Vous êtes sur la page 1sur 64

Welcome

Pgina 1 de 64

Welcome to DameWare NT Utilities version 6 Help!

DameWare NT Utilities (DNTU) is an enterprise system management application for Windows NT/2000/XP/2003/Vista which allows Administrators to go beyond the limitations of Microsoft's Management Console (MMC). DNTU provides an integrated collection of Microsoft Windows NT administration utilities, incorporated within a "easy to use" centralized interface for remote management of Windows NT/2000/XP/2003/Vista Servers and Workstations. Most all of the standard Windows Server and Windows utilities are included within DNTU's powerful Explorer-style interface, many of which have been greatly enhanced to provide superior performance, added functionality, and ease of use. DNTU also contains custom NT tools including the DameWare Mini Remote Control program and the NT Utilities Exporter, and also supports the use of standard shell property pages and shell context menus. DNTU also contains a powerful Active Directory Object Browser, and extensive Active Directory functionality for retrieving, searching, and filtering of all AD Objects & attributes. Management of objects such as OUs (Organizational Units), Containers, Users, Groups, Contacts, Computers, & Shares, as well as attributes that are not available within Microsoft's MMC (i.e. Photos, Logos, employee ID, etc...) are all supported. DNTU's exclusive Quick OU & Picture/Logo management functionality just further emphasizes DameWare Development's commitment to producing quality products that are easy to use. In addition to Active Directory, DNTU also supports management of Domains, Workstations, Disk Drives, Event Logs, Local Groups, Global Groups, Domain members, Open Files, Printers, Processes, Properties, Registry, Services, Sessions, Shares, ShutDown/Reboot, Software, Terminal Services/RDP, Users, Wake-on-LAN, and many more features. DNTU continues to support legacy (non-AD) Microsoft Windows Network implementation via a dynamic "Microsoft Windows Network" Browser tree view. Domain controllers, servers and workstations, as well as non-browsable machines (machines that by default are not shown in Microsoft's Windows Network Browser), can easily be managed via machine name or IP address after being added to the network browser tree view. DNTU basically gives you the ability to manage your entire Windows based network from one easy to use Explorer-style interface. DNTU also includes the DameWare Mini Remote Control program for fast and easy deployment and troubleshooting, and the Dameware Exporter to quickly extract information from your remote Windows machines.

What's New
For a listing of changes within each different version of the software, you can keep an eye on our Product History on our website at: http://www.dameware.com/products/history/

Contact Information
DameWare Development can be contacted anytime by email at support@dameware.com or by mail to the address below or by telephone (sales department only). Our website serves as an online medium which can provide our customers with a number of resources to help resolve problems, report bugs and suggest improvements to our products or service. Our online Knowledgebase & FAQ contains valuable information and hints that may aid in resolving any issues that may arise. To contact DameWare Development: DameWare Development LLC 241 Morningside Drive Mandeville, La. 70448 Phone: (985) 871-7519 Fax: (985) 871-7510 Sales: For sales related questions, such as pricing, order status, software registration issues, please contact our sales depart. On the Web &endash; https://www.dameware.com/sales/

file://C:\Users\armandol\AppData\Local\Temp\~hhE18D.htm

08/03/2012

Welcome

Pgina 2 de 64

Email: sales@dameware.com Technical Support: If you have a technical support issue related to DameWare Development LLC software, please try our online support first and if you can not find the answer there then email our support staff with your issue. On the Web &endash; http://www.dameware.com/support/ Email &endash; support@dameware.com General Information: On the Web &endash; http://www.dameware.com Email &endash; sales@dameware.com The staff at DameWare Development gratefully accepts all comments and suggestions. Many of our customers suggestions have been incorporated into this program to enhance its features as well as its performance. We appreciate the time taken to contact us with these comments as we strive to improve the level of quality and performance of our program.

License Agreement
DameWare Development LLC License Agreement
By installing or otherwise using this software, you accept all terms and conditions of this agreement. You furthermore agree that you may not modify, reverse engineer, decompile, disassemble, rent, lease, resell or distribute any or all portions of this software. You may not copy this software except as specifically provided by this License Agreement. This is a legal agreement between you and DameWare Development LLC for the product you have purchased, otherwise noted below as "the Software". DameWare Development LLC, whose address is 241 Morningside Drive, Mandeville, Louisiana 70448, USA, grants, with this license, the following rights.

Individual Use. You may purchase and install the Software as an individual on any single computer, or also on multiple computers (i.e. office computer, home computer, or portable computer), provided the software is installed on these additional computers for your exclusive use. If anyone else will be using the software on these additional computers, then you must also acquire a license for each additional individual using the Software.

Network/Storage Use. You may install the Software on a storage device or shared environment, such as a network server, however you must acquire a license for each individual using the Software. The Software may be used on different computers to the extent that the number of users does not exceed the specific number of licenses obtained from DameWare Development LLC. If the Software is installed on a network/shared environment, you agree to provide technical or procedural methods to prevent the use of the Software by a greater number of individuals than specifically licensed.

Transfer. You may transfer the Software to a single recipient, within the licensed company or contracted outsource group, to be used on behalf of the Licensee, on a permanent basis, provided you do not retain any copies (including archival or backup) and the recipient agrees to the terms and conditions of this Agreement. All requested transfers are subject to the sole discretion and approval of DameWare Development LLC..

Year 2000 Compliance. DameWare Development LLC guarantees its products to be compatible with dates and times in reference to st the 21 century. However, the underlying operating system must also support these dates and times to guarantee compliance.

Title. Title, ownership rights and intellectual property rights in and to the Software and documentation shall remain with DameWare Development LLC. The Software and documentation is protected by the copyright laws of the United States and international copyright treaties.

Government Use. The Software and any documentation, with respect to acquisition by the United States Government, is classified as "commercial computer software" as such terms are used in 48 C.F.R. 12.212 (Sept. 1995). The Software is supplied to the U. S. Government as a commercial end item and is subject to the terms set forth in this Agreement. If the Software is supplied for use by the Department of Defense, it is subject to the terms of this Agreement and in accordance with 48 C.F.R. 227.7202-1 through 227.7202-4 (June 1995), as applicable.

Limits of Warranty and Liability. DameWare Development LLC warrants that the media supplied by DameWare Development LLC containing the Software, will be free from defects in material and workmanship within 90 days from acquisition of the Software or DameWare Development LLC will replace the defective media. THIS LIMITED WARRANTY IS THE ONLY WARRANTY MADE BY DAMEWARE DEVELOPMENT LLC. DAMEWARE DEVELOPMENT LLC MAKES NO OTHER WARRANTY, REPRESENTATION, OR CONDITION, EXPRESSED OR IMPLIED OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. SOME JURISDICTIONS DO NOT ALLOW LIMITATIONS ON HOW LONG AN IMPLIED WARRANTY OR CONDITION LASTS SO LICENSEE MAY HAVE OTHER LEGAL RIGHTS,

file://C:\Users\armandol\AppData\Local\Temp\~hhE18D.htm

08/03/2012

Welcome

Pgina 3 de 64

WHICH VARY FROM STATE TO STATE.

LICENSEE ASSUMES THE ENTIRE RISK AS TO THE RESULTS AND PERFORMANCE OF THE SOFTWARE AND UNDER NO CIRCUMSTANCES AND UNDER NO LEGAL CONTRACT, THEORY OR OTHERWISE, SHALL DAMEWARE DEVELOPMENT LLC OR ITS RESELLERS BE LIABLE TO LICENSEE OR ANY OTHER PERSON FOR ANY DAMAGES WHETHER INDIRECT, SPECIAL, INCIDENTAL OR CONSEQUENTIAL INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF USE, DATA, WORK STOPPAGE, COMPUTER FAILURE OR MALFUNCTION OR ANY AND ALL OTHER COMMERCIAL DAMAGES OR LOSSES, OR FOR ANY DAMAGES IN EXCESS OF DAMEWARE DEVELOPMENT LLCS LIST PRICE FOR A LICENSE OF THE SOFTWARE AND DOCUMENTATION. SOME STATES DO NOT ALLOW THE LIMITATION OR EXCLUSION OF LIABILITY FOR INCIDENTIAL OR CONSEQUENTIAL DAMAGES, SO THE ABOVE LIMITATION OR EXCLUSION MAY NOT APPLY TO LICENSEE.

Termination. This license is in effect until terminated. Failure to comply with the limitations set forth in this Agreement shall result in automatic termination of this license. In the case of termination, Licensee will return the Software and documentation to DameWare Development LLC and will certify in writing that all copies of the Software have been returned or erased from the memory of its computers.

Miscellaneous. This Agreement represents the complete license agreement between the parties and supersedes any prior agreements between them. In the event that any provision of this Agreement should be deemed invalid or held to be unenforceable by any court of competent jurisdiction, that provision shall be enforced to the maximum extent permissible and the remainder of this Agreement shall remain in full force. This Agreement shall be governed by and construed under Louisiana law as such law applies to agreements between Louisiana residents entered into and to be performed within Louisiana, except as governed by Federal common law.

Acknowledgements and References


Copyright 1990-2008 DameWare Development LLC, All rights reserved. Portions of this product are Copyrighted 1991-2008 by Microsoft Corporation. All rights are reserved. All Microsoft Corporation disclaimers apply. Portions of this product are Copyrighted 1995-1997 by Eric Young (eay@mincom.oz.au). All rights reserved. All Eric Young disclaimers apply. Erick Young is the author of the DES implementation. Portions of this product are Copyrighted 1997-2008 by Codejock Software (http://www.codejock.com). All rights reserved. All Codejock Software disclaimers apply.

Trademarks DameWare is a trademark of DameWare Development, LLC. DameWare Development is a trademark of DameWare Development, LLC. DameWare NT Utilities is a trademark of DameWare Development, LLC. DameWare Mini Remote Control is a trademark of DameWare Development, LLC. DameWare NT Utilities Exporter is a trademark of DameWare Development, LLC. Do IT Remotely is a trademark of DameWare Development, LLC. DameWare Exporter is a trademark of DameWare Development, LLC. Microsoft Exchange is a registered trademark of Microsoft Corporation. Microsoft Windows Terminal Server is a registered trademark of Microsoft Corporation. Microsoft Windows is a registered trademark of Microsoft Corporation. Microsoft Windows NT Server is a registered trademark of Microsoft Corporation. Microsoft Windows NT Workstation is a registered trademark of Microsoft Corporation. Microsoft Windows 2000 Server is a registered trademark of Microsoft Corporation. Microsoft Windows 2000 Workstation is a registered trademark of Microsoft Corporation. Microsoft Windows XP Professional is a registered trademark of Microsoft Corporation. Microsoft Windows XP Home is a registered trademark of Microsoft Corporation. Microsoft Windows 2003 Server is a registered trademark of Microsoft Corporation. Microsoft Windows Vista is a registered trademark of Microsoft Corporation. Microsoft Internet Explorer is a registered trademark of Microsoft Corporation. Magic Packet is a registered trademark of Advanced Micro Devices. Codejock is a trademark of Codejock Software.

System Requirements
Operating System: DameWare NT Utilities requires Windows NT 4.0, Service Pack 1 or greater (including Windows 2000, XP, 2003 & Vista). The APIs used by DNTU also require the user to have the ability to authenticate to this remote machine over the network. In other words, it may require the Server Service, the NetLogon Service (Domain environments), and possibly the Remote Registry Service as well (Event Log View, Properties View, Processes View, Registry View, Services View, & Software View. Because these views also require access to the Registry). Please also note that the Remote Registry Service is turned off by default in Vista.

file://C:\Users\armandol\AppData\Local\Temp\~hhE18D.htm

08/03/2012

Welcome

Pgina 4 de 64

Com Control: The following informational message will be displayed whenever DameWare NT Utilities is executed on machines that do not have version 4.71 or later of the Microsoft COMCTL32.DLL file: This version of DameWare NT Utilities requires a newer version of COMCTL32.DLL (Version 4.71 or later) than what is installed on this machine (Version x.xx)*. A newer version of this DLL can be obtained from Microsoft and is shipped with NT SP4 and IE 4.x or higher. *Note: x.xx will be changed to show the version on the machine receiving this message. When this message is encountered, DameWare NT Utilities will still function however, it is recommended that the COMCTL32.DLL file be revised to a later version. This file is not re-distributable by third party software developers but you can download it from Microsoft and install it. At the time of this writing, two versions are available for download from Microsoft, 4.21 with a file name of 401COMUPD.EXE and 5.80 with a file name of 50COMUPD.EXE. These files can be found at the following URL: http://www.microsoft.com/msdownload/ieplatform/ie/comctrlx86.asp Active Directory: DNTUs Active Directory functionality is only supported on machines running Windows 2000 and above. However, even though it is not directly supported, many of DNTUs Active Directory features will still work on machines running Windows NT4 SP-6a, provided you also installed Microsofts Active Directory Client Extensions (DSClient.exe) for Windows NT4. For more information about Microsofts Active Directory Client Extensions, please refer to Microsofts website. Active Directory Client Extensions for Windows 95/98 and Windows NT 4.0 http://www.microsoft.com/windows2000/server/evaluation/news/bulletins/adextension.asp

Exchange 5.5: Support for Exchange 5.5 was dropped back version 5.x of the NT Utilities software. Exchange 2000/2003: Exchange 2000/2003 support is only supported in version 4 and above, and only within DNTU's Active Directory Users & Computers portion of the Browser (and it does not require the Exchange Admin Tools nor User Manager Extensions). Exchange 2000/2003 functionality is not available within the Microsoft Windows Network portion (i.e. Users View, etc..) or Favorite Machines (formerly non-Browsable) portion of DNTU. When you open DNTU's Active Directory Users & Computers section on a Domain Controller, the only way DNTU's Exchange Tasks (right-click context menu) will be enabled is if DNTU also detects that Exchange 2000 or greater is installed on this specific AD site. If this specific machine where you opened the Active Directory Users & Computers section is not your Exchange Server (i.e. you have another machine in your Domain that is running your Exchange Server), then you will need to right-click on DNTU's Active Directory section, then select Add Active Directory Site, then add the IP-Address of your Exchange Server. However, DNTU also requires that your Exchange Server also be running Active Directory. In other words, your Exchange Server must also be an Active Directory Domain Controller for this Domain. If you Exchange Server is not running AD (i.e. Domain Controller), then DNTU's Exchange Tasks menu will not function properly and you will receive an error. If everything is setup correctly in your environment, then you should be able to right-click on an AD object (i.e. User, Group, Contact...) under AD Users & Computers (or in an OU), then select the Exchange Tasks context menu. Then selecting your desired Task (i.e. Create Mailbox, Move Mailbox, Delete Mailbox, Establish Email Addresses, Delete Email Addresses, or Update now). Or you can also access other Exchange settings via the Exchange General, Email-Addresses, or Exchange Advanced Tabs, on the User Properties GUI. Just make sure the "View Advanced Properties" setting is enabled. Registration Information

file://C:\Users\armandol\AppData\Local\Temp\~hhE18D.htm

08/03/2012

Welcome

Pgina 5 de 64

Licensing: All DameWare Development software is licensed per User, not per Computer, and there are no additional fees for client agents installed by the program. Therefore, the number of licenses required should correspond with the actual number of technicians/administrators that will be running the software. For example, if you have 10 technicians that will be running the software and connecting to 10,000 remote machines, then you would only require 10 licenses. Each licensed user can have the software installed on multiple machines (i.e. Desktop at location #1, Desktop at location #2, Laptop, & Home Computer, etc....) and still be covered under their license, provided they are the only person running the software on these additional machines. If anyone else would be running the software on those additional machines, then you would need an additional license for each additional person running the software. Also, there are no provisions for concurrent (or "Per Seat") usage. Therefore, if you had a total of 25 technicians that would be using the software at any given time, even if no more than 10 would be using it at any one time, or even if these 25 users would only be running the software from 10 distinct machines (or even a single Citrix or Terminal Server) you would still be required to have 25 licenses. Each individual user of the software must have a license. Obtaining a new set of Registration / Activation Information: Version 6.x will require a new set of registration / activation information that is compatible with version 6.x of the software. Even if you currently have maintenance with your existing version 4.x or 5.x license, you will still need to obtain a new set of v6 registration / activation information. If you currently have maintenance on your older license, then your new version 6.x license will be provided to you at no additional charge. However, if you do not have maintenance on your existing licenses, then you would have to purchase an upgrade in order to continue using this current version of the software. You can check the status of your current license (including maintenance status) using our version checker application on our website at: http://www.dameware.com/sales/checkVersion.aspx Unfortunately, the Support department cannot process upgrade requests (generate new Activation Information for Version 6). That has to be handled by our sales department. However, you can request your new upgraded v6 license information online at: https://www.dameware.com/legacy/update/registration. Or please feel free to contact our sales department directly at sales@dameware.com, or at (985) 871-7519 M-F 9:00am-5:00pm CST to obtain a new license that is compatible with version 6.x of the software.

Registration / Activation Information: The evaluation release of DameWare NT Utilities is fully functional; however after fifteen days of usage you will encounter a ’nag screen. You will then have the remaining fifteen days of the thirty-day evaluation period to register the program without interruption. Upon receipt of your purchase of DameWare NT Utilities, you will receive your registration information that, when entered into DNTUs registration screen, will remove the ’nag screen. If you do not enter your registration information within the thirty-day period, the program will be terminated. DNTUs registration screen can be accessed by selecting Help / About DNTU and then clicking on the Registration button. *Note: When entering registration information, we have found that it works best if you copy and paste the information directly from the email from our Sales Department into the registration screen. It is a little tricky sometimes, and it must be entered EXACTLY as it is sent from our Sales Department including capitalization & punctuation. Another thing to keep in mind is that the registration information is profile specific. Therefore, if you enter it under the Administrator logon and then logon using the John account, you will have to re-enter the information again under the John profile. There are several methods of registration and each are described on our web site along with information on multi-user discount pricing and licensing. You can find registration information along with this form on our web site at http://www.dameware.com Here is some sample registration information: ---------------------------------------------------------------Sample e-mail from our Sales department ---------------------------------------------------------------***IMPORTANT*** The information contained in this e-mail is your DameWare NT Utilities Registration Information and Software Activation Key. We have XYZ Company registered for a 1 user license of DameWare NT Utilities v6.0 with no Software Maintenance Agreement for this license. Your Registration Number is XXXXXXXXXXXXXXXX-XX. THE REGISTRATION NUMBER IS NOT THE ACTIVATION KEY. In order to activate your software, you MUST follow these steps. 1. First begin by starting the program. 2. Select the "Help" menu item from the menu at the top of the main program window and then select the "Activate Software" menu item. 3. Once the Activation dialog appears, Copy and Paste the following Activation Key texts into the Activation Key fields which is presented and then click the "OK" button. PLEASE NOTE: YOU MUST COPY AND PASTE ALL THE INFORMATION BELOW IN TO THE ACTIVATION KEY FIELD OF THE ACTIVATION DIALOG BOX. IF THIS INFORMATION IS NOT COPIED & PASTED EXACTLY AS IT IS SHOWN BELOW, IT WILL NOT BE ACCEPTED. --- BEGIN ACTIVATION KEY --Registration key. Do not distribute or modify!

file://C:\Users\armandol\AppData\Local\Temp\~hhE18D.htm

08/03/2012

Welcome

Pgina 6 de 64

====YUtFWRZZZZZZBtIHwAAAAAEAAAAkYYYYQBERERhbWVXYXJlIERldmVsb3Bt ZW50AAAAAAIAAABEAAAASmltIEhhcmtpbnMNCk5PVCBGT1IgUkVTQUxFDQo0MC1C RD12QzVFAETNGREVDXYI0RDJCMDAwMDAwMDEAAAAAAEgAAAAv3UceP+p4v5zVjZ1B ytyiLBEhzJRaNbnFUbBMcsDUQFqstplo7OYbM0kAe///bfiu9q/feoxMGpm8ce8/ HDaFBACbstghEk8InbIDNoac4pP/f01erTmhnKJp6TG9m+tx9bI8LUlIjDRC/FyB hVoyFz5OlC5SFEP5mRBqAjBbLtuskZOUQQ4pB6OgabDlVlGqVYlRaWjq4DHXv5V6 53YxI0lVuK57H+35LcZF/Ry/Z2Rlvw+zgAxi1Or6XRmogLpa1+Ll =vAIO --- END ACTIVATION KEY --After successfully entering the activation information, the program will then display your Registration Information on the "DameWare NT Utilities About" dialog. The current version is now v6.0 and available for download from our website at http://www.dameware.com/download. If you have any technical questions, please contact our Support department via email at support@dameware.com. Thank you again for your purchase! Sales Department DameWare Development Sales@DameWare.com www.dameware.com -----------------------------------------------------------------------------------------------------------------------------------------Then you MUST enter the EXACT same information into the Registration Screen (Help / About DameWare MRC) -------------------------------------------------------------------------------------------------------------------------------------------

To register your local copy of the software, then basically all you should have to do is copy and paste the information between the dotted lines below directly into the Registration / Activation dialog to register the software. Do not modify it, just copy & paste it exactly as it appears below. In order to properly register the software, you must either paste the registration information using the "old-style" method, or the "new-style" Activation key into the dialog box. It is completely your choice. Example #1: "old-style" registration method: ----------------------------------------------------------------------------------------Registered Name: XYZ Company Number: XXXXXXXXXXXXXXX-XX ----------------------------------------------------------------------------------------- OR Example #2: "New-Style" Activation key: ------------------------------------------------------------------------------------------- BEGIN ACTIVATION KEY --Registration key. Do not distribute or modify! ====YUtFWRZZZZZZBtIHwAAAAAEAAAAkYYYYQBERERhbWVXYXJlIERldmVsb3Bt ZW50AAAAAAIAAABEAAAASmltIEhhcmtpbnMNCk5PVCBGT1IgUkVTQUxFDQo0MC1C RD12QzVFAETNGREVDXYI0RDJCMDAwMDAwMDEAAAAAAEgAAAAv3UceP+p4v5zVjZ1B ytyiLBEhzJRaNbnFUbBMcsDUQFqstplo7OYbM0kAe///bfiu9q/feoxMGpm8ce8/ HDaFBACbstghEk8InbIDNoac4pP/f01erTmhnKJp6TG9m+tx9bI8LUlIjDRC/FyB hVoyFz5OlC5SFEP5mRBqAjBbLtuskZOUQQ4pB6OgabDlVlGqVYlRaWjq4DHXv5V6 53YxI0lVuK57H+35LcZF/Ry/Z2Rlvw+zgAxi1Or6XRmogLpa1+Ll =vAIO --- END ACTIVATION KEY ------------------------------------------------------------------------------------------Please also keep in mind that the xxxxxxxxxxxxxxxx-xx number is only your license number, not an activation key. Therefore, simply trying to enter your license number into the Registration / Activation dialog box will never work. All the necessary information above must be entered into the software in order to be properly registered. If you continue to experience registration issues, then please send the following information to our support department at Support@DameWare.com for further review. 1. A screen shot of the Help / About screen from within the software. 2. Then click on the Registration button and enter all your registration information into the registration dialog box. 3. Forward another screen shot of the registration dialog box with all you registration information entered into it. As with all programs, the DameWare NT Utilities program should be thoroughly tested with non-critical data before relying on it. The use of this program indicates that you have read and agree to these terms and that you assume all risks in the use of this program.

