Management features new to Windows Vista
Part of a series on |
Windows Vista |
---|
New features |
Other articles |
Windows Vista contains a range of new technologies and features that are intended to help network administrators and power users better manage their systems. Notable changes include a complete replacement of the "Windows Setup" process, completely rewritten deployment mechanisms, support for per-application Remote Desktop sessions, new diagnostic and health monitoring tools, and a range of new Group Policy settings covering many of the features new to Windows Vista.
Other areas of interest include major changes to Task Scheduler, as well as the addition of Subsystem for UNIX Applications, which provides a POSIX-compatible environment for applications as part of the operating system itself.
Setup
The setup process for Windows Vista has been completely rewritten and is now image-based. Setup is now based on Windows Preinstallation Environment (WinPE) version 2.0, which, amongst other features, runs the entire setup process in a graphical environment, as opposed to the text-based environments of previous versions. Visually, the user interface resembles Windows Vista itself, using ClearType fonts and the Aero visual style, and enabling the use of a mouse. Prior to copying the setup image, partitions can be graphically resized.
Support for loading third-party disk drivers has improved. Whereas Windows XP only supported loading drivers from floppy disks while the setup environment is initially loading, Windows Vista additionally supports loading drivers from USB and Firewire storage devices, and CDs and DVDs from within the main setup wizard.
Microsoft has aimed to reduce the amount of time setup takes to complete. Setup is now significantly faster than Windows XP and thus, Windows Vista can be installed in as little as 20 minutes.[1] This is especially notable considering that the Windows Vista install is more than three times the size of its predecessor.
At the end of the setup process, Windows Vista automatically downloads and applies security and device driver updates from Windows Update.
System recovery
The new Windows Recovery Environment (WinRE) detects and fixes startup related problems. It can be accessed by pressing F8 during startup. The system then boots into the WinRE interface and offers various tests as well as recovery and failure detection tools. WinRE automatically detects blue screen errors and registry damage and tries to repair the system and get it up and running quickly.
The Windows Recovery Environment tools have been significantly expanded to take advantage of the new graphical setup environment. A "toolbox" is presented to the user, offering access to repair functions, System Restore, a new memory diagnostic tool, access to Complete PC Backup and Restore images, and access to a command prompt. Multiple command prompts can be spawned at once, and more command-line tools are available. Command prompts can be spawned at any time during setup by pressing Ctrl+F10.
Servicing
Package Manager, part of the Windows Vista servicing stack, replaces the previous Package Installer (Update.exe
) and Update Installer (Hotfix.exe
). Microsoft delivers updates for Windows Vista as files and resources only. Package Manager, Windows Update, and the Control Panel item to turn Windows features on and off, all use the Windows Vista servicing-stack. Package Manager can also install updates to an offline Windows image, including updates, boot-critical device drivers, and language packs.
Windows Vista introduced Component-Based Servicing (CBS) as an architecture for installation and servicing.[2]
Deployment
Windows Vista is deployed using a hardware-independent image, the Windows Imaging Format (WIM). The image file contains the necessary bits of the operating system, and its contents are copied as is to the target system. Other system specific software, such as device drivers and other applications, are installed and configured afterwards. This reduces the time taken for installation of Windows Vista.
Corporations can author their own image files (using the WIM format) which might include all the applications that the organization wants to deploy. Also multiple images can be kept in a single image file, to target multiple scenarios. This ability is used by Microsoft to include all editions of Windows Vista on the same disc,[3] and install the proper version based on the provided product key. In addition, initial configuration, such as locale settings, account names, etc. can be supplied in XML Answer Files to automate installation.[4]
Microsoft provides a tool called ImageX to support creation of custom images, and edit images after they have been created. It can also be used to generate an image from a running installation, including all data and applications, for backup purposes. WIM images can also be controlled using the Windows System Image Manager, which can be used to edit images and to create XML Answer Files for unattended installations. Sysprep is also included as part of Windows Vista, and is HAL-independent.
Also included in Windows Vista is an improved version of the Files and Settings Transfer Wizard now known as Windows Easy Transfer which allows settings to be inherited from previous installations. User State Migration Tool allows migrating user accounts during large automated deployments.
