Release Notes (Readme.

htm) Microsoft Windows Resource Kit Tools
This document contains important information that is not included in Help for the Microsoft® Windows® Resource Kit Tools, including how to install the tools, along with important updates and corrections.

Contents
About the Tools Setup for the Resource Kit Tools General Setup Instructions Installing from the Command Prompt Unattended Installation Former Resource Kit Tools Now Included in the Support Tools or Operating System Support Tools Operating System Resource Kit Support Policy Individual Tool Release Notes Acctinfo.dll: Additional Account Information Properties Page Custreasonedit.exe: Custom Reason Editor Dnsdiag.exe: DNS Resolver Tool Lockoutstatus.exe: Account Lockout Status Regview.exe: Registry Viewer Tool Timeit.exe

About the Tools
The Windows Resource Kit Tools are intended to assist experienced users in diagnosing and resolving computer problems, and to enhance the management capabilities of the operating system. For tools documentation, see Windows Resource Kit Tools Help (Rktools.chm). For the most current information about the Windows Resource Kit Tools, see the Windows Deployment and Resource Kits Web site.

Setup for the Resource Kit Tools
The Windows Resource Kit Tools are located in the \Rktools folder of the Windows Server 2003 Deployment Kit companion CD. Rktools.msi, a Windows Installer package, installs all of the Resource Kit Tools and documentation onto your computer's hard disk. Important These tools have not been localized: they are written and tested in English only. Using these tools with a different language version of the operating system can produce unpredictable results. General Setup Instructions The Windows Resource Kit Tools can be installed on computers running the Windows Server 2003 or the Windows XP Professional operating systems. The Resource Kit Tools Setup program cannot be used to upgrade previous versions of the Resource Kit Tools. Installing the Windows Resource Kit Tools Important

It is highly recommended that you remove all previous versions of the Resource Kit Tools, including beta versions, before running the Resource Kit Tools Setup program. 1. Insert the Microsoft Windows Server 2003 Deployment Kit companion CD in your CD drive. 2. Click Install the Resource Kit Tools. Setup installs Windows Resource Kit Tools files onto your hard disk. A typical installion requires 37 megabytes (MB) of free space. By default, Setup installs the tool files into the \Program Files\Windows Resource Kits\Tools folder, although it allows you to choose another location. However, Setup installs Tools Help (Rktools.chm) into \%windir%\Help regardless of where you choose to install the tool files. Setup also adds the folder \Program Files\Windows Resource Kits\Tools (or the folder name you choose for installing the tools) to your computer's system PATH statement. Setup creates a Programs | Windows Deployment and Resource Kits | Windows Resource Kits | Tools folder on the Start menu. The folder contains shortcuts to the command shell, Tools Help, and Tools Help Readme. To find the Windows Resource Kit Tools Help in Help and Support Center, on the Help and Support Center home page, under Support Tasks click Tools. Some Resource Kit Tools require separate or additional setup besides the steps described earlier. For more information about each of these tools and others with additional requirements, see Windows Resource Kit Tools Help (Rktools.chm). Note On the Windows Server 2003 Deployment Kit companion CD, the tools are included in the Rktools.msi file. You cannot run executable files, call other binaries, or open documentation directly from an .msi file. Be aware also that for some tools, the Resource Kit Setup program or the tool's own Setup program performs other installation procedures such as making changes in the registry. You must first install the tools on your hard disk with Resource Kit Tools Setup before running them. Installing from the Command Prompt You can install the Windows Resource Kit Tools from the command prompt. For example, to install the Resource Kit Tools in the default directory, insert the Windows Server 2003 Deployment Kit companion CD in your CD drive and type the following at the command prompt:
m s i e x e c / i c d_d r ive _ le t ter : \r kt oo ls \r k to ols. msi

where cd_drive_letter: is the letter indicating the CD drive (for example, d:). For more information about the syntax of the Windows Installer client-side installer service (Msiexec.exe), search for "msiexec" in Help and Support Center. Unattended Installation To perform an unattended installation of the Windows Resource Kit Tools, insert the Windows Server 2003 Deployment Kit companion CD in your CD drive and type the following at the command prompt:
m s i e x e c / i c d_d r ive _ le t ter : \r kt oo ls \r k to ols. msi / q

where cd_drive_letter: is the letter indicating the CD drive (for example, d:).

Former Resource Kit Tools Now Included in the Support Tools or Operating System
A number of tools that shipped in previous versions of the Windows Resource Kits are now included in the Windows Support Tools or in the Windows Server 2003 operating system. Support Tools The following former Windows Resource Kit Tools are now included in the Support Tools for Windows Server 2003 and Windows XP, which are located in the \Support\Tools folder of the operating system CD but must be installed separately from the operating system.