Multiple Document Interface


DameWare NT Utilities is written with Multiple Document Interface (MDI) and is divided into two separate window panes. The left pane contains the Network Browser explorer tree view and Information View. The right pane functions as a normal MDI container for hosting multiple window views or the NT utilities and custom NT Tools. This interface provides a single application interface for remote management of Windows NT/2000/XP/2003/Vista Domains, Servers, and Workstations. The DameWare NT Utilities window views each contain a mini-toolbar in which custom properties are accessible. Each of these window

file://C:\Users\armandol\AppData\Local\Temp\~hhE18D.htm

08/03/2012

Welcome

Pgina 7 de 64

views have a similar look and feel including the unique feature of providing a customizable interface with individual column resizing (by double-clicking the column separators) and relocation of columns (by click and drag) to the users specifications. Each column of the window views can be sorted, either ascending or descending, by simply clicking on the column heading. The keyboard F6/Shift F6 keys can be used for switching between panes within the MDI. DameWare NT Utilities provides for additional customization of the window views through the property sheet interface. This additional customization includes performance-tuning parameters for many of the window views by user specification of the different thread priorities. During execution of each particular window view, the busy signal icon will show visible feedback to the user that the thread is running for that window view and is busy. The majority of the DameWare NT Utilities window views provide functionality allowing the user to stop execution or refresh the contents of the selected window by simply clicking on their respective buttons from the main toolbar. Version 5.x and above of DNTU now uses a new "Tabbed" MDI, which means each time you open a view, you get another Tab in the MDI pane (see below). There will also be arrows for scrolling through the tabbed views (similar to an Excel spreadsheet with multiple worksheets -Sheet1 / Sheet2 / Sheet3 ), but they will only be enabled when you open more tabs than can be listed in a single line simultaneously. However, the use of the classic MDI frame or the Tabbed MDI frame is also configurable via DNTUs Properties dialog, on the General Tab, under MDI View Options. Simply enable / disable (it is enabled by default) the "Use Tabbed MDI Frame" setting.

You can use CTRL - F4 to close any Tabbed MDI window (similar to ALT-F4), or use CTRL - F6 to switch between MDI windows (similar to ALT-TAB). These are standard Windows Keys for any MDI window.

DameWare on the Web Menu


Technical Support Opens your web-browser to our online technical support start page. http://www.dameware.com/support/ Knowledgebase Opens our online Knowledgebase Frequently Asked Questions (FAQ) Opens our online Technical Support FAQ Product History Displays online information about product enhancements and bug fixes. http://www.dameware.com/products/history/ Product Information Opens our online product information page Contact Information Displays our online contact information

Smart Card Authentication


Version 5.5 and above of the NT Utilities software now includes remote Smart Card authentication, which allows the user of the NT Utilities software to authenticate to the remote machine using their Smart Card and PIN from their local machine. All of the functionality within the NT Utilities software, including installing, removing, starting, or stopping the MRC Client Agent Service on a remote machine is accomplished by asking the Operating System on your local machine to execute standard Microsoft Windows APIs. The ability to perform this task also requires local Administrator rights within the Operating System on the remote machine, and will either be attempted based upon your current O/S logon credentials, and/or your current authentication to this remote machine within the Operating System itself. These APIs also require the Operating Systems installed protocols, basically File & Printer Sharing (i.e. 137139/445), which also requires File & Printer Sharing to be enabled on the remote machine, as well as the Server Service and NetLogon Service (in Domain environments). In addition to the above requirements, in Smart Card only environments where UserIDs and Passwords are no longer allowed (based upon policy settings, etc..), you must have the ability to map a network drive (or access shared resources) on these remote machines via your Smart Card (i.e. Net Use X: \\RemoteMachine\Resource /smartcard ). If you cannot access resources on these remote machines using your Smart Card, then you also will not have the ability to use any of the NT Utilities functionality, and you will also not have the ability to install, remove, start, or stop the Mini Remote Client Agent Service on this remote machine using Smart Card authentication within our software either. This is strictly a requirement of Microsoft, not directly of our software. If your Smart Card environment still allows Legacy Logins (via UserID & Password), then you should still be able to perform these tasks by first authenticating to this remote machine using Administrator credentials. Once you establish this authenticated connection, the O/S & APIs should use that authentication to perform these tasks.

file://C:\Users\armandol\AppData\Local\Temp\~hhE18D.htm

08/03/2012

Welcome

Pgina 8 de 64

The Scope of the Network Browser Pane


The DameWare NT Utilities Network Browser will display the following icons where appropriate: Represents the root level of the Active Directory Browser list. Represents the root level of the AD Browser list, when AD support is disabled. Represents the root level of the Windows Network Browser list. Represents the root level of the Favorite Domains list. Represents the root level of the Favorite Machines (formerly Non-Browsable) Machines list. Represents an Active Directory container, or a folder under the Favorite Machines list. Represents an Active Directory OU or Container. Represents a AD Domain Controller or Server running Microsoft Exchange 2000 or greater Represents the root of the Exchange System objects (only shown when Advanced Features are displayed) Represents an AD/Exchange Public Folder. Represents the AD Domain Policy. Represents the AD File Replication Service settings. Represents the RCP Services container. Represents a Domain in the browser list and also a Primary Domain Controller in the Server list. Represents a Primary Domain Controller in the browser list that is not confirmed active. Represents a domain that contains at least one Windows Terminal Server. Represents a Primary Domain Controller that is running Windows Terminal Server.

file://C:\Users\armandol\AppData\Local\Temp\~hhE18D.htm

08/03/2012

Welcome

Pgina 9 de 64

Represents a Primary Domain Controller that is running Windows Terminal Server but is not confirmed active. Represents a Backup Domain Controller in the browser list. Represents a Backup Domain Controller in the browser list that is not confirmed active. Represents a Backup Domain Controller that is running Windows Terminal Server. Represents a Backup Domain Controller that is running Windows Terminal Server but is not confirmed active. Represents machines that are NT/2000/2003 Servers. Represents a Windows NT/2000/2003 Server but is not confirmed active. Represents a Windows NT/2000/2003 Server that is running Windows Terminal Server. Represents a Windows NT/2000/2003 Server that is running Windows Terminal Server but is not confirmed active. Represents the current Network Browser process is working. Represents no Primary Domain Controller is found for this domain. Represents Windows Vista workstations in the browser list. Represents machines that are Windows XP workstation clients in the browser list. (Note: Windows XP has Terminal Services enabled by default) Represents Windows NT/2000 workstation clients in the browser list. Represents machines that are currently not available or have not been checked on the current network connection(s). Represents machines that have been disabled in the browser list, or the root of the Computers list. Represents machines that are Windows for Workgroups. Note: Machines identified with this icon do not have expanded views in the Network Browser tree view. Represents Windows 95/98/Me clients in the browser list Note: Machines identified with this icon will have limited functionality. Represents Windows 95/98/Me clients in the browser list but is not confirmed active. Upon selection, opens the Disk Drives view. Upon selection, displays the Event Log view. Upon selection, displays the Groups view. Upon selected, expands the Members option for a Primary Domain Controller within the Network Browser. Also represents and displays the Members view. Upon selection, displays the Add Computer to Domain dialog window. Upon selection, displays the Remove Computer from Domain dialog window. Upon selection, prompts the user to initiate Domain Synchronization. Upon selection, displays the Synchronize Monitor view. Upon selection, displays the Open Files view. Upon selection, displays the Printer view. Upon selection, displays the Processes view. Upon selection, displays the Properties view. Upon selection, displays the RAS view. Upon selection, displays the Registry view. Upon selection, expands the Remote Command options. Also represents and displays the Remote Command Console. Upon selection, displays the Remote Command view. Upon selection, expands the Remote Control options. Also executes the Mini Remote Control application. Upon selection, displays the RDP view. Upon selection, displays the Replication view. Upon selection, displays the Job (AT) Schedule view. Upon selection, displays the Task Schedule view. Also represents the root of the Schedule View. Upon selection, displays the Search view. Upon selection, displays the Send Message view. Upon selection, expands the Services options. Also represents and displays the Services view. Upon selection, displays the Sessions view. Upon selection, displays the Shares view. Upon selection, displays the Shutdown view. Upon selection, displays the Software view. Upon selection, expands the System Tools selection depending on your current System Tools configuration up to sixteen entries. Upon selection, expands the Terminal Server view. Upon selection, opens the Terminal Server View. Upon selection, opens a Terminal Services Client session to the remote machine. Upon selection, expands the TCP Utilities options. Upon selection, initiates a Ping process on the selected machine. Upon selection, initiates a Trace Route process on the selected machine. Upon selection, executes Windows FTP application passing on the machine name or IP address to the application. Expands the TCP Utilities view. Upon selection, opens the TCP Utilities view.

file://C:\Users\armandol\AppData\Local\Temp\~hhE18D.htm

08/03/2012

Welcome

Pgina 10 de 64

Upon selection, executes Windows Telnet application passion on the machine name or IP address to the application. Upon selection, displays Users view. Upon selection, displays the Wake On LAN view.

Network Browser Tool Tips:

OS Version 3.51 4.0 4.10 4.90 4.0 5.0 5.1 5.2 Symbol AFP ALT BBR BDC CNT DCE DFS DIS DMBR LOCAL MBR MEMB MFPN NW NT NTS OSF PBR PDC PDOM PS Sentinel SRV SQL TS VMS WIN WFW WS WTS XENIX

Corresponding Operating System Windows NT 3.51 Windows 95 Windows 98 Windows ME Windows NT 4 Windows 2000 Professional, 2000 Server, or 2000 Advanced Server Windows XP Home, Windows XP Professional Windows Server 2003 Meaning Apple File Protocol servers Return list for alternate transport Server running a Browser service as backup Backup Domain Controller NT cluster IBM DSS (Directory and Security Services) or equivalent Root of a DFS tree Server running dial-in service Server running the domain master browser Servers maintained by the browser Server running the master Browser service LAN Manager 2.x Domain Member Microsoft File and Print for Netware Novell servers Windows NT/2000/XP/2003 (either Workstation or Server) Windows NT/2000/2003 Non-DC server OSF Server that can run the Browser service Primary Domain Controller Primary Domain Server sharing print queue All servers All servers Any server running with Microsoft SQL Server Server running the Timesource service VMS Windows 95 or later Server running Windows for Workgroups All workstations Server running Windows Terminal Server Xenix server

How icons are updated in DNTU


Machines listed in the Microsoft Windows Network portion of the Browser (basically equivalent to My Network Places or Network Neighborhood), including Servers, Workstations, & Computers listed under any Domain Controllers, are not directly contacted by DNTU in order to update their icons. This is because there should already be enough information (i.e. O/S Flags, etc..) available directly within Microsofts Windows Network Browser itself (as part of your operating system). So the icons & tool tips for machines listed in this area of

file://C:\Users\armandol\AppData\Local\Temp\~hhE18D.htm

08/03/2012

Welcome

Pgina 11 de 64

DNTU, as well as which category they are placed into (i.e. Servers or Workstations), will only reflect what information is available directly within Microsofts Windows Network Browser, which is part of your Operating System itself. DNTU retrieves this information by asking your local machine for its Microsoft Windows Network Browser, and then displays the information according to whats returned by the O/S. DNTU does not modify this information in any way. With regard to Computers, the list of Computers will give you a list of all Domain Members directly from the SAM (Security Account Manager) database within the Operating System. This could however list a lot of machines that are not currently online and potentially non-existing machines as well (if these computer accounts were not maintained/purged properly). All Windows NT/2000/XP/2003/Vista machines must have a computer account in the Domain before that machine will be allowed to Login to the Domain. However, if you disjoin that machine from the Domain, or you rename that machine, or you move that machine to another Domain, or you decide to retire that machine, this account is never deleted until you manually cleanup this old information from your Domain. So that account will basically show forever until you manually delete it. Therefore, if this information is not being displayed properly, then it must be related to something within your network implementation & configuration. Unfortunately, we have absolutely no control over this behavior. However, if these machines were listed under Active Directory, or under the Favorite Machines section of DNTU, then DNTU will attempt to directly contact these machines to update their icons. DNTU just basically request a NULL connection to the remote machine, and then asks the O/S to execute standard Microsoft Windows Network management API calls to retrieve the necessary information from the remote machine. The Microsoft Windows API call that DNTU uses to contact these remote machines is called NetServerGetInfo. Once a machine has been contact, then icon will change accordingly, and you will also be able to look at the tool tips to determine how the remote machine responded. Red (or Blue with the Red "Prohibited" sign) means the remote machine has not been contacted yet, or could not be contacted via the Operating System's installed protocols, basically File & Printer Sharing (i.e. 137-139/445). Blue basically means the remote machine was contacted, and it also replied back that it was running Windows NT4, or Windows 2000. Green basically means the remote machine is running Terminal Services (Windows XP & Server 2003 are included due to Terminal Services being part of the O/S). However, if you feel your icons are not being displayed properly, then you may also want to check DNTU's Information pane for any errors encountered when contacting these remote machines (i.e. most likely System Error: 53 - Network Path not found").

Active Directory Overview


DameWare NT Utilities Active Directory administration tools simplify directory service administration and allows administrators to remotely manage multiple Active Directory sites directly from their workstation, without being physically logged into any domain. DNTUs Active Directory functionality is only supported on machines running Windows 2000 and above. However, even though it is not directly supported, many of DNTUs Active Directory features will still work on machines running Windows NT4 SP-6a, provided you also installed Microsofts Active Directory Client Extensions (DSClient.exe) for Windows NT4. For more information about Microsofts Active Directory Client Extensions, please refer to Microsofts website. Active Directory Client Extensions for Windows 95/98 and Windows NT 4.0 http://www.microsoft.com/windows2000/server/evaluation/news/bulletins/adextension.asp

Active Directory Support DameWare NT Utilities v4.0 and above contains support for extended Active Directory Management &endash; through the exclusive DameWare AD & Exchange Agent, which is automatically deployed from your PC to the DC or Exchange server that you wish to administer. You just click YES when asked if you wish to install the Agent and DameWare NT Utilities takes care of the rest! You can add a new user, create their home folders with the correct security settings, create an Exchange Mailbox for the user, and even add their picture &endash; all from within DameWare NT Utilities. Active Directory GPOs and OUs You can manage your GPOs and OUs from within DameWare NT Utilities. Right click on the Active Directory site you would like to manage and browse your GPOs. You add, delete or edit them right away &endash; without Remote Controlling your DC. You can also edit your Domain Account and Audit Policy from within DameWare NT Utilities. Microsoft Exchange 2000/2003 support

You can now administer your Exchange Mailboxes from within DameWare NT Utilities. Need to move a users mailbox to a different Exchange Server? Just find the user and right click it to move the mailbox &endash; it is that simple!

file://C:\Users\armandol\AppData\Local\Temp\~hhE18D.htm

08/03/2012

Welcome

Pgina 12 de 64

You can even set quotas on the users mailbox and set delivery restrictions all from within DameWare NT Utilities. Exchange functionality does not necessarily require the "DameWare AD & Exchange Agent ". DNTU will automatically detect if the Microsoft Exchange Admin tools are installed locally, if DNTU finds them it will use them otherwise DNTU will attempt to install the new AD & Exchange Agent. For example, if DNTU is run on an AD Domain Controller running Exchange, then the Exchange interfaces are already installed and DNTU will detect & use them instead. This also pertains to a workstation running Microsoft's Exchange Admin Tools. DNTU's enhanced Exchange functionality allows you to remotely "Mail Enable" Contacts & Groups, as well as Create, Move, & Delete mailboxes without being logged into the Domain. You can be outside of the Domain, provided you have the necessary Domain credentials to successfully perform the Exchange Admin functions. For Example, an Administrator can be logged into Domain A, or even working from home over a VPN connection without being logged into any Domain. He can then use DNTU to perform Administrative tasks on Domain B, including Active Directory, Exchange, Event Logs, etc..... without having to log into Domain B. When you open DNTU's Active Directory Users & Computers section on a Domain Controller, the only way DNTU's Exchange Tasks (right-click context menu) will be enabled is if DNTU also detects that Exchange 2000 or greater is installed on this specific AD site. If this specific machine where you opened the Active Directory Users & Computers section is not your Exchange Server (i.e. you have another machine in your Domain that is running your Exchange Server), then you will need to right-click on DNTU's Active Directory section, then select Add Active Directory Site, then add the IP-Address of your Exchange Server. However, DNTU also requires that your Exchange Server also be running Active Directory. In other words, your Exchange Server must also be an Active Directory Domain Controller for this Domain. If you Exchange Server is not running AD (i.e. Domain Controller), then DNTU's Exchange Tasks menu will not function properly and you will receive an error. If everything is setup correctly in your environment, then you should be able to right-click on an AD object (i.e. User, Group, Contact...) under AD Users & Computers (or in an OU), then select the Exchange Tasks context menu. Then selecting your desired Task (i.e. Create Mailbox, Move Mailbox, Delete Mailbox, Establish Email Addresses, Delete Email Addresses, or Update now). Or you can also access other Exchange settings via the Exchange General, Email-Addresses, or Exchange Advanced Tabs, on the User Properties GUI. Just make sure the "View Advanced Properties" setting is enabled. Active Directory Objects
In simplest terms, Active Directory is basically a database of Objects and their corresponding attributes. Every resource in Active Directory is represented as an object (i.e. Contacts, Shares, OUs, Servers, Workstations, Printers, Domains, Users, Groups, etc...). All Active Directory Objects in DNTU are displayed in a consistent style AD Object Viewer layout. Active Directory Computers DNTUs Active Directory Computers container contains a list of all computers within the selected AD Domain. This will allow Administrators to quickly find a Computer without having to drill down through all OUs & Containers.

file://C:\Users\armandol\AppData\Local\Temp\~hhE18D.htm

08/03/2012

Welcome

Pgina 13 de 64

Active Directory Quick OUs DNTUs exclusive Quick OUs container allows Administrators to create shortcuts to commonly used OUs. Active Directory Users & Computers DNTUs Active Directory Users & Computers is very similar to Microsoft Active Directory Users & Computers tool, except when using DNTU you are not restricted to being a member of the Domain or being physically logged into the Domain. Active Directory Users & Computers objects are divided into the following default containers. However, in addition to these default containers, you can also organize AD Objects in logical units by creating containers called organizational units (OUs). Active Directory Builtin Objects Active Directory Builtin Objects contain objects that define the default built-in groups, such as Account Operators or Administrators. Active Directory Computer Objects Computer objects contains Windows NT4, Windows 2000, Windows XP, and Windows Server 2003 computer objects. Active Directory Domain Controllers Objects Domain Controller Objects are computer objects for machines serving as domain controllers running a Windows Server Operating System (i.e. Windows 2000, 2000 Advanced Server, Windows Server 2003, etc..). Active Directory ForeignSecurityPrincipals Objects ForeignSecurityPrincipals contain information on objects from a trusted external domain. Normally, these objects are created when an object from an external domain is added to a group in the current domain. Active Directory LostAndFound Objects (Advanced View Only) LostAndFound objects are objects whose containers were deleted at the same time the object was created. If an object has been created in or moved to a location that is missing after replication, the lost object is added to the LostAndFound container. LostAndFound objects basically stores Active Directory objects that have been orphaned. Available in Advanced View only. Active Directory System Objects (Advanced View Only) System Objects contain built-in system settings for various system service objects & containers. Available in Advanced View only. Active Directory Users Default container for user objects.

