As an experienced packager/desktop engineer should know how to troubleshoot applications issues that were encountered by the users. Fortunately we...
As an experienced packager/desktop engineer should know how to troubleshoot applications issues that were encountered by the users. Fortunately we have a number of tools that are available from different vendors. I have listed all the tools that i have used throughout my carreer. You donot need all of them but is nice to have them handy.
Following are the list of tools available for download in Part 4:
PsGetsid allows you to translate SIDs to their display name and vice versa. It works on builtin accounts, domain accounts, and local accounts.
If you want to see a computer’s SID just pass the computer’s name as a command-line argument. If you want to see a user’s SID, name the account (e.g. “administrator”) on the command-line and an optional computer name.
Syntax: psgetsid [\\computer[,computer[,…] | @file] [-u username [-p password]]] [account|SID]
PsInfo is a command-line tool that gathers key information about the local or remote Windows NT/2000 system, including the type of installation, kernel build, registered organization and owner, number of processors and their type, amount of physical memory, the install date of the system, and if its a trial version, the expiration date.
By default PsInfo shows information for the local system. Specify a remote computer name to obtain information from the remote system. Since PsInfo relies on remote Registry access to obtain its data, the remote system must be running the Remote Registry service and the account from which you run PsInfo must have access to the HKLM\System portion of the remote Registry.
Syntax: psinfo [[\\computer[,computer[,..] | @file [-u user [-p psswd]]] [-h] [-s] [-d] [-c [-t delimiter]] [filter]
Windows NT/2000 does not come with a command-line ‘kill’ utility. You can get one in the Windows NT or Win2K Resource Kit, but the kit’s utility can only terminate processes on the local computer. PsKill is a kill utility that not only does what the Resource Kit’s version does, but can also kill processes on remote systems. You don’t even have to install a client on the target computer to use PsKill to terminate a remote process.
Running PsKill with a process ID directs it to kill the process of that ID on the local computer. If you specify a process name PsKill will kill all processes that have that name.
Syntax: pskill [- ] [-t] [\\computer [-u username] [-p password]] <process name | process id>
PsList would show statistics for all the processes.
Example PsList exp would show statistics for all the processes that start with “exp”, which would include Explorer.
You could use it on remote machines with Syntax: PsList \\computername
You can determine who is using resources on your local computer with the “net” command (“net session”), however, there is no built-in way to determine who is using the resources of a remote computer. In addition, NT comes with no tools to see who is logged onto a computer, either locally or remotely. PsLoggedOn is an applet that displays both the locally logged on users and users logged on via resources for either the local computer, or a remote one. If you specify a user name instead of a computer, PsLoggedOn searches the computers in the network neighborhood and tells you if the user is currently logged on.
Syntax: psloggedon [- ] [-l] [-x] [\\computername | username]
The default behavior of PsLogList is to show the contents of the System Event Log on the local computer, with visually-friendly formatting of Event Log records. Command line options let you view logs on different computers, use a different account to view a log, or to have the output formatted in a string-search friendly way.
Syntax: psloglist [- ] [\\computer[,computer[,…] | @file [-u username [-p password]]] [-s [-t delimiter]] [-m #|-n #|-h #|-d #|-w][-c][-x][-r][-a mm/dd/yy][-b mm/dd/yy][-f filter] [-i ID[,ID[,…] | -e ID[,ID[,…]]] [-o event source[,event source][,..]]] [-q event source[,event source][,..]]] [-l event log file] <eventlog>