Skip navigation

Geek Speak

5 Posts authored by: Jason Ream

Continuing with the earlier blogs on Simplified Windows Administration and Improved End-user Support let’s take a stab at simplifying and automating some Active Directory (AD) and system information management tasks. Huge time and effort is spent towards working with AD, managing AD properties, exporting AD and system information, while you have the option to keep it simple and in control.


Let’s discuss some industry-wide best practices and tips to execute these activities quickly, securely and effectively for improved Active Directory and System Information Management

 

  1. Active Directory Management Tips
    • Design your AD environment to have business-critical objects (such as user accounts used to run system services) separated in Organizational Units (OUs) so that not everybody has access to impact changes
    • Use the Delegation Wizard in the Active Directory Users and Computers (ADUC) management console to assign permission to IT staff for AD management based on the tasks they execute
    • Adding, removing and updating AD users and managing multiple domains and OUs can be a daunting task to perform individually in every single system. Using a remote support software to execute these tasks in all the required Windows PCs could significantly reduce manual labor.
  2. Leverage Group Policy for Configuration Management and Security. Group Policy allows you to make changes across multiple servers. IT admins can create Group Policy Objects (GPOs) using Active Directory and apply them to the various OUs.
  3. Exporting System Information:
    • Use Windows System Resource Manager (from native Windows administrative tools) to export configuration information from your Windows servers.
    • When dealing with mass export of information from PCs, from WMI properties, AD objects or system information, it’s best to use an exporter tool—all the more better if it supports remote tech support—for exporting into files of different formats.

 

Another valuable nugget to those IT savvy sysadmins is that you can learn some quick PowerShell scripting commands to automate some basic admin tasks. This can be a life-saver in automating repetitive tasks saving you time in plenty. You can read this post from TechRepublic that could teach you 10 simple PowerShell commands to get started.


Ensuring quick and effective handling of system administration tasks will help you reclaim more time for concentrating better on resolving network, application and infrastructure issues that are impacting your business. A successful IT admin is one who balances the various types of issues and challenges posed with and comes out finding right way of doing them all quickly and effectively. Preparation, balance and automation can lead you there!

Referencing an early blog post, where I spoke about how to *not* overcomplicate windows, I promised you a Part 2. Here are some additional tips and tricks to that can help you save time, and simplify Windows administration.

 

  • Knowing and managing your Active Directory and Exchange server well. AD management can be a time-consuming task for adding, editing, deleting, and searching for AD properties and attributes. Using some automation effort and Active Directory tools can help you take the pain out of AD management.
  • Defining proper administrative privileges for end-users. There are so many common issues when the user mistakenly or deliberately changes a setting. Effectively defining access permissions will ensure these issues don’t happen at all.
  • Remotely resolving issues by establishing a secure and effective remote connection with the end-users’ Windows desktops.
  • Using web-based Windows password reset tools/services whereby the domain users can login to the self-service and reset system password. Research says password recovery/reset tasks consume about 40% of a day’s time for an IT admin. This can be reclaimed for other critical tasks.
  • The network and infrastructure are always going to grow. Estimation and planning the expansion ahead will help to build and deploy more scalable and flexible hardware and software to support the growth of IT infrastructure.

 

I am interested in your feedback, views and comments and also any interesting time-saving IT administration stories that have made you an IT rock star. Feel free to comment and share!

 

And on a parting note - if you are looking for a tool that can help you with remote support. Check out DameWare Mini Remote Control (MRC) - MRC makes it simple and secure to establish remote control access to your Windows system. Get the “standing-over-the-shoulder” experience with MRC and truly "Do I.T. Remotely" - and maybe stop walking to every end-user's desk for system administration tasks!

As IT administrators, we know the pain of addressing issues from the weird to the wildest kind. There are so many tasks that we do each day that focus more on support, installation, password recovery, configuration adjustments and the like, whereas there are other key IT management and troubleshooting concerns such as remediating network issues, providing workarounds for errors and system anomalies, and resolving problems that affect end-users and the business.


A simple solution to this could be finding the right way to channelize the IT administrator’s time more towards business-critical IT problems while having other support and administrative tasks taken care of smartly and quickly. Juggling all these together will only result in none of them being addressed properly.

The best bet is to find the right means of execution to deal with system administration tasks. Here are some key pointers for IT admins to take note of to optimize their time and efforts for effective Windows server administration.


5 Key Tips to Simplified Windows Server Administration

 

For starters, Windows Event Viewer can be a simple and useful functionality to monitor all that is happening on your Windows PC. You can obtain lots of information about the hardware and software problems, and monitor Windows security events. Getting a good grip on managing these event logs will further help IT admins.