Support Tools Help (Suptools.chm) is installed with the Support Tools. Tool Addiag.exe: Application Deployment Diagnosis Dhcploc.exe: DHCP Server Locator Utility Diruse.exe: Directory Disk Usage Dmdiag.exe: Disk Manager Diagnostics Efsinfo.exe: Encrypting File System Information Exctrlst.exe: Extensible Performance Counter List Getsid.exe: Get Security ID Iasparse.exe: IAS Parse Tool (Windows Server 2003 Support Tools only) Ntfrsutl.exe: NTFRS Utility Setspn.exe: Manipulate Service Principal Names for Accounts Setx.exe: Set Environment Variables (Windows XP Support Tools only) Xcacls.exe Description Provides information about the current state of software that is either installed or available for installation on a computer managed by IntelliMirror® Software Installation and Maintenance. Displays DHCP servers and packets from DHCP servers active on the subnet. Scans a directory tree and reports the amount of space used by each user. displays system state and configuration information describing disk storage. Displays information about files encrypted with Encrypting File System (EFS) on NTFS partitions. Displays information about files and folders encrypted with Encrypting File System (EFS) on NTFS file system partitions.

Compares the security IDs of two user accounts. Parses Internet Authentication Service and Remote Access Service logs and converts them into a readable format.

Dumps the internal tables and thread and memory information for the NTFRS service. Manages the Service Principal Names directory property for an Active Directory® account.

Allows users to set environment variables in the user or system environment using batch files.

Enables administrators to set from the command line all filesystem security options that are accessible in Windows Explorer.

Operating System The following former Windows Resource Kit Tools are now included in the Windows Server 2003 operating system. For more information about these tools, in Help and Support Center, click Tools, and then click Command-line reference A-Z. Tool Regback.exe: Registry Backup Regdmp.exe Regfind.exe Regrest.exe: Registry Restoration Sc.exe: Service Controller Tool User State Migration Tool Description Backs up all or part of the registry. This functionality is now included in Reg.exe. Dumps all or part of the registry to standard output. This functionality is now included in Reg.exe. Searches and optionally replaces registry data. This functionality is now included in Reg.exe. Restores all or part of the registry. This functionality is now included in Reg.exe. Retrieves information about services from Service Controller. Helps migrate a user's documents and settings (state) before an operating system migration.

Resource Kit Support Policy
The SOFTWARE supplied in the Windows Resource Kit Tools is not supported under any Microsoft standard support program or service. Customers can, however, report issues and bugs by sending e-mail to rkinput@microsoft.com. Microsoft will, at its sole discretion, address issues and bugs reported in this manner, and responses are not guaranteed. This e-mail address is only for issues related to the Windows Resource Kit Tools and the Windows Deployment and Resource Kits. The SOFTWARE (including instructions for its use and all printed and online documentation) is provided "AS IS" without warranty of any kind. Microsoft further disclaims all implied warranties including, without limitation, any implied warranties of merchantability or of fitness for a particular purpose. The entire risk arising out of the use or performance of the SOFTWARE and documentation remains with you. In no event shall Microsoft, its authors, or anyone else involved in the creation, production, or delivery of the SOFTWARE be liable for any damages whatsoever (including, without limitation, damages for loss of business profits, business interruption, loss of business information, or other pecuniary loss) arising out of the use of or inability to use the SOFTWARE or documentation, even if Microsoft has been advised of the possibility of such damages. For more information about Windows Server 2003 and the Windows Server 2003 Deployment and Resource Kits, visit the Windows Deployment and Resource Kits Web site. © Copyright 1985–2003 Microsoft Corporation. All rights reserved.

Individual Tool Release Notes
The following section includes information about individual Windows Resource Kit Tools that are not covered in Windows Resource Kit Tools Help (Rktools.chm).

Acctinfo.dll: Additional Account Information Properties Page
Acctinfo.dll is a dynamic link library that, when registered on a computer, adds a new property page (Additional Account Info) to the user object Properties dialog box in Active Directory Users and Computers. This new property page displays information such as the date when a user's password was last set, the date when a user's password will expire, and the dates and times when a user last logged on and logged off. This information is not typically available in Active Directory Users and Computers, for one of two reasons: In some cases, the information is not actually stored in Active Directory, but instead is calculated only when needed. For example, the date that a user's password will expire is not stored in Active Directory; instead, Active Directory stores the date that the password was last set and the maximum allowed password age (for example, passwords must be set every 60 days). To determine the actual date that a password expires, you typically have to use scripts to retrieve this information and calculate the expiration date. Acctinfo.dll performs these calculations for you. In some cases, information is stored locally rather than in Active Directory. For example, last logon and last logoff times are stored on each individual domain controller and are not replicated throughout the domain. Acctinfo.dll enables you to determine the last time a user logged on or logged off from a specified domain controller. If users are typically authenticated by the same domain controller, this will tell you when these users last logged on to or logged off from the domain. If users are authenticated by multiple domain controllers, you will need to install Acctinfo.dll on each of these servers and check the account information on each one. Acctinfo.dll is primarily designed to report information about user passwords, account status, and logons. However, it also includes a mechanism for changing user passwords and for unlocking locked user accounts. Concepts Acctinfo.dll adds a custom property page to the user account object Properties dialog box in Active Directory Users and Computers. For more information about Active Directory Users and Computers, see Help and Support Center for Windows Server 2003.