Active Directory Object View

AD Objects Total Displays the total number of Active Directory objects that are retrieved. Filter Displays the total number of selected Active Directory objects that are displayed (filtered). Objects Area Lists all the Active Directory Object that belong to this AD Container. View Tabs

file://C:\Users\armandol\AppData\Local\Temp\~hhE18D.htm

08/03/2012

Welcome

Pgina 14 de 64

List View Displays the currently selected Active Directory objects in a List style view (default).

Tree View Displays the currently selected Active Directory objects in a List style view (default).

Picture View Displays the currently selected Active Directory objects in a Picture style view. DNTUs Picture Viewer is one of a kind. DNTUs is the first program to implement a picture viewer which allows you to easily manage photos & logos for each applicable Active Directory Object. rd Imagine a company having a 3 party badge application. Now imagine that same company being able to use DNTU to manage all aspects of their Active Directory implementation, and take full advantage of Active Directorys user database features, including management of pictures & logos.

file://C:\Users\armandol\AppData\Local\Temp\~hhE18D.htm

08/03/2012

Welcome

Pgina 15 de 64

Filter Toolbar Buttons Display All Objects Display all retrieved objects (no filter) Display Users Only display User objects in the currently select Active Directory object view Display Disabled Users Only display Disabled User objects in the currently select Active Directory object view Display Groups Only display Group objects in the currently select Active Directory object view Display Contacts Only display Contact objects in the currently select Active Directory object view Display Shares Only display Share objects in the currently select Active Directory object view Display OUs and Containers Only display OU & Container objects in the currently select Active Directory object view Display Computers Only display Computer objects in the currently select Active Directory object view Container Simple Query Allows you to filter objects within this container (up to the Maximum number of items defined) based upon some simple criteria. Mini Toolbar Buttons Create New User Create a new user in the current container Create New Group Create a new group in the current container Create new OU Create a new Organizational Unit in the current container Search AD Find objects within Active Directory Add Members to Group Add selected users to an existing Group Object Properties Displays the properties of the currently selected object Delete Object Delete the currently selected object Refresh Object Refresh the currently selected object Create Exchange Mailbox Create an Exchange Mailbox for the selected object Delete Exchange Mailbox

file://C:\Users\armandol\AppData\Local\Temp\~hhE18D.htm

08/03/2012

Welcome

Pgina 16 de 64

Delete the Exchange Mailbox for the currently selected object Auto Save Pictures & Logos Automatically save pictures & logos upon exiting Browse for Picture File Displays an Explorer window so you can browse for a picture file Save Picture File Save the current picture file for the currently selected object. Save as Bitmap Save the current picture or logo as a bitmap. Remove Picture Remove the picture from the currently selected object Copy Picture Copies the picture for the currently selected object to the clipboard Paste Picture Pastes a picture from the clipboard into the currently selected object Keep Aspect Ratio Keep Aspect Ratio of the current picture. Fit Picture in Window Expand the current picture to fit the entire display window Show Company Logo Display or Suppress the Company Logo from the display Browse for Company Logo Open an Explorer window so you can browse for a Logo file. Save Logo Save the current logo file for the selected object.

Microsoft Windows Network Browser Overview


The DameWare NT Utilities Network Browser tree view displays all Microsoft Windows Network components in an explorer tree view. This window displays all domains and machines available in the Microsofts Windows Network Browser list (equivalent to My Network Places or Network Neighborhood). All available domains are displayed in a collapsed tree view that can be expanded to list all active machines that are members of this domain. The Network Browser window will also allow the user to add and delete domains to the Favorite Domains list and add and delete machines to the Favorite Machines list. The Network Browser will provide high-level information using tool tips whenever the mouse cursor is placed over objects displayed in the Network Browser list. DameWare NT Utilities will dynamically change available menu items (both pull-down and right-click) depending upon the currently selected domain or machine. The count of Servers and Workstations is dynamically updated and displayed to the right of each category. Domain controllers, servers and workstations each will display the corresponding menu functionality based upon the logical function roles behalf a particular machine is acting. For example, when Groups are selected, a domain controller will display Global Groups for the selected domain and a workstation will display Local Groups for the selected machine. DameWare NT Utilities establishes focus on the Network Browser tree view on application start up. The following keyboard keys and key combinations are supported throughout the DameWare NT Utilities applications. ENTER key Executes the selection F9 Switches between the Network Browser tree view and the multiple document interface client windows Right/Left arrow keys Toggles the Network Browser tree expansion Up/Down arrow keys Navigates up and down throughout the Network Browser tree Ctrl + F6 Switches between all open MDI Windows. Ctrl + F4 Close the current MDI Window.

file://C:\Users\armandol\AppData\Local\Temp\~hhE18D.htm

08/03/2012

Welcome

Pgina 17 de 64

Favorite Domains Overview


DameWare NT Utilities includes a feature that will allow you to add, edit and delete domains that are used more frequently than others to the Favorite Domains list. Similar to the Active Directory Quick OUs & Favorite Machines features, Favorite Domains provides a quick view and access to a custom domain list.

Favorite Machines Overview


DameWare NT Utilities incorporates a special feature that will allow you to add, edit and delete machines that are not automatically included in Microsofts Windows Network Browser list. Machines added to the Favorite Machines list can be entered by machine name or IP-Address (provided Names Resolution is properly setup in your environment). DameWare NT Utilities will also allow a range of IP Addresses to be added in the Favorite Machines list. This could be, for example, machines that are accessed via dial up connections, hidden machines or different physically connected networks. If the administrator has the appropriate security privileges to the machine(s) listed in the Favorite Machines explorer view, he/she will be able to run many of the integrated NT utilities and NT custom tools available from within DameWare NT Utilities against these machine(s). All Favorite Machines in the list may be deleted by selecting the Delete All Machines option from the right-click menu or individually by selecting the machine and pressing the Delete button. Whenever DameWare NT Utilities is first loaded, you will notice that the icons listed in the Network Browser view provide a graphical representation of the type of each machine.

file://C:\Users\armandol\AppData\Local\Temp\~hhE18D.htm

08/03/2012

Welcome

Pgina 18 de 64

Disk Drives View


DameWare NT Utilities Disk Drives View provides an easy interface to enumerate the disk drives on a machine. Once enumerated, the selected drive can have a Windows Explorer view opened without having to previously map a drive by using the mouses right-click menu option. The authentication credentials used to access the Disk Drives View initially are maintained when the Explorer view is requested. The Disk Drives View will display the number of disk drives on the selected machine, disk drive format, total bytes, free bytes, bytes used, percent free and percent used, all of which are selectable for column sorting and column ordering. The following icons distinguish the disk drive type(s): Diskette or removable drives Hard disk drives CD-ROM Other drives - Unknown type

Disk Drives View Mini Toolbar Buttons


View disk drive details Display information in Gigabytes Display information in Megabytes Display information in Kilobytes Display information in Bytes

file://C:\Users\armandol\AppData\Local\Temp\~hhE18D.htm

08/03/2012

Welcome

Pgina 19 de 64

Disk Drive Details


When the highlighted drive is selected, a Disk Drive Details dialog is presented that will display Volume name, Serial number, File System, Sectors/Cluster, Bytes/Sector, Free clusters, Clusters, Total Space (in bytes), Free Space (in bytes), & Flags for the selected drive.

Event Log View


DNTU provides a custom Event Log View with many enhancements over the standard Windows Event Viewer. DNTUs Event Log View will display a total count of all entries in the list and then dynamically load a number of entries at a time. It will then load, in a lower priority thread, the remaining entries and update the appropriate counter(s) with the number of entries read. The maximum number of log entries to be retrieved can be specified in the Event Log Properties Tab of DNTUs Application Properties sheet (Eyeglasses icon in the toolbar). Stop & Resume buttons are also provided to assist with the retrieval of event log entries. DNTUs Event Log View can be used to view and manage the Application, Security, & System Event Logs on a remote machine. You can also clear and/or archive Event Logs. The Operating Systems Event Log Service starts automatically when Windows NT/2000/XP/2003/Vista boots up, however you can also start and stop event logging from DNTUs Services View. You can also easily switch between event logs by selecting the corresponding Tab from the top of the Event Log View.

Here are the five different types of Event Log entries with their corresponding icons. Information event Error event Warning event Success Audit event (Security Event Log) Failure Audit event (Security Event Log) Here is the default location for the Operating Systems Event Logs: Application Event Log: %SYSTEMROOT%\system32\config\AppEvent.Evt

file://C:\Users\armandol\AppData\Local\Temp\~hhE18D.htm

08/03/2012

Welcome

Pgina 20 de 64

System Event Log: %SYSTEMROOT%\system32\config\SysEvent.Evt Security Event Log: %SYSTEMROOT%\system32\config\SecEvent.Evt

Event Log Mini Toolbar Buttons


View Event Details for selected Event Log entry Open saved Event Log (.evt) file from disk Save the selected Event Log to disk Clear the selected Event Log Filter Event Log entries Display Event Log Properties

Event Details
The Event Details can be displayed by double-clicking an entry in the list, by selecting the mini-toolbar button, or by using the mouses right-click menu option. Event Details are displayed in a dialog box for easy navigation using the UP or DOWN buttons. Additionally, you can Copy the event log details to the clipboard for easy pasting into other applications.

Opening Saved Event Logs


Selecting the File tab from the top of the Event Log View allows you to open a previously saved Event Log file. You can also open a previously saved Event Log file (.evt) by using the Open Event Log mini-toolbar button or the mouses right-click menu option.

Saving Event Logs


Event Log events can be saved to disk as Event Log files (.evt) by selecting the Save Log As mini-toolbar button or from the mouses right-click menu option. Upon selecting the Save Log As option, you will be presented with a dialog box allowing you to specify the name and location of the event log file.

file://C:\Users\armandol\AppData\Local\Temp\~hhE18D.htm

08/03/2012

Welcome

Pgina 21 de 64

Clearing Event Logs


The selected Event Log can be cleared by selecting the Clear All Events mini-toolbar button or from the mouses right-click menu option. Please note, you must be logged on with administrative rights (i.e. Administrator) to clear a Event Log. Once you clear an Event Log, any existing events will be lost (unless you have archived them) and only new events will be recorded in the log. Please also note that you can only clear events in the current log files. Archived logs cannot be cleared. Archived logs can only be deleted by deleting the Event Log file (.evt).

Event Log Properties


Event Log Properties can be easily accessed from the mouses right-click menu or from the Event Log Properties mini-toolbar button. You can switch between the settings for the different event logs by selecting the appropriate Event Log from the Display Name drop down list at the top of the Event Log Properties dialog window.

Event Log Filtering


Event Log entries can be filtered based on Event Types, Event Source, Category, Event ID, User, Computer, or by Date Ranges.

file://C:\Users\armandol\AppData\Local\Temp\~hhE18D.htm

08/03/2012

Welcome

Pgina 22 de 64

Explore Network View


DNTUs Explore Network View (Tools / Explore Network) will allow you to view various network logical components by domain which can be selected at the top of the view. By expanding the machines in the result window, additional information is available, including Primary Role, Description, Version, Platform ID and Flags, which describes the attributes of the particular machines. Total Matches for specific search will be displayed in the view as well.

Groups View
DameWare NT Utilities supports both Local and Global group administration. When a domain or machine is highlighted from the Network Browser window and the Groups option is selected, DNTU will dynamically determine the role that the selected machine is playing in the network and will then display the appropriate group view, either Local or Local and Global. Drag and drop of users when adding to or removing from groups and Group Rename for both Global and Local groups is supported.

file://C:\Users\armandol\AppData\Local\Temp\~hhE18D.htm

08/03/2012

Welcome

Pgina 23 de 64

Global Groups: Global groups contain user accounts from the domain in which they are created. Global groups cannot contain other groups or users from other domains and cannot be created on a computer running Windows NT 4 Workstation, Windows 2000 Professional, Windows XP Professional, or Windows XP Home. A global group name cannot be identical to any other user or group name in the domain or computer being administered. It can contain up to 20 uppercase or lowercase characters except for the following: &rsquor; / \ [ ] : ; | = , + * ? < > A global group name cannot consist solely of periods (.) and spaces. Local Groups: Local groups can contain user accounts and global groups from the domain in which they are created and in any trusted domain. Local groups cannot contain other local groups. A local group name cannot be identical to any other group or user name of the domain or computer being administered. It can contain up to 256 uppercase or lowercase characters except for the backslash character (\). The following icons distinguish the group type(s): Local groups Global groups

Groups View Mini Toolbar Buttons


Add a new Global Group Add a new Local Group Copy a Group Delete a Group Display a Groups Properties (Name, Description, & Members)

Members View
DNTUs Domain Members View provides you with the functionality to add and remove machines to/from a domain. You may also Synchronize the Entire Domain (NT4 only) by selecting a machine and choosing the synchronize option from the right button menu. The Synchronize Monitor view provides functionality to synchronize a Backup Domain Controller with the Primary Domain Controller and Force full Synchronization with the Primary Domain Controller. DameWare NT Utilities will dynamically determine the role the computer(s) within the Domain Members view is playing and will display the appropriate icon for that computer type. You may selectively display computers within this view, including View All Computers, View Workstations Only, View Servers Only and View Members Only. When a computer is selected, you may remove it from the domain or add a new member to the domain The Domain Members window view will display the Computer Count, Status, Computer Name, Computer type, Description and Version, all of which are selectable for column sorting and column ordering. The following icons distinguish the computer type(s) within the Domain Members view: This icon represents machines that are Windows NT/2000/XP Workstation clients This icon represents machines that are Windows NT/2000/2003 servers This icon represents an Inactive Windows NT/2000/XP/2003 Workstation or Server This icon represents a Windows NT/2000/2003 Domain Controller This icon represents an Inactive Windows NT/2000/2003 Domain Controller Synchronize Monitor View The Members->Synchronize Monitor View contains several columns of information for both the Selected Domain Controller and All Domain

file://C:\Users\armandol\AppData\Local\Temp\~hhE18D.htm

08/03/2012

Welcome

Pgina 24 de 64

Controllers within a domain: Machine - Primary Domain Controller or Backup Domain Controllers Sync. Item - Description of the sync item Status - In the case of sync item "Connection Status", this contains any error that may occur or zero (0), if no errors. All other sync items indicate "Yes", if sync item is occurring or "No", if sync item is not occurring. Last - When the sync item last occurred Count - The count of times the sync has occurred. Error - The error condition Note: It is possible to miss a sync event if the event occurs between checks. A smaller refresh interval could help eliminate this condition. NetLogon Service The NetLogon Service automatically synchronizes changes in the Windows NT/2000 directory database stored on the Primary Domain Controller (PDC) to all Backup Domain Controllers (BDCs). Based on settings in the registry, the PDC sends timed notices that signal the BDCs to request changes at the same time. When a BDC requests changes, it informs the PDC of the last change it received so that the PDC can determine whether a BDC needs updating. If a BDC is up to date, its NetLogon service does not request changes. The NetLogon Service synchronizes three domain directory databases: the secuity accounts manager (SAM) database, the SAM built-in database and the Local Security Authority (LSA) license database. SAM accounts: Microsoft domain user and group accounts that you create. Includes all computer accounts added to the domain such as domain controllers (DCs) and Windows NT/2000/XP/2003/Vista computers. SAM built-in: Local machine built-in user and group accounts such as Administrator, Domain Admins, etc. LSA: LSA Secrets that are used for trust relationships and DC computer account passwords. Also includes the account policy settings that you configure. Synchronization occurs: When a backup domain controller is initialized or restarted in the domain. When "forced" by a network administrator using Server Manager. It occurs automatically by the DCs, depending upon Windows NT/2000/XP/2003 registry configuration. The change log records changes to the domain-directory databases, including new or modified passwords, user and group and accounts and group membership and user rights. Its' size determines how many changes the log can hold and the duration. Typically, the change log holds approximately 2000 changes, retaining only the most recent changes and deleting the oldest ones first. When a BDC requests changes, it receives only changes that occurred since the last synchronization. The NetLogon Service checks for updates every five minutes (default). If a BDC does not request changes in a timely manner, the entire domain directory must be copied to that BDC. For example, if a BDC is offline for a time (such as for system repair), more changes could occur during that timeframe than can be stored in the change log. Partial synchronization consists of the automatic, timed replication of directory database changes to all BDCs since the last synchronization. Full synchronization copies the entire directory database to a BDC. This occurs automatically when changes have been deleted from the change log before replication or when you add a new BDC to a domain. Both the NetLogon Service updates and the change log size ensure that full synchronization does not start up under most operating conditions. In the WAN environment, you can control and refine NetLogon activity using the Windows NT/2000/XP/2003 registry entries and methods described below. One way to reduce the number of full synchronizations is to build BDCs at the corporate network site so that the full directory database can be quickly transferred from a PDC to BDCs. You can then send the new BDC to the branch office and put it into service as soon as possible (within 3 to 6 days of dispatch). When the new BDC starts up, it contacts the PDC to obtain any directory database changes that occurred while the BDC was offline.

Open Files View


The Open Files View displays a custom view that will show any file(s), folder(s) and pipe(s) that are open on the selected machine. The Open Files view displays the Open File Count and Status, UserID, Path, Access Type and Locks and ID, all of which are selectable for column sorting and column ordering. The only options available to you in this view are to select one or more open files(s), folder(s) or pipe (s) and issue a disconnect on the item. When a disconnect is selected, DameWare NT Utilities will prompt you with an information dialog containing the message &rsquor;Forcing UserID to close filename. May result in loss of data. Do you want to continue? &rsquor;. You may then select Yes, to disconnect or No, to ignore and return to the Open Files view without performing a disconnect.

Note: A pipe, by definition, is an interprocess communication mechanism that allows one process to communicate with another local or remote process.

file://C:\Users\armandol\AppData\Local\Temp\~hhE18D.htm

08/03/2012

Welcome

Pgina 25 de 64

Open Files View Mini Toolbar Buttons


Delete the selected Open File Refresh the display

Printers View
The Printers View presents you with a custom view that contains a list of all printers on the selected machine. You may selectively display printers within this view by selecting from the available mini-toolbar icons - View All Printers, View Workstation Printers, View Server Printers and View Shared Printers. The Printers window view will display the Printer Count, Status, Printer UNC name, Share name, Location, Comments, Port name, Driver name, Separator File, Print Processor, Parameters and Print Jobs. These are all selectable for column sorting and column ordering. When a printer is selected, you may open the Open Printer Queue window from which printer queue documents may be paused, resumed, restarted or cancelled. When the selected printer's property sheet is displayed by executing the Printer Properties, management of the printer's sharing, port schedule and other properties are available.

Printers View Mini Toolbar Buttons


Open selected printer Display printer properties for selected printer View selected machine printers only View all printers View Workstation printers only View Server printers only View Shared printers only

file://C:\Users\armandol\AppData\Local\Temp\~hhE18D.htm

08/03/2012

Welcome

Pgina 26 de 64

Processes View
The DameWare NT Utilities Processes View is designed to allow robust process management remotely. This process management includes: termination of the selected process, run application remotely, view running applications, display memory details of a process and start/stop of the DameWare NT Utilities service. From within the Processes view, you are able to view the total number of processes currently executing on the selected machine as well as the Central Processing Unit (CPU) utilization on the machine. The Processes view will display the Image Name of each process, the Process Identifier (PID), the percentage of CPU in use by that process, the total amount of CPU Time consumed by that process, the percentage that the process thread is running in Privileged Mode, the percentage that the process thread is running in User Mode and the number of threads the process is running. As a process is selected, each of the Threads associated with a particular process are displayed in the lower section of the Processes window view. The Processor Time, percentage that the process thread is running in Privileged Mode, percentage that the process thread is running in User Mode and the priority of each individual thread are displayed as well.

