights to directly edit, save, and copy data on the physical hard drive that is not accessible in any other way.
Distributed File System Utility (Dfsutil.exe)
This tool enables administrators to query and troubleshoot the Microsoft Distributed file system (Dfs) from the command prompt. It can be used to perform maintenance of a Dfs root and to clean up metadata left behind by orphaning or abandoning domain-based Dfs roots.
DNS Server Troubleshooting Tool (Dnscmd.exe)
Dnscmd.exe is a command-line tool designed to assist administrators in Domain Name System (DNS) management. DNScmd allows the administrator to view the properties of DNS servers, zones, and resource records. In addition DNScmd can be used to manually modify these properties, to create and delete zones and resource records, and to force replication events between DNS server physical memory and DNS databases and datafiles.
Domain Controller Diagnostic Tool (Dcdiag.exe)
This utility analyzes the state of domain controllers in a forest or enterprise and reports any problems to assist in troubleshooting. As an end-user reporting program, DcDiag encapsulates detailed knowledge of how to identify abnormal behavior in the system.
DsAcls (Dsacls.exe)
This tool facilitates management of access control lists (ACLs) for directory services. DsAcls enables you to query and manipulate security attributes on Active Directory objects. It is the command-line equivalent of the Security page on various Active Directory snap-in tools.
Dump Check (Dumpchk.exe)
This command-line debugging tool enables you to verify that a crash dump (user mode:user.dmp or kernel mode:memory.dmp) has been created correctly. It also provides options for performing some dump file analysis without using a debugger.
File and Directory Comparison (Windiff.exe)
WinDiff shows the differences between specified ASCII text files or folders of ASCII text files. This is particularly useful for program source code. The display either shows a summary of the comparison status of a list of files (outline mode) or a detailed line-by-line comparison of one of the files (expanded mode). You can run WinDiff like any other Windows-based application, using menu commands to choose files to compare and perform other actions. Or you can run WinDiff from the command prompt with switches.
FileVer (Filever.exe)
This command-line tool examines the version resource structure of a file or a directory of files on either a local or remote computer and displays information on the versions of executable files such as .exe files and dynamic-link libraries DLLs. FileVer is useful in determining the exact binary build of an installed component. Executable files typically have their file date and time modified to make them easy to identify as part of a major release; but hotfixes and Service Packs don’t always follow this convention. By identifying the actual version information, it is possible to track where a fix came from. This may be useful for customers who are requested by support personnel to identify hotfixes installed on their computers.
Global Flags Editor (Gflags.exe)
GFlags is a GUI utility that enables a developer or system administrator to edit the NtGlobalFlag settings for Windows 2000. You can use GFlags to modify the current flags in use by the kernel or the flags used when a particular image file is launched. If you have administrative privileges, you can also use GFlags to modify the global registry settings that will be used the next time Windows 2000 starts.
Kerberos Keytab Setup (Ktpass.exe)
KtPass is a command line configuration tool used to generate Kerberos keytab files, and set password and account name mappings for UNIX services that will use the Windows 2000 Kerberos Key Distribution Center (KDC). It is part of a group of tools, including KSetup and Trustdom, a tool included in the Microsoft® Windows® 2000 Resource Kit, that are used to configure Windows 2000 for MIT Kerberos interoperability.
Kerberos Setup (Ksetup.exe)
KSetup is a command-line tool that configures Windows 2000 clients, either Server or Professional, to use an MIT Kerberos server. The Windows 2000 client then uses an MIT-based Kerberos realm instead of a Windows 2000 domain. This provides a single sign-on to the MIT Key Distribution Center (KDC) and a local Windows 2000 client account.
Memory Profiling Tool (Memsnap.exe)
This memory profiling tool takes a snapshot of the memory resources being consumed by all running processes and writes this information to a log file. MemSnap logs system memory usage to a log file with the default name of Memsnap.log; however, any file name can be chosen by specifying it at the command line when starting the tool.
Migration Planning Document from Microsoft Windows NT to Microsoft Windows 2000 (Dommig.doc)
This paper outlines planning considerations and guides administrators through the planning process for migrating Windows NT 3.51 and Windows NT 4.0 domains to Windows 2000 in an enterprise environment. New Windows 2000 tools and technologies make migrating users and computers, while maintaining access to resources, a straightforward task.
