The Mole: Message Management Tricks

In which the Mole addresses event logging magic and copying groups.

Dear Mole,
I was just doing some searching on TechNet for information on a particular error that showed up in the event log of one of our servers and I somehow got directed to an issue of The Mole. Since I was having little luck with my search, it dawned on me that the possible solution to my problem was right in front of me: Ask the Mole!
I’ve compiled a list of events that have appeared on our servers that I was unfamiliar with. What I want to do is understand everything that happens so I know what errors are important and which can be ignored. My question to you: What is the fastest way to track down information on these errors? Is there some master Event ID list somewhere? Perhaps there’s a little routine you could outline that would speed up my resolution of these event log errors?
Thanks for listening,
—Mike Mirkovich, Jr.
Network Engineer

Hi Mike,
Obviously, you’re a most resourceful kind of guy. And Mole’s got a few more tricks to add to your magic bag. Two of them live in the Windows NT 4.0 Workstation Resource Kit.

The first one is the “Windows NT Messages” help file. The second is the Windows NT Event Log Database, which is in a Microsoft Access database format. You can filter and search the database on such things as Event ID or error text. Makes a great gift for your favorite NT administrator, whom Mole assumes is yourself.

Then, of course, there’s the trusty KnowledgeBase, or “KB” to its familiars. Using a query like the following should provide any articles that address the error in question:

event id 1234

Happy searching and thanks for the strokes.

Stop Typing Now! You Can Copy Groups From Machine to Machine

Munificent Mole, I’ve discovered your molehill musings! Might you marshal your multifarious mining methods to mitigate my morning’s misery?
My current perplexity is over the quickest way of setting up a new NT 4.0 SP4/IIS Web server for a company intranet. We’re outgrowing our existing (NT 4.0 SP3/IIS) server’s speed and capacity so we’re upgrading the hardware. We have about 1,600 users configured in user manager, and each user has a directory with multiple user permissions settings (group related—for example, if user A is part of parent group 1, that directory needs permissions set for User A and Parent Group 1).
Is it possible to transfer the User Manager data from one machine to the second and keep the ID, password, and other info intact? And is it possible to copy to the new system the directories and files while maintaining their security settings as configured on the “old” server? Or am I (the non-10-fingered-touch-typist) stuck with a month’s work of manual reentry and recreating permissions?
A network guru friend mentioned scopy.exe as being a possibility, but didn’t have any firsthand experience with it; and a search of the online Knowledge Base gave me an article on scopy as it related to “Keeping NTFS Security Intact When Moving a PO” (Q127954), not exactly enlightening to me regarding my NT/IIS issues; another techie mentioned cloning via manipulating these two machines as PDC/BDCs—but as I understand, that requires identical hardware (and SP versions?) on each box.
Magnificent Mole, is there a way to worm out of such a laborious manual recreation? My digits are degraded from dredging for “de info” while fearing future finger fatigue...
Sr. Web Guy

Dear Mole,
On my stand-alone NT 4.0 server, I have over 400 users! Now I want to copy all users on the stand-alone server to a new PDC Server. Is it possible?
Best Regards,
—Enrico Iozzi

Yes, Mole can help reduce your keyboarding burdens, although Eugene’s problem of excessive alliteration, which Mole suspects derives from stuck m, f, and d keys, is beyond his expertise. (Mole does, however, salute your ingenuity in turning this bug into a feature of your style.)

Now, back to software. And the answer is, yes. Yes, Eugene. Yes, Enrico. Yes. Yes. Yes. (Mole loves saying, “Yes.” It sits so much more nicely in the mouth than “No.”) Furthermore, yes, and at no additional cost. A yes made in heaven. Your guardian angels are, respectively, a command already available to you in the NT system, and a utility from the NT 4.0 Resource Kit.

Eugene, you say that your users belong to specific groups. To copy or transfer Users from one machine to another, you can use the grpcopy.exe tool. Mini-blurb about this tool: grpcopy allows users to copy user names from an existing group to another group, in the same domain or in another domain, or on a computer running NT. To use grpcopy, you must have at least account operator privileges in the affected domains.

Next, your friend was on the right track by suggesting the scopy utility. However, scopy has been replaced with the “xcopy” utility which does the same thing as scopy did. xcopy has been there for you all along—just go to a command prompt on an NT machine. To get a peek at the available switches for xcopy, type the following at the command prompt:

xcopy /?

xcopy copies files and directories from NTFS partitions with their security intact.

Other Resource Kit utilities that might be useful to you are:

  • Permcopy.exe—Copies share-level permissions (ACLs) from one share to another.
  • ShowACLs—Enumerates access rights for files, folders, and trees. ShowACLs works on NTFS partitions only. The most useful feature of ShowACLs is the ability to show permissions for a particular user.
  • Perms.exe—Displays a user’s access permissions for a specified file or set of files. To use Perms, you need “Backup files and folders” privileges on the computer where the files are stored, and you must be logged on as a member of the Administrators group for the domain or computer where the user account is defined. Otherwise, “Access denied” errors may occur.


  • Windows 10 Creators Update 'Fully Available' Again

  • Microsoft Previews Forms for Office 365

  • Microsoft Releases Advanced Threat Analytics Version 1.8

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

I agree to this site's Privacy Policy.