The Processes Views mini-toolbar icons provide the following functionality: Terminate the Selected Process When selected, you will be presented with a Warning dialog stating that terminating a process can cause undesired results including loss of data and system instability. You will have the option to continue by selecting Yes, which will terminate the selected process or selecting No, which will return without terminating the selected process. Run Application Remote When this option is selected, the DameWare NT Utilities Run Task As dialog window is displayed. Within this dialog, you can select either from the previous history list of executed applications or specify a new application to run. The window in which the application will run may be specified as Normal, Minimized or Hidden. If selected, the Load User Profile option will run the application under the context of the specified user profile. If an error occurs during the execution of the remote process, DameWare NT Utilities service will write an event to the application error log on the remote machine. After you select to execute the remote application, DNTU will display a dialog window with the following message: "Any failures that could occur after the execution of the thread that handled this process are placed in the Application Event Log on the remote machine". Note: A warning dialog is issued at this point alerting you that loading a profile from a service will prohibit this user from using his profile when logging in at the console of the remote machine. If this user does logon at the console, the Windows NT/2000/XP/2003 operating system will create a new profile for this user. It is suggested that you create a local user account on the remote machine that will be used specifically for this purpose. You may also select the Run As option, which will allow the remote application to be run under the credentials supplied at this time by the administrator. When no credentials or user profile is selected to run the remote application, the DameWare NT Utilities Service will run as an impersonated user of the credentials of the user invoking this process. View Running Applications When selected, displays a dialog window listing all applications currently executing on the selected machine. A total count is displayed at the top of the window. The Refresh button will refresh the contents of the window. Auto Update When the Process window view is first displayed the Auto Update feature is disabled by default. If you are accessing a machine through a fast network link, then you may wish to enable the Auto Update feature. When enabled, the process information will be updated in real time. Re-sort On Update Upon selection of this option, DNTU will re-sort according to the currently selected sort column on each update. Display memory Details When selected, displays a dialog window listing the Process name, Process ID and User Address Space information for individual resources used by the process including Mapped Commit and Private Commit statistics. Virtual Memory Counts information is displayed including working set, pages, virtual sizes and fault count.

file://C:\Users\armandol\AppData\Local\Temp\~hhE18D.htm

08/03/2012

Welcome

Pgina 27 de 64

User Mode and Privileged Mode


Another aspect of thread behavior is whether it is running in user mode or privileged mode. User mode is the processing mode in which applications run. Threads running in user mode are running in their own application code or the code of another user mode process, such as an environment subsystem. Processes running in user mode cannot access hardware directly and must call operating system functions to switch their threads to privileged mode to use operating system services. Privileged or kernel mode is the processing mode that allows code to have direct access to all hardware and memory in the system. The Windows NT/2000/XP/2003 Executive runs in privileged mode. Application threads must be switched to privileged mode to run in operating system code. Applications call privileged-mode operating system services for essential functions such as drawing windows, receiving information about user keyboard and mouse input and checking security. DameWare NT Utilities will determine the percentage of time that threads of a process are running in user and privileged mode.

Processes View Mini Toolbar Buttons


End selected process Run Application Remote View running applications Auto Update Re-sort on update Display memory details Start DNTU Service Stop DNTU Service

Properties View
The DameWare NT Utilities Properties View is implemented as an MDI child window with tabular selection of eight major categories of properties information for the selected NT/2000/XP/2003/Vista machine. Batch Processing can be initiated from one client machine to any machine available in the Network Browser. The Machine Properties view displays the various Properties information in the upper portion of the view and displays the machines included in the Batch Processing in the lower portion of the view. This lower portion of the Machine Properties view works like a queue manager of the target machines. Machines can be added to the Batch Processing using drag and drop from the Network Browser. The machines added to the Batch Processing are saved so that each time you load the Machine Properties view, the machines will be listed.

Each of the following categories and sub-categories may also be printed for the selected machine. Time Displays time information including Current Local Time, Current Remote Time, Remote to Local Time, Start Time, Time Variance, Time Zone, Up Time and Zone Difference. Version Displays version information including CSD Version, Current Build Number, Current Type, Current Version, Install Date, Path Name, Plus! Version Number, Product ID, Product Type, Registered Organization, Registered Owner, Software Type, Source Path and System Root. System Displays system information including Identifier, Bios Version, Bios Date, CPU Identifier, CPU Vendor Identifier, CPU MHz, HAL and Physical

file://C:\Users\armandol\AppData\Local\Temp\~hhE18D.htm

08/03/2012

Welcome

Pgina 28 de 64

Memory. Also displays WMI information about (Bios) Bios Manufacturer, (Bios) Bios Version, (Bios) SMBios Version, (Bios) Serial Number, (Computer System) Manufacturer, (Computer System) Model, (Computer System) System Type, (Computer System), (System Enclosure) Manufacturer, (System Enclosure) Asset Tag, however, this information can only be displayed provided is has been populated by the hardware manufacturer. However, there are some known issues with retrieving WMI (Windows Management Instrumentation) information from remote machines running Windows XP SP2 with the Windows Firewall enabled, and simply opening the standard File & Printer Sharing Ports is not enough to resolve this behavior. See Windows XP & Service Pack 2 Topic below for additional information. Display Displays display information including Adapter String, Bios Date, Bios String, Bios Version, Chip Type, DAC Type, Driver, Driver Company, Driver Description, Driver Product, Driver Version, Memory Size, Refresh Frequency and Setting. Resources IRQ Displays IRQ, Device, Bus and Type I/O Port Displays Address, Device, Bus and Type DMA Displays Channel, Port, Device, Bus and Type Memory Displays Address, Device, Bus and Type Devices Displays Devices Environment Displays all environment variables currently defined including ComSpec, NUMBER_OF_PROCESSORS, OS, Os2LibPath, Path, PROCESSOR_ARCHITECTURE, PROCESSOR_IDENTIFIER, PROCESSOR_LEVEL, PROCESSOR_REVISION and windir. Network General Displays general information including Comment, Domain or Workgroup, *Hidden, Lan Root, *Legal Notice Caption, *Legal Notice Text, Logged On Users, Max Users, Network Version, Platform ID, User, User Logon Domain, User Logon Server, User Path and User Per License. *See Batch Processing Transports Displays Transport, Address, VC's, Wan and Quality. Settings Displays settings information including 512 Byte Max Transfer, Buffer Deny Write Files, Buffer Pipes, Buffer Read Only Files, Cache Time Out, Character Buffer Size, Character Wait, Character Time, Datagram Reset Frequency, Dormant File Limit, Force Core Creation, Illegal Datagrams, Keep Connection, Lock Increment, Lock Quota, Log Election Packets, Mailslot Buffers, Maximum Collection Count, Maximum Commands, Maximum Locks, Maximum Pipes, Maximum Threads, Pipe Increment, Read Ahead Throughput, Server Announce Buffers, Session Time Out, Use Close Behind, Use Encryption, Use Lock, Read, Unlock, Use Opportunistic Locking, Use Raw Read, Use Raw Write, Use Unlock Behind and Use Write Raw Data. Statistics Displays statistics information including Bytes Transmitted, Cache Read Bytes Requested, Cache Write Bytes Requested, Character Wait, Core Connects, Current Commands, Failed Completion Operations, Failed Sessions, Failed Use Count, Hung Sessions, Initially Failed Operations, Large Read SMBs, Large Write SMBs, LM 2.0 Connects, LM 2.x Connects, Network Errors, Network Read Bytes Requested, Non Paged Write Bytes Requested, Paged Read Bytes Requested, Paged Write Bytes Requested, Random Read Operations, Read SMB's, Reconnects, Server Average Response Time, Server Big Buffers Needed, Server Bytes Received, Server Bytes Sent, Server Device Opens, Server Disconnects, Server File Opens, Server Jobs Queued, Server Password Errors, Server Permission Errors, Server Request Buffers Needed, Server Sessions Open, Server Sessions Errored Out, Server Sessions Timed Out, Server System Errors, Sessions, Small Read SMBs, Small Write SMBs, SMBs Received, SMBs Transmitted, Use Count, Windows NT/2000/XP/2003/Vista Connects, Write Operations and Write SMBs. Hotfixes Displays Hotfixes, Valid, Installed, Installed By, Installed On, Description and Comments. The following options are available from the mini-toolbar located at the bottom of the Machine Properties view. Selected item Properties. Batch Processing - When selected, displays the Batch Processing dialog window. The total number of selected machines included in this Batch Properties Update is displayed at the top of the window. Two properties may be selected for Batch change - Machine Visibility and Legal Notice. Once a Batch has been submitted, the machine icons of the machines in the list will change according to the status of the task schedule submitted to the individual machine(s). Note: See the table below for an explanation of the status. Abort Batch Processing Refresh the current view. Stops the current view action.

The following status codes and descriptions are available within the lower pane of the Machine Properties view. None Error Active No Batch has been performed. The Batch item failed. Refer to the error field displayed in the lower portion of the Machine Properties view window. The Batch item is in progress on this machine. Complete Okay status Pending The Batch item is in the queue to be scheduled on this machine.

file://C:\Users\armandol\AppData\Local\Temp\~hhE18D.htm

08/03/2012

Welcome

Pgina 29 de 64

The following list further explains some of the Time fields. Current Local Time This is the actual time of the local machine. Current Remote Time This time is the actual time on the remote machine. Zone Difference The difference between the time zones on the remote machine and the local machine is calculated here. Start Time This is the last recorded start time of the remote system. Up Time This is the time in days, hours, minutes and seconds that the system has been running. The counter will be reset after 49.7 days or 4294967295 milliseconds. Due to this limitation, DNTU has an option for using the Event Log for this calculation. Starting with NT

Service Pack 4, Microsoft included a &rsquor;heartbeat in the event log that can aid in this calculation. However, if the event log is cleared, no such calculation is possible. Either of these options will calculate the same results, however, there is no guarantee of accuracy. Keep in mind that using the Event Log can be time consuming, especially with very large logs. Remote to Local Time This time is converted from the remote time to the local time for the time zone of the local machine. Note: This time is not the actual time of the local machine. Time Variance The calculated time difference between the remote machine and the local machine. Note: The Current Remote Time and Current Local Time may be the same if both the remote and local machines are in the same time zone.

Properties View Mini Toolbar Buttons


Display printer properties for selected printer Batch Processing Abort Batch Processing Refresh the current view Use Event Log for time calculations

RAS View
Please Note: DNTUs RAS View only supports RAS not RRAS (Routing and Remote Access service). Beginning with Windows 2000, Microsoft combined both routing and remote access into a single service (RRAS). DameWare NT Utilities provides two levels of Port statistics from within the Remote Access Service (RAS) Administration View - Port Status and Port Performance Data. The Port Status data displays information such as Port statistics, Connection Statistics, Device errors and Remote Workstation information. The Port Performance Data actually connects to the Performance counters that are tracked by the operating system. The Port Performance Data contains more detailed information related to bytes, frames, compression, device errors and timeouts. The refresh delay for the RAS Administration window view is customizable from within the property sheet.

Selecting a Server or Domain to Administer


You must have administrator privilege or server operator and account operator privileges for the domain or server you select to administer.

Dial-Up Networking Overview


Dial-Up Networking is the client version of Windows NT Remote Access Service (RAS). Dial-Up Networking allows remote users on the following systems to work as if they were connected directly to the network: Windows NT, Windows for Workgroups, MS-DOS version 3.1 or later (RAS version 1.1a) and MS OS/2 version 3.1 (RAS version 1.1). Microsoft does not support access to Macintosh volumes and AppleTalk printers over dial-in lines. A Windows NT RAS configuration includes the following components: Dial-Up Networking clients Windows NT, Windows for Workgroups, MS-DOS (with Microsoft network client software installed) and LAN Manager RAS clients can all connect to a Windows NT RAS server. Clients can also be any non-Microsoft PPP client. RAS Servers The Windows NT Server RAS permits up to 256 remote clients to dial in. Windows NT Workstation permits one remote client to dial in. The RAS server can be configured to provide access to an entire network or restrict access to the RAS server only. LAN protocols LAN protocols transport packets across a local-area network (LAN) whereas remote access protocols control the transmission of data over the wide-area network (WAN). Windows NT supports LAN protocols such as TCP/IP and RAS, IPX and RAS and NetBEUI and RAS, which enable access to the Internet and to NetWare and UNIX servers. Windows Sockets applications over TCP/IP or IPX, named pipes, Remote Procedure Call (RPC) and the LAN Manager API are supported. Remote Access Protocols Windows NT supports Remote Access Protocols such as PPP, SLIP on RAS clients and the Microsoft RAS Protocol. WAN options Clients can dial in using standard telephone lines and a modem or modem pool. Faster links are possible using ISDN. You can also connect RAS clients to RAS servers using X.25, an RS-232C null modem or using the Point-to-Point Tunneling Protocol (PPTP). Security features Clients can dial in using standard telephone lines and a modem or modem pool. Faster links are possible using ISDN. You can also connect RAS clients to RAS servers using X.25, an RS-232C null modem or using the Point-to-Point Tunneling Protocol (PPTP). Internet support RAS enables Windows NT to provide complete service to the Internet. A Windows NT Server computer can be configured as an Internet Service Provider, offering dial up Internet connections to a PPP client. A computer running Windows NT Workstation can dial into an Internet connected computer running Windows NT Server 3.5 or later or to any one of a variety of industry standard PPP or SLIPbased Internet servers. RAS Servers Windows NT Server administrators use the Remote Access Admin program to control the RAS server, view users, grant permissions and monitor remote access traffic. For more information about using the Remote Access Admin program see Rasadmin.hlp. The server must have a multi-port adapter or modems (9600 baud or above is recommended for acceptable performance), analog telephone lines or other WAN connections and the RAS software installed. If the server will provide access to the network, a separate network adapter card must be installed and connected for each network the server will provide access. RAS servers are configured during initial RAS setup. You must specify whether access will be to the entire network or to the RAS server only. You must also select the protocols to use on the LAN (IPX, TCP/IP and NetBEUI) and an authentication encryption option. Ports on RAS servers are configured individually. Each port can be set to Dial Out Only, Receive Calls Only or Dial Out and Receive Calls. These settings affect only the port specified, not all ports. For example, your RAS server can be configured to receive calls and COM2 can

file://C:\Users\armandol\AppData\Local\Temp\~hhE18D.htm

08/03/2012

Welcome

Pgina 30 de 64

be configured for dial out and receive. A remote user can call in on either COM port but a local user can use only COM2 for outbound RAS calls. Events and errors are recorded in Event Viewer on Windows NT/2000 RAS clients and servers. Evaluating the log in the Event Viewer can help you determine the source of problems. The Windows NT Server RAS permits up to 256 remote clients to dial in. The RAS server can be configured to provide access to an entire network or restrict access to resources on the RAS server only. Using Windows NT Server to Provide Internet Access In conjunction with a router and Internet service provider, Windows NT Server acts as a gateway to the Internet for remote clients. Up to 256 clients can dial into the RAS server using standard telephone lines, ISDN lines, X.25 or PPTP. The clients then use any PPP compliant software or Windows NT computer together with Internet browsing tools to access the Internet. The Internet Connection The Internet connection to your site will typically be made through a leased line to a router located on your network. Thus data travels over the Internet, over a leased line to a router, through the router, over you local network, to the RAS server and then to remote clients.

Registry View
The DameWare NT Utilities Registry view interface provides a very robust and easy to use environment for registry management of both local and remote NT/2000/XP/2003/Vista machines. Registry updates can be initiated from one client machine via Batch Processing to any machine available in the Network Browser. The Registry view displays the machines included in the Batch Processing in the lower portion of the view. This lower portion of the Registry view works like a queue manager of the target machines to be updated. Machines can be added to the Batch Processing using drag and drop from the Network Browser. The machines added to the Batch Processing are saved so that each time you load the Registry view the machines will be listed. You can abort Batch Processing Registry updates any time during the process and any updates not yet executed will be cancelled. DNTU makes use of many different icons to help provide visual feedback to the user as to the status of registry batch processing updates on both local and remote machines. The upper portion of the Registry view will show the registry hives and keys (if any of the hive(s) are expanded) in the left portion of the Registry view and the names and values for the selected registry key, in the right portion of the Registry view, for the selected machine. Each of the columns contained in the upper portion and the columns contained in the lower portion of the Registry view, support column sorting and column ordering. The selected registry Hive(s)/Key(s) can be exported to a REGEDIT4 .REG file by selecting the Registry/Export Registry File option from the pull down menu. Once selected, a file dialog save window will be displayed for you to select the location to save the registration file on the local machine. A registration file may also be imported by selecting the Registry/Import Registry File option from the pull down menu. (Refer to Batch Processing below for batch registration file updates.) DNTU supports the Microsoft RegEdit4 signature file format. The lower portion of the Registry view lists the Machine name, Action, Status, Machine Type and Error columns. The Error column will show the error code and error description whenever an error condition has occurred. The DameWare NT Utilities Registry view also includes a binary editor for adding and changing the values for REG_BINARY data types. The following options are available from the mini-toolbar located at the bottom of the Registry view.

Find text in Registry


Delete Registry Key or Value Copy Registry Key to Clipboard Batch Processing When selected will prompt for the REGEDIT4 Registry export file (.reg) to be used to import to the machines selected in the Registry machines view. Once a Batch Schedule has been submitted the machine icons of the machines in the list will change according to the status of the registry update(s) submitted to the individual machine(s). Abort Batch Processing When a batch is being processed, selecting this option will terminate the next registry update scheduled for execution. This may be the next key/value within the currently executing batch machines registry update or the next machine in the batch machine list. Stops the current view action. Refresh the current view.

Notes: DNTUs Registry View currently does not support the following functionality: Batch deleting of Registry keys: REGEDIT5 formatted Registry (.reg) files. Changing of permissions of Registry keys.

The following rules govern the content of these value entry components: The name of the value is a string of up to 16,000 Unicode characters (32K). This name can contain backslash (\) characters. The name itself can be null (that is, " "). The data type of the value is REG_BINARY, REG_DWORD, REG_EXPAND_SZ, REG_MULTI_SZ or REG_SZ. The DameWare NT Utilities Registry view, as well as the NT/2000/XP/2003/Vista Registry Editor, allows edits values of these types only. The value in a value entry can be data of a size up to 1 MB in any data type except REG_DWORD, including arbitrary strings and raw binary data. However, to be efficient, values larger than 2048 bytes should be stored as files with the filenames stored in the Registry. The Registry preserves case as you type it for any entry but ignores case in evaluating the data. However, the data is defined by specific applications (or users) so applications that use the data might be case sensitive depending on how the program that uses it treats the data. Numeric values and ranges that take the REG_DWORD data type can be expressed as either hexadecimal or decimal numbers, or in hex or decimal base. If the defined value is represented in a hexadecimal base, the value is preceded by that it is hexadecimal.

&rsquor;0x to indicate

To assist you in applying changes to hexadecimal-base value entries or interpreting the current values, you can use a scientific calculator, such as the Calculator application (Calc.exe) to make conversions between hexadecimal and decimal values.

file://C:\Users\armandol\AppData\Local\Temp\~hhE18D.htm

08/03/2012

Welcome

Pgina 31 de 64

The following status codes and descriptions are available within the lower pane of the Registry view. None No Batch registry updates have been performed.

Complete Okay status Error The Batch registry update failed. Refer to the Error field displayed in the lower portion of the Registry view window. Pending The Batch registry update is in the queue to be imported on this machine. Active The Batch registry update is in progress on this machine.

Registry View Mini Toolbar Buttons


Find text in Registry Delete Registry key or value Copy Registry key to Clipboard Batch Processing Abort Batch Processing Stops the current view action Refresh the display

Remote Command View


DameWare NT Utilities provides a Remote Command View and Remote Command Console that will enable you to execute commands remotely on machines as well as kill processes running on the remote machine. Once you select the Remote Command View or the Remote Command Console on a machine, DameWare NT Utilities will determine whether DNTUs service is installed or not. It will then dynamically prompt you to install the DameWare NT Utilities service on the selected machine and will copy the service over to the remote machine. It will then install and start the service, if it is not already installed. Once the DameWare NT Utilities service is installed on the selected machine, the Remote Command view will connect with the DNTU service and display a Status of Remote Command Ready and display a prompt for you to begin entering remote commands. When selected, the Remote Command Console will allow you to specify logon credentials and if specified, will use the existing profile of the logged on user to provide that logged on users environment table. Note: If you would like to remove the DameWare NT Utilities service, simply open the Services window view, select the DameWare NT Utilities service and right click to select the Remove Service wizard. You may select the Run As Console, View Remote Processes and Remote Command properties options from the mini-toolbar displayed at the bottom of the Remote Command view. The DameWare NT Utilities remote command Run As Console option, will allow logon under different credentials, however this will be sent in clear text. If this is a concern, you should set the remote machine up to accept the credentials that you are using from other machines by selecting ENTER when the Remote Command Console asks for a User ID. The Remote Command Console will then use the NT challenge/response authentication using your current logon credentials. The DameWare NT Utilities service may be stopped and started by simply selecting the corresponding buttons from the mini-toolbar. (This would be useful if you want to keep the service installed on the remote machine but would like to conserve memory on the remote machine by stopping the service when it is not being used.)