System Requirements The following are the system requirements for this tool: Windows Server 2003 or Windows 2000 Server operating system You must be an Administrator to install Acctinfo.dll. File Required Acctinfo.dll AcctInfo.dll Remarks Installing Acctinfo.dll To access the custom property page provided by Acctinfo.dll, you must first install and register the file Acctinfo.dll. To install and register Acctinfo.dll 1. Copy the file Acctinfo.dll to the %windir%\system32 folder. In Windows Server 2003, this is typically C:\Windows\System32. In Windows 2000, this is typically C:\Winnt\System32. 2. Open a command window, and type the following (this example assumes that your %windir%\system32 folder is C:\Windows\System32):
r e g s v r 32 c : \wi n dow s \s y ste m 32 \a cc ti nfo .d ll

If the command is successful, a dialog box appears informing you that Acctinfo.dll has been registered. Note Acctinfo.dll must be registered on each computer on which Active Directory Users and Computers is used to access user account information. For example, suppose you have two servers (Server A and Server B) commonly used to display user account information. If you register Acctinfo.dll on Server A, the Additional Account Info property page will be available in Active Directory Users and Computers. However, this property page will not be available in Active Directory Users and Computers on Server B. To access this property page on Server B, you must register Acctinfo.dll on Server B. Removing Acctinfo.dll You can remove the Additional Account Info property page from Active Directory Users and Computers by uninstalling Acctinfo.dll. To uninstall Acctinfo.dll, open a command window, and type the following (this example assumes that your %windir%\system32 folder is C:\Windows\System32):
r e g s v r 3 2 /u c:\ w ind o ws \ sys t em 32 \a cc ti n fo .dll

If the command is successful, the file Acctinfo.dll will be removed, and the Additional Account Info property page will no longer be visible in Active Directory Users and Computers. Note that this removes only the custom property page, and does not affect the data displayed on that page. This information (such as last logon and last logoff) can still be retrieved by other means. Acctinfo.dll UI Information retrieved by Acctinfo.dll must be viewed in Active Directory Users and Computers. To view information for a specified account, open Active Directory Users and Computers (either by using the Start menu or by typing dsa.msc in the Run dialog box). Locate and double-click the appropriate user account. In the Properties dialog box, click the Additional Account Info tab. The Additional Account Info property page displays the following attribute values: Additional Account Info Property Page Attribute Password Last Set Domain Password Policies Description Displays the date and time when the user password was last set. Displays password policies for the domain, including the maximum password age and the maximum number of bad passwords allowed before an account is locked out. To view this information, click the

Domain PW Info button. Password Expires Displays the date and time when the password will expire. This value is calculated based on the date when the password was last set and the maximum allowed password age. This means that an expiration date will be shown even for accounts for which the password never expires. To verify that an account password will not expire, clicked the Decode button. If the flag UF_DONT_EXPIRE_PASSWD appears, the password will not expire, regardless of the date shown on the Additional Account Info property page. Displays values stored in the userAccountControl attribute in Active Directory; these include data such as whether a user's password expires, whether a user requires a smart card to log on, and whether a user account is trusted for delegation. The displayed value (a number such as 512) represents the sum of all the enabled "flags" in the userAccountControl. To view the individual flags that are enabled for an account, click the Decode button to display the userAccountControl Flags dialog box. In this dialog box, the ADSI constant for each enabled flag is displayed. For example, if a user's password has expired, the value ADS_UF_PASSWORD_EXPIRED is displayed. Locked Out LastLogonTimestamp Indicates whether or not a user account is locked out. If an account is locked, you can unlock it by clicking the Set PW On Site DC button. Displays the date and time that a user last logged on to this domain controller. Note. If you are accessing the Additional Account Info property page from a member server, information will be displayed for the domain controller that authenticated the user logged on to the member server. Displays the security identifier (SID) for the user account. If the user account was migrated from another domain or forest, the SID History button will be available. Clicking this button will display security identifiers that were migrated along with the user account. Displays the globally unique identifier (GUID) for the user account. Indicates the date and time that the user last logged on (that is, the date and time that the user was last authenticated by this domain controller). Indicates the date and time that the user last logged off from this domain controller. Indicates the date and time that the user last failed to log on to this domain controller. Indicates the number of times that the user has successfully logged on to this domain controller. Indicates the number of times that the user has failed to log on to this domain controller because he or she provided an incorrect password. Displays the distinguished name for the user account (for example, CN=youngrob,OU=Finance,DC=fabrikam,DC=com), as well as the Active Directory site and the name of the domain controller that last authenticated the user. To view this information, click the Set PW on Site DC button. To view the site and domain controller information, click the button Just Find Site. Important. If you click the Set PW On Site DC button, the Change Password on a DC in the Users Site dialog box is displayed. Unless you want to change a user's password, be sure to click Cancel to close this dialog box. Suppose you open this dialog box and then click OK. The user's password will be changed to no password, because the Password and Change Password text boxes are empty. Depending on your domain password policies, this will either result in an error (because blank passwords are not allowed), or will result in the user's password being changed to no password. If you access this dialog box for informational purposes (such as viewing the user's distinguished