ClickOnce is a deployment technology for "smart client" applications that enables self-updating Windows-based applications that can be installed and run with minimal user interaction, and in a fashion that does not require administrator access.
The ActiveX Installer Service is an optional component included with the Business, Enterprise and Ultimate editions that provides a method for network administrators in a domain to authorize the installation and upgrade of specific ActiveX controls while operating as a standard user. ActiveX components that have been listed in Group Policy can be installed without a User Account Control consent dialog being displayed.[5]
Event logging and reporting
Windows Vista includes a number of self-diagnostic features which help identify various problems and, if possible, suggest corrective actions. The event logging subsystem in Windows Vista also has been completely overhauled and rewritten around XML to allow applications to more precisely log events. Event Viewer has also been rewritten to take advantage of these new features. There are a large number of different types of event logs that can be monitored including Administrative, Operational, Analytic, and Debug log types. For instance, selecting the Application Logs node in the Scope pane reveals numerous new subcategorized event logs, including many labeled as diagnostic logs. Event logs can now be configured to be automatically forwarded to other systems running Windows Vista or Windows Server 2008. Event logs can also be remotely viewed from other computers or multiple event logs can be centrally logged and managed from a single computer. Event logs can be filtered by one or more criteria, and custom views can be created for one or more events. Such categorizing and advanced filtering allows viewing logs related only to a certain subsystem or an issue with only a certain component. Events can also be directly associated with tasks, via the redesigned Event Viewer.
Windows Error Reporting
Windows Error Reporting has been improved significantly in Windows Vista. Most importantly a new set of public APIs have been created for reporting failures other than application crashes and hangs.[6] Developers can create custom reports and customize the reporting user interface. The new APIs are documented in MSDN. The architecture of Windows Error Reporting has been revamped with a focus on reliability and user experience. WER can now report errors even when the process is in a very bad state for example if the process has encountered stack exhaustions, PEB/TEB corruptions, heap corruptions etc. In Windows XP, the process terminated silently without generating an error report in these conditions.
A new feature called Problem Reports and Solutions has also been added. It is a Control Panel applet that keeps a record of all system and application errors and issues, as well as presents probable solutions to problems.
Performance monitoring and diagnostics
- The Performance Monitor includes several new performance counters and various tools for tuning and monitoring system performance and resources. It shows the activities of the CPU, disk I/O, network, memory and other resources in the "Resource View". It supports new graph types, the selection of multiple counters, the retrieval of counter values from a point on the graph, the saving of graphed counter values to a log file, and the option to have a line graph continuously scroll in the graph window instead of wrapping-around on itself.
- Windows Task Manager presents more detailed system information and monitoring.
- The
perfmon /report
command produces a comprehensive System Diagnostics Report.[7]
- A new feature called Resource Exhaustion Prevention can detect when memory is low and determine which applications are causing this. A memory leak diagnostic can provide information about application that may have memory leaks.[8]
- The Reliability Monitor tracks applications and driver installations, along with the date of installation. It uses system reliability statistics from the Reliability Analysis Component (RAC)[9][10] to present a graphical view of variation in system reliability and stability. (The RAC updates a computer's stability index daily.[11])
Remote management
Remote Desktop Protocol 6.0 incorporates support for application-level remoting, improved security (TLS 1.0), support for connections via an SSL gateway, improved remoting of devices, support for .NET remoting including support for remoting of Windows Presentation Foundation applications, WMI scripting, 32-bit color support, dual-monitor support, Network Level Authentication and more.
Remote Assistance, which helps in troubleshooting remotely, is now a full-fledged standalone application and does not use the Help and Support Center or Windows Messenger. It is now based on the Windows Desktop Sharing API. Two administrators can connect to a remote computer simultaneously. Also, a session automatically reconnects after restarting the computer. It also supports session pausing, built-in diagnostics, and XML-based logging. It has been reworked to use less bandwidth for low-speed connections. NAT traversals are also supported, so a session can be established even if the user is behind a NAT device. Remote Assistance is configurable using Group Policy and supports command-line switches so that custom shortcuts can be deployed.
