Windows NT & 2000 Systems Management and Automation

by John Loomes

About the Author

he release of Windows 2000, along with the much touted Active Directory, gives Systems Architects and Administrators unprecedented opportunity for managing every aspect of an environment...

Jon Loomes is a Senior Consultant and MCSE with a London based IT Consultancy. He has many years experience working in Microsoft environments, and he specialises in NT 4.0 and Windows 2000 infrastructure design and Systems Management. Areas of expertise include SMS 1.x and 2.0, SMS installer, WSH, vbscript, infrastructure design and software deployment/management. He is currently involved in several Systems Management projects including the development of a powerful server management and reporting system using vbscript.

WMI, ADSI, WSH - The New Windows Management Framework

The release of Windows 2000, along with the much touted Active Directory, gives Systems Architects and Administrators unprecedented opportunity for managing every aspect of an environment. The sheer scale and flexibility of Active Directory, with its extensible schemas and group policy objects, presents the Administrator with a new problem - how to populate, manage and leverage such a powerful information store. For any but the simplest environments, some kind of automation will be required, unless the administrator actually LIKES spending days on end keying in information and trawling through property sheets looking for a piece of information.

Now with the emergence of technologies such as WMI (Windows Management Instrumentation), ADSI (Active Directory Services Interface) and WSH (Windows Script Host) all the internal mysteries of a Windows-based infrastructure are accessible via a single programming interface. This gives the Administrator of both Windows NT 4.0 and Windows 2000 environments a very powerful set of tools for managing enterprise wide systems automatically, by scripting common and repetitive tasks, and allowing manipulation of very large numbers of directory objects that would otherwise be impossible to manage.

This new(ish) addition to Windows based systems brings the O/S more into line with the kind of power the UNIX environments have enjoyed for some time, and is therefore a very important step in the systems' growth into a robust, scalable, enterprise strength platform.

This is the first in a series of articles about Windows Systems Management that aims to provide an overview of these new technologies and gives an insight as to how they might be used in 'real-world' situations. We'll begin this week with an introduction to the various elements that make up the new management framework and then go on to cover each of the technologies in more detail later on with example code you can use right now to manage your environment.

WSH - Windows Script Host.

WSH is available as an add-on to NT 4 and is included in Windows 2000 and Windows 98 out-of-the-box. WSH is essentially a scripting engine that allows execution of scripts written in vbscript, jscript, perl, rexx and python to be executed within the Windows shell. Previously such scripts would only run in web pages through Internet Explorer.

WSH users standard Microsoft COM and Active X objects. This means that virtually any part of the system can be accessed through a script, and that WSH is extensible via additional Active X controls. Reuseable Windows Script Components (WSC) mean that commonly used routines can be encapsulated and re-used in different applications.

WSH is at the heart of Microsoft's new Windows Management framework. Using WSH as the tool, it is possible to automate virtually anything with in the Windows environment, from creating printers through to deleting inactive user accounts.

ADSI - Active Directory Services Interfaces.

ADSI available as an add-on to WSH. It exposes several common directory services via set of COM objects. These being either the SAM database from NT 4.0, the Active Directory from Windows 2000, IIS, Exchange, LDAP, Novell NetWare 3.11 and NDS. The programming interface allows manipulation of directory objects from a script or application. The benefits of being able to do this are huge, it allows developers and systems administrators to write customised administration tools tailored to a specific requirement, or to process large volumes of directory objects for either administrator or reporting purposes. In Windows 2000 environments in particular ADSI will become an essential tool with which to automate systems administration tasks, given the potential wealth of data the Active Directory is able to hold. For example, you might want to add uses to a group depending on which server their home directory is stored. With ADSI, this becomes a fairly trivial task of searching for users with a given server in their home directory path, and then adding each member of the resulting user list to a group. This would be very tedious to do by hand, but ADSI and WSH can process thousands of users on seconds.

As a taster of what's possible with ADSI, have a look at this function to add a global group into a local group on a computer. Call this function repeatedly with a list of machines, and you just changed a local group on every computer on you network in one go! The possibilities are endless.....

'This function takes the machine name,groups to change and group to add as arguments.
Function AddAccount(ServerName,GroupName,szLocalGroup)

    ' this line users ADSI to access the local group on the machine
    Set objGroup = GetObject("WinNT://" & ServerName & "/" & szLocalGroup)    

   ' add the global group into the local group on this machine

   objGroup.Add ("WinNT://Domain" & "/" & GroupName)  

<   ' clean up by removing the connection to the local group

    Set objGroup = Nothing  
End Function

WMI - Windows Management Instrumentation

WMI is the Microsoft release of WBEM or Web Based Enterprise Management (nothing to do with THE WEB, as the name suggests).

WBEM is a standard desktop management framework designed by the Desktop Management Taskforce (DMTF). What this does is exposes the hardware and software on a PC or Server to an API, allowing remote retrieval of all kinds of information such as Processor Type, Memory, System Board etc etc.

WMI is installed as an add-on service under NT4 and again, is native to Windows 2000. Once WMI has been installed, it is possible to make calls to it from WSH.

WMI is at the heart of SMS 2.0, and an understanding of hw to access it programmatically gives one a greater insight as how how parts of SMS 2.0 function, and indeed it creates the opportunity for SMS 2.0 Administrator to extend SMS 2.0 by making calls to WMI as the Windows Management Service is installed as one of the Core SMS 2.0 client components.

The following is an example of using WMI to obtain informtaion about Windows NT Services installed on a remote computer, and write it to a text file.

Function ListServices(StrNextServer,strLogFile)

    Dim strTextStream

    Set strTextStream = objFS.OpenTextFile(strLogFile, 8, true)
    for each Service in _
    GetObject("winmgmts:{impersonationLevel=impersonate}!//" & StrNextServer).InstancesOf ("win32_service")
        ' Log Results
        Set objFS = CreateObject("Scripting.FileSystemObject")
        strTextStream.WriteLine(Service.Description & "    " & Service.PathName & "     " & Service.Status & "    " & Service.State & "    " & Service.StartMode & "     " & Service.StartName)

End Function

VBScript - Visual Basic Scripting Edition

VBScript is the programming language I shall concentrate on in the examples. It is a subset of the popular Visual Basic language. Until recently, usage of VBScript has been confined to web pages, but now with WSH VBScript can be used within the Windows shell environment as one of the many languages supported by WSH.

VBscript is fairly straightforward to learn for anyone with previous programming or scripting experience, and its use of COM and Active X makes it extensible and powerful. Whilst these articles do not aim to provide training in VBScript, commonly used functions and standard practices will be explained as we go along.

Essential Downloads

ADSI in Detail

Recommended Reading

This article was originally published on Mar 20, 2000
Page 1 of 1

Thanks for your registration, follow us on our social networks to keep up-to-date