Network Connectivity Tester (Netdiag.exe)
This command-line diagnostic tool helps isolate networking and connectivity problems by performing a series of tests to determine the state of your network client and whether it is functional. These tests and the key network status information they expose give network administrators and support personnel a more direct means of identifying and isolating network problems. Moreover, because this tool does not require that parameters or switches be specified, support personnel and network administrators can focus on analyzing the output, rather than on training users how to use the tool.
NlTest (Nltest.exe) This command-line tool helps perform network administrative tasks such as:
- Getting a list of primary domain controllers (PDCs).
- Forcing a shutdown.
- Querying and checking on the status of trust.
- Testing trust relationships and the state of domain controller (DC) replication in a Windows domain.
- Forcing a user-account database into sync on Windows NT 4.0 or earlier domain controllers (Windows 2000 domain controllers use a completely different mechanism for maintaining user accounts).
Point-to-Point Tunneling Protocol Ping Utilities (PPTP Ping)
Pptpclnt.exe and Pptpsrv.exe are tools that work in unison to verify that the required protocol and port for Point-to-Point Tunneling Protocol (PPTP) is being routed from a PPTP client to a PPTP server or vice-versa. In order for a PPTP client to access a remote PPTP server, all routers in between the two hosts MUST allow traffic to pass through TCP port 1723 (PPTP) and must support protocol type 47. Protocol type 47 is the GRE (Generic Routing Encapsulation) protocol. PPTP Ping runs on Windows 2000, Windows NT, and Windows 98, but not on Windows 95. This tool is not meant to test the functionality of a PPTP server or a PPTP client. It is meant to assure that the path between the two hosts is passing through TCP port 1723 and using the GRE protocol (type 47).
Poolmon (Poolmon.exe)
This tool monitors memory tags, including total paged and non-paged pool bytes. Poolmon is often used to help detect memory leaks. Unlike most command-line tools, help for Poolmon is available after running poolmon.exe by typing “h” or “?”.
Process Resource Monitor (Pmon.exe)
Process Resource Monitor (PMon) is a command-line tool that monitors process resource usage by tracking CPU and memory usage. Pmon can be used to measure paged and non-paged pool usage and can be helpful in identifying kernel mode memory leaks. PMon also provides a keyboard interface. Use the UP ARROW and DOWN ARROW keys to scroll up and down the list of currently running processes. Use ESC or q to quit PMon. Use any other key to have PMon refresh its display immediately.
Process Viewer (Pviewer.exe)
Process Viewer is a Windows-based tool that displays information about a running process and allows you to stop (kill) processes and change process priority. Process Viewer is similar to Pview.exe, but also allows you to look at processes on remote computers.
Registry Console Tool (Reg.exe) This tool enables you to add, change, delete, search, save, restore, and perform other operations on registry entries from the command prompt or a batch file. It can be used on both local and remote computers.
Important
The version of Reg.exe that is included in the Support Tools has been substantially updated. If you are using Reg.exe commands in existing batch files, be sure to check the syntax in your batch file against the new usage. Do not use a registry editor to edit the registry directly unless you have no alternative. The registry editors bypass the standard safeguards provided by administrative tools. These safeguards prevent you from entering conflicting settings or settings that are likely to degrade performance or damage your system. Editing the registry directly can have serious, unexpected consequences that can prevent the system from starting and require that you reinstall Windows 2000. To configure or customize Windows 2000, use the programs in Control Panel or Microsoft Management Console (MMC) whenever possible.
Remote Command Line (Remote.exe)
Remote allows you to run command-line programs on remote computers. For example, when you are developing software, you can compile code with the processor and resources of a remote computer while you perform other tasks on your computer. You can also use Remote to distribute the processing requirements for a particular task across several computers.
Remote Storage Diagnostic Utility (Rsdiag.exe)
This command-line tool examines Remote Storage (HSM) databases and displays diagnostic information about jobs, managed volumes of the version of NTFS file system used in Windows 2000, removable media, and other Remote Storage information useful for system analysis. The Remote Storage Diagnostic Utility (RsDiag) can output each of the Remote Storage databases and property files in text format.
Remote Storage File Analysis Utility (Rsdir.exe)
This command-line tool examines Remote Storage reparse points, displaying Remote Storage information for files in the current directory and its subdirectories. The Remote Storage File Analysis Utility (RsDir) displays information only for files located on volumes managed by Remote Storage.