Remote Command Overview The Remote Command window view allows you to run command-line programs on remote computers.
For example, when you are developing software, you can compile code with the processor and resources of a remote computer while you perform other tasks on your computer. You can also use REMOTE to distribute the processing requirements for a particular task across several computers. DameWare NT Utilities provides a secure, robust way to remotely administer and run command line programs. Security is provided in two ways: The logged on user must have interactive logon privileges on the target computer in order to connect to it. Any programs executed on the target computer are executed impersonating the logged on user. Any access validation (such as opening files) is performed as if the user were logged on to the local computer. Note: All Windows NT/2000/XP/2003/Vista Workstation users have interactive logon privileges by default. Anyone who can locally log on to your system can transparently access it over the network, unless you configure it otherwise. For Windows NT/2000/2003 Server, however, only system administrators have this privilege. Executing START on the remote computer will result in spawning detached processes. These processes are not "connected" (that is, no input or output is possible) and will not be killed when you exit the remote command shell. This wastes resources on the remote computer. The standard users environment is not set up in the remote command shell. Any environment must be set up explicitly during the command session.

Remote Control View


The DameWare NT Utilities Remote Control View launches the DameWare Mini Remote Control program (as a separate application passing command line parameters) for the current machine. If a Saved Host Entry exists for this machine, then that Saved Host Entry will

file://C:\Users\armandol\AppData\Local\Temp\~hhE18D.htm

08/03/2012

Welcome

Pgina 32 de 64

automatically be selected and those settings will be used for the MRC connection. If a Saved Host Entry does not exist for this specific machine, then a new (Temporary) entry will be created using the settings from the Default Host Properties dialog (View / Default Host Properties). Also, if you have the "Attempt to Connect" setting enabled on the Remote Control Tab in DNTUs Properties dialog, then the MRC program will automatically attempt to connect to this Host when its launched. If you do not have the "Attempt to Connect" setting enabled, then the MRC program will only be launched, and the given Host Entry automatically selected. You must then press the Connect button in MRC to initiate your Remote Control session for this machine. For additional information DNTUs Remote Control view, please reference the help filed contained within the Mini Remote Control program.

Mini Remote Control RDP


Launches the DameWare Mini Remote Control program in RDP mode, by enabling the "Use Remote Desktop (RDP)" setting for the current machine.

RDP View
Beginning with version 4.4, the DameWare NT Utilities now gives you another utility to connect to a remote machine. This new utility is called RDP View, and it allows you to connect to a remote machine using an RDP style interface. With DNTUs new RDP View, you can easily connect to your remote machines running Terminal Services or to another computer running Windows XP (which by default runs Terminal Services) or Windows Server 2003. Basically, all you need is network access, the correct TCP ports open on any routers/firewalls between the local & remote machines, and the necessary permissions to connect to the remote machine.

file://C:\Users\armandol\AppData\Local\Temp\~hhE18D.htm

08/03/2012

Welcome

Pgina 33 de 64

Making a RDP connection: 1. To connect to a remote machine using DNTU's new RDP View, first open the RDP View. 2. Next, supply the HostName or IP address of the remote machine. The remote machine can be any machine running Terminal Services, including Windows XP or Windows Server 2003. Remote Desktop permissions can also be set "on the fly" for the remote machine, then disabled after disconnecting the connection. 3. Supply your UserName, Password, and Domain Name and click on OK. 4. Now click on the Connect button. 5. If everything is setup properly, the Windows Logon dialog for the remote machine should appear. 6. In the Windows Logon dialog box, type your user name, password, and domain name (if required), and then click OK.

Replication View
Please Note: Microsoft removed Replication and Synchronization in Windows 2000 & Windows XP. It's not that DNTU can't do it, but rather the O/S does not support it any longer. Users who attempt Replication under a non-supported configuration may experience the following system error:

file://C:\Users\armandol\AppData\Local\Temp\~hhE18D.htm

08/03/2012

Welcome

Pgina 34 de 64

Error: 2146 - The specified component could not be found in the configuration information Here is Microsoft's documentation about Replication: NetReplGetInfo The NetReplGetInfo function retrieves configuration information for the file replicator service. Windows NT/2000: Note that the replicator functions work only when the target machine is running Windows NT 4.0 or earlier and the local machine is running Windows 2000 or earlier. Security Requirements No special group membership is required to successfully execute the NetReplGetInfo function.

The DameWare NT Utilities Replication View is designed to allow for total replication management functionality. You can manage both import and export directories in one window interface. The Replication view displays the Import Directory, State, Last Update, Lock Count, Lock Time and Exporter, for the Import directory window pane. The Export Directory window pane displays the Export Directory, Stabilize, Subtree, Lock Count and Lock Time columns. All columns within the DameWare NT Utilities Replication view allow column sorting and column ordering. Note: The Export Directory window pane will be enabled only for NT Server machines. The following options are available from the mini-toolbar located at the bottom of the Replication view.

Add lock to the selected directory Remove lock from the selected directory Add Replication Entry Delete Replication Entry Wait Until Stabilized Show Entire Subtree Directory Replication Properties Start the Replication Service Stop the Replication Service Pause the Replication Service Continue the Replication Service

Windows NT Replication Overview Directory replication: Directory replication is the copying of a master set of directories from a server (called an export server) to specified servers or workstations (called import computers) in the same or other domains. Replication simplifies the task of maintaining identical sets of directories and files on multiple computers because only a single master copy of the data must be maintained. Files are replicated when they are added to an exported directory and every time a change is saved to the file.

EXPORT SERVER
Locks:

To temporarily stop exporting a subdirectory, select the subdirectory and then select Add Lock. Or, to resume exporting a locked subdirectory, select the subdirectory and then select Remove Lock. To export a subdirectory and all of the subdirectories in its tree, select the subdirectory and then select Entire Subtree. Or, to export only the highest subdirectory in a tree, select the subdirectory and then select Entire Subtree to unselect. To specify a two-minute or longer delay during which no changes can be made before files are exported, select a subdirectory and then select the Wait Until Stabilized option. To export files immediately after they are changed, select a subdirectory and then select Wait Until Stabilized option to unselect.
Notes:

Usually, you should only remove locks that you have applied. Exporting resumes only when the Locks column shows a value of 0 for the subdirectory. Select the Add Replication Entry option to add a subdirectory to the list. Select Delete Replication option to remove the selected subdirectory from the list. If it does not already exist, the system creates the share REPL$ which is required for export replication. If it is not already running, the system starts the Directory Replicator service. Only Windows NT/2000 Server computers can be set up as replication export servers; Windows NT/2000 Workstation Computers cannot. Make sure an appropriate logon account has been assigned to the Directory Replicator service before performing this procedure. The directories to be exported must be subdirectories of the replication From Path. You can add the files to be exported to these subdirectories. However, this is optional. Once you set up replication any files later added to these subdirectories will be exported automatically. You can also later add additional subdirectories to the From Path. By default, the To List contains no entries and this computer automatically exports to the local domain. However, if you add any entries to the To List, the computer will no longer automatically export to the local domain. To then export to the local domain, the domain name must explicitly be added to the To List.

IMPORT COMPUTER Locks: To temporarily stop importing to a subdirectory, select the subdirectory and then select Add Lock. Or to resume importing a locked subdirectory, select the subdirectory and then select Remove Lock.
Notes:

Make sure an appropriate logon account has been assigned to the Directory Replicator service before performing the procedure. Both Windows NT Server computers and Windows NT Workstation computers can be set up as import computers. By default, the From List contains no entries and this computer automatically imports from the local domain. However, if you add any entries to the From List the computer will no longer automatically import from the local domain. To then import from the local domain, the computer name must explicitly be added to the From List.

file://C:\Users\armandol\AppData\Local\Temp\~hhE18D.htm

08/03/2012

Welcome

Pgina 35 de 64

Job Scheduler
The DameWare NT Utilities Job Schedule View interface provides an easy to use environment for total management of the Job Scheduler (or AT Scheduler) functionality available in Windows NT/2000/XP/2003/Vista. Schedules can be initiated from one client machine via Batch Processing to any machine available in the Network Browser. The Schedule view displays the schedule queue in the upper portion of the view and displays the machines included in the Batch Processing in the lower portion of the view. This lower portion of the Schedule view works like a queue manager of the target machines schedules. Machines can be added to the Batch Processing using drag and drop from the Network Browser. The machines added to the Batch Processing are saved so that each time you load the Schedule view the machines will be listed. You can copy and paste existing schedules seamlessly between machines and abort Batch Processing schedules any time during the process and any schedules not yet executed will be cancelled. The remote time and local time are displayed during an Add schedule for convenient scheduling of jobs. DameWare NT Utilities makes use of many different icons to help provide visual feedback to the user as to the status of schedules on both local and remote machines. The upper portion of the Schedule view will show the Task ID, Week Day(s), Month Day(s), Time, Command, Interactive and Error fields. Each of the columns contained in the upper portion and the columns contained in the lower portion of the Schedule view supports column sorting and column ordering. The lower portion of the Schedule view lists the Machine name, Action, Status, Machine Type and Error columns. The Error column will show the error code and error description when an error condition has occurred. The following status codes and descriptions are available within the lower pane of the Schedule view. None No Batch schedules have been performed. Complete Okay status Error The Batch schedule failed. Refer to the Error field displayed in the lower portion of the Schedule view window. Pending The Batch schedule is in the queue to be scheduled on this machine.

Task Scheduler
Within DNTUs Task Scheduler View, there are two ways to create a new scheduled task. You can either right-click in an open area in the Scheduled Tasks window and then choose Add Schedule or you can click on the Add Schedule Mini Toolbar Button. A dialog will appear prompting for the name of your new scheduled task

Once you provide a name for your new task, the "New Task Properties" dialog will be displayed. Within the New Task Dialog, there are three properties tabs for the new task:

file://C:\Users\armandol\AppData\Local\Temp\~hhE18D.htm

08/03/2012

Welcome

Pgina 36 de 64

Task: On this tab, you provide the path and filename of the program to be run, along with any switches/options as necessary. You can also provide comments, and indicate which user and password the task should be run as. A checkbox indicates whether the job is enabled (if this box is cleared, the task in disabled and will not execute at the scheduled time.

Schedule: On this tab, you can set the time and interval for the task to execute. Initially this task will show as "unscheduled". Simply click on the New button to begin scheduling your new task. Many scheduling options are available, depending on which schedule you use (daily, once, at idle, etc.). It is even possible to create more than one schedule for a task. For instance, you may wish to run a task every Tuesday, but also every time the system starts.

Settings: This tab contains various options that may affect when and how you want the task run, and what to do after the task completes. For instance, you can Stop the Task if the machine goes into battery mode. You may also want the task to be stopped automatically if it runs too long.

file://C:\Users\armandol\AppData\Local\Temp\~hhE18D.htm

08/03/2012

Welcome

Pgina 37 de 64

To view existing Scheduled Tasks, you can use either use DNTUs Schedule View or you can also view them within the Operating System itself. You can either click Start / Programs / Accessories / System Tools / Scheduled Tasks, or you can also double-click on the Scheduled Tasks item in the Control Panel.

Schedule View Mini Toolbar Buttons


Add Schedule Delete Schedule Batch Processing Stop Current View action Refresh View Schedule Properties Copy selected schedule Paste selected schedules Start Service Stop Service Pause Service Continue Service

Add New Schedule When selected, will display the Add New Schedule dialog window where the command to be executed and date and time options can be specified. The remote time and local time are displayed to make it easy to schedule at the appropriate time. Once a new schedule has been added, the task ID will be displayed in the top portion of the view Delete Schedule Any number of scheduled tasks can be selected and deleted. Batch Processing When selected, displays the Batch Schedule dialog window. The total number of selected machines included in this Batch Schedule is displayed at the top of the window. The command to be executed and date and time options can be specified. The remote time and local time are displayed to make it easy to schedule at the appropriate time. Once a Batch Schedule has been submitted, the machine icons of the machines in the list will change according to the status of the task schedule submitted to the individual machine(s). Note: See the table below for explanation of the icon status. Stops the current view action. Refresh the current view. Schedule Properties Changes can be made to the scheduled entry including when the task is scheduled to occur, Week Day(s), Month Day(s), Time and Interactive. Copy selected schedules. Any tasks selected can be copied for later paste to a different machine. Paste copied schedules. Pastes the previously copied task schedules to the selected machine. Start the Task Scheduler service on the selected machine. Stop the Task Scheduler service on the selected machine. Pause the Task Scheduler service on the selected machine. Continue the Task Scheduler service on the selected machine

Search View
The Search View will allow a search for a User account to be performed on Domains, Servers and Workstations. The search criteria can be filtered by What to Search (Users, Global Groups, Local Groups, Shares), Where to Search (Add and Remove functionality for Domains, Servers and Workstations), and what machine types (PDC-Primary Domain Controller, BDC-Backup Domain Controller, Server, Workstation) to include in the search. Once a machine or domain has been added to the Where to Search list, DameWare NT Utilities will save the list for easy access from a later session. Once the Search is completed, a report will be generated to the lower portion of the

file://C:\Users\armandol\AppData\Local\Temp\~hhE18D.htm

08/03/2012

Welcome

Pgina 38 de 64

window, which can be copied to your favorite word processor, spreadsheet or file for reporting needs. A summary section is generated at the top of the report that displays the results of the search.

The following criteria are available from the Search view. What To Search: User accounts Global Groups Local Groups Shares Where to Search: Servers and Workstations Domains

Send Message View


The DameWare NT Utilities Send Message window view provides an easy way to send messages to other users, computers or messaging names on the network by selecting the machine, workgroup or domain to send a message to with the Browse button or by selecting the Broadcast option. Batch Processing is also supported allowing for ease of sending both single machine messages and broadcast messages across workgroups and domains.

file://C:\Users\armandol\AppData\Local\Temp\~hhE18D.htm

08/03/2012

Welcome

Pgina 39 de 64

DameWare NT Utilities supports drag and drop of domains, machines and users when adding or removing recipients. The Send Message window view contains a small message result area near the bottom of the window. This message status will provide feedback on the results of the attempted message send. Successful and failure messages will be displayed in this window as they occur. Note: The Messenger service must be running to send or receive messages. You can send a message only to a name that is active on the network. If the message is sent to a username, that user must be logged on and running the Messenger service to receive the message. Also, certain Operating Systems & Service Pack Levels have a limit on the number of characters that a broadcast message can contain. You will have at least 117 characters but it varies depending on what O/S and service pack is installed. To be safe, make sure your message is less than 117 characters or perform some testing to verify the limits within your environment. This can be duplicated outside of the DameWare NT Utilities program by issuing a NET SEND command from a command prompt.

Send Message View Mini Toolbar Buttons


Send Message Stop Current View action Batch Processing Abort Batch Processing

Services View
The Services/Devices View provides you with the functionality to Start, Stop, Pause and Continue service(s) as well as modify a services Startup Properties and View Service Dependencies. DameWare NT Utilities also provides an easy to use wizard interface for both Service Installation and Service Removal. Batch Processing can be initiated from one client machine to any machine available in the Network Browser. The Services view allows the user to switch between the Services tab and the Device Drivers tab in the upper portion of the view and displays the machines included in the Batch Processing in the lower portion of the view. This lower portion of the Services view works like a queue manager of the target machines. Machines can be added to the Batch Processing using drag and drop from the Network Browser. The machines added to the Batch Processing are saved so that each time you load the Services view the machines will be listed. Batch Processing can be aborted at any time during the Batch process.

file://C:\Users\armandol\AppData\Local\Temp\~hhE18D.htm

08/03/2012

Welcome

Pgina 40 de 64

Service Group A service group is a group of similar services that are loaded together at startup. Most services that appear in the CurrentControlSet/Services subkey are part of a service group. Windows NT/2000/XP/2003/Vista loads one service group at a time. Services that are not in a group are loaded after all service groups are loaded. DameWare NT Utilities is Service Group aware. This means that as you stop a service (member of a service group) you will be prompted with a list of all dependent services and can choose if you would like all services in the service group to be stopped. DameWare NT Utilities provides a Services Batch Processing mode that will allow the following modifications to a service. Start Service Stop Service Pause Service Continue Service Remove Service This option will also allow for all dependent services to be stopped when this service is removed. Startup Type Service Installation Install DameWare NT Utilities Service Install DameWare Mini Remote Control Service

The following status codes and descriptions are available within the lower pane of the Services/Devices window view. None No Batch has been performed. Complete Okay status Error The Batch item failed. Refer to the Error field displayed in the lower portion of the Services view window. Pending The Batch item is in the queue to be scheduled on this machine. Active The Batch item is in progress on this machine.

The Default Services


The services listed below are provided with Windows NT/2000/XP/2003. In addition to these default services; other services may be listed in the Services dialog box for a computer. For example, network transports or other services that have been installed on that computer. Alerter Service Notifies selected users and computers of administrative alerts that occur on this computer. This service is used by the Server and other services and requires the Messenger service. ClipBook Server Service Supports ClipBook Viewer, which allows pages to be seen by remote ClipBooks. Computer Browser Service Maintains an up-to-date list of computers and provides the list to programs when requested. Directory Replicator Service Replicates directories and the files in those directories between computers. Event Log Service Records system, security and program events in the event logs. Messenger Service Sends and receives messages sent by administrators or by the Alerter service. Net Logon Service For Windows NT/2000/XP Workstation - supports pass-through authentication of account logons. This service is used when the workstation participates in a domain. For Windows NT/2000/2003 Server - performs authentication of account logons and keeps the domains security database synchronized between the domain controller and the other Windows NT/2000 Servers of the domain. Network DDE Service Provides a network transport as well as security for dynamic data exchange (DDE) conversations.

file://C:\Users\armandol\AppData\Local\Temp\~hhE18D.htm

08/03/2012

Welcome

Pgina 41 de 64

Network DDEDSDM Service Manages the shared DDE conversations. This service is used by the Network DDE service. DSDM stands for DDE Share Database Manager. NT LM Security Support Provider Service Provides Windows NT/2000/XP/2003 security to remote procedure call (RPC) programs that use transports other than named pipes. Remote Procedure Call (RPC) Locator Service Allows distributed programs to use the Microsoft RPC name service. This service manages the RPC name service database. The server side of a distributed program registers its availability with the RPC Locator service. The client side of a distributed program queries this service to find available compatible server programs. Remote Procedure Call (RPC) Service This service is the RPC subsystem for Microsoft Windows NT/2000/XP/2003, which provides the endpoint mapper and other miscellaneous RPC services. Schedule Service Enables the AT command which can be used to schedule commands and programs to run on a computer at a specified time and date. Server Service Provides remote procedure call, (RPC) support, as well as file, print and named pipe sharing. Spooler Service Provides print spooler services. UPS Service Manages an Uninterruptible Power Supply connected to this computer. Workstation Service Provides network connections and communications. See Also: Services Installation Wizard Services Removal Wizard

Services View Mini Toolbar Buttons


Service Properties View Service Dependencies Show Service Name Start Service Stop Service Pause Service Continue Service Restart Service Batch Processing Batch Processing - Service Install Batch Processing - Install DameWare NT Utilities Service Batch Processing - Install DameWare Mini Remote Control Service Abort Batch Processing

Install Service Wizard


DameWare NT Utilities contains a custom wizard for remote services installation from NT/2000/2003 Servers and NT/2000/XP Workstations. The service executable file can be located on the local machine or on the remote machine. DameWare NT Utilities dynamically creates drive mappings for all drives on the remote machine so the service executable can be installed from the remote machine disk(s). (Note: If the administrator is not authenticated to the remote machine, then he/she will be prompted for credentials prior to the dynamic drive mappings.) If the service executable is resident on the local drive, you can specify to copy to the system32 directory on the remote machine. DameWare NT Utilities will allow remote installation for device driver, file system driver and services in its own process services. The service security credentials and startup options can also be specified. The Remote Services Installation Wizard presents the following windows with Back, Next and Cancel buttons for easy navigation between Wizard dialog windows. Service Names (1 of 6) This dialog enables the user to enter the Machine Name, Service Name and Service Display Name. You should prefix the machine name with back-slashes (e.g. \\Enterprise or \\123.1.2.3 for an IP Address). The Service Name cannot contain forward or backward slash characters. The Service Display Name is the text that will appear in the Services window view. Note: The Machine Name is only enabled if the Service Installation Wizard was selected from the Tolls menu option. Service Executable (2 of 6) The executable for the service to be installed must be specified. DameWare NT Utilities provides a Browse button, which will allow the user to specify a Service Executable that either resides on the local machine or a Service Executable that resides on the remote machine itself. When the Browse button is selected, the user can select from any local drives or from any drives on the remote machine. Note: DameWare NT Utilities will dynamically map all of the disk drives on the remote machine. Service Type (3 of 6) DameWare NT Utilities supports three different Service Types. The Service Type is required and can only be one of the following: Service is its own process File system driver Device driver

file://C:\Users\armandol\AppData\Local\Temp\~hhE18D.htm

08/03/2012

Welcome

Pgina 42 de 64

Service Logon (4 of 6) Windows NT/2000/XP/2003 services must run under the security credentials of either a System Account or a user specified account. DameWare NT Utilities provides User account Browse functionality. The administrator can select a specific account, from the accounts on the domain or machine to be used, for which to install and run the service. Service Startup Option (5 of 6) One of the following five different choices must be specified for the Service Startup. Automatic Manual Disabled Boot System

DameWare NT Utilities also provides an option to Start the Service After Installation. Note: The Boot and System options are used for device and file system drivers only. Finish (6 of 6) This last wizard screen displays a small report of the properties specified for the installation of this service. Selecting the Finish button at this point will begin the remote service installation.