Windows Vista also includes Windows Remote Management (WinRM), which is Microsoft’s implementation of WS-Management standard which allows remote computers to be easily managed through a SOAP-based web service. WinRM allows obtaining data (including WMI and other management information) from local and remote computers running Windows XP and Windows Server 2003 (if WinRM is installed on those computers), Windows Server 2008 and all WS-Management protocol implementations on other operating systems. Using WinRM scripting objects along with compatible command-line tools (WinRM or WinRS), allows administrators to remotely run management scripts. A WinRM session is authenticated to minimize security risks.
System tools
- New /B switch in CHKDSK for NTFS volumes which clears marked bad sectors on a volume and reevaluates them.[12]
- Windows System Assessment Tool, a built-in benchmarking tool, analyzes the different subsystems (graphics, memory, etc.), produces a Windows Experience Index (formerly Windows Performance Rating) and uses the results to allow for comparison to other Windows Vista systems, and for software optimizations. The optimizations can be made by both Windows and third-party software.[13]
- Windows Backup (code-named SafeDocs) allows automatic backup of files, recovery of specific files and folders, recovery of specific file types, or recovery of all files. With Windows Vista Business, Enterprise or Ultimate, the entire disk can be backed up to a Complete PC Backup and Restore image and restored when required. Complete PC Restore can be initiated from within Windows Vista, or from the Windows Vista installation disc in the event that Windows cannot start up normally from the hard disk. Backups are created in Virtual PC format and therefore can be mounted using Microsoft Virtual PC. The Backup and Restore Center gives users the ability to schedule periodic backups of files on their computer, as well as recovery from previous backups.
- Windows Update has been revised, and now runs completely as a control panel application, not as a web application as in prior versions of Windows.
- System Restore is now based on Shadow Copy technology instead of a file-based filter and is therefore more proactive at creating useful restore points. Restore points are now "volume-level", meaning that performing a restore will capture the state of an entire system at a point in time. These can also be restored using the Windows Recovery Environment when booting from the Windows Vista DVD, and an "undo" restore point can be created prior to a restore, in case a user wishes to return to the pre-restored state.
- System File Checker is integrated with Windows Resource Protection which protects registry keys and folders too besides critical system files. Using Sfc.exe, specific folder paths can be checked, including the Windows folder and the boot folder. Also, scans can be performed against an offline Windows installation folder to replace corrupt files, in case the Windows installation is not bootable. For performing offline scans, System File Checker must be run from another working installation of Windows Vista or a later operating system or from the Windows setup DVD which gives access to the Windows Recovery Environment.
- System Configuration (MSConfig) allows configuring various switches for Windows Boot Manager and Boot Configuration Data. It can also launch a variety of tools, such as system information, network diagnostics etc. and enable or disable User Account Control.
- Windows Installer 4.0 (MSI 4.0) includes support for features such as User Account Control, Restart Manager, and Multilingual User Interface.
- Problem Reports and Solutions is a new control panel user interface for Windows Error Reporting which allows users to see previously sent problems and any solutions or additional information that is available.
- Windows Task Manager has a new "Services" tab which gives access to the list of all Windows services, and offers the ability to start and stop any service as well as enable/disable the UAC file and registry virtualization of a process. Additionally, file properties, the full path and command line of started processes, and DEP status of processes can be viewed. It also allows creating a dump file which can be useful for debugging.
- Disk Defragmenter can be configured to automatically defragment the hard drive on a regular basis. It features cancellable, low I/O priority, shadow copy-aware defragmentation.[14] It can also defragment the NTFS Master File Table (MFT). The user interface has been simplified, with the color graph, progress indicator and other information such as file system, free space etc., being removed entirely. Chunks of data over 64MB in size will not be defragmented; Microsoft has stated that this is because there is no discernible performance benefit in doing so.[15] The defragmenter is not based on an MMC snap-in. The command line utility defrag.exe offers more control over the defragmentation process.[16] This utility can be used to defragment specific volumes and to just analyze volumes as the defragmenter would in Windows XP. Windows Vista Service Pack 1 adds back the ability to specify which volumes are to be defragmented to the GUI.
- The Disk Management console has been improved to allow the creation and the resizing of disk volumes without any data loss. Partitions (volumes) can be resized before starting Windows Vista setup or after installation.
- Group Policy settings let administrators set ACLs for the volume interface for disks, CD or DVD drives, tape and floppy disk drives, USB flash drives and other portable devices.
