Lab 6 – Exploring Windows OS .byu.net



Lab 6 – Exploring Windows OSObjectivesExplore the different aspects of the operating system within a Windows OS. These aspects include:TasksMemory ManagementFile SystemIO SystemHCIUpon completion of this lab you will be able to query information from WMI, administer and configure the registry, and monitor/troubleshoot Windows using Performance Console and Task Manager.ProceduresYou may do this lab on any system running Windows 7; you do not have to use one of the lab machines. But you will need to use a computer with 2 CPUs or with hyperthreading enabled. The PCs in the lab have hyperthreading enabled. Do a good job on the scripts and registry, because you will need them for the next lab.Windows Management Instrumentation (WMI)Windows Management Instrumentation is both an API and a database that is automatically generated by Windows. Its database stores dynamic hardware and software configuration data, and is automatically updated by the OS. It can be used to query values, make configuration changes, and even reboot the computer. For more information on WMI, please refer to the resources below.The PowerShell is an incredible tool for Windows system administrators.Create a PowerShell script to query the WMI database, collect the information in the list below (a-e) about system resources, and organize this information into a text file. The resulting script should be able to be run, without any modifications, on any Windows 7 computer. Some computers may not list data for some of the items, and obviously, the information will vary from computer to computer.You should use PowerShell to learn how to make specific commands work. Your final script is expected to be a .ps file, written in PowerShell ISE, which is like an IDE, but for scripting. Caution: You should build a script that you know works and save to that script a line at a time. For your script to work, either a) it must not be saved, or b) you must modify machine permissions through THE administrator account to allow PowerShell scripts to run.HINT: See the resources below for links to WMI resources, as well as the required format for the text file. You may also do an internet search for PowerShell and WMI for sample scripts. System Win32_ComputerSystemProcessor Win32_ProcessorBIOS Win32_BIOSOS Win32_OperatingSystemList of all the processes currently running (WMI tree: Win32_Process): Only list the following for each processNameCommandLineCreationDateProcessIDIn your “How to” explain how to do the following with WMI and PowerShell:How long has it been since the computer was rebooted?How many processes are running on this computer?What is the value listed for SerialNumber (Win32_BIOS)? What is it? Does it match the serial number that is located physically on the computer case?What is the longest running process?As a System Administrator in an IT department, how would this information be usefulRegistryManipulating ("hacking") the registry is risky. It is possible to delete or modify registry values that may severely impact the system, degrading its performance partially or completely. However it is a powerful way to control system parameters.Please work through this brief tutorial on the registry: Editing_the_Registry.pdf. You do not need to do answer any of its questions. Please study the items in the resources for more information on the registry.All locations in the registry have a ‘path’ to each key. This is located in the status bar in the lower left of the window. To conveniently grab this location key, select the key in the window, then go to the Edit menu, and select Copy Key Name. ?Describe the different registry data types (REG_SZ, REG_EXPAND_SZ, REG_DWORD, REG_BINARY)Describe the 5 primary registry subtrees (HKEY_CLASSES_ROOT, HKEY_CURRENT_USER, HKEY_LOCAL_MACHINE, HKEY_USERS, HKEY_CURRENT_CONFIG)Create a backup of the registry without using any external tools or addons)The whole registryA specific subtreeHKEY_LOCAL_MACHINES\SOFTWARE\Microsoft\Windows\CurrentVersionEXTRA CREDIT (2pts): Create 2 python scripts, one to - the registry, one to back-up the subtreeUse ONLY the registry to make the following changes. Include in your write up the registry location of the change. Change the default profile location from C:\Users to C:\HomeCreate a customized logon message. (HINT: Do a Google search for “registry logon message”)Make Notepad launch automatically upon logon (This must be done in the registry, no Start Menu Startup folder or win.ini)Hide all the Display Properties tabs, so that when you right-click on the Desktop and select properties, the windows will look something like this or this. (HINT: . Apply these registry changes one by one and document how the UI progressively changes in your write-up. Make a change, then try to view that tab on Desktop.)Did you need to save anything in the registry? Why?Create a single registry file to apply all of the changes at once.You may use regedit to Export a tree and save it.To edit the exported data, right click on the file (~~.reg) and select Edit. This will open a text editor (ie Notepad).To implement the changes into the registry, double the reg file.Create a single registry file to undo all the above changes. (Hint: If you have created a back-up file of the entire registry in step , that will work for this)Explain what happens immediately after you double-click on a registry fileWhat are the risks in randomly double clicking on reg files?EXTRA CREDIT (2pts): Make a python script to silently apply the file that you created