Remove Service Wizard


DameWare NT Utilities contains a custom wizard for remote services removal from NT/2000/2003 Servers and NT/2000/XP Workstations. DameWare NT Utilities allows remote services removal of any services currently installed on the remote machine, including device drivers. Service removal will also check for any service dependencies and is capable of stopping any of these dependent services. Note: Caution should be used during any services removal, particularly when removing device driver services. The Remote Services Removal Wizard presents the following windows with Back, Next and Cancel buttons for easy navigation between the different Wizard dialog windows. Machine Name (1 of 3) This dialog enables the user to enter the Machine Name. You should prefix the machine name with back-slashes (e.g. \\Enterprise or \\123.1.2.3 for an IP Address). Note: The Machine Name is only enabled if the Service Installation Wizard was selected from the Tools menu option.

Sessions View

Windows NT4/2000/XP/2003 sessions are defined as a link between two network devices such as a client and a server. A session between a client and server consists of one or more connections from the client to the server. DameWare NT Utilities provides a Session View that will allow you to view the properties of the highlighted session in the view. The session properties include Resource, number of Opens and Session connected time. The session window view will also allow for the highlighted session to be deleted. Each of the following data columns can be sorted and moved to suit your viewing needs. Client Shows the client(s) currently connected to the selected machine. User Name Represents the name of the client user that is connected to the selected machine. Time The session connect time in HH:MM:SS. Idle Time The idle time returned for the current session connection in HH:MM:SS. Opens The current number of opens that a session connection has. Guest Is the connected user a Guest on the selected machine? Transport The device used to make the connection to the selected machine. A typical connection might be using the Network Interface Card device running NetBIOS over TCP/IP and would look something like this: \Device\NetBT_E190x1. Type The session connect machine Operating System.

Sessions View Mini Toolbar Buttons


Delete Session Session Properties Connect to Client using Mini Remote Control

Shares View

DameWare NT Utilities Shares View is designed to allow for remote share creation, deletion and modification of share properties and online viewing of share sessions in use. File and folder browsing functionality is included by way of the Shares tree view. Security permissions may also be set/modified at the share level. The DameWare NT Utilities Share view provides the following mini-toolbar options. Add Share When selected, will display the Add Share dialog window. DameWare NT Utilities provides a Browse button which, when

file://C:\Users\armandol\AppData\Local\Temp\~hhE18D.htm

08/03/2012

Welcome

Pgina 43 de 64

selected, will dynamically establish a mapping to the drive on the remote machine selected for the user to select the drive/path to share. Note: The Share path must be a drive based path in reference to the machine on which you are creating the share. The share name, comment and user limits are also specified in this window. Selecting the Permissions button specifies the access through share permissions. Delete Share If any user(s) is connected to a share when Delete Share is selected, an informational dialog window will display a warning that a user is connected and that loss of data may result if you stop sharing this directory. Share Sessions When selected, will display the Share Sessions dialog window. The share information will be displayed along with a line entry for each user that has a session to this share. The Share Sessions dialog window will display the User, Computer, Connected Since, Idle Time, Open Files and Guest fields of information related to this user session. You can Refresh the view, Disconnect a user(s) session to this share or retrieve file details of the user session to the share. Share Properties When selected, displays the Share Properties dialog window. You can enable/disable the share, modify the share comment, modify the user limit and modify the permissions associated with the share. Set Default Shares When selected, creates the default administrative shares on the selected machine. These include the Administrator Share (ADMIN$), Drive Shares (C$,D$,&ldots;) and Print Share (print$). The following is a brief overview of shared resources, special shares and shared directory permissions. Shared Resource Any device, data or program that is used by more than one other device or program. For Windows NT/2000/XP/2003, shared resources refer to any resource that is made available to network users, such as directories, files, printers and named pipes. Also refers to a resource on a server that is available to network users. Controlling Access to Files and Folders On NTFS volumes, you can set permissions on files and folders that specify which groups and users have access to them and what level of access is permitted. NTFS file and folder permissions apply both to users working at the computer where the file is stored and to users accessing the file over the network when the file is in a shared folder. With NTFS, you can also set share permissions, which operate on shared folders in combination with file and folder permissions. With FAT volumes, you cannot set permissions on the individual files and folders. The only security you can set on FAT volumes is share permissions. Once a folder is shared, you can protect the shared folder by specifying one set of share permissions that applies to users for all files and subfolders of the shared folder. Share permissions are set in very much the same way as file and folder permissions are set in NTFS. But because share permissions apply globally to all files and folders in the share, they are significantly less versatile than the file and folder permissions used for NTFS volumes. Share permissions apply equally to NTFS and FAT volumes. Windows NT/2000/XP/2003, not the individual file system, enforces them. Special Shares A computers shared resources include those resources (such as directories) that have been shared by a user or an administrator plus any special shares that may have been created by the system. Depending on the configuration of the computer being administered, some or all of the following special shares may appear when Windows NT/2000/XP/2003 presents a list of the computers shared resources. These shares are created by the system. In most cases, these special shares should not be deleted or modified. The following is a list of special shares. Driveletter$ Represents a share which allows administrative personnel to connect to the root directory of a storage device. Shown as A$, B$, C$, D$ and so on. For example, D$ is a share name by which drive D might be accessed by an administrator over the network. For a Windows NT/2000/XP/2003 Workstation computer, only members of the Administrators and Backup Operators can connect to these shares. For a Windows NT/2000/2003 Server computer, members of the Server Operators group can also connect to these shares. ADMIN$ Represents a resource used by the system during remote administration of a computer. The path of this resource is always the path to the Windows NT/2000/XP/2003 system root (the directory in which Windows NT/2000/XP/2003 is installed. For example: C:\Winnt). For a Windows NT/2000/XP Workstation computer, only members of the Administrators and Backup Operators can connect to this share. For a Windows NT/2000/2003 Server computer, members of the Server Operators group can also connect to this share. IPC$ Represents a resource sharing the named pipes that are essential for communication between programs. Used during remote administration of a computer and when viewing a computers shared resources. PRINT$ Represents a resource used during remote administration of printers. REPL$ A resource created by the system when a Windows NT/2000/2003 Server computer is configured as a replication export server. It is required for export replication. This resource is only provided for Windows NT/2000/2003 Server computers, which are configured as replication export servers. It is not provided for Windows NT/2000/XP Workstation computers. NETLOGON A resource used by the Net Logon service of a Windows NT/2000/2003 Server computer while processing domain logon requests. This resource is only provided for Windows NT/2000/2003 Server computers. It is not provided for Windows NT/2000/XP Workstation computers. Shared Directory Permissions You can set the following permissions for files and directories through a shared directory. No Access (None) Prevents access to the shared directory, its subdirectories and its files. Read Allows viewing filenames and subdirectory names, changing to the subdirectories of the shared directory, viewing data in files and running application files. Change Allows viewing filenames and subdirectory names, changing to the subdirectories of the shared directory, viewing data in files, running application files, adding files and subdirectories to the shared directory, changing data in files and deleting subdirectories and files. Full Control Allows viewing filenames and subdirectory names, changing to the subdirectories of the shared directory, viewing data in files, running application files, adding files and subdirectories to the shared directory, changing data in files, deleting subdirectories and files, changing permissions (NTFS files and directories only) and taking ownership (NTFS files and directories only).

Shares View Mini Toolbar Buttons


Add Share Delete Share Share Sessions Share Properties Set default Properties

Shutdown View

file://C:\Users\armandol\AppData\Local\Temp\~hhE18D.htm

08/03/2012

Welcome

Pgina 44 de 64

The DameWare NT Utilities Shutdown View interface provides you with total management of Shutdown, Logoff and Power Off functionality of Windows NT/2000/XP/2003 machines. Shutdown can be initiated from one client machine via Batch Processing to any machine available in the Network Browser. The upper area of the view provides a real time status of the system, logged on user(s) and any applications that are running on the machine. The lower portion of the Shutdown view displays the machines included in Batch Processing. This lower portion of the Shutdown view works like a queue manager of the target machines. Machines can be added to the Batch Processing using drag and drop from the Network Browser. The machines added to the Batch Processing are saved so that each time you load the Shutdown view the machines will be listed. You can abort Batch Processing shutdowns any time during the process and any shutdowns not yet executed will be cancelled. DameWare NT Utilities makes use of many different icons to help provide visual feedback to the user as to the status of Batch Processing on both local and remote machines. Each of the columns contained in the lower portion of the Shutdown view, support column sorting and column ordering. The lower portion of the Schedule view lists the Machine, Action, Status, Machine Type and Error columns. The Error column will show the error code and error descriptions when an error condition has occurred. The following options are available from the mini-toolbar located at the bottom of the Shutdown view. Shutdown Opens the System Shutdown dialog window for the selected machine. Many configurable options are available including Force Application Termination, Reboot after Shutdown, Time to Shutdown Countdown and Message Text (127 characters maximum) Logoff Opens the User Logoff dialog window for the selected machine. Many configurable options are available including Force Application Termination, Allow User to Abort, Time to Logoff Countdown and Message Text (255 characters maximum). Power Off Opens the Power Off dialog window for the selected machine. Many configurable options are available including Force Application Termination, Allow User to Abort, Time to Power Off Countdown and Message Text (255 characters maximum). Batch Processing When selected, displays the Batch Logoff/Power Off/Shutdown dialog window. The total number of selected machines included in this Batch is displayed at the top of the window. The options including Force Application Termination, Allow User to Abort, Time to Countdown and Message Text can be specified. Once a Batch Logoff/Power Off/Shutdown has been submitted, the machine icons (Shutdown, Logoff and Power Off) of the machines in the list will change according to the status of the Batch process submitted to the individual machine(s). Note: See the table below for an explanation of the icon status. Shutdown Properties Displays the property sheet where the Back Color and Font can be configured. Stops the current view action. Abort the current Batch process When selected, will cancel the Batch process to any machine(s) that has/have not already completed the request. The following status codes and descriptions are available from within the lower pane of the Shutdown view. Shutdown None No Shutdowns have been performed. Complete Okay status Error The Batch Shutdown failed. Refer to the Error field displayed in the lower portion of the Shutdown view window. Pending The Batch Shutdown is in the queue to be scheduled on this machine. Active The Batch Shutdown is in progress on this machine. Logoff None No Logoffs have been performed. Complete Okay status Error The Batch Logoff failed. Refer to the Error field displayed in the lower portion of the Shutdown view window. Pending The Batch Logoff is in the queue to be scheduled on this machine. Active The Batch Logoff is in progress on this machine. Power off None No Power Offs have been performed. Complete Okay status Error The Batch Power Off failed. Refer to the Error field displayed in the lower portion of the Shutdown view window. Pending The Batch Power Off is in the queue to be scheduled on this machine. Active The Batch Power Off is in progress on this machine. The DameWare NT Utilities Shutdown view presents separate tabbed dialog windows for each of the Shutdown Batch options. The Shutdown, Logoff and Power Off Batch options have several configurable properties that can be selected, including: Reboot after Shutdown Valid only for the Shutdown option. It instructs the routine whether to reboot the target machine after the shutdown command is executed. Force Application Termination Valid for all options. When selected specifies whether to force applications running on the target machine(s) to be closed before the shutdown of the target machine. Time to Shutdown Countdown Valid for all options. Specifies the delay in seconds before the Batch process is actually initiated. Allow User to Abort Valid for Logoff and Power Off options only. Will present a dialog box on the target machine where the user can Abort the process. Install Service if not Installed Valid for Logoff and Power Off options only. Dynamically installs the DameWare NT Utilities service on the target machine allowing the process to be completed. Message Text Valid for all options. The message text is presented in a dialog window to the target machine(s). The maximum number of characters allowed is 117 for Shutdown and 255 for Logoff and Power Off. Notes: Logoff When the machine specified to receive the Logoff command is running the Windows NT/2000/XP/2003 Active Desktop, the Logoff will close the desktop but may not close the user connections. Power Off When the machine specified to receive the Power Off command does not support Power Off features, a reboot will result. The Power Off feature is only supported on hardware that supports auto-power off. As a general rule, if the machine does not power

down automatically when you &rsquor;Shut Down the computer manually, this option will not work. Test this option before relying on its behavior as it is very dependent on the hardware. (Generally, if the hardware does not support it, the machine will reboot instead of powering down.) The DameWare NT Utilities Shutdown window view uses Windows NT/2000/XP/2003 security for authentication to the target machine to shut down and will allow the time (in seconds) of delay to be specified before the event is fired.

file://C:\Users\armandol\AppData\Local\Temp\~hhE18D.htm

08/03/2012

Welcome

Pgina 45 de 64

The DameWare NT Utilities Shutdown process will not successfully execute against Windows 9x clients.

Shutdown View Mini Toolbar Buttons


Shutdown Logoff Power Off Batch Processing Shutdown Properties Stop Current View action Abort

System Tools View


The DameWare NT Utilities System Tools option from the Network Browser expands to a maximum of sixteen user-defined tools. Any modifications made to the system tools from the properties will be dynamically reflected from the System Tools option in the Network Browser. These system tools options are those from the client machine running DameWare NT Utilities and are therefore the same for any machines selected. The System Tools in DameWare NT Utilities supports the following macros: %Machine%, %Domain% and %IP% (IP address). The items in DNTUs System Tools menu are merely samples to let you know you can run third party applications from within DNTU's interface. These third party applications have nothing to do with DNTU and they are not part of the DNTU program (For Example: calc.exe, notepad.exe, paint.exe, etc...). You can customize what appears on your System Tools menu and the System Tools view and even the parameters that are passed. Simply click on the EyeGlasses Icon in the toolbar and then select the System Tools tab. For example, let say you wanted to run the standard Calculator, but you did not want to do it via the O/S menus. You could add an entry in DNTU's System Tools tab to run calc.exe. However, just because you add it to the System Tools menu, does not imply that you can run it against the selected remote machine. If calc.exe does not accept %machine% as a parameter, then it will just "give you info on your own PC". This is a function of the EXE itself, not DNTU.

TCP Utilities View


The TCP/IP utilities provide diagnostic and connectivity tools for connecting to other systems, network administration and troubleshooting. DameWare NT Utilities provides a single window view where numerous TCP/IP utility commands can be performed in a MDI client window. The following options are available for selection from the tab options located in the middle of the TCP/IP window. Trace Route This diagnostic utility determines the route taken to a destination by sending Internet Control Message Protocol (ICMP) echo packets with varying Time-To-Live (TTL) values to the destination. Each router along the path is required to decrement the TTL on a packet by at least 1 before forwarding it so the TTL is effectively a hop count. When the TTL on a packet reaches 0, the router is supposed to send back an ICMP Time Exceeded message to the source system. Trace Route determines the route by sending the first echo packet with a TTL of 1and incrementing the TTL by 1 on each subsequent transmission until the target responds or the maximum TTL is reached. The route is determined by examining the ICMP Time Exceeded messages sent back by intermediate routers. Notice that some routers silently drop packets with expired Time-To-Live (TTL)s and will be invisible to Trace Route. Ping Verifies connections to a remote computer or computers. This command is available only if the TCP/IP protocol has been installed. MX Test Used to perform a lookup for the MX (mail exchange) resource record for the specified domain. DNS Lookup This diagnostic tool displays information from Domain Name System (DNS) name servers. Before using this tool you should be familiar with how DNS works. DNS Lookup is available for DNS Lookup from within the TCP/IP tools window view of DameWare NT Utilities. A The

&rsquor;A (address) resource record maps a host (computer or other network device) name to an IP address in a DNS zone.

NS The name server resource record which identifies the DNS server or servers for the DNS domain. NS resource records appear in all DNS zones and reverse zones (those in the in-addr.arpa DNS domain). CNAME The host name portion of a URL may actually be an alias and is also referred to as a canonical name. In the address, http://www.microsoft.com, www is an alias commonly used for World Wide Web servers, Microsoft is the domain name and .com indicates the commercial branch of the DNS hierarchy of names for the Internet. The CNAME resource record is used to establish an alias name in DNS server zone files. CNAMEs are frequently used in conjunction with Web, FTP and Gopher servers and when a host name is changed. The use of CNAMEs is accepted on the Internet for generalized names for servers such as www to indicate a Web server. However, other uses of the CNAME records can create problems for DNS name resolution throughout the Internet. RFC 1912, which describes common errors in the creation of DNS resource records, states: which point to other names like MX, CNAME, PTR and NS.

&rsquor;Dont use CNAMEs in combination with RRs (that is, resource records) &rsquor;

Resolve When selected resolves the Machine or IP entered to the corresponding Host Name and IP address.

TCP Utilities View Mini Toolbar Buttons


Run Selected TCP Test Stop Current View action TCP View Properties

Terminal Server View

file://C:\Users\armandol\AppData\Local\Temp\~hhE18D.htm

08/03/2012

Welcome

Pgina 46 de 64

The DameWare NT Utilities Terminal Server option from the Network Browser expands with two selections. The Terminal Server View provides complete functionality to manage the administration of Windows Terminal Server users, sessions, processes and other information including Terminal Server Shutdown. The selection of the Terminal Server Client option will launch a user session to the Windows Terminal Server selected in the Network Browser window. Note: The Terminal Server Client must be installed on the local machine prior to launch of a user session. When executed, DNTU will attempt to run the client installation program if the client has not been previously installed. The Terminal Server View displays two panes. The left pane displays a list of servers and sessions. The right pane contains several buttons that you can use to display information about the users, sessions and processes listed in the left pane. The Windows Terminal Server, when selected, displays four option buttons for displaying Users, Sessions, Processes and Information about the current running Windows Terminal Server. The users option will display the User, Sessions, ID, State, Logon Time and Last Logoff columns. The Sessions option will display the Session, User, ID, State, Client Name, Logon Time and Last Logoff columns. The Processes option will display the User, Session, ID, PID and Image columns. The Information option will display the server Build, Installation Date, Service Pack level, Hotfix, Installed By, Installed On, Description and Comments information. The disconnected/connected and console sessions present, in the right pane of the Terminal Server View, two option buttons for displaying Processes and Information about the selected session. When selected, the Processes option will display columns for Image, ID and PID. The Information option, when selected, will display User Name, Client Name, Client Build Number, Client Directory, Client Product ID, Client Hardware ID, Client Address, Client Color Depth and Client Resolution. The following options are available from the mini-toolbar located at the bottom of the Terminal Server view. Send Message Sends a message to another user. Messages can only be sent to users whose sessions are currently active. Terminate Process Terminates the selected processes. Select the processes you want to terminate from the Processes tabs in the session, server or domain view of the window. Logoff Logs off a user from an active session on Terminal Server. Be aware that logging off a user from Terminal Server without warning can result in loss of data at the client. You cannot log off a user from the console. Disconnect Disconnect the selected session. Shutdown Terminal Server Shutdown provides two shutdown options - Logoff and Fast Reboot. The Logoff option logs off all current connections and the Fast Reboot option will reboot the server. Refresh Refresh the current view.