User Account Control

SID and SID History GUID Last Logon

Last Logoff Last Bad Logon Time Logon Count Bad Password Count User DN, Site, and Domain Controller

name), close the dialog box by clicking Cancel. Modifying User Account Properties from the Additional Account Info Property Page Although Acctinfo.dll is primarily designed to display information, it also allows you to perform two commonly required tasks: changing a user's password, and unlocking a locked user account. Changing a User's Password 1. On the Additional Account Info property page, click Set PW On Site DC. 2. In the Change Password on a DC in the Users Site dialog box, type a new password in the Password and Confirm Password text boxes. Optionally, you can also select User Must Change Password At Next Logon. If selected, the user will be able to use their new password to logon to the domain, but will then be prompted to change their password. 3. Click OK. You must have the right to reset user passwords for this operation to succeed. If you do not have this right, you will still be able to access the Change Password on a DC in the Users Site dialog box. However, after making the changes and clicking OK, an error message will be displayed, and the password will not be changed. Unlocking a Locked User Account 1. On the Additional Account Info property page, click Set PW On Site DC. 2. In the Change Password on a DC in the Users Site dialog box, type a new password in the Password and Confirm Password text boxes. You cannot unlock a user account in this dialog box without setting a password as well. Caution You can select the Unlock Account check box by clicking both the Password and Confirm Password text boxes without typing anything. However, this will result in the user no longer having any password (because the two password boxes will be blank). 3. Select the Unlock Account check box. 4. Click OK.

Custreasonedit.exe: Custom Reason Editor
Custom Reason Editor (CustReasonEdit) is a command-line and GUI tool that allows users to add, modify, and delete custom reasons used by the Shutdown Event Tracker on the Windows Server 2003 operating system. There are two ways to use this tool: Use the command line to perform basic importing and exporting of custom reasons to a registry file, or use the GUI to perform all other types of custom reason editing. CustReasonEdit includes a set of sample reasons to help you get started. Concepts Shutdown Event Tracker helps system administrators track reasons for system downtime by collecting these reasons at the time of shutdown and logging this data to the event log. For more information about the Shutdown Event Tracker component, see Help and Support Center. System Requirements The following are the system requirements for this tool: Windows Server 2003 operating system. You must be an Administrator on the local computer. File Required Custreasonedit.exe Samplereasons.reg CustReasonEdit Remarks Reviewing Best Practices Use the table below to identify best practices you should use when working with custom

reasons. Best Practice Use built-in reasons whenever possible. Add custom reasons for specific reboot or shutdown reasons. Require comments if reasons are not specific enough. Use correct categories, distinct titles, and clear descriptions. Create taskbased reasons.

Description It is recommended that you use built-in reasons where possible. By using built-in reasons, you will ensure that your annotations are compatible with any future technology released by Microsoft that relates to reasons why you shut down your computer. Add custom reasons when the custom reason will help to identify a specific reason for the shutdown. For example, it is not useful to see that 50% of the reboots in a data center were due to cause "Other". On the other hand, if there is a specific application setting that requires a shutdown, that is a good candidate for a custom reason. If a reason is very general, consider requiring a comment for that reason instead of creating a custom reason. Comments ensure that the user is prompted to be more specific. When the data is reviewed months or years later, the greater detail can help to explain the root cause of the shutdown. The Shutdown Event Tracker displays valid custom reasons. It is the responsibility of the user to enter descriptive, distinct names and proper categories. Doing so will help system operators to quickly choose the correct reboot reason from the Shutdown Event Tracker dialog box.

Create custom reasons based on the task that the user is performing at the time of a shutdown. For example, consider using a reason title of "Failure Recovery: Application" instead of a reason title of "Application: Failure Recovery." Using task-based reasons helps users pick correct annotations quickly from a long list of options.