in step f. Make another python script to silently apply the file that you created in step g.Performance ConsoleRead this document and work through the Practice exercise. You do not need to answer any questions from the Practice or Lesson Review. Instead, simply answer the following questions in your write up. ?When you first open the Performance Console, explain (in your own words) what the 3 default counters are doing/monitoring.Open Internet Explorer and watch the counters. Wait a minute. Then open Firefox and watch the counters (if you don’t have Firefox, use another large application and document which application you used in your write up. IE not a small application like calc or notepad). Compare the counter activity between the 2 different applications.Add the following counters and explain what each does:PhysicalDisk, % Disk Time, _TotalIP, Datagrams/secNetwork Interface, Bytes Total/sec, {select the active network card}Paging File, % Usage, _TotalWhile the counters are running download the Windows Server 2003 Resource Kit tools from here (rktools.exe). Document which counters spike, how, and why.While the counters are running, install the Resouce Kits (rktools.exe). Document which spike, how and why.Click on the Paging File counter (_Total). This will highlight it bold and will be probably around zero (unless your computer doesn’t have a lot of RAM). Now we want to really tax the system resources. If you have a resource-hungry game, launch it. Otherwise, launch all the Microsoft Office application (Word, Excel, PowerPoint). (You may need to open several blank documents within each.) Document all the applications you need to open before the Paginf File counter responds. After a few moments, most counters should level out. Which, if any remain relatively active? Leave all these applications open for the next step.How would you use the Performance Console for troubleshooting? Include at least 3 counters and how you would use each counter in troubleshooting.Task ManagerRead this document and work through Practice exercise. You do not need to answer any questions from the Practice or Lesson Review. Instead, simply answer the following questions in your write up. In the Task Manager, select the Performance tab. How does this information compare with the counters viewed in the Performance Console?Select the Networking tab. Repeat step 3d (download only). How does this compare to the information displayed in the Performance Console.In the performance tab, do you have 1 or 2 displays (or more) for the CPU? (This image has 2 displays. If you don’t have at least 2 displays, you’ll need to do this step from a computer that does, like the lab computers.)Note which CPU display is busier (0 or 1).Select the Processes tab.You may sort the processes by selecting the column header, toggling the sort order between ascending and descending. Sort the processes by CPU utilization in descending order.Select a high CPU intensive application like IE, Firefox, or a game.Right click on the process and select Set Priority to AboveNormal. NOTE: it’s not a good idea to select Realtime for probably anything.Right click on the process and select Set Affinity... Both boxes should be checked. Uncheck the busier CPU noted earlier.Click Ok and go back to the Performance tab. Now use the application[s] you opened previously in step 3f (play the game, or type in Word, etc) and document the activity of the CPU graph.Close all applications. Document how the CPU and PF (Paging File) graph activity responds.In the Windows context, what is the process priority and processor affinity? In configuring the processor affinity, why would it not be a good idea to select Realtime?Specify some ways that the Task Manager could be used for troubleshooting applications?Pass-offShow and run your WMI PowerShell script.Describe how to backup the registry. If you did the extra credit, demonstrate your scriptsShow your 2 reg files, run each and demonstrate the OS changes.Briefly explain the Performance Console.Briefly explain the Task Manager.Write-up instructionsDocument the lab such that your results could be replicated by another IT student. Include screenshots.Explain how to use the WMI to gather important system information.Explain how to use the Registry to customize the operating system.Explain how to use the Performance Console for troubleshooting.Explain how to use the Task Manager for troubleshooting. List any references you used, including links to any websites. ResourcesWMIWMI in practice – WMI can be used to capture a variety of hardware information. This collected information can then be used for different purposes, including inventory. When implemented on a wider scale, across a network of many computers, an automated process can query the WMI database (installed by default on Windows 2000 and above) of each computer and save the information in a database on the server. This automated process potentials saves hundreds of man-hours that would have to be spent manually trying to collect this data. For an explanation on WMI, please see: The following code snippet can be used to print information to the screen about items in a collection$mycollection = [some command that gets a collection]foreach($item in $mycollection){????write-host $item.PropertyName????write-host $item.AnotherPropertyName}Sample output file (required format): WMI Example ?RegistryStudy this web page: . PDF file referenced in the steps above: Editing_the_Registry.pdf ................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download