Replication Diagnostics Tool (Repadmin.exe)
This command-line tool assists administrators in diagnosing replication problems between Windows 2000 domain controllers. During normal operation, the Knowledge Consistency Checker (KCC) manages the replication topology for each naming context held on domain controllers. The Replication Diagnostics Tool (RepAdmin) allows the administrator to view the replication topology (sometimes referred to as RepsFrom and RepsTo) as seen from the perspective of each domain controller. In addition, RepAdmin can be used to manually create the replication topology (although in normal practice this should not be necessary), to force replication events between domain controllers and to view both the replication metadata and up-to-datedness vectors.
Security Administration tools (SIDWalker)
This set of programs helps system administrators manage access-control policies on Windows 2000 and Windows NT systems. Access control is implemented by access control lists (ACLs). Every file in the NTFS file system and every registry key has a unique ACL, granting access rights to file resources to users and groups and defining what specific access rights each is granted. Each user and group is identified in the ACL by a security identifier (SID).
Security Descriptor Check Utility (Sdcheck.exe)
This command-line tool displays the security descriptor for any object stored in Active Directory. The security descriptor contains the access-control lists (ACLs) defining the permissions that users have on objects stored in Active Directory.
SNMP Query Tool (Snmputilg.exe)
The SNMP Utility Tool (SNMPUtilG) is a graphical tool that complements the older command prompt SNMP browser tool (Snmputil.exe). System administrators can use either tool to obtain information from SNMP-manageable systems on the network.
System Information (Msinfo32.exe)
System Information retrieves and reports your system configuration information for your hardware, system components, and software environment. Support technicians require specific information about your computer when they are troubleshooting your configuration. You can use System Information to quickly find the data they need to resolve a system problem. You can also run System Information from the command line using options for loading, viewing, and saving configuration information.
Task Killing Utility (Kill.exe)
Use this command-line tool to end one or more tasks or processes. Processes can be killed by the process ID number (PID), or by any part of the process name or the name of the window in which it is running (usually the title of the application’s main window). To find the PID, use PuList, a tool included in the Microsoft® Windows® 2000 Resource Kit, or TList, another Windows 2000 Support Tool. With Kill, you can also specify how the process is to be stopped: you can have Kill send it a command telling it to halt itself, or have Kill force the process to end.
Task List Viewer (Tlist.exe)
This command-line tool displays a list of tasks, or processes, currently running on the local computer. For each process it shows the process ID number, process name, and if the process has a window, the title of that window. Once you have used TList to find the processes running on your computer, you can end one or more of those processes by using the Task Killing Utility.
WinDiff File and Directory Comparison (Windiff.exe)
WinDiff shows the differences between specified ASCII text files or folders of ASCII text files. This is particularly useful for program source code. The display either shows a summary of the comparison status of a list of files (outline mode) or a detailed line-by-line comparison of one of the files (expanded mode). You can run WinDiff like any other Windows-based application, using menu commands to choose files to compare and perform other actions. Or you can run WinDiff from the command prompt with switches.
Windows 2000 Domain Manager (Netdom.exe)
This tool enables administrators to manage Windows 2000 domains and trust relationships from the command line.
Windows 2000 Error and Event Messages Help (W2000msgs.chm)
This HTML Help file lists most of the error and system-information messages generated by Windows 2000, providing explanations of each message and suggestions on how to correct the problem. Some messages generated by applications or device drivers have been included as well. Windows 2000 Error and Event Messages Help is not intended as an exclusive reference. If, for example, you encounter a network error message, you can find information about it by typing net helpmsg and the message identification number at the command prompt.
Windows Installer Cleanup Utility (Msicuu.exe)
The Windows Installer Cleanup Utility allows you to safely remove Windows Installer settings from your computer in the event of a problem. If you experience installation problems, you can use this tool to remove registry entries before performing a re-install.
Windows Installer Zapper (Msizap.exe)
Using this command-line tool, you can remove Windows Installer settings from your computer in the event of a problem. If you experience installation problems, you can use this tool to remove registry entries before performing a reinstall.
Windows Report Tool (WinRep.exe)
The Windows Report Tool (WinRep) is an Internet-based problem reporting tool built into the Windows 2000 operating system. WinRep enables users to enter information about a computer problem, take a snapshot of their current configuration settings, and then upload the information to a help desk or support center.
Winsock Remote Console (Wsremote.exe)
The Winsock Remote Console provides the ability to start a console application on the server and connect to it from the client using sockets or named pipes. This is an enhancement over Remote Command Line (Remote.exe), which allows only named-pipes connections.
Notice: Windows® 95, Windows® 98, Windows® NT, Windows® 2000 and
Microsoft® Office are registered trademarks or trademarks of the Microsoft Corporation.