Installing the Sample Reason Package To use the sample reasons included with CustReasonEdit, you must install them first. To install the sample reason package: 1. Navigate to the folder where the Resource Kit Tools are installed. 2. Right-click the file Samplereasons.reg, and then click Merge on the shortcut menu. This adds the set of sample reasons to the local system. Note Installing the sample reason package will also disable built-in reasons. For more information, see "Disabling Built-in Reasons" later in this topic. Localizing Custom Reasons The Shutdown Event Tracker displays custom reasons corresponding to the system locale, not the user locale. For more information about System Locale, see Help and Support Center. CustReasonEdit stores custom reasons for the system locale on the host system; however, it accepts input in any language. For example, if the user creates custom reasons by using Japanese characters on an English language version system, these reasons will be displayed in Japanese characters by the Shutdown Event Tracker on the English language version system, as long as the necessary code page is installed in the operating system. Testing Custom Reasons On a system on which the Shutdown Event Tracker is enabled, you can test custom reasons created by CustReasonEdit. Click Shut Down on the Start menu. The Shut Down Windows dialog box should display the custom reasons you created. Deploying Custom Reasons Use CustReasonEdit to create well-formed custom reasons on a single computer. The following list describes several options for deploying these reasons to a wider range of computers. A file can be exported by using the command-line export command, and this file

can then be imported by CustReasonEdit on every system. The GUI can be used to connect to each system and populate the custom reasons. Group Policy can be used to propagate the registry subkey where custom reasons are stored. To accomplish this, use Group Policy to propagate the following subkey and all of its entries: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Reliability\UserDefined Disabling Built-in Reasons You can exclude built-in reasons from the Shutdown Event Tracker list and use custom reasons only. In the registry editor Regedit.exe, navigate to: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Reliability\ShutdownIgnorePredefinedReasons Create the registry entry ShutdownIgnorePredefinedReasons with the data type DWORD, and the value set to 1. To re-enable built-in reasons, set the value of the entry ShutdownIgnorePredefinedReasons to 0. CustReasonEdit Syntax custreasonedit [/i] [/l] [/e FileName] [/r FileName] [/s] [/m Host] [/?] Parameters /i Opens the GUI window for complete editing of shutdown reasons. /l Lists the existing shutdown reasons. /e FileName Exports the custom reason subkey to a registry file named FileName. /r FileName Imports the custom reason subkey to a registry file named FileName. /s Runs CustReasonEdit using the system locale for custom reasons. /m Host Allows you to connect to a remote system to import or export custom reasons /? Displays command-line usage. CustReasonEdit UI To access the GUI you must type the following at a command prompt: custreasonedit /i. By default, the list of custom reasons are populated with the list of custom reasons installed on the local system. For information about the reason attributes such as Planned, Expected Shutdown, and Unexpected Shutdown, see the Shutdown Event Tracker documentation in Help and Support Center. CustReasonEdit contains the following windows: Custom Reason Editor window Option Custom Reason List Import Export Reason Category Description Displays the custom reasons you have added or imported. Opens a window to browse for the registry file to import. Opens a window to browse for the registry file to export. Lists the reasons why you might want to shut down your computer. These categories correspond to the major categories of the default reasons used by Windows. Use this list to assign a reason category to your custom reason. Specifies a number between 1 and 1000. This number must be different from an existing minor code. Minor codes are created based on the combination of the following attributes: Reason Category, Planned, Unexpected Shutdown, and Expected Shutdown. Specifies that this custom reason applies to a planned shutdown. Specifies that this custom reason requires the user to enter a comment before the computer can be shut down. Displays this reason in the Unexpected Shutdown dialog boxes.

Minor Code

Planned Comment Required Unexpected

Shutdown Expected Shutdown Title Description Remove Add Update Exit Displays this reason in the Expected Shutdown dialog boxes. Describes the reason category in 64 characters or less. Describes the reason in detail in 256 characters or less. Removes the selected custom reason from the Custom Reason List. Adds the new custom reason to the Custom Reason List. Saves any changes you make to a selected custom reason. Closes the Custom Reason Editor window.

Switch to Another Computer window Option Local Computer Network Computer Network Computer Name Description Specifies that you are using a local system to import, export, or edit custom reasons. Specifies that you are connecting to a remote system to import, export, or edit custom reasons. Specifies the name of the remote computer.