Users View
The DameWare NT Utilities Users window view provides for centralized remote management of creating user(s) and also allows multiselect copying, deleting and renaming functionality. Microsoft Exchange User properties and Windows Terminal Server User properties are dynamically accessible through the Users view window. Users can be copied to both machines and domains including the existing user password. DameWare NT Utilities supports drag and drop of users when adding or removing from groups. Drag and drop of Users to machines and domains in the Network Browser is also available including the existing User(s) passwords. Note: When using the Copy To option, you may select to keep the existing password, set the password to the same as the UserID, leave the password blank or specify a password to use. DameWare NT Utilities provides a robust interface through the Users window view for all aspects of remote user management. DameWare NT Utilities has been designed to allow multiple user additions from a single window view. This useful feature is ideal for establishing sets of users for training classes, server migration, contract employee setup, etc. The New Multiple option allows multiple new users to be added with several configurable options including: Name and password schema(s) Group membership User profile information including logon script names and home directory options Hours during the day that the user(s) is/are allowed logon access Remote Access Administration options including call back and dial in permissions Account expiration and account type Workstation log in privileges User account security management including Account Policy, User Rights and Audit Policy can be managed through this Users window view. Administration of user accounts can be performed for the highlighted user account by selecting the properties option. Once the properties option is selected, DameWare NT Utilities will dynamically determine the role that the selected machine is playing in the network and will then display the appropriate user options in the tabbed dialog window presented. User Manage user property information like name, comments and password here. This is also where password expiration and accountdisabled properties can be set. The password Age and password Last Changed date are displayed in the lower right hand portion of this dialog. Group User group membership and primary group properties can be set. Profile # User profile paths, login script and home directory properties can be set in this option. Terminal Server Home Directory properties can also be set here. Configuration # User options for Windows Terminal Server Hours* Valid user access times can be set in this option by hour and day of the week. Workstations* User workstation login properties are specified in this option. Account* Set user account expiration and account type. Dialin User dial in privileges are set in this option as well as call back options. Notes: * These options are only available for Windows NT/2000/2003 server/domain controller machines. # Only available for NT Server(s) running Windows Terminal Server.

Macros supported: %USERNAME%, %USERFULLNAME%. When adding multiple new users you can specify ANSI C or UNIX C sprintf functions format specifications. For example: change TestUser%d to TestUser%03d would give you resulting user accounts of

file://C:\Users\armandol\AppData\Local\Temp\~hhE18D.htm

08/03/2012

Welcome

Pgina 47 de 64

TestUser001, TestUser002, etc. Creating new users home directories and appropriate security. The following examples will illustrate this functionality.

&rsquor;users already exists and is shared.

When drive letter E: is entered and the path entered is \\server\users\%USERNAME% - this will work as long as the folder

When drive letter E: is entered and the path entered is \\server\c$\%USERNAME% - this will create the folder to the c:\root drive, such as c:\jdoe When drive letter E: is entered and the path entered is \\server\c$\users\%USERNAME% - this will also create the folder on the server c: drive, as in c:\users\jdoe, however the folder &rsquor;users must already exist. The following is a brief summary of the Windows NT/2000/XP/2003 Security policies. Account Policy The Account Policy controls how passwords must be used by all user accounts. It defines things such as the maximum password age, minimum password age, minimum password length, whether a password history is maintained and whether users must log on before changing their passwords. It also determines lockouts. If locking out is enabled, then a user account cannot log on after a number of failed attempts to log on to that account within a specified time limit between failed attempts. Lockout can also occur from attempting to change the password using an incorrect password for the old password. A locked account remains locked until an administrator unlocks it or a specified amount of time passes. The Account Policy also determines whether or not a remote user is forcibly disconnected from a domain when that users logon hours expire. Note: Failed password attempts against workstations or member servers that have been locked using Ctrl+Alt+Delete or password protected screen savers, do not count against account lockout settings entered in User Manager for Domains. User Rights Policy The User Rights Policy manages the rights granted to groups and user accounts. A right authorizes a user to perform certain actions on the system. A user who logs on to an account to which the appropriate right have been granted can carry out the corresponding actions. When a user does not have appropriate rights, attempts to carry out those actions are blocked by the system. User rights apply to the system as a whole and are different from permissions, which apply to specific objects. The rights granted to a group are provided to the members of that group. In most situations, the easiest way to provide rights to a user is to add that users account to one of the built-in groups that already possesses the needed rights rather than by administering the User Rights Policy. The DameWare NT Utilities User Rights window view will allow selection to show the Standard User Rights, Advanced User Rights or All User Rights. Once selected, the value will be saved when the User Rights window view is entered again. Audit Policy You can track selected user activities by auditing security events and storing the data in a security log. Your Audit Policy specifies the types of security events to be logged. These types can range from system-wide events (such as a user logging on) to specific events (such as a user attempting to read a particular file). They can include successful events, unsuccessful events or both. When you administer domains, the Audit Policy affects the security logs of all domain controllers. When you administer a computer that is not a domain controller, the Audit Policy affects the security log of only that computer (running Windows NT/2000/XP Workstation or Windows NT/2000/2003 Server). You can use Event Viewer to review events in a security log, the local machine.

Users View Mini Toolbar Buttons


Add New User Add New User Multi Copy User Delete User Rename User Display User Logon/Logoff information User Properties Enable/Disable Active Directory properties support Enable/Disable Terminal Services properties support Exchange Properties (Exchange 5.5 only) Add selected user to Exchange (Exhange 5.5 only) Enable/Disable Exhange Support (Exchange 5.5 only) User Account Policy User Rights Policy Audit Policy Show / Hide Locked Out Accounts

Copying users to another machine


DNTU no longer support the transfer of passwords from one machine to another when copying users. Ever since Microsoft introduced the SysKey hotfix (128-bit encryption, somewhere around NT SP4) the password is no longer easily accessible. An alternative method would be to set the password the same as UserID and have the user change their password during the next logon.

file://C:\Users\armandol\AppData\Local\Temp\~hhE18D.htm

08/03/2012

Welcome

Pgina 48 de 64

Here is what Microsoft has to say about SysKey: What's Syskey? Syskey is a feature first introduced in Windows NT 4.0 (and provided as part of Windows 2000) that makes it more difficult for an attacker to compromise passwords on a Windows NT machine. In Windows NT and Windows 2000, passwords are stored in the Security Account Manager (SAM) database. The password values themselves aren't stored in the SAM - instead, the hashed values of the passwords are stored there. If an attacker could obtain a copy of the SAM through some means, he could conduct a brute-force attack, in which he would generate the hash of every possible password and compare each to the hashes in the SAM database. When he found a match, he would know the password for the account. Syskey thwarts this attack by encrypting the SAM database using strong encryption. Even if an attacker did manage to obtain a copy of the Syskey-protected SAM, he would first need to conduct a brute-force attack to determine the Syskey, then conduct a brute-force attack against the hashes themselves. This dramatically increases the work factor associated with the attack, to the point where it's considered to be computationally infeasible. What's EFS? The Encrypting File System (EFS) is a feature in Windows 2000 that provides cryptographic protection for files on the machine. EFS was designed to thwart an attack in which an attacker who has physical control of a Windows 2000 machine would boot the stolen machine using an operating system that doesn't respect the Windows 2000 access controls, then copy the files. EFS blocks this attack by encrypting user-specified files. If an attacker stole these encrypted files, he would need to conduct a separate brute-force cryptographic attack against each file in order to read its contents. A feature of EFS that plays a central role in the discussion here is the EFS Recovery Agent. A Recovery Agent is a user who is authorized to decrypt files belonging to other users. The chief use of this feature is to allow files to be decrypted in the event that the original owner loses the key. Whenever a file is encrypted by EFS, EFS also creates a copy of the key that is accessible by the Recovery Agent. By default, administrators are Recovery Agents - the local administrator in the case of a local user, and the domain administrator in the case of a domain user. However, the list of Recovery Agents can be customized via security policy. You can also refer to the following Microsoft Knowledge Base article for more information: Windows NT System Key Permits Strong Encryption of the SAM http://support.microsoft.com/default.aspx?scid=KB;EN-US;Q143475&

Wake-on-LAN View

to awaken individually. To request a Batch &rsquor;wake up call, highlight the machines to awaken in the upper pane and select the Wake Batch&ldots; option from the Wake On LAN menu item. The user can choose to Ping after wake. Note: The results will be returned to the bottom pane in the window view. DameWare NT Utilities Wake On LAN (WOL) uses the Magic Packet technology designed by AMD. Magic Packet requires the knowledge of the host Media Access Control (MAC) address. To help compile a list of MAC addresses, we have implemented the function &rsquor;Discover which discovers the local subnet addresses. This function does not distinguish between printers and routers from workstations. Since any host beyond the local area does not appear in the local machines Address Resolution Protocol (ARP) cache, the Discover function can only create a list of hosts in a local network. Working in conjunction with other network management applications allows this utility to obtain a table of IP and Ethernet addresses from these applications. The System Administrator should review the contents of the file to ensure proper format. To aid in discovering other subnets, you can utilize the console application, DWMacDis.exe, which is located in the installation folder of DNTU. You can either physically visit each subnet to discover the MAC addresses or you can use DNTUs Remote Command or Remote Control-- copy the DWMacDis.exe to a machine on the specific subnet and then remotely run DWMacDis.exe. Then copy the output file back to the local machine. The Wake On LAN function can be invoked by selecting the Wake On LAN item from the Tools Menu. The user is then presented with the following options.

The DameWare NT Utilities Wake On LAN View has two separate panes. The upper pane will contain information on the selected machines

file://C:\Users\armandol\AppData\Local\Temp\~hhE18D.htm

08/03/2012

Welcome

Pgina 49 de 64

Wake Single&ldots; Upon selection, displays a dialog box allowing the user to enter the IP Address or Host Name to be wakened, Destination MAC Address and the Port and No. of Packets. Wake Batch&ldots; Upon selection, displays a dialog box allowing the user to enable/disable the Ping after Wake function for the selected machines to be wakened. Discover&ldots; Upon selection of this function, DameWare NT Utilities executes the retrieval of all MAC addresses of the machines on the local subnet and returns those addresses to the file. The user will be given the choice to check or uncheck the &rsquor;Add to current list. Option. When unchecked and upon selection of the Discover button, a Save As dialog box will appear prompting the user to indicate where the file is be to saved. The &rsquor;Update duplicates option in the Discover dialog box will instruct the process to update all duplicate machines. Add&ldots; Adds a machine to the current list. When selected, displays a dialog box in which the user may enter the IP Address or Host Name and MAC address of the machine to be added. The Lookup MAC option is available from here, however it will look up MAC addresses of machines on the local subnet only. Delete Deletes selected entry or entries from the current list. Properties&ldots; Upon selection, displays a dialog in which the user may view and/or edit the selected entrys properties. The following is the format of the list file that is created by this utility. #IP ADDRESS 139.95.26.1 139.95.26.8 HOST NAME ETHERNET ADDRESS 00-80-5f-88-56-0a

domainname.domain.com 08-00-20-73-43-4f #Comment cc1.domain.com

The default extension for the list file is .dwmp. (This Utilities WOL).

&rsquor;Wake On LAN list.dwmp file is dynamically created by DameWare NT

Note: The IP Broadcast Address is used to send a Magic Packet to one host on the network. The default destination IP Broadcast Address

is: 255.255.255.255 . This is the &rsquor;limited broadcast and the user may have to indicate a more specific broadcast address. For example: 192.192.110.255 to reach all machines on the 192.192.110.x subnet. A default Ethernet address is shown to let the user know the format of the address. For the program to correctly generate a Magic Packet, the Ethernet address must be specified.

Wake-On-Lan View Mini Toolbar Buttons


Open existing document Save active document Save active document as another name Discover Hosts on Lan Add Host Entry Delete selected Host Selected Host Properties WOL single machine WOL batch processing Stop Current View action

General Tab

file://C:\Users\armandol\AppData\Local\Temp\~hhE18D.htm

08/03/2012

Welcome

Pgina 50 de 64

The General Properties Tab allows you to Show the Date and Time in the bottom of the main program frame, select Large Tool Bar icons (default is small toolbar icons) and Save the Main Window Position. The Reset All button will restore all application property settings to the default value(s). Logon Options are available to: Close all connections on exit. Close any current connections to the remote machine. Remember Security Credentials - A Reset button is available that will remove all saved logon credentials.

The Multiple Document Interface View windows offer the following options: Display Grid Displays a grid around all fields in the view. Enables highlighting of the entire row selected.

Full Row Select

Hot-Track Selection Enables a mouse-over highlight on the field. One Click Activate Enables a mouse-over highlight on the field and executes the properties for the selected field. Underline Hot-Track Underlines the field(s) selected. Note: This option can only be used in conjunction with the One Click Activate. Add Icon to System Tray Adds the DameWare NT Utilities icon to the system tray and will dynamically change when busy. Minimize to System Tray This option, when selected, will minimize the application to the tray and make it hidden in the task list.

Two additional features DameWare NT Utilities provides are dynamic column position movement and column sorting. Column position As you select a column, you can drag it left or right to reposition that particular column across the window view. The target position will be saved and will be in the same location the next time you access that particular window view again. Column sorting Each window view in DameWare NT Utilities includes the functionality to sort each individual column by simply clicking on the column you wish to sort. The column that is currently sorted will illustrate this by displaying an arrow graphic that shows the direction the sort will take on the selected column when the column heading is clicked again. It acts as a toggle, if the arrow is pointed down (current sort order is descending - last to first. The next click on that column will reverse the sort order to ascending - first to last.

The use of XP Styes will allows us to change the "look & feel" of the dialogs within the NT Utilities interface, to more of a Windows XP Look and Feel. Limit to one instance means that you can only have one instance of the NT Utilities program open at any one time. Without this setting enabled, you can open as many windows as you like, the only limit to the number of instances would be the amount of free resources on your local machine. The Tabbed MDI fram is a feature new to version 5.0 and above. A "Tabbed" MDI frame means each time you open a view, you get another Tab in the MDI pane (see below). There will also be arrows for scrolling through the tabbed views (similar to an Excel spreadsheet with multiple worksheets -Sheet1 / Sheet2 / Sheet3 ), but they will only be enabled when you open more tabs than can be listed in a single line simultaneously

Network Browser Tab

file://C:\Users\armandol\AppData\Local\Temp\~hhE18D.htm

08/03/2012

Welcome

Pgina 51 de 64

The network browser tab allows you to customize many options including: Disable Microsoft Windows Network Support Disables "old-style" NetBios Windows Network functionality within the software. Expand Network Root Shows all of the domains in the network when DameWare NT Utilities is loaded. Tool Tips Upon selection, displays tool tips in the browser pane. (Note: Tool tips will be enabled or disabled by this selection in all views containing tree views.) Expand Favorites Root Shows all Domains listed in the Favorite Domains root when DameWare NT Utilities is loaded. Show Computer Comments Shows the Comments (Computer Description) information obtained from the remote machine behind the HostName / IP-Address in DNTUs Tree View. Expand Favorite Machines Root Shows all machines specified in the Favorite Machines root when DameWare NT Utilities is loaded. Convert IP-Addresses Displays the HostName of the remote machine instead of the IP-Address in DNTUs Tree View. Expand by Default Allows you to select either the Member Domain or the Logon Domain to automatically be expanded when DNTU is loaded. Use this Machine for Domain/Machine Enumeration Option allows you to specify a machine anywhere on the network to be used for retrieving the list of machines (MS Windows Network Browser). Update Favorite Machines Icons Will automatically attempt to enumerate (contact) each machine in your Favorite Machines list to obtain information about the machine (O/S, Version, Tool Tips, etc&ldots;). Allow Logon on Anonymous Failure DNTU attempts to contact these remote machines by asking the O/S to make a "null" connection to the remote machine. However, there are O/S configuration settings & Policy Settings that will not allow this type of connection. When this Option is enabled, DNTU will then look for any Saved Credentials and attempt the connection again using those saved credentials. Enable Optional Ping DNTU attempts to contact it's remote machines using "old-style" network API calls. Unfortunately, if for some reason a machine cannot be contacted (i.e. port restrictions, firewalls, etc..), then that network thread must time out before continuing on to the next machine. (File & Printer Sharing is also required in order to contact the remote machine and for the icon to change color). However, by enabling the "Enable Ping Options" setting, this will tell DNTU to attempt to PING (ICMP Echo) the remote machine first. If PING fails, then DNTU will not enumerate this machine at this time, therefore, it does not have to wait for any type of network timeout before moving to the next machine.

TCPIP Tab

file://C:\Users\armandol\AppData\Local\Temp\~hhE18D.htm

08/03/2012

Welcome

Pgina 52 de 64

The Back Color and Font used within the TCP/IP window view can be changed for the users preferences.

Event Log Tab

Monitor Log (Local Machine Only) The Monitor Log option provides for a dynamic update of the selected event log as the event messages are generated on the selected local machine. Note: The Monitor Log functionality is available for local machines only. The Maximum Entries to Read allows you to specify the maximum number of Event Log entries that will be read. This is especially advantageous in low bandwidth connection environments where the administrator may only be interested in the last few entries in the Event Log list. By setting a limit at this point, the administrator would not have to wait for all events to be read and displayed in the Event Log window view. Use local Event Log library to improve speed

When enabled, this causes only the Event ID from the remote machines Log File to be sent over the connection instead of all the text associated with it as well. If you disable this feature, the Event ID as well as all the text for each Event Log entry will be send back to your local machine, but this could however decrease performance as well. Active Directory Tab

file://C:\Users\armandol\AppData\Local\Temp\~hhE18D.htm

08/03/2012

Welcome

Pgina 53 de 64

Disable Active Directory Support Enabled / Disabled DameWare NT Utilities Active Directory support. View Advanced Features Enable / Disable viewing of Active Directory Advanced Features. Please note: Changes made to this feature require a refresh before they will take effect. Add computer options for site root Enable / Disable DameWare NT Utilities Windows Views (i.e. DiskDrives, Event Log, etc...) within DNTU's Active Directory site root. Please note: Changes made to this feature require a refresh before they will take effect. Enable Computer Options in Views Adds the "Computer" menu option to the right-click shell context menu, for machines listed under Active Directory. Expand AD Root Automatically expands the Active Directory Root within DameWare NT Utilities browser when enabled. Please note: Changes made to this feature require a refresh before they will take effect. Expand this AD Site Automatically expands the selected Active Directory Site. Please note: Changes made to this feature require a refresh before they will take effect. Expand Active Directory Computers Automatically expands the Active Directory Computers folder when DameWare NT Utilities is launched. Please note: Changes made to this feature require a refresh before they will take effect. Expand Active Directory Quick OUs Automatically expands the Active Directory Quick OUs folder when DameWare NT Utilities is launched. Please note: Changes made to this feature require a refresh before they will take effect. Expand Active Directory Users & Computers Automatically expands the Active Directory Users & Computers folder when DameWare NT Utilities is launched. Please note: Changes made to this feature require a refresh before they will take effect. Maximum number of items displayed per folder Allows you to filter how many records will be displayed in DNTUs Active Directory Object Views. Default = 0 (no limit). Create AD User Home Directory Automatically creates the selected user's Home Directory. Please Note: This option does not set Permissions on the Home Directory. Set AD User Directory Security Sets the security permissions for the selected user's Home Directory, "Full Control" for selected user only.

file://C:\Users\armandol\AppData\Local\Temp\~hhE18D.htm

08/03/2012

Welcome

Pgina 54 de 64

Choose Columns Customize which columns are visible within DNTU's Active Directory object views.

Disk Drives Tab

Remote Control Tab

Attempt to Connect When a Remote Control session is initiated from within DNTU, DNTU will launch the Mini Remote Control program and automatically pass in the HostName or IP-Address of this machine as a parameter. If "Attempt to connect" is also enabled, then the Mini Remote Control program will automatically attempt to connect to this remote machine, instead of just displaying the Remote Connect dialog box (requires you to to press Enter to connect). Connect only if found in Host List Only connect if a Saved Host Entry already exists for this specific machine within the Mini Remote Control program. If no Saved Host Entry is found, then the Remote Connect dialog will simply be opened with the (Temporary) entry that was created for this Host. Reuse any MRC window that is not busy Instead of opening another a new instance of the Mini Remote Control program each time its launched from DNTU, this setting will attempt to use any existing window (not current at a prompt, dialog, etc&ldots;) first. If an existing window cannot be used, and new instance will be opened. RDP Settings

file://C:\Users\armandol\AppData\Local\Temp\~hhE18D.htm

08/03/2012

Welcome

Pgina 55 de 64

Allows you to configure default RDP settings to use if an RDP connection (instead of a MRC connection) is initiated to the remote machine.

