Windows Vista has many enhancements that make the life of a user, an administrator, or a support engineer easier....
Some of these enhancements have to do with tools familiar to previous Windows platforms. We'll examine improvements to two such tools here: Task Manager and Task Scheduler.
Task Manager enhancements
Task Manager is basically a troubleshooting tool that can provide quick and dirty information about what applications and processes are running on a machine, CPU utilization, memory usage, network utilization, and so on. Let's take a tour of how Task Manager has been enhanced on the Vista platform based on the February CTP build that's widely available to beta testers. Note that for purposes of the demos below we're logged on to Vista using an administrator level account not a standard user (user account protection may result in different prompts for standard users).
The first thing you'll notice when you try to start Task Manager using any of the usual methods is that the following prompt appears (Figure 1):
If you choose the first option, you'll see only those processes initiated by the currently logged-on user (Figure 2) plus a few core Windows processes like csrss.exe, explorer.exe and so on. This approach is useful if you are doing user-mode troubleshooting of problems associated with your own user session, such as terminating an application that is misbehaving:
If on the other hand you opt to launch Task Manager showing all processes running on the computer, then user account control (UAC) will prompt you (Figure 3) to grant permission to launch Task Manager. This second prompt appears because this approach tries to launch Task Manager using elevated privileges:
If you allow Task Manager to run using elevated privileges, you'll have a lot more information to deal with (Figure 4) and this can be useful for more general system troubleshooting:
So far Task Manager looks pretty much the same as on previous platforms, right? Well there's one neat new feature that gives it a whole new level of power as far as troubleshooting is concerned: on either the Applications or Processes tab you can right-click on a running app or process and select a new option called Create Dump File (Figure 5):
What's so useful about this? Well, if your app or process is misbehaving (hung or frozen for example) then the dump file you create can be opened in a debugger to get more information concerning what's wrong. For example, when I right-click on MS Paint and select Create Dump File, a dialog appears indicating the location of the saved dump file within a hidden folder in my user profile (Figure 6):
I can then install the symbols for my Vista build (download it here from Microsoft's Windows Driver and Hardware Compatibility website) and install the latest Windows Debugging tools obtained here from the same website. Then I can run the Windows Debugger (WinDbg), load the symbols, open the crashdump file, and try to determine what went wrong (Figure 7):
Of course, interpreting crashdump files is a specialized subject that requires a lot of understanding of how Windows works under the hood, but there's a quick intro to how to use the debugging tools here on the WHDC website, and more info can be found concerning this on TechNet.
Another enhancement to Task Manager is the ability to access the properties sheet for a process directly from the Process tab. Just right-click on a process and select Properties to do this (Figure 8):
This change is actually a great convenience since the properties sheet lets you configure application compatibility settings for the process of helping to make it run better if needed.
Task Scheduler enhancements
The enhancements to Task Scheduler are more visible in Vista, but this is mainly because of the new version of the Microsoft Management Console included with Vista. MMC 3.0 has a different look and feel from previous versions and provides more ways of doing things. Before we see this however, note that UAC prompts you when you try to open Task Scheduler (Figure 9). This is because Vista considers Task Scheduler an administrative tool (it's an MMC console) and so you need elevated privileges to run it:
Once Task Scheduler is open, you can see the new MMC 3.0 layout:
The first thing to observe is that Vista already has a number of system-level tasks scheduled to run at various times. This is cool because it highlights one of the great improvements in Vista over previous Windows versions, namely that Vista monitors its own state of health and tries to maintain its health using various techniques. For example, regular defragmentation of hard drives is one important aspect of system health, and by expanding the Task Scheduler Library we can see how defragmentation is scheduled to run on our system (Figure 11):
Note that the defragmentation task is scheduled to run whether a user is logged on to the machine or not, and that it runs using the elevated privileges needed for admin-level tasks. If you want to configure this task, click Properties in the action pane at the right. This opens the properties of the task as shown next (Figure 12):
The configuration settings available on the various tabs are as follows:
General: Security context and privilege level Triggers: Conditions that launch the task (more on this in a moment) Actions: Actions the task performs (start a program, send an email, or show a message) Conditions: Further restrictions on how and when triggers can operate Settings: Other ways of configuring or restricting the task History: Event log events relating to previous running of the task
The biggest improvement in my mind is the Triggers tab, which lets you launch a task in response to a wide variety of conditions that might occur including:
At a scheduled time On startup on logon When the machine is idle When a specific event occurs When a Terminal Services session connects or disconnects When the workstation is locked or unlocked
The fact that tasks can now be triggered based on when specific events occur illustrates the welcome fact that Task Scheduler is now closely integrated with Event Viewer. In fact, you can even use Event Viewer to create a new task that is triggered on an event! As an example, say that you're seeing event ID 1530 in the Application log indicating registry files aren't being unloaded properly. To create a task associated with this event, right-click on this event in Event Viewer and select Attach Task To This Event (Figure 13):
This starts the Scheduled Tasks Wizard (Figure 14) which leads you through the process of creating a task that is triggered whenever this event occurs:
You can follow the prompts of the wizard to either send an email or launch a program when the event occurs. Once the task has been created from Event Viewer, you can view and further configure its properties in Event Viewer (Figure 15):
The enhancements to Task Scheduler and Task Manager in Vista make it easier for users to maintain and troubleshoot their machines. They also make it easier for administrators and support engineers to monitor desktop computers by customizing the list of default tasks during the deployment phase of creating Vista images. Now if only Task Manager could be run remotely, monitoring and troubleshooting Windows would be simple indeed!
About Mitch Tulloch:
Mitch Tulloch is a writer, trainer and consultant specializing in Windows server operating systems, IIS administration, network troubleshooting, and security. He is the author of 15 books including the Microsoft Encyclopedia of Networking (Microsoft Press), the Microsoft Encyclopedia of Security (Microsoft Press), Windows Server Hacks (O'Reilly), Windows Server 2003 in a Nutshell (O'Reilly), Windows 2000 Administration in a Nutshell (O'Reilly), and IIS 6 Administration (Osborne/McGraw-Hill). Mitch is based in Winnipeg, Canada, and you can find more information about his books at his website www.mtit.com.