CustReasonEdit Example Add a Custom Reason The task in this example is to use the CustReasonEdit UI to add a custom reason. 1. Type the following at the command line:
c u s t r e as on e dit /i

2. Press ENTER. The Custom Reason Editor window opens. 3. Under Reason Category, select a reason category corresponding to the major category of the default reasons used by Windows. If this reason should be used for planned shutdowns, select the Planned check box. If this reason requires users to add a comment before they can shut down the computer, select the Comment Required check box. To indicate whether this reason should be displayed in the Unexpected Shutdown or Expected Shutdown dialog boxes, select at least one of the Unexpected Shutdown and Expected Shutdown check boxes. 4. In the Minor Code box, enter a number between 1 and 1000 that is different from an existing minor code. Minor codes are created based on the combination of the following attributes: Reason Category, Planned, Unexpected Shutdown, and Expected Shutdown. 5. In the Title box, type a title for the reason category in 64 characters or less. 6. In the Description box, type a detailed description of the reason in 256 characters or less. 7. Click Add to add the reason to the system.

Dnsdiag.exe: DNS Resolver Tool
DNS Resolver Tool (DNSDiag) is a command-line tool that allows you to troubleshoot email delivery problems caused by Domain Name System (DNS) issues. DNSDiag simulates the Simple Mail Transfer Protocol (SMTP) service's internal code-path and displays diagnostic messages that indicate how the DNS resolution is proceeding. DNSDiag must be run on the computer where the DNS problems are occurring. Note You can use DNSDiag on a server running Windows Server 2003 that is running the SMTP service without Exchange installed. System Requirements The following are the system requirements for this tool: Windows Server 2003 operating system. You must be an Administrator on the local computer if you want DNSDiag to simulate a specific virtual server instance.

File Required Dnsdiag.exe DNSDiag Syntax %WINDIR%\system32\inetsrv\dnsdiag HostName [/d] [/v #] [/s ServerList] [/p Protocol] [/a] [/?] Parameters HostName Specifies the host name that you want to resolve. HostName is the fully-qualified domain name of the target for the queue where errors are occurring. This name might be different from the name displayed in the SMTP queue in Exchange System Manager. /d Runs DNSDiag in debug mode. If this switch is specified, DNSDiag generates verbose output. Debug mode creates generates a great deal of output, and the most critical messages are highlighted in a different color. When this switch is not specified, only the critical messages are generated. the tool generates verbose output. /v # Identifies a specific virtual server instance that DNSDiag simulates. For example, if you want DNSDiag to simulate the first virtual server on an Exchange server, type /v 1. Notes You must close all files in the cache before using this parameter. Otherwise, you will get an error message stating that the requested resource is in use. You must be an Administrator on the local computer to use this parameter. After DNSDiag reads the external DNS server list for that specific virtual server instance, it queries that server list for HostName, where HostName is an external host. If HostName is the name of an Exchange server, the query is generated against the default DNS servers for the local computer. If you are running DNSDiag on an Exchange server in a perimeter network, DNSDiag detects this situation and uses the external DNS servers configured on the virtual server. /s ServerList Lists the DNS servers' IP addresses in dotted decimal notation. Use this switch if you want to specify a specific set of servers. If this switch is not specified, the default DNS servers on the local computer are used as specified by the /v switch. Separate server IP addresses with a space or a tab character. Note You cannot use this switch with the /v switch. /p Protocol Allows you to use a protocol different from the one configured in the metabase. If this switch is not specified, the protocol configured in the metabase for smtpsvc/SmtpUseTcpDns is used. You can use the following values: TCP generates a TCP-only query. UDP generates a UDP-only query. DEF generates a default query that will initially query a server with UDP, and then —if that query results in a truncated reply—it will be retried with TCP. Note You cannot use this switch with the /v switch. /a Runs DNSDiag in a mode where all the DNS servers obtained (either through the registry, Active Directory, or the /s switch) are queried in sequence and all query results are displayed. /? Displays command-line usage. DNSDiag Examples Example: Resolve an External Host by Using Specific DNS Servers The task in this example is to use DNSDiag to resolve the external host with a DNS name of example.com by using the DNS servers with the IP address 127.1.0.1. and 127.1.10.8. Type the following at the command line:

% W I N D I R %\ sy s tem 3 2\i n et s rv\ d ns di ag e xa m pl e.co m -s 12 7.1.0. 1

127. 1.10 .8

Note DNSDiag uses error codes that are set at the ERROR LEVEL for use in batch files. Use the following descriptions to understand the DNSDiag return codes: Code 0 1 Description The host name was resolved successfully to one or more IP addresses. The host name could not be resolved due to an unspecified error. If you receive this error, review the text messages output from the tool to diagnose the issue. The host name does not exist. The error was returned by an authoritative DNS server for the domain. The host name could not be located in DNS. This is not an error from the authoritative DNS server. Check the configuration of the DNS server you are using and ensure it can resolve external names. A looping condition was detected.