Threads Tab

Many of the DameWare NT Utilities functions are multi-threaded. The individual Threads can be configured within this tabbed dialog.
The Thread Priority options are listed below from the fastest to the slowest: Time Critical Highest Above Normal Normal Below Normal (default) Lowest Idle

System Tools Tab

An additional feature of DameWare NT Utilities is a centralized interface to launch many of the common NT utilities that are used by

file://C:\Users\armandol\AppData\Local\Temp\~hhE18D.htm

08/03/2012

Welcome

Pgina 56 de 64

administrators. This tab presents the Menu Contents dialog from which you can choose from the following options. Create a New menu Edit an existing menu Move a menu option down Move a menu option up Delete a menu option Each menu option can be configured with command line parameters, arguments and the initial directory to begin execution. In addition to any of the pre-defined Windows macros, two additional macros are available - %Machine%, %Domain% and %IP%. You can also specify line separators by creating a new menu option and entering &rsquor;Separator. Control key macros can also be used to specify keystroke sequence - e.g. &Performance Monitor, for Performance Monitor. Also, keep in mind that DNTU's System Tools menu are merely samples (templates) to let you know you can run third party applications from within DNTU's interface. These third party applications have nothing to do with DNTU and they are not part of the DNTU program (For Example: calc.exe, notepad.exe, paint.exe, etc...). For example, let say you wanted to run the standard Calculator, but you did not want to do it via the O/S menus. You could add an entry in DNTU's System Tools tab to run calc.exe. However, just because you add it to the System Tools menu, does not imply that you can run it (remotely) against the selected remote machine. If calc.exe does not accept %machine% as a parameter, then it will just "give you info on your own PC". This is a function of the EXE itself, not DNTU.

Users Tab

Create User Profile Path Directory Automatically creates the user's "profile path" directory (if specified). Please note: This does not create any permissions on that directory. Create User Home Directory Automatically creates the selected user's Home Directory. Please Note: This option does not set Permissions on the Home Directory. Set User Directory Security Sets the security permissions for the selected user's Home Directory, "Full Control" for selected user only.

Shutdown Tab

file://C:\Users\armandol\AppData\Local\Temp\~hhE18D.htm

08/03/2012

Welcome

Pgina 57 de 64

The Back Color and Font used within the Shutdown window view can be changed for the users preferences. Refresh Interval Determines the length of time before refreshing the information displayed in the Shutdown View Font Define Font sytle and color to use on the Shutdown View.

Remote CMD Tab

The Remote Command window view can be configured to remember previously executed remote commands in a history list. (The default is 30.) The Back Color and Font used within the Remote Command window view can be changed for the users preferences.

RAS Tab

file://C:\Users\armandol\AppData\Local\Temp\~hhE18D.htm

08/03/2012

Welcome

Pgina 58 de 64

The refresh delay, in seconds, can be specified for Remote Access Server.

Active Directory Toolbar

Add Active Directory Site Edit Active Directory Site properties Remove Active Directory Site GoTo Active Directory machine

Standard Toolbar

Add Favorite Domain or Favorite Machine. Edit Favorite Domain or Favorite Machine. Delete Favorite Domain or Favorite Machine. GoTo Favorite Domain or Favorite Machine.

Tools Toolbar

Application Properties Stop Current View action Refresh View Logon As Disconnect Network Connections Print the Active View Print Preview (full page display)

file://C:\Users\armandol\AppData\Local\Temp\~hhE18D.htm

08/03/2012

Welcome

Pgina 59 de 64

Display Program Information, Version Number, & Copyright List Help Topics

GoTo
Opens the GoTo dialog window. The GoTo dialog will allow you to specify a machine name or IP Address then will direct you to the specified machine's position in the network browser pane. If the machine is not available in the browser, you will be prompted to add the machine to the Favorite Machines list.

Logon AS button

The Logon As function of DameWare NT Utilities provides remote logon capabilities to any machine or domain specified. Using the credentials supplied, the Logon As function will perform a remote logon connection. Upon selection, you can enter the machine or domain to which to be authenticated along with the user account to Connect As and the password for the user account specified. Options are also available to Close any current connections to this machine and Remember Security Credentials.

However, version 5.5 of the NT Utilities software now includes remote Smart Card authentication, which allows the user of the NT Utilities software to authenticate to the remote machine using their Smart Card and PIN from their local machine. See also: Smart Card Authentication

Disconnect Network Connections button


The Disconnect Network Connections dialog window displays all current network connections. You may highlight the desired selections (hold the Ctrl key down while selecting multiple connections) and then click the Disconnect button to disconnect the highlighted connections. The Refresh button refreshes the window view with the current network connections. Upon selection, the Show Machines Connections (default is unselected) option displays any machines connections. The Show Disconnected Connections (default is unselected) option displays any current disconnected connections. Upon completion, the Close button will close the dialog window. The Disconnect Network Connections dialog window presents the following columns of information to the user. Status Displays current status of the network connection. Local Displays the local drive letter associated with a local drive connection (e.g. H:, M) &endash; displays NONE for non-local drive connections. Remote Displays the UNC name of the connection (e.g. \\machinename\IPC$, \\machine\home, \\machine\Admin$) User ID Displays the User ID that is authenticated to this connection (e.g. mydomain\administrator)

NT "Pass-Through" Authentication
Have you noticed that sometimes DNTU will perform a task without prompting you for a UserID & Password and other times you are prompted for credentials? Have you also wondered why you may be able to install the DMRC Client Agent Service on a remote machine, even though you only supplied regular User (non Administrator) credentials in the Remote Connect dialog box? This authentication behavior is not directly related to the DNTU or DMRC programs and can be explained by taking a look at how Windows NT Challenge/Response "Pass-through" authentication works. DameWare NT Utilities: When accessing a machine, DNTU simply attempts to execute the selected function assuming there is already an authenticated connection to the remote machine. If your current local logon credentials do not have sufficient rights to perform the selected task, or you have not already authenticated to the remote machine with credentials that have adequate rights, you will be prompted for a set of credentials that have the necessary rights. If your local desktop credentials have the necessary rights or you have already authenticated to the remote machine using another set of credentials that have the necessary rights, then the Operating System will pass those credentials to the remote machine when executing DNTU's functions. This is called NT "Pass-Through" Authentication. Whether you are allowed to access certain features of a machine using DNTU is entirely dependent on the Level of Security required by the Operating System for that

file://C:\Users\armandol\AppData\Local\Temp\~hhE18D.htm

08/03/2012

Welcome

Pgina 60 de 64

particular function. Most of DNTU's features require Administrative rights. DameWare Mini Remote Control: The Mini Remote Control program will first attempt a TCP connection to the remote machine using the credentials specified in the Remote Connect dialog box. If the DMRC Client Agent Service is not installed on the remote machine or is not listening on the specified port, then the DMRC program will drop out of it's TCP mode and use the Operating System's installed protocols to attempt to interrogate the remote machine. At this point, the connection to the remote machine has nothing to do with the credentials supplied in the Remote Connect dialog box. If your current credentials do not have sufficient rights, then you will be prompted to supply a set of credentials that have the necessary rights to complete the task. If your current local logon credentials have sufficient rights or you have already authenticated to this remote machine using another set of credentials that have sufficient rights, the Operating System will pass these credentials without prompting you for additional credentials, hence "Pass-Through" authentication. Administrative rights are required to Start/Stop/Install/Remove the DMRC Client Agent Service. Once the remote machine has been interrogated and DMRC Client Agent Service is found to be running on the specified TCP port, the Mini Remote Control program will once again attempt a TCP connection to the remote machine using the credentials specified in the Remote Connect dialog box. This is basically how Microsoft's NT "Pass-Through" authentication works. The Operating System attempts to pass your current local desktop credentials (UserID & Password used to logon to your local machine) to the remote machine. If the current credentials do not have sufficient rights to perform the task, then the Operating System will prompt you for a set of credentials that have the necessary rights. Once an authenticated connection has been established to the remote machine, the Operating System will not prompt you again for tasks that require this same level of authentication. However, if you already have a connection to a remote machine using a set of credentials that does not have adequate rights, you can also use DNTU's "Disconnect Network Connections" feature to disconnect that connection.

Windows XP & Simple File Sharing


Windows XP Home & Windows XP Professional installed on a machines as part of a WorkGroup has "Simple File Sharing" enabled by default which offers no NT Challenge/Response Authentication. "Simple File Sharing" would prevent the DameWare NT Utilities program from working properly (i.e. Error 5 Access Denied). "Simple File Sharing" also does not allow you to remotely install/remove/start/stop the Mini Remote Client Agent Service. "Simple File Sharing" cannot be turned off in Windows XP Home, therefore you must manually install the Mini Remote Client Agent Service on machines running Windows XP Home. Once the DMRC Client Agent Service has been installed, then you should be able to use the "Encrypted Windows Logon authentication method to connect to this machine. Please refer to the following knowledgebase article for more information on DameWare and Windows XP: Is DameWare Software compatible with Windows XP? http://www.dameware.com/support/kb/article.aspx?ID=201036

Windows XP & Service Pack 2


ALL versions of our software are compatible with XP-SP2 or any other firewall (hardware or software), however, you will have to properly configure the firewall to allow the necessary traffic to pass through. Also, adding the program (DNTU.exe or DWRCC.EXE) to the exceptions list will not work. You must add exceptions for the ports used by the software, and also configure the Scope of each individual port properly in order to connect through the SP2 firewall. Once you properly configured the SP2 firewall, you won't have any problems connecting. When a remote machine is running XP SP2 (or even SP1 with the ICF Firewall enabled or ANY type of firewall software), then by default this is more than likely blocking the necessary ports required by our software. In order to resolve this issue, you don't have to disable the firewall, however, you will need to modify the default firewall settings. Basically, all you should have to do is open which ever TCP port that you choose for the Client Agent Service to listen on, and then adjust the Scope in the SP2 firewall to match your network topology (i.e. all Computers, Local Subnet only, or define a custom Scope). The default TCP port used by the software is 6129, however, you can configure the Mini Remote Control program & Mini Remote Client Agent to use any one of the valid 65,000 TCP ports. In the knowledgebase article below we use TCP 11111 just as an example. Additionally, if you want the ability to remotely install, start, stop, or remove the Mini Remote Client Agent Service, or for the ability for any of DNTU's Views to work properly, then you will also have to Open and define the correct Scope for all the "File & Printer Sharing" ports as well (137-139/445). Please also make sure to configure the Scope properly for each port you define in the SP2 firewall (i.e. ALL, Same Subnet, or Custom Subnet). This is extremely important, and if you do not configure it properly, then you will not be able to connect. Also, according to Microsoft configuring the SP2 firewall can be accomplished in many different ways, including pushing out an INF file, via Group Policies, or even via the Command Line. You may also be able to connect to the remote machine using the Mini Remote Control program's RDP (Remote Desktop) functionality, and then make the necessary changes to the Windows Firewall settings, to allow the MRC program to connect. By default when you install SP2, I believe the Remote Desktop ports are already open in the Windows Firewall settings. Using DameWare Development products in conjunction with XP SP2 http://www.dameware.com/support/kb/article.aspx?ID=300068 WMI & XP-SP2: However, with regard to retrieving WMI (Windows Management Instrumentation) information from a remote machine, creating the Port Exceptions and adjusting the Scope for those ports is not enough, and there is an additional configuration that you must make in the Windows Firewall in order to retrieve this information. For example, on DNTUs Properties View, at the bottom of the System Tab, the Bios, System, and Enclosure information is obtained directly from WMI. Also, v5 of the DNTU Exporter now has the ability to retrieve WMI information from remote machines as well. After doing extensive research, we found that in addition to opening the File & Printer Sharing Port and configuring the Scope properly in the SP2 firewall, there are some additional Group Policy settings that are not configurable via the SP2 firewall GUI in the Control Panel, but you can configure it via the netsh.exe command line utility or via the GPEDIT.MSC Group Policy Editor snap-in. The netsh.exe syntax is documented in Microsoft's WF_XPSP2.doc (see below), but here is an example: netsh.exe firewall set service type=remoteadmin mode=enable scope=<scope> profile=<profile>

file://C:\Users\armandol\AppData\Local\Temp\~hhE18D.htm

08/03/2012

Welcome

Pgina 61 de 64

<scope> = subnet or custom <profile> = domain or standard If this computer is a member of a Domain, then use "profile=domain" (do not use the actual DomainName). If it's not a domain computer, you need to change to "profile=standard". Scope can also be set to 'custom' and then you can add custom ip ranges to the command line as well. WF_XPSP2.doc "Deploying Windows Firewall Settings for Microsoft Windows XP with Service Pack 2" is downloadable from: http://www.microsoft.com/downloads/details.aspx?familyid=4454e0e1-61fa-447a-bdcd-499f73a637d1 If you decide to configure this policy via the GPEDIT.MSC policy editor, it under: Computer Configuration\Administrative Templates\Network\Network Connections\Windows Firewall\<select either Domain or Standard> Profile Windows Firewall: Allow remote administration exception

System Error 5 (Access Denied)


System Error: 5 Access Denied points to some type of authentication issue. Please try accessing the remote machine via the O/S by typing \\MachineName\Admin$ or \\IP-Address\Admin$. System Error: 5 Access Denied simply means Invalid Credentials (UserID & Password) or your current logon credentials do not have sufficient rights (i.e. Administrator) to perform the selected function. The NT Utilities & Mini Remote Control programs rely heavily on the Operating System's built-in security and Administrator rights are required to install, remove, start, or stop any Service in Windows NT/2000/XP/2003/Vista security. For more information about this process, please take a look at the following Knowledgbase article about Microsoft's NT pass-through authentication: How Microsoft's NT "Pass-through" authentication works http://www.dameware.com/support/kb/article.aspx?ID=300038 The DameWare NT Utilities program is basically just executing standard Microsoft Windows API calls which asks the Operating System to perform the selected task. In terms of authentication, it is similar to typing \\MachineName\ShareName and the Operating System determines if you have the necessary credentials/authentication to complete the task. However, if the remote machine was running Windows XP, this behavior could be related to "Simple File Sharing". Windows XP Home & Windows XP Professional installed on a machines as part of a WorkGroup has "Simple File Sharing" enabled by default which offers no NT Challenge/Response Authentication. "Simple File Sharing" also does not allow you to remotely install/remove/start/stop the DMRC Client Agent Service. "Simple File Sharing" cannot be turned off in Windows XP Home, therefore you must manually install the DMRC Client Agent Service on machines running Windows XP Home. Once the DMRC Client Agent Service has been installed, then you should be able to use the "Encrypted Windows Logon authentication method to connect to this machine. Please refer to the following knowledgebase article for more information on DameWare and Windows XP: Is DameWare Software compatible with Windows XP? http://www.dameware.com/support/kb/article.aspx?ID=201036

System Error 1073


"Failed to create service Error 1073" implies that the specified Service already exists. You may also want to verify that the Mini Remote Control Service exists within the Services applet and it is not marked as Disabled within this specific Hardware Profile. If that does not work, you may want to try a reboot..

file://C:\Users\armandol\AppData\Local\Temp\~hhE18D.htm

08/03/2012

Welcome

Pgina 62 de 64

System Error 1219

System Error: 1219: System Message: The credentials supplied conflict with an existing set of credentials. Unfortunately, this is not an error directly related to our software and it can be duplicated outside of our software. The most common reason for this error is that you already have a connection to the remote machine using a different set of credentials. I have included Microsoft's description for this error below. Many times you may not be aware of the connections made on your behalf but you can use DNTU to both display all connections and to disconnect any connection to the machine in question and then try to re-connect to the machine with the credentials that have adequate rights to do the job. It simply means that you already have a connection to the remote machine with a different set of credentials (UserID and Password) other than the ones you are trying to use for the second connection. Quite often, software will make connections to remote machines, and you may or may not be aware of those connections. DNTU does have tools to manage the connections. Click on the "Disconnect Network Connections" icon (see attached image) in the toolbar and then from here you can view all connections and also disconnect any conflicting connections. I have also experienced the 1219 error when attempting to connect to certain remote machines. Unfortunately, this error is not directly related to the DameWare NT Utilities program. The most common reason for this error is that you already have a connection to the machine using a different set of credentials (see below for Microsoft's explanation), however, it is possible to receive this specific error even though there is no other connection to the remote machine. One resolution is to reboot your local machine. Once rebooted, I have been able to connect fine. You may also want to make sure you do not have a duplicate UserID on the source & destination machines that contains a different

file://C:\Users\armandol\AppData\Local\Temp\~hhE18D.htm

08/03/2012

Welcome

Pgina 63 de 64

password. If this is the case, you may want to make sure the UserID & Password are identical on the source & destination machines (i.e. Microsoft NT Pass-Through authentication). You may also want to try prepend the IP-Address or HostName to the UserID (i.e. IPAddress\UserID). I have found that certain flavors of Operating System & Service pack may get confused when you have the same UserID on both the source & destination machines with different passwords. Here is some additional information from Microsoft about this specific error message: --------------------------------------------------------------------------Err Msg: The Credentials Supplied Conflict with an Existing set of Credentials. -------------------------------------------------------------The information in this article applies to: Microsoft Windows NT operating system version 3.1 Microsoft Windows NT Advanced Server Microsoft Windows NT Workstation versions 3.5, 3.51, 4.0 Microsoft Windows NT Server versions 3.5, 3.51, 4.0 Microsoft Windows 2000 Professional Microsoft Windows 2000 Server Microsoft Windows 2000 Advanced Server -----------------------------------------------------------SYMPTOMS Windows NT does not allow you to make multiple connections to a shared network server from the same workstation if you attempt to use more than one set of credentials. If you attempt to make two or more connections to the same server using two or more sets of credentials, you will receive the following error message: System error 1219 has occurred. The credentials supplied conflict with an existing set of credentials. RESOLUTION To make the connection with the other account, disconnect the previous connection(s) to the server. This behavior is by design for security purposes. MORE INFORMATION A set of credentials consists of a user name and a password. Both File Manager and NET USE allow you to specify a parameter that designates which user account you want to use when you connect to a server. If you make a connection to a server using one account, then make another connection to the same server using a different account (with the first connection still intact), you receive the above error message. To make the connection with the other account, disconnect the previous connection(s) to the server. Steps to Reproduce Problem On your computer running Windows NT in the same domain as the server that you want to connect to, use File Manager connect to a share on the server. Do not type anything in the Connect As field. Establish a second, separate connection to the same server, either to the same share or a different share on that server. This time, specify an account in the Connect As field. This account must be different than the one with which you are currently logged on. Choose OK. The above error message appears. Additional query words: prodnt Keywords : kbnetwork ntsecurity NTSrv Version : :; WINDOWS:2000; winnt:3.5,3.51,4.0 Platform : WINDOWS winnt Issue type : kbprb Technology : Last Reviewed: March 3, 2000 2000 Microsoft Corporation. All rights reserved. Terms of Use.

System Error 1326


Unfortunately, there are no settings within our software that will either cause or prevent a 1326 error from occurring. Please also understand that this specific error is coming from the Operating System itself and not from our software. Our software simply asks the Operating System on your local machine to execute standard Microsoft Windows API calls to connect to the remote machine, and its your Operating System that is returning this error message back to our software. You should also be able to duplicate this error completely outside of our software, by trying to map a drive to the admin$ share on the remote machine. We have done extensive testing with regard to the 1326 issue, and whenever we see this specific error we have always been able to duplicate it within the Operating System itself. Therefore, it could be some type of Policy (Domain or Local Security Policy, etc...) setting within the O/S that is causing this to occur. Weve also had other users tell us this specific error was directly related to an Admin Rights issue within the Policy settings within their environment, but they never wrote back to explain exactly which setting within their environment that was causing their issues. Unfortunately, if you cannot connect to the machine via the O/S itself, they you also cannot use those credentials to connect using our software either. Therefore, you may also want to try creating another Administrator account, and then also try using that account to connect to the remote machine. However, there are a few other things you can try out: 1. If the remote machine was running Windows XP, make sure that "Simple File Sharing" is disabled on the remote machine. Simple File Sharing only exists within Windows XP, and should not be confused with File & Printer Sharing which exists in all Operating Systems. Basically, this is how you disable "Simple File Sharing" in Windows XP Professional (remember it cannot be done in XP Home):

file://C:\Users\armandol\AppData\Local\Temp\~hhE18D.htm

08/03/2012

Welcome

Pgina 64 de 64

Open My Computer. Select Tools / Folder Options. Click on the View Tab. Go all the way to the bottom of the list and Disable "Use simple file sharing (Recommended)". 2. We recently received this feedback from another user. So you can try this out as well. Try adjusting the "ForceGuest" policy setting on the remote machine to make sure all users authenticating to this machine over the network are actually authenticating as themselves, and not as the Guest account. This policy can be found in the Local Security Policy on the Remote Machine: Administrative Tools -> Local Security Policy -> Security Options -> Network access: Sharing and security model for local accounts &ldots;and change from "Guest Only &endash; local users authenticate as Guest" to "Classic &endash; local users authenticate as themselves".

System Error 1327


System Error 1327 ERROR_ACCOUNT_RESTRICTION Logon failure: user account restriction. Possible reasons are blank passwords not allowed, logon hour restrictions, or a policy restriction has been enforced. Please note that Windows XP will not allow you to access a remote machine over the network using an account that has a blank password. If you attempt to use a blank password, you will receive the above error in the Application Event Log on the remote machine. To resolve this issue, create a password for this specific UserID or create another UserID and assign it a password.

file://C:\Users\armandol\AppData\Local\Temp\~hhE18D.htm

08/03/2012