Product Reviews

RX for Windows

The utilities in Winternals Admin Pak can help you get through most of the Windows troubleshooting incidents you'll ever encounter.

When I go out on an IT troubleshooting job, I pack three different tool kits, a binder with more than 150 CDs and a 1GB USB drive loaded with programs and utilities. After looking at the latest version of Winternals' Admin Pak, I'm going to have to make room for one more CD.

Winternals Admin Pak 5.0 is a nice little suite of utilities for recovering and troubleshooting Windows environments. At the heart of the Admin Pak collection is the ERD Commander, a bootable CD that gives you a Windows-like environment—regardless of which version of Windows is on the machine you're trying to fix.

The ERD Commander includes a tool for creating disk images that can make bootable ERD Commander CDs customized for your environment, and a Firefox browser that comes in handy when you're trying to recover a machine and you need to install patches or driver updates.

There's a built-in locksmith tool that lets you reset local passwords—including the administrator password. This may seem like a security flaw, but you can also password-protect your custom image. A hotfix uninstall wizard that is also part of the ERD Commander lets you quickly and easily undo any damage done by the latest "fix."

The Disk Commander utility helps you recover files and complete partitions that have been damaged or formatted. This worked well for restoring previously deleted files.

ERD Commander is the heart of the Admin Pak, but it includes several other helpful utilities. With the remote recovery tool, I connected to a system with a damaged Windows installation to perform a virus scan. There's also a crash analyzer that let me interpret dump files generated by a Windows system crash.

Another utility called Insight for Active Directory works well for viewing Active Directory's LDAP communications, and working with Active Directory objects directly through its interface. Filemon is a file monitor utility that lets you monitor file access. Regmon is a similar utility that lets you monitor registry activity. Both of these monitor in real-time.

Admin Pak also provides a nice analyzer tool called TCPView that monitors TCP/IP activity in real time. It also has some nice filtering options. This isn't included with the standard install of Admin Pak. You'll have to choose custom install to include TCPView. This tool can save the day, so go ahead and install it. Having to specify custom install to include TCPView is the only quirk in an otherwise straightforward installation process.

Figure 1.  From the Admin Pak 5.0 main console, you can choose from numerous troubleshooting functions.
Figure 1. From the Admin Pak 5.0 main console, you can choose from numerous troubleshooting functions. (Click image to view larger version.)

Live Testing
After spending a few minutes acquainting myself with the clean and well-designed interface, I created a standard ERD Commander bootable CD and stuck it in my laptop bag. I truly intended to set up some scenarios in my home lab later in the week for testing. The next day, however, I was on a call where a user had forgotten the local administrator password. I used my ERD Commander disk and reset the password within two minutes.

Several days later, I came across a user having trouble with a Microsoft Office component. Once again, the Winternals Admin Pak gave a solution in a matter of minutes, and I didn't have to visit the Microsoft Knowledge Base and search through endless articles. While running Regmon, I replicated the problem and saw the Registry call with an incorrect key. One simple regedit and once again, all was well.

Documentation 10%
Installation 10%
Feature Set 35%
Performance 35%
Management 10%
Overall Rating:

1: Virtually inoperable or nonexistent
5: Average, performs adequately
10: Exceptional

Then I came across a virus-infected Windows 2000 Server. The attack was fairly standard, but the virus had installed several gigabytes of files that couldn't be deleted. Admin Pak made short work of cleaning up those files. It took longer to reboot the server than it did to repair the problem.

The three instances mentioned earlier are routine problems faced by IT admins. All three could have been solved with a bit of knowledge and a little time, but the utilities in Admin Pak simplify and speed up resolution every time.

The product saved the day a couple of months ago. My wife mistakenly placed her class notes in the recycle bin and emptied it before turning off her laptop the night before an exam. Using Disk Commander, I got her notes back in less than 10 minutes.

Well Worth It
There are other comparable tools available, but for a one-stop shop of valuable tools that can help you save the day, Admin Pak is well worth the investment. The suggested price of $1,199 may feel a bit steep, but this figure pales in comparison to your server being down for several hours or longer.

The documentation is fairly straightforward, and it does assume some prior knowledge of the Windows environments and networking. Installation was quick and easy, but make sure you choose "custom" so you can install the helpful TCP/IP tools. The clean interface and use of wizards helps make this package quite user friendly even for the beginning admin.

About the Author

Ben Brady, MCSE, CCNP, is general manager of The MultiPro Network, a Tennessee-based company that offers network services, Web development and training.


comments powered by Disqus

Subscribe on YouTube