    1. Restarting Windows services can be cumbersome if multiple users face services crashing down. You can use the Services utility offered in your Windows server to quickly Start, Stop, Pause, Resume, or Restart your Windows services.
    2. Ever faced with restarting crashed remote Windows systems? You can use the Remote Shutdown Dialog tool available in your Windows OS to restart or shutdown a remote computer. Type “shutdown -i” in the Run command to open Remote Shutdown Dialog
    3. When connecting to end-user computer with multiple monitors, you can use the Remote Desktop Connection client in the Spanning Mode. Type “mstsc /span” in the Run command to open the RDC client in Spanning Mode
    4. Use Windows Performance Monitor to examine how programs running on Windows impact computer performance, both in real time and by analyzing log data. Performance Monitor uses
        • Performance Counters that measure system state/activity
        • Event Trace Data that are components of the OS or individual apps reporting actions or events
        • Configuration Information from Windows registry


Try to leverage Open Source free tools, and third-party administration tools that could help you quickly and effectively troubleshoot issues especially when having to do it remotely.

 

More to come in the next blog where we’ll talk about Rendering Effective End-User Support…


Let us hear what other tips and best practices you have towards simplified Windows server administration. Feel free to share your experiences with the community!

As more and more end users work and connect remotely to office systems, IT admins are faced with a constant challenge of ensuring easy and secure remote connectivity. More importantly, security issues with remote connectivity have been the top most concern for majority of IT admins and have plagued businesses for some time now.

 

  • According to the Verizon 2012 Data Breach Investigations Report, remote connectivity services occupied the top slot among the different channels used by hackers, constituting 88 percent of security threats
  • Misuse of sensitive information, password theft and installation of malicious programs are some of the risks involved when unauthorized end users gain access to networks

 

So, what are the vulnerabilities with remote connectivity that makes it prone to frequent security attacks? Improper identity validation and weak authentication processes installed to access enterprise computers and servers comprise most of the security attacks. It is easier for hackers to break authentication based on static reusable passwords making it impossible to validate identities. Though passwords could be made stronger, there is a higher risk that the password could be intercepted by hacking software. Let’s dive into some quick tips to understand how to securely establish and manage remote connectivity:

 

  • Risk Assessment – IT admins need to evaluate what level of access they want to provide to remote users and should be able to verify each user and devices connecting to the network
  • Improved Authentication methods – With a combination of three authentication factors such as a password, a smart card and use of biometrics, Multifactor authentication for remote connectivity is harder to break than the single factor ones.
  • Educate Employees – Communicating the security policies in place to employees at all levels and making them understand the risks and benefits associated with secure remote connectivity is highly essential.
  • Encrypting Remote Communication Data– Keeping the remote communication data encrypted through security mechanisms such as SSH and cryptographic keys will help protect critical data from being intercepted by others as it is transmitted between remote and local systems.

 

If you haven’t considered security to be your top priority yet, now is the time to take a step forward and you could avoid becoming the next victim of a security attack, especially when remotely connecting to systems.

 

Faced with security challenges remotely, IT admins are always on the lookout for an ideal remote control software solution with enhanced levels of security. Learn how DameWare Mini Remote Control can seamlessly secure your remote connectivity and be the affordable remote control software that you are looking for.

If you ever have to support desktops and laptops in your company, chances are that you’ve used some sort of remote control software to avoid walking – or driving, or flying! – to your end-user’s desk.  Remote control software has been around for some time, and there are lots of different flavors.


Some remote control software products require end-user permission to initiate a session, while others allow unattended access without permission.  Some provide the ability to connect over the Internet; others don’t.  Some are best suited for helping your grandparents “get on the Email,” while others provide feature-rich support for help desk administrators.  The best remote control software for you is the one that fits the job that you need to do on a regular basis.

 

Regardless of which is the best, there is little question about which is the most common free remote control software.  Microsoft’s RDP, or Remote Desktop Protocol, is one of the original remote control solutions, ships with Windows, and has been around since XP was first released.  RDP does what it claims to do – and is free; however, it does have some limitations.  RDP does not have the ability to screen share – two users viewing the same screen or desktop simultaneously.

 

If you are responsible for supporting desktops and laptops, you need the ability to screen share during a trouble-shooting session with a remote user.  More often than not, you need to interact with the user sitting in front of the remote system – maybe to allow them to show you what problem they are having, or to find a particular file or application.  During an RDP session, the screen of the remote user is blacked out while the administrator is logged in – effectively preventing the experience of “standing over the shoulder” of the remote user.

 

 

There are a number of remote control software products that provide screen sharing.  One solution particularly popular with systems administrators is DameWare Mini Remote Control (or MRC).  When a remote control session is initiated on a remote system, the remote desktop is visible to both the MRC administrator as well as the remote user.  The end user can see what the administrator is doing on the system, and vice-versa.  MRC provides a number of other features that help enhance the interactive experience, like the ability to chat with the remote user through a native chat client, the ability to take screenshots, as well as the ability to transfer files.

 

MRC also provides a granular level of control over how the administrator and end user will interact with each other before, during and after a remote session has ended.  It can be configured to require the end user’s permission before initiating a session, or it can be configured to allow unattended access on remote systems.  Connections can also be restricted by IP address or Active Directory group.  Again, none of this functionality is available with RDP.


If you’ve used RDP or other free remote control software before and felt that it didn’t quite meet your needs, consider trying the Dameware Mini Remote Control.  It’s not free, but it’s cheap - and you can try it for free for 14 days.  You can also check out a more detailed comparison of RDP vs. DameWare MRC.

Filter Blog

By date: By tag: