The Microsoft Management Console
The MMC utility provides tools for managing system functions, such as Users and Groups, Disk Management and Security Settings. In many respects the MMC resembles an empty toolbox. An administrator can choose which tools it contains, and set up further toolboxes for different tasks if required. These toolboxes are referred to as Consoles. Tools are added to the console as snap-ins. This is intended to be a common environment for all utilities for the management of Windows XP/2003/2008 computers.
Consoles can be created and configured to suit different purposes. They can be saved under descriptive names. Saved consoles appear in the Administrative Tools folder and can be accessed through Start>All Programs>Administrative tools. Consoles can be exported for use by other administrators or assistants for monitoring common tasks. Consoles are also a way for administrators to manage remote machines without having to leave their own workstations.
Computer Management provides a toolbox for managing common administrative tasks. There are three main sections in the computer management console; System Tools, Storage, Services and Applications.
Frequently the management console appears already expanded. Many exam questions however refer to the three primary divisions. Be familiar with the contents of all three sections.
Creating a Microsoft Management Console (MMC)
Click START then RUN. Type MMC.
As many Consoles as are required can be created, containing the tools needed for a range of tasks. This is a Console. It can be tailored to display the tools an administrator requires for a particular job. Click the File button to add tools.
Choose to Add/Remove a Snap-in.
Currently this Console has no snap-ins. Click Add.
Highlight a choice …
…and click Add.
It is possible to make a single console which can manage many computers. This can save an administrator a lot of effort over time.
Most MMC’s can be used with computers other than the local machine. Make a choice and click Finish.
Further Snap-ins can be added to a console..
When all the required snap-ins have been added click OK.
Finally, save the newly created Console with a meaningful name.
Note the file extension for MMC files.
Before the new Console is employed, some options should be examined.
Anybody can use the new Console, but it may need protecting from misuse or alteration. There are four modes of operation for a Console to aid this control:
- Author Mode: Grants users every permission including adding or deleting snap-ins.
- User Mode – Full Access: Grants users every permission except adding or deleting snap-ins.
- User Mode – Limited Access – single window: User must use the console as it is.
- User Mode – Limited Access – full window: User cannot close any windows previously saved, but can create new windows for own use.
Remote Administration
The MMC utility can also be used to administer other machines over a network. You can remotely administer both Windows 2000 and Windows XP Professional computers as long as you have a suitable user account on the machine you are administering. You can also administer a Windows 2000 Server/Server 2003 computer from Windows XP Professional by installing the i386/adminpak.msi file on the Windows Server CD-ROM.
In this example, a new console will be created to administer three separate machines on a network
In order to administer server side components, you will need to install the I386/ADMINPAK.MSI file on the Windows Server 2003 CD-ROM.
The Windows Server 2003 Administration Tools Pack Setup Wizard is launched. Click on Next to continue.
The Server Administration Tools are then installed.
Once the Administration tools are installed you will need to create a new MMC. Click on Start.
Select Run…
Type in MMC into the Run command-line box.
Click on OK to continue.
A new blank console is launched. Select File to begin adding new snap-ins.
Select Add/Remove Snap-in…
Click on Add…
Select Active Directory Users and Computers.
Click on Add. The snap-in will automatically connect to a domain controller. N.B. You will need to be connected to a domain and have sufficient privileges in order to perform administration of Active Directory.
The Active Directory Users and Computers console has been added. Scroll down to find the Computer Management snap-in.
Select Computer Management.
Click on Add.
The Computer Management utility will prompt you for which machine you wish to administer. Select Another computer.
Specify or Browse for the machine you wish to administer and click Finish.
The computer management utility for 10.0.0.1 has been added. N.B. You cannot use Disk Defragmenter or Add and Remove hardware remotely using an MMC. Select the Event Viewer console and click Add to continue.
As before, select the Another computer option and choose or specify the machine you wish to administer.
With the machine specified, click on Finish.
Once you have added all of the relevant snap-ins, click on Close.
Hit OK to close the Add/Remove Snap-in dialog box.
The new console is then shown. You can now administer three separate machines from one location.
e.g. You can administer users and groups on the Domain Controller.
..stop and start services on ’10.0.0.1’
And view the Event Logs on ’10.0.0.8’
Remote Shutdown
Using the Computer Management MMC you can shutdown, logoff or reboot a remote machine. This is a highly useful feature, but can also cause security issues. You should always ensure that the Administrator password is hidden. A user with administrative rights can potentially destroy a computer remotely.
Launch Computer Management and right-click on Computer Management (Local).
Select Connect to another computer. N.B. This function will work with most MMC snap-ins.
Browse for or specify the remote machine.
Click OK to continue.
The console is now connected to 10.0.0.1. Right-click on Computer Management (10.0.0.1).
Select Properties.
Information about the remote computer is shown. Click on Advanced.
Select Settings from Startup and Recovery.
This powerful page allows you to configure the machine’s boot order and memory dump file location. Click on Shut Down.
Select the action you would like to perform and click OK.
No comments:
Post a Comment