2 3

4

Lockoutstatus.exe: Account Lockout Status
Overview Account Lockout Status (LockoutStatus) is a combination command-line and GUI tool that displays lockout information about a particular user account. LockoutStatus collects information from every contactable domain controller in the target user account's domain. File Required Lockoutstatus.exe LockoutStatus Syntax lockoutstatus {/u:DomainName\UserName | /u:UserName@DomainName} [/?] DomainNam Target NetBIOS or DNS domain name UserName Target user name LockoutStatus GUI File Menu The File menu allows the target user and domain to be changed. This menu also allows the output of LockoutStatus to be saved in text format. View Menu The View menu allows the user to view the status of the target users password. This menu also alows the user to refresh the main window of LockoutStatus.

Regview.exe: Registry Viewer Tool
Registry Viewer Tool (RegView) is a command-line tool that allows you to view Group Policy Registry.pol files without applying them to the registry. Concepts Registry.pol Files The Administrative Templates extension of Group Policy saves information in the Group Policy template in text files with the name Registry.pol. These files contain the customized registry settings that are applied to the Machine or User portion of the registry, which you specify by using Group Policy Object Editor. The Windows 2000 Registry.pol file is analogous to the Windows 95 or Windows 98 Config.pol file and the Windows NT® 4.0 NTConfig.pol file. Two Registry.pol files are created and stored in the Group Policy template—one for

Computer Configuration, which is stored in the \Machine subdirectory, and one for User Configuration, which is stored in the \User subdirectory. Note The format of the .pol files in the Group Policy template differs from that of the .pol files in previous versions of Windows. The .pol files created by Windows NT 4.0 and Windows 95 can be applied only to the operating system on which they were created. The .pol file produced by the Windows NT 4.0 System Policy Editor was a binary file, whereas the Registry.pol file produced by the Administrative Templates node of Group Policy Object Editor is a text file with embedded binary strings. System Requirements The following are the system requirements for this tool: Windows Server 2003 or Windows 2000 operating system. You must be an Administrator on the local computer. File Required Regview.exe RegView Syntax regview PathName\registry.pol PathName Specifies the complete path to the directory containing the Registry.pol files that you want to view. RegView Examples Example: View a Registry.pol file The task in this example is to use RegView to view a Registry.pol file. Type the following at the command line:
r e g v i e w c :\ r egi s try . po l

Output similar to the following is displayed:
KeyName: Sof t wa r e\P o li ci es \M ic r os oft\ Syste mC ertifi cat es\ EFS V a l u e N a me : EFS B lo b V a l u e T y pe : REG _ BI N ARY Value: 0 1 0 0 0 1 00 01 0 0 0 0 0 0 77 02 0 0 00 7 3 0 2 00 00 0 0 0 0 0 0 00 00 0 0 0 0 0 0 01 05 0 0 00 0 0 0 0 00 05 1 5 0 0 0 0 00 96 8 1 7 3 8 c ab 8b 0 0 94 b 3 3 6 4b 6a f 4 0 1 0 0 00 30 8 2 0 2 3 7 30 82 0 1 a4 a 0 0 3 02 01 0 2 0 2 1 0 66 f1 c 8 2 5 9 9 9c 84 8 d 42 6 5 f 5 cd 3c f a 5 c b 5 30 09 0 6 0 5 2 b 0e 03 0 2 1d 0 5 0 0 30 50 3 1 1 6 3 0 14 06 0 3 5 5 0 4 03 13 0 d 41 6 4 6 d 69 6e 6 9 7 3 7 4 72 61 7 4 6 f 7 2 31 0c 3 0 0a 0 6 0 3 55 04 0 7 1 3 0 3 45 46 5 3 3 1 2 8 30 26 0 6 03 5 5 0 4 0b 13 1 f 4 5 4 6 53 20 4 6 6 9 6 c 65 20 4 5 6e 6 3 7 2 79 70 7 4 6 9 6 f 6e 20 4 3 6 5 7 2 74 69 6 6 69 6 3 6 1 74 65 3 0 1 e 1 7 0d 30 3 3 3 0 3 3 33 31 3 1 39 3 2 3 9 30 36 5 a 1 7 0 d 30 36 3 0 3 3 3 3 30 31 3 9 32 3 9 3 0 36 5a 3 0 5 0 3 1 16 30 1 4 0 6 0 3 55 04 0 3 13 0 d 4 1 64 6d 6 9 6 e 6 9 73 74 7 2 6 1 7 4 6f 72 3 1 0c 3 0 0 a 06 03 5 5 0 4 0 7 13 03 4 5 4 6 5 3 31 28 3 0 26 0 6 0 3 55 04 0 b 1 3 1 f 45 46 5 3 2 0 4 6 69 6c 6 5 20 4 5 6 e 63 72 7 9 7 0 7 4 69 6f 6 e 2 0 4 3 65 72 7 4 69 6 6 6 9 63 61 7 4 6 5 3 0 81 9f 3 0 0 d 0 6 09 2a 8 6 48 8 6 f 7 0d 01 0 1 0 1 0 5 00 03 8 1 8 d 0 0 30 81 8 9 02 8 1 8 1 00 b7 9 4 5 5 3 d 85 39 0 2 4 7 b c 64 82 0 8 33 6 0 8 5 36 09 a 6 0 8 9 9 71 e1 f e 7 9 2 a e0 25 8 4 c3 c a 2 8 22 97 9 d f d c a 49 8d 1 4 1 d 2 0 f6 81 f 9 0f 4 7 e d cf 7c e b e 5 a d 74 e4 d 4 0 1 e a 2b a4 4 e 9b 0 9 1 9 16 05 KeyName: Sof t wa r e\P o li ci es \M ic r os oft\ Syste mC ertifi cat es\ EFS\ Cert ifi cate s\ B 7 1 4 0 A B D7 B3 2 3D6 1 43C 5 73 9 5BE 8 86 7D 36 6E AA C CD V a l u e N a me : Blo b V a l u e T y pe : REG _ BI N ARY Value: 0 3 0 0 0 0 00 01 0 0 0 0 0 0 14 00 0 0 00 b 7 1 4 0a bd 7 b 3 2 3 d 61 43 c 5 7 3 9 5 be 88 6 7 d3 6 6 e a ac cd 0 2 0 0 0 0 00 01 0 0 0 0 0 0 c4 00 0 0 00 1 c 0 0 00 00 6 c 0 0 0 0 00 01 0 0 0 0 0 0 00 00 0 0 00 0 0 0 0 00 00