Management Console
Windows Vista includes Microsoft Management Console 3.0 (MMC), which introduced several enhancements, including support for writing .NET snap-ins using Windows Forms and running multiple tasks in parallel. In addition, snap-ins present their UI in a different thread than that in which the operation runs, thus keeping the snap-in responsive, even while doing a computationally intensive task.
The new MMC interface includes support for better graphics and as well as featuring a task pane that shows actions available for a snap-in, when it is selected. Task Scheduler and Windows Firewall are also thoroughly configurable through the management console.
Print Management enables centralized installation and management of all printers in an organization. It allows installation of network-attached printers to a group of clients simultaneously, and provides continually updated status information for the printers and print servers. It also supports finding printers needing operator attention by filtering the display of printers based on error conditions, such as out-of-paper, and can also send e-mail notifications or run scripts when a printer encounters the error condition.
Group Policy
Windows Vista includes around 2400 Group Policy settings,[17] which allow administrators to specify configuration for connected groups of computers, especially in a domain. Windows Vista supports Multiple Local Group Policy Objects which allows setting different levels of Local Group Policy for individual users.[18] A new XML based policy definition file format, known as ADMX has been introduced. ADMX files contain the configuration settings for individual Group Policy Objects (GPO). For domain based GPOs, the ADMX files can be centrally stored, and all computers on the domain will retrieve them to configure themselves, using the File Replication Service, which is used to replicate files on a configured system from a remote location. The Group Policy service is no longer attached with the Winlogon service, rather it runs as a service on its own. Group Policy event messages are now logged in the system event log. Group Policy uses Network Location Awareness to refresh the policy configuration as soon as a network configuration change is detected.
New categories for policy settings include power management, device installations, security settings, Internet Explorer settings, and printer settings, among others. Group Policy settings also need to be used, to enable two way communication filtering in the Windows Firewall, which by default enables only incoming data filtering. Printer settings can be used to install printers based on the network location. Whenever the user connects to a different network, the available printers are updated for the new network. Group Policy settings specify which printer is available on which network. Also, printer settings can be used to allow standard users to install printers. Group Policy can also be used for specifying Quality of Service (QoS) settings. Device installation settings can be used to prevent users from connecting external storage devices, as a means to prevent data theft.
Windows Vista improves Folder Redirection by introducing the ability to independently redirect up to 10 user profile sub-folders to a network location.[19] Up to Windows XP, only the Application Data, Desktop, My Documents, My Pictures, and Start Menu folders can be redirected to a file server. There is also a Management Console snap-in in Windows Vista to allow users to configure Folder Redirection for clients running Windows Vista, Windows XP, and Windows 2000.
Task Scheduler
The redesigned Task Scheduler is now based on Management Console and can be used to automate management and configuration tasks. It already has a number of preconfigured system-level tasks scheduled to run at various times. In addition to time-based triggers, Task Scheduler also supports calendar and event-based triggers, such as starting a task when a particular event is logged to the event log, or even only when multiple events have occurred. Also, several tasks that are triggered by the same event can be configured to run either simultaneously or in a pre-determined chained sequence of a series of actions, instead of having to create multiple scheduled tasks. Tasks can also be configured to run based on system status such as being idle for a pre-configured amount of time, on startup, logoff, or only during or for a specified time. Tasks can be triggered by an XPath expression for filtering events from the Windows Event Log. Tasks can also be delayed for a specified time after the triggering event has occurred, or repeat until some other event occurs. Actions that need to be done if a task fails can also be configured. There are several actions defined across various categories of applications and components. Task Scheduler keeps a history log of all execution details of all the tasks.[20] Other features of Task Scheduler include:
- Several new actions: A task can be scheduled to send an e-mail, show a message box, start an executable, or fire a COM handler when it is triggered.
- Task Scheduler schema: Task Scheduler allows creating and managing tasks through XML-formatted documents.
- New security features, including using Credential Manager to store passwords for tasks on workgroup computers and using Active Directory for task credentials on domain-joined computers so that they cannot be retrieved easily. Also, scheduled tasks are executed in their own session, instead of the same session as system services or the current user.
- Ability to wake up a machine remotely or using BIOS timer from sleep or hibernation to execute a scheduled task or run a previously scheduled task after a machine gets turned on.
