Managing processes and tasks in Windows Vista

This article looks at new capabilities in Windows Vista for managing processes and scheduling tasks and how administrators can use these capabilities for maintaining and troubleshooting systems.

This article originally appeared on

Windows Vista has many enhancements that make the life of a user, an administrator, or a support engineer easier....

Some of these enhancements have to do with tools familiar to previous Windows platforms. We'll examine improvements to two such tools here: Task Manager and Task Scheduler.

Task Manager enhancements

Task Manager is basically a troubleshooting tool that can provide quick and dirty information about what applications and processes are running on a machine, CPU utilization, memory usage, network utilization, and so on. Let's take a tour of how Task Manager has been enhanced on the Vista platform based on the February CTP build that's widely available to beta testers. Note that for purposes of the demos below we're logged on to Vista using an administrator level account not a standard user (user account protection may result in different prompts for standard users).

The first thing you'll notice when you try to start Task Manager using any of the usual methods is that the following prompt appears (Figure 1):

Figure 1: Prompt when Task Manager starts

If you choose the first option, you'll see only those processes initiated by the currently logged-on user (Figure 2) plus a few core Windows processes like csrss.exe, explorer.exe and so on. This approach is useful if you are doing user-mode troubleshooting of problems associated with your own user session, such as terminating an application that is misbehaving:

Figure 2: Processes owned by logged-on user

If on the other hand you opt to launch Task Manager showing all processes running on the computer, then user account control (UAC) will prompt you (Figure 3) to grant permission to launch Task Manager. This second prompt appears because this approach tries to launch Task Manager using elevated privileges:

Figure 3: UAC prompt to allow Task Manager to run with elevated privileges

If you allow Task Manager to run using elevated privileges, you'll have a lot more information to deal with (Figure 4) and this can be useful for more general system troubleshooting:

Figure 4: Task Manager running under elevated privileges

So far Task Manager looks pretty much the same as on previous platforms, right? Well there's one neat new feature that gives it a whole new level of power as far as troubleshooting is concerned: on either the Applications or Processes tab you can right-click on a running app or process and select a new option called Create Dump File (Figure 5):

Figure 5: Creating a crashdump file for a running process

What's so useful about this? Well, if your app or process is misbehaving (hung or frozen for example) then the dump file you create can be opened in a debugger to get more information concerning what's wrong. For example, when I right-click on MS Paint and select Create Dump File, a dialog appears indicating the location of the saved dump file within a hidden folder in my user profile (Figure 6):

Figure 6: Location of crashdump file created

I can then install the symbols for my Vista build (download it here from Microsoft's Windows Driver and Hardware Compatibility website) and install the latest Windows Debugging tools obtained here from the same website. Then I can run the Windows Debugger (WinDbg), load the symbols, open the crashdump file, and try to determine what went wrong (Figure 7):

Figure 7: Viewing a crashdump file in WinDbg

Of course, interpreting crashdump files is a specialized subject that requires a lot of understanding of how Windows works under the hood, but there's a quick intro to how to use the debugging tools here on the WHDC website, and more info can be found concerning this on TechNet.

Another enhancement to Task Manager is the ability to access the properties sheet for a process directly from the Process tab. Just right-click on a process and select Properties to do this (Figure 8):

Figure 8: Opening the properties sheet for a running process

This change is actually a great convenience since the properties sheet lets you configure application compatibility settings for the process of helping to make it run better if needed.

Task Scheduler enhancements

The enhancements to Task Scheduler are more visible in Vista, but this is mainly because of the new version of the Microsoft Management Console included with Vista. MMC 3.0 has a different look and feel from previous versions and provides more ways of doing things. Before we see this however, note that UAC prompts you when you try to open Task Scheduler (Figure 9). This is because Vista considers Task Scheduler an administrative tool (it's an MMC console) and so you need elevated privileges to run it:

Figure 9: UAC prompts you when you try to run Task Scheduler

Once Task Scheduler is open, you can see the new MMC 3.0 layout:

Figure 10: Task Scheduler GUI

The first thing to observe is that Vista already has a number of system-level tasks scheduled to run at various times. This is cool because it highlights one of the great improvements in Vista over previous Windows versions, namely that Vista monitors its own state of health and tries to maintain its health using various techniques. For example, regular defragmentation of hard drives is one important aspect of system health, and by expanding the Task Scheduler Library we can see how defragmentation is scheduled to run on our system (Figure 11):

Figure 11: Defragmentation task in the Task Library

Note that the defragmentation task is scheduled to run whether a user is logged on to the machine or not, and that it runs using the elevated privileges needed for admin-level tasks. If you want to configure this task, click Properties in the action pane at the right. This opens the properties of the task as shown next (Figure 12):

Figure 12: Configuring task properties

The configuration settings available on the various tabs are as follows:

  • General: Security context and privilege level
  • Triggers: Conditions that launch the task (more on this in a moment)
  • Actions: Actions the task performs (start a program, send an email, or show a message)
  • Conditions: Further restrictions on how and when triggers can operate
  • Settings: Other ways of configuring or restricting the task
  • History: Event log events relating to previous running of the task
  • The biggest improvement in my mind is the Triggers tab, which lets you launch a task in response to a wide variety of conditions that might occur including:

  • At a scheduled time
  • On startup on logon
  • When the machine is idle
  • When a specific event occurs
  • When a Terminal Services session connects or disconnects
  • When the workstation is locked or unlocked
  • The fact that tasks can now be triggered based on when specific events occur illustrates the welcome fact that Task Scheduler is now closely integrated with Event Viewer. In fact, you can even use Event Viewer to create a new task that is triggered on an event! As an example, say that you're seeing event ID 1530 in the Application log indicating registry files aren't being unloaded properly. To create a task associated with this event, right-click on this event in Event Viewer and select Attach Task To This Event (Figure 13):

    Figure 13: Attaching a task to an event

    This starts the Scheduled Tasks Wizard (Figure 14) which leads you through the process of creating a task that is triggered whenever this event occurs:

    Figure 14: Scheduled Tasks Wizard

    You can follow the prompts of the wizard to either send an email or launch a program when the event occurs. Once the task has been created from Event Viewer, you can view and further configure its properties in Event Viewer (Figure 15):

    Figure 15: Task for event 1530


    The enhancements to Task Scheduler and Task Manager in Vista make it easier for users to maintain and troubleshoot their machines. They also make it easier for administrators and support engineers to monitor desktop computers by customizing the list of default tasks during the deployment phase of creating Vista images. Now if only Task Manager could be run remotely, monitoring and troubleshooting Windows would be simple indeed!

    About Mitch Tulloch:
    Mitch Tulloch is a writer, trainer and consultant specializing in Windows server operating systems, IIS administration, network troubleshooting, and security. He is the author of 15 books including the Microsoft Encyclopedia of Networking (Microsoft Press), the Microsoft Encyclopedia of Security (Microsoft Press), Windows Server Hacks (O'Reilly), Windows Server 2003 in a Nutshell (O'Reilly), Windows 2000 Administration in a Nutshell (O'Reilly), and IIS 6 Administration (Osborne/McGraw-Hill). Mitch is based in Winnipeg, Canada, and you can find more information about his books at his website contains a wealth of networking information for administrators: Featuring information on how to setup and troubleshoot various networks of any size. Also includes a comprehensive archive of hundreds of reviewed networking software and hardware solutions. Frequently updated with articles & tips by a team of leading authors, it remains a favorite within the networking community.
    This was last published in May 2006

    Dig Deeper on Network Administration



    Find more PRO+ content and other member only offers, here.

    Start the conversation

    Send me notifications when other members comment.

    By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

    Please create a username to comment.