00 61 39 39 34 00 6f 73 6f 20 72 20 30 9c 0e 03 31 30 65 74 33

00 00 00 00 00 00 00 00 00 00 00 00 82 84 03 13 0c 26 20 69 31

00 34 2d 37 61 00 73 65 67 50 20 00 01 8d 02 0d 30 06 45 66 31

00 00 00 00 00 00 00 00 00 00 00 00 a4 42 1d 41 0a 03 6e 69 39

01 37 34 35 31 00 6f 20 72 72 76 01 a0 65 05 64 06 55 63 63 32

00 00 00 00 00 00 00 00 00 00 00 00 03 f5 00 6d 03 04 72 61 39

00 65 31 2d 37 00 66 43 61 6f 31 00 02 cd 30 69 55 0b 79 74 30

00 00 00 00 00 00 00 00 00 00 00 00 01 3c 50 6e 04 13 70 65 36

65 2d 63 62 39 4d 74 72 70 76 2e 3b 02 fa 31 69 07 1f 74 30 5a

00 00 00 00 00 00 00 00 00 00 00 02 02 5c 16 73 13 45 69 1e 17

37 34 32 63 37 69 20 79 68 69 30 00 10 b5 30 74 03 46 6f 17 0d

00 00 00 00 00 00 00 00 00 00 00 00 66 30 14 72 45 53 6e 0d 30

39 33 2d 34 31 63 42 70 69 64 00 30 f1 09 06 61 46 20 20 30 36

00 00 00 00 00 00 00 00 00 00 00 82 c8 06 03 74 53 46 43 33 30

64 39 38 38 34 72 61 74 63 65 00 02 25 05 55 6f 31 69 65 30 33

00 00 00 00 00 00 00 00 00 00 00 37 99 2b 04 72 28 6c 72 33 33

KeyName: V a l u e N a me : V a l u e T y pe : Value: KeyName: V a l u e N a me : V a l u e T y pe : Value:

Sof t wa r e\P o li ci es \M ic r os oft\ Syste mC ertifi cat es\ EFS\ CRLs REG _ NO N E Thi s k e y c o nt ai ns n o v al ues Sof t wa r e\P o li ci es \M ic r os oft\ Syste mC ertifi cat es\ EFS\ CTLs REG _ NO N E Thi s k e y c o nt ai ns n o v al ues

Timeit.exe
TimeIt is a command-line tool that records the time a specified command takes to run. File Required Timeit.exe TimeIt Syntax timeit [-f FileName] [-a] [-c] [-i] [-d] [-s] [-t] [-k KeyName | -r KeyName] [-m Mask] [Command] -f FileName Specifies the name of the database file where TimeIt keeps a history of previous timings. The default file name is .\Timeit.dat -k KeyName Specifies the keyname to use for this timing run. -r KeyName Specifies the key name to remove from the database. If the key name is followed by a comma and a number, the slowest time (positive number) or the fastest time (negative number) for that key name will be removed. -a Specifies that TimeIt should display average of all timings for the specified key name. -i Ignores nonzero return codes from the program run by TimeIt. -d Shows detail for average. -s Suppresses systemwide counters. -t Specifies tabular output. -c Forces a re-sort of the database. -m Mask Specifies the processor affinity mask. Command Specifies the command to time. Note TimeIt accepts only parameters preceded with a dash (-).