- Ability to attach tasks to events directly from the Event Viewer.
- The Task Scheduler 2.0 API is now fully available to VBScript, JScript, PowerShell and other scripting languages.
Command-line tools
Several new command-line tools are included in Windows Vista.[21] Several existing tools have also been updated and some of the tools from the Windows Resource Kit are now built-in into the operating system.
- auditpol — Configure, create, back up and restore audit policies on any computer in the organization from the command line with verbose logging. Replaces auditusr.exe.
- bcdedit — Create, delete, and reorder the bootloader (boot.ini is no longer used).
- bitsadmin — BITS administration utility.
- chglogon — Enable or disable session logins.
- chgport — List or change COM port mappings for DOS application compatibility.
- chgusr — Change install mode.
- choice — Allows users to select one item from a list of choices and returns the index of the selected choice.
- clip — Redirects output of command line tools to the Windows clipboard. This text output can then be pasted into other programs.
- cmdkey — Creates, displays, and deletes stored user names and passwords from Credentials Manager.
- diskpart — Expanded to support hard disks with the GUID Partition Table, USB media, and a new "shrink" command has been added which facilitates shrinking a pre-existing NTFS partition.
- diskraid — Launches the Diskraid application.
- dispdiag — Display diagnostics.
- expand — Updated version of expand.exe that allows extracting .MSU files. MSU is a self-contained update format known as a 'Microsoft Update Standalone Installer'. MSU files use Intra-Package Delta (IPD) compression technology. IPD technology reduces the download size of an MSU file but still delivers a self-contained package that contains the updated files.[22]
- forfiles — Selects a file (or set of files) and executes a command on that file. This is helpful for batch jobs.
- icacls — Updated version of cacls. Displays or modifies access control lists (ACLs) and DACLs of files and directories. It can also backup and restore them and set mandatory labels of an object for interaction with Mandatory Integrity Control.
- iscsicli — Microsoft iSCSI Initiator.
- mklink — create, modify and delete junctions, hard links, and symbolic links.
- muiunattend — Multilingual User Interface unattend actions.
- netcfg — WinPE network installer.
- ocsetup — Windows optional component setup.
- pkgmgr — Windows package manager.
- pnpunattend — Audit system, unattended online driver install.
- pnputil — Microsoft PnP Utility.
- query — Query {Process|Session|TermServer|User}
- quser — Display information about users logged on to the system.
- robocopy — the next version of xcopy with additional features. Compared to the freely available TechNet Magazine version, (XP026), the Windows Vista version additionally supports /EFSRAW switch to copy encrypted files without decrypting them and /SL switch to copy symbolic links instead of their target.
- rpcping — Pings a server using RPC.
- setx — Creates or modifies environment variables in the user or system environment. Can set variables based on arguments, registry keys or file input.
- sxstrace — WinSxS tracing utility.
- takeown — Allows administrators to take ownership of a file for which access is denied.
- timeout — Accepts a timeout parameter to wait for the specified time period (in seconds) or until any key is pressed. It also accepts a parameter to ignore the key press.
- tracerpt — Microsoft TraceRpt.
- waitfor — Sends, or waits for, a signal on a system. When /S is not specified, the signal will be broadcast to all the systems in a domain. If /S is specified, then the signal will be sent only to the specified system.
- wbadmin — Backup command-line tool.
- wecutil — Windows Event collector utility.
- wevtutil — Windows Event command line utility.
- where — Displays the location of files that match the search pattern. By default, the search is done along the current directory and in the paths specified by the PATH environment variable.
- whoami — Can be used to get user name and group information along with the respective Security Identifiers (SID), privileges, logon identifier (logon ID) for the current user (access token) on the local system. i.e. the current logged on user. If no switch is specified, the tool displays the user name in NTLM format (domain\username).
- winrm.cmd — Windows Remote Management command line utility.
- winrs — Windows Remote Shell (WinRS) allows establishing secure Windows Remote Management sessions to multiple remote computers from a single console.
- winsat — Windows System Assessment Tool command line.
Services for UNIX has been renamed Subsystem for UNIX-based Applications, and is included with the Enterprise and Ultimate editions of Windows Vista. Network File System (NFSv3) client support is also included. However, the utilities and SDK are required to be downloaded separately. Also, the server components from the SFU product line (namely Server for NFS, User Name Mapping, Server for NIS, Password Synchronization etc.) are not included.[23]
Scripting
Windows Vista supports scripting and automation capabilities using Windows PowerShell, an object-oriented command-line shell, released by Microsoft, but not included with the operating system. Also, WMI classes expose all controllable features of the operating system, and can be accessed from scripting languages. 13 new WMI providers are included.[24] In addition, DHTML coupled with scripting languages or even PowerShell can be used to create desktop gadgets; gadgets can also be created for configuration of various aspects of the system.
References
- ↑ Supersite's Five Great Features in Windows Vista RC1
- ↑ Tulloch, Mitch (2010). Introducing Windows Server 2008. Microsoft Windows Server Team. O'Reilly Media, Inc. ISBN 9780735649279. Retrieved 16 July 2013.
Windows Vista and Windows Server 2008 have a new architecture, called Component Based Servicing (CBS) to capture all the dependencies across binaries, system integrity information per resource, and any customized commands [...] needed for servicing to occur. The new architecture provides a unified platform for OS installation and optional component installation and servicing.
- ↑ Windows Vista Deployment Enhancements
- ↑ Windows Automated Installation Kit (WAIK)
- ↑ Chris Corio (2006-06-14). "The ActiveX Installer Service". UAC Blog. MSDN Blogs. Retrieved 2006-10-14.
- ↑ WER APIs
- ↑ System Diagnostic Report
- ↑ "Resource Exhaustion Prevention". TechNet. Microsoft. December 6, 2007. Retrieved April 25, 2015.
- ↑ Phillips, Harry (2011). New Perspectives on Microsoft Windows 7 for Power Users. SAM 2010 Compatible Products Series. Cengage Learning. p. 506. ISBN 9781111526498. Retrieved 2014-05-01.
Reliability Monitor, introduced in Windows Vista and enhanced in Windows 7, is a tool that gathers, analyzes, and reports on the reliability and stability of your computer using data collected by the Reliability Analysis Component (RAC) of Windows 7.
- ↑ Stidley, Joel (2012). MCTS: Windows Server 2008 Applications Infrastructure Configuration Study Guide: Exam 70-643. John Wiley & Sons. p. 11-13. ISBN 9781118435120. Retrieved 2015-01-19.
Data collection and processing is carried out by Reliability Monitor through the Reliability Analysis Component (RAC). Data is automatically gathered by the availability analysis metrics calculation executable (racagent.exe), which processes the data based on its analysis, aggregation, and correlation of user disruptions in the operating system, programs, and services into availability metrics.
- ↑ Phillips, Harry (2011). New Perspectives on Microsoft Windows 7 for Power Users. SAM 2010 Compatible Products Series. Cengage Learning. p. 525. ISBN 9781111526498. Retrieved 2014-08-03.
[...] the Reliability Analysis component [...] updates information on your computer's stability index every day.
- ↑ Chkdsk - Windows Command Line Reference: TechNet
- ↑ Russell, Richard (2005). "System Performance Assessment Tools for Windows Longhorn" (MICROSOFT POWERPOINT PRESENTATION). WinHEC 2005 presentations. Microsoft. Retrieved 2006-04-13.
- ↑ Features of the Windows Vista hard disk defragmentation utility
- ↑ "Disk Defragmenter FAQ". The Filing Cabinet. MSDN Blogs. July 10, 2006. Retrieved 2006-07-17.
- ↑ "Disk Defragmenter". User Guide. Windows Vista User Guide. January 27, 2007. Retrieved 2007-01-27.
- ↑ New and Expanded Group Policy settings
- ↑ "Step-by-Step Guide to Managing Multiple Local Group Policy Objects". Retrieved 2007-10-08.
- ↑ Managing Roaming User Data Deployment Guide
- ↑ "Windows Vista Task Scheduler". Microsoft TechNet. March 3, 2006. Retrieved 2006-04-24.
- ↑ New command line tools in Windows Vista
- ↑ More information about IPD technology
- ↑ UNIX Interoperability and Windows Vista
- ↑ Windows Vista Client Manageability